
NSA reviewing deal between official, ex-spy agency head - r0h1n
http://www.reuters.com/article/idUSKCN0I624Y20141017
======
throwawaytime
It's probably appropriate to use a throwaway when discussing this topic, not
as a way of sniping via anonymity, but because the social climate surrounding
this particular topic has gotten so extreme. Those not immediately in
agreement with any anti-NSA sentiment seem to be ridiculed or personally
attacked for their ideas. Such behavior is usually a sign that we're treading
into "What You Can't Say" territory; hence, the throwaway.

As for my comment: I don't understand what's wrong with the arrangement
presented in the article. Would someone please give concrete examples of
(realistic) scenarios where this would be extremely detrimental to the US, or
at least more harmful than the current arrangement of contracting private
firms to perform government work?

Is your position that when the government brings in a whole company from the
private sector to do work, then that's perfectly fine, but when they bring in
an individual, it's not? Why? All of the same safeguards seem to be in play.

Also, having a risk of conflict of interest is different from having a
conflict of interest.

 _He said he understood it had been approved by all the necessary government
authorities, and that IronNet Cybersecurity, not the government, would pay for
Dowd 's time spent with the firm.

Dowd, he said, wanted to join IronNet, and the deal was devised as a way to
keep Dowd's technological expertise at least partly within the U.S.
government, rather than losing him permanently to the private sector._

Seems straightforward to me. The US government needs technically competent
people, and they wanted to keep this technically competent person. The
arrangement was approved by all necessary authorities.

You can hold one of two viewpoints: The NSA is necessary, or the NSA is
unnecessary. It seems pretty hard to argue that it's unnecessary. And if it's
necessary, then surely it's also necessary for them to have highly competent
people. (Would you rather an extremely powerful organization have extremely
competent people, or incompetent people?) So if competent people are being
lost to the private sector, then why _not_ make special arrangements to retain
their talent in some capacity?

~~~
keithpeter
How does another company compete with IronNet?

Will there be a scramble for other highly ranked NSA employees by other
companies in the same line of work?

So I'm viewing this from the implications of the effect on the market rather
than the effect on NSA.

~~~
toufka
Classic capture. Would the government's decisions be biased by knowing that
the financial decisions it makes will directly affect its old (and future)
colleagues? The bureaucracy can buy product A from a random company, or
product B from their old boss's company. And also have some assurance that in
the future, the second company would offer them a job. All the while, product
A is the better product.

This is not nearly to the level of 'constitutional protections' \- but is
instead another indication of the inability to properly regulate an entirely
secret bureaucracy. The NSA has all the failings and issues that any other
large bureaucracy has - however it has difficulty utilizing the common
mechanisms to regulate its less efficient behaviors.

------
revelation
So every piece of paper the NSA touches is classified, and we're told that
even the most innocent dripple of bits of information are vital to national
security.

And here is the CTO working part-time for private companies. I wonder how
discussions with clients at this security consultancy go? "Should we use TLS
for our internal networks?" "Uhh.. let me think about this... uhh.. I think
that's classified".

Right, that is clearly how it will go down.

------
kyledrake
I think it's time to review whether the NSA has done more to harm Americans
than to benefit them, and if so, to begin talks on dismantling the agency.

This isn't political extremism. There have been scores of agencies in the past
that have been shut down due to abuse and mismanagement (including FEMA, which
no longer exists), and what's left of the defunct agencies that still need to
function have been rolled into other agencies (in FEMA's case, the DHS).

For a (completely random and poorly thought out) example, foreign surveillance
could be rolled into the CIA. The Lawrence Livermore National Laboratory has
done some great work on improving cryptography for everyone, and could be the
group responsible for doing that. That said, the private sector seems to be
doing a perfectly good job developing cryptography on it's own.

If they can't do the job correctly, let's find someone that can.

~~~
charonn0
FEMA still exists. It's no longer an independent agency, but it was never
dismantled.

------
snsr
So Patrick Dowd, the NSA's _CTO_ , is actually a part-time employee, and is
moonlighting? Seems that this is at best a conflict of interest.

~~~
smackfu
To be honest, it seems more like he was poached away by this other company,
and the NSA made a deal to keep him part-time instead of leaving entirely.

~~~
higherpurpose
How would that company's pitch go? "Hey, you can trust our services - our guy
_works for the NSA_ ".

Seems insane to me. What's next? The Stingray makers hiring FBI's director
Comey as an "advisor"? You don't see see this as a huge conflict of interest?

~~~
spacemanmatt
The revolving doors between government and corporate welfare businesses work
that way on purpose.

------
matart

      NSA takes seriously ethics laws and regulations at all levels of the organization
    

I think they mean only if the public finds out

------
lotsofmangos
_Dowd, he said, wanted to join IronNet, and the deal was devised as a way to
keep Dowd 's technological expertise at least partly within the U.S.
government, rather than losing him permanently to the private sector._

xkcd, as so often happens in these circumstances, has already illustrated this
problem rather well. [http://xkcd.com/898/](http://xkcd.com/898/)

------
guelo
So Keith Alexander doesn't know shit so he needed a real tech guy and ongoing
access to classified info. Got it.

~~~
taftster
I doubt that many CTO types are "real tech guys." Perhaps at one point, they
might have coded something up once. But CTO's are management first, with a few
noteworthy exceptions.

I think this is more likely two "buddies" rubbing each other's backs.

