Pentagon Intelligence Oversight Falls Short

While U.S. intelligence operations are more controversial than ever, routine oversight of the Department of Defense’s massive and far-flung intelligence apparatus has been significantly reduced, according to a recent report to Congress from the DoD Inspector General.

Due to resource limitations, “We have not been able to perform planned audits and evaluations in key intelligence disciplines such as Imagery Intelligence, Measurement and Signature Intelligence and Open Source Intelligence,” the DoD Inspector General told Congress in a March 2008 report.

In addition, the report said, intelligence oversight has been cut back in areas such as: National Reconnaissance Office activities, especially major acquisitions; National Security Agency Operations Security and Information Security Programs; National Geospatial-Intelligence Agency programs; National Intelligence Program/Military Intelligence Program funding; Service Intelligence Component activities; Operations and Support Special Access Programs; DoD Counterintelligence Field Activity Programs; and others.

See “Department of Defense Inspector General Growth Plan for Increasing Audit and Investigative Capabilities Fiscal Years 2008 – 2015,” March 31, 2008.

The report was first published by the watchdog Project on Government Oversight which is working to strengthen the authority and capacity of agency inspectors general.

The reduction in oversight by the DoD Inspector General would seem to provide further justification for a pending proposal to assign new intelligence oversight responsibilities to the Government Accountability Office, as discussed at a February 29 hearing of the Senate Homeland Security and Governmental Affairs Committee.

An Open Source Center Look at Iranian Schoolbooks

The textbooks that are used in Iranian elementary, middle and high schools “reveal a clear emphasis on Islam, as it has been interpreted by the leadership of the Islamic Republic of Iran,” according to a recent contractor study (pdf) performed for U.S. intelligence.

That rather banal observation is among “the most important conclusions” of the open source intelligence study.

The study culls tendentious statements from 85 Persian-language textbooks, and surveys them without much analytical insight or empathy.

Among its dubious verdicts: The schoolbooks “provide a distorted view of Shia Islam as the only true path in Islam, and among religions.”

The study, hosted by the DNI Open Source Center, was performed under government contract by Science Applications International Corporation.

Like most other finished intelligence from the Open Source Center, the study has not been approved for public release, but a copy was obtained by Secrecy News.

See “Iranian Textbooks: Content and Context,” SAIC Research Report, 31 December 2007.

National Security Strategy, and More from CRS

Noteworthy new reports from the Congressional Research Service that have not been made readily available to the public include the following (all pdf).

“National Security Strategy: Legislative Mandates, Execution to Date, and Considerations for Congress,” May 28, 2008.

“Science, Technology, and American Diplomacy: Background and Issues for Congress,” May 22, 2008.

“Mexico-U.S. Relations: Issues for Congress,” updated May 23, 2008.

“German Foreign and Security Policy: Trends and Transatlantic Implications,” updated April 29, 2008.

“The Army’s Future Combat System (FCS): Background and Issues for Congress,” updated May 12, 2008.

“American War and Military Operations Casualties: Lists and Statistics,” updated May 14, 2008.

A prior version of the CRS report on military casualties has been the subject of a widely reprinted spam email message that misrepresented casualties during the Clinton and Bush Administrations. A footnote in the latest CRS update states: “Distorted versions of Tables 4 and 5 have been circulating through the Internet. As the tables here and on the Department of Defense website show, total military deaths and hostile deaths increased from 2001 to 2005, and then decreased in 2006.” See also “E-mail on military deaths is shaky on facts” by Chuck Vinch, Army Times, March 27, 2008.

Press Releases Could Become “Controlled Unclassified Info”

Government press releases could be temporarily marked as “controlled unclassified information” to protect them from premature disclosure, according to an official Background paper (pdf) on the new White House information security policy.

Controlled unclassified information, or CUI, refers to information that does not meet the standards for classification but that is considered too sensitive for unrestricted public disclosure. The new CUI policy was issued by President Bush on May 7.

While the precise definitions of CUI and the implementing policy directives remain to be written, there are indications that CUI could end up as a catch-all category for information that agencies wish to withhold.

Thus, “embargoed press releases” could be designated as CUI for at least a few hours, according to the newly released Background paper (at page 5, paragraph 8).

