Posts from February, 2014

Inspector General Blasts NRO Secrecy Practices

The National Reconnaissance Office (NRO), the agency that builds and operates U.S. intelligence satellites, frequently makes mistakes when it classifies national security information, according to an assessment performed last year by the NRO Inspector General.

“From the classified documents we reviewed at NRO headquarters, 114 of 134 documents contained classification errors,” the IG report said.

Agency classification officials “lack sufficient knowledge of classification principles and procedures necessary to perform their duties,” the NRO Inspector General found. “One OCA [original classification authority] had almost no knowledge of his responsibilities.”

“Because of the lack of full compliance in multiple areas, the NRO is susceptible to the risk of persistent misclassification,” the IG said.

The IG report was performed in response to the “Reducing Over-Classification Act of 2010,” which required the Inspectors General of all agencies that classify information to evaluate their classification programs. A copy of the report was obtained under the Freedom of Information Act by the web site.

Most of the classification errors discovered by the Inspector General are administrative rather than substantive. Like other IG evaluations conducted under the Reducing Over-Classification Act, the NRO Inspector General review does not allow for the possibility that an agency could be in full compliance with classification rules and nevertheless be overclassifying information.

Instead, the IGs have focused on errors in marking documents, failures to specify proper authorities or to cite responsible officials, and similar defects in conformity with established rules.

Still, these are not necessarily trivial failures. Between 2005 and 2012, for example, NRO improperly exempted records from automatic declassification at 25 years when it had no authority to do so, the IG said.

The Inspector General reviewed NRO classification guides (which dictate the classification levels of particular items of information) “and we found that all but one of the 62 guides had classification errors.”

Puzzlingly, the Inspector General also reported that NRO “has not conducted timely reviews [of] its security classification guides” and that “three of the 62 SCGs had not been reviewed within five years.”

This finding appears to be inconsistent with a 2012 NRO report which affirmed that all of its security classification guides — of which there were 67, not 62 — had been reviewed in response to the Fundamental Classification Guidance Review. An explanation of the inconsistency was not immediately available.

NRO officials “non-concurred” with the findings and conclusions of the Inspector General report.

The report contains “numerous sensationalized, exaggerated and misleading statements,” wrote A. Jamieson Burnett, the director of the NRO Office of Security and Counterintelligence.

Other previously disclosed IG reports issued in response to the Reducing Over-Classification Act addressed classification programs in the Department of Defense, Department of Justice, Department of Homeland Security, and the Environmental Protection Administration.

Perhaps the biggest incentive for reducing overclassification is the negative impact that unnecessary secrecy can have on government operations.

“A major impediment to operating with international partners is the U.S. tendency to classify information, complicating the crucial flow of important data to our allies as well as within and among our own Services,” according to a new article in Joint Force Quarterly, which is published by National Defense University for the Chairman of the Joint Chiefs of Staff.

“The U.S. military needs to [...] try harder to communicate in the unclassified domain,” wrote Jeffrey M. Shaw in his article “Putting ‘A Cooperative Strategy for 21st Century Sea Power’ to Work,” Joint Force Quarterly, January 2014.

Options for US Nuclear Weapon Pit Production (CRS)

A major new report from the Congressional Research Service examines the infrastructure for producing the plutonium “pits” that are used in US nuclear weapons, and the feasibility of sharply increasing the rate of pit production.

The CRS report does not deal with whether or why that is a sensible goal, but instead probes deeply into how it could possibly be achieved.

“The Department of Defense states that it needs the Department of Energy, which maintains U.S. nuclear weapons, to produce 50-80 ppy [pits per year] by 2030. While some argue that few if any new pits are needed, at least for decades, this report focuses on options to reach 80 ppy.”

In recent years, U.S. pit production has not exceeded 11 pits per year.

“The current infrastructure cannot produce pits at the capacity DOD requires, and many efforts stretching back to the late 1980s to produce pits have been canceled or have otherwise foundered.”

