2017 Intelligence Bill Would Constrain Privacy Board

The jurisdiction of the Privacy and Civil Liberties Oversight Board (PCLOB) would be restricted for the second year in a row by the Senate Intelligence Committee version of the FY2017 Intelligence Authorization Act (S.3017). Section 603 of the Act would specifically limit the scope of PCLOB’s attention to the privacy and civil liberties “of United States persons.”

Internal disagreements over the move were highlighted in the Committee report published last week to accompany the text of the bill, which was reported out of Committee on June 5.

“While the PCLOB already focuses primarily on U.S. persons, it is not mandated to do so exclusively,” wrote Senators Martin Heinrich and Mazie K. Hirono in dissenting remarks appended to the report. “Limiting the PCLOB’s mandate to only U.S. persons could create ambiguity about the scope of the PCLOB’s mandate, raising questions in particular about how the PCLOB should proceed in the digital domain, where individuals’ U.S. or non-U.S. status is not always apparent. It is conceivable, for example, that under this restriction, the PCLOB could not have reviewed the NSA’s Section 702 surveillance program, which focuses on the communications of foreigners located outside of the United States, but which is also acknowledged to be incidentally collecting Americans’ communications in the process,” they wrote.

“Over the past three years, the Privacy and Civil Liberties Oversight Board has done outstanding and highly professional work,” wrote Sen. Ron Wyden in his own dissent. “It has examined large, complex surveillance programs and evaluated them in detail, and it has produced public reports and recommendations that are quite comprehensive and useful. Indeed, the Board’s reports on major surveillance programs are the most thorough publicly available documents on this topic. My concern is that by acting to restrict the Board’s purview for the second year in a row, and by making unwarranted criticisms of the Board’s staff in this report, the Intelligence Committee is sending the message that the Board should not do its job too well.”

In support of the provision, the report said that “The Committee believes it is important for the Board to consider the privacy and civil liberties of U.S. Persons first and foremost when conducting its analysis and review of United States counterterrorism efforts.”

But the PCLOB already considers U.S. person privacy “first and foremost.” And the language of the Senate bill does not appear to permit even “secondary” consideration of the privacy of non-U.S. persons. Last year, the FY2016 intelligence authorization bill barred access by the Board to information deemed relevant to covert action.

On June 16, Sen. Patrick Leahy paid tribute to retiring PCLOB chair David Medine on the Senate floor. “[PCLOB] reports and Mr. Medine’s related testimony before the Senate Judiciary Committee have been tremendously beneficial to Congress and the American people in examining government surveillance programs,” he said.

SSCI Bill Adopts Fundamental Classification Review

The Fundamental Classification Guidance Review (FCGR) that was launched by President Obama’s 2009 executive order 13526 would be written into statute by the Senate Select Committee on Intelligence in its version of the FY intelligence authorization act (S. 3017), released this week.

The FCGR has become the primary mechanism for systematically updating agency classification rules and deleting obsolete secrecy requirements. Performed every five years, it entails the review of thousands of individual classification guides. After the first FCGR in 2012, hundreds of such guides were eliminated.

“A reasonable outcome of the review overall, though not necessarily in the case of each program or guide, is to expect a reduction in classification activity across government,” wrote William Cira, acting director of the Information Security Oversight Office, in a March 17 memo to agencies initiating the second FCGR, which is to conclude by June 2017.

The FCGR can advance “our shared goals for greater openness and reduced classification activity while protecting legitimate national security interests,” wrote DNI James Clapper in a March 23 addendum, embracing the FCGR and adding some new requirements to it.

The Senate bill (section 809) does not modify the existing FCGR process, but would enshrine it in statute.

The new bill includes several other reporting requirements that appear uncommonly assertive, if not intrusive. For example, the Committee would expect the Privacy and Civil Liberties Oversight Board to keep it informed of all the Board’s activities, “including any significant anticipated activities.” The Committee would require submission of copies of all memoranda of understanding between U.S. intelligence agencies. And the Committee would require notification of all classified and unclassified presidential directives to intelligence agencies, and their implementation.

In short, the bill would reset the terms of the congressional intelligence oversight relationship, seemingly dispensing with comity and imposing mandatory disclosure to Congress of various categories of records. Executive branch resistance may be anticipated.

