Ambassador-at-Large and Coordinator for Counterterrorism, U.S. Department of State
Reporter, New York Times
Ambassador Nathan A. Sales discusses U.S. counterterrorism initiatives and developments to the UN Security Council Resolution on Foreign Terrorist Fighters.
For further reading, please see the CFR blog post “Women are Vital in the Fight Against Terrorism” by Jamille Bigio and the Foreign Affairs articles “Trump and Terrorism: U.S. Strategy After ISIS” by Peter D. Feaver and Hal Brands and “Preventing the Next Attack: A Strategy for the War on Terrorism” by Lisa Monaco.
STOCKMAN: All right. Good evening, everyone. Thank you so much for coming tonight. This is a really good turnout. Welcome to today’s Council on Foreign Relations meeting “U.S. Counterterrorism Strategy: Next Steps for the State Department.”
My name is Farah Stockman. I’m a reporter at The New York Times and I will be presiding today. It’s my first time presiding, so I’m super excited. (Laughter.)
Nathan Sales, ambassador-at-large and coordinator for counterterrorism, was sworn in in August of 2017. He previously served in the administration of George W. Bush. He was a special counsel in the Justice Department at 9/11 and found himself working on the PATRIOT Act. So he played a role in crafting the PATRIOT Act. Later he served as deputy assistant secretary for policy at the Department of Homeland Security. So we are honored to have him here tonight to talk about counterterrorism strategy and policy under President Trump.
So we are going to hear some remarks from Ambassador Sales, and then he and I are going to have a short discussion together onstage, and then we’re going to open it up for questions from all of you, so.
SALES: Well, thank you very much, Farah, for that kind introduction. And thank you all for being here on a cold winter night to hear a speech about terrorism.
It’s a real pleasure for me to be here at the CFR. This is my first time at the New York facility, and it feels sort of like a homecoming. As a recovering academic—recovering New York academic; I was a law professor at Syracuse before taking this position at the State Department—I feel like the amount of wonkery and policy expertise in this room is quite, quite impressive. So grateful to be here among you.
So, given the topic of tonight’s presentation, tonight’s conversation, U.N. Security Council Resolution 2396, it’s only fitting that we would have this conversation here in New York City. Since 9/11, the United States has been the world’s counterterrorism leader. After the attacks, we pioneered a number of cutting-edge CT tools that we used to better secure our borders and help keep our people safe—things like information sharing, things like biometrics, things like data analysis. In December, the U.N. Security Council adopted a new resolution that pushes the rest of the world to live up to these same standards.
Now let me be more specific. In the runup to 9/11, al-Qaida was able to exploit systematic weaknesses in our border-screening systems to send 19 operatives into this country essentially undetected. The result we’re all familiar with: the deadliest attack on America soil in decades. More Americans died on 9/11 than at Pearl Harbor.
So, in response, the United States consolidated our watchlists of known and suspected terrorists in order to better block terrorist travel. We started analyzing airline reservation data, known as passenger name records or PNR, to flag people who should get a little extra scrutiny before they cross a customs checkpoint or before they’re able to board a plane. We also started collecting fingerprints from visitors to our country in order to spot terrorists who might be trying to cross our borders. With all of this, we made America safer while keeping faith with American values.
Now, thanks to that new Security Council resolution that I mentioned a moment ago, the policies that I’ve just described are not just American ones, they’re global one. UNSCR 2396, which was adopted unanimously and with 66 cosponsors, requires all U.N. member states to adopt the same and develop the same capabilities, and to deploy the same systems. Tonight I’d like to tell you how the United States has used these initiatives and the promise that they hold for the rest of the world.
Let’s start off with watchlists. Effective border screening includes multiple layers. The first and most basic layer is to look for previously-identified risks. In practice, that means looking at passports or airline manifests and comparing passengers’ names, dates of birth, and other information against databases of known threats. Watchlists are an indispensable tool for screening people entering our country.
We learned all of this the hard way on 9/11. In January of 2000, a group of senior al-Qaida members held a summit in Kuala Lumpur. We knew about the meeting, and Malaysian authorities actually were able to surveil the participants. But partly because we didn’t have effective watchlists, two of the participants were able to enter the country shortly after the summit, and they did so—adding insult to injury—using their actual names, Nawaf al Hazmi and Khalid al Mihdhar. If those names sound familiar, it’s because they should: these two men went on to help hijack American Airlines Flight 77 and crash it into the Pentagon.
Today we have a robust and effective watchlist system. Every day more than a million people enter the United States by land, sea, or air, and another 2.1 million people take a domestic flight. We screen these travelers’ names and other data against our lists of known and suspected terrorists to identify potential threats.
Now, I mentioned that watchlisting is an American innovation, if you will, but we haven’t been doing this alone. Over the years we’ve entered into dozens of bilateral information-sharing agreements with partner countries around the world. This is Homeland Security Presidential Directive 6, or HSPD-6. In 2017, we signed HSPD-6 agreements with 10 additional countries, bringing the total number up to 69. Under HSPD-6, our partners have provided us with the names of more than 70,000 known and suspected terrorists.
Now, under Resolution 2396, all U.N. member states will now be required to maintain these same kinds of watchlists. They’re also encouraged to share these lists among other countries. By making watchlists mandatory, the Security Council has raised the global bar for border security.
