Posts from August, 2009

Interagency Secrecy Reviews Draw to a Close

Two 90-day interagency reviews of government secrecy policies that were ordered by President Obama on May 27 are now essentially complete.

A review of the current executive order on classification policy is finished except for a few “sticky” issues pertaining to intelligence agency authorities, according to one participant in the interagency process.  The recommendations of that review have not yet been transmitted to the White House.  A separate review of procedures for handling “controlled unclassified information” (CUI) produced recommendations that were sent to the White House last week, though the contents have not been disclosed.

Both reviews were the subject of considerable public comment, and the resulting recommendations include at least some proposed changes that are directly traceable to public input, the participant said.  But he also cautioned against overly high expectations for the outcome, especially given the insular character of the deliberative process, which was dominated by agency classification personnel.  “You’ve got a bunch of foxes designing security for the henhouse,” he said.

The recommendations that were produced by the interagency reviews must still be reviewed by the White House and then approved or modified, a process that could take months.  A decision on whether to invite additional public comment has not yet been announced.

Secrecy and Error Correction in Open Source Intel

Open source intelligence products, which are based on information gathered in the public domain, are often withheld from public disclosure, for various reasons.  These include habit, the cultivation of the mystique of secret intelligence, the protection of copyrighted information, and the preservation of “decision advantage,” i.e. the policy-relevant insight that open source intelligence at its best may offer.

Even when it can be justified, however, such secrecy comes at a price.  By restricting the distribution of unclassified intelligence products, government agencies also limit the opportunities for the discovery and correction of erroneous information or analysis.  Conversely, expanding access to such materials may be expected to yield an improved product.

So, for example, Secrecy News recently published a previously undisclosed Open Source Center report on Bolivia’s Islamic community (pdf).  It had not been approved for public release.  Sure enough, once the report became public knowledge, it became possible to identify mistaken information that had been inadvertently disseminated by the Open Source Center throughout the U.S. government.

The report had listed the Association of the Islamic Community of Bolivia as a Shia organization (at page 11).  That was incorrect.  “La Asociacion de la comunidad Islamica de Bolivia… es una comunidad SUNNITA,” wrote Ahmad Ali Cuttipa Trigo, a representative of the group, in a courteous but emphatic email message from La Paz.  “Quisieramos que enmienden ese error de taipeo.”

In fact, mistaking a Sunni community for a Shia one is more than a typographical error.  It is the kind of thing that under some circumstances could lead a reader to draw significant unwarranted inferences.  And so fixing it is a service to everyone concerned.

From this perspective, the unauthorized publication of such materials may also perhaps be seen as a contribution to the open source intelligence enterprise.

An Open Source Center Survey of Japanese Media

“Japan is a media-saturated nation where the level of consumption of both newspapers and television is extremely high by global standards,” according to a new assessment from the DNI Open Source Center (OSC).  “Furthermore, the news media have the deep trust of the people…. More Japanese adults trust journalism than trust any other institution [including] schools, the police, or religious institutions.”

The 67-page OSC report (pdf) describes the peculiar Japanese media landscape, with profiles of major media categories as well as individual news organizations. It also presents numerous curious observations regarding Japanese production and consumption of news and information.  For example:

“Surveys report that over half of adults in Japan read news content on their cell phones.”

Many posters on online Japanese bulletin boards “use nonstandard Japanese, making their comments difficult to read for the uninitiated.  For example, Chinese characters are often intentionally misused, and keyboard symbols and other special characters are put together to form nonstandard ‘compounds’ that make sense only to insiders.”

“A stable group of prominent bloggers who consistently help shape mainstream dialogue on key issues of policy has yet to emerge in Japan.”  In 2007, however, Japanese was the world’s top blogging language, accounting for 37% of all blog entries posted on the Internet.

“Weekly magazines are notorious in Japan for their loose editorial standards, airing rumor, half-truths, and outright falsehoods with little vetting of the information.”

“Compared to three decades ago, there are many more opinion magazines that express right-wing views about history and security…. This fact tends to amplify right-wing voices beyond their actual influence and crowd out countervailing opinions from the political center and left.”

The OSC report on Japanese media has not been approved for public release, but a copy was obtained by Secrecy News.  See “Japan — Media Environment Open; State Looms Large,” Open Source Center, August 18, 2009.

Information Sharing as a Form of Secrecy

The Obama Administration is giving increased attention to the continuing post-9/11 challenge of information sharing, with a newly appointed White House Senior Director of Information Sharing Policy tasked to lead the effort. But this new activity does not imply any reduction in the volume of security and safety-related information that is withheld from the public.