What if a member of the public wants to obtain information that some agency has marked as CUI? Well, he should file a Freedom of Information Act request, the Background paper says.

“The FOIA process will provide a straightforward way for anyone to seek public release of CUI and ensure that all CUI for which there is a demand will be carefully reviewed for release.” (at page 6).

But anyone who has filed a FOIA request knows that the FOIA process is not quite straightforward, nor does it produce a timely result.

The Background paper thus affirms a view that information deemed “sensitive” shall be presumptively withheld, and any exceptions shall be handled through the FOIA process.

In truth, this policy of presumptive withholding is pretty much how the Bush Administration currently operates. And it makes no tangible difference if agencies use 100 different terms for “sensitive” or replace them all with one term, “controlled unclassified information.”

But informal, discretionary disclosure was far more common in previous Administrations, and it could be once again in some future Administration. Institutionalizing presumptive withholding in a government-wide CUI policy could make it harder to overcome current secrecy practices when the opportunity to do so presents itself.

On the other hand, Allen Weinstein, the head of the National Archives (NARA), told agencies in a May 21 memorandum (pdf) that CUI would be narrowly construed.

“NARA, as the Executive Agent and consistent with the President’s direction, will ensure that only that information which truly requires the protections afforded by the President’s memorandum be introduced into the CUI Framework,” he wrote.

This implies that at least some information that is currently withheld as sensitive might not qualify for the new CUI marking. But if so, the criteria for excluding any existing sensitive information from the CUI category have not been identified.

William J. Bosanko, the Director of the CUI Office, told public interest groups at a May 27 meeting that he was committed to an open and accountable CUI policy process.

Various resources on CUI and sensitive information policy are available here.

A Different View of Homeland Security Information

Instead of new forms of secrecy, new mechanisms for actively informing the public about threats to homeland security are needed, said Stephen E. Flynn (pdf) of the Council on Foreign Relations at a May 15 hearing of a House Homeland Security subcommittee.

“The targets of choice for current and future terrorists will be civilians and infrastructure,” he said. “Safeguarding those targets can only be accomplished with an informed, inspired and mobilized public. The first preventers and the first responders are far more likely to be civilians and local officials, not soldiers or federal law enforcement officers.”

On September 11, 2001, Mr. Flynn recalled, the only hijacked aircraft that was prevented from reaching its target was stopped not by security professionals with Top Secret clearances but “by one thing alone: an alert and heroic citizenry.”

Yet “overwhelmingly, the national defense and federal law enforcement community have chosen secrecy over openness when it comes to providing the general public with details about the nature of the terrorist threat and the actions required to mitigate and respond to that risk.”

“The discounting of the public can be traced to a culture of secrecy and paternalism” that is rooted in the Cold War, when the Soviet threat dictated adoption of a highly compartmented security regime. “Despite the passage of nearly two decades since the fall of the Berlin Wall, this secretive system remains almost entirely intact.”

“What is required is a truly collaborative approach which engages civil society and taps extensive private-sector capabilities and ingenuity for managing risk and coping with disasters. A critical barrier to advancing collaboration,” Mr. Flynn said, “is excessive secrecy throughout the federal government reinforced by a reflexive tendency to classify material or to designate it as ‘For Official Use Only’ or ‘Treat as Classified’.”

A copy of his May 15 hearing testimony before the House Homeland Security Subcommittee on National Security is available here.

Stephen Flynn, a former Coast Guard officer, addressed related issues in the March/April 2008 issue of Foreign Affairs and at greater length in a 2007 book “The Edge of Disaster: Rebuilding a Resilient Nation.”

While such views are congenial to proponents of open government, they stop short of answering all of the questions that a responsible policy maker (let alone a classification officer) would feel obliged to ask. Under exactly what conditions does public disclosure of infrastructure vulnerabilities promote security rather than diminish it? As a practical matter, how does one distinguish between those types of information, such as personal privacy or confidential source data, that everyone agrees should be protected and threat information that an engaged public needs to know?

There may not be simple answers to such questions. But by framing the issue in a way that takes public information needs into account, Mr. Flynn and others are helping to redefine the terms of the debate.

