Litigation challenging the national security actions of the federal government has taken a seemingly paradoxical form in recent years. Prospective coercive remedies like injunctions and habeas corpus (a type of injunction) are traditionally understood to involve much greater intrusions by the judiciary into government functioning than retrospective money damages awards. Yet, federal courts have developed and strictly applied doctrines barring Bivens damages actions against federal officials because of an asserted need to preserve the prerogatives of the political branches in national security and foreign affairs. At the same time, the courts have been increasingly assertive in cases involving coercive remedies, especially habeas, that have dramatically impacted post-9/11 national security policies. Additionally, federal courts, particularly the Supreme Court, are increasingly willing to rule against the executive in cases concerning justiciability and judicial power.

On November 28, 2010, the international whistleblower website WikiLeaks and five major newspapers began simultaneously publishing confidential diplomatic cables from 270 U.S. embassies around the world. The cables were originally obtained by WikiLeaks, which also posted the cables on its own website. Over 100,000 of the cables in WikiLeaks’ possession are classified, with 15,000 classified as “secret,” meaning their release could reasonably be expected to cause serious damage to the national security.

The cables can allegedly be traced back to a single source: Bradley Manning, a former U.S. Army intelligence analyst. Since the leak, the Pentagon has announced new measures to protect against similar breaches. Even with secure technology, however, so long as there are government secrets there will always be the risk of leaks–whether inadvertently, purposefully with good intentions, or purposefully with intent to harm the United States. Moreover, in the digital age, governments face a new threat: opportunities to publish leaked classified information have multiplied, as evidenced by so-called “internet drop-boxes,” which can post thousands of secret documents in only a matter of seconds for all the world to see. Never before has there been such a powerful tool for undermining government secrecy.

In September 2010, Iranian engineers detected that a sophisticated computer worm, known as Stuxnet, had infected and damaged industrial sites across Iran, including its uranium enrichment site, Natanz. In just a few days, a sophisticated computer code was able to accomplish what six years of United Nations Security Council resolutions could not. Not a single missile was launched, nor any tanks deployed, yet the computer worm effectively set back the Islamic Republic’s nuclear program by two years and destroyed roughly one-fifth of its nuclear centrifuges. The worm itself included two major components. One was designed to send Iran’s nuclear centrifuges spinning out of control, damaging them. The other component seemed right out of the movies; “the computer program . . . secretly recorded what normal operations at the nuclear plant looked like, then played those readings back to plant operators, like a pre-recorded security tape in a bank heist, so that it would appear that everything was operating normally while the centrifuges were actually tearing themselves apart.”

Stuxnet, to date, is the most sophisticated cyber weapon ever deployed. It acted as a “collective digital Sputnik moment,” bringing to light the important cybersecurity challenges the world faces. What makes cyber attacks so destructive is their ability to travel through the Internet and attack the structures it rests upon. Governments, industrial and financial companies, research institutions, and billions of citizens worldwide heavily populate these global networks. In fact, much of public and private life depends on functioning telecommunications and information-technology infrastructures. Thus, what we deemed to be one of the greatest successes of the twenty-first century, a global communication infrastructure, has now become our biggest vulnerability.

In the best of circumstances, governing domestic intelligence is challenging. Intelligence sits in an uncomfortable relationship with law’s commitment to transparency and accountability. History amply demonstrates that intelligence—including domestic intelligence—frequently begins where the rule of law gives out.

The inherent difficulty of governing intelligence has been unnecessarily exacerbated by a deep-seated and longstanding confusion about what domestic intelligence is. For over a century, policymakers and academic commentators have assumed that it is essentially a form of criminal investigation and that criminal law supplies the logical starting place for its effective governance. Over the years, this faulty premise has fostered a boom-and-bust cycle in intelligence governance; domestic intelligence has been, at different times, effectively out of business or unchecked by law.

This Article introduces a new way to think about domestic intelligence and its governance. Domestic intelligence is a kind of risk assessment, a regulatory activity familiar across the administrative state. Similar to risk assessments in environmental or health and safety law, domestic intelligence seeks to quantify a risk before it materializes, based on the careful analysis of aggregative data.

This Article deals with one of the most difficult questions arising out of the war on terror: what to do about the victims. How should the legal system respond to claims of collateral damage to constitutional rights when the government has tilted in favor of security at the expense of liberty? The war on terror has already put the American legal system to a severe test, exacerbated by the divide between those who see the problem as essentially one of preserving civil liberties and those who see it as one of preserving national security.

Increasingly, the system will have to grapple with suits by terrorism suspects who seek damages for the governmental conduct to which they have been subjected. The Supreme Court has already decided one such case; others are on their way. Apart from damages for the victims, these suits present the question of potential civil liability for federal officials, particularly those of the previous administration. Much of this litigation will be based on the Bivens doctrine, which permits damages actions for constitutional torts committed by federal officials. This Article contends that the Bivens doctrine exists in two forms: the Marbury-rights model and the prudential-deferential model. The former focuses on the plaintiff and points toward allowing the suit to proceed. The latter focuses on the subject matter and leads to emphasis on protecting the government. It is closely related to the political question doctrine and has prevailed since the 1980s.