James R. Clapper was the director of National Intelligence from 2010 to 2017. In this position, he served as the principal intelligence advisor to the former President Barack Obama.
This is the transcript of an interview with FRONTLINE’s James Jacoby conducted on August 24, 2018. It has been edited in parts for clarity and length.
So the Russian operation in 2016, was it different from anything you’d seen before?
Oh, absolutely. You know, Russians have a long history in interfering in elections – theirs and other people’s. And we have records going back to at least the ’60s where the Soviets were attempting to interfere in all of our elections. But I have to say, as I’ve said in my book [“Facts and Fears: Hard Truths from a Life in Intelligence”], that never, certainly never, had I seen anything as direct, aggressive and as multidimensional as what the Russians did in the election of 2016.
And in terms of multidimensional, how was it that you… What was your process of discovering what was going on if you situate us back in the summer?
Well, the FAQ, you know, frequently asked questions. When was the instant you knew when this was different? Well, there wasn’t any one instant. I mean there was a certain ambient level that we knew, that we anticipated the Russians would be reconnoitering, collecting, that sort of thing. They do that all the time. So I don’t know exactly what the point, the threshold was. I do know, once I learned in late summer that this was directed from the highest levels of the Russian government, meaning Putin. I’ve seen a lot of bad stuff in my 50-plus years in intelligence, but nothing that disturbed me and affected me viscerally as much as this. So all to say, it was a gradual buildup as we gained more insight, better understood as time went on, the multidimensional nature of what they were doing. And that’s kind of late summer into the early fall of ’16.
And what would you put as, I know there might not have been a moment. For instance, were there milestones along the way during that summer?
Well, certainly, when they were reconnoitering state-level voter rolls, for example, for 21, maybe 39 states. I suspect they reconnoitered all 50 states. We just didn’t detect all of it. That certainly was a signal, and of course, the hacking. And as I said, the moment for me was when I learned that this was being directed to the highest levels of the Russian government.
One of the dimensions was social media. And when did it first become clear to you that social media was a part of this?
I don’t know and I think, frankly, we were aware of it. I think we scratched the surface. I say “we” – those that assembled the intelligence community assessment that we published on the 6th of January 2017, meaning NSA, CIA, FBI and my office.
And I don’t recall, I didn’t memorize the exact chronology of when I first heard about social media, but it was somewhere in the summer. But I will tell you frankly that I didn’t appreciate the full magnitude of it until well after I’d left the government.
More generally speaking, as opposed to just the Russians specifically, was social media being weaponized? Was the weaponization of social media something that was already on your radar screen in the intelligence community?
Well, yeah. I mean social media was a major platform for ISIS, for example. Terrorists use it… ISIS particularly [is] very sophisticated in using it for all kinds of purposes: command and control and proselytizing, recruiting, radicalizing people. So the use of social media, from our standpoint, for nefarious purposes is not new.
And do you remember when you first started learning about the Internet Research Agency, when that first came across your list?
Again, no point in asking me exact dates because I have not memorized the chronology of events like people think. I don’t have it up on the top of my head and I don’t have access to records anymore that would reflect that. So no point in asking me when, specifically, did you learn this or that because I can’t answer it. And from sources and methods and tradecraft standpoint, I shouldn’t anyway, even if I did know.
OK. I could ask you just more generally though, was the Internet Research Agency something that was on your radar?
Yeah, it was.
And what was known about it? What was discussed about it?
Well, this is a typical technique of the Russians, Soviets before them, where their intelligence services establish proxies. I mean, they’re always looking for plausible deniability and this is another example of it.
…And the vulnerability of social media as a means for attack or platform for attack, how was it that the intelligence community was able to assess what was going on on social media sites like Facebook?
Again, I’m not going to talk about sources and methods and tradecraft.
U.S. Intelligence And Social Media
…One question is, who is responsible when it does come to social media?
