Violations of Law May Be Classified, Court Rules

Information that would reveal a violation of the law may be properly classified as long as it is not deliberately classified for the purpose of concealing the violation, a federal judge indicated this week.

That view, in a ruling (pdf) against the ACLU by DC District Judge Royce C. Lamberth, all but nullifies one of the principal limitations on national security secrecy contained in the executive order on classification policy.

In section 1.7 of executive order 12958, as amended, on “classification limitations and prohibitions,” the President directed that “In no case shall information be classified in order to … conceal violations of law….”

The ACLU cited this provision in a recent FOIA lawsuit to argue that transcripts of detainee tribunal hearings could not be properly classified under the executive order if they revealed evidence of prisoner abuse or other illegal conduct.  The court rejected that argument.

“Plaintiffs [ACLU] claim that some material was improperly classified because it may contain evidence that the government has violated the law,” Judge Lamberth wrote in an October 29 ruling.  “But plaintiffs misapprehend the Executive Order,” he wrote  (at page 6). “Executive Order 12958 prohibits classifying information ‘in order to … conceal violations of the law.’  However, there is no indication that these materials were classified ‘in order to’ conceal violations of the law….”

In other words, according to Judge Lambert, classifiers actually may conceal violations of the law as long as such concealment is not the specific purpose of the classification.

This narrow understanding of the executive order converts an important guarantee of the integrity of the classification process into an empty rhetorical gesture.

Under Judge Lamberth’s interpretation, the executive order provision limiting classification of violations of the law is not a limitation on the types of information that may be classified at all, but rather an unverifiable limitation on the classifier’s intention.  The provision is not concerned with the consequences of classification (i.e., the fact that criminal activity will be concealed from public knowledge) but instead focuses on the mental state of the classifier.  Did he or she specifically intend to conceal violations of the law?  If not, the classification may proceed, even if concealment is the inevitable result.  And since the classifier’s mental state is unknowable by others or may itself be concealed, the executive order’s limitation is deprived of significant meaning.

In the past, the limitation on classification of violations of the law was construed more broadly as a public assurance that classification would not be used to conceal criminal activity by the government.  (It was never understood to require publication of information about third-party crimes collected through classified intelligence or law enforcement methods.)

In 2004, the Federation of American Scientists cited the provision in a complaint (pdf) filed with the Information Security Oversight Office (ISOO), contending that the Taguba report (pdf, classified SECRET) that found evidence of criminal abuses at Abu Ghraib prison was improperly classified.  ISOO, led by then-director J. William Leonard, undertook an investigation into the propriety of the report’s classification and reported some noteworthy results (pdf).  Not only was the Taguba report released in declassified form, but the Pentagon undertook a Department-wide initiative to improve classification training, management and oversight. The “motivation” in the mind of the classifier never came up.

The Secretary of Defense himself also issued a Department-wide memorandum (pdf) to remind classifiers of their responsibility to exercise classification authority properly, and he specifically cited the prohibition on classifying criminal activity.  In his September 16, 2004 memo, Defense Secretary Donald Rumsfeld paraphrased the executive order limitation as follows:  “It is important to state that classifiers shall not… use classification to conceal violations of law….”

Interestingly, Secretary Rumsfeld did not use the phrase “in order to” which Judge Lamberth singled out to justify his interpretation of the order as a prohibition only on deliberate concealment.  The Rumsfeld paraphrase seems to reflect the prior understanding that classification should not be used “so as to” conceal violations of the law, regardless of the intentions of the classifier.

But if violations of the law may in fact be classified, then it is important for Americans to know that. If Judge Lamberth has made it easier for classifiers to conceal violations of the law, he also put the public on notice that this is how the national security classification system now functions.

Nuclear Déjà Vu At Carnegie

By Ivan Oelrich and Hans M. Kristensen

Only one week before Barack Obama is expected to win the presidential election, Defense Secretary Robert Gates made one last pitch for the Bush administration’s nuclear policy during a speech Tuesday at the Carnegie Endowment for International Peace.

