A Roundtable Conversation on Intelligence and Terrorism Part Three: Sharing Intelligence in Counterterrorism
The participants in this conversation were guaranteed anonymity to encourage a frank discussion of sensitive issues. Their opinions are their own and do not reflect the official policy or positions of the U.S. government or any other government, agency, or official entity. The icons at the beginning of paragraphs are assigned to individual speakers.
MODERATOR: I would like to suggest we not restrict our discussion to the issue of sharing intelligence between nations, but that we also consider the domestic experience represented by the participants in this meeting. In the United States, we have a lot of problems with information and intelligence sharing, both within the federal government and between the federal government and the states. I suppose I am asking whether we can learn about international sharing from considering our domestic problems. I am inclined to think that our domestic experience is relevant, that the problems that crop up among U.S. agencies, for example, are not too different from the problems that nations have with sharing intelligence.
Let me explain what our experience is in Europe. We distinguish two different types of relations: bilateral or trilateral and multilateral. Normally, the operational sharing, all of which is of a sensitive technical nature, we do with a partner, or two or three partners. Multilateral sharing, of course, is used to spread a warning: to communicate the name of suspects, for example. In Europe, for 50 years now we have had a club called the Club of Berne. Members' internal security services are invited to join the Club. There are 25 members, all of which are members of the European Economic Community (EEC), plus Switzerland and Norway. Now Croatia also will be invited to join. What do we do? We have a cyphered communication system, which is very convenient, and we can extend it to other countries like the Federal Bureau of Investigation (FBI) in the United States, Australia, and Japan. It depends on the case. We exchange names of suspects, and other information. We also meet twice a year at the director level. The directors can talk quite confidentially about many things, and we also have working groups on counterespionage, on technical issues, and on terrorism. After 9/11, the antiterrorist group was changed to a bigger one called the CTG, the Counter Terrorist Group, and we now have more meetings and work more intensively. We also have tried, even before the Arab Spring, to have contact with services in North Africa. So the Berne Club is an organization that is not very well known, but which works well. It is again easier for internal security services [to share information] than for external services. The Berne Club can't exist unless smaller clubs of three or four—the British, the German, the French—meet regularly, but there is no such global organization because we think that this is a problem for the EEC. The EEC will want to develop its own international intelligence service. Members are not ready for that yet because it's a question of sovereignty.
Another thing that I wanted to raise—this is very important in matters of intelligence—is that the information given by a friendly service is the property of the friendly service that gave it. You [the recipient] do not have the right to share it. This is a principle for all the services. The advantage that all services, both intelligence and law enforcement, have is that we have special judges. We can prepare the manner in which we are going to communicate the information together with the service that gave the information to us. We must protect the source. This is very important.
As the situation in Syria deteriorated, we established a JIC, a Joint Intelligence Center. It exists at both the domestic level and the international level. We have partners from the United Kingdom, France, Canada, and the United States. All services are represented in this center, which is a very effective center: it collects and analyzes information for all the requirements of the intelligence services that are focused on Syria.
I think, from my experience, that intelligence sharing is based on two elements. First is the legal framework in which your country is operating and the framework in which the intelligence sharing partner's country operates. I will come back to that in just a minute. The second element is a very calculated decision on the risks and benefits of sharing that intelligence. In Europe, it is relatively straightforward in terms of the legal framework because we are all bound, for instance, by the European Convention on Human Rights, and we have similar jurisdictional approaches to the way in which investigations are conducted. These ultimately lead, we hope, to a successful conviction in court. That becomes much more problematic when you are dealing with other countries that are not bound by the European Convention of Human Rights; that situation has led to very different interpretations between, for instance, the UK and the U.S., on the interpretation of the Geneva Conventions. That problem relates specifically to the way in which information has been extracted from prisoners and detainees. Also, it leads to a potentially very difficult situation in which the UK might want to share some lead intelligence on a target of interest to the U.S., but there is concern about how that intelligence will be exploited, because it is very clear in the UK that we cannot conduct straightforward kill operations. The U.S. has a different position. That does cause problems for us in the UK and for some of our European partners.