There is no division of effort. All the intelligence components, to one degree or another, exploit social media, primarily for foreign intelligence purposes. Social media was huge, for example, in understanding a lot about what the Russians were doing when they intervened in Ukraine. It was a very valuable source of information. In a domestic context, it gets a little more sensitive from a civil liberties and privacy standpoint. So I always felt this was kind of the FBI’s realm to worry about domestic aspects of social media. At least [in] my own mind, that was sort of a division of effort. So FBI and Homeland Security [are] primarily the components that would be concerned about it. I didn’t engage myself. I didn’t analyze social media myself. I didn’t analyze anything. I had a lot of other people to do that. And I didn’t engage with social media companies. Except once.
Which was what?
Well, it preceded the election campaign. I was part of the delegation headed by Denis McDonough, who was the Chief of Staff at the White House. I think this was ’15 or so. We went out to San Jose, California, and met with providers. Wasn’t the social media, you know, Apple, etc. This had more to do with tracking CT and encryption issues. It was mainly the issue. So it really wasn’t focused on the election, and I was essentially a potted plant. I didn’t say anything.
And what about the Russian effort in Ukraine at the time, the information war essentially they were waging there? Was that a warning signal in terms of what tactics they may use?
I mean, that wasn’t the only application. I said terrorists used social. Everyone, lots of people use social media. And so for the intelligence community, well, it’s just another mode of communicating that holds great potential for intelligence purposes, too.
What, if any, coordination or cooperation existed between the intelligence community and the big technology firms?
It’s not my impression we had a lot of cooperation then. I think my observation, and this is only what I see and read, is it’s improved since then. I mean, there was dialogue and all that. Again, the focus, I think, prior to the election was more the encryption issue.
What were you mostly discussing with the tech community at that time?
I wasn’t discussing. I never had a meeting during the run-up to the election. I had no meetings with the social media companies. I normally wouldn’t do that anyway.
But if people within the intelligence community were coordinating or cooperating…
Yeah, I can’t, I don’t want to talk about that. I don’t think it’s appropriate.
One thing you mentioned about civil liberties or privacy concerns, one of the things we’ve been interested in are the restrictions that the U.S. government has in terms of looking at Americans on social media. Can you just at least…
Well, looking at Americans, period. It isn’t just social media. This is a whole argument that’s bound up in, well, the Patriot Act Section 215, the metadata program formerly run by NSA, or section 702 of the Foreign Intelligence Surveillance Amendments Act. All those programs engage, interact or intersect with the issue of civil liberties and privacy and so it isn’t social media. You know, the whole issue of to what extent do you spy, air quotes, on Americans. So social media is just one more manifestation of that.
And so does that limit the government’s ability to monitor what’s happening on social media?
Well, yeah. It moderates it and that’s appropriate.
But does it leave the responsibility then for finding malicious activity to…
Sure, never met a collection system I didn’t like. And unbridled, it probably could collect more intelligence, but there’s a cost-benefit trade-off there. A good example I can talk about, since it’s been out there, is when NSA decided to give up any “about” collection, in other words, communications about people. And NSA decided that while there may be some intrinsic loss of intelligence that the civil liberties and privacy gains were worth it. So there’s always this trade-off you make in the intelligence business about keeping the nation safe and secure and protecting civil liberties and privacy. It’s a hardy perennial.
Well, when it comes to something like monitoring social media, if the government has its hands tied to some degree, are you then more reliant on the social media companies?
I think we are reliant on [them], and that raises another issue: To what extent can they or will they police themselves? And of course, as we learned, a lot of anonymous communicants [are] on social media and it’s my impression that the social media providers are getting more attuned, more sensitive to that, and are trying to police it up. I’ve said publicly and I still believe that social media companies need regulation. In the 1920s, we set up the Federal Communications Commission to regulate radio and later television – allocate frequencies and also monitor content. We have nothing like that for social media and I think we need it.
And why do we need it?
Well, I don’t know that you can count on the social media companies consistently and comprehensively regulating themselves. I think it needs a light touch. I wouldn’t want to be in charge of writing legislation for this. It’d be very difficult. But I think there does need to be some oversight of what’s out there on social media.
And are you saying this from a national security perspective?
Yeah.
So what sorts of things would they need to be doing or what should be mandated?
Well, I think truth in advertising would help. In other words, if you’ve got ads and this sort of thing, you have to know: Who is this coming from? Is the Russian government paying for this, and [is] this publicized by the Russians or something? I think that would help.