A second, more sophisticated type of border screening involves PNR, passenger name record data. This is the information you give to United when you book a flight to London. It’s your phone number, your email address, and so on. The U.S. started using PNR back in the 1990s to scan for suspicious cargo trying to enter the country—narcotics, knockoff Disney counterfeit merchandise, or so on. Since 9/11 we’ve also used it to spot terrorist threats, with great success.
Let me explain what PNR is useful for. The first thing you can do with it is to identify suspicious travel patterns, flagging threats that otherwise might have escaped attention.
You can also use PNR to illuminate hidden connections between known threats and their unknown associates. This is known as contact chaining or link analysis.
Connecting and sharing PNR can also help spot so-called broken travel. This is a favored technique of terrorists of using convoluted travel routes to evade detection. Do you remember a Mehdi Nemmouche? Some of you are nodding along. This is the gunman who’s been charged with murdering four people at the Jewish Museum in Brussels in 2014. Nemmouche reportedly used broken travel to reach Europe undetected, departing the war zone in Syria and traveling via Asia.
So what does PNR use look like? Let me give you a few concrete specific success stories.
In 2014, a Yemeni citizen was scheduled to travel from Saudi Arabia to Washington, D.C. During a routine review of inbound flight data, CBP officers—that is to say, Customs and Border Protection officers—matched an email and phone number in this person’s airline reservation data with a second person who was a suspected terrorist. They dug a little deeper and found additional ties between this traveler and the suspected terrorist. Thanks to PNR, the State Department was able to immediately revoke this person’s visa and the airline denied him boarding.
In another example, a young American was prevented from leaving the country and potentially continuing down a path towards terrorism. The citizen’s PNR matched a route that was known to be used by people leaving the United States and traveling to Syria to fight for Iraq—fight for ISIS. He was sent to secondary inspection at the airport, and when questioned he was unable to explain his travel plans or why he was leaving. The airline denied him boarding and denied him again when he tried to travel on a second occasion.
PNR can also be useful in criminal investigations. In December of 2009, a U.S. citizen named Faisal Shahzad received explosive training in Pakistan from people affiliated with Tehrik-e-Taliban, the Pakistani Taliban. A few months later, in February of 2010, Shahzad arrived at JFK on a one-way ticket from Pakistan. He was referred to secondary inspection because he matched a PNR targeting rule. CBP officers interview him, and documented the encounter, and sent him on his way. Fast-forward three months. On May 1st of 2010, a car bomb failed to detonate in Times Square. Investigators tied Shahzad to the car. It was a Nissan Pathfinder that he’d purchased via Craigslist. Yeah. CBP then placed an alert for Shahzad in its system. When he booked a flight to flee the country the system flagged it, and he was arrested at JFK Airport as he attempted to travel to Dubai. He’s now serving a life sentence.
The PNR system that the United States pioneered has now become an international norm. In 2016, after years of ambivalence and, candidly, outright hostility, the European Union directed its member states to adopt PNR systems of their own. And Resolution 2396 calls on member states to do the same.
A third layer of screening involves biometrics. Biometrics are a critical tool for verifying that travelers actually are who they say they are. Terrorists try to mask their identities in a number of ways: false travel documents, using aliases, and so on. It’s a lot harder to fake their fingerprints. That’s why the United States collects biometrics from non-Americans who visit this country. We collect their fingerprints and facial scans, and use the data to validate their identifies and their travel documents. We also check their biometrics against watchlists, so biometrics can inform and enhance the screening that is performed using watchlists of known and suspected terrorists.
Let me just say that these tools become even more powerful, even more capable as the data is enriched by information collected by soldiers on the battlefield when they collect things like latent fingerprints at ISIS safehouses, or prints on unexploded IEDs, or prints from captured foreign terrorist fighters.
Let me give you a few examples of biometrics in action before we move on to the part of the night that I’m looking forward to most, a conversation and then your questions. First, the big picture. Last year, through automated sharing of biometrics with partner countries, the United States was able to identify 134 known or suspected terrorists who were traveling to those foreign countries. The numbers for this year are even more impressive. In fiscal year ’18, the program has already flagged 44 people.
Here’s one specific example. Earlier this year, a would-be migrant applied for asylum in the United States. The person’s fingerprints were taken, and we shared them with another country. Our partner reported back that this was a known and suspected terrorist. Thanks to biometrics, we were able to stop this person from entering the United States and we were able to refer this person to the foreign partner’s national police service.
In another case, from 2014, New Zealand sent us a fingerprint identification request for a Sri Lankan national who was applying for asylum. We found that the prints matched those of a known or suspected terrorist in our database, and as a result New Zealand was able to refuse entry.
Resolution 2396 takes this American initiative and turns it into a global norm. The resolution requires all U.N. members to collect biometric data to spot terrorists if they attempt to board planes or to cross borders. And because we all need to stop these threats before they reach our shores, 2396 also calls on member states to share this information among each other.
In conclusion, the United States pioneered the border security tools that occupy the heart of 2396, but we also recognize that not every other country has the same resources or expertise. We know that implementing these new obligations will be a heavy lift for some countries. And that’s why we stand ready to assist our partners that have the political will to meet their obligations. In particular, we’re willing to share our PNR system with any country that wants it.
So we’re all in this together. The more states that are able to spot terrorists and stop them from traveling, the safer we’ll all be. A full implementation of UNSCR 2396 will help ensure that the world has the tools it needs to stay ahead of our adversaries. The United States will continue to share our expertise, will continue to lead in the ongoing campaign to identify threats and deny terrorist travel.