What is the opposite of visionary?  Whatever, that’s the word that best describes Mr. Gates’s speech.  Had it been delivered in the mid-1990s it would not have sounded out of place. The theme was that the world is the way the world is and, not only is there little to be done about changing the world, our response pretty much has to be more of the same.

Granted, Gates’s job is to implement nuclear policy not change it but, at a time when Russia is rattling its nuclear sabers, China is modernizing its forces, some regional states either have already acquired or are pursuing nuclear weapons, and yet inspired visions of a world free of nuclear weapons are entering the political mainstream, we had hoped for some new ideas. Rather than articulating ways to turn things around, Gates’ core message seemed to be to “hedge” and hunker down for the long haul. And, while his arguments are clearer than most, this speech is yet another example of faulty logic and sloppy definitions justifying unjustifiable nuclear weapons. Continue reading

Presidential Transitions, Arms Transfers, and More from CRS

A range of presidential transition policy issues — including records management, budget preparation and the role of executive orders — is explored in a new report from the Congressional Research Service.  See “Presidential Transitions: Issues Involving Outgoing and Incoming Administrations” (pdf), October 23, 2008.

Other noteworthy new CRS reports obtained by Secrecy News that were not previously available online include the following (all pdf).

“Status of a Senator Who Has Been Indicted for or Convicted of a Felony,” October 22, 2008.

“Transatlantic Regulatory Cooperation: Background and Analysis,” October 22, 2008.

“Would an Influenza Pandemic Qualify as a Major Disaster Under the Stafford Act?,” October 20, 2008.

“The Cost of Iraq, Afghanistan, and Other Global War on Terror Operations Since 9/11,” updated October 15, 2008.

“The Federal Funding Accountability and Transparency Act: Implementation and Proposed Amendments,” October 22, 2008.

“Conventional Arms Transfers to Developing Nations, 2000-2007,” October 23, 2008.

Intel Budget Disclosure and the Myths of Secrecy

The Director of National Intelligence today disclosed the 2008 budget for the National Intelligence Program: $47.5 billion.  That figure does not include spending for the Military Intelligence Program, which is at least another $10 billion.

The disclosure marks only the fourth time that the intelligence budget has been officially disclosed.  The aggregate intelligence budget figure (including national, joint military and tactical intelligence spending) was first released in 1997 ($26.6 billion) in response to a Freedom of Information Act lawsuit filed by the Federation of American Scientists.  It was voluntarily released in 1998 ($26.7 billion).  The National Intelligence Program budget was next disclosed in 2007 ($43.5 billion), in response to a Congressional mandate, based on a recommendation of the 9/11 Commission.  And then there was today’s release for 2008.

In recent years, the most passionate opponent of intelligence budget disclosure has been none other than Sen. Ted Stevens (R-AK), whose own financial non-disclosure practices have recently earned him multiple felony convictions.

In an October 4, 2004 Senate floor debate, Senator Stevens usefully marshaled all of the traditional arguments against disclosure.  Most of them were false at the time.  Others have since been disproven.

“No other nation, friend, or ally, reveals the amount that it spends on intelligence,” Sen. Stevens said then.

In fact, the United Kingdom, Canada, the Netherlands and other countries have published their intelligence budgets for many years without adverse effect.

“Determining classification is the responsibility and duty of the chief executive of the United States, the President, who is also Commander in Chief,” said Sen. Stevens. “Presidents Truman through Bush has determined that the overall intelligence budget top-line figure is, and shall remain, classified, and I believe we should not overrule that judgment.”

But Congress shares responsibility for defining the terms of the classification system.  And as a factual historical matter, President Clinton approved disclosure of the intelligence budget total.

The hoariest myth of all, renewed by Sen. Stevens, is that “This is a slippery slope. Reveal the first number and it will be just a matter of minutes before there will be a call to reveal more information.”

The notion of a “slippery slope” resulting from disclosure of the top-line budget figure has been asserted for decades even by officials who are not convicted felons. But by now, it has been conclusively disproven.  Disclosure of the intelligence budget total has not led to uncontrolled further disclosures.  The 9/11 Commission’s 2004 recommendation that budgets for “component agencies” should also be disclosed was not accepted and such further disclosures have not occurred despite release of the total figure.

