Posts from July, 2012

Security-Cleared Population Tops 4.8 Million

The number of people who held security clearances for access to classified information increased last year to a new reported high of more than 4.8 million persons as of October 1, 2011, a new intelligence community report to Congress said.

Last year’s annual report, the first official count of security cleared personnel, had indicated that there were over 4.2 million clearances in 2010.  That number astonished observers because it surpassed previous estimates by more than a million.  (“Number of Security Clearances Soars,” Secrecy News, September 20, 2011).

But it turns out that the 2010 number itself underreported the number of clearances, and the new report to Congress presents a revised 2010 figure of 4.7 million.  Even so, the number of clearances rose in 2011 by about 3% to 4.86 million, the new report said.  [Clarification added:  Last year's report used a methodology that tallied access to classified information.  The resulting figures are not directly comparable to the figures presented this year.  The new report focuses on eligibility for access, which yields a higher number of clearances both for last year and this year.]

The total clearance figure is composed of cleared government employees and contractors, at all clearance levels — Confidential, Secret and Top Secret.  (The number of Top Secret clearances alone was over 1.4 million.)  It includes all persons who have been cleared for access to classified information whether or not they have actually been granted such access. While the total reported figures are “likely to include some duplicate entries,” the report explains, efforts have been made to eliminate them and only “a minimal number of duplicates” remain.

The annual report on security clearances was required by Congress in the FY2010 Intelligence Authorization Act.  It represents a new degree of transparency in national security classification policy.  Until the first report was issued last year, only rough estimates of the size of the cleared population were available, and those estimates proved to be unreliable.

The latest ten-page report includes numerous details that are ordinarily withheld from public disclosure, whether they are classified or not.  For example, the new report indicates that 5.3% of the security clearance cases that CIA processed last year resulted in denial of clearance.  At NSA, the number of denials reached 8.0%.

Six of the seven intelligence community agencies that do their own clearance adjudications reported that they had cases that had been open for more than one year, the report said.  The number of pending security clearance cases at CIA requiring more than one year to complete was 3,755 for government employees, and 732 for contractors.

“The IC faces unique challenges in clearing individuals with unique or critical skills — such as highly desirable language abilities — who often have significant foreign associations that may take additional time to investigate and adjudicate,” the report said.

The new report was transmitted to Congress in early July, and was first mentioned in a July 12 report from the Government Accountability Office.  The report itself was publicly released last week by ODNI in response to a request from Secrecy News.

NSA Releases Disputed Email from Drake Case

On Friday, the National Security Agency released a declassified email message entitled “What a Wonderful Success” that had been used as the basis for a felony count against former NSA official Thomas Drake in 2010, who was charged with unlawful retention of classified information, including that message.

Although all of the felony counts against Mr. Drake were eventually dismissed, the “What a Wonderful Success” email remains controversial because it has been challenged by a leading classified expert as an exemplar of reckless overclassification.

The document is “an innocuous, internal communication that never should have been classified in the first place,” according to a petition filed last May by J. William Leonard, the former director of the Information Security Oversight Office.  He asked the presiding judge in the Drake case to lift the protective order which currently bars him from discussing the NSA document.

The release of the NSA document was first reported in “Ex-federal official calls U.S. classification system ‘dysfunctional’,” by Ellen Nakashima, Washington Post, July 22.

Without getting into the specifics of the newly disclosed document, Mr. Leonard said: “I can generally state that the very critical national security tool of classification of national security information is becoming dysfunctional and requires the highest level of attention if it is to continue to be an effective national security tool.”

“Specifically, the system clearly lacks the ability to differentiate between trivial information and that which can truly damage our nation’s well-being. At the same time, and even more importantly, it appears to be incapable of holding government officials accountable for abusing the classification system.”

“If the system continues to be one-sided, where individuals are routinely held to account for supposedly improperly disclosing protected information but no one is ever held accountable for improperly classifying information in the first place, it sends a very clear message to the millions of individuals with security clearances to continue to overclassify with impunity. That does not bode well for either the security of our nation or our democratic form of government.”

“Absent meaningful corrective action by the Government at the highest of levels, to include the President, I despair for the integrity of the classification system,” Mr. Leonard said.

Some Nuclear Weapons-Related Info to be Declassified

Certain types of classified information pertaining to nuclear weapons are going to be downgraded or declassified, the Department of State indicated in a newly disclosed report.

“Over the past fiscal year, the Department [of State] has been actively working with the Departments of Energy and of Defense to identify information that had previously been classified under the Atomic Energy Act or various national security executive orders,” wrote Sheryl Walter, the director of State’s Office of Information Programs and Services, in a February 10, 2012 letter to the Information Security Oversight Office.