Intel Surveillance Court Gets Two New Judges

Two new judges were named to the Foreign Intelligence Surveillance Court this week, Secrecy News has learned, one a Clinton appointee and one a Reagan appointee.

Judge Mary A. McLaughlin of the Eastern District of Pennsylvania and Judge James B. Zagel of the Northern District of Illinois were appointed to seven year terms on the secret court by the Chief Justice to replace Judge James G. Carr and Judge Nathaniel M. Gorton, whose terms expired on May 18.

The Foreign Intelligence Surveillance Court is responsible for reviewing and approving government applications under the Foreign Intelligence Surveillance Act for domestic electronic surveillance and physical search of suspected foreign intelligence agents or terrorists.

But it does more than that. The Court also reinterprets the terms of the Act in an undisclosed fashion, producing in effect a body of “secret law,” a matter discussed at an April 30 hearing of the Senate Judiciary Committee.

“The FISC has in fact issued… legally significant decisions that remain classified and have not been released to the public,” observed Judge John D. Bates, a member of the FIS Court, when he denied (pdf) an ACLU motion for disclosure of portions of those decisions last December.

The appointment of new judges to the FIS Court assumes particular importance today because of a proposal pending in Congress that would refer existing lawsuits alleging illegal warrantless surveillance to the secret FIS Court in what would likely be a severely constrained adjudicative process. The proposal is being considered as an alternative to granting outright immunity to telephone companies that allegedly cooperated with the President’s surveillance program.

Judge Mary A. McLaughlin was appointed to the bench in 2000 by President Clinton. She was formerly an Assistant U.S. Attorney in the District of Columbia, and a special counsel to the Senate Judiciary Subcommittee on terrorism during the Ruby Ridge hearings in 1995.

Judge James B. Zagel was appointed in 1987 by President Reagan. Judge Zagel is “an intelligent, tough-minded jurist,” said the Chicago Council of Lawyers, a public interest association, in a 1991 evaluation. However, “some lawyers are concerned that he will bring a political agenda to bear in certain classes of cases.”

The new appointments were confirmed for Secrecy News today by Sheldon L. Snook of the administrative office at the D.C. District Court.

A new appointment to the Foreign Intelligence Surveillance Court of Review, an appeals court, has not yet been formally announced, he said. But the Providence Journal (RI) reported on April 14 that Judge Morris Sheppard Arnold of the 8th District had been named to the Review Court.

An updated roster of the membership of the Foreign Intelligence Surveillance Court is here.

“During calendar year 2007, the Government made 2,371 applications to the Foreign Intelligence Surveillance Court for authority to conduct electronic surveillance and physical search for foreign intelligence purposes,” the Justice Department told Congress in the latest annual report on FISA activity (pdf).

Homeland Security used wrong study for Foot and Mouth research plan

Today in a hearing of the House Committee on Energy and Commerce it was revealed by the Government Accountability Office (GAO) that the Department of Homeland Security’s plan to move foot and mouth disease research to the mainland United States is based on faulty assumptions.

Foot and mouth disease is caused by the most infectious virus known to man. Nearly 100% of exposed animals become infected. Currently, the only place where foot and mouth disease (FMD) research can be done in the US is the Plum Island animal disease research facility, located off the tip of Long Island.

DHS had been planning to move that research to the mainland for sometime now, but that seems doubtful. The testimony given today by Nancy Kingsbury, the managing director of Applied Research and Methods at GAO indicates that DHS based its decision to move FMD research on a 2002 USDA study that simply addressed whether it was technically feasible to do so, ignoring the potential for human error.

We found that DHS has neither conducted nor commissioned any study to determine whether FMD work can be done safely on the U.S. mainland. Instead, DHS relied on a study that USDA commissioned and a contractor conducted in May 2002 that examined a different question: whether it is technically feasible to conduct exotic disease research and diagnostics, including FMD and rinderpest, on the U.S. mainland with adequate biosafety and biosecurity to protect U.S. agriculture. This approach fails to recognize the distinction between what is technically feasible and what is possible, given the potential for human error. DHS told us that this study has allowed it to conclude that it is safe to conduct FMD work on the U.S. mainland.