But today the intelligence budget continues to serve as a useful barometer of the incoherence of official secrecy policy.  Thus, even after declassifying the FY 2007 intelligence budget figure last year, the Office of the Director of National Intelligence concluded last summer (pdf) that “The size of the National Intelligence Program budget for Fiscal Year 2006 is properly classified.”

It seems unlikely that both positions are correct.

DNI Directive Eases Clearance Restrictions on Foreign Ties

The Director of National Intelligence issued a directive (pdf) this month that will make it easier for a person whose spouse or immediate family is not a U.S. citizen to gain a security clearance for access to intelligence information.

The new policy lowers a barrier that has long impeded intelligence agency hiring of qualified area experts, linguists and others simply because of their family ties.

Under the prior policy (Director of Central Intelligence Directive 6/4), one of the criteria for obtaining access to classified intelligence was that “The individual’s immediate family must also be US citizens.”  Although an exception to that standard could be granted by a senior official, it was only permitted in case of a “compelling need.”

Now, a clearance for those with foreign ties can be granted without a “compelling need,” though it may still involve additional processing.

“Subjects who have immediate family members or other persons who are non-United States citizens to whom the subject is bound by affection or obligation may be eligible for access to SCI and other controlled access program information as the result of a condition, deviation, or waiver from personnel security standards.”

The new policy was presented in Intelligence Community Directive 704, signed by DNI J. Michael McConnell on October 1, 2008.

The new policy is part of a ongoing transition towards “risk management” (as opposed to “risk avoidance”).  This is an approach to security policy which accepts a modicum of increased risk in order to advance mission performance.

Army Intelligence on the Twitter Threat

Could terrorists use Twitter, the instant messaging and micro-blogging service?  Presumably so, just as they could use credit cards and can openers.

The potential use of Twitter and other communications technologies by terrorists is considered in a new draft Army intelligence paper, based on a review of jihadist web sites and other public sources.

The Army paper on “al Qaida-Like Mobile Discussions & Potential Creative Uses” was dissected by Noah Shachtman in “Spy Fears: Twitter Terrorists, Cell Phone Jihadists,” Danger Room, October 24.  A copy of the paper itself, which is more like a student exercise than a finished intelligence assessment, is available here (large pdf, for official use only).

Other News and Resources

On October 23, President Bush named former CIA information officer Herbert Briick to the Public Interest Declassification Board, and also reappointed former CIA general counsel Elizabeth Rindskopf Parker.  The Board will hold its next public meeting at the National Archives on Friday, October 31, where it will discuss how to identify and prioritize “historically valuable” information for declassification.  For details on attendance see this October 14 Federal Register notice (pdf).

What is intelligence?  Kristan J. Wheaton, a professor of intelligence studies at Mercyhurst College, invites readers to indicate their understanding of the term and its implications in a brief online survey.

The question of whether the United States needs a new domestic intelligence service that is independent of law enforcement was examined by Greg Treverton of the RAND Corporation in a new report for Congress entitled “Reorganizing U.S. Domestic Intelligence.”

Josh Gerstein, late of the New York Sun, has done some of the best reporting around on the AIPAC case involving unauthorized dissemination of classified information.  In a new blog posting, he updates readers on the latest developments in the case in advance of a pre-trial appeal hearing on October 29.

On July 16, 2008, the Senate Judiciary Committee held a hearing entitled “How the Administration’s Failed Detainee Policies Have Hurt the Fight Against Terrorism: Putting the Fight Against Terrorism on Sound Legal Foundations.”  The record of that hearing was recently published and is available here.

Inspector General Confronts Overclassification

Executive branch agencies often classify information inconsistently or unnecessarily. But when challenged, they will sometimes modify their practices.

These elementary but important facts were illustrated recently by Justice Department Inspector General Glenn A. Fine, who described the process by which his office’s investigative reports are reviewed by agency officials prior to release.

“We have seen a lot of times where [agency officials] said, well, that is too sensitive, that is classified, and then we will look and in another forum they have publicly released it,” Mr. Fine said at a recent congressional hearing (pdf, at pp. 28-29).

