Purdue University Completely Freaks Out Because Bart Gellman's Speech Shows Classified Snowden Docs Already Seen By Millions
from the academia! dept
When Ed Snowden first gave his cache of documents to reporters, there were two sets handed out. Most famously, one set went to Glenn Greenwald, Laura Poitras and Ewan MacAskill, who went to Hong Kong on behalf of the Guardian. And the other set went to Bart Gellman, who wrote up reports on them (technically as a freelancer) for the Washington Post. Yesterday, Gellman wrote about a crazy story in which Purdue University absolutely freaked out, after it realized that Gellman gave a keynote speech -- for an event organized by the University President, and which Gellman had been specifically asked to give -- that showed some of the previously released Snowden documents during his presentation. Despite promising Gellman that the talk had been recorded and a link and a copy of the video would be sent to him, instead, Purdue ended up deleting the whole thing and basically stopped responding to him.The reason? Apparently Purdue has a deal with the US government, in order to perform classified research on behalf of the government. To do this, the university had to get "facility security clearance." And, in order to keep that status, it has to abide by certain rules on "classified information spillage." Apparently, some at Purdue decided to overreact entirely, which Gellman discovered as soon as the Q&A section opened up:
If I had the spider sense that we journalists like to claim, I might have seen trouble coming. One of the first questions in the Q & A that followed my talk was:And all of that apparently set off a chain reaction where some people freaked out and alerted Purdue's "Information Assurance Officer" who then told Purdue's representative at the Defense Security Service, leading to an escalation that resulted in a DELETE EVERYTHING FREAKOUT. Of course, once Gellman published his blog post making Purdue look silly, it quickly backtracked:"In the presentation you just gave, you were showing documents that were TS/SCI [top secret, sensitive compartmented information] and things like that. Since documents started to become published, has the NSA issued a declass order for that?"I took the opportunity to explain the government’s dilemmas when classified information becomes available to anyone with an internet connection. I replied:"These documents, by and large, are still classified. And in many cases, if you work for the government and you have clearance, you’re not allowed to go look at them…"By way of example, I mentioned that the NSA, CIA, and Office of the Director of National Intelligence “have steadfastly refused to give me a secure channel to communicate with them” about the Snowden leaks. Bound by rules against mingling classified and unclassified communications networks, they will not accept, for example, encrypted emails from me that discuss Top Secret material. In service of secrecy rules, they resort to elliptical conversation on open telephone lines.
"Now, it’s perfectly rational for them to say, we’re not going to declassify everything that gets leaked because otherwise we’re letting someone else decide what’s classified and what’s not. But it gets them wound up in pretty bad knots."
My remarks did not answer the question precisely enough for one post-doctoral research engineer. He stood, politely, to nail the matter down.“Were the documents you showed tonight unclassified?” he asked.
“No. They’re classified still,” I replied.
“Thank you,” he said, and resumed his seat.
In an overreaction while attempting to comply with regulations, the video was ordered to be deleted instead of just blocking the piece of information in question. Just FYI: The conference organizers were not even aware that any of this had happened until well after the video was already gone.We've talked about this a few times before, and the head in sand approach the government takes to pretending that publicly available leaked classified information is still secret. Government employees are regularly told they cannot look at such documents even if those documents are splashed across the pages of the Washington Post, the NY Times or other news sources. The rationale for this is that it takes away at least some incentive for people to force declassification by leaking documents. But it doesn't really. It just makes everyone look foolish. In the business world, most standard non-disclosure agreements include a clause that says that if the material becomes public through other means, the agreement no longer applies. It's ridiculous that the same is not true for classified information as well.
I’m told we are attempting to recover the video, but I have not heard yet whether that is going to be possible. When I find out, I will let you know and we will, of course, provide a copy to you.
