{"id":161667,"date":"2020-05-25T12:00:30","date_gmt":"2020-05-25T11:00:30","guid":{"rendered":"https:\/\/www.transcend.org\/tms\/?p=161667"},"modified":"2020-05-25T06:43:05","modified_gmt":"2020-05-25T05:43:05","slug":"since-i-met-edward-snowden-ive-never-stopped-watching-my-back","status":"publish","type":"post","link":"https:\/\/www.transcend.org\/tms\/2020\/05\/since-i-met-edward-snowden-ive-never-stopped-watching-my-back\/","title":{"rendered":"Since I Met Edward Snowden, I\u2019ve Never Stopped Watching My Back"},"content":{"rendered":"<blockquote>\n<p class=\"dek\"><em>After receiving a trove of documents from the whistleblower, I found myself under surveillance and investigation by the U.S. government.<\/em><\/p>\n<\/blockquote>\n<p class=\"dropcap\"><em>Jun 2020 issue &#8211; <\/em>\u201cW<span class=\"smallcaps\">hat time exactly<\/span> does your clock say?\u201d asked the voice on the telephone, the first words Edward Snowden ever spoke to me aloud. (Our previous communications had all been via secure text chats over encrypted anonymous links on secret servers.) I glanced at my wrist\u20143:22 p.m. \u201cGood. Meet me exactly at four. I\u2019ll be wearing a backpack.\u201d Of course he would; Snowden would never leave his laptop unattended.<\/p>\n<section id=\"article-section-1\">The rendezvous point Snowden selected that day, December 5, 2013, was a gaudy casino hotel called the <a target=\"_blank\" href=\"https:\/\/www.korston.ru\/en\/moscow\/hotel\/\"  data-omni-click=\"r'article',r'',d,r'intext',r'0',r'610573'\">Korston Club<\/a>, on Kosygina Street in Moscow. Enormous flashing whorls of color adorned the exterior in homage to Las Vegas. In the lobby, a full-size grand player piano tinkled with energetic pop. The promenade featured a \u201cGirls Bar\u201d with purple-neon decor, stainless-steel chairs and mirrors competing for attention with imitation wood paneling, knockoff Persian rugs, and pulsing strobe lights on plastic foliage. Also, feathers. The place looked like a trailer full of old Madonna stage sets that had been ravaged by a tornado.<\/p>\n<\/section>\n<section id=\"article-section-2\">As I battled sensory overload, a young man appeared near the player piano, his appearance subtly altered. A minder might be anywhere in this circus of a lobby, but I saw no government escort. We shook hands, and Snowden walked me wordlessly to a back elevator and up to his hotel room. For two days, throughout 14 hours of interviews, he did not once part the curtains or step outside. He remained a target of surpassing interest to the intelligence services of more than one nation.<\/p>\n<p>He resisted questioning about his private life, but he allowed that he missed small things from home. Milkshakes, for one. <i>Why not make your own?<\/i> Snowden refused to confirm or deny possession of a blender. Like all appliances, blenders have an electrical signature when switched on. He believed that the U.S. government was trying to discover where he lived. He did not wish to offer clues, electromagnetic or otherwise. U.S. intelligence agencies had closely studied electrical emissions when scouting Osama bin Laden\u2019s hideout in Pakistan. \u201cRaising the shields and lowering the target surface\u201d was one of Snowden\u2019s security mantras.<\/p>\n<p>On bathroom breaks, he took his laptop with him. \u201cThere\u2019s a level of paranoia where you go, \u2018You know what? This could be too much,\u2019\u200a\u201d he said when I smiled at this. \u201cBut it costs nothing. It\u2019s\u2014you get used to it. You adjust your behavior. And if you\u2019re reducing risk, why not?\u201d<\/p>\n<p>Over six hours that day and eight hours the next, Snowden loosened up a bit, telling me for the first time why <a target=\"_blank\" href=\"https:\/\/www.pbs.org\/wgbh\/pages\/frontline\/government-elections-politics\/united-states-of-secrets\/the-frontline-interview-barton-gellman\/\"  data-omni-click=\"r'article',r'',d,r'intext',r'1',r'610573'\">he had reached out to me the previous spring<\/a>. \u201cIt was important that this not be a radical project,\u201d he said, an allusion to the politics of Glenn Greenwald and Laura Poitras, the other two journalists with whom he\u2019d shared <a target=\"_blank\" href=\"https:\/\/www.theguardian.com\/world\/2013\/jun\/06\/nsa-phone-records-verizon-court-order\"  data-omni-click=\"r'article',r'',d,r'intext',r'2',r'610573'\">digital archives purloined from the National Security Agency<\/a> a few months earlier. \u201cI thought you\u2019d be more serious but less reliable. I put you through a hell of a lot more vetting than everybody else. God, you did screw me, so I didn\u2019t vet you enough.\u201d He was referring to <a target=\"_blank\" href=\"https:\/\/www.washingtonpost.com\/world\/national-security\/code-name-verax-snowden-in-exchanges-with-post-reporter-made-clear-he-knew-risks\/2013\/06\/09\/c9a25b54-d14c-11e2-9f1a-1a7cdee20287_story.html\"  data-omni-click=\"r'article',r'',d,r'intext',r'3',r'610573'\">my profile of him in <i>The Washington Post <\/i>that June<\/a>, in which I had inadvertently exposed an online handle that he had still been using. (After that he had disappeared on me for a while.)<\/p>\n<\/section>\n<section id=\"article-section-3\">When we broke for the night, I walked into a hotel stairwell and down two floors, where I found an armchair in a deserted hallway. I might or might not have been under surveillance then, but I had to assume I would be once back in my room, so this was my best chance to work unobserved.<\/p>\n<p>I moved the audio files from the memory card of my voice recorder to an encrypted archive on my laptop, along with the notes I had typed. I locked the archive in such a way that I could not reopen it without a private electronic key that I\u2019d left hidden back in New York. I uploaded the encrypted archive to an anonymous server, then another, then a third. Downloading it from the servers would require another private key, also stored in New York. I wiped the encrypted files from my laptop and cut the voice recorder\u2019s unencrypted memory card into pieces. Russian authorities would find nothing on my machines. When I reached the U.S. border, <a target=\"_blank\" href=\"https:\/\/harvardlawreview.org\/2019\/06\/the-border-search-muddle\/\"  data-omni-click=\"r'article',r'',d,r'intext',r'4',r'610573'\">where anyone can be searched for any reason<\/a> and the warrant requirement of the Fourth Amendment does not apply, I would possess no evidence of this interview. Even under legal compulsion, I would be unable to retrieve the recordings and notes in transit. I hoped to God I could retrieve them when I got home.