You mean, in Iraq, all of those operations in which the British killed people were originally intended just to capture them?
Absolutely. The purpose of those operations, the primary purpose of those operations, had to be to capture. We could not legally conduct kill-or-capture operations. It was always capture. If the individual chose not to surrender in circumstances where lethal force had to be used, that was regrettable, but then lethal force was used. That was our default setting, and of course, that does then create problems when you are dealing with your closest ally which had a different approach.
The second element [governing the sharing of information] is the risk/ benefit analysis. The situation post-9/11, I think, has fundamentally changed the way in which the need to share intelligence has developed. We got to a point where the default setting was "need to share" rather than "need to know" when it came to counterterrorism. I think we need to consider counterterrorism separately, because when it comes to counterintelligence and counterespionage, I think the rules remain very different. In those cases, you take a very calculated view on the reliability of the partner service with which you potentially want to exchange information. You know, Moscow rules1 still apply, and I suspect there are one or two other target countries [besides Russia] that conduct very successful and very aggressive penetration operations against most of our partners. Therefore you would choose very carefully what it was you want to share with those countries, for fear of that intelligence becoming compromised.
But when it comes to counterterrorism, then again the default setting has been "need to share" rather than "need to know." From my experience, that default setting has become slightly eroded. The reason it has become eroded is because of concern for what would eventually happen to that intelligence. If any of the intelligence services acquires intelligence on a target that is the subject of an investigation, then I think they will find it very difficult to keep control of that intelligence, and not be required to release that intelligence into the criminal justice system. Certainly, when I first joined the service, which is not that long ago, you were confident that when you acquired intelligence and you recorded that intelligence, you were never going to have to release that intelligence unless you chose to do so. The situation now is very different. Certainly my former colleagues who work in the counterterrorism world now work on the assumption that absolutely everything that they do, say, and record could become a matter of public record [through a trial]. That potential just makes the whole business of exchanging and managing intelligence that much more difficult, and creates concern in the minds of some of our closest allies. We have seen it with the United States, where the United States has asked for assurances that intelligence that is going to be shared with us will remain out of the criminal justice system. That is no longer, I think, a guarantee that we can give.
Not to say this is a contradiction, but it seems to me that you are arguing that, on the one hand, sharing intelligence in counterterrorism is easier because the threat is more shared, so to speak. On the other hand, it is more problematic because, from the viewpoint of the intelligence organization, it may become a [public] criminal matter.
What I am saying is that the constraints and the concerns when it comes to sharing intelligence on counterterrorism are very different from the constraints and the concerns that exist from sharing intelligence on counterespionage and counterintelligence matters. I think there are several reasons why it [sharing counterterrorism intelligence] is easier. One is because in counterterrorism, there is a threat to life. Therefore, with any intelligence we receive that relates to a threat to life, we are under a duty to do something with that intelligence. Where that becomes problematic is where you think, know, or believe that this intelligence will then be exploited in a way that is contrary to the legal framework in which you are operating. Then it becomes a question of whether you share that intelligence in a way, with caveats, so you have a reasonable degree of assurance that this intelligence will be exploited in a way that is appropriate [according to the laws you are operating under]. It works both ways, and it has become really problematic for the UK government to receive intelligence from governments where we believe that intelligence could have been extracted in a way that is unlawful [in the UK]. It has become such a problem that the Foreign Office is now investing what is, for the UK, very significant sums of money in enhancing capability and capacity in certain countries' criminal justice systems so that they can conduct operational activity and extract information and intelligence in a way that is compatible with our legal framework. We have gotten ourselves into terrible trouble in the courts through having to admit that we have intelligence that was extracted through the use of torture.
MODERATOR: Could you explain why there has been this shift that has made it more difficult to prevent the intelligence from getting into the criminal justice system? What is the origin of that change?