Thank you all very much, and I’m looking forward to our conversation. (Applause.)
STOCKMAN: All right. So, after 9/11, you talked a lot about how difficult it was just to get police officers in the United States to work with intelligence officers in the United States, to share information. Now you’re embarking upon a much more difficult problem, which is to get the sharing of information worldwide. So, I mean, that—I just wanted to acknowledge that this is a big—this is a big task.
I want you to walk us through what that really looks like. What is the goal? Is it to have a worldwide watchlist? And if I accidentally get put on it, who do I call to get off?
SALES: So not that. We don’t—we don’t want a single, unified watchlist that all countries are adding to and using. Instead, we prefer a more targeted approach. And that, actually, is the approach that the United States has been following since 9/11, both bilaterally and multilaterally. We’ve worked with like-minded allies in Europe—Five Eye(s) countries—in Southeast Asia, across the globe to engage in bilateral sharing of watchlist information. And we’ve also partnered with multilateral institutions like Europol, like Interpol to push this information out among likeminded countries.
Now, what we hope to accomplish under 2396 is to bring more countries into that system and allow for the free flow of information about ISIS, about al-Qaida, about other terrorist groups of global reach. We’re mindful of the fact that some countries will have greater capabilities to contribute than others. We’re mindful of the fact that some countries have a stronger intelligence apparatus that is a precondition for developing a list of known and suspected terrorists. This is not a one-size-fits-all solution, right? This is a solution that is flexible enough to adapt to circumstances.
STOCKMAN: So one of the things about your remarks that I found powerful was you were talking about how big data can change what we know about terrorists and this PNR data. You can just have a hit on something that happened years ago or far away, and that’s obviously powerful. It’s something the United States has pioneered. But there’s sort of a concern in the human rights community about how some of this data can be used. And this resolution, I would say, doesn’t have a definition that’s commonly agreed on—there’s no definition in the resolution about what terrorism is. So we have dispatched all these countries to go out and fight terrorism and pass sweeping measures to be able to monitor and surveil and arrest terrorists, but without really saying who terrorists are. How can we—how can we be certain that a country with an autocratic leader isn’t using this data to basically monitor and surveil journalists, or religious leaders, or political opponents?
SALES: Or former law professors. (Laughter.) No, it’s a good question, and it’s a fair concern.
So I guess one glancing answer I would make about PNR in particular before I engage on the broader point is what can you use PNR data for. Well, the regulation—the DHS regulation that describes this system—it’s called a SORN, a System of Records Notice, for those of you who, like me, are administrative lawyers; you can never quite leave administrative law behind, even as a diplomat—describes the purposes for which PNR data can be used. And it’s for the purpose of combating international terrorism, not domestic, or serious transnational crime such as child exploitation. So on PNR we’re good.
But your broader point—your broader question is a very important one. So let me just say it’s in the interest of the United States not to use this data exchange to enable the kind of bad behavior that you’re describing. We have reservations both on the sending and on the receiving.
So, on the sending end, we would not want to share information about known and suspected terrorists with countries that have a poor human rights record. The purpose of the data is to prevent terrorists from crossing borders. We wouldn’t want an autocratic regime to have access to data that could then be used to suppress political dissent, to punish journalists or do worse, extrajudicial killings or other abuses of power.
On the receiving end, we in the United States, likewise, have an interest in not receiving data from autocratic regimes that is not terribly reliable. It doesn’t help us protect our borders if an autocratic regime tells us that this journalist is a terrorist. Well, you know, this person is just coming to give a speech in New York, not to blow up a building. And if we—if our systems are flooded with unreliable data like that, our systems are not as effective.
And so this is not a “trust us” point. This is sort of a “trust our interests” point. Our interests dictate the manner in which we engage with foreign governments—whom we prioritize, what kinds of information we ask for from what kind of governments—because we don’t want those two scenarios to play out.
STOCKMAN: OK. I hear you, but let’s take it—it’s not just about trusting us. We’re asking these foreign governments to go out there and pass—we’re mandating them to pass laws that round up terrorists. So what about—I mean, Human Rights Watch has detailed, let’s say, extensive travel curtailment of men under the age of 35 in Tunisia for the Tunisian government, or, you know, Egyptian women who are prevented from going to Germany to a domestic violence conference. So they’ve kind of collected examples of people who have been prevented from doing things that they—that shouldn’t fall under the definition of terrorism. I mean, if you look at the definition of terrorism in Saudi Arabia, it’s like, you know, anyone who consorts with somebody who’s against the kingdom, you know, that kind of thing. So, I mean, aren’t—there are concerns that this resolution gives a greenlight to regimes to kind of pass laws that are going to be repressive. So how do we—are there talks right now going on to figure out ways to safeguard that and make sure that doesn’t—that we can make sure those laws aren’t abused?
SALES: So I’m going to answer that question in a very similar way to the answer I just gave you, and it is—it is in our interests for partner nations not to do what you’ve just described.
STOCKMAN: But is it in their interest?
SALES: Well, it’s our job to describe to them how it is in their interest.