<\/p>\n<p class=\"dropcap\"><span class=\"smallcaps\">Were my security measures excessive?<\/span> I knew the spy agencies of multiple governments\u2014most notably the United States\u2019\u2014were eager to glean anything they could from Edward Snowden. After all, he had stolen massive amounts of classified material from NSA servers and shared it with Poitras, Greenwald, and me, and we had collectively published only a fraction of it. The U.S. government wanted Snowden extradited for prosecution. But I\u2019m not a thief or a spy myself. I\u2019m a journalist. Was I just being paranoid?<\/p>\n<blockquote><p><a target=\"_blank\" href=\"https:\/\/www.theatlantic.com\/magazine\/archive\/2015\/11\/if-youre-not-paranoid-youre-crazy\/407833\/\"  data-omni-click=\"r'article',r'',d,r'intext',r'5',r'610573'\">From the November 2015 issue: If you\u2019re not paranoid, you\u2019re crazy<\/a><\/p><\/blockquote>\n<\/section>\n<section id=\"article-section-4\">Six months earlier, in June 2013, when the Snowden story was less than two weeks old, I went on <i>Face the Nation <\/i>to talk about it. Afterward, I wiped off the television makeup, unclipped my lapel microphone, and emerged into a pleasant pre-summer Sunday outside the CBS News studio in the Georgetown neighborhood of Washington, D.C. In the back of a cab I pulled out my iPad. The display powered on, then dissolved into static and guttered out. <i>Huh?<\/i> A few seconds passed and the screen lit up again. White text began to scroll across an all-black background. The text moved too fast for me to take it all in, but I caught a few fragments.<\/p>\n<blockquote><p># root:xnu \u2026<\/p>\n<p># dumping kernel \u2026<\/p>\n<p># patching file system \u2026<\/p><\/blockquote>\n<p>Wait, what? It looked like a Unix terminal window. The word <i>root<\/i> and the hashtag symbol meant that somehow the device had been placed in super-user mode. Someone had taken control of my iPad, blasting through Apple\u2019s security restrictions and acquiring the power to rewrite anything that the operating system could touch. I dropped the tablet on the seat next to me as if it were contagious. I had an impulse to toss it out the window. I must have been mumbling exclamations out loud, because the driver asked me what was wrong. I ignored him and mashed the power button. Watching my iPad turn against me was remarkably unsettling. This sleek little slab of glass and aluminum featured a microphone, cameras on the front and back, and a whole array of internal sensors. An exemplary spy device.<\/p>\n<p>I took a quick mental inventory: No, I had not used the iPad to log in to my online accounts. No, I didn\u2019t keep sensitive notes on there. None of that protected me as much as I wished to believe. For one thing, this was not a novice hacking attempt. Breaking into an iPad remotely, without a wired connection, requires scarce and perishable tools. Apple closes holes in its software as fast as it finds them. New vulnerabilities are in high demand by sophisticated criminals and intelligence agencies. Shadowy <a target=\"_blank\" href=\"https:\/\/zerodium.com\/program.html#changelog\"  data-omni-click=\"r'article',r'',d,r'intext',r'6',r'610573'\">private brokers pay millions in bounties<\/a> for software exploits of the kind I had just seen in action. Someone had devoted resources to the project of breaking into my machine. I did not understand how my adversary had even found the iPad. If intruders had located this device, I had to assume that they could find my phone, too, as well as any computer I used to access the internet. I was not meant to see the iPad do what it had just done; I had just lucked into seeing it. If I hadn\u2019t, I would have thought it was working normally. It would not have been working for me.<\/p>\n<blockquote>\n<aside class=\"pullquote instapaper_ignore\"><em><strong>Someone had taken control of my iPad, blasting through Apple\u2019s security restrictions. I dropped the tablet on the seat next to me as if it were contagious.<\/strong><\/em><\/aside>\n<\/blockquote>\n<p>This was the first significant intrusion into my digital life\u2014that I knew of. It was far from the last. In the first days of 2014, <a target=\"_blank\" href=\"https:\/\/www.pbs.org\/wgbh\/pages\/frontline\/government-elections-politics\/united-states-of-secrets\/the-frontline-interview-thomas-drake\/\"  data-omni-click=\"r'article',r'',d,r'intext',r'7',r'610573'\">an NSA whistleblower, Tom Drake<\/a>, told me he had received an invitation from one of my email addresses, asking him to join me for a chat in Google Hangouts. It looked exactly like an authentic notice from Google, but Drake had the presence of mind to check whether the invitation had really come from me. It had not. An impostor posing as me wanted to talk with Drake.<\/p>\n<\/section>\n<section id=\"article-section-5\">Shortly after that, Google started refusing my login credentials on two accounts. An error message popped up in my mail client: \u201cToo many simultaneous connections.\u201d I looked under the hood and found that most of the connections came from IP addresses I did not recognize. On the Gmail page, a pink alert bar appeared at the top, reading, \u201c<a target=\"_blank\" href=\"https:\/\/www.theverge.com\/2012\/6\/5\/3066290\/google-state-sponsored-malware-attack-warning\"  data-omni-click=\"r'article',r'',d,r'intext',r'8',r'610573'\">Warning: We believe state-sponsored attackers may be attempting to compromise your account or computer<\/a>. Protect yourself now.\u201d<\/p>\n<p>Which state sponsor? Per company policy, Google will not say, fearing that information could enable evasion of its security protocols. I did some further reporting and later learned from confidential sources that the would-be intruder in my accounts was Turkey\u2019s national intelligence service, the Mill\u00ee Istihbarat Te\u015fkilat\u0131. Even though I never send anything confidential over email, this was terrible news. A dozen foreign countries had to have greater motive and wherewithal to go after the NSA documents Snowden had shared with me\u2014Russia, China, Israel, North Korea, and Iran, for starters. If Turkey was trying to hack me too, the threat landscape was more crowded than I\u2019d feared. Some of the hackers were probably better than Turkey\u2019s\u2014maybe too good to be snared by Google\u2019s defenses. Not encouraging.