Based on a close examination of the nation’s nuclear weapons infrastructure, the CRS report presents a dozen options that might satisfy the proposed requirements with minimal new construction, by assigning various functions to existing buildings and facilities. It also notes the structural, political and bureaucratic obstacles to achieving any such outcome.

“Of all the problems facing the nuclear weapons program and nuclear weapons complex over the past several decades, few, if any, have been as vexing as pit production,” the CRS report states.

A copy of the report was obtained by Secrecy News. See U.S. Nuclear Weapon “Pit” Production Options for Congress, February 21, 2014.

Putting Declassified Records to Good Use

The final, climactic step in the declassification of government records is not the formal removal of classification markings or even the transfer of the declassified documents to public archives. The culmination of the declassification process is when the records are finally examined by an interested reader and their contents are absorbed into the body of public knowledge.

The records themselves are mute. It is the reader who interprets them, assigns them their significance, and thereby adds value to them.

Declassification of government records can be a tedious bureaucratic process.  But at its most successful, it can also be an electrifying, revelatory source of fundamental new insights.

So, for example, “The declassification of imagery from CORONA and subsequent intelligence satellite programs has inspired a revolution in landscape archaeology in the Near East,” wrote Harvard archaeologist Jason Ur in a book chapter last year.

Support for archaeological research was never intended or imagined by those who built or operated Cold War intelligence satellites. Yet “CORONA has emerged as an irreplaceable source for reconstructing ancient landscapes.”

Declassified CORONA satellite imagery “allows virtual survey of regions where ground observation would be difficult or impossible” and it has already yielded a near doubling of the number of archeological sites of interest, Dr. Ur wrote.

See Spying on the Past: Declassified Intelligence Satellite Photographs and Near Eastern Landscapes, Near Eastern Archaeology, volume 76, no. 1 (2013).

In another promising new initiative using declassified government records, historians, statisticians, computer scientists and others at Columbia University have joined forces to try to develop new ways to derive insights from such records.

Their project, known as the Declassification Engine, works to apply statistical tools and machine learning to cast new light on declassified record collections. With such tools, the project believes it will be able to characterize declassified records in meaningful new ways.

Near-term objectives include the attribution of authorship to anonymous documents, identifying patterns of secrecy in previously redacted text, and correlating the production of (de)classified diplomatic cables with international events in order to help uncover significant events that may have gone unrecognized. Another seemingly mundane but vital goal that is coming within reach is to enable the cost-effective digitization of documents that are in non-standard formats or that are not entirely legible.

“The long-range goal is to create a cloud-based virtual archive,” according to the project website. “It would aggregate the digitized documents now scattered across dozens of different repositories, offer a place for scholars and journalists to upload their own archival finds, and provide a range of visualization and attribution tools to advance research on the history, and future, of world politics.”

See also The Ghost Files by David J. Craig, Columbia Magazine, Winter 2013-14.

For now, however, these kinds of innovative approaches to the exploitation of classified documents stand out as novelties. They are still exceptions to the conventional rule.

Even when declassification is successfully accomplished, many — probably most — declassified records go unexamined by researchers and other members of the public.

This is partly a resource issue, said William J. Bosanko, the chief operating officer of the National Archives and Records Administration. NARA’s holdings have quadrupled in the last few decades, while its staff support has remained close to level. As a result, archivists have been unable to produce detailed indexing of many incoming records so as to make them easily “discoverable.”

At the same time, there seem to be fewer and fewer individual researchers that are inclined to delve deeply into archived collections of hardcopy records. It appears that many of them — many of us — have become habituated instead to the instant gratification of online access. (There are, however, backlogs of FOIA and mandatory declassification review requests.)

The upshot is that “there are lots of [record] series never used by the public,” said Mr. Bosanko. He noted that this is true of both declassified records and of records that were never classified.

This neglect is not a reflection on the contents of those records, which are endlessly rich. “There is a huge, vast treasure trove of fascinating stories waiting to be revealed” at the National Archives, Mr. Bosanko said. But they continue to wait.

Another persistent problem is the erratic, often illogical character of the declassification process.

