Secrecy Reform Stymied by the Pentagon

The Obama Administration has taken several initial steps to modernize the national security classification system and to combat overclassification.  But those halting efforts are being undermined by the Department of Defense, which is not implementing the President’s policy.

DoD, which is the government’s largest producer of classified information, has failed to update its internal regulation on information security, despite a specific Presidential directive to do so.  The result is that military components today are following old, incomplete and misleading guidance on classification policy.

For example, one such component, U.S. Transportation Command (TRANSCOM), said on February 20 that it was unaware of a current requirement to update and correct its classification guidance.  It had “no records” pertaining to the performance of a Fundamental Classification Guidance Review, which was required by President Obama’s Executive Order 13526.  Why?  Because, it said, “no Review was required [by] DoD 5200.1-R,” the Pentagon’s regulation on information security (pdf).

This is a startling misunderstanding and a grievous lapse of responsibility on the part of the Pentagon. The reason that TRANSCOM is unaware of the new requirement to perform a Fundamental Classification Guidance Review is that DoD’s internal regulation 5200-1.R on classification policy has not been updated since January 1997!  In effect, DoD has been blocking the transmission of the President’s instructions to classifiers and declassifiers in the field.

This in itself is an act of defiance, particularly since the President himself ordered senior agency officials to prepare new classification policy regulations.  “Such regulations shall be issued in final form within 180 days of ISOO’s publication of its implementing directive for the order,” President Obama wrote in his December 29, 2009 memorandum that accompanied the issuance of Executive Order 13526.

The Information Security Oversight Office (ISOO) did publish its implementing directive (pdf) for the Executive Order on June 28, 2010.  Therefore, agencies officials were obliged to complete their implementing regulations 180 days later, by the end of December 2010.  At the Pentagon, officials failed to comply.

“The promulgation of implementing regulations for [President Obama's] E.O. 13526… is not an optional activity,” said William J. Bosanko, director of the Information Security Oversight Office, which oversees the classification system.

“Such regulations serve as the foundation for the implementation of the Order at each agency,” he explained.  “Failure to update regulations in a timely manner impedes the implementation of the President’s direction and risks undermining the confidence in the classification system.  It also places classified information at needless risk and otherwise makes it difficult to hold accountable those who fail to meet their responsibilities.”

“How can we expect personnel to properly classify, safeguard, and declassify national security information if we do not provide them with the ‘rules’?  How can we maintain the trust of the American people and our State, local, tribal, private sector, and foreign partners if we don’t even comply with the most basic requirements ourselves?”

Mr. Bosanko said that ISOO was pressing for agency compliance with the requirements of the executive order.  He said the status of such compliance would be addressed in the forthcoming FY 2010 ISOO Report to the President.

Meanwhile, throughout the Department of Defense, officials are diligently following the wrong instructions. According to the DoD directives website, the 1997 regulation 5200-1.R — with all of its outdated guidance — is currently one of the top five most frequently downloaded DoD publications.

No Responses to “Secrecy Reform Stymied by the Pentagon”

  1. F. Herrick February 24, 2011 at 5:19 PM #

    This appears to be an instance in which the military is using its bureaucracy to disobey the orders of its Commander in Chief.

    Am I right to see this as a problem?

  2. Monica Sheard February 25, 2011 at 1:01 AM #

    Interesting, particularly in the wake of Michael Hastings’ recent article in Rolling Stone, “Another Runaway General: Army Deploys Psy-Ops on U.S. Senators,” (February 23, 2011). It’s also interesting from a budget perspective, i.e. defense contractor exemption from the Budget Reconciliation Act. At least it’s clear Jack Ruby’s still in charge.

  3. CK February 27, 2011 at 2:49 AM #

    Apparently they’re holding their breath waiting to get a Republican back in so they can continue with the overtake of the world, with doing what they please at all times with no oversight, and also with plundering the poor, sad, sorry US economy with their myopic, thought-up-while-being-drunk-on-testosterone projects (sometimes called wars) that last years if not decades…

  4. Jo Jo Gun March 2, 2011 at 10:24 AM #

    Why write a regulation/rule/law/executive order if it NOT going to be enforced? What a waste of time. Get serious and make some heads roll.