“Achieving effective information sharing and access throughout the government is a top priority of the Obama Administration,” wrote White House Homeland Security Adviser John O. Brennan in a July 2, 2009 memorandum (pdf) to agency heads.  “To advance the priority to make trusted and resilient information sharing and access a reality, we have established in the Executive Office of the President the position of a Senior Director for Information Sharing Policy and have selected Mike Resnick to serve in this role,” Mr. Brennan wrote (first reported by Jason Miller, Federal News Radio, July 31).

Although information sharing might seem like the antithesis of secrecy, the term has come to be used to refer exclusively to sharing within the government, including state and local officials and certain selected private partners. Unlike “transparency,” which is a different policy portfolio, information sharing does not extend to members of the general public even in principle.  To the contrary, it implies their exclusion– there is no need to “share” information that is generally available to all.  And so “information sharing” is emerging as a modified form of official secrecy.

Up to a point, this is understandable.  Members of the general public do not engage in military and intelligence operations or conduct diplomacy or enforce the law.  It is not hard to imagine circumstances in which disclosure of certain government information would undermine these authorized functions.

On the other hand, members of the public are quite literally on the front lines of potential terrorist attacks, not to mention flu pandemics or economic disasters.  A national security or homeland security information sharing policy that leaves the public out is therefore incomplete.

The 9/11 Commission seemed to understand this quite clearly.  Its recommendations on information policy encompassed not only improved communications among government agencies and partners but also involved increased disclosure to the public. What did declassification and public disclosure of the intelligence budget — one of the Commission’s 41 recommendations — have to do with preventing terrorism?  Part of the answer is that it was a down payment on a much more comprehensive information disclosure policy that envisioned an engaged, empowered citizenry who are the country’s first line of defense.  Such a policy has still not been realized, and the vision itself seems to have been abandoned or neglected even by some leading advocates of information sharing.

In its latest report on the subject (pdf), the influential Markle Foundation Task Force on Information Sharing is silent on the question of improved public access to safety and security-related information.  “The President and Congress must ensure that all government information relevant to national security is discoverable and accessible to authorized users while audited to ensure accountability.”  In this conception, government officials are authorized users, ordinary citizens are not.  Such an approach is likely to make both information sharing and secrecy reform even harder to achieve.

The severe limitations of the current information sharing model will become even more important given the determination by Mr. Brennan that it will now extend “beyond terrorism-related issues, to the sharing of information more broadly to enhance the national security of the United States and the safety of the American people.”

In today’s degraded political climate, one need not be especially cynical to doubt the existence of a widespread public desire for access to safety and security information.  One may further question the capacity of the public to utilize some such information in a meaningful way.  The problem, though, is that treating members of the public as passive, possibly dimwitted spectators of government policy tends to reinforce just that sort of passivity.

One of the ongoing challenges and priorities facing information sharing, said Amb. Thomas E. McNamara (pdf) at a July 30 congressional hearing, is to “reduce improper classification to enhance information sharing.”  We must “eliminate ‘need to know’ requirements and protocols, and eliminate overuse of originator controls that can impede the ability to discover and share information.”

Reducing classification and eliminating “need to know” restrictions sound like a rather bold agenda, until one realizes once again that they apply only within the circle of authorized users, not elsewhere.  What makes this approach particularly vexatious is that it threatens to derail the current momentum for classification reform into a purely internal governmental affair. Classification barriers within the government are to be lowered, it seems, on the condition that such barriers to public disclosure remain intact.

Even within the government, however, information sharing still remains quite imperfect.  The landmark Intelligence Community Directive 501 (pdf) directed in January 2009 that “all intelligence and intelligence-related information… [shall be] discoverable by automated means by ‘authorized IC personnel’….” Despite this categorical instruction regarding “all” intelligence information, newly disclosed guidance (ICPG 501.1) from May 2009 permitted “exemptions from discovery” for certain information. Further guidance (ICPG 501.2) established a rather cumbersome “resolution process” for handling information sharing disputes, which evidently persist.

It must be admitted that there are numerous particular exceptions to this generally grim picture.  To cite one new example, the Department of Justice Office of Community Oriented Policing Services has just published an updated and expanded edition of “Law Enforcement Intelligence: A Guide for State, Local, and Tribal Law Enforcement Agencies” (pdf), which provides a helpful introduction to the field.

In February, the House of Representatives passed a bill (H.R. 553) that would seek to discourage overclassification of homeland security information by requiring preparation of unclassified versions of certain DHS intelligence products that would in principle be available to the public pursuant to the Freedom of Information Act.  The bill awaits action in the Senate.