The Department of Defense recently sought to redact the well-known fact that there were U.S. missiles deployed in Turkey during the Cuban Missile Crisis in 1962. This and other “inane and contradictory declassification actions” were highlighted recently by the non-profit National Security Archive.

“It is a waste of resources and a sign of a seriously defective declassification system when reviewers redact 50-year-old documents when nothing about them is sensitive,” wrote William Burr of the National Security Archive.  See Dubious Secrets of the Cuban Missile Crisis, February 21, 2014.

As with classification, so too with declassification: new oversight procedures are needed to prevent egregious errors and to promote more discriminating judgment.

U.S. Military Casualty Statistics, and More from CRS

Last week the Congressional Research Service published updated U.S. military casualty statistics for post-9/11 operations in Iraq and Afghanistan through January 2014. There have been 4,410 U.S. military deaths in Operation Iraqi Freedom and 2,299 U.S. military deaths in Operation Enduring Freedom to date.

While overall fatality figures are already made available on Department of Defense websites, the newly updated CRS report presents some more detailed casualty information that was obtained directly from DoD medical experts.

“This report includes statistics on post-traumatic stress disorder (PTSD), traumatic brain injury (TBI), amputations, evacuations, and the demographics of casualties.” See A Guide to U.S. Military Casualty Statistics: Operation New Dawn, Operation Iraqi Freedom, and Operation Enduring Freedom, February 19, 2014.

Another newly updated CRS report considers the vitality of the U.S. manufacturing sector as compared to that of other countries.

“China displaced the United States as the largest manufacturing country in 2010,” CRS noted for the first time, as others have done. (Last year’s edition of the CRS report still held, based on World Bank estimates, that “The United States remained the largest manufacturing country in 2010.”)

“This report is designed to inform the debate over the health of U.S. manufacturing through a series of charts and tables that depict the position of the United States relative to other countries according to various metrics.” See U.S. Manufacturing in International Perspective, February 20, 2014.

A CRS report on the Ukraine that was updated last week has already been overtaken by the tumultuous events of the last few days. But it provides background on recent developments and congressional perspectives on them. See Ukraine: Current Issues and U.S. Policy, February 20, 2014.

And see, relatedly, Armenia, Azerbaijan, and Georgia: Political Developments and Implications for U.S. Interests, February 20, 2014. Also, European Union Enlargement, February 19, 2014.

Updates of other previously issued CRS reports include the following.

Gangs in Central America, February 20, 2014

Employment for Veterans: Trends and Programs, February 20, 2014

Countering Violent Extremism in the United States, February 19, 2014

Another CRS report finds that “Four species of non-indigenous Asian carp are expanding their range in U.S. waterways, resulting in a variety of concerns and problems.” See Asian Carp and the Great Lakes Region, January 23, 2014.

Army Issues Guidance on Cyberspace Operations

For the first time the U.S. Army has produced official doctrine on military activities in cyberspace, including offensive, defensive and network operations.

A new Army field manual “provides overarching doctrinal guidance and direction for conducting cyber electromagnetic activities (CEMA)…. It provides enough guidance for commanders and their staffs to develop innovative approaches to seize, retain, and exploit advantages throughout an operational environment.”

It is “the first doctrinal field manual of its kind.” See FM 3-38, Cyber Electromagnetic Activities, February 2014.

The manual introduces the fundamentals of cyber operations, or “cyber electromagnetic activities” (CEMA), defining terms and identifying important operational factors and constraints.

“Today’s Army must operate in cyberspace and leverage an electromagnetic spectrum that is increasingly competitive, congested, and contested.”

However, “execution of CEMA can involve significant legal and policy considerations.” Also, “possibilities of unintended or cascading effects exist and may be difficult to predict.”

Several years ago, any official discussion of offensive cyber operations was considered classified information. That is no longer the case, and the new Army manual — which itself is unclassified — treats the subject as a normal part of military conflict.

“Army forces conduct OCO [offensive cyberspace operations] across the range of military operations by targeting enemy and hostile adversary activity and related capabilities in and through cyberspace,” the Field Manual says.

Cyberspace attacks in support of offensive operations “may be directed at information resident in, or in transit between, computers (including mobile phones and personal digital assistants) and computer networks used by an enemy or adversary.”

