In mid-March, The Cipher Brief spoke with former CIA Acting and Deputy Director Michael Morell about the issue of “unmasking” – the common practice of executive branch officials requesting/receiving the identities of U.S. persons that were incidentally collected in the Intelligence Community’s pursuit of foreign intelligence.

At that time, House Intelligence Committee Chairman Devin Nunes said he had seen intelligence reports showing that communications of President Donald Trump’s transition team had been picked up during foreign surveillance operations.

Nunes, who had been a member of Trump’s transition team, told reporters it was “incidental collection” of the communications during legal, normal foreign intelligence gathering. But, he added, the names of the President and others on the transition team “were clearly put into intelligence reports” that were widely disseminated within the Intelligence Community.

Nunes said he had “confirmed that additional names of Trump transition team members were unmasked,” that is, they were revealed by name. Later, Ranking Member Adam Schiff said Nunes told him in a conversation “that most of the names in the intercepted communications were in fact masked, but that he could still figure out the probable identity of the parties.”

Last week, Barack Obama’s national security adviser Susan Rice reportedly told the House Intelligence Committee that she had indeed asked to unmask the identities of Americans — who were senior Trump officials – surrounding a visit by the crown prince of the United Arab Emirates to New York. Foreign leaders usually inform the U.S. of their intended visit; Prince Mohammed had not done so, and Susan Rice wanted to know why.

Several congressional Republicans – most notably Representative Trey Gowdy (R-SC) – have publicly said they were satisfied with Rice’s explanation and do not believe she violated the law by requesting the unmaskings. However, the requests continue to be described in some commentary as indicative of an alleged abuse of surveillance power of President Barack Obama’s administration. This includes a recent report that Obama’s Ambassador to the UN Samantha Power requested over 250 unmaskings in 2016 alone, a claim Power firmly denies. She will testify next month before the same committee as Rice.

The Cipher Brief spoke again with Morell to discuss this new information, the politicization of “unmasking” and to ask whether any progress had been made on this contentious issue.

The Cipher Brief: What is “incidental collection of U.S. person information?”

Morell: The U.S. Intelligence Community, under a variety of authorities, collects foreign intelligence – that is, where the target of the collection is a foreign national deemed to have information relevant to the national security of the United States. In the pursuit of this collection, the government will occasionally collect information about U.S. persons, defined to be U.S. citizens and U.S. permanent residents. I should note that U.S. corporations are also considered U.S. persons, as are any groups/organizations where a substantial number of members are U.S. citizens or permanent residents.

You will see incidental collection defined as information to, from, or about U.S. persons. But, what this means in more simple terms is that there are really two types of incidental collection. The first type is when two legitimate foreign intelligence targets – two foreign nationals who are deemed to have information of intelligence value – are talking about a U.S. person or persons. They are having a conversation, and they are referring to a U.S. person. Examples would include two foreign intelligence officers talking to each other about approaching a U.S. citizen for recruitment or two senior foreign government officials talking about what they think about a particular U.S. government official.

The second type is when there is surveillance of a foreign intelligence target – a foreign national – and that foreign national happens to have a conversation with a U.S. person. An example would be a targeted, known foreign terrorist talking to a friend who is a U.S. citizen, whether that friend is in the United States or not. Another example might be a targeted foreign government official speaking with a member of a U.S. think tank or a former U.S. government official about what the two think of a particular U.S. government policy.

TCB: In a “disseminated report” how do you handle the U.S. person information?

MM: There is no dissemination of U.S. person information – or any other kind of information for that matter – unless it is deemed to be of intelligence value. If U.S. person information is not deemed to be of intelligence value it must be purged from U.S. databases. If it is disseminated, significant efforts are made to protect the privacy rights of U.S. persons. There are strict, well-practiced rules about all this.

In the first type of incidental collection I mentioned – two foreign officials, for example, talking about what approach they want to take with a U.S. government official, which is obviously of intelligence value – the name of the U.S. person will not appear in the report. The report will say “U.S. person” instead of the name. If there are more than one U.S. person involved, the report will say “U.S. person one,” “U.S. person two,” etc.

In the second type of incidental collection, where the U.S. person is actually part of the conversation, typically nothing that U.S. person says can be disseminated. So that portion of the conversation is protected. The only part that’s disseminated is the foreign intelligence target’s part of the conversation and again, the U.S. person’s identity is protected – “foreign intelligence target X in a conversation with a U.S. person said…”

What I just outlined is true for most U.S. persons. But, for the senior most officials in the U.S. government, like the President of the United States and probably the President-elect of the United States, those names are not protected. In fact, you see intelligence reports all the time with foreign intelligence targets having a conversation about the President of the United States by position or name, and the President is not masked. The same is true for other very senior officials.