<\/p>\n<blockquote>\n<p id=\"injected-recirculation-link-1\" class=\"c-recirculation-link\" data-id=\"injected-recirculation-link\"><a target=\"_blank\" href=\"https:\/\/www.theatlantic.com\/magazine\/archive\/2014\/05\/we-need-more-secrecy\/359820\/\"  data-omni-click=\"r'article',r'',d,r'intext',r'9',r'610573'\">From the May 2014 issue: We need more secrecy<\/a><\/p>\n<\/blockquote>\n<p>The MacBook Air I used for everyday computing seemed another likely target. I sent a forensic image of its working memory to a leading expert on the security of the Macintosh operating system. He found unexpected daemons running on my machine, serving functions he could not ascertain. (A daemon is a background computing process, and most of them are benign, but the satanic flavor of the term seemed fitting here.) Some software exploits burrow in and make themselves very hard to remove, even if you wipe and reinstall the operating system, so I decided to abandon the laptop.<\/p>\n<\/section>\n<section id=\"article-section-6\">For my next laptop, I placed an anonymous order through the university where I held a fellowship. I used two cutouts for the purchase, with my name mentioned nowhere on the paperwork, and I took care not to discuss the transaction by email. I thought this would reduce the risk of <a target=\"_blank\" href=\"https:\/\/www.pcworld.com\/article\/2083300\/report-nsa-intercepts-computer-deliveries-to-plant-spyware.html\"  data-omni-click=\"r'article',r'',d,r'intext',r'10',r'610573'\">tampering in transit<\/a>\u2014something the NSA, the FBI, and foreign intelligence services <a target=\"_blank\" href=\"https:\/\/www.theverge.com\/2013\/12\/29\/5253226\/nsa-cia-fbi-laptop-usb-plant-spy\"  data-omni-click=\"r'article',r'',d,r'intext',r'11',r'610573'\">are all known to have done<\/a>. (No need to hack into a machine if it comes pre-infected.) But my new laptop, a MacBook Pro, also began to experience cascading hardware failures, beginning with a keyboard that lagged behind my typing, even with a virgin operating system. The problems were highly unusual.<\/p>\n<p>I brought the machine for repair to Tekserve, a New York City institution that at the time was the largest independent Apple service provider in the United States. I had been doing business there since at least the early 1990s, a couple of years after Tekserve set up shop in a Flatiron warehouse space. I liked the quirky vibe of the place, which had a porch swing indoors and an ancient Coke machine that once charged a nickel a bottle. But Tekserve\u2019s most important feature was that its service manager allowed me to stand with a senior technician on the repair floor as he worked on my machine. I preferred not to let it out of my sight.<\/p>\n<p>The technician tested and swapped out, seriatim, the keyboard, the logic board, the input\/output board, and, finally, the power interface. After three visits, the problem remained unsolved. Keystrokes would produce nothing at first, then a burst of characters after a long delay. Tekserve consulted with supervisors at Apple. Nobody could explain it. I asked the technician whether he saw anything on the circuit boards that should not be there, but he said he was not equipped to detect spy gear like that. \u201cAll I know is I\u2019ve replaced every single part in the machine,\u201d he told me. \u201cWe\u2019ve never seen this kind of behavior before.\u201d I gave up and got another one.<\/p>\n<\/section>\n<section id=\"article-section-7\">When the Snowden story broke, I was using a BlackBerry smartphone. I began to receive blank text messages and emails that appeared to have no content and no reply address. Texts and emails without visible text are commonly used to transmit malicious payloads. I got rid of the BlackBerry and bought an iPhone, which experts told me was the most secure mobile device available to the general public. I do not do sensitive business on a smartphone, but I did not like the feeling of being watched.<\/p>\n<p>In January 2014, I became an early adopter of <a target=\"_blank\" href=\"https:\/\/securedrop.org\/\"  data-omni-click=\"r'article',r'',d,r'intext',r'12',r'610573'\">SecureDrop<\/a>, an anonymous, encrypted communications system for sources and journalists. It is still the safest way to reach me in confidence, and I have received valuable reporting tips this way. Having advertised a way to reach me anonymously, I\u2019ve also gotten my share of submissions from internet trolls and conspiracy theorists, as well as run-of-the-mill malware. I never run executable files or scripts that arrive by email, so these were not a big concern. One day, however, a more interesting exploit showed up\u2014a file disguised as a leaked presentation on surveillance. I asked Morgan Marquis-Boire, a security researcher then affiliated with the Toronto-based Citizen Lab, if he would care to have a look. \u201cYou\u2019ve got a juicy one,\u201d he wrote back.<\/p>\n<blockquote>\n<p id=\"injected-recirculation-link-2\" class=\"c-recirculation-link\" data-id=\"injected-recirculation-link\"><a target=\"_blank\" href=\"https:\/\/www.theatlantic.com\/politics\/archive\/2015\/05\/the-vindication-of-edward-snowden\/392741\/\"  data-omni-click=\"r'article',r'',d,r'intext',r'13',r'610573'\">Read: The vindication of Edward Snowden<\/a><\/p>\n<\/blockquote>\n<p>Most hacking attempts are sent to thousands, or millions, of people at a time, as email attachments or links to infected websites. This one was customized for me. It was a class of malware known as a \u201cremote access trojan,\u201d or RAT, capable of monitoring keystrokes, capturing screenshots, recording audio and video, and exfiltrating any file from my computer. \u201cPiss off any Russians lately?\u201d Marquis-Boire asked. The RAT was designed to link my computer to a command-and-control server hosted by Corbina Telecom, in Moscow. If I had triggered the RAT, a hacker could have watched and interacted with my computer in real time from there. Other IP addresses the malware communicated with were in Kazakhstan. And internal evidence suggested that the coder was a native speaker of Azeri, the language of Azerbaijan and the Russian republic of Dagestan. But the moment Marquis-Boire tried to probe the RAT for more information, the command-and-control server disappeared from the internet.