Edward Snowden: Humorous & Shocking Findings from the [Partially Redacted] House “HPSCI” Report


The House Permanent Select Committee on Intelligence (HPSCI) released in December 2016 a partially-redacted copy of its September 15, 2016 report on its, “Review of the Unauthorized Disclosures of Former National Security Agency Contractor Edward Snowden” (“House Report”).

The House Report describes Snowden in the same tenor and tone that the Warren Report described Lee Harvey Oswald: loner, complainer, and general loser.  Yet the House Report, like the Warren Report, also took to task various government agencies for their failures at the hands of the aforedescribed loser.  This uncomfortable balance between ridiculing Snowden yet chiding the spy agencies which he fooled comes across as a tad whiny.  The House Report reveals glaring NSA computer system vulnerabilities which, if this were the FTC investigating private companies, would result in severe sanctions (see here).

The report is here.  It is 38-pages however about one third of it is redacted.

Some curiosities found in the House Report:

  • Snowden’s “broken legs” story as to why he left Army basic training was untrue — he had shin splints.
  • Snowden did not have a GED as he claimed.
  • He “modified CIA’s performance review software in connection with his annual performance review, by manipulating the font.”  No further explanation was provided.
  • There is a security database shared amongst the intelligence community to verify clearance called “Shared Castles” (bravo whoever came up with that name).  You can read up on security clearance, and Shared Castles, here.  Interestingly, Google-searches for “Shared Castles government database” yields remarkably little information.
  • When switching jobs between the CIA and the NSA, the NSA checked the Shared Castles database right away before the CIA (later) updated Snowden’s profile with negative details about Snowden’s CIA performance.  Oops.
  • Snowden allegedly crashed an NSA server with a (Microsoft?) patch.  Oops.
  • Snowden used scraping programs, wget and DownThemAll! inside the NSA system to download 1.5 million documents.  Frightening.
  • NSA allowed its personnel and contractors “who lack a work reason to use removable media” like USB drives.  Frightening.
  • “When he fled Hong Kong, Snowden left a number of encrypted computer hard drives behind.”
  • Snowden called himself “Cincinnatus” when he contacted reporter Glenn Greenwald.  Lucius Quinctius Cincinnatus was a “legendary figure of… Roman manliness and civic virtue.”  You can read about him here.  Surprisingly, the House Report desisted from explaining the origin of Snowden’s handle and further intimating, as the House Report authors liked to do, that Snowden is a bit of a douche.
  • Snowden failed the standardized NSA test on FISA Section 702, the government’s legal basis for spying.  Yet this was the focus of his disclosures.
  • “It is likely Snowden does not know the full contents of all 1.5 million documents he removed.”  This charge was uncited and not supported by further information.
  • Snowden picked his documents from two classified sources — NSANet (seriously?) and the much cooler named Joint Warfighter Information Computer System (JWICS).
  • Years later, the NSA has not implemented several of the (fairly basic) security protocols it said it would.
Application of Law to Emerging Technology (at Florida Atlantic University)

Thanks to Professor Larry Buck for inviting me to speak to his Law in the Real World class  at FAU about the Application of Law to Emerging Technology. We discussed several cases and scenarios where lawyers and judges are called upon to apply longstanding legal principles to emerging technologies, such …

Data Breach
Accessing Someone Else’s Facebook Account in Florida is a Crime

Relying upon a statute which has been amended twice since 1978, it is a crime in Florida to access someone else’s social media account without their authorization.  This likely happens dozens of times a day in this state, likely as a joke or a prank, which have or could lead …

4th Amendment
Can You Record Someone in Florida?

The question of whether you can record someone’s conversation in Florida arises frequently.  The answer lies first in a statute and second on the individual circumstances.  As a general rule, secretly recording someone in Florida is not going to lead to admissible evidence and could get the person who did …