SIDtoday 2009-06-15: NSA’s Changing Counterterrorism Relationship With India
Mar. 1 2018 — 5:02p.m.
DYNAMIC PAGE -- HIGHEST POSSIBLE CLASSIFICATION IS TOP SECRET // SI / TK // REL TO USA AUS CAN GBR NZL (S//SI//REL) NSA's Changing Counterterrorism Relationship with India FROM: (S//SI//REL) Country Desk Officer for India (DP12) Run Date: 06/15/2009 (S//SI//REL) Editor's introduction: NSA has been working in recent years to strengthen its Third Party relationship with India, especially in the area of counterterrorism (CT) -- a development that holds much promise. Here's the story of how this relationship has grown: (S//SI//REL) When terrorists struck the port city of Mumbai (pictured) in late November 2008, NSA swung into high gear. Many employees, some already away for Thanksgiving, were recalled. NSA's efforts further intensified when Westerners, including Americans, were targeted and killed. (U) Leopold Cafe, scene of an attack in Mumbai, India in 2008 (U) Early Steps (S//SI// REL) Although the exact sequence of events may not be fully understood for years, deliberate actions occurred over time that prepared NSA to respond vigorously to Mumbai. The first, arguably, was 9/11. Following that event, India approached NSA about a CT relationship and NSA subsequently began an information exchange with India's Research and Analysis Wing (RAW) in 2002. (S//SI// REL) Four years later, in 2006, sharing from RAW mainly consisted of intelligence summaries, aperiodic lead information and a yearly CT conference. NSA shared threat warnings, intelligence reports and lead information especially in response to threat streams. The SIGINT Liaison Officer (SLO) and RAW CT Chief had infrequent contact; meetings could take two or more weeks to schedule (see related article). This was clearly progress, but there was still room for improvement -- particularly at the analytic level. (S//SI//REL) SSPAC Leads to Progress (S//SI//REL) At the same time, DIRNSA and the rest of the US government wanted to take steps to improve relations with India. India is, after all, a successful democracy with a population of over a billion, a booming economy and an enormous army. It also borders China, Pakistan, Myanmar (Burma), Bangladesh, Bhutan and Nepal. In 2007, DIRNSA discussed the possibility of inviting India to join the SIGINT Seniors Pacific (SSPAC) multilateral forum* on CT. NSA felt strongly that India's participation in multilateral intelligence-sharing would help mature its Indian SIGINT agencies as well as provide regional CT expertise. (S//SI//REL) Following a unanimous vote among SSPAC members, DIRNSA, the SIGINT Director, Director of Foreign Affairs and DIRNSA's equivalents from Singapore and New Zealand, traveled to New Delhi in March 2008 to issue the SSPAC invitation to India's National Security Advisor (INSA) and leaders of NSA's Indian intelligence partners.** India formally accepted the SSPAC invitation in June 2008 during a DNI visit to Delhi. The results have been positive: RAW is now a regular contributor of SSPAC information reports and NTRO has also begun sharing bilaterally, and occasionally via SSPAC. RAW has produced the highest volume of reports for SSPAC next to the U.S. and its information has garnered positive feedback from multiple SSPAC members.
(S//SI//REL) First NSA Deployed Analysts Board Planes for India (S//SI//REL) Upon returning from Delhi in March 2008, the SIGINT Director immediately made plans to send a series of CT deployed analysts (CTDAs) to India for 2-3 month periods. (S//SI//REL) Since May 2008, NSA and RAW had been communicating over a rash of terrorist attacks that took place in the Indian cities of Jaipur, Bangalore, Ahmedabad, New Delhi and Guwahati. NSA also provided timely warning regarding an attack on India's embassy in Kabul. (U) Sharing of More Sensitive Intelligence Begins (S//SI// REL) By the time terrorists struck Mumbai, NSA's relationship with the INSA and RAW had matured to the point that NSA was willing to share specific TOP SECRET information with India. CT sharing after Mumbai included phone and fax numbers, e-mail addresses, voice and language identifications, voice cuts, lead information and interrogation reports. The CTDA and CIA Station delegates also held multiple meetings with RAW in the weeks after Mumbai. (U) A Problem with Leaks (S//SI//REL) Regrettably, leaks, unauthorized disclosures of classified information and poor tradecraft by Indian officials have occurred since Mumbai -- at times it seemed a daily occurrence. DIRNSA sent a letter about the first leak in December 2008. In May 2009, NSA representatives*** traveled to Delhi to meet with Indian officials to deliver a second letter from DIRNSA that underlined the seriousness of the leaks while also applauding the progress made since 2007. (S//SI//REL) During the May TDY, the team emphasized that SIGINT sharing would be reduced unless India's handling procedures were tightened. NSA made it clear that it holds the Indian intelligence agencies responsible for any leaks or releases of SIGINT material. The team also emphasized that care must be taken at the boundaries between intelligence and law enforcement organizations. Furthermore, the Indian services cannot use shared selectors to contact targeted individuals because such activity leads to permanent loss of access. (S//SI//REL) NSA was dissatisfied with the response it received during the May meetings -- much blame was heaped upon the Indian press and few assurances were provided. Nevertheless, in the month since the visit, there have been no additional leaks from India. Also, the Chief of Station indicated on 3 June that Station worked with RAW to create a tearline suitable for passing to law enforcement. The jury is still out on whether the problem has been fixed, but there is hope for the future and a plan to deal with any future leaks. (U) Future (S//SI//REL) Leaks and unauthorized disclosures torpedoed attempts to routinely elevate the CT sharing level to TOP SECRET earlier this year. However, membership in SSPAC, the NSA deployed-analyst presence in Delhi, training and time should serve to mature India's intelligence agencies into the partners NSA needs in South Asia. * (S//SI//REL) Members of SSPAC at that time included South Korea, Singapore, Thailand and the Five Eyes. Here's some background. ** (S//SI//REL) These partners are RAW, the National Technical Research Organization (NTRO) and the Aviation Research Center (ARC). *** (U//FOUO) Specifically, the NSA/CSS Chief Pacific and the Deputy GCM for CT SIGDEV.