The failures of the FISA system, both old and new, are not unique. All large systems suffer from these kinds of failures as they age, as new conditions challenge old practices, and as the rationale for processes once cherished is lost in the humdrum of bureaucratic routine. Democrats might prefer to focus on General Motors or Lehman Brothers. Republicans will emphasize the Obamacare website or the Department of Health and Human Services. And almost everyone points to the FEMA Katrina response. Unless one believes that the national-security system has a magical exemption from the dynamics that plague any of these other large organizations, one should expect large and substantial mistakes from the complex interaction between the Department of Defense, the CIA, NSA, and FBI and their various contractors, from Boeing and Lockheed Martin to Halliburton and Booz Allen Hamilton.
Whistleblowing is a central pillar of the way American law deals with these dynamics of error, incompetence, and malfeasance in large organizations. From workplace-safety violations to Medicare and Medicaid fraud to anti-corruption campaigns around the world, we protect and reward those who follow both internal procedures and those who expose abuse to the public. Internal audit and review processes, while important, need the backstop of insiders with knowledge.
But national security is different. There are limited protections for internal whistleblowers, and none at all for those who go to the press. Defenders of that approach argue that the critical nature of national security justifies complete secrecy. But that very critical nature also means that mistakes can have devastating effects, while the secrecy that national-security organizations demand makes them more likely to get stuck in erroneous patterns.
Secrecy disables many of the mechanisms that other systems use to correct failure dynamics. In the public sector, informed and interested outsiders facilitate robust judicial, legislative, or executive oversight. In the private sector, both the stock market and regulators rely on public information and disclosure requirements to punish error, incompetence, and malfeasance. From defective products to poor business judgment, information flow is the critical ingredient of correction. The internal and external information silos that typify national security and the secrecy and mystique of the agencies all disable the standard mechanisms we use to counterbalance the error dynamics of other large organizations. The complexity and uncertainty of the threats the national-security system faces compound the difficulties so that even insiders—to say nothing of outsiders—struggle to evaluate whether an element of the system is working or has gone off track.
Because it is practically impossible for outsiders to check the national-security system, protecting insider whistleblowers is especially critical. The primary goal of 1970s FISA reform was to create a system of “insider-outsiders.” A few select members of Congress (the intelligence committees) and a few select judges (the FISA Court) would represent the normal public-accountability process. But the case of NSA dragnet surveillance showed that these watchdogs were hobbled by secrecy and resource imbalances that made it impossible for them to function as real backstops to abuse. The result was oversight theater: a spectacle of oversight used to lull critics and defuse public demands for reform. Only repeated acts of conscientious disclosure by insiders have brought us close to a public airing of the limits of surveillance.