Perhaps even more ridiculous is how the University responded to Gellman's questions prior to him posting the blog post about Purdue's overreaction:
I left word for Mitch Daniels, the former Indiana governor who became Purdue’s president two years ago. Daniels had introduced my talk and asked me to speak again for guests at a dinner he held that night. He was a delightful, well-read and open-minded host, but he has not returned my messages either. I sent one last note, detailing my main points here, to Purdue’s assistant vice president for strategic communications. I’ll update with her reply if she sends one.Except when his own university overreacts. Gellman also notes that this suggests that this whole situation speaks ill of Purdue as an institute of higher learning:
The irony is that the Dawn or Doom colloquium was Daniels’s own personal project. Two of the organizers told me he is fascinated by the contradictory responses – from celebration to alarm – that tend to accompany big technological advances. He proposed to convene Purdue faculty members and leading national experts to explore the risks and promises of artificial intelligence, robotics, and Big Data surveillance, among other developments.
In his own view, Dawn or Doom is not a hard question. Daniels and I chatted about that theme as we stood in the wings off stage, shortly before my talk.
“The answer always turns out to be, it’s dawn,” he said.
Purdue has compromised its own independence and that of its students and faculty. It set an unhappy precedent, even if the people responsible thought they were merely following routine procedures.The backtracking now that the university is embarrassed is better than ignoring the issue, but it's ridiculous that it got this far in the first place.
Think of it as a classic case of mission creep. Purdue invited the secret-keepers of the Defense Security Service into one cloistered corner of campus (“a small but significant fraction” of research in certain fields, as the university counsel put it). The trustees accepted what may have seemed a limited burden, confined to the precincts of classified research.
Now the security apparatus claims jurisdiction over the campus (“facility”) at large. The university finds itself “sanitizing” a conference that has nothing to do with any government contract. Where does it stop? Suppose a professor wants to teach a network security course, or a student wants to write a foreign policy paper, that draws on the rich public record made available by Snowden and Chelsea Manning? Those cases will be hard to distinguish from mine.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: barton gellman, classified information, facility security clearance, head in sand, speech
Companies: purdue university
Reader Comments
The First Word
“This isn't the first time that Purdue caved in like this
In November of 1988, when the Morris worm hit, we at Purdue's Computing Center (and everyone else) were all scrambling to understand what happened, how it happened, what its consequences were, and what we could do about it.On Friday, 11/4/1998 at 2:32 PM I sent a message out to the temporary "phage" mailing list (established by Spaf) detailing some of our findings and explaining the "condom" fix that my colleague Kevin Braunsdorf and I had figured out the day before. I also mentioned that I'd run a copy of the worm's object code through "unas" and made it available via anonymous FTP on one of our servers -- so that it'd be available to everyone else working on the problem.
On Wednesday, 11/9/1988 at 5:44 PM, I was notified that the above-mentioned file had been removed...at the request of the NSA, who had contacted the university's president, who had contacted the director of the computing center, and so on. To be fair: I was told that the request was "polite" and the person who removed the file clearly stated in his message that he had mixed feelings about doing so. He was obviously put in a difficult position by those above him and arguably exercised the only reasonable option available.
The irony of this is that the worm had propagated itself all over the 'net; and anybody equipped with a copy of Matt Bishop's "unas" could have easily replicated that file in a few minutes by running unas against whatever instance of the worm was present on their own systems. (And in fact other researchers had, by this point, performed much more competent and thorough dissections.) So the deletion of this particular file accomplished absolutely nothing.
The pushback should have come from Purdue's president (Beering, at the time) -- but it didn't. I've never forgiven him for that. He did a great disservice to the entire university community that day when he failed to stand up for research and academic freedom.
So I'm very disappointed -- but not surprised -- that Purdue is willing to play along with the charade wherein openly-published documents are still magically secret.
Subscribe: RSS
View by: Time | Thread
What a trade
[ link to this | view in chronology ]
Which is precisely why Purdue, nay, every American, isn't overreacting in these situations.
Between overzealous prosecutors (both state and federal) and any law enforcement agency itching to shoot first and ask no questions later, this reactionary (and protectionist) fear is completely justified.
Gellman shouldn't have taken this path. Instead, he should have shown how it's a clear example of instilling fear by government abuse.
Journalist gets 25 years for "password hacking". Aaron Schwartz took his own life. Snowden is a traitor, not a Constitution defender.
If these few examples don't give a valid reason why Purdue is justified in its actions, well, someone isn't paying attention to the abusive roles authorities are using to quell the information, public or not.
[ link to this | view in chronology ]
Re:
Rosa Parks or another just like her had to stand against authority to make a change.