So our priority in the United States is using these tools—using all tools at our disposal to confront terrorist groups of a global reach. What does that mean? It means ISIS and its affiliates, such as ISIS-Khorasan, such as ISIS in the Sinai; and al-Qaida and its affiliates, such as al-Qaida in the Islamic Maghreb and its various networks and affiliates around the world. If a country is using a counterterrorism authority like UNSCR 2396 and is directing its efforts at groups that are not global threats, it’s a distraction. From our standpoint, it’s worse than a distraction, because there is a risk that the use of a legitimate counterterrorism tool to achieve domestic political objectives of the sort that you’ve described, there’s a risk that that will sort of undermine the entire enterprise. Forget about other countries being distracted from the primary objective here, which is taking the fight to ISIS, taking the fight to al-Qaida. That’s a serious concern in its own right. But standing alongside that is the concern that tools that should be seen as sort of above the fray might become questioned if they’re abused by authorities. And that’s why we’re constantly in the United States emphasizing the need for action against al-Qaida and ISIS, and correspondingly emphasizing, you know, journalists are not your—are not your enemy.
STOCKMAN: We appreciate that, we journalists.
SALES: That’s your government at your service. (Laughter.)
STOCKMAN: We may get back to that point.
So, since 2014, a lot of—something like 51 terrorist attacks have happened in the United States and Europe that had zero—they were perpetrated by people with no known ties to terrorists, people who woke up one day and drove a truck into a crowd of pedestrians. How does an attack like that get stopped by this incredible effort to use big data and to use information sharing across countries?
SALES: So that threat, the homegrown terrorist threat, is a different kind of challenge than the threat posed by a centralized, hierarchically-managed terrorist group like al-Qaida. And it’s a challenge that I think we’re seeing increasingly here in the U.S. Here in New York you saw a number of—just in the past number of months you saw two attacks by self-directed terrorists who are not formally members of ISIS, but who were radicalized, we think, by ISIS through its prolific use of social media.
If you’re trying to stop al-Qaida, they have to come up for air every now and then. They have to—they have to send money to the plotters who are going to take lessons at a flight school. They have to send instructions to the hijackers about when to strike. The operatives themselves have to move across borders. All of those sort of coming atop the wavetops represent opportunities to surveil them and stop them. For the homegrown terrorist who simply rents a truck and plows it into a crowd, that’s a lot more challenging.
So what we’ve been doing to confront that threat—there are a couple different axes along which we are approaching this problem. The first is community policing, or something—a modern-day equivalent that resembles 1970s- and 1980s-era community policing. So the State Department is partnering with an organization called the Strong Cities Network. It’s a network of mayors in the United States and other municipal authorities in the United States with mayors and municipal authorities in other countries. And one of the things that this initiative seeks to accomplish is to better build trust between the cops on the beat and the communities they serve. And the idea is that if communities have trust in the officers who are there to serve and protect them, if they see them, you know, at a community basketball game or if they are coaching a Little League team, that will enable the sort of trust that allows community members—religious leaders, other figures, private citizens—who may become aware of a problem to go to authorities and say we may have an issue here. That’s not the sort of thing that the NSA is going to know, and it’s not the sort of thing we would necessarily want the NSA to know. But it might be the sort of thing that if trust exists between municipal authorities and community leaders, that might be possible. So that’s surveillance of a different sort.
And the second thing that I’d emphasize on homegrown threats is the protection of soft targets. So if you’re driving a truck into a crowd, you know, at a stadium, at a restaurant, at a sports venue, we need to have procedures in place and we need to have standards in place to allow those typically private-sector owners of infrastructure that might be targeted to do a better job of hardening their targets. So the United States, under the auspices of the Global Counterterrorism Forum—this is a group of likeminded countries that meets regularly to discuss counterterrorism challenges and responses—the GCTF has launched an initiative—last year launched an initiative on the protection of soft targets. How do we do this? And the result of the yearlong study was a set of good practices that recommends things like information sharing between the government and private sector. So, if the private sector is aware of vulnerabilities, they should tell authorities. And if the authorities are aware of threat information, that information should be passed on to the private sector.
Another component of it is continuous risk assessments. Defenders can’t be everywhere, but what they have to do is deploy their defensive capabilities in ways that are responsive to changing threat circumstances. And so a continuous process of assessing risk is part of that answer as well.
STOCKMAN: But it sounds like there’s some amount of terrorism that we might have to live with from these—from these lone-wolf folks. It sounds like what we’d have to do to catch all of them would be so damaging to our society that it would be—I don’t know, this is—this is something that—a conversation that’s had around dinner tables all across America every time there is an attack on a—on a soft target.
SALES: Well, so what you’ve raised is some of the potential costs of counterterrorism policies. We’re mindful of those potential costs, and that’s why we have supplemented—why the United States generally, and not just the State Department—why the United States generally has supplemented some of the surveillance practices that you averted to, like NSA surveillance, like military force used overseas, with softer types of counterterrorism outreach of the sorts that I’ve described.
We don’t want the 101st Airborne using military force in Chicago, and we don’t want the NSA vacuuming up every single conversation that we have in our—in our homes. Now, that doesn’t mean that we have to accept a certain level of terrorism as inevitable. What it does mean is that we have to round out the toolkit with a number of other instruments that have a different cost-benefit component.
STOCKMAN: All right. Well, I could—I’m a journalist, so I could ask questions all night, but we want to get to your questions. I just want to say that this is a great opportunity because we saw the—we saw the Bush administration’s response to 9/11 and a big military footprint. We saw what that administration’s counterterrorism looked like. And we saw Obama’s counterterrorism policies, expansion of drones and other tools like that that were more surgical. And now we’re all wondering, what does the “America first” counterterrorism policy look like? So this is a chance for us to ask these questions.
