Security-Cleared Population Rises to 5.1 Million

The number of Americans who have been investigated and deemed eligible for access to classified information rose last year to a total of 5,150,379 as of October 2013. It was the fourth consecutive year of growth in the security-cleared population.

The new total includes civilian and military government employees (3.7 million) and contractor personnel (1 million), as well as indeterminate others (0.4 million). It represents an increase of 4.7% from the previous year’s total of 4.9 million. Of the 5.1 million persons who were found eligible for access to classified information, 60% had access in fact.

An Office of Management and Budget review said that the continuing growth of the security clearance system is problematic both for financial and security reasons.

“[The] growth in the number of clearance-holders increases costs and exposes classified national security information, often at very sensitive levels, to an increasingly large population,” said the OMB review, which was released last week.

Accordingly, the OMB review recommended that the government “reduce [the] total population of 5.1M Secret and TS/SCI clearance holders to minimize risk of access to sensitive information and reduce cost.”

The number of security clearances is supposed to be reported to Congress each year by the Office of the Director of National Intelligence. But ODNI said it has not yet filed its 2013 report. [Update: The report is available here.] However, the data were provided in the OMB review.

“Since 9/11, the number of clearances annual approved by DoD [the Department of Defense] has tripled, and continues to grow,” according to an independent review of the Washington Navy Yard Shooting in September 2013 that was also released last week.

“This growth magnifies the challenge of investigating clearance seekers, judging their applications, and periodically reviewing them after they are approved.”

“The continuing expansion of the cleared population has created a culture in which once-rare security clearances are now too often granted by default.” (Actually, security clearances have not been “rare” for quite a few decades.)

The independent review proposed that “DoD should seek to make a 10 percent cut in the number of positions that require access to material classified as Secret.”

“As soon as this reduction is attained, a follow-on review should determine whether further reductions can be realized.”

The independent review also identified “a growing culture of over-classification” as a related issue that “merit[s] additional focused study.” See Security From Within: Independent Review of the Washington Navy Yard Shooting, Department of Defense, November 2013 (released March 18, 2014).

Another review conducted by the Under Secretary of Defense for Intelligence concurred that there are too many people with security clearances. But it said that reducing the cleared population will not necessarily improve quality control or significantly reduce the burden on background investigators and adjudicators, because they are also responsible for a large number of “suitability” investigations in addition to security clearance investigations.

“The workload challenge will not be eliminated by reducing the number of security clearances because of the pending impacts of the alignment of suitability and security investigations and reinvestigations required by Executive Order 13467 and the 2012 Revised Federal Investigative Standards.”

“The net effect of the new standards will be to increase the Department’s investigative and adjudicative workload, regardless of the number of security clearances.” See Internal Review of the Washington Navy Yard Shooting, Report to the Secrecy of Defense, November 20, 2013.

Last week, the Department of Defense issued updated policy on the DoD Personnel Security Program (PSP), DoD Instruction 5200.02, March 21, 2014.

Among other things, the updated policy dictates that “All personnel in national security positions shall be subject to continuous evaluation,” referring to a process of collecting, reporting and evaluating security-relevant information about cleared individuals on an ongoing basis.

But this policy is aspirational rather than descriptive of current practice, which is limited to small-scale pilot projects to develop such a capacity. Full implementation of the “continuous evaluation” process is at least several years away, according to last week’s OMB report.

Secretary of Defense Chuck Hagel said last week that “We will consider reducing the number of personnel holding Secret security clearances by at least 10 percent, a recommendation in line with the October 2013 guidance from the Director of National Intelligence.”

Reducing the number of “personnel” that hold security clearances is a slightly different objective than reducing the number of “positions” that require access to classified information, as recommended by the Independent Review. It is not clear if the Secretary intended to make such a distinction.

In response to a request from Secrecy News, ODNI public affairs refused to provide a copy of the October 2013 DNI guidance. (Update: The DNI guidance was described further in this article from Politico.)

Did CIA Violate the Constitution’s Speech or Debate Clause?

The Central Intelligence Agency may have violated the Speech or Debate clause of the U.S. Constitution by performing an unauthorized search of Senate Intelligence Committee computers, according to an analysis by the Congressional Research Service.

The Speech or Debate clause (in Article I, Section 6, Clause 1 of the Constitution) generally immunizes members of Congress from liability for actions performed in the course of their legislative duties.