<\/p>\n<figure><picture><img class=\"lazyloaded aligncenter\" srcset=\"https:\/\/cdn.theatlantic.com\/thumbor\/W1ijrSCGdKoK5qSDN7usmO4vMTs=\/672x905\/media\/img\/posts\/2020\/04\/WEL_Gellman_Spot\/original.jpg, https:\/\/cdn.theatlantic.com\/thumbor\/td2RuIazCejT5JjkfKo1bmUfAl0=\/1344x1810\/media\/img\/posts\/2020\/04\/WEL_Gellman_Spot\/original.jpg 2x\" alt=\"illustration\" data-srcset=\"https:\/\/cdn.theatlantic.com\/thumbor\/W1ijrSCGdKoK5qSDN7usmO4vMTs=\/672x905\/media\/img\/posts\/2020\/04\/WEL_Gellman_Spot\/original.jpg, https:\/\/cdn.theatlantic.com\/thumbor\/td2RuIazCejT5JjkfKo1bmUfAl0=\/1344x1810\/media\/img\/posts\/2020\/04\/WEL_Gellman_Spot\/original.jpg 2x\" \/><\/picture><figcaption class=\"credit\">Illustration: Cristiana Couceiro; Barton Gellman \/ Getty<\/figcaption><\/figure>\n<p class=\"dropcap\"><span class=\"smallcaps\">Overtures of another kind<\/span> came to my colleague Ashkan Soltani soon after his byline appeared alongside mine in <i>The Washington Post<\/i>. \u201cWithin the span of a week, three hot, really attractive women messaged me out of the blue\u201d on OkCupid, he later told me over beers. Two of the women made their intentions known right away.<\/p>\n<\/section>\n<section id=\"article-section-8\">He pulled out screenshots of their messages. \u201cExcuse my brazen demeanor but i find you incredibley cute and interesting,\u201d one of them wrote. \u201cLet\u2019s meet up?\u201d<\/p>\n<p>Then, on the day they set, she proposed getting together at his place. \u201cIt\u2019s gloomy out. makes me want to cuddle,\u201d she wrote.<\/p>\n<p>\u201cThe fact that two girls in a row were making themselves available on the first date, I was like, <i>What the fuck?<\/i>\u201d he told me. \u201c<i>Am I being<\/i>, what\u2014there\u2019s a word for that\u2014\u201d<\/p>\n<p>\u201cHoney trapped,\u201d I said.<\/p>\n<p>\u201cYeah, honey trapped. I do okay, but it usually involves going out on a couple dates or whatever,\u201d he said. \u201cI don\u2019t think I\u2019m a bad-looking guy, but I\u2019m not the kind of guy women message out of the blue and invite me to cuddle.\u201d He decided to cancel.<\/p>\n<p>Soltani suspected an intelligence-agency setup\u2014\u201cthe Chinese government trying to get up on me\u201d\u2014in an effort to elicit information about the NSA documents, or to steal digital files. A well-known information-security attack known as the \u201cevil maid\u201d relies on brief physical access to a computer to steal its encryption credentials. As it happened, the Snowden files were at that time locked in a <i>Washington Post<\/i> vault, and kept separate from the electronic keys that allowed access to them, but outsiders would not know that. And an attractive spy might assume that, with the right enticements, anything was possible.<\/p>\n<p>When Soltani returned to OkCupid to document these interactions in more detail, he searched for the two women who had pursued him so aggressively. Their online profiles no longer existed.<\/p>\n<\/section>\n<section id=\"article-section-9\">Soltani did go out with the third woman who had reached out to him around the same time, \u201cbut for the longest time I would not bring her back to my house,\u201d he said. \u201cI wasn\u2019t comfortable. I remember that feeling. I would never leave my phone when I went to the bathroom. It\u2019s weird to have opsec when you\u2019re dating.\u201d<\/p>\n<p>By the time we had this conversation, in the late fall of 2015, Soltani and I had stopped writing stories for the <i>Post<\/i>. I was working on a book. Soltani had moved on to other things. He had retired his old laptop, returned an encryption key fob to me, and shed his last connection to classified materials. \u201cWhen we were wrapping up, it felt really good that I didn\u2019t have to carry this burden anymore,\u201d he told me. \u201cI mean, from the perspective of the duty to protect this stuff\u2014there\u2019s still stuff in there that I think should absolutely never see light of day.\u201d<\/p>\n<p>\u201cYou still constantly have to be diligent,\u201d he said to me. \u201cYou\u2019ve been doing it for, like, three years. How do you do on vacation?\u201d<\/p>\n<p>Well, about that. Preoccupation with surveillance had distorted my professional and personal life. I had balked at the main gate of Disney World when I realized I would <a target=\"_blank\" href=\"https:\/\/www.wired.com\/2015\/03\/disney-magicband\/\"  data-omni-click=\"r'article',r'',d,r'intext',r'14',r'610573'\">have to scan a fingerprint and wear a radio-tagged wristband<\/a> everywhere in the park. My partner, Dafna, standing with our 7-year-old son, dared me with her eyes to refuse. I caved, of course. I brought my laptop almost everywhere I went, even on beach and hiking trips. I refused to leave my bag at coat checks at parties. The precautions I took to protect my electronics inconvenienced my friends and embarrassed my family. \u201cYou\u2019re moving further and further into a world that I\u2019m not a part of, and that I don\u2019t understand and I don\u2019t want to be a part of,\u201d Dafna said one night. I had not come to terms, until that moment, with how abnormal my behavior had become. I never felt safe enough.<\/p>\n<\/section>\n<section id=\"article-section-10\">\n<blockquote>\n<p id=\"injected-recirculation-link-3\" class=\"c-recirculation-link\" data-id=\"injected-recirculation-link\"><a target=\"_blank\" href=\"https:\/\/www.theatlantic.com\/magazine\/archive\/2016\/11\/even-bugs-will-be-bugged\/501113\/\"  data-omni-click=\"r'article',r'',d,r'intext',r'15',r'610573'\">From the November 2016 issue: What surveillance will look like in the future<\/a><\/p>\n<\/blockquote>\n<p>I built ever-thicker walls of electronic and physical self-defense. At one point in the spring of 2013, I requested a dedicated locked room at the <i>Post <\/i>for use by the reporters who worked with the Snowden documents. On a subsequent visit, a facilities staff member proudly showed me and Soltani the new space, in a place of honor beside the company president\u2019s office. The room had one feature I had specifically asked to avoid: a wall full of windows. If you craned your neck you could see a beaux-arts mansion half a block to the west\u2014the Russian ambassador\u2019s residence in Washington. \u201cYou have to be kidding me,\u201d Soltani said. Crestfallen, I asked for a windowless space. The <i>Post<\/i> found one, installed a high-security lock, put a video camera in the hall outside, and brought in a huge safe that must have weighed 400 pounds.