Nothing less than a 90% reduction in the volume of classification activity government-wide would be needed to restore national security classification to its proper proportions, argued Bill Leonard, the former director of the Information Security Oversight Office, in his blog.

Special Ops Get Help Processing Pocket Litter

U.S. special operations forces (SOF) are successfully collecting valuable operational intelligence materials in the field, but they lack the capability to quickly process, exploit and disseminate those materials, the House Appropriations Committee said in its recent report on the 2010 defense appropriations bill (excerpts).

“Ongoing SOF operations demonstrate the ability to collect significant amounts of pocket litter, hard copy documents, hard drives, cell phones, and other important hard copy and electronic media with significant intelligence value. However, without specialized expeditionary processing, this information becomes inaccessible and of no value to SOF in immediate urgent operational missions, and over the longer term to the war fighter, the intelligence community and others in need of access.”  The Committee recommended additional resources to remedy this deficiency.

Intelligence policy-related excerpts from the Committee report on the 2010 defense appropriations bill are posted here.

Inspectors General Chase Leaks at GPO, CRS

If it wanted to, the Obama Administration could instantly increase oversight of the national security classification system by tasking the Offices of Inspector General (IG) at each of the major classifying agencies to assume some responsibility for secrecy oversight.  In coordination with the Information Security Oversight Office, those IGs could perform periodic audits of classification activity to ensure that agencies are complying with declared policies (the urgent need to revise those policies is a separate issue) and they could flag excessive use of secrecy in the course of their other duties, for further investigation by the ISOO.

In fact, the IGs already do some classification-related oversight, but only on a sporadic, ad hoc basis.  In 1992, the Defense Department IG investigated and confirmed (pdf) an allegation made by the Federation of American Scientists that a secret nuclear rocket program called Timber Wind was improperly classified as an unacknowledged special access program.

But instead of combating wrongful secrecy, it seems that Inspectors General are more often called upon to investigate unauthorized disclosures of controlled information.

Most recently, the IG of the U.S. Government Printing Office (GPO) examined (pdf) the unintended publication of a report to the International Atomic Energy Agency listing U.S. civilian nuclear sites and facilities and marked as “sensitive.”  Secrecy News discovered the document  on the GPO web site in late May, and it subsequently made headlines around the world.  (“US Declares Nuclear Sites to the IAEA,” Secrecy News, June 1, 2009.)  After the New York Times and other news organizations picked up the story on June 3, “a torrent of media activity ensued,” the GPO IG report said.

“Our investigation found no wrongdoing on the part of GPO or its employees,” the IG concluded last week (as first reported by Ed O’Keefe of the Washington Post, August 10). Rather, GPO simply acted at the direction of its client, the House of Representatives, which transmitted the report for publication.

The GPO IG did not independently evaluate the actual sensitivity of the document (large pdf), and did not inquire whether it disclosed any information that was not previously in the public domain or, if so, what the consequences were likely to be.  (Our view is that while the report may be diplomatically sensitive, given that such national declarations to the IAEA are not normally published, it does not reveal sensitive technology or security information.)  A separate investigation of the publication of the report on nuclear facilities is still being conducted by the General Accounting Office.

In another recent case, the Inspector General at the Library of Congress (LOC) was asked to investigate the unauthorized publication of thousands of Congressional Research Service (CRS) reports last February by Wikileaks.org, a website which publishes confidential or restricted documents.  Although more, and more recent, CRS reports had previously been disclosed by OpenCRS.com, FAS, and others, the audacity of the Wikileaks move set off alarms at CRS and among some in Congress.

“My question is, have you taken steps necessary to prevent it from happening again and determine how it is that it happened in the first place?” asked Rep. Debbie Wasserman Schultz (D-FL) at an April 29, 2009 House Appropriations Committee hearing (at p. 285 in a very large pdf file).

“We have left it for the IG to do that and to then report how it happened,” replied CRS director Daniel Mulhollan.

This seems like an exceptionally poor use of the IG, especially since throughout Mr. Mulhollan’s tenure the supposed confidentiality of most CRS reports has been routinely violated, without adverse effect and arguably to the benefit of CRS.  Broad public disclosure of CRS reports has increased the Service’s stature in the press and elsewhere, and has also permitted the correction of published errors in those reports.  (CRS memoranda that are prepared for individual Members are generally protected more effectively than the CRS reports that are intended for general distribution.)  For the past decade and longer, new CRS reports have been published for sale nearly every day by commercial vendors of CRS products such as PennyHill Press, Gallery Watch, and Lexis-Nexis– yet somehow it is only free access for members of the public that triggered official outrage and led to an IG investigation.

