précis: How did you get interested in law, and what led you to pursue a PhD as well?
JB: As an undergraduate in the really good history department at the University of Wisconsin in Madison, I thought I might pursue an academic career. I was admitted to the PhD program in American history, but when I received a Marshall scholarship I ended up studying legal and economic history at the London School of Economics, where I wrote a dissertation on changes in English tort law during the Industrial Revolution. After that I decided that—whether I wanted to be an academic or not— I needed a law degree for the legal–historical work I wanted to do. So I went to law school. Then, at the end of ten straight years in university, I was so sick of academia that I started to practice law—and once I realized I had a knack for trying cases, I decided to leave academia behind. Courtroom work is brutally hard work and a very tough school, but it’s a thrill. I went to a law firm, and then spent four years as an antitrust prosecutor in the Justice Department. I liked that. I liked dealing with the economists as well as getting into court. And I learned a lot.
But since my student days I’d been interested in international affairs, and so there was always a bit of a gap between the work that I really wanted to do and the mostly commercial law practice I actually was doing. Then, after 9/11, I decided I wanted to go back into public service. At that time, General Michael Hayden, then–Director of the National Security Agency, was looking for a new Inspector General and wanted an outsider. So, I got that job, and it was a real turning point in my career. My previous career as a lawyer very much helped me do that job better, but I was suddenly able to apply the tools that I had sharpened through many years of practicing law in exactly the way I had always wanted to. I loved it. At mid–career, to go into an intelligence agency in a senior position, with the responsibility to keep it clean, that was stunningly good luck and a terrific experience. And again, I learned a lot.
Although I thought I would go back into private practice after that, Ambassador John Negroponte, who was the first Director of National Intelligence, then asked me to run counterintelligence policy and strategy, which I thought was too interesting not to do. Eventually I went back into law and decided to set up my own legal and consulting practice. But, even when I was still in government, I was starting to come up to MIT to speak publicly about cyber vulnerabilities and conflict. So when John Tirman approached me about the Robert E. Wilhelm Fellowship, it was clear it was a great opportunity that would allow my academic work and practical work to really enrich each other.
précis: What are you working on here at CIS and how do you see the MIT community helping your work here?
JB: It has been clear to me for some time that intelligence collection, secrecy, and privacy are emerging as issues in international relations. This was true even before the Snowden revelations, but it was certainly accelerated by them. I think that there is a sense at CIS that these issues are important in the international context, but there is not a lot of depth of understanding of these problems yet. Coming here is an opportunity to explore and write about issues of intelligence, secrecy, and privacy in the international context, and, up until now, I have been mainly (although not entirely) focused on these issues domestically. So, I spent the spring at The Hague and in Paris participating in conferences on these issues, and I’ve had several pieces come out recently about these issues. For example, I recently had a piece on industrial espionage and trade policy in the American Interest and on critical infrastructure vulnerabilities in Politico and the Washington Post. I also spend an increasing amount of time with students here at MIT and at the Kennedy school and Harvard Law School, which I really enjoy.
The Center for International Studies is planning a two–day conference on privacy and secrecy in April, and I am going to chair a panel on the effect of technology and policy because I am quite interested in the ways that technology affects culture and policy. In fact, one reason why having this opportunity at MIT was so interesting to me, was the opportunity to get the technical people and the policy people and even the lawyers into one room to talk about the same issues. If the lawyers and the policymakers do not have an understanding of the technology and where it is going next, they make mistakes. The technical people, on the other hand, are generally not as attuned to the political or legal implications of what they are working on. So the possibility of a really rich dialogue here at MIT is great. There are stove–piping issues in every institution, however, and they are as bad (or worse) in universities as they are in government. Perhaps I can help in a small way to break down some of those pipes.
précis: In the conversations that you have across these communities, what are the things that generate the most agreement, and what are the points of contention?
JB: I’ve found that many of the suggestions for regulating data are wildly unrealistic, in large part, because we are creating data–exhaust at an astonishing rate and this data is collectible by lots of people. We are living in an era in which secrets are harder than ever to keep, and those things that can be kept secret stay secret for shorter periods of time. Coming to grips with that transparency in our lives is difficult, at all levels — personal, organizational, governmental. And while it may be possible to regulate the secondary trade and data to some extent, I don’t think the fundamental data flood can be regulated effectively except at the margins. It certainly can’t be stopped.
That said, my own proclivities are for much more privacy than those of many people who advocate for more regulation. Privacy involves culture as well as data control. We don’t pay much attention to that, though for whatever it’s worth, I like writing about it. But, by and large, we are not a private culture. Americans share information about themselves in quite an astonishing way. In fact, this is the first time in history when privacy is taken to mean the ability to control the diffusion of information after people have voluntarily provided it to a large number of other people. Benjamin Franklin supposedly said, "Three can keep a secret, if two of them are dead." Ben knew what he was talking about. When the government puts highly classified information out for sometimes thousands of people to see—and people put information for hundreds of people to see on Facebook—there is some meaningful sense in which that information not a secret anymore, at least in the way Franklin thought of it. When you do that, the information is regulated, classified, and controlled, but it is not a secret.
précis: What have you seen as the contributions of academia on these issues? Where do you wish academics were contributing?
JB: We have traditionally created distinctions between scholarship and journalism. I like to do both. That distinction is important, though it was much clearer in people’s minds when I was an undergraduate, and it remains somewhat arbitrary. But to the extent you want to do scholarship about politics it seems to me you have two main options: you can look at problems for which there is a lot information available, or you can bring to bear historical experience to a question of contemporary affairs. Sometimes you can do both at once.
Now, political science has become a lot more quantitative in nature, and history has too. In my graduate education at the London School of Economics, I learned it might actually be a good idea to count things. But it is also important not to confuse counting with wisdom. I follow the late Adda Bozeman in believing that the critical discipline in studying international relations is history. Bringing to bear wisdom based on historical experience is the great contribution of scholarship to policy making. Those who are making decisions either in the private sector or in government are in some sense in the trench, and when you are in the trench it is very hard to see the whole battlefield. Policymakers are dealing with whatever caused the biggest problem the night before, and it is very hard to control the agenda. Scholarship is free of those constraints.
précis: With regard to new technologies, how do the domestic and international levels of analysis interact?
JB: In most countries the conversation that occurs in Western Europe and the United States about privacy and the limits of governmental power are virtually unheard of. When the police can knock down your door in the middle of the night and there is no independent judiciary, questions about the collection of metadata look pretty small. But what I think is true, is that the issues of transparency are being felt by very different cultures in many of the same ways. We are finding that technology that makes our lives more convenient and that can empower individuals can also empower the state in ways we don’t like. For example, the same technology that a young couple will use in their home to monitor a baby is used in Syria by the government to do really nasty and intrusive spying on the population. It would be nice if we could easily determine what technology is good and what technology is bad, but we can’t. So we control the export of this stuff as well as we can, imperfectly to be sure, but we can’t uninvent it and we can’t keep other countries from inventing their own versions of it.
précis: What does your next project look like?
JB: I am doing some work now on critical infrastructure protection. I think the notion of strategic cyber war is a little over the top, and I say that as someone who also thinks we have very serious vulnerabilities. But there are real issues in the cyber realm that need to be examined. For example, after what appeared to have been a Russian breach of J.P. Morgan, it was reported in the New York Times that President Obama was trying to determine if President Putin was sending him a message, and nobody could tell him. Vulnerabilities like that have policy implications short of open conflict because they constrain a leader’s ability to make decisions. We have to think about what happens if an American action in Ukraine could lead to the take–down of a major American bank or part of our grid, because that kind of constraint is much more plausible than all–out cyber war.