Intelligence sharing, according to the US Department of Homeland Security (via. Wikipedia) is “the ability to exchange intelligence, information, data, or knowledge among Federal, state, local or private-sector entities as appropriate.” To this US-centric definition, Wikipedia adds “Intelligence sharing also involves intergovernmental bilateral or multilateral agreements and through international organizations. Intelligence sharing is meant to facilitate the use of actionable intelligence to a broader range of decision-makers.”
In the real world, however, intelligence sharing is, most of the time, an opaque process that lacks effective oversight and control.
One example of a completely out-of-control intelligence sharing operation is revealed in Edward Snowden‘s leaks. In the leaks there are documents that shed light on the fact that the NSA has been collaborating with intelligence agencies from 33 other countries at the time of the leaks. Were all those agreements between the parties of this network established following transparent procedures by democratically elected bodies? Given the parties involved and what we’re about to find out below, the answer is most likely “No”.
In Romania, the intelligence services were flatly denying any intelligence sharing with the NSA: “There was never any secret accord or protocol or deal between SRI, as the national authority for communications investigations and the NSA” was what then SRI (Romanian Intelligence Service) director George Maior was claiming. At all debates on various privacy-shredding SRI-supported bills, whenever their authority was contested by reasons of them being a militarized and completely opaque organization that is beyond effective oversight, they were always defaulting back to the position that they are overseen by a democratically elected body, namely the parliamentary SRI oversight committee. Replies that the parliamentary intelligence oversight committees were less intelligence oversight committees and to a much larger degree intelligence cheerleading committees were falling on deaf ears.
But, to paraphrase the Buddha, “three things cannot be long hidden: the sun, the moon, and the truth”. At the end of 2017, as a result of a open letter to the Romanian parliamentary intelligence oversight committees which was sent by the Association for Technology and Internet and Privacy International, the SRI parliamentary oversight committee gave a much more candid answer than anybody was expecting.
We find out that the committee can ask for access on anything, and the service is compelled to respond, but only if it is not about “the documents, data and information related to intelligence activities concerning national security which are currently taking place or which will be taking place in the future, considered as such by the Committee, at the recommendation of the Supreme Defence Council, as well as the information which could lead to breaking of the cover of operatives, to the identification of sources, of concrete methods and means of work used in intelligence gathering, to the extent that these do not infringe on the Constitution and standing legislation.” This isn’t even that big of a revelation, given that this is an excerpt of the regulation outlining the authority of the intelligence oversight committees – which is little to none when it comes to relevant current activities of the intelligence services. But that is not all. We find out that “[…] concerning the access of the Committee’s members to relevant information regarding state intelligence sharing, given its purview and the concrete situations which came to the attention of the Committee, these informations can be obtained upon request and with the accord of the involved parties.” So oversight happens only if “the involved parties” agree.
Then we find out that “the Committee’s competences are exercised only in relation to the SRI, not in relation with the Government/State. As a consequence, there is no general mandate given to the Committee to perform an independent control of the intelligence sharing activities of the Government/State.” – so it seems that the SRI parliamentary oversight committee publicly states that the intelligence sharing activities of the SRI flat out lack any oversight whatsoever.
Finally, we find out that “Intelligence sharing between SRI and partner intelligence services from other countries are done according to the rules established through cooperation protocols between SRI and similar foreign organizations, while respecting established norms.” If the previous quote may have not been clear enough, this one puts the issue to rest, clearly stating that the terms of all intelligence sharing agreements entered by the SRI are are completely at the latitude of the SRI and their partners, without any oversight, democratic or otherwise apart from “respecting established norms”. They could have skipped the “respecting established norms” altogether and it wouldn’t have made any difference.
So it seems that all those “crazy” people complaining about the lack or oversight weren’t, in fact, paranoid. They were just reading between the lines correctly.