Do you think that the social media companies should have detected earlier what had happened on their platforms?
Yeah, you can do coulda-woulda-shouldas all day long, sure. We should have detected earlier, we should have detected. You can always say that after the fact.
Responsibility For Cybersecurity
…When you mentioned that [these companies are] the first line of defense, is that a worrisome thing?
Well, that’s true across the entire cyberdomain. You know, most of the cyberrealm is not owned or operated or controlled by the government. It’s out there in the civilian world, you know, nongovernment. So that’s a general statement that’s true in many contexts where the government can’t know everything, it’s not omniscient. We’re very dependent from a, just in general, just not this one company, but for cybersecurity in general, to have a liaison with the civil sector.
I think it’s a larger picture question but there was…
As I told you, in my view, we only scratched the surface. You know, this is over a year and half ago and we put this report together in a month. And so we’ve since learned a lot more about it, certainly since I left the government.
Social media was mentioned in the DNI [Director of National Intelligence] report in January.
Yeah, it was.
And so why was it a part of it?
Because we were aware that social media was being exploited by the Russians, particularly with respect to their messaging. You know, they had messages for everybody – Black Lives Matter, white supremacists, Nazis, anti-Muslim, anti-Jew, anti-Mexican. And we knew the Russians were doing that, they were planning that, yeah.
How did you know that at the time?
I am not able to talk about that.
Who in the intelligence community was really charged with understanding the weaponization of social media?
Well, there’s no one person. I mean, I was, and the report we put together, the intelligence community assessment, was a collective effort. So everyone understood it. I think if you want to point to somebody that’s primarily from a domestic standpoint, probably I’d pick the FBI. From a foreign perspective, all the agencies have some role to play in social media exploitation. The Defense Intelligence Agency does, National Geospatial-Intelligence Agency does, CIA does, they all do. But in domestic, it’s a little more sensitive. It’s primarily but not exclusively the FBI.
Do you look back and think that the proper resources and understanding were there in terms of the ability to launch information?
Well, I think we have a much better understanding of that now over a year and a half later than we did then. Yeah, certainly. I mean, [if] you want to get some insight into this, read the two indictments that [Special Counsel Robert] Mueller put out: the one in February on the Internet Research Agency and the more recent one last month, I guess, indicting the 12 GRU [Russian foreign intelligence agency] officers. So [if] you want to get some insight that’s out there in the open on how all this worked, read those two indictments.
In the Mueller indictments, it talks about operations going back to 2014. Considering this is public knowledge now because it’s in the Mueller indictments, were some of the details of the Russian information operations known to the intelligence community as early as 2014?
Yes.
And so some of those details in the Mueller report were about the Internet Research Agency. Were those known at the time in 2014?
I’m not going to talk about that. And I can’t really go back and reconstruct retrospectively when certain people in the community had gained certain awareness. I don’t know.
… And when you say “it only scratched the surface,” it seems like you knew more than you actually let on.
Well, we knew more than we let on in the unclassified version of the… There was more than one version of that assessment put out; the findings and observations were identical in all versions. And so the shortfall in the minds of many in the unclassified version [was] we didn’t have a lot of substantiating information. Well, duh. We spent billions of your taxpayer money gaining these accesses. So obviously, we’re not going to compromise them then and I’m not going to compromise them now.
Are you able to talk at all about whether, before the report, there was cooperation or discussions with the social media companies?
Again, I’m sure there were. I didn’t participate in them directly.
U.S. Intelligence And Disinformation
…So was the government caught flat-footed by that campaign, the social media campaign here by the Russians?
What do you mean by flat-footed?
I mean, Senator [Mark] Warner told us he felt like the intelligence community writ large was caught flat-footed by that aspect of the Russian…
Well, I probably wouldn’t agree with that. Did we have a comprehensive, detailed understanding like we have today? Probably not. But it’s one of the crosses intelligence has to bear. People think that all knowledge on a given issue is revelatory instantly. And it isn’t. And certainly, when you have the benefit of 20/20 hindsight, you go back and say, well, you didn’t know as much as you should have the first time you discovered this. OK. Next.