<\/p>\n<p>I acquired a heavy safe for my office in New York as well. I will not enumerate every step I took to keep my work secure, but they were many and varied and sometimes befuddled me. The computers we used for the NSA archive were specially locked down. Soltani and I used laptops from which we\u2019d removed the Wi-Fi and Bluetooth hardware, and disconnected the batteries. If a stranger appeared at the door, we merely had to tug on the quick-release power cables to switch off and re-encrypt the machines instantly. We stored the laptops in the vault and kept encryption keys on hardware, itself encrypted, that we took away with us each time we left the room, even for bathroom breaks. We sealed the USB ports. I disconnected and locked up the internet-router switch in my New York office every night. I dabbed epoxy and glitter on the screws along the bottom of all my machines, to help detect tampering in my absence. (The glitter dries in unique, random patterns.) A security expert had told me that detection of compromise was as important as prevention, so I experimented with ultraviolet powder on the dial of my safe in New York. (Photographing dust patterns under a UV flashlight beam turns out to be messy.) I kept my digital notes in multiple encrypted volumes, arranging the files in such a way that I had to type five long passwords just to start work every day.<\/p>\n<\/section>\n<section id=\"article-section-11\">At a farewell party for Anne Kornblut, who oversaw the <i>Post<\/i>\u2019s Snowden coverage, my colleagues put on a skit that purported to depict our story meetings. The reporter Carol Leonnig, playing the role of Anne, pulled out blindfolds for everyone in the pretend meeting. They had to cover their eyes, she explained, before Bart could speak. Funny and fair, I had to admit. I was a giant pain in the ass.<\/p>\n<p>But I felt I had to be, and my fear was that any single barrier could be breached. A friend who runs a lock and safe company told me that an expert safecracker could break into just about any commercial vault in less than 20 minutes. Intelligence agencies have whole departments working on how to stealthily circumvent barriers and seals. Special antennae can read the emanations of a computer monitor through walls. Against adversaries like this, all I could do was make myself a less appealing target. I layered on so many defenses that navigating through them became a chronic drain on my time, mental energy, and emotional equilibrium.<\/p>\n<p>Years later Richard Ledgett, who oversaw the NSA\u2019s media-leaks task force and went on to become the agency\u2019s deputy director, told me matter-of-factly to assume that my defenses had been breached. \u201cMy take is, whatever you guys had was pretty immediately in the hands of any foreign intelligence service that wanted it,\u201d he said, \u201cwhether it was Russians, Chinese, French, the Israelis, the Brits. Between you, Poitras, and Greenwald, pretty sure you guys can\u2019t stand up to a full-fledged nation-state attempt to exploit your IT. To include not just remote stuff, but hands-on, sneak-into-your-house-at-night kind of stuff. That\u2019s my guess.\u201d Because I\u2019d been one of Snowden\u2019s principal interlocutors, Ledgett told me he was sure there was \u201ca nice dossier\u201d on me in both Russia and China.<\/p>\n<\/section>\n<section id=\"article-section-12\">\u201cIf some of those services want you, they\u2019re going to get you. As an individual person, you\u2019re not going to be able to do much about that.\u201d<\/p>\n<p class=\"dropcap\"><span class=\"smallcaps\">On January 29, 2014,<\/span> James Clapper, then the director of national intelligence, <a target=\"_blank\" href=\"https:\/\/www.c-span.org\/video\/?317469-1\/hearing-global-security-threats\"  data-omni-click=\"r'article',r'',d,r'intext',r'16',r'610573'\">sat down at a Senate witness table to deliver his annual assessment<\/a> of worldwide threats, covering the gravest dangers facing the United States. He did not open his remarks with terrorism or nuclear proliferation or Russia or China. He opened with Edward Snowden, and within a few words he was quoting one of my stories. \u201cSnowden claims that he\u2019s won and that his mission is accomplished,\u201d Clapper said. \u201cIf that is so, I call on him and his accomplices to facilitate the return of the remaining stolen documents that have not yet been exposed, to prevent even more damage to U.S. security.\u201d<\/p>\n<blockquote>\n<p id=\"injected-recirculation-link-4\" class=\"c-recirculation-link\" data-id=\"injected-recirculation-link\"><a target=\"_blank\" href=\"https:\/\/www.theatlantic.com\/politics\/archive\/2014\/07\/a-devastating-leak-for-edward-snowdens-critics\/373991\/\"  data-omni-click=\"r'article',r'',d,r'intext',r'17',r'610573'\">Read: The latest Snowden leak is devastating to NSA defenders<\/a><\/p>\n<\/blockquote>\n<p>I pretty much stopped listening after the word <i>accomplices<\/i>. This was not an off-the-cuff remark. It was prepared testimony on behalf of the Obama administration, vetted across multiple departments, including Justice. <i>Accomplice<\/i> has a meaning in criminal law.<\/p>\n<p>\u201cI had in mind Glenn Greenwald or Laura Poitras,\u201d Clapper told me years later. \u201cThey conspired with him, they helped him in protecting his security and disseminating selectively what he had, so to me they are co-conspirators.\u201d<\/p>\n<\/section>\n<section id=\"article-section-13\">\u201cI wouldn\u2019t distinguish myself categorically from them,\u201d I said.<\/p>\n<p>\u201cWell, then maybe you are too. This is the whole business about one man\u2019s whistleblower is another man\u2019s spy.\u201d<\/p>\n<p>I asked Clapper whether I was a valid counterintelligence target.<\/p>\n<p>\u201cTheoretically you could be,\u201d Clapper said. \u201cGiven how Snowden is viewed by the intelligence community, someone who\u2019s in league with him, conspiring with him, that\u2019s a valid counterintelligence\u2014and for that matter law-enforcement\u2014target.\u201d<\/p>\n<p>Twice in February 2014, George Ellard, then the NSA inspector general, <a target=\"_blank\" href=\"https:\/\/www.politico.com\/story\/2014\/02\/nsa-inspector-general-edward-snowden-103949\"  data-omni-click=\"r'article',r'',d,r'intext',r'18',r'610573'\">referred to journalists on the story as Snowden\u2019s \u201cagents.\u201d<\/a> We had done more damage, he said at a Georgetown University conference, than the notorious FBI traitor Robert Hanssen, who\u2019d helped Soviet security services hunt down and kill U.S. intelligence assets.