Would a Computer Network Operation to Disrupt Wikileaks Count as a "Covert Action" for Oversight Purposes?
The decision by Wikileaks to expose a massive collection of classified State Department cables, and the fact that Wikileaks seems today to be experiencing a DDOS attack, creates an occasion to think hypothetically about an array of legal issues that might arise should the U.S. government decide to take action to disrupt the Wikileaks operation.
Published by The Lawfare Institute
in Cooperation With
The decision by Wikileaks to expose a massive collection of classified State Department cables, and the fact that Wikileaks seems today to be experiencing a DDOS attack, creates an occasion to think hypothetically about an array of legal issues that might arise should the U.S. government decide to take action to disrupt the Wikileaks operation. Among other things, would a computer network operation by the United States constitute a “covert action” for purposes of the Title 50 oversight system? The answer may depend in part on the increasingly unclear line between journalism and intelligence-gathering.
First, depending on how one classifies Wikileaks and its past conduct, actions meant to harm Wikileaks might well implicate the “traditional military activities” exception to the definition of “covert action” in 50 USC 413b(e)(2). Peter Feaver notes that the main impact of the latest Wikileaks dump is to significantly harm U.S. foreign relations:
The massive security breach has made every bilateral relationship more difficult and likely lowered the quality of diplomatic reporting. Will our interlocutors be as candid now that they have seen what happens? Ironically, Assange's attack on our diplomats has meant that our statecraft may be more dependent on cruder instruments of state power, especially brute force. ...If WikiLeaks had uncovered evidence of gross misdeeds, I suppose reasonable people could debate the balance of interests the dump might have served. Outlandish claims to the contrary notwithstanding, the leaks have done nothing of the sort. Instead, they have damaged the United States and in doing so achieved no higher purpose than the damage they have done. To fervent anti-Americans, weakening the United States is an end unto itself.He then concludes on a provocative note, suggesting that Wikileaks has, in effect, become a hostile foreign entity:
In wartime, we should expect enemies to seek to damage us in this way. How will President Obama respond to an enemy attack of this sort?If one accepts this line of thinking, I suppose one could make an argument that any responsive action to disrupt Wikileaks—say, a DDoS attack—could be categorized as a “traditional military activity” rather than as a “covert action” for oversight purposes. But one might instead try to reach the same result by another route, based on the notion that such an action is a counterintelligence measure. Like “traditional military activities,” “traditional counterintelligence activities” are exempt from the definition of “covert action” (see 50 USC 413b(e)(1)). But would a DDoS attack directed against Wikileaks possibly count? Well, 50 USC 401a(3) defines “counterintelligence” as:
information gathered, and activities conducted, to protect against espionage, other intelligence activities, sabotage, or assassinations conducted by or on behalf of foreign governments or elements thereof, foreign organizations, or foreign persons, or international terrorist activities.” (hard returns and italics added)Three questions, then. First, would a computer network operation count as an “activity”? Well, it’s hard to say why it would not, given that the impact of including that term in the first clause is to expand its reach beyond gathering information. But there may well be a tradition of interpretation here of which I’m unaware, in which case I’ll gladly post a follow-up clarification. Second, is Wikileaks engaged in “other intelligence activities” or even espionage? This is where the fuzzy line with journalism enters into the picture. Wikileaks is at pains to call itself a journalistic entity, and there are obvious parallels. But so too are their obvious parallels with the actions of a foreign intelligence service hoping to obtain and make hostile use of government secrets. The fact that Wikileaks may answer to no foreign government is of no moment, in any event; this simply illustrates the familiar post-9/11 theme in which non-state entities prove capable of strategically-significant action once thought to be the sole preserve of foreign governments. Third, is Wikileaks a “foreign organization” or “foreign person”? Obviously so, I think. All of which suggests there is considerable room to argue that actions directed against Wikileaks could be categorized, for good or ill, as “counterintelligence” activities for purposes of the oversight system. Coming next: Is Wikileaks a “Foreign Power” for purposes of FISA surveillance?
Robert (Bobby) Chesney is the Dean of the University of Texas School of Law, where he also holds the James A. Baker III Chair in the Rule of Law and World Affairs at UT. He is known internationally for his scholarship relating both to cybersecurity and national security. He is a co-founder of Lawfare, the nation’s leading online source for analysis of national security legal issues, and he co-hosts the popular show The National Security Law Podcast.