The WikiLeaks document dump on the CIA’s hacking division appears to be far more damaging to U.S. spying abroad than threatening to average Americans at home.
This is not the outrageous domestic mass surveillance by the National Security Agency revealed by Edward Snowden in 2013 and rightly curtailed by President Barack Obama and Congress in 2015. The CIA is not legally allowed to operate within the U.S., and the FBI would have to get legal authorization to use these hacking tools against U.S. citizens.
Still, to make sure the CIA isn’t overstepping, it would be worth a congressional inquiry – far more so than the current president’s trumped-up accusations that Obama authorized a wiretap of Trump Tower before the election.
While it’s no secret that the CIA will use any means to gather intelligence, this is apparently the largest leak of its files in history. The trove of nearly 9,000 documents from 2013 to 2016 suggests that the agency has amassed more than 1,000 viruses and other hacking tools to get into smartphones, messaging apps and even Samsung smart televisions to collect text and voice messages before they are encrypted.
Unlike Snowden, WikiLeaks didn’t include examples of how people were targeted, which lessens the damage to national security. The anti-secrecy site also didn’t disclose the actual hacking tools; doing so would be completely reckless.
But WikiLeaks did assert that the CIA purposely didn’t warn Apple, Google, Microsoft and other companies about the vulnerabilities in their products, which would undercut a pledge by Obama to do so. While Apple said its latest iPhone operating software patched many of the flaws identified in the leak, tech companies in the Silicon Valley and elsewhere have to scramble to fix any remaining cracks and reassure skittish customers.
The CIA needs to do its own reassurance – that it has control of its hacking arsenal and that it is adequately vetting employees and contractors with access to such highly classified material. A federal investigation is being launched to find the source of the leak.
Given the history of WikiLeaks releasing embarrassing Democratic emails during the campaign, the timing of this leak is interesting. The president has warred with the CIA, which says that Russian agents gave those emails to WikiLeaks to help him. Trump partisans are already using the leak to attack the agency, focusing on one section that says the CIA can impersonate Russian hackers.
Whatever the fallout from this massive leak, it should be another big red flag: In the digital age, you have to work and live as if your electronic trail might be seen by someone else.
As FBI Director James Comey said Wednesday, “There is no such thing as absolute privacy in America.”