Likewise, there will be no change if people are cowed and then followed by cowards commending, justifying, or supporting that action.
The People, do get the government they deserve!
[ link to this | view in chronology ]
Re: Re:
I assume this was sarcastic in nature because otherwise it is completely ridiculous.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
I think a lot of things about advertising's ubiquity these days, but "terrorist attack" is seldom one of them. This is a great, "Go ahead, shoot the other foot now!" moment. Government functionaries appear to have been infected by the Suicide Squad propensities of "Life of Brian", or the Dodos in that cartoon about mastodons, lemurs, and sabretooth tigers. It'd be funny if they weren't armed to the teeth while doing it.
[ link to this | view in chronology ]
Re: Secret for you!
The Soviet Missile Defence officer looks shocked, points to the Soviet navy brass and says - "you can't tell *them* that - it's classified and they're not cleared to know it!"
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
Nothing says "be free to think for yourself" like a government agency controlling a good portion of your budget.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
"In an overreaction while attempting to comply with regulations, the video was ordered to be deleted instead of just blocking the piece of information in question. "
They'd do 25 years for "destruction of evidence".
[ link to this | view in chronology ]
chmod go-r $blah
Yet this is a university. Did no-one even consider sequestering the information far locked away from public eyes while this tempest morphed into little more than a dewey, foggy morning mist? There's an IT/CS faculty at Purdue, isn't there, and no-one considered consulting them?
It's bizarre watching this happening in the former home of the free, land of the brave.
[ link to this | view in chronology ]
Perfectly rational? Not.
But in that case someone else has already decided what's classified and what's not.
To pretend otherwise is to deny reality. Not a good strategy for anyone with actual opponents.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
This isn't the first time that Purdue caved in like this
On Friday, 11/4/1998 at 2:32 PM I sent a message out to the temporary "phage" mailing list (established by Spaf) detailing some of our findings and explaining the "condom" fix that my colleague Kevin Braunsdorf and I had figured out the day before. I also mentioned that I'd run a copy of the worm's object code through "unas" and made it available via anonymous FTP on one of our servers -- so that it'd be available to everyone else working on the problem.
On Wednesday, 11/9/1988 at 5:44 PM, I was notified that the above-mentioned file had been removed...at the request of the NSA, who had contacted the university's president, who had contacted the director of the computing center, and so on. To be fair: I was told that the request was "polite" and the person who removed the file clearly stated in his message that he had mixed feelings about doing so. He was obviously put in a difficult position by those above him and arguably exercised the only reasonable option available.
The irony of this is that the worm had propagated itself all over the 'net; and anybody equipped with a copy of Matt Bishop's "unas" could have easily replicated that file in a few minutes by running unas against whatever instance of the worm was present on their own systems. (And in fact other researchers had, by this point, performed much more competent and thorough dissections.) So the deletion of this particular file accomplished absolutely nothing.
The pushback should have come from Purdue's president (Beering, at the time) -- but it didn't. I've never forgiven him for that. He did a great disservice to the entire university community that day when he failed to stand up for research and academic freedom.
So I'm very disappointed -- but not surprised -- that Purdue is willing to play along with the charade wherein openly-published documents are still magically secret.
[ link to this | view in chronology ]
Eating the sizzle not the steak. Where ARE the "Snowden documents" for more than two years now? Cryptome still keeps a tally:
https://cryptome.org/2013/11/snowden-tally.htm
[ link to this | view in chronology ]
Re: Eating the sizzle not the steak. Where ARE the "Snowden documents" for more than two years now? Cryptome still keeps a tally:
I wonder how eating ones vegetables in order to get desert works into this metaphore?
[ link to this | view in chronology ]
Eating the sizzle not the steak. Where ARE the "Snowden documents" for more than two years now? Cryptome still keeps a tally:
https://cryptome.org/2013/11/snowden-tally.htm
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Perdue calling themselves a university is dishonest
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Irony alert
Time for FIRE to take another look.....
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
They know, but don't care
http://archives.chicagotribune.com/1990/03/30/page/6/article/nude-painting-of-purdue-presiden t-is-off-the-wall
[ link to this | view in chronology ]