“thus what enables the wise sovereign and the good general to strike and conquer, and achieve great things beyond the reach of the ordinary man, is foreknowledge. Now this foreknowledge cannot be elicited from spirits; it cannot be obtained inductively from experience, nor by any deductive calculation. Knowledge of the enemy's dispositions can only be obtained from other men. Therefore, enlightened rulers who are able to obtain intelligent agents as spies are certain for great achievements. If you know the enemy and you know yourself, you need not fear a hundred battles. If you know yourself and not the enemy, for every victory you will suffer a defeat. If you know neither yourself nor your enemy, you are a fool and will meet defeat in every battle"
[Chapter 13,”On Spies", The Art of War, translated by Lionel Giles; 13:006 in the Shonsi system].
These are the words of renowed Chinese General and military theorists, Sun Tsu.
The use of human agents in intelligence collection is perhaps the oldest method of intelligence collection. Human Intelligence (HUMINT) involves the use of human contacts, sources, agents and informants and this method relies on the training and experience of human operatives who know what information they need and how best to obtain it clandestinely. With advancement in science and technology, technical means of intelligence collection (TECHINT) which has become part of our security intelligence systems continue to evolve in response to emerging threats to global peace and security.
It involves the deployment of technology which may include communication intelligence (COMINT), Signal intelligence (SIGINT) etc.
While an intelligence organisation is interested in obtaining illegally information of security interest (espionage) either by HUMINT or TECHINT or both, a counter-intelligence organisation prevents a hostile intelligence organisation from gaining access to its classified information by same methods and this aspect of intelligence is referred as to as COUNTER-INTELLIGENCE.
Both methods have their limitations but are crucial and complementary disciplines exploited by intelligence organisations. Human intelligence for instance, human agents are more vulnerable to compromise and also risk to life involved because of high susceptibility of agent or informant to the counter-intelligence organisation.
US National Security Act, 1947 (as amended through P.L 115-232, Enacted August 13, 2018), SEC 3[50 U.S.C 3003] defines counterintelligence as;
“information gathered, and activities conducted, to protect against espionage, other intelligence activities, sabotage, or assassinations conducted by or on behalf of foreign governments or elements thereof, foreign organizations, foreign persons or international terrorist activities”.
Counter-intelligence, may be offensive or defensive.
Offensive Counter-intelligence: aims at identifying enemies of espionage, sabotage or terrorism, sources of funding, capability, weapons in order to subvert, neutralize, exploit or disband their criminal infrastructure. Here you go after the adversary and neutralize him before he causes harm.
Defensive Counter-intelligence: the organisation identifies areas of vulnerabilities that could easily be exploited by hostile intelligence organisations or agents of hostile organisations.
In defensive C.I, the nation or organisation takes measures to ensure its information and information systems are secure and this comprises various counter-intelligence mechanisms and strategies to protect the nation/organisation by;
(I) Personnel Security (ensuring the integrity, loyalty and reliability of employees and taking measures to remove undesirable employees whose employments pose security risk)
(II) Physical Security (protecting and giving cover to physical infrastructure, buildings and vital installations of national security importance)
(III) Personal Security (ensuring that employees in sensitive areas are conscious of the risks of negligence, compromise or unprofessional conduct)
(IV) Document Security (providing protection and cover to classified materials ie audios, videos, written documents and other information that should be safeguarded from unauthorised disclosure)
The sum total of these is referred to as PROTECTIVE SECURITY.
The subject of protective security is one that extends beyond a country's intelligence or security agencies and involves all aspects of government business. Private organisations, companies, political party organisations etc also have protective security responsibilities and therefore the recent spate of leakages of secret videos and audio recordings as well as written documents in both private and government circles is one that raises serious issues about protective security and their implications on national security.
For the purpose of this write up, the focus shall be on personnel security since it appears most of these leakages has to do with the integrity of people working in such areas.
As Sun Tsu states, "Knowledge of the enemy's dispositions can only be obtained from other men". The purpose of personnel security is to ensure that the integrity, loyalty, credibility and reliability of persons employed in sensitive areas is at its highest level either by preventing employment of such persons who may pose security risk or detecting and removing already employed persons whose activities compromise security.
