Recently I considered the differences between American and European understandings of technology in a strategic context. There’s a further wrinkle to be teased out concerning a specific group of Western nations: those that belong to the Five Eyes alliance.

The Five Eyes, an intelligence-sharing arrangement between the US, the UK, Canada, New Zealand and Australia, owes its foundations to World War II. Significantly, cooperation started by sharing intelligence on foreign communications—through interception, collection and analysis, and associated cryptographic tools.

In those days, intelligence-gathering comprised collection by spies (human intelligence) and by interception of communications (signals intelligence). Human intelligence doesn’t scale well, and the use of agents is, typically, life-endangering. In contrast, signals intelligence scales much more readily, and with the US as the pre-eminent global technological hub for many years, the Five Eyes community derived a considerable advantage.

The Five Eyes is, at its core, a trust-based form of technological cooperation. Technologies collect the information, decrypt it and share it among the members—a deep-level enabler of cooperation and action in a competitive world. Once secret, the Five Eyes arrangement has become a public talisman, signifying membership of an elite club defined by technological advantage. Member nations are conscious of being in an inner circle, even within other alliance structures such as NATO, or the US ‘hub and spokes’ arrangement in Asia.

And for good reason. In the post-9/11 environment, the importance of identifying weak signals in an ever-noisier world has increased. And so has Five Eyes governments’ reliance on the technological prowess of their intelligence agencies to counter a growing array of threats.

It’s only reasonable, then, to assume that the Five Eyes partners have a sophisticated understanding of the significance of technology. On the face of it, in terms of intelligence and security, that would appear to be the case. In the cyber domain, intelligence agencies pursue an offensive strategy, ranging from the discovery and exploitation of vulnerabilities for espionage, to active attacks. Advice to the Five Eyes governments on 5G reflected the agencies’ technical know-how.

Yet, information technologies are not inherently pro-Western in their strategic affiliation. They lend themselves to unconventionality and so to the disruption of traditional business models. They’re asymmetric in nature, empowering weaker actors. They’re also dynamic and interconnected so that changes—whether in malware or in spying tools—propagate quickly in the broader environment. But technological advantage can be fleeting, and the democratisation of encryption capabilities means the intelligence agencies have had to rely on legislation to try to shore up their operations in their own backyards.

Long accustomed to the privileges of technological pre-eminence, Five Eyes countries now find themselves wrestling with a new question: is what’s good for their agencies good for them, or do they have a broader set of strategic needs in relation to information technology?

That question isn’t an implied criticism of a strong stance on Huawei or the Chinese government. In fact, it’s the opposite. My concern is that an intelligence- and security-driven focus may deny us a more comprehensive and more effective counter to authoritarian powers.

The challenge here is not to downplay the difficulty of finding sense in Jorge Luis Borges’s Library of Babel. Intelligence and national security agencies still have a strong and urgent mission, but they’re struggling to apply 20th-century business models to a world of infinite data and infinite computational capacity and where the technological centre of gravity resides deep in the civilian world, not in the military or national security domain.

Persisting with a 20th-century security-led view of technology can lead us down some unintended paths. For example, security assumes threat-based models. We can count the ways: coercion (in its many forms), terrorism, cybersecurity, and increasingly interference and subversion. We are learning to fear not only our actual and potential adversaries, but our own systems, and increasingly each other. Our ability to look after own individual needs and security is eroded; instead, we are expected to turn to authority. Aside from the moral hazard that induces, it’s not healthy for our society. It risks pervasive fatalism—what Timothy Snyder calls a ‘politics of eternity’—while encouraging rally-around-the-flag behaviour, undermining our ability to withstand authoritarianism.

A security mindset may limit diversity and natural human messiness. That’s an issue with any system design: it’s easier to build systems for a standardised model of humans, as the Chinese Communist Party well knows. It’s also a reason why many technology systems fail. But activities seen through a narrow lens of security are likely to be assessed by their security utility, rather than for exploration and innovation. That leaves us less able to identify opportunity and technological change and its consequences.