<\/p>\n<p>It became a running joke among U.S. officials that Bart Gellman should watch his back. In May 2014, I appeared on a panel alongside Robert Mueller, the former FBI director, to talk about Snowden. Mueller cross-examined me: Were the NSA documents not lawfully classified? Were they not stolen? Did I not publish them anyway? I held out my arms toward him, wrists together, as if for handcuffs. The audience laughed. Mueller did not.<\/p>\n<p class=\"dropcap\"><span class=\"smallcaps\">I know perfectly well<\/span> that government agencies prefer not to read their secrets on the front page. Sometimes they resent a story enough to investigate. <i>How in the blazes did the reporter find that out?<\/i> In serious cases maybe the Justice Department steps in. I knew all that\u2014but despite years of reporting on government secrets, I had not often experienced it personally. So, in the summer of 2013, when I came across my own name in the NSA archive Snowden had shared with me, I gawped at the screen and bit back an impulse to swear.<\/p>\n<\/section>\n<section id=\"article-section-14\">The document with my name on it was part of an NSA memo for the attorney general of the United States about \u201cunauthorized disclosures \u2026 of high-level concern to U.S. policy makers,\u201d referring in part to three <i>Washington Post<\/i> stories of mine about an intelligence operation gone wrong in the aftermath of the Gulf War. Reading the Snowden files, I learned that my reporting had been referred to the Justice Department for criminal investigation in early 1999. The FBI had been put on the case. I\u2019d had no inkling at the time. How much did the bureau find out about me and my confidential sources? The memo did not say. No harm, as far as I knew, had come to my sources, but I realized that for some I could not really say. It had been a long time.<\/p>\n<p>The most intriguing part of the memo was the framing of the harm that the NSA ascribed to my stories. \u201cPress leaks could result in our adversaries implementing Denial and Deception (D&amp;D) practices,\u201d the agency wrote. If adversaries know how the United States spies on them, in other words, they can do a better job of covering their tracks. That is a legitimate concern. But good journalism sometimes exposes deception by the U.S. government itself\u2014not only in tradecraft but in matters of basic policy and principle.<\/p>\n<p>One whole folder in the Snowden archive was devoted not to foreign spies but to journalists and the people who gave us information. The memos and slide decks laid out the grave dangers posed by news reporting. They also sketched the beginnings of a plan to do something about it: Every file in the folder mentioned a cryptonym that seemed to be the cover name for an effort to track and trace journalistic leaks.<\/p>\n<\/section>\n<section id=\"article-section-15\">The first time I heard the name <span class=\"smallcaps\">firstfruits<\/span>, years before the Snowden leak, a confidential source told me to search for it on the internet. All I turned up were ravings on blogs about spooky plots. The George W. Bush administration, according to these accounts, had an off-the-books spying program akin to the work of the East German Stasi. <span class=\"smallcaps\">firstfruits<\/span> allegedly listened in on journalists, political dissenters, members of Congress, and other threats to the globalist order. In some versions of the story, the program marked its victims for arrest or assassination. As best I could tell, these stories all traced back to a series of posts by a man named Wayne Madsen, who has aptly been described as \u201ca paranoid conspiracy theorist in the tradition of Alex Jones.\u201d I did a little bit of reading in these fever swamps and concluded that <span class=\"smallcaps\">firstfruits<\/span> was a crank\u2019s dark fantasy.<\/p>\n<p>Then came the day I found my name in the Snowden archive. Sixteen documents, including the one that talked about me, named <span class=\"smallcaps\">firstfruits<\/span> as a counterintelligence database that tracked unauthorized disclosures in the news media. According to top-secret briefing materials prepared by Joseph J. Brand, a senior NSA official who was also among the leading advocates of a crackdown on leaks, <span class=\"smallcaps\">firstfruits<\/span> got its name from the phrase <i>the fruits of our labor<\/i>. \u201cAdversaries know more about SIGINT sources &amp; methods today than ever before,\u201d Brand wrote. Some damaging disclosures came from the U.S. government\u2019s own official communications, he noted; other secrets were acquired by foreign spies. But \u201cmost often,\u201d Brand wrote, \u201cthese disclosures occur through the media.\u201d He listed four \u201cflagrant media leakers\u201d: the <i>Post<\/i>, <i>The New York Times<\/i>, <i>The New Yorker<\/i>, and <i>The Washington Times<\/i>. The <span class=\"smallcaps\">firstfruits<\/span> project aimed to \u201cdrastically reduce significant losses of collection capability\u201d at journalists\u2019 hands.<\/p>\n<\/section>\n<section id=\"article-section-16\">In NSA parlance, exposure of a source or method of surveillance is a \u201ccryptologic insecurity.\u201d If exposure leads to loss of intelligence collection, that is \u201cimpairment.\u201d I was fully prepared to believe that some leaks cause impairment, but Brand\u2019s accounting\u2014like many of the government\u2019s public assertions\u2014left something to be desired.<\/p>\n<p>By far the most frequent accusation invoked in debates about whether journalists cause \u201cimpairment\u201d to the U.S. government is that it was journalists\u2019 fault that the U.S. lost access to Osama bin Laden\u2019s satellite-phone communications in the late 1990s. It is hard to overstate the centrality of this episode to the intelligence community\u2019s lore about the news media. The accusation, as best as I can ascertain, was first made publicly in 2002 by then\u2013White House Press Secretary Ari Fleischer. After a newspaper reported that the NSA could listen to Osama bin Laden on his satellite phone, <a target=\"_blank\" href=\"https:\/\/georgewbush-whitehouse.archives.gov\/news\/releases\/2002\/06\/20020620-12.html\"  data-omni-click=\"r'article',r'',d,r'intext',r'19',r'610573'\">as Fleischer put it<\/a>, the al\u2011Qaeda leader abandoned the device. President Bush and a long line of other officials reprised this assertion in the years to come.