Posts from June, 2013

Intelligence Accountability Reviews: An Unused Oversight Tool

In 2007, Congress passed legislation to grant the Director of National Intelligence “new authority to conduct accountability reviews of significant failures or deficiencies with the Intelligence Community.”  Up to now, however, that authority has never been exercised.

In 2011, the DNI issued Intelligence Community Directive (ICD) 111 on “Accountability Reviews.” That recently disclosed Directive “establishes policy and procedures governing the conduct of such reviews.”

“It is essential that alleged failures or deficiencies involving an IC element or senior IC personnel in the management or execution of IC missions be carefully reviewed and fully resolved,” DNI James R. Clapper wrote in ICD 111.

But in response to a query about how many accountability reviews have been conducted, and on which topics, Michael G. Birmingham of the Office of the Director of National Intelligence this week said that “There have been no accountability reviews conducted under the authorities in ICD 111.”

The Senate Intelligence Committee said in 2007 that the authority to perform accountability reviews was justified by a perceived lack of internal accountability for intelligence failures.

“This enhancement to the authority of the Director of National Intelligence is warranted given the apparent reluctance of various elements of the Intelligence Community to hold their agencies or personnel accountable for significant failures or deficiencies,” according to the Senate Intelligence Committee report on the FY 2008 Intelligence Authorization Act (section 401, p. 16).

“Recent history provides several examples of serious failures to adhere to sound analytic tradecraft,” the Committee report said. “In its reviews of both the September 11, 2001 terrorist attacks and the faulty Iraq prewar assessments on weapons of mass destruction, the Committee found specific examples of these failures yet no one within the Intelligence Community has been held accountable. Other examples of a lack of accountability within the Intelligence Community can be found by examining the history of certain major system acquisition programs. Despite clear management failures that resulted in significant cost overruns and unreasonable scheduling delays, these programs continue to stumble along without any imposition of accountability.”

“The Committee hopes that this modest increase in the Director of National Intelligence’s authorities will encourage elements within the Intelligence Community to put their houses in order by imposing accountability for significant failures and deficiencies,” the Senate Committee report said.

The measure was passed by both houses of Congress as section 408 of the FY 2008 Intelligence Authorization Act. Though that bill was vetoed by the President, the provision on accountability reviews was later enacted into law as Section 102A(f)(7) of the National Security Act.

The ICD stated that accountability reviews would not be conducted (“except in extraordinary circumstances”) or would be deferred whenever the same issues were under review by law enforcement, inspectors general or other investigative bodies.

Earlier this month, the Director of National Intelligence issued another Intelligence Community Directive on the subject of Outside Employment.  ICD 117, dated 09 June 2013, implements a statutory requirement “prohibiting IC personnel from engaging in outside employment if such employment creates a conflict of interest or the appearance thereof.”

Science and Technology in the 113th Congress, and More from CRS

New and newly updated reports from the Congressional Research Service that Congress has withheld from online distribution include the following.

Science and Technology Issues in the 113th Congress, June 20, 2013

What Is the Farm Bill?, June 21, 2013

Independent Counsels, Special Prosecutors, Special Counsels, and the Role of Congress, June 20, 2013

Transforming Government Acquisition Systems: Overview and Selected Issues, June 20, 2013

Taxation of Hedge Fund and Private Equity Managers, June 20, 2013

Systemically Important or “Too Big to Fail” Financial Institutions, June 19, 2013

Federal Pollution Control Laws: How Are They Enforced?, June 18, 2013

Foreign Investment in the United States: Major Federal Statutory Restrictions, June 17, 2013

Financial Aid for Students: Online Resources, June 17, 2013

Social Security Primer, June 17, 2013

Abortion: Judicial History and Legislative Response, June 14, 2013

Federal Laws Relating to Cybersecurity: Overview and Discussion of Proposed Revisions, June 20, 2013

U.S. Global Health Assistance: Background and Issues for the 113th Congress, June 21, 2013

FBI Director: Appointment and Tenure, May 30, 2013

U.S.-Vietnam Relations in 2013: Current Issues and Implications for U.S. Policy, June 19, 2013

U.S.-Cambodia Relations: Issues for the 113th Congress, June 19, 2013

Turkey: Background and U.S. Relations, June 21, 2013

The United Arab Emirates (UAE): Issues for U.S. Policy, June 18, 2013

Status of Federal Funding for State Implementation of Health Insurance Exchanges, June 19, 2013

Next Steps in Nuclear Arms Control with Russia: Issues for Congress, June 19, 2013

Secrecy System Shows Signs of Contraction

The creation of new national security secrets dropped sharply in 2012, recently released government data show.  While the proper boundaries of official secrecy remain a matter of intense dispute, the secrecy system itself is showing surprising new signs of restraint and even contraction.