“Cyberspace attacks may employ capabilities such as tailored computer code in and through various network nodes such as servers, bridges, firewalls, sensors, protocols, operating systems, and hardware associated with computers or processors. Tailored computer code is only one example of a cyberspace capability… designed to create an effect in or through cyberspace.”

“Cyberspace attacks may employ manipulation which includes deception, decoying, conditioning, and spoofing to control or change information, information systems, and networks.”

The Army manual also presents doctrine on defensive cyberspace operations and on information network operations. “[Defensive] countermeasures in cyberspace should not destroy or significantly impede the operations or functionality of the network they are being employed against, nor should they intentionally cause injury or the loss of life.”

The manual devotes some attention to the legal framework governing cyber operations, which “depends on the nature of the activities conducted.”  Under all circumstances, the manual says, “Army forces conducting CO [cyberspace operations] will comply with the law of war.”

Ordinarily, the manual states, the U.S. Army should not be conducting offensive cyber operations against U.S. targets. “Unless approved by appropriate authorities, Army assets cannot be used to perform attack or exploit operations on U.S. entities.”

“Commanders must ensure that the legal, constitutional, and privacy rights of U.S. citizens are protected throughout the planning and execution of [cyber operations].”

    *    *    *

“Legal Reviews of Cyber Weapons” is one of the topics addressed in the latest issue of the Journal of National Security Law and Policy.

Brendan Koerner reported on “How America’s Soldiers Fight for the Spectrum on the Battlefield” in Wired Threat Level, February 18.

Independence of Financial Regulators, and More from CRS

New and updated reports from the Congressional Research Service that have not been made readily available to the public include the following.

Independence of Federal Financial Regulators, February 12, 2014

Small Business: Access to Capital and Job Creation, February 18, 2014

U.S.-South Korea Relations, February 12, 2014

U.S.-Japan Economic Relations: Significance, Prospects, and Policy Options, February 18, 2014

The U.S.-Colombia Free Trade Agreement: Background and Issues, February 14, 2014

Latin America and the Caribbean: Key Issues for the 113th Congress, February 15, 2014

Bahrain: Reform, Security, and U.S. Policy, February 14, 2014

Visa Waiver Program, February 12, 2014

FBI Director: Appointment and Tenure, February 19, 2014

GAO Says Data on Intelligence Contractors Not Reliable

Official data on the number of contractors used by civilian intelligence agencies are unreliable, according to a review by the Government Accountability Office (GAO). Nor can the costs incurred by contractors be accurately assessed.

The inadequacy of the data undermines workforce management as well as contractor oversight, GAO said.

“GAO identified a number of limitations in the inventory [of intelligence contractors] that collectively limit the comparability, accuracy, and consistency of the information reported by the civilian IC [intelligence community] elements as a whole,” the GAO report said.  These limitations included changing definitions of what a core contractor is, and variability in the collection and reporting of data on their use.

The resulting inventory “does not provide insight into the functions performed by contractors, in particular those that could inappropriately influence the government’s control over its decisions.”

See Civilian Intelligence Community: Additional Actions Needed to Improve Reporting on and Planning for the Use of Contract Personnel, Government Accountability Office Report GAO-14-204, January 2014.

The intelligence community (IC) workforce is composed of three basic categories of employees:  civilian government personnel, military personnel, and core contractors.

“Core contractors” — as opposed to other individual contractors, manufacturers or service providers — may perform mission-related functions including intelligence collection, processing and analysis, as well as information technology services. (Edward Snowden was considered a core contractor.)

“While the use of contractors can provide benefits in support agency missions, such as flexibility to meet immediate needs and obtain unique expertise, their use can also introduce risks for the government to consider and manage,” the GAO report said.

But as a result of faulty data, US intelligence agencies “are not well-positioned to assess the potential effects of relying on contractor personnel.” The GAO report included recommendations for improving the quality and utility of data on intelligence contractor use.

Stephanie O’Sullivan, the Principal Deputy Director of National Intelligence, acknowledged that there were defects in IC reporting on contractors, but she said that things were getting better.