Personnel employed in organisations (public or private), whether security or non-security departments, handle information in the course of the discharge of their duties and these information need to be safeguarded from unauthorised disclosures which may cause damage to the organisation or give advantage to opposing organisation. Therefore, ensuring that only loyal and reliable persons are engaged is a very critical issue in security and intelligence management.
In recent time, Ghana has been hit by leakages of secret videos, audios, documents among others that borders on national security, latest being the alleged audio recordings of a meeting of senior NDC officials and party communication officers. Also, some public officials/security personnel employed in sensitive government institutions have been captured in the Tiger Eye PI investigative documentary allegedly aiding/or providing security information on anti-illegal mining operations to illegal miners to circumvent the security task force. Also, a letter allegedly written by the upper west regional Security Liaison Officer to NPP constituency chairman for recruitment and training of party security team members for monitoring of the upcoming 2020 general elections raised serious security concerns at a time issues of political vigilantism has become a matter of public concern. Other alleged leaked tapes/information associated with high profile government/political personalities in recent time include that of Mr. Yaw Boating Gyan-then National Organiser/NDC, Mr. Obiri Boahene-then Deputy General Secretary/NPP, Mr. Yaw Osafo Maafo-senior minister, Deputy Commissioner of Police Maame Yaa Tiwaa Addo Danquah-then Deputy Director/CID and alleged leakage of Special Prosecutor, Mr. A.B.K Amidu's letter written to Commissioner-General/GRA among others.
Most of these leakages particularly audio recordings have often been denied by the people involved, alleging doctoring of the said leaked tapes and therefore it is important that this development is tackled with the necessary seriousness. It calls for serious attention by the national security council so that measures could be taken including assisting the intelligence/investigative agencies with training, logistics and technology to conduct conclusive investigations into these leakages to determine;
(i) authenticity or otherwise of the leaked recordings and their sources.
(ii) prosecution of persons captured in such recordings who may be liable to criminal sanctions based on security and legal analyses of contents of the leaks.
(iii) prosecution of those involved in doctoring or fabrication of tapes to create fear and panic or endanger national security.
Unauthorised disclosure of classified information will in the case of;
(a) TOP SECRET INFORMATION cause exceptionally grave damage to a nation/organisation/corporate entity or
(b) SECRET INFORMATION cause serious damage to a nation/organisation or endanger national security or
(c) CONFIDENTIAL INFORMATION cause embarassment to a nation/organisation or give advantage to opponents or will be prejudicial to national security.
These classified information may be about plans, activities, capability, technology, strategies, inner workings of an organisation which must be SAFEGUARDED!
Generally, personnel security must extend to all persons whose employment enables them have
(i) access to restricted premises, facilities, offices etc
(ii) access to classified materials
It must also be designed to;
(a) detect and remove from sensitive area employees whose activities/conduct compromise security of classified materials or pose security risk generally.
(b) prevent any person without legal access to premises from having access to classified information.
(c) determine who should know/access/handle what classified information and when to receive such information.
(d) ensure that personnel employed in sensitive areas are conscious/educated/trained on all protective security mechanisms and alert at all times to their protective security responsibilities.
ALLEDGED LEAKAGE OF NDC CHAIRMAN'S MEETING
WITH PARTY COMMUNICATION OFFICERS
Now, the questions about protective security are,
(1) Are all participants of that meeting tested loyal members of the party?
(2) Could the meeting have been penetrated by hostile agents without detection?
(3) Could there be deep cover agents (moles or double agents) in the NDC that the party has failed to identify?
(4) Could some party loyalists have been compromised by money or other motivations along the line without detection?
(5) On allegations of bugging of NDC office by government, could the planting of equipment, devices have been carried out by agents withouta authorised access to the premises or persons with authorised access to the premises?
In all these, it is clear that the security breach may be attributed to weak physical security, personnel security, personal security or document security or combination of all.
