In my last post, I pointed out that John Brennan almost certainly had a role overseeing the threat assessment used for George Bush’s illegal surveillance program, for at least a year and possibly two. He probably did so, I explained, in his role as Director of the Terrorist Threat Integration Center and the Interim Director of the National CounterTerrorism Center.

That’s troublesome not just because one of Obama’s closest national security advisors is complicit with this illegal program. But also because it means the entity doing the Terrorist Watch List has been intimately involved in deciding whom to wiretap.

Here’s WhoRunsGov’s description of what Brennan did at TTIC and NCTC:

In 2004, he accepted a job at the National Counter-Terrorism Center, where he revamped the government’s monitoring of terrorist activity by incorporating information from across agencies. He also increased the number of analysts and compiled one of the most comprehensive reports on terrorism across the world. “We want to make sure that we are looking at it [terrorism] openly and as exhaustively as possible,” Brennan said in 2004. He also created the terrorist watch list, which contains names and data on thousands of suspected terrorists and is accessible to law enforcement officials, during his tenure.

And here’s part of a Frontline interview with Brennan.

… You were involved in creating the terrorist watch list through the NCTC, right? … Does it work?

It works, I think, very well. There [are] still improvements that need to be made. But prior to about two years ago or so in 2004, there were over a dozen databases in about nine different federal departments and agencies that were part of the watch-listing system. It was dysfunctional because they were not interconnected.

No organization, no architect[ure].

Right. And now there is an architecture that’s in place, and the National Counterterrorism Center feeds information to the FBI-administered Terrorist Screening Center [TSC] so that airports and ports of entry and local police have access to the master watch list of all individuals who are known or suspected to be transnational terrorists.

They can call in, or it shows up in airports?

They can do an immediate search. They can just log onto the computer that they have and run the name, and all the variants will come up. It’s a much more effective and efficient system now.

Even though we hear these constant complaints from people who say their name is in there because their name is the same as some other person’s name.

Sure. Early on there were a lot of false positives and a lot of individuals who were pulled aside for secondary questioning, whatever. They’ve worked out a lot of that. There are still false positives. … Sometimes individuals will come across a port of entry with a very similar name, similar date of birth, even similar nationality, and so therefore they are going to be pulled aside for the questioning to determine whether or not they are identifiable as the terrorist. …

Now, this should not be a surprise and to some degree it makes sense, but the point is that the same people making the Terrorist Watch List were also the same people deciding who would get wiretapped domestically. That’s a problem–and not just because the Terrorist Watch List has proven to be almost comically inaccurate. 

By far the most troubling allegation about the domestic surveillance program–one corroborated to very limited degree since–is the suggestion that the Bush Administration was cross-referencing Main Core, a database of people whom, under a Continuity of Government situation, could be rounded up–with their warrantless wiretapping list.

I don’t know about the track record of Christopher Ketcham, the author of this Radar piece explaining the "big thing" that that made Jim Comey object to the warrantless wiretapping program so aggressively in March 2004. But it sounds like a plausible explanation.

Ketcham describes a database of Americans who, in case the government ever implements its Continuity of Government program in a time of national emergency, can be rounded up and jailed.


According to a senior government official who served with high-level security clearances in five administrations, "There exists a database of Americans, who, often for the slightest and most trivial reason, are considered unfriendly, and who, in a time of panic, might be incarcerated. The database can identify and locate perceived ‘enemies of the state’ almost instantaneously." He and other sources tell Radar that the database is sometimes referred to by the code name Main Core. One knowledgeable source claims that 8 million Americans are now listed in Main Core as potentially suspect. In the event of a national emergency, these people could be subject to everything from heightened surveillance and tracking to direct questioning and possibly even detention.


Ketcham goes on to explain that the Bush Administration was cross-referencing Main Core with its warrantless wiretap program. I’m not entirely clear whether Ketcham is saying BushCo used Main Core to come up with potential targets of warrantless wiretapping, or whether they used the warrantless wiretapping intercepts to add to Main Core–I think, but am not positive–it’s the latter.

A veteran CIA intelligence analyst who maintains active high-level clearances and serves as an advisor to the Department of Defense in the field of emerging technology tells Radar that during the 2004 hospital room drama, James Comey expressed concern over how this secret database was being used "to accumulate otherwise private data on non-targeted U.S. citizens for use at a future time." Though not specifically familiar with the name Main Core, he adds, "What was being requested of Comey for legal approval was exactly what a Main Core story would be." A source regularly briefed by people inside the intelligence community adds: "Comey had discovered that President Bush had authorized NSA to use a highly classified and compartmentalized Continuity of Government database on Americans in computerized searches of its domestic intercepts. [Comey] had concluded that the use of that ‘Main Core’ database compromised the legality of the overall NSA domestic surveillance project."

Now, the news that TTIC and NCTC were instrumental in deciding whom to wiretap makes it more likely that Main Core was being cross-referenced with the warrantless wiretapping program. Which makes the program all the more troubling.

We know the keepers of key databases on potential American threats played a key role in the warrantless wiretapping program. What we don’t know–yet–is how many of their databases were involved in the program. 



Marcy Wheeler aka Emptywheel is an American journalist whose reporting specializes in security and civil liberties.