Lastly, a security focus foreshortens the future. It decreases our ability to think and act long term, because the concern is always about the here and now. In the constant now, even the smallest deviation grabs attention, demanding resources. It plays into the same dynamics that drive Twitter. It prevents us from seeing the deep ocean currents and long-term trends.

Decision-makers need to encourage diversity, creativity, and long-term thinking and action. Sustaining the Five Eyes relationship has benefited in the past from that approach. And it will remain a valuable asset to its members. But we would do well to remind ourselves of its limits. We may find, for example, that we need to re-emphasise the human in security and intelligence. And we should remember that security isn’t a substitute for strategy, which frequently demands risk-taking.

In short, Five Eyes countries need to reset their understanding of technology, both to tolerate risk and to appreciate the value of diversity and resilience in their societies and economies.

 

‘With an annual budget approaching $2 billion and about 7,000 staff spread across 10 agencies, it is clear to us that on size alone the Australian Government’s intelligence activities supporting national security are now a major enterprise. They would benefit from being managed as such.’

— Michael L’Estrange and Stephen Merchant, 2017 Independent Intelligence Review

This is the intelligence community that grew. More money. More agencies. More expansion still to come.

Even the ‘community’ nomenclature has expanded to embrace all the collectors and analysts, cops and lawyers, spooks and spies, cyber nerds and cyber warriors, diplomats and accountants, mappers and managers …

Consider the move from six agencies to 10. The original six were/are known as the ‘Australian Intelligence Community’: the Office of National Assessments, the Australian Secret Intelligence Service, the Australian Security Intelligence Organisation, the Australian Signals Directorate, the Defence Intelligence Organisation and the Australian Geospatial-Intelligence Organisation.

The stretch means there’s now a broader ‘National Intelligence Community’, comprising the founding six and the Australian Federal Police, the Department of Immigration and Border Protection, the Australian Criminal Intelligence Commission, and the Australian Transaction Reports and Analysis Centre. There may have to be a recount/rethink, though, because of the 18 July announcement that the government will establish a Home Affairs department to provide ‘strategic planning, coordination and other support to [the] “federation” of independent security and law enforcement agencies’.

When the Home Affairs portfolio is born next year, the heritage usage of Robert Hope’s ‘Australian Intelligence Community’ will give way to the ‘National’ moniker. Perhaps the ‘community’ usage will morph towards ‘enterprise’. The L’Estrange–Merchant review used ‘enterprise’ to express the expansion of the intelligence domain—confronted by threats and embracing larger purposes and interests.

The dollars always tell much. In 2000, the combined budget of the six agencies in the Oz intelligence community was $325 million. By 2010, the figure was $1,070 million. What gets used gets rewarded—and expands. Today it’s a bigger beast, costing $2 billion.

The L’Estrange–Merchant review says that threats and challenges drive the growth: ‘Australia’s evolving national security environment is fundamentally changing the way in which Australia’s intelligence agencies need to operate. It is creating new imperatives for more effective integration and synergies among agencies.’

The ground is shifting and Oz structures have to shift. Yet in growing they must draw closer together. The challenge is to keep what’s valuable while getting better management of a bigger enterprise. That value point was made by the former US director of national intelligence, James Clapper, in commenting on the L’Estrange–Merchant review:

If Australia made no changes to its intelligence posture, it would still have a very competent, professional intelligence community. I have worked with the Australian intelligence community for over 30 years in many capacities, and I can attest to its maturation, sophistication, and tremendous capabilities of Australian intelligence. In the intelligence space, the United States does things with Australia that we do not do with any other ally.

Coming from a different direction in 2014, former Labor defence minister John Faulkner also praised what the Oz intelligence community has done, while warning about the dangers of growth:

In recent years, Australia has benefited from professional and well run intelligence and security agencies; respecting the parliament, the government of the day and our laws. But effective safeguards against the abuse of security powers cannot depend on the personal integrity and quality of the leaders of our agencies. It is the responsibility of Parliament to prescribe safeguards that keep pace with the expansion of security powers.