In 2012, the number of original classification decisions, or decisions to classify new information, decreased by 42 percent from the year before to 73,477, according to the latest annual report from the Information Security Oversight Office (ISOO).  This was the lowest reported level of new classification activity since at least 1989 and possibly longer.

Meanwhile, the number of executive branch officials who are authorized to generate new classified information also dropped last year to a record low of 2,326, the ISOO report said.

The 2012 ISOO Annual Report was transmitted to the President by ISOO Director John P. Fitzpatrick on June 20.

Significantly, the reductions in new secrecy activity are not considered to be a statistical fluke or within the range of normal variability but appear to be the consequence of deliberate policy choices, the ISOO Report said.

“A large part of this decrease [in original classification activity] can be attributed to the Fundamental Classification Guidance Review process and the appropriate recording of classification decisions in security classification guides,” according to ISOO.

The Fundamental Classification Guidance Review was a systematic examination of all government classification instructions that took place between 2010 and 2012 in an effort to validate current classification guidance and to eliminate obsolete or unnecessary secrecy requirements.

The argument for a fundamental review of classification policy was presented in a 2009 paper I wrote on “Reducing Government Secrecy: Finding What Works,” Yale Law & Policy Review, Spring 2009. That paper documented the failure of most classification reform initiatives over the past half century to reduce government secrecy, but also noted that some such initiatives had not failed. The Department of Energy’s Fundamental Classification Policy Review during the 1990s had been a notable success and, it was suggested, could serve as a template for a broader government-wide reconsideration of classification policy.

This proposal was briefed to the National Security Staff in July 2009, and was incorporated in President Obama’s December 2009 executive order 13526, although in attenuated form.  Unlike the earlier review done by the Energy Department, the Obama Fundamental Review did not provide for public comment at the beginning and before the end of the process, nor did it bring to bear (as it was supposed to) “the broadest possible range of perspectives” to critique current classification policy.  So the resulting reductions in secrecy are attenuated correspondingly.

Nevertheless, the newly reported data on reductions in original classification provide evidence that the secrecy system is not an autonomous entity beyond effective control, as might have been supposed, but that it can be modified and constrained by using the levers of public policy.

Other data reported in the new ISOO annual report indicate that classification error correction mechanisms are at least partially functional.

During 2012, government employees filed 402 internal classification challenges disputing the classification of particular items of information.  While the current classification status was affirmed in two-thirds of those cases, classification of the information was overturned in whole or in part in one-third of them.

Appeals of mandatory declassification review requests that had been denied by agencies also received a favorable reception in many cases from the Interagency Security Classification Appeals Panel.  Out of 163 documents considered by the Panel last year, prior agency classification decisions were fully affirmed in only 8 percent of the cases, while 39 percent of the documents were fully declassified at the direction of the Panel and 53 percent were partially declassified.

While all of this is quite encouraging, it does not mean that all is well in the classification system.

Derivative classification, or the application of previous classification decisions to new documents, increased by 3% to a new high of more than 95 million classification actions. (One would have expected the Fundamental Classification Guidance Review to have had greater impact on derivative classification — since it is based on the newly reviewed guidance — than it did on original classification, but that’s not what happened.)

The declassification process remains slow, cumbersome and predicated on an absolute risk avoidance standard that is simply unworkable.  Incredibly, the President’s directive to process the backlog of 25 year old historically valuable document for declassification and public release by December 2013 will apparently not be achieved, although the new ISOO report somehow neglects to mention this.

Nor has the problem of overclassification been solved.  Many classification decisions are still excluded from critical scrutiny and instances of overclassification are not hard to find. For example, the ISOO annual report states that although most agencies’ information security costs are public information, the estimated costs of security incurred by intelligence agencies are nevertheless classified, as in the past, “in accordance with Intelligence Community classification guidance.”  It’s hard to believe that any impartial observer would agree that these cost estimates are properly classified and that their disclosure would cause damage to national security.  (ISOO notes that the suppressed cost estimate is “approximately 20%” of the overall government total.)