<\/p>\n<p>But the tale of the busted satellite-phone surveillance is almost certainly untrue. The story in question said nothing about U.S. eavesdropping. And one day before it was published, the United States launched barrages of cruise missiles against al\u2011Qaeda training camps in Afghanistan and a factory in Sudan, including a facility that bin Laden had recently visited. After this, bin Laden went deep underground, forswearing electronic communications that might give his location away. Blaming a news story for this development, rather than a close miss on bin Laden\u2019s life, strained all logic. Yet somehow it became an article of faith in the intelligence community.<\/p>\n<\/section>\n<section id=\"article-section-17\">In 2001, according to Brand\u2019s NSA documents, the agency \u201cstood up\u201d a staff of leak trackers, and the CIA director hired a contractor \u201cto build [a] foreign knowledge database\u201d\u2014<span class=\"smallcaps\">firstfruits<\/span>. One of its major purposes was to feed information about harmful news stories to the \u201cAttorney General task force to investigate media leaks.\u201d<\/p>\n<p>The <span class=\"smallcaps\">firstfruits<\/span> project produced 49 \u201ccrime reports to DOJ,\u201d three of them involving me. The FBI, in turn, was left with a conundrum. What crime, exactly, was it being asked to investigate? Congress has never passed a law that squarely addresses unauthorized disclosures to reporters by public officials. The United States has no counterpart to the United Kingdom\u2019s Official Secrets Act. Government employees sign a pledge to protect classified information; if they break that pledge, they can lose their security clearance or their job. Those are civil penalties. When it comes to criminal law, they may be subject to charges of theft or unlawful possession of government property. The nearest analogy in the law, however, and the charge most commonly prosecuted in such cases, is espionage.<\/p>\n<p>Some people will see a kind of sense in that. A secret has been spilled, and damage potentially done. From the NSA\u2019s point of view, a loss is a loss, regardless of whether a foreign adversary learns the secret from a spy or a published news report. Before the disclosure, the NSA had a valuable source or method. Afterward, it does not.<\/p>\n<\/section>\n<section id=\"article-section-18\">But in other ways, espionage is a terrible fit for a news-media leak. Talking to a journalist is hardly tantamount to spying. Spies steal American secrets on behalf of some other country. They hope our government, and the general public, never learn of the breach. They intend, as the Espionage Act defines the crime, for the information \u201cto be used to the injury of the United States or to the advantage of [a] foreign nation.\u201d News sources, on the other hand, give information to reporters for the purpose of exposure to the public at large. They want everyone to know. They may have self-interested motives, but they commonly believe, rightly or wrongly, that their fellow citizens will benefit from the leak.<\/p>\n<p>Yes, news sources have on occasion been tried and convicted of espionage\u2014but in general forcing a whistleblower into the mold of a spy is disfiguring. If news is espionage, then George Ellard is right to call me an \u201cagent\u201d of the adversary, and James Clapper is right to call me an \u201caccomplice.\u201d From that basis, deploying the government\u2019s most intrusive counterintelligence powers against a journalist is but a short step.<\/p>\n<p>I\u2019ve thought a lot over the years about what the public\u2019s \u201cright to know\u201d is in the context of national security. Clearly there are circumstances in which the careful journalistic disclosure of certain classified facts is the right thing to do.<\/p>\n<p>What if the U.S. government deliberately exposed American troops to nuclear radiation in order to learn more about the medical effects? That really happened after World War II, and the public didn\u2019t learn about it until 1994. If reporters had known the truth in the \u201940s and \u201950s, should they have suppressed it?<\/p>\n<\/section>\n<section id=\"article-section-19\">What about if the U.S. government deliberately infected sex workers in Guatemala with gonorrhea and syphilis? That happened too, <a target=\"_blank\" href=\"https:\/\/perma.cc\/D7V9-YCVF\"  data-omni-click=\"r'article',r'',d,r'intext',r'20',r'610573'\">in wildly unethical experiments from 1946 to 1948<\/a>, which the government did not fully acknowledge until 2010.<\/p>\n<blockquote>\n<aside class=\"pullquote instapaper_ignore\"><em><strong>Homeland Security had produced a 76-page report of every international flight I\u2019d taken since 1983. Customs inspectors had secretly searched my checked baggage. Government spokesmen were forwarding my emails to the FBI.<\/strong><\/em><\/aside>\n<\/blockquote>\n<p>What if a classified military investigation found \u201cnumerous incidents of sadistic, blatant, and wanton criminal abuses\u201d against foreign detainees, in violation of the Geneva Conventions and the Uniform Code of Military Justice? <a target=\"_blank\" href=\"https:\/\/perma.cc\/VZ5L-PJP4\"  data-omni-click=\"r'article',r'',d,r'intext',r'21',r'610573'\">That happened at the Abu Ghraib prison in 2003<\/a>. Much the same sequence of events, with classification stamps employed to conceal information that public officials could not or did not wish to justify, took place after the government tortured al\u2011Qaeda suspects in secret prisons, authorized warrantless surveillance of U.S. citizens, and lied about intelligence on weapons of mass destruction in Iraq. These were history-making events, full of political and legal repercussions, but they were hidden from public scrutiny until news stories broke through barriers of classification.<\/p>\n<p>At heart, national-security secrecy presents a conflict of core values: self-government and self-defense. If we do not know what our government is doing, we cannot hold it accountable. If we do know, our enemies know too. That can be dangerous. This is our predicament. Wartime heightens the case for secrecy because the value of security is at its peak. But secrecy is never more damaging to self-government than in wartime, because making war is the very paradigm of a political choice.