But it also provides privileged protection for congressional documents against compulsory or involuntary disclosure. CIA may have unconstitutionally violated that privilege.

As detailed by Sen. Dianne Feinstein in a March 11 floor statement, the CIA carried out a search of Committee computers without notice or consent in an attempt to determine whether or how the Committee had obtained unauthorized access to a particular record concerning the CIA’s post-9/11 prisoner interrogation program.

“The search involved not only a search of documents provided by the committee to the CIA but also a search of the stand-alone and walled-off committee network drive containing the committee’s own internal work product and communications,” Sen. Feinstein said. The search took place in a CIA-leased facility where Committee staff were working.

“According to [CIA Director] Brennan, the computer search was conducted in response to indications that some members of the committee staff might already have had access to the internal Panetta review [a CIA document which CIA had not intended to release to the Committee]. The CIA did not ask the committee or its staff if the committee had access to the internal Panetta review or how we obtained it.”

“Instead, the CIA just went and searched the committee’s computers,” Sen. Feinstein said.

Through the Speech or Debate clause, the Constitution “has imposed [limitations] on executive branch attempts to interfere with legislative activities, including Congress’s authority to conduct oversight and investigations,” the new CRS analysis explained.

The Speech or Debate clause has been interpreted variously by two appellate courts, with different implications for the current circumstance, CRS said. The CIA search of Senate Intelligence Committee computers “could arguably be viewed as violating the non-disclosure privilege recognized by the court in Rayburn,” CRS said, referring to a 2007 DC Circuit case involving an FBI search of the House office of Rep. William Jefferson.

However, under a different reading of the Speech or Debate clause from a Ninth Circuit opinion in a case called US v. Renzi, the potential CIA violation “is less clear,” the CRS memorandum cautioned.

See Who’s Overseeing Whom? The CIA, SSCI and the Speech or Debate Clause, CRS Legal Sidebar, March 13, 2014.

In any event, the possible violation by the CIA of the non-disclosure privilege provided by the Speech or Debate clause is not legally actionable at this time, CRS said.  Rather, it “would only come into play in the event of a subsequent legal proceeding.”

On Friday, CIA Director John Brennan sent an email message to CIA employees containing what was understood to be a conciliatory signal towards Congress. “It is appropriate for the Intelligence Committees in the Senate and the House to carry out their oversight responsibilities thoroughly and comprehensively, and CIA needs to do all it can to assist the Committees in that regard,” Director Brennan wrote.

“Regarding the SSCI’s RDI [rendition, detention and interrogation] report, I want to assure you that the entire CIA leadership team is committed to addressing any outstanding questions or requests from SSCI members so that the Committee can complete its work and finalize the report as soon as possible.”

“I expect the Committee will submit at least some portion of the report to the CIA for classification review, and, if that happens, CIA will carry out the review expeditiously,” he wrote in the March 21 email message (published by Politico).

ODNI Rethinks Secrecy and Openness in Intelligence

By leaking classified intelligence documents, Edward Snowden transformed public awareness of the scale and scope of U.S. intelligence surveillance programs. But his actions are proving to be no less consequential for national security secrecy policy.

“These leaks have forced the Intelligence Community to rethink our approach to transparency and secrecy,” said Robert S. Litt, General Counsel at the Office of the Director of National Intelligence. He spoke at a March 18 Freedom of Information Day program sponsored by the Collaboration on Government Secrecy at American University Washington College of Law.

Mr. Litt made it clear that he did not approve of the Snowden leaks, which he said were unlawful and had “seriously damaged our national security.” Yet he stressed that the leaks have also prompted a reconsideration of previously accepted patterns of secrecy.

“We have had to reassess how we strike the balance between the need to keep secret the sensitive sources, methods and targets of our intelligence activities, and the goal of transparency with the American people about the rules and policies governing those activities.”

“One lesson that I have drawn from the recent events… is that we would likely have suffered less damage from the leaks had we been more forthcoming about some of our activities, and particularly about the policies and decisions behind those activities,” Mr. Litt said.  (Director of National Intelligence James Clapper made the same point to Eli Lake of the Daily Beast last month.)

“Going forward, I believe that the Intelligence Community is going to need to be much more forward-leaning in what we tell the American people about what we do,” Mr. Litt said. “We need to scrutinize more closely what truly needs to be classified in order to protect what needs to be protected. And we need to move beyond the mindset of merely reacting to formal requests that we make information public, to a mindset of proactively making available as much information as we can, consistent with the need to protect sources and methods.”