The challenge in implementing the L’Estrange–Merchant recommendations will be to retain the characteristics that make the community valuable while altering it to make it a more joined-up and coherent enterprise.

Allan Gyngell poses the community-to-enterprise problem this way: ‘Will they preserve the critical distinction between intelligence and policy, so that the products of intelligence collection and assessment aren’t distorted by policy and politics? Probably, but there are dangers here.’

The review spends a lot of space wrestling with various dimensions of these conundrums. For instance, it discusses the shifting balance between ‘strategic intelligence’ and ‘actionable intelligence’. Australia, like its allies, is going to want more ‘actionable intelligence’. In meeting that demand, the risk is that the immediate drives out the long term. Responsiveness has risks. Ministers always want answers, not intelligence community musings on the difference between solvable puzzles and impenetrable mysteries.

The central thought of the review is the need for a greater whole-of-community intelligence structure in Canberra. Michael L’Estrange calls it a ‘stronger centre’. He invokes the familiar language of tackling agency silos and stove-pipes—create a stronger heart at the centre of the federal structure of Oz intelligence agencies. Here is Michael L’Estrange in the last of the five ASPI interviews.

 

Last month, Kate Grayson provided us with a good descriptive analysis of the problems faced by public sector agencies that rely on the Australian Government Security Vetting Agency (AGSVA) to process applications for Top Secret Positive Vetting (TS(PV)) clearances. I’m a big supporter of Kate’s perspective that ‘the long delays in security vetting for some of our key intelligence agencies are clearly unacceptable’. I also think that Michael L’Estrange and Stephen Merchant were on the money in the 2017 Independent Intelligence Review when they recommended that ‘ASIO receive additional resourcing to allow it to second staff to AGSVA as soon as possible’ and that ‘the situation with AGSVA TS(PV) clearances be reviewed in early 2018 to allow time for the current remediation program to have effect’.

Nevertheless, I would argue that Kate’s recommendation to ‘reinstitute the model of individual entities managing their own security vetting based on Australian government policy requirements’ will worsen, rather than remediate, the problem. Decentralisation will do little more than permit contracted vetting service providers to increase the per unit price (which has already risen by 35% in six years—see here and here) of clearances by creating a competitive market with limited suppliers.

To find policy options to address this issue, it’s worth considering the historical and economic factors that have shaped today’s challenges. The backlog has its origins in a series of events starting in the late 1990s from which Australia’s TS(PV) clearance providers have never been unable to recover.

Until the late 1990s, Australia had a rather modest number of public servants and Australian Defence Force personnel with TS(PV) clearances: for the most part those serving in the intelligence community. During that period, processing of TS(PV) applications was generally completed within six months of submission.

In 1999, it was discovered that former Defence Intelligence Organisation (DIO) staff member Jean-Philippe Wispelaere had managed to steal 1,382 classified documents. Then, in 2001, DIO analyst Simon Lappas provided classified documents to a Canberra-based prostitute to sell to a foreign government. Shortly after those incidents, Australia’s TS(PV) process was drastically strengthened with regard to initial clearance and ongoing monitoring of personnel. With precious additional funding, the processing time slowed down markedly under the weight of a major review of all current clearances. By the end of 2002, the average wait time for a TS(PV) clearance had increased to 12 months.

With the September 11 terror attacks, the need for the global exchange of nationally classified intelligence increased dramatically. The 16-year war on terror has increased the numbers of intelligence staff who need security clearances (in 2013–14, more than 33,000 clearances were granted, compared with 15,000 ten years before). At the same time, the number of non-intelligence agency staff with a need to access classified information has grown even more rapidly. That created a second balloon impact on the waiting time for TS(PV) clearances, which is still being felt today.

