Lade Inhalt...

Defining Counterintelligence. CI, Security and non-governmental actors

Essay 2017 16 Seiten

Politik - Internationale Politik - Thema: Frieden und Konflikte, Sicherheit



The problem of definition

Counterintelligence or Security?

Counterintelligence for non-governmental actors

The problem of definition

The lack of a solid and agreed theoretical backbone for the counterintelligence (CI) field has generated a chaotic and contradictory debate. If on the one hand «the study of “counterintelligence” is rare in academia»[1], on the other the efforts aimed at finding a common definition have been lost against the variety of aspects to consider. Looking at the debate, it is possible to identify three categories of attempts. Foremost, the category of bureaucratic definitions, focused on organizational and behavioural aspects; secondly, the category that defines CI in consideration of its activities and operations; lastly, the category of “epistemological” definitions, based on the role of data and analysis. Each of the following paragraphs will discuss the benefits of each kind of definitions and stress what their mutual limits are. By analysing each category, this essay argues that the failure in finding a common definition rests on the fact that these attempts have considered only one variable each – respectively organizational issues, nature of the operation and the role of data and analysis.

The category of organizational and bureaucratic definitions is undoubtedly insightful but is limited to the internal aspects only. This kind of definitions focuses not only on organizational issues, but also on behavioural features of CI. Given that «intelligence services are government bureaucracies, subject to the same political forces and tendencies as any others»[2] and bearing the Weberian theory of bureaucracy in mind, it is not hard to understand how important issues such as organisation and relationship among workers are in regards to both efficiency and outcome of CI performance. A meaningful approach that comprises these aspects is “An Institutional-Level Theoretical Approach for Counterintelligence” advanced by Miron Varouhakis. Explaining his “organizational behavior theory”, Varouhakis argues that «this theoretical framework is extremely useful in CI, as “organizational behavior” (OB) includes concepts such as human behavior, change, leadership, teams and much more – variables that can play a central role in the search to understand and explain the behavior of foreign intelligence [agencies]»[3]. CI agents must take into account that, in the function of detection and neutralisation of foreign services’ activities at least, being aware of their organizational and behavioural features – and, consequently, of their flaws – can make the difference and permit the agents’ to directly strike towards the weak points. To further this view, giving a unitary definition of what these variables are actually like in different agencies is a considerable mistake for at least two reasons. Firstly, it is a mistake because of the general dichotomy of external and internal CI polities, that very often results in a climate of mutual sabotage in which «each seeks to gain advantage by claiming credit for successes, denigrating rivals, or taking away cases»[4]. One good example of this competition is the constant rivalry between CIA and FBI, whose war «has hampered [U.S.] ability to provide for defense»[5] and caused serious inefficiencies, of which the difficulties in shared efforts during and before 9/11 are just the most resounding[6] ; notwithstanding, jurisdictional conflicts between domestic and international services of a same country are rather commonplace than sporadic circumstances. Secondly, such an attempt is also a mistake because it does not take into consideration the historical and cultural reasons behind CI agencies’ design. The nature of a threat – especially if permanent – shapes the layout of the CI organization. To put it as distinctly as Wasemiller did, «the functions […] determine the structure of the service»[7]. This circumstance clearly emerges looking at the Israeli agency Shin Bet and how peculiarly it is structured. The service relies on a generic “Protective Security Department”, responsible for the security of Government buildings, an “Arab department”, dealing with the annihilation of Arabic threats, and a “non-Arab Affairs department”, which deals instead with all other countries[8]. The ancient contrast with the Islamic terrorism populating the neighbouring countries encouraged the Israeli services to model the structure of their services on the basis of the need and the contingency they were facing. This seems to corroborate the claim of Ehrman, according to whom «anyone seeking to understand or predict the behaviour of a service needs to have at least a basic understanding of the political system in which the service is located»[9]. In other words, the political frame determines the security need of a country and, consequently, shapes the design of CI organizations. This is the reason why «only a handful of external services [such as CIA and SVR] attempt to cover the world», while «almost all other services concentrate on their immediate neighbors or regions»[10]. As the political framework influences the structure of each country’s CI generating a multi-faceted variety of different kinds of CI services, there is no common agreement on the definitions about organizational and behaviour aspects. On the one side, these definitions are remarkably useful to spot the enemy’s weaknesses. On the other, their chances to represent an agreed theory significantly decrease. In other words, the understanding of the structure of CI is not a sufficient knowledge in order to develop an all-encompassing definition.