For the first time in living memory, the SSCI bill was reported out of Committee on June 6 without a written report to publicly explain and expand upon its provisions. (Update: The Committee report on the bill was published on June 15.) It did, however, include a classified annex.

Four Cold War Covert Actions to be Disclosed

The Central Intelligence Agency said that it will disclose four previously unacknowledged Cold War covert actions. The four have not yet been publicly identified, but they will be addressed in forthcoming editions of the U.S. State Department’s official Foreign Relations of the United States (FRUS) series.

“In 2015 [CIA] agreed to acknowledge four covert actions that will be documented in future volumes (of FRUS),” according to a new annual report from the State Department Advisory Committee on Historical Diplomatic Documentation for calendar year 2015.

CIA spokesperson Ryan Trapani declined to say what those four covert actions are.

“CA [covert action] programs are not officially declassified until done so by FRUS, so you have to wait for its formal announcement,” Mr. Trapani said by email.

The FRUS series has been a significant driver of the national security declassification program, particularly since a 1991 statute required that FRUS must present a “thorough, accurate, and reliable” documentary history of U.S. foreign relations — which necessarily includes information that was classified at the time — within 30 years of the events in question.

The State Department has never yet complied with that 30 year deadline, but the new Advisory Committee report indicates the situation is improving. “It is likely that HO [the State Department Office of the Historian] will finally meet its statutory thirty-year timeline as it publishes more volumes in the Reagan administration series over the next few years.”

The Committee report was complimentary towards the CIA, citing “the very positive relationship HO has developed with CIA over the past several years [which] has paid dividends. CIA consistently reviews both specific documents and compiled volumes in a timely manner….”

“Nevertheless, the frequent reliance on covert actions in the Reagan and subsequent administrations will doubtless require lengthy declassification processes that will inevitably delay publication of a significant number of volumes beyond the 30-year target,” the report said.

One specific area of disappointment is the failure to release the long-deferred FRUS volume on the 1953 coup in Iran.

“Owing to the currently volatile relationship between the United States and Iran…, the State Department continues to withhold its approval for publishing the eagerly anticipated retrospective volume on Iran 1953,” the Committee report noted.

The status of the Iran volume is expected to be on the agenda of the upcoming meeting of the State Department Advisory Committee on June 6.

Pre-Publication Review Must Be Timely & Fair, Says HPSCI

Current and former intelligence community employees (as well as some other government employees) are obliged to submit their writings for official review prior to publication in order to screen them for classified information. This is often an onerous, time-consuming and frustrating process. It sometimes appears to authors to be conducted in bad faith.

The House Permanent Select Committee on Intelligence has instructed the Director of National Intelligence to prepare a new, IC-wide pre-publication review policy that will “yield timely, reasoned, and impartial decisions that are subject to appeal.”

In its new report on the FY2017 intelligence authorization act, the Committee said it “is concerned that current and former IC personnel have published written material without completing mandatory pre-publication review procedures or have rejected changes required by the review process, resulting in the publication of classified information.”

“The Committee is also aware of the perception that the pre-publication review process can be unfair, untimely, and unduly onerous and that these burdens may be at least partially responsible for some individuals ‘opting out’ of the mandatory review process.”

The Committee therefore directed the DNI to develop a uniform new policy that clearly sets forth what kinds of materials must be reviewed, with guidance for conducting and completing the review in a timely manner, and with a prompt and transparent appeal process.

The pre-publication review process was critiqued recently by Jack Goldsmith and Oona A. Hathaway in the Washington Post (The Government’s Prepublication Review Process is Broken, December 25, 2015) and in Just Security (The Scope of the Prepublication Review Problem, and What to Do About It, December 30, 2015). I also commented in Just Security (Fixing Pre-Publication Review: What Should Be Done?, January 15, 2016).

The new requirement “to improve the timeliness and fairness of the prepublication review process throughout the IC” was introduced by Rep. Jim Himes (D-CT), a member of the House Intelligence Committee. The FY2017 intelligence authorization act was approved by the full House of Representatives yesterday following floor speeches on May 23.

Using Social Media in Background Investigations

A directive signed by the Director of National Intelligence yesterday formally authorizes the use of social media by official investigators who are conducting background investigations for security clearances.