“Greater disclosure to the public is necessary to restore the American people’s trust that intelligence activities are not only lawful and important to protecting our national security, but that they are appropriate and proportional in light of the privacy interests at stake. In the long run, our ability to protect the public requires that we have the public’s support,” Mr. Litt said.

While Mr. Litt’s remarks conveyed an overall message of beneficence, responsiveness, and good citizenship, they also had some peculiar features.

It is disconcerting to realize that the reassessment of classification policy described by Mr. Litt was not prompted by the diligent exercise of congressional oversight or by judicial review or by ordinary advocacy. Rather it was explicitly inspired by the Snowden leaks, which Mr. Litt described as “criminal.” The upshot is that leaks emerge as a uniquely powerful tool for shaping intelligence classification policy, while conventional checks and balances appear all but irrelevant by comparison.

Moreover, the purpose of the newfound push for greater transparency seems to be instrumental, not principled. In other words, it is driven by tactical considerations, not by statutory requirements or any other objective norm.

“I strongly believe that the best way to prevent the damage that leakers can cause is by increased transparency on our part,” Mr. Litt said. “Transparency can both lessen the incentive for disaffected employees to disclose our activities improperly, and provide the public appropriate context to evaluate leaks when they occur.”

That implies that what is needed is only as much transparency as it takes to achieve these imprecise and transient goals. It is a unilateral move that can be unilaterally reversed.

And then there is the fact that Mr. Litt’s rethinking of classification policy implies no new institutional reforms or externally-imposed constraints. Instead, the very same people who have classified too much up to now are suddenly expected to change course and to disclose more. It is not immediately clear how or why that would happen.

“There is no question that overclassification of information is a genuine problem,” Mr. Litt said. “So how do we deal with the problem of overclassification? I think that there are three principal steps we can take.”

“The first is to change the culture. We need high-level management emphasis on the problem of overclassification,” he said. To his credit, Mr. Litt has helped provide such emphasis.

“Second, we need to continue our efforts at proactive transparency– at reviewing information that we have historically protected to see whether, in fact, the overall public interest would better be served by releasing the information.” Significantly, however, he refrained from providing specific performance goals or benchmarks by which future progress could be measured.

“Finally, I think that those in the agencies who are responsible for responding to FOIA requests, and who are representing the government in FOIA litigation, need to look critically at all potentially responsive documents that are classified,” Mr. Litt said. “We should focus not on whether we can protect information, but whether we should.”

This is an interesting formulation. Most FOIA officers do not have authority to declassify records, and the adversarial nature of the FOIA process is rarely conducive to self-critical analysis of established agency policies even by more senior officials. But sometimes it is.

In 1997, the Federation of American Scientists filed suit against the CIA for release of the intelligence budget total for that year. The CIA ultimately decided that it could not defend its position of classifying the figure, according to an internal draft statement that was prepared for DCI George Tenet and released by the Clinton Library just last week.

“In order to defend this lawsuit,” the Tenet statement read, “I, as head of the Intelligence Community, would have had to sign a declaration to the court that release of the figure in question could cause serious damage to the national security. I found that, in good conscience, I could not attest to that statement.”

But such judgments are fluid and can be fleeting. Two years later, in response to another lawsuit for the 1999 budget figure, Director Tenet had no trouble declaring under oath that “Disclosure of… the total appropriation reasonably could be expected to cause damage to the national security in several ways.”

So spontaneous gestures of openness and transparency, as welcome as they may be, are imperfect substitutes for systemic change and external accountability.

News organizations have now released some 1,300 pages of classified records leaked by Edward Snowden, according to a tally by cryptome.org.  In response, US intelligence agencies have declassified and disclosed approximately twice that many.

“Our commitment to increased transparency will continue,” Mr. Litt said.

Climate Change Legislation, and More from CRS

New and updated reports from the Congressional Research Service that Congress has withheld from online public distribution include the following.