“I have been in situations where the FBI told me you can’t say that, that is classified. I said okay. And then a week later, an FBI employee will come to [to Congress] and say the same thing. And I say to myself why can’t we say it if they can?”

“A lot of times FBI will give a report to one person and they will say this is classified, and then the FBI will give it to another person and different amounts are classified,” Mr. Fine said. “It is not a precise science.”

“I have to say, this is not just restricted to the Department of Justice,” concurred Rep. William D. Delahunt, “it is throughout the executive branch…. I have seen what you just articulated happen time and time again.”

“It is my own belief that the classification process has become a tool, if you will, for the avoidance of embarrassment,” the Congressman said.

The good news is that, at least at the Justice Department, the Inspector General does not simply yield to the whims of the classifiers, but insists on a sensible rationale for secrecy.

“We push for explanations to make sure that it [classification] is not being used as a way to avoid embarrassment,” Mr. Fine said. “And I think generally, in our case, we have been pretty successful.”

The relative success of Mr. Fine’s office in limiting classification of Inspector General reports points to an untapped opportunity for curtailing overclassification more broadly. That is, agency inspectors general could be assigned to conduct regular audits of classification activity and to “push for explanations” of dubious secrets.

The inspectors general are already on site throughout most of the executive branch and they have the security clearances they need to function (though in some cases they may lack adequate funding for this and other purposes). They could provide an enormous force multiplier for the small staff of the Information Security Oversight Office which is nominally responsible for classification oversight government-wide. If the classification system is worth fixing, the Inspectors General could have an important role to play.

Mr. Fine’s remarks on classification appeared in a newly published hearing record entitled “City on the Hill or Prison on the Bay? Part III: Guantanamo–The Role of the FBI,” House Foreign Affairs Committee, June 4, 2008.

DoD Fails to Control “Controlled Unclassified Info”

Pentagon officials say that the Department of Defense and its contractors are failing to adequately protect “controlled unclassified information” (CUI) that may have significant military or technological value to adversaries or competitors.

“Simply stated, hostile actors can exfiltrate large volumes of unclassified program information in a single attack that can potentially net enough information to enable adversaries to narrow a capability gap,” according to a recent Army information paper (marked “for official use only”).

Digitized information in the hands of Defense Industrial Base (DIB) contractors is said to be particularly vulnerable.

“Exfiltrations of unclassified data from DIB unclassified systems have occurred and continue to occur, potentially undermining and even neutralizing the technological advantage and combat effectiveness of the future force,” the paper stated.

See “U.S. Army’s Concerns with Protection of Controlled Unclassified Information,” (pdf) August 15, 2008.

The paper was obtained by Inside the Army and first reported in “Army Cyber Task Force To Manage Growing Industrial Espionage Risk” by Daniel Wasserbly, Inside the Army, October 20, 2008.

A similar concern about protection of controlled unclassified information was expressed last month by DoD Chief Information Officer John G. Grimes.

He reiterated “the importance of properly protecting controlled unclassified information placed on information systems connected to the Internet, especially those that use file transfer protocol (FTP), peer-to-peer (P2P), and other protocols that are inherently insecure and pose significant security risks.”

“DoD is currently hosting thousands of such sites and, in spite of previous direction, far too much CUI data is still publicly available from these DoD sites,” he wrote.

See “Protection of Controlled Unclassified Information on DoD Information Systems Connected to the Internet” (pdf), September 22, 2008. The Grimes memo was first reported by Sebastian Sprenger in Inside Defense on October 22.

The Department of Defense Inspector General recently reported that defense contractors had failed to properly manage, recover or revoke thousands of Common Access Cards that permit the holder to access controlled defense information on DoD information systems.

This presents “a potential national security risk that may result in unauthorized access to DoD resources, installations, and sensitive information worldwide,” the DoD IG said.

See “Controls Over the Contractor Common Access Card Life Cycle” (large pdf), DoD Inspector General, October 10, 2008.

Among other things, a failure to reliably protect restricted information that is unclassified may produce an undesirable incentive to classify such information.