The LOC Office of the IG did not respond to an inquiry from Secrecy News this week concerning the status or outcome of its investigation of the disclosure of CRS reports to Wikileaks.

As a rule, we believe IGs could be more productively employed by pursuing unnecessary or inappropriate restrictions on disclosure of government information.  In particular, the forthcoming Obama executive order on national security classification could authorize and direct executive branch agency IGs to help identify cases of needless secrecy, and to help fix them.

CRS on Overt U.S. Aid to Pakistan

The United States provided around $15.4 billion in overt aid to Pakistan between Fiscal Years 2002 and 2009, according to a newly updated Congressional Research Service tabulation.  The U.S. aid included military training, equipment and other forms of assistance.  An additional $3.6 billion is requested for FY 2010.  See “Direct Overt U.S. Aid and Military Reimbursements to Pakistan, FY2002-FY2010″ (pdf), updated August 3, 2009.

OSC Sees Growing Media Monopoly in Venezuela

The Venezuelan government of President Hugo Chavez “is moving forcefully to silence critics by introducing a Media Crimes bill that would give it sweeping authority to jail journalists, media executives, and bloggers who report on anything that the government considers to be harmful to state interests,” said a new assessment (pdf) by the Intelligence Community’s Open Source Center (OSC).

The Chavez government “is simultaneously moving to shut down more than 200 radio stations,” the OSC report said, and may take over the opposition news station Globovision.  “Silencing his critics would allow Chavez to completely control the media message, but it would also deprive him of his long-standing scapegoat of what he describes as the oligarchic media,” the OSC said.

Like most other OSC analyses, the latest report has not been approved for public release, but a copy was obtained by Secrecy News.  See “Venezuela — Chavez Moves to Silence Opposition Media,” Open Source Center, August 3, 2009.

Towards a Fresh Start in Classification Policy

The current Obama Administration review of classification policy will almost certainly produce an incremental adjustment to existing practices– though hopefully with provisions for independent validation (or rejection) of agency classification decisions, strengthened oversight, expedited declassification, and so forth.  But it is unlikely to lead to a wholesale replacement of the basic framework of the Cold War classification system that has lingered now for more than half a century.  The “next generation” of national security information policy is still out of reach.

To hasten the development of more efficient and transparent information security policies, the forthcoming Obama executive order on classification could encourage experimental pilot projects in classification and declassification and related activities.

An agency head could be authorized to establish, with the approval of the director of the Information Security Oversight Office, a limited-scale initiative that departs from the otherwise binding requirements of the executive order in the interests of fostering innovation in classification policy.  (ISOO concurrence would be needed to ensure that the pilot projects were designed to promote appropriate efficiency and transparency, not to provide a new pretext for intensified secrecy.)

What kind of initiatives might these be?  One possibility would be to collapse the multi-tiered classification system into a single level, so that information within the domain of the pilot project would either be “classified” or “unclassified” — other classification levels and compartments would not be permitted. Another possibility would be to undertake ambitious bulk declassification projects that have an elevated risk of disclosure of classified information beyond what is normally tolerated.  This would provide a realistic but small-scale indication of the “damage” that could ensue from forgoing expensive, time-consuming declassification review.  Other initiatives could experiment with discretionary releases of classified information, prohibitions against use of the “need to know” principle, and similar deviations from the norm.

One precedent or model for this kind of approach is the congressionally-mandated program for Science and Technology Reinvention Laboratory (STRL) demonstration projects, which are used to promote innovation in Defense Department personnel management policies.  Those projects have been authorized to waive existing laws and regulations on human resources management.

“The STRL demonstration projects are the vehicles through which the… Department of Defense will determine whether changes in personnel management concepts, policies, or procedures would result in improved laboratory performance and contribute to improved DoD or Federal personnel management,” according to a DoD directive (pdf) issued just last week.

“In the most general terms, a demonstration project provides a means for testing and introducing beneficial change in Government-wide human resources management systems,” according to an earlier Air Force Fact Sheet.  The Air Force identified several successful policy innovations that have been developed in this way, such as the Voluntary Emeritus Corps that permits senior scientists to continue their research into retirement while mentoring younger scientists in Air Force laboratories.  Similar creativity is desperately needed in the stagnant realm of government secrecy policy.