TCB: You said “typically.” Can what a U.S. person says ever be disseminated?

Morell: Only under very special circumstances – that are well outlined by the Attorney General – and even then, only to a select group of agencies, usually just the FBI. One example is that the conversation of the U.S. person – what the U.S. person actually says – can be disseminated if there is an imminent threat. That is if the U.S. person says, “I’m going to kill somebody tomorrow,” or “I’m going to kidnap somebody tomorrow,” or “I’m going to conduct a terrorist attack tomorrow.”

TCB: Can a U.S. person ever be the target of intelligence collection?

Morell: Yes, but only if the government obtains a warrant from the Foreign Intelligence Surveillance Court. And that requires probable cause that the U.S. person is acting an agent of a foreign power on an issue related to foreign intelligence – terrorism, weapons proliferation, etc.

TCB: How common is incidental collection of U.S. person information and how often is that information disseminated?

Morell: Very common. Incidental collection happens every day, as does its dissemination. As a CIA officer, I would see several intelligence reports every day that included incidental collection. This should not surprise anyone. Intelligence information deals with, to a significant degree, how foreign governments and foreign entities think about, plan with regard to, and actually approach the United States.

TCB: Would it make sense that there would be more “incidental collection” during a presidential transition?

Morell: Absolutely – because, during a transition, you have targeted foreign nationals talking about not only the existing Administration but also the incoming one and you have targeted foreign officials not only talking with current Administration officials but also officials from the incoming Administration.

Interestingly, this information, if disseminated, would be made available not only to senior policymakers in the current Administration but also to those senior people receiving intelligence briefings in the incoming Administration.

TCB: Tell us about “unmasking.”

Morell: When senior officials in the U.S. government see an intelligence report that say U.S. person one or U.S. person two, they can go back to the agency that collected the information, typically – but not only – NSA, and ask “who is that person?” The requestor has to have a good reason for asking that question, and that reason tends to be that you need the know the name in order to understand the intelligence report.

And there is a process at the collecting agencies to say “yes or no” to the request. I know at NSA, for example, there is only a small number of people there that have that authority; I remember NSA Director Admiral Mike Rogers saying publicly a few months ago that only 20 of his officers could actually approve an unmasking.

And, importantly, when an unmasking request gets approved, it only gets approved for the individual(s) who specifically requested the unmasking. It is not unmasked broadly. It is not as if the intelligence report gets re-disseminated to all customers with the identity of the U.S. person revealed. That does not happen. This is an unfortunate assumption made by some in the media who write about unmasking.

TCB: Is unmasking routine?

Morell: Again, yes, because there are times when you need the identity to understand the intelligence. As the Acting Director and Deputy Director of CIA, I frequently asked for the identity of a U.S. person in an intelligence report, perhaps a couple times a week. And when I was briefing President Bush, I routinely asked for that information on his behalf, even prior to him seeing the intelligence report. I anticipated his need for the information. By the way, in my experience, many IC briefers of very senior government officials ask for unmasking on behalf of their principals before the principal sees the report. I do not see anything wrong with that; this is the IC briefer doing his/her job.

TCB: Some in Congress are arguing that reform is necessary – that senior government officials, when making an unmasking request, should sign a legal affidavit explaining why they need the information. What do you think of that?

Morell: Two issues for me. One, I am not sure what we would be fixing. I don’t see a problem. I have never seen the system abused.

And two, I worry that having to prepare an affidavit would mean that it would not happen – that is, senior officials would choose to forgo the value of the intelligence report than go through a long process of preparing an affidavit. Our national security would be the loser, for no real gain on the privacy and civil liberty front.

TCB: So, how important is unmasking to national security?

Morell: It is important. I can think of instances where a single unmasking was critical to making a difference to our national security. But the bigger point, and more important point, is that without unmasking, many intelligence reports would not make sense. And, the analytic side of the intelligence business is all about putting intelligence reports together in a way that provides insight. Without unmasking, we would get less insight.

TCB: Should this issue be wrapped in the debate over the reauthorization of the FISA Amendments Act, and its controversial 702 provision, which expires at the end of the year?

Morell: No. Does the 702 program produce incidental collection? Yes, but so does almost every other form of intelligence collection. 702 should be dealt with on its merits.