In the UK, you absolutely have to disclose to the defense any evidence or intelligence that you have on which you have based your investigation, and which has resulted in someone being arrested and brought to trial. So we have now got vetted [security cleared] defense lawyers, and there are special procedures for managing the way that intelligence will be used in trial. But they are still jury trials and they can be held in camera2 up to a point, but you still have to disclose to the defense, and therefore by and large to the defendant, how that intelligence has been acquired. It is a real problem in terms of compromising our own tactics, techniques, and procedures, and then there is a real problem in compromising intelligence that has been acquired from a foreign country.
It is interesting to hear how that is done on the other side of the channel, because [in France] until now we could tell the court, "This is our investigation, we have nothing to add." We didn't give our sources when we presented the case. Now we do because there are special judges, special courts. But sometimes, of course, the lawyers for the defense will say, "Maybe this information you have was obtained under torture." When we receive information, we don't specify whether it is from abroad or from a [domestic] source. Also, can you imagine asking a friendly service if they have obtained the information under torture? No, you receive the information and you check the information. That's all.
But the French judicial system is very different. We [in the UK] have an adversarial system where the prosecution has to prove someone's guilt. You know the defendant will have a good idea of how the case is being developed against him or her. If the defendant suspects that some of the intelligence could have come from a friendly country in another part of the world where there is less—there is a different respect for human rights and where they are not bound by the European Convention on Human Rights, then the defense lawyer is under a duty to find the best possible defense. The lawyer can then go on a fishing expedition, and will ask, "Where does this information come from, how was it acquired, was it acquired lawfully, is it admissible?" because of course, the first thing the defense lawyer is going to try to achieve in court is to get the most damaging evidence removed as inadmissible.
The same is true in the United States. It is called "defense by CIA." The defense asks for all these intelligence documents to prepare the client's defense and the government has to give up the prosecution because it can't turn all of that information over.
We [in France] have another problem that now preoccupies us. The court, the judges— most of them—more and more often ask that we declassify our documentation. Of course, we can't accept this, because we have to protect our sources and protect the information coming from abroad. An independent commission examines the documents, and they say we can declassify this or that. Until now, the independent commission always protected sources, but there is a lot of pressure now. Courts and judges are more and more aggressive, so of course we are concerned about this for the future.
A last point. In terms of my professional experience of managing liaison relationships, there have been instances where it has been easier to share intelligence with certain organizations within the U.S. system than with others, where it had been made very clear that we shouldn't be sharing certain intelligence [given to us by one U.S. organization] with other U.S. government organizations. This is less common in France, but it has happened in France as well, but maybe that was the bad old days.
I think that the counterterrorist threat and the whole world of counterterrorism has changed intelligence in every way; in particular, it has changed intelligence sharing. It used to be that you could give a colleague from another country or another service a piece of paper and say, "This is the number, say, of SX-20 missiles that we believe the Soviet Union possesses. This is the result of our analytical product." They would either agree or disagree, and you might have some minor technical differences and so on, and then you passed documents back and forth. There was no particular legal action expected on either party at the end of that. The counterterrorist threat, however, always contains the expectation that this is a matter that could go to court. So right from the beginning, every partner has to assume that the other partner has specific responsibilities and restrictions and limitations on what can happen to data and how data can be transmitted.
Our colleague and I shared some experiences trying to work with the incredibly difficult German legal system, where, when we gave them a piece of information, it was almost guaranteed that it was going to get into the court system. We have the same problem in the United States when information is given to us. If it looks like it is prosecutable or could result in an investigation, we don't want to receive it. Give it to the Bureau [FBI] because it is going to become a legal matter. It is eventually going to have to go through some kind of a legal system. So while we may want it as intelligence, we don't want to be the action agency for it. We want the Bureau to obtain it on their own so that they have a clear chain of evidence from the origin of the information right to the moment where they take it in trial, so that they can do their job. The other thing about intelligence sharing that I think is important to understand, at least from the point of view of the problem that the Americans have, is we don't go to you anymore, to anybody, with a piece of paper. We say, "Open your pipeline." Many countries don't have a pipeline.
When you say pipeline, what are you… ?