“There have been challenges associated with conducting the [intelligence contractor] inventory, which was one of the first of its kind in the Federal government,” she told the Senate Homeland Security and Governmental Affairs Committee. “However, the IC continues to improve the capture and understanding of data on its core contract personnel.”

Ms. O’Sullivan said that reductions in the contractor population were underway, but that contractors remained indispensable.

“We have… turned the corner and for the past several years have been reducing the number of core contract personnel across the IC, both in numbers and costs. Despite these reductions, core contract personnel have now become an integral part of the IC workforce. We could not perform our mission without them,” she said.

She noted that in some cases, intelligence contractors “have given their lives for this country alongside their government colleagues.”

“Two IC contract personnel were among the nine people killed during a terrorist attack on a CIA facility located near the eastern Afghan city of Khost in December 2009, and two IC contract personnel lost their lives during the attack on US diplomatic facilities in Benghazi, Libya, in September 2012.”

In any case, “because of the contraction in [intelligence] budgets, contractors are motivated to reduce costs…. In fact, some contractor employees are now being paid less than they were a few years back.”

The new Governmental Accountability Office report appears to represent a successful step in the development of GAO’s role in intelligence oversight.

Ms. O’Sullivan said that several of the specific steps recommended by GAO had been or would be adopted by the Intelligence Community. “These changes will bring greater transparency to the IC’s data on core contract personnel,” she said.

But it seems noteworthy that the new GAO report was requested by the Senate Committee on Homeland Security and Governmental Affairs– not the Senate Select Committee on Intelligence.

Just as the House and Senate Judiciary Committees have produced more incisive public oversight of intelligence surveillance policy than the Intelligence Committees have done over the past year, so in this case the Senate Homeland Security Committee has had more to offer the public in terms of oversight of intelligence contractors.  It is not clear why that should be so.

A GAO official downplayed this question. He said the Homeland Security Committee had a long-term interest in contractor policy throughout the government, including a series of reports requested from GAO. He added that the latest report “was distributed to all committees of jurisdiction, including the intelligence committees.” (More: Bloomberg, WaPo).

The Debt Limit Since 2011, and More from CRS

New and updated reports from the Congressional Research Service that Congress has withheld from online public distribution include the following.

The Debt Limit Since 2011, February 12, 2014

The Corporate Income Tax System: Overview and Options for Reform, February 14, 2014

The Hurricane Sandy Rebuilding Strategy: In Brief, February 10, 2014

Lebanon: Background and U.S. Policy, February 14, 2014

Saudi Arabia: Background and U.S. Relations, February 12, 2014

The FutureGen Carbon Capture and Sequestration Project: A Brief History and Issues for Congress, February 10, 2014

Carbon Capture and Sequestration: Research, Development, and Demonstration at the U.S. Department of Energy, February 10, 2014

Food Fraud and “Economically Motivated Adulteration” of Food and Food Ingredients, January 10, 2014

Stephen Kim Pleads Guilty to Leak Charge

Former State Department contractor Stephen Kim pleaded guilty on Friday to one count of unauthorized disclosure of national defense information to a Fox News reporter. Following a sentencing hearing in April, he is expected to serve a 13 month term in prison. (WashPost, NYT, Politico).

The plea was an abrupt departure from previous defense strategy. As recently as last month, Mr. Kim’s attorneys had argued that it was “the defense’s theory that the alleged disclosure to Fox News emanated from senior officials at the National Security Council or the White House, and not from a lower level employee like Mr. Kim” (Defendant’s Seventh Motion to Compel, January 17, 2014, page 5).

But in a February 3 Statement of Offense signed by the defendant, Mr. Kim acknowledged that he had “orally disclosed to Reporter A [James Rosen of Fox News] TS//SCI national defense information… specifically about the military capabilities and preparedness of North Korea.”

The two positions are not necessarily contradictory. “Stephen did not reveal any intelligence ‘sources’ or ‘methods’,” said his defense attorney Abbe Lowell in a February 7 statement. “He did not provide any documents or electronic data to anyone. He did not pay for or receive payment for his actions.”

