On Thursday, media outlets including the Wall Street Journal reported that the top leadership at the National Counterterrorism Center (NCTC) is being “fired.” The two officials leaving their posts are the Acting Director, Russell Travers, and the Acting Deputy Director, Peter Hall.
Travers reportedly plans to retire from government service. Hall will be returning to the National Security Agency, where he has spent the bulk of his civilian career. Both began their careers in intelligence in the Army, but eventually transitioned to civilian service.
The NCTC is directly subordinate to the Office of the Director of National Intelligence (ODNI), and the interpretation in the media is that the departure of Travers and Hall is “about” Acting DNI Richard Grenell purging the senior ranks of the national intelligence community.
Will this presidential election be the most important in American history?
While there may be an element of that in this instance, the NCTC isn’t actually the likeliest place to focus a drain-the-swamp effort. For one thing, as the WSJ article notes, a permanent successor is being nominated for Travers (a Pentagon official name Christopher Miller), which is normal in the course of political appointments at federal agencies, with or without purges or Ric Grenell.
But the NCTC also isn’t the hotbed of leaks and insubordination found at the NSC and ODNI staffs and the CIA in recent years. And Travers and Hall are both “Acting,” and career government service, in a lesser-known agency. They are experienced and well thought-of independent of political affiliation.
If it’s anything beyond merely a desire to put the Trump administration’s officials of choice in jobs currently filled by “acting” careerists, this reads to me more like protection for Travers and Hall than like dismissal for cause. Why would they need protection? In Peter Hall’s case, very possibly solely because of the position he’s leaving. Most of his civilian career has been in the ranks of NSA. He hasn’t had much time to be involved in a lot at the NCTC.
But Russell Travers’s trajectory over the last 17 years has tracked remarkably well with another career we have looked at closely in recent months. It has tracked with John Brennan’s time in counterterrorism in the 2000s, and Brennan’s brokering of the expanded data-sharing agreement between the NCTC and FBI, implemented in 2012, which immediately preceded the explosion in suspect queries of the NSA surveillance database reported out by Admiral Mike Rogers in October 2016. The 2012 data-sharing agreement was the culmination of an effort that began after the December 2009 “Underwear Bomber” incident, and was in the works from 2010 to 2012.
I emphasize here that there is no basis for suspecting Travers was involved in any nefarious sharing or use of surveillance data. What is eye-catching, rather, is that, with his career history and comparative apolitical anonymity and community good standing, he’s the recipient of an offer to move elsewhere or retire at this particular time. That suggests to me that it’s not about what he did. It’s about what he knows.
Recall that Brennan was the first director of the NCTC, acting in that role when the agency stood up in 2004 as the successor to the short-lived Terrorist Threat Integration Center (TTIC), which Brennan had also headed. Brennan left the NCTC in 2005 to become president of The Analysis Corporation (TAC), a private contractor with government intelligence agencies. He held that position until he joined the Obama administration as Obama’s counterterrorism “czar” in January 2009.
The most noteworthy feature of this interlude was TAC’s success at signing huge, multi-year data management contracts with both the NCTC (in November 2008) and the FBI (in October 2009). This put analysts and their TAC managers, many of whom were associates of Brennan’s, in the middle of the sensitive databases involved in the 2012 data-sharing agreement. The memorandum of understanding for that agreement, which had to be approved by the FISA court, was orchestrated by counterterrorism czar John Brennan.
Please see my April 2019 article (link above) and May 2019 article on the same topic for a great deal more about Brennan’s involvement in these events. One of the most important deductions from the known facts is that TAC was the best candidate for the contracting firm involved in the unauthorized exposure of sensitive “U.S. person information” at the FBI in March 2016.
This was the event that prompted NSA’s Mike Rogers to clamp down on analyst access to elements of the NSA-managed surveillance data the following month, on 18 April 2016. I framed my conclusion about this as follows:
The implication of an MOU formality between the agencies [NCTC and FBI], specifically related to the unnamed contractor, makes a contractor who we know was involved in exactly the processes we’re talking about – at both agencies – the most likely one.
That would be TAC.
(This more recent article about Brennan-linked threads in early 2016 sets the FBI contractor event in useful context.)
As an additional note, the automation of data retrieval, and the significance of greasing data-sharing between these two agencies, took a quantum leap at exactly this time – between 2011 and 2016 – with implementation of the upgraded Intelligence Community IT Enterprise (ICITE). Again, there is much more at the links.
Here, then, are our keywords: counterterrorism, NCTC, intelligence community, data management, data-sharing. Add (since it’s there): a link in every nook and cranny of this sub-saga of Spygate to the Brits.
Then take a look at the career path of Russell Travers, with special reference to dates and locations. The biographical information is in reverse chronological order at Wikipedia, so I present it chronologically here (emphasis added):
Travers served on the leadership team that stood up the Terrorist Threat Integration Center and the NCTC. From 2003 to 2010, he was deputy director for information sharing and knowledge development, during which time he focused on post-9/11 improvements. Travers oversaw the development of the Terrorist Identities Datamart Environment, NCTC’s database of known and suspected terrorists, as well as improvements in watchlisting, information sharing, and advanced analytic techniques.
Followed by:
[H]e served as the National Intelligence Council’s senior executive for transnational organized crime from 2011 to 2013, where he organized intelligence community analytic support to the National Strategy to Combat Transnational Organized Crime.
In the NIC role, notably, Travers would have known Bruce Ohr and some of the DOJ and FBI bit players in Spygate.
Between 2013 and 2015, Travers served as the special assistant to the president and senior director for transnational threat integration and information sharing on the United States National Security Council.
As well as:
He has served in a number of other leadership positions within NCTC, including senior counselor to the director, acting director of the Office of Data Strategy and Innovation, and the chief data officer for both NCTC and ODNI.
And from his previous time (prior to 2003) at the Defense Intelligence Agency, see the last part of this opening sentence:
He has also served as deputy director for policy support at the Defense Intelligence Agency; the defense intelligence officer for General Purpose Forces; the senior civilian advisor to the Director for Intelligence, J2, Joint Chiefs of Staff, and the defense intelligence liaison to British Intelligence in London.
Although Travers’s time in the UK was before he moved to the NCTC, keep in mind that such senior positions subsist in a clubby atmosphere on both sides of the Atlantic in which contacts, once made, remain significant for years. In his roles on the NIC and the NSC staff from 2011 to 2015, Travers undoubtedly worked with British counterparts. Given the close U.S.-UK intelligence relationship, very much focused on counterterrorism in the 2000s, there’s a good chance Travers dealt with Brits during his stint between 2003 and 2010 as an architect of information sharing and knowledge development at the NCTC as well.
This is someone who probably knows quite a bit about the things John Brennan had a heavy hand in from 2003 all the way to January 2017. He was positioned to know important things about one of the core aspects of Spygate: who had access to the sensitive surveillance data that set the March 2016 blow-up in motion – and very possibly why they had it. This bears watching: it has the look of a puzzle piece fitting quietly into place.