When you are dealing with counterterrorism in particular, people don't want analytical conclusions. They want raw data. We—the Americans, British, French, and others—set up a program in Europe a few years ago that eventually involved six nations and 12 intelligence services in an operational mode. Simply to get the information to those partners that needed it to do the operational part required us, the United States, to construct an entire transmission system from NSA [National Security Agency] headquarters all the way through several modes, nodes, and everything else, into a certain office in Paris where that information could be received. Now, we are talking about huge data pipelines that nobody in Europe had. It would not have done us any good at all to try to set up that program without providing the partners with the intelligence—not the analytical product, but the raw, continuing data stream. That required several countries to make agreements between [their own] external and internal services on data sharing, which had never existed before. They didn't share that data with one another [in the past]. They had to share the data with one another now because that was the only way that we, through our system, could get the data to them and move the data around in an efficient manner. The public has no idea of how much data is flowing around. Or maybe I shouldn't call it data. But I have read all the academic theories and papers and everything else about how this should be done, and they have no idea what the daily stream looks like. It looks like what you see in that movie, The Matrix—falling dots and ones and zeros and everything else—that is the world you are entering into. Out of all of that crap, there might be one iota of importance. But those machines need to be talking to one another to get that one iota of difference. It is beyond human capability.
Was there any filtering done?
No, not really. You can't filter it. That is the problem. You cannot filter it.
Okay, but when this data is transmitted, that data alone won't reveal …
It is not a product that any human being has intervened with and said, "Oh, this is Mr. So-and-So, and he is talking to Mr. Jones." First of all, you should not be sharing intelligence broadly with anybody. You should be sharing intelligence on subjects of mutual concern. I don't care whether it is internal or external. I do not believe in "need to share." I don't really believe Bradley Manning3 needed to be reading diplomatic cables between different posts that had nothing to do with his job. But we set up a system where he had it.
Anyway, the problem of the huge data sets—I shouldn't use that term data sets because they are not data sets. It is just raw garbage traffic, SIGINT [signals intelligence], HUMINT [human intelligence], everything. You have got to have an agreement among the partners, whether it is one, three, or 90, that this is the kind of data that they want to have. That is sometimes difficult to achieve. You can continue to share pieces of paper on other matters. You don't set up one system to preclude another one. But when you are talking about the counterterrorism world, because it [the information] could result in arrests, trials, and convictions, you have got to offer all of those partners—everybody has got to be sharing the same original data. Believe me, that is hard to do. I examined something once where we were looking at passing some simple stuff by classified fax system to a partner or to a major ally. We realized that the nature of the software itself militated against simply sending faxes back and forth, because the other data that was in the original document before it got redacted for whatever purposes internally remained inherently in the document according to the way Microsoft structured the software. So we actually had to go to Microsoft and make a change in the software so that we could securely pass data that we meant to pass, without creating the kind of case that our colleague described, in which somebody would innocently get a Microsoft document, but then the trial lawyer knew the Microsoft system well enough to figure out how to look at all of the earlier versions so he could see what people had redacted, changed, and everything else. This is not what you want to wind up with in court. So you don't want to be passing that to an ally. You want to make sure what you are passing to an ally is your best estimate or the reality, and that it is in a form that the ally can use.
But that is separate from that raw data flow you were talking about.
That is separate from it, but it is just an example of the kind of real problem that you run into that people don't expect or understand. But let's go back to the big data pipe. The other problem that you are inevitably going to have is that somebody is going to come along and say, "You are sharing stuff with another intelligence service that you are not sharing with us." And we say, "Well, you have no need for it." But they don't like that.
The other thing is that in the world of counterterrorism, you are going to deal with intelligence matters, and you're going to pass intelligence to partners whom you may not want to deal with. That's simply the way it is. What you do in that case is you have to make sure that what you are sharing is very clearly delineated and defined, and that the sharing is restricted to that. We then get back to the problem of the big pipeline. How the hell do you restrict that pipeline? It is not an easy process. It can be done, it is done on a daily basis, and occasionally there are mistakes, and occasionally traffic gets into that pipeline that is supposed to be restricted—that shouldn't get into it. Then you have hell to pay. But you know, these are the realities that you are dealing with every day.