EXPOSURE OF PUBLIC OFFICIALS IN TIGER EYE PI INVESTIGATION INTO COMPLICITY OF PUBLIC OFFICIALS IN ILLEGAL MINING
This development and indeed previous reports of alleged involvement of public officials employed in sensitive areas; security agencies, civil service and sensitive government outfits, jubilee house etc raises issues about personnel security. In this documentary, it is reported that some officials at the secretariat of the Inter-Ministerial Committee on Illegal Mining (IMCIM) facilitates the operations of illegal miners by providing operational information on the movements and security operations of the anti-illegal mining task force so as to enable illegal miners circumvent the task force as well as facilitate illegal acquisition of mining documents.
Particularly that these employees including security personnel are employed in such sensitive areas as the IMCIM, Jubilee house or attached to the national security council secretariat as reported raises questions about personnel security.
ALLEGATIONS OF BUGGING/ILLEGAL ESPIONAGE
The allegations by the NDC that government is illegally spying on it still boils down to protective security. A political party is an organisation which undertakes serious activities to shape the politics, democracy and political administration of Ghana. They undertake political planning, strategies and decisions regarding elections (internal party or national elections) among others. Some of these activities may border on security or not necessarily on security but still require protection in order not to give advantage to political opponents. In the light of the above, it is important that political party administrators take matters of protective security more seriously.
Indeed i agree that it may be very expensive for a political party to have the most sophisticated protective security measures but i believe political parties should do more in this area. By simply doing little in terms of protective security with the assertion that government has capability to illegally spy on it is like just opening your doors for easy penetration. By improving and securing your security environment and protective security measures, it will serve as challenge to the national intelligence agencies and who will have to employ more effective and efficient covert methods to obtain information, thereby improving their efficiency.
It is however, important to note that the constitution guarantees citizens' rights to privacy and protects citizens from unlawful intrusion into their privacies except in the interest of national security where these rights may be waved. The intelligence agencies in their quest to collect information to safeguard national security are very mindful of the legal limitations of certain covet activities since evidence collected clandestinely without recourse to legal procedure may be inadmissible in court of law. Sections 29-31 of the Security and Intelligence Act, 1996 (ACT 526) provides for the means of legally obtaining information by the intelligence agencies . Furthermore sections 21-28 of Act 526 provides for legal remedies for persons aggrieved by the actions of the intelligence agencies. Quite recently, there were moves to enact a law, Interception of Telecommunications and Postal Packets Bill to empower the intelligence services in their surveillance and covert operational activities but this was vehemently resisted by human rights activists and other bodies including the Ghana Bar Association. This clearly demonstrates that intelligence activities must be done within the remits of the law particularly where evidence is collected for criminal prosecutions. However, the intelligence services can undertake any covert activity to obtain information clandestinely for other national security purposes.
MAINTAINING PERSONNEL SECURITY
(i) Vetting of prospective candidates for employment.
(ii) Continuous vetting of employees to detect and remove disloyal members.
(iii) Education/training and continuous education on protective security responsibilities of employees.
Vetting is undertaken to collect detailed, comprehensive information about a prospective employee or employee so as to determine the security fitness of the subject of vetting for employment or continuous employment in an organisation. It involves painstaking, meticulous and objective intelligence investigations and background checks for granting of security clearance to persons so vetted for positions in sensitive establishments; public or private sector. Comprehensive vetting involves two procedures;
(a) Criminal background checks (nominal vetting) where criminal records of persons of interest are obtained and reviewed by the vetting organisation. Criminal records are often kept by a nation's primary crime agency such as criminal investigations departments, courts, immigration, customs and revenue agencies etc on persons who have been convicted or have past criminal dealings.
(b) Positive vetting goes beyond obtaining criminal records and involves detailed intelligence investigations and security checks into all aspects of a person's life; parentage, date/place of birth, education/employment history, family background, friends, associates, contacts, social/political life, habits among others. All these are subjected to objective and professional security scrutiny to enable the appointing organisation take decision on the suitability of the prospective employee or continuous service of an employee.
In most countries including Ghana, counter-intelligence agencies (internal/domestic intelligence agencies) have the responsibility of vetting all persons whose employment may grant them access to sensitive areas and classified materials/information.