Another view of considering CI is from the view of its operational and functional features – an approach that helps clarifying CI tasks but, at the same time, does not take into consideration important aspects such as data collection and analysis. If the organization and the behaviour are just some of the components that must be considered, they can surely be a starting point from which looking at CI from the perspective of its activities. In fact, the line between the structure and the operation is at least blurred and lends itself to a discussion about analogies. For instance, one can assert that different CI agencies share some characteristics. As Ehrman argues, «because of the similarity of their work, services tend to have similar internal structure and use many of the same operational methods»[11]. Nevertheless, «this disguises important distinctions among services»[12]. These distinctions help us to understand not only why definitions about operations and activities are important, but also why, simultaneously, the lack of consideration of other aspects in these attempts strongly limits an agreement on the concept of CI. It is undeniable that this category of definitions is helpful to clarify the role of counterintelligence and unravel the cloud of confusion that surrounds it. Firstly, it helps to differentiate counterintelligence from “security”, which has been defined as «establishing passive or static defenses against all hostile and concealed acts»[13]. William Johnson bluntly asserts that «people like to confuse counterintelligence with security», but due to the scarcity of sufficient academic debate on this issue, it does not surprise that «this confusion extends to the relationship between counterintelligence and […] counterespionage»[14], that Wink metaphorically describes as «putting a virus into the bloodstream of the enemy»[15]. Operational definitions are certainly useful to frame internal activities like security and counterespionage – the «two matching halves»[16] composing CI – but also to elucidate the functions from other perspectives. For instance, Prunckun has engaged the debate introducing the “three axioms of counterintelligence” – surprise, data collection and target – as a ground for the four principles of counterintelligence (deterrence, detection, deception, neutralisation)[17]. Pushing the debate even further, Jennifer Sims produced a model called “Mission-Based Approach” - grounded on the knowledge of enemy’s reaction as a tool to lower one’s risks and on the awareness that the outcome of a defensive counterintelligence operation may appear unreasonable[18] - which, the author claims, «offers advantages over operations-based approaches because it emphasizes the importance of strategy»[19]. The contributions of all the authors above play an incalculably important role in the theoretical debate. In fact, many of them have focused on the concept of identification and neutralization of the threat[20] or of a generic competitor[21] as well as on the defensive function of counterintelligence[22], but only Sims takes into consideration also the issue of organization and behaviour. Notwithstanding, although Sims clearly acknowledges the importance of the understanding of enemy’s behaviour, her approach fails to stress the role of data and analysis in CI operations. That these two elements are also to necessarily be considered in both theory and practice is demonstrated by one of the key events of the 20th century: The assassination of Franz Ferdinand in Sarajevo. The murder of the Archduke was the reflection of several flaws in the CI and security plan for the visit. The first failed attempt to Franz Ferdinand forced an acceleration of the parade. Consequently, it was subjected to detours that raised the confusion and let Gavrilo Princip more easily shoot the Archduke dead. The plan for a safe transportation of the royal couple resoundingly failed, but its breaches were not merely “operational”. In fact, if an insufficient deployment of police officers on the streets and the mistake of the driver in changing the route were major failures of the security plan, they must be considered with regards to the lack of analysis of the political circumstance in which the visit of the Archduke took place. The scarce amount of police offers spaced out along Appel Quay where the assassination happened – and where seven conspirators were situated – reflects, on a CI level, a poor consideration of the nature of the threat represented by the Bosnian-Serb nationalism. The lack of analysis of the political contingency, further aggravated by the warning advanced by the Vicepresident of Bosnian Parliament Dr. Sunaric, who suggested to cancel the visit as «the Serbian population was in a mood of revolt»[23], determined the catastrophic result which precipitated the First World War.

The third and last category of definitions focuses on analysis and the role of data and seeks to explain both how CI gathers and uses information. In short, it focuses on knowledge. For instance, Thomas Powers claimed that «counterintelligence is to intelligence as epistemology is to philosophy»[24], because both deal with how we know what we know. It has been argued that «analysis has the charge to ascribe the status of knowledge to the beliefs received from collectors»[25]. By contrast, in the practice «CI analysis historically has been the weakest part of business»[26]. As a matter of fact, that «professional CI analysts have been undervalued and underappreciated»[27] is one of the most likely reasons why CI operations fail – they are not supported by thorough analyses of the contingent frame. As Van Cleave points out, «strategic assessments […] can help inform policy deliberations and frame options for actions»[28]. In other words, there is no well-considered operation without a solid analytical groundwork. In turn, analysis is based on data collection and protection. In the age of cyber threats, both collection and protection of data represent a problem that theory on CI has not engaged yet effectively enough. In fact, one of the major concerns for CI is undoubtedly the issue of the illicit exchange of secret information among “trusted” agents, which Wirtz addresses as “market dilemma”[29]. As Snowden and Manning’s cases remind, «once an employee is given access to classified data in order to perform his or her job, the agency or its client has in effect transferred these secrets to that person and there is no way of retrieving them»[30]. Overall, the chances for these definitions to meet a wide agreement are very few. On the one side, the role of analysis has been described regardless its employment in developing the CI operations; on the other, the role of data has not been effectively engaged yet on a theoretical level, especially with regards to the new threats.