Speaking of costs, the total cost of classification-related activities was $9.77 billion in 2012, ISOO noted. Though this figure remains historically high, it is over a billion dollars less than the year before.  In fact, it represents the first annual reduction in secrecy-related expenditures ever reported by ISOO.

A Candid Look at the Senate Intelligence Committee

Much of the continuing controversy over intelligence surveillance policy revolves around whether the sweeping collection of U.S. telephone data by intelligence agencies violates constitutional norms.  But it is also an occasion to assess the quality of intelligence oversight, and to review the performance of oversight mechanisms in representing the public and defending its interests.

So it was disappointing to read that the Senate Select Committee on Intelligence has blocked its former general counsel, Vicki Divoll, from speaking to Talking Points Memo (TPM) on the record about how the Committee functions.

“TPM was reporting a story based on interviews with members of Congress and current and former aides about the successes and pitfalls of intelligence oversight on Capitol Hill,” wrote Brian Beutler of TPM DC.

“The goal was to answer some basic questions for readers: How does a classified process differ from public oversight? What challenges do the combination of government secrecy, classified briefings, and strict committee protocols present to legislators trying to control the nation’s sprawling intelligence apparatus?”

A Committee spokesman told TPM that this kind of information was “committee sensitive” and that therefore Ms. Divoll’s remarks on the subject should not be made public.  See “Senate Intel Committee Blocks Former Staffer From Talking To Press About Oversight Process,” June 18.

In an earlier era — twenty years ago — it was still possible for a staff member of the Senate Intelligence Committee to speak candidly in public about the strengths and weaknesses of intelligence oversight.

The intelligence oversight process is constrained by size, time, personnel and secrecy, wrote Mary K. Sturtevant in 1992, when she was a Senate Intelligence Committee staffer.

“Because of the classified nature of the programs we review, we are especially reliant on information provided by the very Community we hope to oversee,” she wrote. “We lack alternative sources of information and points of view on intelligence budget requests, as there are few constituents with legitimate access to intelligence programs who wish to bring information forward to the Committees.”

“The fact that these programs are highly classified imposes an extra burden on already busy Senators because they must, as a practical matter, either come to the Committee staff or hearing spaces to review classified information, or read it in their offices in the presence of one of the Committee’s security staff. They might also be orally briefed in their offices or during Committee hearings by their designees or other Committee staff, but frequently this is on the fly and without benefit of note-taking.”

“Also, the arcane, often technical subject matter keeps all but the most persistent senators from delving into the details of intelligence programs where I am reliably told the devil resides. The net result of this situation is that this handful of Congressional budget staff end up providing most of the detailed recommendations — to eliminate, cut, increase, or even create programs — that are decided by Committee Members during mark-up of the Intelligence Authorization bill.”

“Although we occasionally hear the charge of ‘micromanagement,’ we always shake our heads in wonder that this could be so. In toto, we are perhaps one dozen or so full-time budget staff supporting the Intelligence Authorization and Appropriations Committees of both the House and the Senate reviewing activities conducted by tens of thousands of civilian and military personnel and programs valued in the multiple billions of dollars.”

“For better or for worse, the way budgets are put together and presented to Congress places the small number of new and on-going initiatives — those ideas most likely to reflect needed changes in direction — under the microscope of Congressional attention, while the great majority of continuing, or ‘base,’ programs, go unscrutinized.”

And so forth.  While much has changed in intelligence and oversight in the past twenty years, some of the enduring difficulties of overseeing secret government operations are frankly acknowledged in Ms. Sturtevant’s article.  See “Congressional Oversight of Intelligence: One Perspective,” American Intelligence Journal, Summer 1992 (posted with permission of the publisher).

One problematic aspect of congressional oversight of intelligence that is not often addressed is the heavy, disproportionate representation of former intelligence community employees (like Ms. Sturtevant and Ms. Divoll) among the professional staff of the oversight committees.

On one hand, this is perfectly understandable since such former intelligence employees bring much-needed subject matter expertise to the task of oversight, along with an existing security clearance.  On the other hand, they may also possess a narrow, compliant perspective and a set of personal interests that limit their effectiveness, particularly if they ever hope to return to the ranks of their former employers.  Meanwhile, it is hard to think of an intelligence committee staff member who joined the committee following a career devoted to civil liberties, government accountability or personal privacy.