Following Edward Snowden’s extensive unauthorised disclosure of US classified material in 2013, the TS(PV) environment changed again. In an effort to remediate the vulnerabilities exposed by Snowden, the number of Australians requiring TS(PV) clearances rose dramatically. Furthermore, the requirements for TS(PV) clearances were tightened to align with the minimum standard that our allies would recognise.

The Gillard government established AGSVA within the Department of Defence in October 2010 as a remediation measure. There should be no doubt that over time AGSVA has improved the consistency of vetting practices. Nevertheless, the government of the day’s expectation that ‘centralised vetting would: result in a more efficient vetting process; … and deliver $5.3 million in annual cost savings’ was simply naive when vetting numbers and standards were in a period of rapid change. In a matter of months in 2015, the number of active TS(PV) cases managed by AGSVA jumped by 29%.

The government’s assumption was flawed from the start:

• The initial AGSVA concept didn’t appear to take into account the changes in US policy on security clearance requirements for access to allied information systems.
• AGSVA wasn’t given enough qualified vetting staff to provide remediation or surge capacity to address the existing backlog of clearance applications. In its first three years of operation, AGSVA was forced to increase staff numbers by 23%.
• While AGSVA could do many things, it wasn’t able to remediate the delays caused by incomplete applications or ASIO background checks. One of the most critical, and yet under-resourced, components of the vetting processes involves ASIO staff checking their intelligence holdings for adverse findings against applicants.

The security clearance process relies on having enough appropriately skilled and experienced vetting staff. Even with the centralisation of the Commonwealth’s vetting staff and contractors, there still isn’t sufficient capability to meet the market’s demand for TS(PV).

While I can understand the attraction of a decentralised approach, it’s unlikely to resolve the Commonwealth’s TS(PV) problems, but it will increase costs and imperil the consistency of the clearance system.

The Turnbull government should focus its efforts on providing sufficient resources to key agencies with responsibility for our national security vetting framework, including AGSVA and ASIO. It should also investigate the development of incentives for increasing the number of appropriately qualified vetting staff.

By all accounts, there’s to be another review of Australia’s intelligence agencies in the near future. The ‘major independent review’ will be the third in 15 years and it’s variously reported that the focus will be on cyber threats or the balance between short-term operational counter-terrorism and long-term strategic intelligence or, well, pretty much everything.

I’m not going to hold my breath waiting for a dramatic change to the way Australia’s intelligence agencies are structured. The last couple of major reviews have been disappointing, seemingly more about keeping the status quo and minimising criticism than seriously examining the roles and functioning of the Australian Intelligence Community (AIC). They failed to deliver for quite different reasons, but taken together they show the inherent difficulty in getting to grips with the prickly questions confronting intelligence agencies and the polity they support.

Let’s start with the easier of the two to dissect. The 2011 Independent Review of the Intelligence Community Report (PDF), conducted by intelligence outsiders Rufus Black and Robert Cornall, said essentially nothing. Graeme Dobell bluntly described it as a ‘eunuch report, bowdlerised to the point of banality’. Graeme was right to note that it contained no serious discussion of the question of contestability that was at the heart of the 2004 Report of the inquiry into Australian intelligence agencies conducted by Phillip Flood, a former Director-General of the Office of National Assessments (ONA).

While it’s true that it tackled some of the big issues, including the all-important subject of contestability, the Flood report isn’t beyond reproach either. After all, it followed the biggest intelligence and strategic policy failure of recent times—the invasion of Iraq based on fears of active Iraqi WMD programs. Yet the net result was to recommend more money for the AIC, as well as some organisational changes that (in my view) made contestability less effective.

Flood concluded that the AIC (and its international partners) drew the most likely conclusions from the data at hand

‘… and generally presented them with appropriate qualification. The obverse conclusion—that Iraq did not have WMD aspirations and capability—would have been a much more difficult conclusion to substantiate’.