In conclusion, the three identified categories have failed in finding an accepted definition because they have considered only one aspect each. Firstly, definitions about organizational issues consider the structure and the behaviour of CI but not the peculiarity of each agency; secondly, definitions about activities disregard the role of analysis on which operations rest; vice versa, definitions about knowledge narrow the understanding of CI holding data collection and analysis as the end, and not the mean, of CI. The major failure of these approaches in finding a common and wide agreement is that they do not encompass the interdependence of these variables, which are only useful in building a theory for CI practice when considered one in function of the other, and not as single and impenetrable monads.


[1] Michelle K. Van Cleave, “What Is Counterintelligence?”, The Intelligencer, Vol. 20, No. 2, 2013, 57.

[2] John Ehrman, “What Are We Talking About When We Talk About Counterintelligence”, Studies in Intelligence, Vol. 53, No. 2, 10.

[3] Miron Varouhakis, “An Institutional-Level Theoretical Approach for Counterintelligence”, International Journal of Intelligence and Counterintelligence, Vol. 24, No. 3, 499.

[4] John Ehrman, “What Are We Talking About When We Talk About Counterintelligence”, 10.

[5] Shawn P. Davisson, “Spooks vs. Suits—the Ultimate Sibling Rivalry: CIA/FBI Interagency Competition, Communicative Failures, and Effects on U.S. National Security”, SSR, file:///C:/Users/Giovanni/Downloads/SSRN-id923680.pdf, Accessed Nov 27, 2.

[6] “9/11 Commission Report”, National Commission on Terrorist Attacks Upon The United States,, Accessed Nov 28, 88-89.

[7] A.C. Wasemiller , ”The Anatomy Of Counterintelligence”, CIA,, Accessed Nov 23.

[8] “Profile: Israel’s Shin Bet Agency”, BBC,, Accessed Nov 27.

[9] John Ehrman, “What Are We Talking About When We Talk About Counterintelligence”, 10.

[10] John Ehrman, “What Are We Talking About When We Talk About Counterintelligence”, 10.

[11] John Ehrman, “What Are We Talking About When We Talk About Counterintelligence”, 8.

[12] John Ehrman, “What Are We Talking About When We Talk About Counterintelligence”, 8.

[13] A.C. Wasemiller , ”The Anatomy Of Counterintelligence”.

[14] Henry Prunckun, “Extending The Theoretical Structure of Intelligence to Counterintelligence”, 34.

[15] Robin Winks, Cloak And Gown: Scholars In The Secret War (New York: William Morrow & Company, 1987) cited in Henry Prunckun, “Extending The Theoretical Structure of Intelligence to Counterintelligence”, Salus Journal, Vol. 2, No. 3, 2014, 33.

[16] A.C. Wasemiller , ”The Anatomy Of Counterintelligence”.

[17] Henry Prunckun, Counterintelligence Theory & Practice (London: Rowman & Littlefield Inc., 2012), 40-42.

[18] Jennifer E. Sims, “Twenty-first-Century Counterintelligence”, Vaults, Mirror And Masks (Washington: Georgetown University Press, 2009), 23-36.

[19] Jennifer E. Sims, “Twenty-first-Century Counterintelligence”, Vaults, Mirror And Masks (Washington: Georgetown University Press, 2009), 36.

[20] Roy Godson, Dirty Trick or Trump Cards: US Covert Action & Counterintelligence (London: Transaction Publisher, 2000), xxviii.

[21] Vincent Bridgeman, “Defense Counterintelligence, Reconceptualized”, Vaults, Mirror And Masks (Washington: Georgetown University Press, 2009), 128.

[22] “Executive Order 12333”, NCSC,, Accessed Nov 30.

[23] Vladimir Dedijer, The Road to Sarajevo (New York: Simon & Schuster, 1966), 10.

[24] Thomas Powers, “Spy Stories”, New York Times,, Accessed Dec 2.

[25] Matteo Bucalossi, “An Epistemolgical Account of Intelligence Analysis”, Academia,, Accessed Dec 2.

[26] James M. Olson, “The Ten Commandments of Counterintelligence”, Studies In Intelligence, No. 11, 2001, 84.

[27] James M. Olson, “The Ten Commandments of Counterintelligence”, 84.

[28] Michelle Van Cleave, “Strategic Counterintelligence”, CIA,, Accessed Dec 3.

[29] James J. Wirtz, “Secreting The Secrets”, International Journal of Intelligence & Counterintelligence, Vol. 26, No. 2, 832-834.

[30] Henry Prunckun, Counterintelligence Theory & Practice, 158.


ISBN (eBook)
ISBN (Buch)
491 KB
Institution / Hochschule
Brunel University
counterintelligence intelligence secret service agency IRA snowden cyber espionage al qaeda terrorism sarajevo first world war second world war definition security officer CIA FBI MI6 MI5 england uk usa



Titel: Defining Counterintelligence. CI, Security and non-governmental actors