A 2006 report from the Center for American Progress said Congress had failed in its duty to perform effective oversight of intelligence, and that the oversight function needed to be fixed.  See “No Mere Oversight: Congressional Oversight of Intelligence is Broken” by Denis McDonough, Mara Rudman and Peter Rundlet, June 13, 2006.

The lead author of that report, Mr. McDonough, now serves as the White House Chief of Staff.

Hundreds of Classified Leaks Under Review by IC Inspector General

Hundreds of cases of unauthorized disclosures of classified information were under review by the Office of the Inspector General of the U.S. Intelligence Community as of last year, according to a 2012 report that was recently declassified.

“The Investigations Division [of the IC Office of the Inspector General] is reviewing 375 unauthorized disclosure case files,” said the report from Inspector General I. Charles McCullough, covering the period from November 2011 through June 2012 (at p. 16).

Most of these reviews pertained to disclosures which could not be criminally prosecuted for one reason or another, and which were therefore considered closed cases. Until recently, they were usually not investigated further.  But starting a year or so ago, the IC Inspector General began reviewing them in order to identify the leakers and to impose administrative sanctions where appropriate.

“The Investigations Division reviewed hundreds of closed cases from across the IC,” said the 2012 report, which was released under the Freedom of Information Act in redacted form (p. 10).

Leakers who cannot be prosecuted will not necessarily be off the hook, the IG said.

“Going forward, the division will engage in gap mitigation for those cases where an agency does not have the authority to investigate ([due to the overlap of] multiple agencies or programs) or where DOJ declined criminal prosecution.”

“The division will conduct administrative investigations with IG investigators from affected IC elements to maximize efficiencies, expedite investigations, and enhance partnerships,” the IC IG report said.

Intelligence agencies do not often disclose statistical information about leaks, but the reported figure of 375 leak cases exceeds previously reported levels by a considerable margin.

In 2010 the FBI said that intelligence agencies had submitted 183 referrals of incidents of unauthorized disclosure of classified information to the Department of Justice during a five year period from 2005 to 2009.  Those referrals resulted in 26 leak investigations, and the subsequent identification of 14 suspects. (“FBI Found 14 Intel Leak Suspects in Past 5 Years,” Secrecy News, June 21, 2010).

The newly disclosed Inspector General report also included several other points of interest regarding intelligence community policy.

The IG said that plans to generate auditable financial statements prepared by five intelligence agencies — CIA, DIA, NSA, NGA and ODNI — were not adequate.  “We found no reasonable assurance that based on the plans we reviewed, any of the five entities would be able to achieve an unqualified opinion on their FY 2015 or FY 2016 financial statements,” the IG report said.

The IG said that its Hotline for submitting complaints “provides a confidential and reliable source for IC employees and contractors and the public to report fraud, waste, and abuse. Since the stand up of the IC IG in November 2011, the Hotline has received 105 contacts from the IC and the general public,” the June 2012 report said.

Presidential Policy Directive 19 on Protecting Whistleblowers with Access to Classified Information, issued by President Obama in October 2012, is intended to enhance protections for intelligence community whistleblowers and to prohibit retaliation against them.  But it does not mention intelligence community contractors, observed Angela Canterbury of the Project on Government Oversight, and on its face, the Directive does not appear to extend protections to them.

The IC IG says it is well-positioned “to address the most critical problems facing the IC today. Information sharing, implementation of intelligence collection authorities under the USA PATRIOT Act and FISA Amendments Act, IC contractor fraud schemes, and unauthorized disclosures are just a few of the IC-wide issues that the IC IG will address,” the report said.

National Security Secrecy and the Right to Know

While almost everyone would agree that national security secrecy has a role to play in an open society, such secrecy must be carefully circumscribed if robust public access to government information is to be preserved.  A set of principles that open societies around the world can use to help guide and limit the application of secrecy was published this week.

The new Principles on National Security and the Right to Know were generated by an international group of scholars, government officials, activists and others convened by the Open Society Justice Initiative in an attempt to define a global consensus on national security secrecy and to aid legislators and citizens around the world who may be new to the subject.

The Principles present guidance on specific types of information that the drafters believe may legitimately be withheld from disclosure on national security grounds (e.g. current war plans), as well as categories of information that should not be withheld on national security grounds “in any circumstances” (e.g. information on gross violations of human rights).

The Principles are the product of an international initiative, and they are not the same as U.S. policy writ large.  In fact, some of the Principles are inconsistent with current U.S. government practice.