In fact, a critical reading of the available material shows that the Defence Intelligence Organisation (DIO) was substantially less wrong than ONA, especially in the crucial period immediately before the 2003 war. A 2004 Parliamentary Committee report (PDF) notes that ‘the detailed reports from DIO after the middle of September 2002 remain more sceptical and circumspect than those of ONA in the same period’. (para 2.29) That key difference between the two agencies should’ve been reason enough to give pause regarding the reliability of the assessments. But the Flood recommendations reduced the overlap of responsibilities between the two organisations, making it harder for divergences of views to be observed—the opposite of improved contestability.

So we have reviews carried out by a deep intelligence insider on one hand, and a couple of outsiders on another. Neither of them produced large scale changes, and neither of them served the wider polity particularly well, though the AIC was probably happy enough with both. But it begs the question as to how the government should approach a review of intelligence. If there was suspected widespread misbehavior and lack of accountability, it’d be easy enough—not just one but two Hope Royal Commissions certainly can’t be faulted for having no impact on the AIC. But they produced a robust set of effective oversight mechanisms, and there’s no sense of moral turpitude creeping back into the AIC, so there’s no need to repeat that exercise.

I think there’s a substantial case to be made that some lateral thinking about intelligence is required today. The 24/7 news cycle and the breadth and depth of information available to everyone means that intelligence agencies more than ever are competing for attention and influence. But secrets are still important for some questions, and the ability to blend them with information distilled from huge open-source datasets and produce rigorous assessments is at the heart of modern intelligence. It’s a quite different world than the AIC of the Hope years.

Alan Gyngell, another ex-ONA Director-General, is the tip for this review. He brings vast experience to bear and is a thinker—I get my graduate students in intelligence at ANU to read Gyngell’s thoughtful 2011 speech on the future of intelligence. But it’s hard for someone who has lived the work to step back and suggest hard changes or to identify flaws in well-entrenched practices. On the other hand, as the Black–Cornall report showed, it’s such an arcane business that outsiders have little chance of really getting to grips with profound structural changes.

The best answer might be to borrow a technique that’s sometimes useful in intelligence practice and set up a ‘Red Team’ to conduct the review, with a brief to come in and challenge the status quo. By putting together a team, you could include a former insider, as well as smart outsiders (including, I’d suggest, someone from the cutting edge of information analytics). The danger, of course, is that it’d turn into ‘review by committee’, and come down to a common denominator view that changes little. But that’s what we got the last two times anyway, so let’s give it a shot.

The following is an abridged extract from ASPI’s new report, Gen Y jihadists: preventing radicalisation in Australia, released today.

Australia’s counter terrorism policies cover a vast range of responses, from military operations in the Middle East to community resilience and deradicalisation programs. In ASPI’s Gen Y jihadists report, we recommend nine steps to strengthen the Australian response to defeat terrorists and Gen Y extremist jihadists.

1. Explain the reasons for Australia’s Middle East deployments more persuasively

The strategic drivers of change in the Middle East are seldom publicly explained or related to the purpose of Australian military involvement. The Australian Government should continue the practice adopted in recent years of making regular statements to Parliament about Australia’s military operations and counterterrorism interests in the Middle East, including setting out the strategic rationale for those activities. The government should also engage more directly with online critics of Australian policy.

2. Urgently expand counterterrorism cooperation with key international partners

Australia has a deep interest in working with like-minded countries not only on police and intelligence cooperation but to strengthen policy thinking on domestic counter-radicalisation. Substantial international cooperation already takes place, most effectively with Australia’s Five Eyes intelligence partners—the US, the UK, Canada and New Zealand. But the tempo needs to be stepped up if it’s to address the demands of domestic security in an accelerating threat environment.

3. Set a new basis for collaboration with Australian Muslims

While the majority of Australian Muslims have no sympathy for or engagement with Islamist radicals, the Muslim community must be part of a coherent national response to terrorism. Initiatives to foster resilience within communities, as set out in Living Safe Together, should be continued. We should also recognise that those disengaged and possibly more susceptible to extremism are not likely to listen to community leaders. There’s a need to ensure that attempts to engage at-risk people filter down to the levels of the community where it is most needed, and that these messages will indeed be accessible.