…Why did you put out the DNI report?
Because the president [Obama] told us to.
And what was the reason he had for doing it?
He wanted us to assemble all of the reporting that we had on the totality of the Russian interference in the election of 2016, get it into one document. He wanted to hand it off to the Congress, to the next administration, and he directed us to declassify as much of it as possible to get it out to the public and do it before the end of his administration.
And what was the expectation of what would be done with that information?
Well, that people would be duly alarmed about it and would take action to thwart future efforts to interfere in our political process. That was the expectation, both by the administration and the Congress.
And what’s your assessment of our preparedness now as opposed to pre-2016?
I think it’s probably uneven and I think what’s missing here is the galvanizing effect of leadership from the Oval Office: a public and clear and unequivocal affirmation of the nature of the threat. And you know, it isn’t just an inner-governmental challenge, it is an inner-society challenge, and there’s sort of a void of leadership, in my view. So I don’t think we’re as prepared as we need to be or could have been.
Responsibility For Cybersecurity
In terms of companies like Facebook, are they still the first line of defense in terms of election integrity when it comes to…
Well, for social media, sure. Interference with voter registration rolls and that sort of thing is not the responsibility of social media companies.
You gave a speech in Australia recently and you basically said that social media needs to take more responsibility and they need to do filtering and things like that. Can you just elaborate? What do you mean by that?
Well, as I said before, truth in advertising would be helpful. Where is this stuff coming from – either domestically or from a foreign source? And the problem is the assault on truth in this country, and it isn’t just social media, but that contributes to it. And certainly, the Russians exploit that. And so these conspiracy theorists and conspiracies are out there that many people buy into. The bigger issue is getting people to understand what the Russians particularly do, and not to believe everything you read, see or hear on the internet. And we have a problem with that in this country.
So the responsibility then for the company is what?
Well, it’s not all the company’s responsibility. That’s why I say I think there needs to be some government oversight of this to ensure that the government… I mean you listen to Zuckerberg and others when they testify. “Yeah, we’ll take care of it all.” Well, I’m just not fully confident that on their own they’ll do that.
Why not?
Well, there are business considerations. Facebook’s made a lot of money exploiting data that they collect. And I think they’ve been very concerned with that and perhaps not as much focused on: Hey, where’s this stuff coming from? Who’s doing this? Who’s paying for these ads? And there needs to be more oversight of that. And to the extent that the companies will regulate themselves, great.
Facebook’s been in the business, as you said, of gathering a tremendous amount of data and essentially surveilling their users. Do you see that as a major vulnerability in terms of national security?
Well, people get all anxious. There’s great anxiety about the government monitoring behavior of people. Well, electronic behavior. Yet, these companies do far, far more than the government does with our personal data. People ought to think about that.
What’s your concern about that?
Well, I mean, it’s invasion… If they’re using my data and exploiting that and making money from it, that to me is bothersome.
Do you think that the more data that’s put out there about people or that’s known about people, the more easily they can be manipulated?
Oh, sure. And in this day and age everybody’s got an electronic signature. So you’re giving up your privacy if you have an iPhone, by definition. If you communicate on the internet, you’re giving up your privacy. That’s a fact.
In any sense, do you think of a company like Facebook as a private intelligence agency?
Well, it could be. I mean, philosophically, they kind of do what intelligence elements do. I mean, they collect, they analyze. They try to draw conclusions from what they collect and analyze. So that, in a general sense, is what intelligence does.
Yet, they don’t have the restrictions that…
That’s right. That’s right. They don’t have congressional oversight or all the other mechanisms that have been established to ensure what the intelligence community does is legal, moral and ethical.
And that’s of concern to you?
Sure. As a citizen. Yeah.
And what about as a national security risk in terms of…
Well, it can be, as we’ve seen, when the Russians exploit that. You know, so much of the world’s IT or telecommunication system is U.S.-dominated. So when foreign countries or foreign entities, either nation-state entities or non-nation-state entities, exploit the internet for nefarious purposes, it’s not a good thing. And like all technology, [it’s a] two-edged sword. It’s great for mankind and, if abused, it’s bad for mankind. And so it is with the internet.