The Bureau of National Investigation is the principal vetting agency in Ghana. It conducts vetting of all public office holders including members of the armed forces, police and other security agencies, ministers of state, ambassadors, senior public/government officials, members of parliament among others. It does this by collaborating with the Criminal Investigations Department of Ghana Police service, Department of Defence Intelligence of the Ghana Armed Forces, Immigration and Passport departments. The BNI advices appropriate appointing authorities on the security fitness of persons being considered for employment and also undertakes continuous vetting to ensure that the security clearance granted to an employee has not been compromised.
It will be recalled that in 1985, the CIA during its routine continuous vetting of its employees, conducted a polygraph test on one of its overseas intelligence officers, an Operations Support Staff (clerk)-Ms. Sharon Scarange, then working in its station office inside the US Embassy, Accra where the employee failed the lie detection test. Further investigations conducted by the Federal Bureau of Investigations revealed that the operative had leaked substantial sensitive intelligence information to her Ghanaian lover Michael Soussoudis. She was subsequently dismissed from the CIA and convicted alongside Michael Soussoudis on espionage charges.
There have also been reports of dismissal of public officials in Ghana and some of these dismissals may be as a result of security unfitness of some of these dismissed officials.
PRIVATE VETTING AGENCIES
The increasing participation of the private sector in the security industry is one that can improve security service delivery particularly in developing countries where these private security firms are springing up. Already, in developed jurisdictions, some private investigations firms are specialized in profiling, vetting and other services that are greatly patronized by both government and private clients/organisations.
This is an emerging area in Ghana and private firms like the E-crime Bureau provides security clearance polygraph services to public and private entities/clients It also collaborates with government in providing technical training in cyber-crime investigations to investigators.(see www.e-crimebureau.com , Ghana News Agency, 26th June, 2012)
CONSUMERS OF VETTING
(I) Government: Government requires advice from the BNI for decision on the appointment of officials such as ministers, diplomats, senior government/public officers/military/police and other officials in the public service.
(II) Parliament: Parliament's Vetting and Appointments Committee also requests vetting (confidential) reports from the BNI as part of its parliamentary vetting processes for the approval or otherwise of persons nominated for ministerial positions or other appointments requiring parliamentary approval in accordance with the 1992 constitution.
(III) Corporate Organisations: Are becoming concerned about the integrity of its employees and risks associated with employees whose activities can undermine their operations. Some organisations mostly request criminal background checks from the Police Criminal Investigation Department to ascertain the criminal records of prospective employees. However, comprehensive vetting/positve vetting opportunities exist for companies to take advantage of during their hiring processes.
(IV) Foreign Embassies: Usually require criminal background reports from the police CID for granting VISAs to persons entering their countries.
In the light of increasing threat to information security (documents, videos, audios and other electronic storage systems) there is the need for government and corporate entities to strengthen their protective security measures.
The security threats prevalent in our sub-region today and also to global peace and security; terrorism, cybercrime, drug trafficking, money laundering and transnational/cross border crimes requires efficient and effective counter-intelligence system so as to counteract activities of hostile organisations/agents of espionage, terrorism, sabotage and subversion and this depends to a high extent on the integrity, loyalty and reliability of employees with access to classified material/information which are very critical in protective security, counterintelligence and maintenance of national security in general.
The National Security Council through the Ministry of National Security should consider rolling out a comprehensive protective security policy guidelines or reviewing existing ones to include all departments and agencies and this should focus on security education of employees. The various ministries, departments and agencies should comply with government approved protective security guidelines including education and sensitization of staff for protection of official information in their departments.
Corporate institutions, companies, political party secretariats must be concerned about protective security and should invest in measures including security training, vetting of officers and physical security measures as to protect their classified information.
Public officers/employees (civil servants, security personnel and all categories of employees) must be mindful at all times about their constitutional oaths of secrecy, allegiance and of office.
Subject to Article 36 of the 1992 Constittution, all persons have obligations under the State Secrets Act, 1962 (Act 101) and Section 37 of the Security and Intelligence Agencies Act, 1996 (ACT 526) to observe protective security measures.
Espionage is an offence, prevent espionage to protect your beloved country.
Together, let us help safeguard national security!
The writer is an Observer on National Security Affairs and Student of Security and Intelligence