“Several categories of this information, including topics concerning nuclear weapons, weapons testing, improvised nuclear devices, and international cooperation relating to nuclear forensics, will be downgraded, classified for shorter durations, or declassified,” Ms. Walter wrote.  No schedule for declassification was mentioned.  The letter was released last week under the Freedom of Information Act.

Reporters Seek Clarification of Pentagon Anti-Leak Policy

After the Department of Defense issued a statement last week saying that it would “monitor all major, national level reporting” for evidence of unauthorized disclosures of classified information, Pentagon reporters wrote to the Secretary of Defense and the Chairman of the Joint Chiefs of Staff to ask whether such monitoring extended to surveillance of the press.

“We are asking you to clarify in writing what is meant by ‘monitor all major, national level reporting’,” wrote reporters Robert Burns (Associated Press), Kevin Baron (National Journal), Luis Martinez (ABC) and Barbara Starr (CNN) on behalf of the Pentagon Press Association.

“The phrase ‘monitor all major, national level reporting’ could be interpreted by some as authorizing intrusive actions aimed at members of the news media who report on defense issues. We have received no answers as to specific monitoring authorities, and ‘reporting’ is much broader than ‘published reports’,” they wrote.

In particular, they asked, what specific authorities does the Pentagon claim for monitoring the media?

“Do you have authority to do the following:  *tap phones at work or home?  *intercept or monitor emails?  *conduct monitoring or surveillance of Pentagon press workspaces?”

“Are you authorized to monitor phone conversations, emails or press workspaces without our knowledge?”

See the July 20 letter from the Pentagon Press Association here.

The letter was first reported by Austin Wright in Politico on July 20.  As of last night, no reply from DoD had been forthcoming.

Climate Change and the Law, and More from CRS

New reports from the Congressional Research Service that have not been made otherwise available to the public include these.

Climate Change and Existing Law: A Survey of Legal Issues Past, Present, and Future, July 2, 2012 (published July 19)

A Brief Overview of Actions Taken by the Consumer Financial Protection Bureau (CFPB) in Its First Year, July 18, 2012

Conflict Minerals in Central Africa: U.S. and International Responses, July 20, 2012

Declassification Advances, But Will Miss Goal

The latest report from the National Declassification Center features notable improvements in interagency collaboration in declassifying records, along with increased efficiency and steadily growing productivity.  Even so, the declassification program will almost certainly miss its presidentially-mandated goal of eliminating the backlog of 25 year old records awaiting declassification by December 2013.

The new NDC report puts on a brave face and presents an upbeat account of its achievements to date.

“As of June 30, 2012, we have assessed 90% of the backlog.  Quality assurance evaluation and processing for declassification prior to final segregation and indexing have been completed on 55% of that 90%,” the report says.  Of the records that have been fully processed, 82% have been approved for public release.

Yet the awkward fact remains that only around 50 million pages of the original 370 million page backlog have been fully processed in the past two and a half years.  The prospect that declassification of the remaining 320 million pages will somehow be completed in the next 18 months as ordered by President Obama in 2009 is quickly receding.

It is shocking — or it ought to be — that the classification system is not fully responsive to presidential authority.  Beyond that, the impending failure to reach the assigned goal is an indication that current declassification procedures are inadequate to the task at hand.

While the NDC has already achieved some difficult changes in declassification policy, something more is evidently needed.

Potential changes that could be adopted include self-canceling classification markings that require no active declassification;  depopulation of the obsolete Formerly Restricted Data category for certain types of nuclear weapons information, which complicates declassification without any added security benefit;  and the surrender of agency “equity” or ownership in government records after a period of time so as to enable third-party (or automatic) declassification of the records.

These and other changes in declassification policy could be placed on the action agenda by the forthcoming report to the President from the Public Interest Declassification Board.

New Pentagon Statement on Leak Policy

Following a closed House Armed Services Committee hearing on leaks yesterday, the Department of Defense issued a statement outlining its multi-pronged effort to deter, detect and punish unauthorized disclosures of classified information.

“The Department of Defense has taken a comprehensive approach to address the issue of national security leaks,” the statement said.  “Personnel in all components are continuously working to protect classified information and identify those who do not uphold their obligations to protect national defense information.”

Several of the steps announced have previously been described and implemented, such as new guidance on protection of classified information and physical restrictions on use of portable media to download classified data.  Other measures involve new tracking and reporting mechanisms, and the ongoing implementation of an “insider threat” detection program.

Although many of these changes originated in response to WikiLeaks-type disclosures of DoD information two years ago, their repackaging now might serve to diffuse congressional anger over more recent high-profile leaks, and to preempt more extreme legislative responses.