Moreover, Mr. Lowell said, “news reports from the same day demonstrate that Stephen was not the only government employee discussing the topic at issue. Stephen may have told the reporter what the reporter already knew from others, but Stephen was the only one charged.”

The case against Mr. Kim stemmed from a June 11, 2009 Fox News story (“North Korea Intends to Match U.N. Resolution With New Nuclear Test” by James Rosen).

That story stated that “Pyongyang’s next nuclear detonation is but one of four planned actions the Central Intelligence Agency has learned, through sources inside North Korea, that the regime of Kim Jong-Il intends to take….” The brief but startling reference to “sources inside North Korea” appeared to refer to CIA human intelligence sources within the DPRK, potentially placing any such sources at heightened risk.

If that short phrase had not been published, it is doubtful that the Fox News story would have triggered a full-fledged leak investigation, or that Mr. Kim would have been prosecuted as a result.

In other words, because Fox News reported and edited the story in such a questionable way, it deserves a share of the responsibility both for any compromise of U.S. intelligence capabilities that may have occurred, and for Mr. Kim’s unhappy fate. (As noted above, Mr. Kim’s defense denies that he revealed any intelligence sources and methods.)

Unfortunately, this kind of carelessness on the part of media organizations is not all that unusual, even among publications that are not avowedly antagonistic or “adversarial” towards U.S. intelligence.

“News organizations publishing leaked National Security Agency documents have inadvertently disclosed the names of at least six intelligence workers and other government secrets they never intended to give away,” according to the Associated Press (“Media sometimes try, fail to keep NSA’s secrets” by Raphael Satter, AP, February 8).

The 13 month prison sentence that Stephen Kim is expected to receive may be the least of the punishments he will have suffered. Merely to be accused and prosecuted under the Espionage Act can be practically unbearable.

Even before a final judgment has been rendered, his sister wrote, “He endured what would break a normal person, abandoned by his significant other, deserted by his ‘friends’, shunned by his former colleagues, [and] ostracized by society.”

But setting aside questions of fairness, proportionality and selective prosecution, there is a certain dignity in submitting to the judicial process and accepting the consequences of one’s actions.

“Stephen decided to take responsibility for his actions and move forward with his life,” wrote Abbe Lowell.

As we know, not everyone is prepared to do that. But it is not a new predicament.

In ancient Athens, friends of Socrates urged him to flee the country to escape an unjust punishment.

“For men will love you in other places to which you may go, and not in Athens only,” said Crito in Plato’s dialogue of that name. “There are friends of mine in Thessaly, if you like to go to them, who will value and protect you, and no Thessalian will give you any trouble.”

“Nor can I think that you are justified, Socrates, in betraying your own life when you might be saved; this is playing into the hands of your enemies and destroyers,” Crito added.

Upon consideration, however, Socrates refused to become a fugitive under those circumstances. He said he had “chosen the better and nobler part, instead of playing truant and running away, of enduring any punishment which the state inflicts” (Phaedo).

“The Athenians have thought fit to condemn me, and accordingly I have thought it better and more right to remain here and undergo my sentence,” Socrates said.

Rail Transportation of Crude Oil, and More from CRS

A recent boom in U.S. production of crude oil is generating some stress on the transportation infrastructure, according to a new report from the Congressional Research Service.

“The rapid expansion of North American oil production has led to significant challenges in transporting crudes efficiently and safely to domestic markets—principally refineries—using the nation’s legacy pipeline infrastructure,” the CRS report said.

“While oil by rail has demonstrated benefits with respect to the efficient movement of oil from producing regions to market hubs, it has also raised significant concerns about transportation safety and potential impacts to the environment.”

See U.S. Rail Transportation of Crude Oil: Background and Issues for Congress, February 6, 2014.

Other CRS publications that have been withheld by Congress from online public distribution include the following.

The Specialty Metal Clause: Oversight Issues and Options for Congress, February 6, 2014

Federal Reserve: Unconventional Monetary Policy Options, February 6, 2014