Title: NSA’s Changing Counterterrorism Relationship With India

Release Date: 2018-03-01

Document Date: 2009-06-15

Description: This 2009 post from the NSA’s internal newsletter SIDToday describes the deepening of the agency’s cooperation with India, which included an invitation to join the Sigint Seniors Pacific (SSPAC) forum: see the Intercept article The Powerful Global Spy Alliance You Never Knew Existed, 1 March 2018.


(S//SI//REL) NSA's Changing Counterterrorism Relationship with India


(S//SI//REL) Country Desk Officer for India (DP12)

Run Date: 06/15/2009

(S//SI//REL) Editor's introduction: NSA has been working in recent years to strengthen its Third Party
relationship with India, especially in the area of counterterrorism (CT) -- a development that holds much
promise. Here's the story of how this relationship has grown:

(S//SI//REL) When terrorists struck the port city of Mumbai
(pictured) in late November 2008, NSA swung into high gear. Many
employees, some already away for Thanksgiving, were recalled.
NSA's efforts further intensified when Westerners, including
Americans, were targeted and killed.

(U) Early Steps

(U) Leopold Cafe, scene of an
attack in Mumbai, India in 2008

(S//SI// REL) Although the exact sequence of events may not be fully understood for years, deliberate
actions occurred over time that prepared NSA to respond vigorously to Mumbai. The first, arguably, was
9/11. Following that event, India approached NSA about a CT relationship and NSA subsequently began
an information exchange with India's Research and Analysis Wing (RAW) in 2002.

(S//SI// REL) Four years later, in 2006, sharing from RAW mainly consisted of intelligence summaries,
aperiodic lead information and a yearly CT conference. NSA shared threat warnings, intelligence reports
and lead information especially in response to threat streams. The SIGINT Liaison Officer

(SLO) and RAW CT Chief had infrequent contact; meetings could take two or more weeks to schedule
(see related article). This was clearly progress, but there was still room for improvement -- particularly at
the analytic level.

(S//SI//REL) SSPAC Leads to Progress

(S//SI//REL) At the same time, DIRNSA and the rest of the US government wanted to take steps to
improve relations with India. India is, after all, a successful democracy with a population of over a billion,
a booming economy and an enormous army. It also borders China, Pakistan, Myanmar (Burma),
Bangladesh, Bhutan and Nepal. In 2007, DIRNSA discussed the possibility of inviting India tojoin the
SIGINT Seniors Pacific (SSPAC) multilateral forum* on CT. NSA felt strongly that India's participation
in multilateral intelligence-sharing would help mature its Indian SIGINT agencies as well as provide
regional CT expertise.

(S//SI//REL) Following a unanimous vote among SSPAC members, DIRNSA, the SIGINT Director,
Director of Foreign Affairs and DIRNSA's equivalents from Singapore and New Zealand, traveled to New
Delhi in March 2008 to issue the SSPAC invitation to India's National Security Advisor (INSA) and
leaders of NSA's Indian intelligence partners.** India formally accepted the SSPAC invitation in June
2008 during a DNI visit to Delhi. The results have been positive: RAW is now a regular contributor of
SSPAC information reports and NTRO has also begun sharing bilaterally, and occasionally via SSPAC.
RAW has produced the highest volume of reports for SSPAC next to the U.S. and its information has
garnered positive feedback from multiple SSPAC members.

(S//SI//REL) First NSA Deployed Analysts Board Planes for India

(S//SI//REL) Upon returning from Delhi in March 2008, the SIGINT Director immediately made plans to
send a series of CT deployed analysts (CTDAs) to India for 2-3 month periods.

(S//SI//REL) Since May 2008, NSA and RAW had been communicating over a rash of terrorist attacks
that took place in the Indian cities of Jaipur, Bangalore, Ahmedabad, New Delhi and Guwahati. NSA also
provided timely warning regarding an attack on India's embassy in Kabul.

(U) Sharing of More Sensitive Intelligence Begins

(S//SI// REL) By the time terrorists struck Mumbai, NSA's relationship with the INSA and RAW had
matured to the point that NSA was willing to share specific TOP SECRET information with India. CT
sharing after Mumbai included phone and fax numbers, e-mail addresses, voice and language
identifications, voice cuts, lead information and interrogation reports. The CTDA and CIA Station
delegates also held multiple meetings with RAW in the weeks after Mumbai.

(U) A Problem with Leaks

(S//SI//REL) Regrettably, leaks, unauthorized disclosures of classified information and poor tradecraft by
Indian officials have occurred since Mumbai -- at times it seemed a daily occurrence. DIRNSA sent a
letter about the first leak in December 2008. In May 2009, NSA representatives*** traveled to Delhi to
meet with Indian officials to deliver a second letter from DIRNSA that underlined the seriousness of the
leaks while also applauding the progress made since 2007.

(S//SI//REL) During the May TDY, the team emphasized that SIGINT sharing would be reduced unless
India's handling procedures were tightened. NSA made it clear that it holds the Indian intelligence
agencies responsible for any leaks or releases of SIGINT material. The team also emphasized that care
must be taken at the boundaries between intelligence and law enforcement organizations. Furthermore, the
Indian services cannot use shared selectors to contact targeted individuals because such activity leads to
permanent loss of access.

(S//SI//REL) NSA was dissatisfied with the response it received during the May meetings -- much blame
was heaped upon the Indian press and few assurances were provided. Nevertheless, in the month since the
visit, there have been no additional leaks from India. Also, the Chief of Station indicated on 3 June that
Station worked with RAW to create a tearline suitable for passing to law enforcement. Thejury is still out
on whether the problem has been fixed, but there is hope for the future and a plan to deal with any future

(U) Future

(S//SI//REL) Leaks and unauthorized disclosures torpedoed attempts to routinely elevate the CT sharing
level to TOP SECRET earlier this year. However, membership in SSPAC, the NSA deployed-analyst
presence in Delhi, training and time should serve to mature India's intelligence agencies into the partners
NSA needs in South Asia.

* (S//SI//REL) Members of SSPAC at that time included South Korea, Singapore, Thailand and the Five
Eyes. Here's some background.

** (S//SI//REL) These partners are RAW, the National Technical Research Organization (NTRO) and the
Aviation Research Center (ARC).

*** (U//FOUO) Specifically, the NSA/CSS Chief Pacific and the Deputy GCM for CT SIGDEV.


Click to send permalink to address bar, or right-click to copy permalink.

Un-highlight all Un-highlight selectionu Highlight selectionh