And I just want to remind everybody that this is on the record and there are journalists here. It’s true. So we’re going to have some questions, and then we’re going to end promptly at 7:00. So please state your name and your affiliation, and I think that’s all I have to say as presider.
OK. Can we get a question here?
Q: My name’s Lucy Komisar. I’m a freelance journalist.
The day before 9/11, a stock manipulator in San Diego named Anthony Elgindy, an Egyptian whose brother Khaled was connected to Mercy International, an al-Qaida front group, told his broker the Dow would drop more than 50 percent; sell shares. The next day, the broker called the FBI; Elgindy was arrested and spent nine years in prison. How, then, could Khaled Elgindy, the credible source of his brother’s 9/11 information, get a job as a professional staff member for the House of Representatives Committee on Foreign Affairs from January 2002 to September 2002? Did the State Department security clear or approve members of the Elgindy families for sensitive positions despite knowledge of the al-Qaida connection? Have you followed this up? Does it do this now? Looking in the—on the internet for what had happened, all I saw was denials: Well, we don’t really know anything about this. And I would like your—
STOCKMAN: All right, ma’am. Ma’am, can you—
Q: Can you give an answer to this? Or maybe you have to give it in the future.
STOCKMAN: This is a very specific question. Can you tell us your outlet?
Q: Oh. I am a freelance journalist. Well, the last stories I wrote were for 100 Reporters, which is an investigative news site run by Diana Jean Schemo, a former New York Times reporter, and financed by the MacArthur Foundation and the Ford Foundation.
STOCKMAN: OK. We appreciate this very specific question.
SALES: So I—it is very specific, and I’m not in a position to comment on the specific details.
On the question of employment with the House Foreign Affairs Committee, I would respectfully refer questions on their employment practices to the House.
STOCKMAN: I’ll look into it. And if you give me your email address, I’ll tell you what I found out. (Laughter.)
Q: Actually, there was an article in the Times in 2002 on this.
STOCKMAN: Ma’am, we have so many other questions here. So please be respectful, everybody, to the fact there’s a lot of questions here.
But, all right, let’s hear from you.
Q: Albert Knapp, NYU Medical School.
My question regards your toolbox. One other tool is—in counterterrorism would be surveillance. And with the recent Nunes memorandum, do you think it’s going to be much harder to get FISA to approve counter-surveillance?
SALES: I’m going to have to put my law professor hat back on to answer that one. The standards and procedures for FISA surveillance are pretty well established at this point. FISA was enacted in 1978. We’ve got four decades now of experience, both on the bench and on the bar. So lawyers at the Justice Department are pretty well familiar with, you know, the standards for obtaining a FISA surveillance approval, and the judges on the FISA Court are as well. And it’s, you know, probable cause to believe that the target is an agent of a foreign power, foreign power meaning, you know, terrorist or spy.
You know, this is a very fact-specific inquiry in most cases. You know, you need a fairly elaborate dossier of information about a particular person in order to persuade a FISA Court judge that, you know, this person is an operative for al-Qaida. Sometimes it’s easy: this person is, you know, the ambassador of the Soviet Union in Washington, D.C. in 1982, right? So somewhere between the Soviet ambassador and some suspected al-Qaida operative, there’s a wide range of different types of evidence that you would need to present to the court to persuade it that you’re dealing with an AFP.
As for the mechanics of how that works, you know, I’m going to defer to my colleagues at the Justice Department.
STOCKMAN: Well, but the question was whether you think anything will have changed in the future due to this memo. Do you think that things are going to continue as they have been?
SALES: Look, the statutory standard is the statutory standard. The lawyers who argue before the FISA Court know it. The FISA judges themselves know it. I don’t foresee any dramatic changes to the way business has been done.
STOCKMAN: Can we have a question in the back? Gentleman in the green shirt.
Q: Hello. My name is Anjuman Apti (ph), Voice of America Urdu Service that airs in Pakistan.
My question, Ambassador, is about, you know the cooperation between the U.S.—the information sharing between the U.S. and Pakistan under 2396, as well as the information sharing between Afghanistan and Pakistan, since we are talking about, you know, people crossing borders to cause mayhem. So, first, U.S.-Pakistan information sharing, if you can comment on that. And between Afghanistan and Pakistan information sharing under 2396.
STOCKMAN: When you say comment on it, do you mean—what’s the question about it?
Q: The question is—the question is that are you—is the administration happy about such information sharing between Pakistan and the United States under 2396?
SALES: So let me answer the broader question that you didn’t quite ask, because 2396 has only been on the books for two months now. So we don’t really have enough experience with the resolution being enforced to sort of assess how effectively it’s being implemented yet.
But let me say, on the broader point of cooperation between the United States and Pakistan, in the past we’ve had a very productive partnership with Pakistan in going after al-Qaida in the immediate aftermath of 9/11. In recent years we’ve seen a bit of drift in the relationship, and the president has been clear that Pakistan needs to do more.
We expect—we demand that Pakistan assist the United States in cracking down on elements—terrorist elements that are planning and carrying out attacks against U.S. forces and U.S. interests. We’ve been very clear that Pakistan has a choice to make. Do they want to return to the productive relationship that characterized our post-9/11 existence, or do they want to go in a different direction? And our hope is that we can envision a productive partnership in the future.
STOCKMAN: Do you—
Q: And what about Afghan-Pak cooperation? Af-Pak, between Afghanistan and Pakistan, if you could, please.