<\/p>\n<\/section>\n<section id=\"article-section-20\">But our government clearly doesn\u2019t see it that way. Here are some facts I\u2019ve learned, through Freedom of Information Act requests and a lawsuit I filed to enforce them, about various government actions that involve me. The Office of the Director of National Intelligence said it had completely withheld 435 documents about me, but its explanation was classified and my lawyers at the Reporters Committee for Freedom of the Press were not allowed to read it. Homeland Security personnel, I learned from one document, had produced a 76-page report of every international flight I\u2019d taken since 1983. Customs inspectors had secretly searched my checked baggage when I returned from more than one overseas reporting trip. The reasons for and results of those searches were redacted. Hundreds of emails recorded behind-the-scenes reactions and internal debates about how to respond to my questions or stories. The government asked the court to withhold all of those on grounds of deliberative privilege.<\/p>\n<p>I learned something else by way of FOIA. It turned out, according to internal government correspondence I received in the course of my lawsuit, that government spokesmen were forwarding my emails to the FBI. The NSA public-affairs shop subsumed its work entirely to law enforcement. The spokesmen did not even have to be asked. They volunteered. \u201cBelow please find correspondence between reporter Bart Gellman and NSA &amp; ODNI public affairs,\u201d a senior intelligence official, whose name is redacted in the FOIA release, wrote on December 21, 2013, to a manager in the Office of the National Counterintelligence Executive, or NCIX. \u201cIn the email, Gellman references conversations he has with Edward Snowden \u2026 Are these emails useful for NCIX?\u201d<\/p>\n<\/section>\n<section id=\"article-section-21\">The manager replied, \u201cYes, these types of correspondence are useful. We will ensure they get to the FBI investigations team.\u201d<\/p>\n<p>According to an affidavit from David M. Hardy, the section chief in the FBI\u2019s Information Management Division, my name appears in files relating to \u201cinvestigations of alleged federal criminal violations and counterterrorism, counterintelligence investigations of third party subjects.\u201d Not only the Snowden case, that is\u2014<i>investigations<\/i> and <i>third-party subjects<\/i>, plural. Some of those files, Hardy said, may appear in an electronic-surveillance database that includes \u201call persons whose voices have been monitored.\u201d Turns out I wasn\u2019t being paranoid.<\/p>\n<p>Equally unsettling were the redactions themselves and the reasons given for them. Even the names of the FBI files, Hardy told the court, would give too much away. The file names specify \u201cnon-public investigative techniques\u201d and \u201cnon-public details about techniques and procedures that are otherwise known to the public.\u201d The FBI is especially concerned about protecting one unspecified intelligence-gathering method. \u201cIts use in the specific context of this investigative case is not a publically known fact,\u201d Hardy wrote. The bureau wants to protect \u201cthe nature of the information gleaned by its use.\u201d<\/p>\n<p>Those are not comforting words.<\/p>\n<\/section>\n<p>_______________________________________________<\/p>\n<p><small><em>This article was adapted from Barton Gellman\u2019s book <\/em><a target=\"_blank\" href=\"https:\/\/www.penguinrandomhouse.com\/books\/316047\/dark-mirror-by-barton-gellman\/\"  data-omni-click=\"r'article',r'',d,r'intext',r'22',r'610573'\">Dark Mirror: Edward Snowden and the American Surveillance State<\/a><em> (Penguin Press). It appears in the June 2020 print edition with the headline \u201cOperation <span class=\"smallcaps\">FIRSTFRUITS<\/span>.\u201d<\/em><\/small><\/p>\n<p style=\"padding-left: 40px;\"><a href=\"https:\/\/www.transcend.org\/tms\/wp-content\/uploads\/2020\/05\/bartongellman.jpg\" ><img loading=\"lazy\" decoding=\"async\" class=\"alignleft wp-image-161668 size-full\" src=\"https:\/\/www.transcend.org\/tms\/wp-content\/uploads\/2020\/05\/bartongellman-e1590383708427.jpg\" alt=\"\" width=\"100\" height=\"100\" \/><\/a><\/p>\n<p style=\"padding-left: 40px;\"><a target=\"_blank\" href=\"https:\/\/www.theatlantic.com\/author\/barton-gellman\/\" class=\"author-link\"  data-omni-click=\"inherit\">Barton Gellman<\/a> is a staff writer at <em>The Atlantic<\/em> and author of <a target=\"_blank\" href=\"https:\/\/www.amazon.com\/Dark-Mirror-Snowden-American-Surveillance\/dp\/1594206015\" ><em>Dark Mirror: Edward Snowden and the American Surveillance State<\/em><\/a> and <a target=\"_blank\" href=\"https:\/\/www.amazon.com\/exec\/obidos\/ISBN=0143116169\/theatla05-20\/\" ><em>Angler: The Cheney Vice Presidency<\/em><\/a>.<\/p>\n<p>&nbsp;<\/p>\n<p><a target=\"_blank\" href=\"https:\/\/www.theatlantic.com\/magazine\/archive\/2020\/06\/edward-snowden-operation-firstfruits\/610573\/\" >Go to Original &#8211; theatlantic.com<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Jun 2020 issue &#8211; \u201cWhat time exactly does your clock say?\u201d asked the voice on the telephone, the first words Edward Snowden ever spoke to me aloud. I glanced at my wrist\u20143:22 p.m. \u201cGood. Meet me exactly at four. I\u2019ll be wearing a backpack.\u201d The rendezvous point Snowden selected on 5 Dec 2013 was a casino hotel called the Korston Club in Moscow. After receiving a trove of documents from the whistleblower, I found myself under surveillance and investigation by the U.S. government.<\/p>\n","protected":false},"author":4,"featured_media":161668,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[60],"tags":[910,269,1452,1724,1220,1006,1109,911,921],"class_list":["post-161667","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-whistleblowing-surveillance","tag-big-brother","tag-communication","tag-edward-snowden","tag-nsa","tag-privacy","tag-social-media","tag-spying","tag-surveillance","tag-whistleblowing"],"_links":{"self":[{"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/posts\/161667","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/comments?post=161667"}],"version-history":[{"count":0,"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/posts\/161667\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/media\/161668"}],"wp:attachment":[{"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/media?parent=161667"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/categories?post=161667"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/tags?post=161667"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}