Thus, one principle would preclude the use of secret interpretations of law in the conduct of intelligence surveillance. “The overall legal framework concerning surveillance of all kinds, as well as the procedures to be followed for authorizing surveillance, selecting targets of surveillance, and using, sharing, storing, and destroying intercepted material, should be accessible to the public.” (Principle 10E).

Another principle would provide strong protection to persons who publicly disclose government wrongdoing involving classified information, under certain specified conditions. (Principle 40).

The tools of transparency can be used to attack an open society– by infringing on personal privacy, by violating confidentiality in the exercise of religious freedom or free association, or by making sensitive military or intelligence data available to violent fundamentalist adversaries. But in a briefing paper, the drafters of the Principles disavow such actions.

“The aim of the Principles is not absolute or radical transparency. The Principles, in keeping with international law, recognize that the right of access to information may be limited by other important interests including international relations, public order, public health and safety, law enforcement, future provision of free and open advice, effective policy formulation, economic interests of the state, personal privacy and commercial confidentiality.”

The Principles were developed in response to a wave of global interest in open government, the drafters said.

“In 1989, only 13 countries had access to information laws on their books.  As of June 2013, 94 countries have such laws, granting the right of access to information, at least in theory, to more than 5.2 billion people in all parts of the world.  People in these countries are, many for the first time, grappling with how to keep information confidential pursuant to law rather than by culture or executive discretion.”

It is the drafters’ hope that “the Principles will influence the development and reform of laws and policies in countries that aspire to comply, and to be seen by the international community to comply, with international law.”

“As societies deal with the continuing conflict between the right to know and claims of national security, as well as how to evaluate acts of whistleblowers, these Principles will provide a compelling guide grounded in experience and a deep commitment to the values of open society,” said Morton Halperin, senior advisor to the Open Society Foundations.

NASA Releases Online Library on Risk Mitigation

NASA has produced a library of “knowledge bundles” describing how various technical problems that arose in the course of its space technology programs were successfully resolved. Last week, the library was posted online.

If you want to know how a solar array was repaired in orbit, or how an astronaut dealt with a punctured glove, the answers can be found here.

The NASA Knowledge-Based Risk Library “consists of subject-matter expert video interviews, white papers, articles, and presentations in order to provide an interactive and engaging way to identify and mitigate important risks relevant to HEOMD [Human Exploration and Operations Mission Directorate].”

“Compiling the database and making the videos took a couple of years, and then its creators had to get it approved for public release,” a space professional familiar with the project told Secrecy News.

“Aerospace engineers will definitely be interested in the database, but any space enthusiast who wants to hear stories about how NASA does troubleshooting of technical systems will find this accessible,” he said.

Responding to Change in the Middle East, and More from CRS

New and updated reports from the Congressional Research Service that have been withheld by Congress from public distribution online include the following.

The United States and Europe: Responding to Change in the Middle East and North Africa, June 12, 2013

Israel: Background and U.S. Relations, June 12, 2013

U.S.-Mexican Security Cooperation: the Merida Initiative and Beyond, June 12, 2013

Foreign Assistance to North Korea, June 11, 2013

Cuba: U.S. Policy and Issues for the 113th Congress, June 12, 2013

Recess Appointments Made by President Barack Obama, June 11, 2013

A Brief Overview of Business Types and Their Tax Treatment, June 12, 2013

The Committee on Foreign Investment in the United States (CFIUS), June 12, 2013

Terrorism and Transnational Crime: Foreign Policy Issues for Congress, June 11, 2013

DoD Warns Employees of Classified Info in Public Domain

As a new wave of classified documents published by news organizations appeared online over the past week, the Department of Defense instructed employees and contractors that they must neither seek out nor download classified material that is in the public domain.

“Classified information, whether or not already posted on public websites, disclosed to the media, or otherwise in the public domain remains classified and must be treated as such until it is declassified by an appropriate U.S. government authority,” wrote Timothy A. Davis, Director of Security in the Office of the Under Secretary of Defense (Intelligence), in a June 7 memorandum.

“DoD employees and contractors shall not, while accessing the web on unclassified government systems, access or download documents that are known or suspected to contain classified information.”

“DoD employees or contractors who seek out classified information in the public domain, acknowledge its accuracy or existence, or proliferate the information in any way will be subject to sanctions,” the memorandum said.