SALES: I’ll defer to Pakistan on that one and Afghanistan. There’s always room for improvement.
STOCKMAN: This woman in the scarf, yellow scarf.
Q: I’m Dina Temple-Raston with National Public Radio.
And I wanted you to talk a little bit more about community efforts in terms of stopping or countering radicalization. Saudi efforts—there have been some Saudi efforts at rehab. They’ve been pretty mixed. There have been things like the morchidat program in Morocco, which educates women and sends them out to try and talk to kids. Do these efforts work, in your opinion? And should the State Department be helping get these efforts going in various countries?
SALES: So I think the most effective kind of rehabilitation or reintegration is the rehab and reintegration that doesn’t have to happen because the person was afforded an off-ramp before they got to the point of no return. So what does that look like? It looks like early intervention, and not necessarily or maybe not even ideally by government officials. I think, instead, there are, you know, community leaders, neighborhood leaders who have, to use economic terms, a comparative advantage in a number of different dimensions. They will know more than government officials will about problems that might be cropping up at their mosque, in their neighborhood. And they also have the ability to intervene in a way that the government officials wouldn’t be able to intervene to sort of steer somebody who is at risk of going—taking a wrong path back into the fold.
So I think that is part of the reason why we at the State Department have been prioritizing things like the Strong Cities Network, because it aims at exactly that: early intervention, early warning performed by not just municipal authorities, but by civil society to prevent that kind of—to prevent that kind of radicalization from happening in the first place.
STOCKMAN: But it sounds like you’re a little skeptical of reintegration programs, or do you just not want to be in the position of evaluating them at this—in this forum?
SALES: So back to the toolkit. There’s a number of tools over the lifecycle of radicalization. So on the frontend you want to prevent and on the backend you want to rehabilitate. So those backend rehabilitation or reintegration measures only come into play if there’s been a breakdown at the frontend. So I think it’s important to prioritize those, not to the exclusion of the backend, but sequentially that’s important part of the process.
STOCKMAN: Let’s have the lady in the turquoise.
Q: Hi. Sarah Lee Whitson from Human Rights Watch.
You said that there were some countries that you don’t share information with because of their poor human rights records. I’m wondering if you have a list of those countries and whether it includes, for example, Egypt, which has labeled political opposition in the country as a terrorist organization? And we know that members of the Muslim Brotherhood or the Freedom and Justice Party have been cited on Interpol lists and banned from travel, stopped from entering the United States because of these listings. Or, for example, Saudi Arabia, which, as was alluded to, includes in its definition of terrorism, for which you can be jailed, insulting the crown prince.
SALES: I don’t have a list that I’m prepared to share, but it sounds like you might. (Laughter.)
Q: I’d love to.
SALES: So I think—I think one of the ways I’ll answer that, or not answer it as the case may be, is rather than speaking about particular countries, to talk about principles, sort of broad overarching principles that guide how we engage with foreign governments.
And one of them is we have a set of counterterrorism tools that can be very powerful, and therefore have to be used responsibly. They have to be used against threats that actually are terrorist threats that we in the United States recognize as terrorist threats. What do we mean by that? Al-Qaida, ISIS, their various affiliates, and other terrorist groups of global reach. And so when we engage with foreign governments—again, not naming particular countries, but rather speaking as a general matter—that is front and center what we are emphasizing.
STOCKMAN: I guess I just want to ask if there’s any room or are there any discussions going on at the U.N. to think about how to safeguard this resolution. Because we may trust the U.S. government to do those things, but what about all the other governments out there who are now given a greenlight to pass laws, and in fact a mandate to pass these laws? Is there any discussion about how to safeguard and make sure that the laws actually do what we hope they do?
SALES: Yeah, and it’s leading by example. Look at the types of entities the United States uses this extraordinary set of counterterrorism tools against. Whom do we designate, for instance, for sanctions? It’s groups like Hamas. It’s groups like Hezbollah. It’s not journalists in Gaza. And so we’re not just leading by example; we are committed to, not just in deed but in word, explaining the need for these tools to be used against terrorist threats that actually are terrorist threats.
STOCKMAN: I can tell we’re going to have this conversation five years from now. We’re going to—we’re going to keep talking about it.
Let’s have this gentleman with the glasses.
Q: Just because you just—sure—(comes on mic)—because you just mentioned Hamas and Hezbollah, I believe you were just in the Middle East and you announced that the U.S. was designated Ismail Haniyeh as an SDGT, a specially designated global terrorist. What practical effect does this have? Or is such a move merely symbolic?
STOCKMAN: Oh, tell us who you are, by the way.
Q: My name is Andrew Schwimmer. I’m at Bank of America on global economic sanctions.
SALES: Thanks. Thanks. Good question.
So, as a member of the financial sector, you’ll probably be more familiar than most in the room with the consequences of an SDGT designation. So if we name an individual or entity as an SDGT, as we did with Ismail Haniyeh, all assets of that person or individual that are subject to U.S. jurisdiction are frozen. Now, the ripple effects of that designation are also significant because an SDGT designation signals to legitimate financial institutions and legitimate businesses that if you do business with an SDGT, you are putting yourself at risk of various different criminal sanctions under U.S. law. And so the effect of a designation is often to cause legitimate financial institutions to sort of pull back from engaging in business with these folks. The effect is, in other words, to drive them out of the legitimate banking sector.
