How To Read an Intelligence Leak

One of the recent ChudLeaks claims Afghanistan is fertile soil for the so-called Islamic State. Let's step back for some perspective. PLUS: The Pegasus cyberweapon is back.

How To Read an Intelligence Leak
From HBO's "Succession," via MAX.

Edited by Sam Thielman

AFGHANISTAN! Despite 20 years of American occupation, once again a staging ground for terrorism! That was the topline of a Washington Post story on Saturday, based on a Pentagon document allegedly leaked by a Massachusetts Air National Guardsman.

But I am not writing this edition to criticize the Post story. Nor am I writing it to dismiss the intelligence assessment the story reported on, which I haven't seen. If you want that, Zalmay Khalilzad, the former U.S. ambassador to Afghanistan, has you covered. I'm writing it because this assessment provides an opportunity to discuss an underappreciated component of media literacy that seems increasingly relevant: how to understand intelligence leaks.

It feels like we're drifting toward a totalized view of intelligence, whereby it's either a sacred scroll or outright disinformation. Adopting either stance is bound to get in the way of understanding any given once-secret document, its context and its subtext. It may turn out to be the case that any such document validates your presumptions about intelligence. (Well, maybe not the sacred-scroll part, but sometimes intelligence analysis, like journalism, is accurate/prescient!) But the only path to actual validation runs, without deviation, through actual analysis of any particular document/leak.

So let me offer some thoughts on how I read intelligence leaks when they happen. I've had a fair amount of professional experience doing just that. But I've never organized my thought process about leaks and how to read them, so what follows is closer to a collection of field notes than any grand theory of intelligence and its disclosure. I'm going to leave out instructions to myself like "examine the document for indications of internal dissent" and "privilege documents with varied sourcing derived from multiple collection methods over documents with a single source or method." Those seem obvious and unhelpful. Anyway, here goes.