The last thing I will say about [intelligence sharing] is that everybody wants to come to Washington. People are thinking, "Let's move our liaison operations to Washington because then we get closer to headquarters." That is the worst place to be. The people who are furthest removed from any idea of what is going on on the ground, anywhere in the world, are in Washington, D.C. They think they are the greatest experts, but what you have always got to remember, when you're dealing with the people in any national capital, is that you are dealing with political appointees. You're no longer dealing with professionals. The decisions are being made by political appointees, and I have seen over and over and over again a very good intelligence relationship ruined because somebody says, "Wow. Let's get around the local representative and let's move everything to Washington where we have direct access." The next thing you know, you've got someone from a foreign intelligence service with his briefcase going all over Washington, asking, "Will you give me this?" "No, I won't give you this for the following reasons." He'll go to another agency: "Will you give me this?" "Did the other guy say he won't give it to you?" "Yes." "Oh, I'll give it to you then because I want to establish a relationship." That is what winds up happening to you. People start bartering, and it becomes a nightmare.
A fundamental reality that I think is important to bear in mind in all of this—and the various folks here have touched on it already—is that in the counterterrorism world, speed is probably more important than in almost any other aspect of intelligence work, and I think it complicates information sharing. You see this as soon as you go to work in the CT area. It is not just that days matter, but hours matter and sometimes minutes matter. Not in every case, certainly, but in some cases. You know, these days the person who learns that some suspect character is taking flight lessons—but is not interested in learning how to land the plane, only in how to maintain it in flight— and doesn't pass that information up the chain rather quickly and make sure it ultimately gets shared around, is in very, very serious trouble. So I think that's an underlying reality that complicates this whole question as well, because you have to make these decisions as to what gets shared very, very quickly. In some cases, anyway.
Maybe we should think of it as a balance. The American partner brought huge amounts of material, but we sometimes had the possibility to verify something through our own sources, human sources, and everybody realized that it was an advantage to share very concretely.
MODERATOR: So in other words, there will inevitably be specialization. Some information that is passed to another country can only be made effective because of particular local knowledge or access to people. The FBI is the agency that is going to talk to people in the United States, not the French Service, and vice versa. Without even planning it, there is a kind of specialization that is implied.
Yes, you share because your partner can do something that you cannot, or can do it better.
MODERATOR: I wanted to ask our colleague: When you are talking about the JIC concerning Syria, is its work intended to be operational or more analytical? Is it to understand what is happening in Syria, or to deal with the consequences of what is going on in Syria?
Yes, it is analytical, but it can be used operationally. This center is just for the armed forces. It is concerned about the terrorists or the fringe groups that are active in Syria.
MODERATOR: So for example, it watches the movement of people into Syria to join in the fighting? And possibly is stopping them from moving there?
Yes. Collecting information from all the refugees and all the people who are coming to Jordan as visitors, actually. It is concerned about all of these people [coming from Syria].
MODERATOR: When that JIC was set up, was what would be shared clearly established?
It is a common interest, actually. For all partners in the JIC, it is a common interest. The United States is interested in Syria. France the same, the UK the same, Jordan the same. So I think in this matter, there is no sensitive information about these things. The members have a common interest in these things. In my opinion, regarding the Syria situation, the terrorists who move there or the fringe groups, there is no sensitive information at all.
That is a very important point. When you start dealing with counterterrorist information, classification doesn't really matter any longer.
Wait a minute. Let me finish. Classification doesn't matter in the sense that you need to move on the data, on the information. So yes, you are going to respect your classification guidelines and everything else, but what does matter is the methods that you have used to gather that data. They may need to be protected. But the data itself you can move. That is what I meant.