…I just wanted to know, did the intelligence community in any way warn companies like Facebook to look out for…
I’m sure the FBI did. I didn’t personally, if that’s what you’re asking. I didn’t call up Mr. Zuckerberg and say, “Hey, watch out, buddy.” I didn’t do that, if that’s what you’re asking.
No, but you think that the FBI did?
I, I… You’d best ask them.
And that was an appropriate… I mean, that’s an issue that comes down to preparedness, right? It’s more an issue of: Were these companies warned to be on the lookout for Russian operatives, fake accounts?
Well, I’m sure they did but I’m not sure to what extent their ability was to… I mean, the Russians are pretty sophisticated about this stuff. And I’m not sure about what their ability was at the time contemporaneously to discern this stuff. So I’m not in the market to say, well, we, the government, told them they didn’t do anything. Well, it gets down to how do you actually detect that activity and with certitude that, hey, this is the Russians? And I don’t know the chronology within each of the companies.
Right. And so that’s part of what we’re looking at, too.
I don’t know how much expertise they devoted to it, how many people. I don’t know any of that.
And do you think that that’s something that the government should mandate, I mean, if they are indeed the first line of defense and there is a major threat of foreign influence campaigns here?
Yeah, yeah. I think there should be some minimum standards that are established and that you’re assured that they’re in compliance with monitoring particularly foreign nation-state source information that could be completely phony. Yeah.
How would you have assessed their preparedness to deal with this threat?
Well, I guess in retrospect it wasn’t as good as maybe it should’ve been, because in a perfect world there wouldn’t be any of this. We wouldn’t have had any Russian activity on the internet or on social media. So against that standard, well, I guess none of us were prepared.
And what about now? Do you think that we’re better prepared now in the midterm elections?
Well, I think there’s a lot more awareness, obviously, than there was a couple years ago and that’s important. And I think at the federal level, each government entity that’s involved – you know, FBI, DHS, whoever, NSA – probably [has] done a lot. I have no real good insight into the state [level]. I would guess based on what I’ve seen in the past, it’s uneven from state to state what they’ve done to secure their voter apparatus. And it would certainly help if we had more assertive leadership about this – a clear, unequivocal statement [that] the Russians pose a profound threat to this country… Russians aren’t going to stop. I mean, this is never going to be the perfect mousetrap. They’ll always find another way to do it and I’m quite sure the Russians have gone to school on their tradecraft to ensure, to make it harder for us to detect their presence, make it harder for the social media companies and the government.
Countering Russian Disinformation
…So you’d feel comfortable [developing a more powerful information branch of the U.S. government]?
Well, I think if somebody that would help, could help [to] systematically, comprehensively discern when we’re being messaged, when foreign entities are exploiting our divisiveness. That’s the other problem here. You know, we’re such a ripe target for that sort of thing and the Russians know that and they exploit it.
And there needs to be a counter to that – you know, our own Internet Research Agency, if you will. I don’t know what, but something like that where we’re just not on the defensive and reacting all the time or we’re giving others something to react to.
What do you mean, “We’re ripe for that here”?
Because of the polarization in this country. So the Russians exploited that divisiveness, that polarization, as I said earlier, because they had messages for everybody to exploit – Black Lives Matter, white supremacists, gun control advocates, and gun control opponents. It didn’t matter. They had messages for everybody.
Did you think that was a pretty sophisticated campaign?
It was. And in my book I make the point. My informed opinion is that I think they turned the election because of it.
By drumming up this divisiveness?
Well, the election was decided on 80,000 or less votes in three states. And I believe the Russians did a lot to get people out to vote who wouldn’t have, and galvanized [them] because of the polarization and the divisiveness. [The Russians] exploited those issues and it helped the appeal of Donald Trump. And there’s a striking parallel between what the Russians were doing and saying and what the campaign was doing and saying. I’m not saying collusion. I make that clear in the book. But there’s striking similarities and parallels thematically between the campaigns, particularly when it came to Hillary Clinton.
And the role that social media played in that was what?
It was huge.
originally posted on pbs.org