4. Engage schools in a practical discussion about terrorism and counter-radicalisation

As jihadists get younger, our attention must turn to what schools teach and how they manage at-risk students. There’s surely a case to start discussing Australia’s contemporary role in the Middle East—perhaps as a follow-on to studies on Gallipoli, which was also a key strategic challenge a century ago.

Counter-radicalisers say that early intervention is advisable and point to the range of social and healthcare services available to all Australians but, aside from that, thinking about the early intervention roles that schools could play is at a promising but tentative stage. Given the complexity of this issue and the numbers of players involved, a useful approach would be for the Australian Government to raise this issue in discussions at the Council of Australian Governments (COAG).

5. Start a discussion with the media on reporting terrorism

Under its mandate for ‘promoting good standards of media practice’ the Australian Press Council developed advisory guidelines for the use of religious terms in headlines. (APC 2004)

In addition to restating that advice, an updated set of guidelines should consider:

• appropriate terminology to describe ISIL
• handling strategies for using ISIL’s and other terrorist organisation’s propaganda (both violent material and non-violent recruitment videos)
• the suitability of adapting media standards for reporting on suicide and depression to reporting about individuals vulnerable to radicalisation
• the reporting of matters relating to the Muslim community in the context of terrorism.

6. Develop individual case management strategies for at-risk people

The Living Safe Together website points to ‘Intervention programmes [that] may include youth diversion activities, healthcare initiatives, mentoring, employment and educational pathway support and counselling’. This reflects a broadening of the government’s approach to cover counterterrorism mitigation strategies that include social services delivery. This approach offers promising possibilities, but a great deal of additional work will need to be done to define how an intervention process might work, where authority to decide to intervene will reside, and how to handle an individual from the point of intervention.

7. Combat online propaganda

A major ASPI study by Roslyn Richardson, Fighting fire with fire: target audience responses to online anti-violence campaigns, found that government online counter-radicalisation campaigns were unlikely to succeed. Young people were unlikely to trust governments, didn’t regard them as being on the same side, and didn’t consider that CVE strategies addressed issues of most importance to them. The report recommended that governments assist efforts underway within the Muslim community to develop the community’s own alternative online material opposing radicalisation.

This approach needs to be complemented by face-to-face engagement, a process of trust building, recognition of the importance of selecting the right language to describe the problem, and an understanding of the significant differences of attitude that exist within the Muslim community. Where government offers content online, it needs to ensure that this material has the quality, timeliness, reach and attention to language that’s needed to engage and persuade a sceptical audience.

8. Revise the public terrorism advisory system

When our usually classified terrorism threat level and public alert level were both raised to ‘high’ in September 2014, there was some confusion about how the public was supposed to react to the raised alert level, and about the role that terrorism advisories play in our counterterrorism machinery.

Five immediate changes could help. First, collapse the public and classified alert systems into one public alert system. Second, there should be a sunset clause that mandates the expiry of a raised level after six months unless there’s evidence that it shouldn’t be changed. Third, a generic alert level system isn’t appropriate for a country as large as Australia: our terrorism warning system should offer more advice about likely areas at increased risk. Fourth, the language used for terrorism advisories shouldn’t be arbitrary or ambiguous. Finally, a public awareness campaign communicating any changes to our terrorism advisories would be helpful.

9. Explain how government agencies use counterterrorism powers

The Australian Parliament has given law enforcement and intelligence agencies extensive new powers to deal with the terrorism threat. Community support for these powers and actions is essential for maintaining confidence in the existing arrangements and for arguing the case for any future additions or expansions to powers.

Australian governments, through COAG, should promote confidence in our agencies by presenting a 12-monthly public update on the use of counterterrorism powers in Australia. It should present a comprehensive explanation of how and why the agencies have used their powers, and what’s been done in the Australian public’s name to suppress terrorism here and overseas.