In addition to a number of other methodological problems with the study, we found that it was selective in what it considered in order to reach its findings. In particular, the study

1. did not assess the history of releases of FMD virus or other dangerous pathogens,

2. did not address in detail the issues related to large animal work in BSL-3 Ag facilities, and

3. was inaccurate in comparing other countries’ FMD work experience with that of the United States.

Subcommittee chairman Rep. John Dingell (D-MI) was particularly critical of DHS in his opening statement, noting the trend to move infectious animal disease research to islands, not off them.

“Equally troubling, it appears that DHS is out of step with the rest of the world. GAO investigators visited major labs across Europe and found that in other developed countries, the trend is to do just the opposite of what DHS has proposed: Germany built its new lab on an island; Denmark built its new lab on an island; and the U.K. Parliament is debating the relocation of its lab to an island.” Dingle continued, “Why then would DHS propose to move live virus of foot-and-mouth from Plum Island to the American heartland? GAO was unable to find a scientific reason for the move. They found apparent agreement that the current Plum Island lab needs substantial renovation, but they found no justification for moving the lab to the mainland.”

You can read the highlights of the GAO testimony here and read more press coverage of the plan here

HPSCI: Classification of Cyber Security Program is “Excessive”

The National Cyber Security Initiative, which is “the single largest… and most important initiative” in next year’s budget, is being conducted under “excessive classification,” the House Permanent Select Committee on Intelligence (HPSCI) said in its new report on the 2009 intelligence authorization act.

For the cyber security program to function as intended, “it will require a partnership with industry unlike any model that currently exists. The excessive classification of the [Initiative], however, militates against the collaboration necessary to achieve that partnership.”

That view coincides with the recent assessment of the Senate Armed Services Committee regarding overclassification of the cyber security program.

The 121-page House Intelligence Committee report is full of grist for the intelligence policy mill.

The Committee flexed its oversight muscles by imposing a limit on spending for covert action to no more than 25 percent of the allocated funds until each member of the Committee has been briefed on all covert actions.

“The obligation to report to the committees is not negotiable,” the report declared. “It is not an obligation that the President can ignore at his discretion. It is not an obligation that can be evaded by claiming that briefing the congressional intelligence committees will require other committees to be briefed. It is not an obligation that can be evaded by broad assertions of executive power.”

The Committee would establish a new Inspector General for the entire intelligence community, and would impose new limits and new reporting requirements on intelligence contractors.

The Republican minority said that more should have been done to combat unauthorized disclosures of classified information:

“We are disappointed that the Committee has held no hearings and conducted little to no substantial oversight on this issue during this Congress. In addition, we are concerned that the issue is becoming increasingly politicized, sometimes under the false premise that there are ‘good leaks’ and ‘bad leaks’. The Committee should take a firm and clear position that no unauthorized disclosures of classified information should be tolerated.”

The minority also insisted that “the United States does not torture,” a view that is increasingly hard to reconcile with the public record, including a new report (large pdf) from the Justice Department Inspector General that catalogued many abusive forms of interrogation by U.S. military and intelligence personnel.

See the House Intelligence Committee Report on the 2009 Intelligence Authorization Act, H.Rep. 110-665, May 21.

An Online Index to Air Force Historical Records

A new searchable index of hundreds of thousands of documents held by the Air Force Historical Research Agency has been created by private researchers and posted online.

The index does not provide access to the underlying documents, which must be requested from AFHRA. Nevertheless, it has several interesting features.

For one thing, it represents a step forward in improving accessibility to declassified government records. The new Air Force index provides a simple illustration of what can be done to alert the interested public to the existence of particular records and suggests how much more still needs to be done, including providing online access to the records themselves.

Second, the new index represents an unusual, implicit public-private partnership. Researchers gained access to the Air Force bibliographical data and installed a search engine on top, then posted it online in the public interest. The researchers said they preferred to remain anonymous.

NARA Establishes “Controlled Unclassified Info” Office

The National Archives and Records Administration today announced the establishment of a new Controlled Unclassified Information (CUI) Office that is intended to lead the implementation and oversight of a new White House policy on CUI, which is unclassified information that is deemed to require protection from disclosure.

The CUI Office, to be headed by Information Security Oversight Office director William J. Bosanko, is tasked with developing implementation guidance, training, and oversight of the new government-wide policy.