  5. REJ March 2, 2011 at 2:31 PM #

    EO 13526 is a good product that effectively fixed several problems that plagued 12958 (Clinton) and 13292 (GW Bush). That said, let’s be honest. Obama’s 13526 will not reduce over classification. Simply saying “go forth and conduct a fundamental… review” means nothing. It might as well say “quit over classifying” to the DoD’s 2+ million employees. Sounds good, so now what’s the plan? The devil is in the details, and there are a LOT of details to be resolved. I expect we’ll see a DoD policy by this summer though. For the sake of accuracy, 5200.1-R (1997) was updated April 16, 2004 to cover Bush’s EO 13292 signed March 25, 2003. It took 13 months to implement Bush’s far less complex classification policy changes. Defiance? Disobedience? No, just bureaucracy.

  6. Steven Aftergood March 2, 2011 at 3:03 PM #

    Thanks for the interesting comment. But I still hope and expect that the Fundamental Reviews will reduce overclassification, at least in agencies where they are faithfully implemented. In fact, I think that the prototypical Fundamental Review which was conducted by the Department of Energy in the mid-1990s is just about the only thing in the last half-century that has significantly reduced overclassification.

    The executive order did not just say “go forth and conduct a fundamental review” or, worse, “quit overclassifying.” The whole point was to move beyond such rhetorical fluff. So what the order did — for the first time, really — was to instruct each agency head to establish a framework for identifying overclassification, bringing a broad range of perspectives to bear on the question.

    It may not work, but it hasn’t failed yet. Some of the necessary details are contained in the ISOO implementing directive from last June. But DoD needs to step up and keep the process moving.

    Technically, I don’t agree that 5200-1.R has been updated. The April 16, 2004 issuance that you mention was a “Directive-Type Memorandum” (available here), not a revision. In fact, it stated that “DoD 5200.1-R will be updated within 180 days to reflect these changes” — but that never happened.

  7. Pat Wessel March 3, 2011 at 10:00 PM #

    As a current Marine Corps contractor and recently retired Navy officer (that includes (6 reserve & 4 active duty years at USTRANSCOM), I admit that I have seen a lot of beauracracy. And I won’t take a position on the details of classification and declassification. I want to address the criticism of the department/agency failure to comply.

    Things move slowly in the federal government, not only DoD. So, I tend to agree with REJ regarding the reason for delay, as opposed to deliberate defiance. It sometimes takes up to two years to get out a directive or an instruction on any subject of depth. And this EO has many very specific requirements.

    I would also like to note something from my perspective working with transportation logistics. From what I read in the EO, the section (1.4) that sets out what constitutes classified information does not specifically include air or ship cargo movements or transit information. The primary job of USTRANSCOM is the movement of DoD cargo, so these movements are closely tracked and reported upon. They are not necessarily categorized as military operations. Indeed, of lot of the cargo that they move is humanitarian in nature. Typically, all transit information is classified for the protection of the asset and its cargo.

    So, while Sec 1.4(a) military plans… or operations would certainly cover an air strike, what about shipments of medicine, patients, toilet paper, or items to support the troops in Germany or Korea? How about peacekeepers transported all over the world, or even supplies ancillary to war?

    Would they come under section (g) vulnerabilities or capabilities of systems, installations, infrastructures, projects, plans, or protection services relating to the national security? It seems unlikely that cargo shipments would fall under this section; possibly the bridges, ports and airports.

    Whatever the outcome, if I was still at USTRANSCOM, I would be very worried about how this Executive Order was implemented.

  8. Franklin C.H. Barrett March 9, 2011 at 10:41 AM #

    To Pat, I’m not trying to be gruff, but as a current contractor DoD you probably understand OPSEC and its coordination with traditional security programs. I’m just curious why you posted so much about TRANSCOM’s procedures for how it handles (or struggles to handle) information pertaining to shipments.

    Strikes me that part of the problem in a discussion like this is that probably few of those commenting have ever actually derivatively classified information, let alone been an original classification authority.

    I’m interested to see what FAS bloggers think about the Milner decision that was released yesterday.