The way that counterterrorism needs to be approached has required a change in the way that the military and law enforcement community operates. The United States may always have been much more sophisticated than the UK in this, but when we first started conducting kinetic operations against high-value targets in Iraq, it took a long time to explain to the military that there was enormous value to be had in collecting pocket litter. It took a while to get some of our specialist units to understand that the body at the end of the operation wasn't necessarily the most important thing, but the mobile phone, the computer, all the rubbish that was in the flat or the building in which the target was found—all of that stuff potentially was gold dust. That concept in itself has required the military to change and adapt the doctrine by which they operate, and it has also required a huge infrastructure behind it to enable what is called the personnel and material exploitation phase of an operation.
When it comes to the law enforcement community, the other aspect is that the sheer volume of information that needs to be moved and needs to be shared, certainly in the UK's experience, has meant that agencies that were traditionally UK-focused, and UK-focused alone, now operate in the international arena. It started off with the [British internal] security service having a liaison officer in Paris, which was in itself a big deal for SIS [Security Intelligence Service, the British external service], because up until that point, SIS wanted to protect the liaison relationship, wanted to be the "front of house" for the whole of the UK's intelligence and law enforcement community. Just the sheer volume and scale of the exchange that was required brought the recognition that it would make sense to have a security service officer present in Paris who was liaising directly on issues that were of specific interest to the security service. We now have got to the point where we have any number of UK police counterterrorism liaison officers posted around the world to liaise with local police and to facilitate the ongoing investigations that are taking place. I believe there is a UK CT liaison officer in Jordan, for instance.
Yes, that's true.
Until recently, that role was the sole preserve of SIS. We wouldn't have allowed anyone else to come anywhere near our liaison relationships. They were ours, we protected them, and we guarded them very jealously. In the real world, you can't do that anymore. So that has required the Metropolitan Police, and others—we now have immigration officers overseas, and so on—culturally to change the way they operate, and it has also brought them into this really difficult world of information sharing: what are the legal constraints, what are the operational considerations that need to be thought through, and so forth? My understanding is that the same thing has happened in the United States. There has been a similar encroachment, as it were, by NYPD [New York Police Department] and potentially others, into areas that have traditionally been the preserve of the CIA.
But I think counterterrorism is not a competition between countries or between services or between agencies.
I agree; it shouldn't be. But the reality is different.
If you hide something from other agencies or from other services, this may be the most important information those other agencies need to complete the whole picture about the situation or about somebody. When you hide this information, maybe it will allow this person or this organization to [carry out an attack] someplace: maybe in your country, maybe in my country, or in other countries. If you share the information, just a small piece of information, because of other information that the other service has, then maybe it will bring the end of this terrorist attack or terrorist organization. So, in my opinion, sharing information is very important for everybody.
You are exactly correct, but respect for the sources and methods used to obtain that information is extremely important. For example, if Jordan has a singular source within a group who is providing information about a potential attack in the United States, and you pass that information to a local police representative as opposed to the CIA or the FBI representative in Amman, that information may appear in the newspaper because the police agency has a close personal relationship with the reporters, and then your singular source is in danger.
That happens? [Laughter]
I know, it's a mystery to me, too. [Laughter] So it is very important that the agencies involved in the collection of intelligence [overseas] understand that those of us who are involved at the U.S. federal level have certain rules and regulations that we follow in regard to intelligence collection, whether counterespionage, counterintelligence, or counterterrorism, in respecting your sources of information, the CIA's sources of information. It is extremely important, and I can guarantee that American domestic law enforcement for the most part does not understand that.
American law enforcement culturally uses what they call CIs, confidential informants. Snitches. It is one criminal ratting out another criminal. There is no real respect for that person as a source. They don't protect them. I am not talking about the federal level, the FBI level. I am talking about police at the local level.
First of all, U.S. law enforcement is very fragmented, decentralized, and you're dealing with different agencies and different people who don't have that experience of dealing with classified information. Also, they don't all get along, especially not the federal agencies and the state and local agencies, so the only way that [sharing information] is going to work in that case is if people get to know each other and they come to trust each other.
MODERATOR: But it seems to me that, as our colleague was saying before about Europe, one of the ways intelligence sharing can work is when there is a set of procedures that all involved agree to follow. In that case, there is no question that the personal relationship alone is what makes information sharing possible. Also, in the case of the JIC focus on Syria, our colleague didn't say, "Well, it's just because these guys got to know one another." Common interests were important to encourage sharing in that case, but procedures—not just personal relationships—seem to make sharing possible.