The point is to promote unorthodox approaches to security policy that may involve heightened risk, but that also offer significant potential improvements in operational performance, cost reduction and/or transparency.  Most of these efforts could well fail.  But some might prove fruitful, and worth replicating on a larger scale.  In this way, the Obama executive order could help pave the way for the executive order after next, and for a new, more nimble 21st century information policy.

An Updated Intelligence Review from the DNI

“Implementation of the Comprehensive National Cybersecurity Initiative (CNCI),” the notoriously secretive program “which was established by President Bush in National Security Presidential Directive 54/Homeland Security Presidential Directive 23 in January 2008, continues at this time.”

That interesting reminder was mentioned in passing in newly disclosed answers to questions for the record (pdf) submitted by the Director of National Intelligence to the Senate Intelligence Committee in April 2009 following the DNI’s annual threat briefing last February.

Some other notable observations from the DNI’s forty pages of wide-ranging answers to Senators’ questions include:

  • “Iran is covertly supplying arms to Afghan insurgents while publicly posing as supportive of the Afghan government.”  “Iran’s policy calculation in Afghanistan currently emphasizes lethal support to the Taliban, even though revelation of this activity could threaten its future relationship with the Afghan government and its historic allies within Afghanistan.”
  • Based on counterinsurgency principles, the DNI said, it would require “roughly 818,000 security personnel to secure Afghanistan” including 325,000 personnel to secure the Pashtun areas where most insurgents are located.  But there are currently only 83,094 soldiers in the Afghan National Army.  To grow to 325,000 soldiers would require $946 million annually, well above the FY2008 Afghan defense budget of $242 million.
  • While Iran has made significant progress in uranium enrichment technology, the State Department’s intelligence bureau (INR) “continues to assess it is unlikely that Iran will have the technical capability to produce HEU [highly enriched uranium] before 2013.  INR shares the Intelligence Community’s assessment that Iran probably would use military-run covert facilities, rather than declared nuclear sites, to produce HEU. Outfitting a covert enrichment infrastructure could take years.”
  • “Some analysts believe that Iraq is more fragile, the ISF [Iraqi Security Forces] less capable, and the impact of a drawdown [of U.S. forces] more destabilizing than the majority of the Intelligence Community.”
  • “Hizballah remains the most technically capable terrorist group in the world.”  But “Al Qa’ida is the terrorist group that historically has sought the broadest range of CBRN [chemical, biological, radiological, and nuclear] attack capabilities, and we assess that it would use any CBRN capability it acquires in an anti-U.S. attack, preferably against the Homeland.”
  • In March 2009, the Central Intelligence Agency created a new daily intelligence publication called the Economic Intelligence Brief (EIB), which is “the most visible step we have taken to increase reporting and analysis” on the global economic crisis and its impact on U.S. national security.
  • “Moscow has been in the process of restoring some of the military capabilities it lost after the collapse of the Soviet Union as it downsizes and reorganizes its forces.” “Despite its still considerable capabilities, the Russian military is a shadow of its Soviet predecessor.” “Russia has consistently kept its defense spending at less than three percent of GDP, avoiding the huge defense burden that ultimately choked the Soviet economy.”

    Some of the DNI’s statements are surprisingly flimsy.  For example, he declares (question 17) that “In 2003, the Russian military prepared for an exercise that included attacking U.S. satellites to disrupt the NAVSTAR global positioning system, the Keyhole optical-electronic reconnaissance satellites, and the Lacrosse radar reconnaissance system with the intent of ‘blinding’ the Pentagon and denying it the opportunity to use precision weapons against Russia.”

    This is an odd assertion, first, because intelligence officials rarely if ever use the old Keyhole or Lacrosse satellite names in unclassified public statements.  And on closer inspection, it turns out that the DNI’s statement was simply lifted, almost word for word, from a news story that appeared in the Russian newspaper Nezavisimaya Gazeta on May 14, 2003.  (It was also picked up by the online Newsmax.com on May 18, 2003.)  The Russian story lazily attributed its claim regarding the anti-satellite exercise to “certain reports.” The DNI repeated the Nezavisimaya Gazeta item nearly verbatim, presenting it as an established fact, with no attribution at all.

    The Senate Intelligence Committee has renewed the valuable tradition of submitting unclassified questions for the record to senior intelligence officials following the annual threat briefing to the Committee.  Unfortunately, the congressional publication schedule is such that the answers to the questions often do not appear for one or even two years after they are prepared.  The latest DNI responses to questions for the record, transmitted in April, were obtained by the Federation of American Scientists this week through the Freedom of Information Act.