John DeLong on NSA Compliance Systems
At the Senate Intelligence Committee hearing the other day on NSA programs, I talked a lot about the importance and centrality of compliance procedures. And I quoted a quip by NSA's compliance chief, John DeLong, on the subject.
It turns out that DeLong earlier this year wrote an oped about the NSA's compliance procedures in FedTech magazine.
Published by The Lawfare Institute
in Cooperation With
At the Senate Intelligence Committee hearing the other day on NSA programs, I talked a lot about the importance and centrality of compliance procedures. And I quoted a quip by NSA's compliance chief, John DeLong, on the subject.
It turns out that DeLong earlier this year wrote an oped about the NSA's compliance procedures in FedTech magazine. It's brief and pre-Snowden, but it will be of interest to Lawfare readers. It opens:
As almost every chief compliance officer would attest, technology is both a risk and a benefit. But beneath the surface of that maxim lies an even greater truth: Changes in technology often carry the most risk. The National Security Agency is increasingly leveraging technology throughout its compliance program, which allows us to augment — not wholly replace — human safeguards. We use technology to maintain the continuity of our external authorizations, from signed paperwork down to the bits and bytes. We also use technology to record and review our activities, making sure that we follow the laws and policies that guide NSA’s operations. Sometimes, where appropriate, we even embed legal and policy guidance directly into our IT architecture. Implementing overlapping safeguards is almost always a good thing in this arena. And technology is a huge multiplier in the agency’s compliance program, for quality control and for the good of the nation.
Benjamin Wittes is editor in chief of Lawfare and a Senior Fellow in Governance Studies at the Brookings Institution. He is the author of several books.