But you have to be careful about whether the information might end up in court, because then you can't protect sources and methods.
Yes, exactly. There is an assumption that everything is going to end up in court, and therefore you don't want to risk the exposure of sources and methods.
MODERATOR: But in the case of the Syria JIC, for example, the information is not criminal, so that should not affect the exchange of information.
But when you stop someone who has tried to go to Syria, he can end up in court in the future. You don't know that, but it could be happen.
I am fairly confident when I say that the security classification on a piece of information makes no difference as to whether it will be disclosed in court or not. So you can put the lowest or the highest security classification on information, and if the court wants to see it, the court will see it. Also, it is very difficult to disassociate the security classification that you give a piece of intelligence from the sourcing. I am not quite sure that point has been accepted by everyone here, but if you have a very sensitive source, then you are probably going to classify whatever information you get from that very sensitive source with a very high classification.
There is also—let's be frank—a game that is played when exchanging intelligence with liaisons, with partners: your default setting is to ensure that this information that you are sharing is going to be protected in an appropriate way.Therefore, the likelihood is that you are going to put a high level of classification on it rather than a very low level of classification, even if that information actually doesn't really warrant a high level of classification. You do this also because you want to give the impression that you're giving something that is valuable rather than something they probably could have gotten themselves just from doing a bit of open source research.
You mentioned procedures, so let me give you some ground rules for successful intelligence sharing based on my experience. First, you have to have a "round table." No one is at the head of the table. Everyone is equal. Second, every participant has to be prepared to share all the information. You can't have someone say, "I can't take that or share that." Third, any participant can opt out of an operation, depending on their rules or their abilities. You just have to acknowledge that that is going to happen. But I want to stress that you have to have a round table. You cannot have a hierarchy at that level if you want effective sharing.
Another important thing is to remember that there is over-sharing. If you share everything that comes in, then you are sharing items that aren't good, and then other people won't take your information seriously. So you have to decide what is worth sharing.
But if there is a threat to life, then you have to share. You can caveat it, you can say that you don't think it is credible or that you aren't sure, but you have to share it.
MODERATOR: If the procedures are important, then it's important to know whether they are being followed. How do you do that?
Trust but verify. [Laughter]
MODERATOR: Okay, but what does that mean? How do you verify?
You find out from a bad experience. When a third party provides you with information that you gave someone else, for example, then you know [that the people you gave it to violated the procedures]. You also need to pay attention to how your partners are behaving. Are they professional?
Yes, the reputation of a service matters. Also, countries will want to follow the procedures because if they don't, they risk losing access to information.
Countries also give aid, and in other ways try to build a relationship. Or you give training and so forth, so that gives you some leverage, and it helps reinforce the procedures, makes them common knowledge.
Police forces also sometimes have officers from other departments who work with them, are integrated with them, but that is more difficult for intelligence services to do. That is anathema for an intelligence service.
It seems to me that we have been talking about two very different models that both seem to work. The first is informal, just between two countries or organizations, with few procedures or rules, where personal relationships are very important. The other is formal. A good example of this is the Joint Terrorism Task Force in the United States, usually run by the FBI, where there are more procedures and rules, and personal relationships are not as important; the sharing occurs because of the way the task force is set up.
In Europe, the more formal model is Interpol. The Club of Berne is less formal, maybe.
But if we are talking about sharing between countries, culture and language are important, not just procedures. For personal relationships, culture and language are important.
1. Moscow rules were the unwritten rules of spycraft impressed on U.S. operatives who worked in Moscow during the Cold War. For more, see the International Spy Museum website: http://www.spymuseum.org/exhibition-experiences/argo-uncovered/moscow-rules/
2. A Latin legal term meaning a discussion or procedure done in private.
3. U.S. Army private Bradley Manning (aka Chelsea Elizabeth Manning) was convicted in 2013 of leaking large numbers of classified documents to the website WikiLeaks.