Climate Change Legislation in the 113th Congress, March 12, 2014

Cars, Trucks, and Climate: EPA Regulation of Greenhouse Gases from Mobile Sources, March 13, 2014

Canadian Oil Sands: Life-Cycle Assessments of Greenhouse Gas Emissions, March 10, 2014

Keystone XL: Greenhouse Gas Emissions Assessments in the Final Environmental Impact Statement (FEIS), March 7, 2014

Nuclear Energy: Overview of Congressional Issues, March 14, 2014

The First Responder Network (FirstNet) and Next-Generation Communications for Public Safety: Issues for Congress, March 12, 2014

Department of Homeland Security Appropriations: FY2014 Overview and Summary, March 11, 2014

NASA Appropriations and Authorizations: A Fact Sheet, March 11, 2014

Maritime Territorial and Exclusive Economic Zone (EEZ) Disputes Involving China: Issues for Congress, March 14, 2014

The Military Commissions Act of 2009 (MCA 2009): Overview and Legal Issues, March 7, 2014

CIA’s Refusal to Release Softcopy Records Challenged in Court

Even when the Central Intelligence Agency possesses a releasable document in a softcopy format, the Agency typically refuses to release the softcopy version in response to Freedom of Information Act requests, and insists on providing a hardcopy version of the document instead.

A federal judge said last week that that may be a violation of law.

The issue arose in a FOIA lawsuit seeking electronic copies of 419 articles from the in-house CIA journal Studies in Intelligence. The lawsuit was brought by Jeffrey Scudder, an information technology specialist who has worked in the intelligence community for 23 years.

Mr. Scudder told the court that he has detailed knowledge of CIA information systems and capabilities. In his FOIA requests, he was able to inform the CIA FOIA staff “as to where within the [CIA] computer systems the electronically stored documents [that he is requesting] are located.”

However, CIA refused to release the documents in the requested electronic format. Instead, the Agency proposed to print them out and to release them only in hard copy, ostensibly for security reasons. But this practice may be inconsistent with the requirements of the FOIA.

“Congress anticipated that recalcitrant agencies would resist being responsive to requesters’ format choices,” wrote Judge Beryl A. Howell of the DC District Court last week, and so Congress required agencies to make “reasonable efforts” to accommodate requesters’ preferences.

“Where, as here, an agency asserts nearly twenty years after the passage of the E-FOIA Amendments that it cannot provide any electronic formats because of a lengthy process the agency has created, a court is required by the FOIA to evaluate that process to determine if it meets the statutorily mandated ‘reasonable efforts’ standard.”

“The defendant [CIA] avers that if it were ordered to honor the plaintiff’s [FOIA] request [for soft copy records], it would have to print the existing electronic documents to paper and then rescan them into electronic documents so that they may be reproduced and released on removable media,” Judge Howell summarized.

In fact, she wrote in her March 12 opinion, “Under this Rube-Goldbergian process, the same document, even if unclassified, must be printed from the defendant’s classified system in paper form at least twice…, and rescanned into the same classified system at least twice….”

Not only that, but CIA would charge the requester extra for its trouble. “As a result of this process, the defendant [CIA] asserts that the cost of electronic production to the plaintiff would be higher than that of producing the records in paper format, since the defendant would incur all of the costs associated with the paper production as well as the additional costs of re-scanning the printed responsive records, and the cost of any removable media provided to the plaintiff.”

But all of that is ridiculous, said Mr. Scudder, who contended that CIA is attempting to “frustrate [the] core purpose [of the FOIA] through administrative gimmicks designed to impose unreasonable financial burdens upon requesters.”

“The only reason CIA does not produce electronic versions of documents responsive to FOIA requests is that they choose not to do so,” said attorney Mark S. Zaid, who represents Mr. Scudder. “There is no technical reason to prevent it.”

Crucially, Judge Howell determined that “A FOIA request for records in an existing format should not be frustrated due to the agency’s decision to adopt a production process that nonetheless renders release in that format highly burdensome.”

Judge Howell found that CIA’s understanding of its legal obligations and of the role of the Court was “incorrect” in various respects, and she concluded that several of its factual assertions were materially disputed.

“The plaintiff [Mr. Scudder] has, for example, alleged that he has personally used the defendant’s classified system to create a PDF file, something the defendant has stated is impossible,” Judge Howell noted.

In view of the unresolved factual disputes, and considering that “both parties allege bad faith on the part of the other,” Judge Howell refused to grant summary judgment to either side.

Instead, she granted Mr. Scudder’s motion for discovery, and the case will proceed to trial.

While the substance of the case concerns CIA’s information and FOIA practices, the Department of Justice that made its own independent decision to defend CIA’s handling of the Scudder FOIA request.  The skeptical comments voiced by Judge Howell may be understood as an implicit criticism of that Justice Department decision.

This week is Sunshine Week, an annual celebration of open government values. As it happens, however, the federal government is closed today due to snow.