The new DoD statement does not admit any valid role for unauthorized disclosures under any circumstances.

To the contrary, the Secretary of Defense affirmed that the Assistant Secretary for Public Affairs is the “sole release authority for all DoD information to news media in Washington.”

In other words, DoD Public Affairs is the only legitimate source for defense news and information.  It follows that freedom of the press means the unfettered ability of reporters to write about what the DoD Public Affairs Officer says.

New Army Doctrine Seeks to Minimize Civilian Casualties

Both as a matter of humanitarian principle and as sound military strategy, U.S. military forces should strive to minimize civilian casualties in military operations, according to new U.S. Army doctrine published on Wednesday.

“In their efforts to defeat enemies, Army units and their partners must ensure that they are not creating even more adversaries in the process,” the new publication states.

“Focused attention on CIVCAS [civilian casualty] mitigation is an important investment to maintain legitimacy and ensure eventual success.  Failure to prevent CIVCASs will undermine national policy objectives as well as the mission of Army units, while assisting adversaries.”

So, for example, “When Army units are establishing and maintaining wide area security, it may be more important to minimize CIVCAS than to defeat a particular enemy.”

However, “While CIVCAS mitigation efforts can greatly reduce CIVCASs, it is unreasonable to expect that CIVCASs can be completely eliminated in all instances.  When CIVCASs occur, the most important part of the response is to determine the facts of the incident, including the numbers and severity of CIVCASs.”

“Recognizing that they are in a constant information battle with their adversaries regarding CIVCASs and other issues, Army units should maintain a consistent pattern of truthfulness and timeliness.”

“Army investigations [of civilian casualty incidents] should strive for integrity, credibility, and inclusion of external perspectives…. Immediate and broad denial of reports without complete and accurate information in hand can undermine credibility, especially if the investigation finds reports [of civilian casualties] were correct.”

See “Civilian Casualty Mitigation,” ATTP 3-37.31, July 2012.

Punishing Leaks of Classified Information

The first new legislative initiative to combat leaks of classified information is a bill called the Deterring Public Disclosure of Covert Actions Act of 2012, which was introduced July 10 by Sen. Richard Burr (R-NC).

“This act will ensure that those who disclose or talk about covert actions by the United States will no longer be eligible for Federal Government security clearance. It is novel. It is very simple. If you talk about covert actions you will have your clearance revoked and you will never get another one,” Sen. Burr said.

As justification for the measure, he cited “a series of articles published in the media that have described and in some cases provided extensive details about highly classified unilateral and joint intelligence operations, including covert actions.”

But this assumes certain facts that are not in evidence.  As Walter Pincus wrote in the Washington Post today, there are numerous official and unofficial sources of information about the Stuxnet covert action story, for example, including private sector companies and foreign sources that do not hold security clearances.  From that point of view, the Burr bill does not seem well-suited to achieve its intended purpose.

But the most peculiar thing about the new legislation is that it appears to validate the spurious notion of an “authorized leak.”

Thus, the text of the bill would revoke the security clearance of persons who publicly disclose or discuss classified details of covert actions — unless they have “prior authorization from an original classification authority.”

This seems to mean that classified information about covert actions need not be specifically declassified in order to be publicly released, but only that its disclosure must be “authorized.”

The question of imposing criminal penalties for disclosure of classified information to the press was discussed lately by Morton H. Halperin, who has been involved as a consultant or an expert witness for the defense in many or most of the leak prosecutions from the Ellsberg case in the 1970s to the present.

“Starting from the premise that more information must be made public and that the government has the right to keep some information secret in the name of national security, we need a public and congressional dialogue about what set of measures would be most effective in meeting these two equally important objectives. Reducing government secrecy must be a key component of any such measures,” he wrote in “Leaks and the Public Right to Know,” Huffington Post, July 16.  See also a longer paper by Halperin on “Criminal Penalties for Disclosing Classified Information to the Press in the United States.”

Midnight Rulemaking, and More from CRS

New and updated reports from the Congressional Research Service that Congress has declined to make publicly available online include these.

Midnight Rulemaking, July 18, 2012

An Analysis of the Distribution of Wealth Across Households, 1989-2010, July 17, 2012

Oil Sands and the Keystone XL Pipeline: Background and Selected Environmental Issues, July 16, 2012

Defense Surplus Equipment Disposal: Background Information, July 18, 2012

Nigeria: Current Issues and U.S. Policy, July 18, 2012

The United Arab Emirates (UAE): Issues for U.S. Policy, July 17, 2012

Timor-Leste: Political Dynamics, Development, and International Involvement, July 3, 2012