Ismail Haniyeh, for those of you who may not be following this issue as closely, is the head of Hamas’ political bureau. He for years has been tied to Hamas’ military terroristic activities. Within recent months he called for a renewed intifada against Israel. And Hamas recently issued a new charter that continues to call for a Palestinian state that stretches from the river to the sea, and we all know what that means.
STOCKMAN: This gentleman in the middle. And please tell us who you are and—
Q: I’m Kenneth Bialkin.
I wonder if you could be a little more specific in telling us who is a terrorist, what is a terrorist? Are there organizations of terrorism? Are they spread nationally? Are they spread doctrinally? What do they wish to accomplish? How do you generalize, if you can, about the areas of suspicion? Where do we look to find these terrorists? And how are their aims characterized or categorized by you in the order of defense?
SALES: That’s a really big question. We could probably have a session devoted just to that. And at the risk of indulging my professorial tendencies, I’ll not drone on and on addressing it in its entirety, but let me just carve up a couple of different pieces of it that I think may be of interest.
What do they want? Well, it depends. Al-Qaida has different strategic ambitions than ISIS does. ISIS, for instance, sought to realize the long-sought goal of a territorial caliphate now, today; hence their rampaging across Syria and Iraq, taking territory, taking cities, setting up quasigovernmental institutions that collected taxes, that meted out justice of an exceedingly roughly sort, and so on.
Al-Qaida, by contrast, has generally been characterized as having a longer-term goal of establishing a caliphate in the future, not necessarily today, but let’s build moment towards establishing that in the future.
One thing that both of those groups—or groups of groups, because they’re networks—one thing that both of those groups share in common is the desire to use force against the United States and our allies in order to achieve their—whether short-term or long-term strategic vision.
STOCKMAN: OK. We’ll go on this side here and then we’ll come back.
Q: Yeah. My name is Jehangir Khan. I’m the director of the United Nations Office of Counterterrorism. And we have excellent cooperation with Ambassador Sales and his team.
Talking about juxtaposing the issue of the balance between legitimate counterterrorism, security-focused efforts, and, of course, the human-rights imperative, I have to say that this is an ongoing initiative at the United Nations, certainly with the very strong support of Ambassador Sales’ office. We have actually a major capacity-building project around the world where the human rights—working with the Office of Human Rights, we are working closely with the U.S. and other governments to see how best we can actually infuse the human-rights principles, because in terms of what we say best practice in terms of counterterrorism.
So the question here really is, as we move forward with this challenge, and particularly when you talk about what Ambassador Sales is talking about, foreign terrorist fighters—today there’s an excellent article in The New York Times about how foreign terrorist fighters from over 110 countries have moved beyond Syria and Iraq.
As we look at that, how do you—how do you see the status of multilateral cooperation? Certainly the United States, together with other countries, is sort of moving forward. But also, under the America First principle, how do you see the state of multilateral cooperation and the role of the United Nations going forward on these multilateral issues? Because we can’t do it alone. We have to do it with countries when there are over 110 countries which are sending foreign terrorist fighters.
STOCKMAN: So what’s the role of the U.N. here?
SALES: Right. So America First doesn’t mean America alone. We pursue our interests and advance our values in cooperation with other countries and other international organizations that share our interests and share our values. And that’s been true all along. That’s been true after 9/11. It remains true today.
I think the degree of productive cooperation, bilateral now, between—well, not just bilateral—bilateral and multilateral between the United States and member states of the EU and the EU itself reached a new level of depth after the Paris attacks in November of ’15 and the Brussels attacks several months thereafter. I think that really was a watershed moment for European countries and for Brussels as a whole to take more seriously than ever the threat of terrorism and to resolve to take decisive action against it.
As for the U.N., we—for years the United States have called for the U.N. to create an Office of Counterterrorism. And so we were very pleased when Secretary General Guterres did exactly that last year. Welcome to the team.
STOCKMAN: Let’s go here in the front row and then—believe me, I’ve been in the back before and not gotten my question answered. I’m going to try to get—
Q: That’s fine.
Good evening, sir. My name is Jason Soto. I’m with Bank of America Global Financial Crimes and a Marine Corps veteran.
You have stated before we have security protocol with PNR, biometrics, et cetera, to detect—to deter known suspects of terrorists. How will be the approach to bad actors who try to circumvent the system to attack us on a cyber channel?
SALES: Cyber, yeah. It’s an area of growing concern, because we’re seeing a proliferation of capabilities. So it’s not just, you know, highly capable state intelligence services that are capable of penetrating networks, exfiltrating data, or installing malware that could be used to corrupt data or disable a system.
You’re seeing, I think, increasingly a proliferation of that capability to nonstate actors and cybercriminals as well. There’s a lot of money to be made in hacking. And so one shouldn’t be surprised that there’s a lot of investments being made in developing zero-day exploits that are capable of gaining access to a system that has an unknown vulnerability.
What concerns us from a CT standpoint is the possibility that those hacking tools, those hacking weapons, could fall into the wrong hands and be used by the cyber caliphate, as some members of ISIS are known to call themselves. So solving that problem is—requires an approach that involves engaging with Silicon Valley, helping them understand the need to patch vulnerabilities rapidly and not allowing them to sort of fester for weeks and weeks and weeks and months and years.
And it also involves, within a government, striking the correct balance between playing offense, using vulnerabilities to achieve national-security objectives, and playing defense, eradicating vulnerabilities to better protect U.S. networks. It’s a really challenging problem. And I’m not prepared to say more than simply to scope out the nature of it and sort of chart out a general approach to addressing it.
But I think you’re exactly right that this is going to be, you know, an enduring problem for the foreseeable future.
Q: Thank you.
STOCKMAN: Can we go to the back? The woman with black and the awesome turquoise glasses.
Q: Ooh, thank you—thank you for that. Eileen Gates (sp) with Reuters.
I wanted to ask you about enforcement and resources. You know, we’re reading about shortages in the State Department. You’re getting all this data coming in. We all spend our days inundated by data. It’s really only as good as the people who analyze it. Who are you hiring? How are you planning to deal with this? Can you actually parse all the data that you’re going to be getting in?
SALES: Yeah, absolutely, partly because it’s the NCTC and DHS and Customs that get a lot of the data. We’re largely consumers at the State Department. The data that we use for our purposes—visa adjudications, for instance—you know, a lot of times—not all the time, but a lot of the time, that comes from data that has been fed from the intelligence community or intelligence liaison services into intel channels, from which it is then pushed up to consumers like us.
So we have no reservations at all about the ability of our interagency partners to supply us with the data that we need. Our job is actually, I think, to encourage foreign governments to continue to cooperate with the United States and to keep those reporting channels open, to continue to feed data into our intelligence-community apparatus. That, I think, is the key State Department role here, beyond simply being a consumer of the data. And I have no reservations at all about our ability to perform that responsibility.
Q: I just have a follow-up question.
STOCKMAN: Can you use the—and can you identify yourself?
Q: Yes, of course. Patricia Rosenfield, Rockefeller Archive Center.
So I ran a scholars program on Islam in the modern world, and we used the voluntary guidelines to check names. And I’m just wondering. That was established, as you know well, in 2002. And there are many false positives. So I’m just wondering, how do you deal with the false-positive question? Because we—it, first of all, is very costly, but it’s very costly in human terms as well.
SALES: Yeah, there’s costs on both sides, right. So if you’re a person who’s been flagged via false positive, then there’s the inconvenience and indignity of being subjected to government scrutiny. If you’re the government and you’ve got a false positive, you’re wasting your time. And so the time and energy and resources that you could be and should be devoting to an actual threat are now being diverted.
So this may sound a bit counterintuitive, but I think there’s some truth to it. One of the ways—not the only way, but one of the ways of addressing the false-positives problem is more data. So if all you know about a person is, you know, it’s Jeff Smith—Jeff Smith is a terrorist—well, then every Jeff Smith who gets on a plane is going to get pulled aside for a secondary screening.
If you know a bit more about Jeff Smith—it’s Jeff Smith born in 1981, Jeff Smith whose passport number is so on and so forth—then you’ve sort of eliminated the universe of—not the universe—you’ve eliminated a lot of the false positives, and you can hone your investigative resources, focus them more narrowly. That’s good for an investigator, but it’s also good for all the innocent Jeff Smiths out there.
That’s only part of the answer to your question. You also need an effective redress mechanism. If you get on the list, you have to be able to get off it. And there’s a whole host of other solutions that are part of this. But I just want to flag that more data can be part of the answer.
STOCKMAN: So for those of us who end up on the watch list, what do we do?
SALES: You ask somebody else, because that question is currently under litigation, and I’m not really going to be able to talk about pending cases.
STOCKMAN: All right. Well, we’re only a few minutes away from having to end. And I want to take the presider’s prerogative by asking the last question since I didn’t see anyone waving frantically in the back.
A lot of us have spent time in this room over the—many years talking about how can the United States uphold the rule of law and convince other countries not to do things like detain suspects indefinitely when we had Guantanamo Bay and we were doing that ourselves. It’s a very complicated issue.
But many of us listened to the State of the Union and we realize that there is a new change with Guantanamo Bay under this administration. Can you tell us what it is and what it’s about?
SALES: Yeah. So thanks for the question; saved a good one for the end.
The president has been clear that military detention is one of several options that we will consider at appropriate circumstances. Sometimes the appropriate response to a terrorist you captured is sending them to an Article III court to stand trial for any number of crimes they may have committed.
Sometimes the appropriate response is a military response—use of deadly force against a terrorist on a battlefield. But one of the tools in the toolkit has to be the option for law-of-war detention. This is something—this is a tool that has been used in armed conflicts from time immemorial, and the administration has made clear that we intend to preserve the right to engage—to use this tool again in the future when circumstances warrant, not to the exclusion of others, but as one tool among others.
STOCKMAN: But is it the administration’s position that we’re still in the same armed conflict that we entered in 2001 and that, all these years later, you know, that basically the war itself could be indefinite, and therefore the detention could be indefinite?
SALES: So we agree with the Obama administration, which in turn agreed with the Bush administration, that the United States is in an armed conflict with al-Qaida and associated forces. That includes ISIS. And we believe that we have the authority under the AUMF, the Authorization for the Use of Military Force, that Congress enacted to authorize this armed conflict, we believe that we have the authority under the AUMF to detain individuals for the duration of the conflict.
STOCKMAN: So if they’re—if they’re associated with—
SALES: If they are—
STOCKMAN: —and its associates.
SALES: So the standard that the previous administration articulated was an individual was part of or substantially supported al-Qaida or an associated force.
STOCKMAN: There you have it.
We’re going to have to leave it there, because it is now 7:00. Thank you so much for coming. It’s really wonderful to see everybody here tonight. (Applause.)
SALES: Thank you all. Thank you.