See Collection, Use, and Retention of Publicly Available Social Media Information in Personnel Security Background Investigations and Adjudications, Security Executive Agent Directive 5, May 12, 2016.

The directive was crafted to avoid undue infringements on privacy.

Investigators will be limited to considering only publicly available postings. The subjects of a background investigation “shall not be requested or required” to provide passwords for access to non-publicly available materials or to make such materials available. Agencies will not be allowed to “friend” an individual for the purposes of gaining access to materials that are not otherwise available.

And the consideration of social media must be relevant to the official guidelines for granting access to classified information. That is, they must pertain to substance abuse, criminal conduct, foreign allegiance, or other such criteria.  See Adjudicative Guidelines for Determining Eligibility for Access to Classified Information, rev. December 29, 2005.

The utility of social media for background investigations remains to be demonstrated, particularly since any public posts that do not voluntarily advertise behavior that is at odds with official guidelines would not trigger investigative attention. A pilot project will be conduct to validate the approach before it is systematically included in the investigative process.

A hearing on Incorporating Social Media into Federal Background Investigations was held today by the House Committee on Oversight and Government Reform.

“The use of social media has become an integral, and very public, part of the fabric of most Americans’ daily lives, and it is critical that we use this important source of information to help protect our nation’s security,” said William R. Evanina, director of the National Counterintelligence and Security Center, in a statement to the House Committee.

Archivist Won’t Call “Torture Report” a Permanent Record

Archivist of the United States David S. Ferriero last week rebuffed requests to formally designate the Senate Intelligence Committee report on CIA interrogation practices a “federal record” that must be preserved.

Senators Dianne Feinstein and Patrick Leahy had urged the Archivist to exercise his authority to certify that the Senate report is a federal record.

“We believe that Congress has made it clear that the National Archives has a responsibility — as the nation’s record keeper — to advise other parts of the United States government of their legal duty to preserve documents like the Senate Report under the Federal Records Act, the Presidential Records Act, and other statutes,” Senators Feinstein and Leahy wrote in an April 13 letter.

The report qualifies for preservation as a permanent record, they said, “because it contains uniquely valuable information regarding the CIA’s detention and interrogation program under the Bush Administration,” among other reasons.

Two weeks later, dozens of non-governmental organizations led by the Constitution Project sent their own letter to the Archivist likewise urging him to make a formal determination that the Senate report is a federal record that by law must be preserved.

“The Senate study began as an examination of the CIA’s destruction of crucial video records of the torture program, which occurred without NARA’s knowledge or authorization,” the NGO letter said. “It would be sadly ironic if NARA knowingly allowed the Executive Branch to return the most comprehensive history of the CIA torture program” to Congress without preserving a permanent archival record of it.

But Archivist Ferriero was unmoved by the appeals.

“NARA has refrained from interceding in this matter because the issue is the subject of ongoing litigation,” he wrote in an April 29 reply to Senators Feinstein and Leahy, referring to a Freedom of Information Act lawsuit brought by the ACLU for access to the report. “As is routine with respect to any issue that is being litigated, we have coordinated with litigation counsel at DOJ handling the pending court case.”

He also asserted that the mere fact that executive branch agencies are in possession of the Senate report does not necessarily mean that it qualifies as a federal record. There is a “possibility that an agency could accept physical receipt of a document but maintain it in such a manner that the agency does not acquire legal custody for purposes of either the FRA [Federal Records Act] or the FOIA,” he wrote.

However, at this stage “it would not be appropriate for me to have a predisposed viewpoint in any particular case as to whether recorded information is or is not a federal record,” he said, implying that a final decision would be reached at some later stage.

The National Archives acknowledged receipt of the NGO letter (which was co-signed by the FAS Project on Government Secrecy), and said that a response to that letter would be provided in due course.

Otherwise, officials contacted by Secrecy News would not discuss the matter on the record. But what emerges from several conversations is something like this:

Although the Archivist has independent legal authority to determine the status of federal records under the Presidential and Federal Records Act Amendments of 2014, he remains an executive branch official and he is not politically autonomous. In the face of FOIA litigation, which takes precedence as a practical matter, it actually is “routine” (or at least unsurprising) for the Archivist to defer to the Justice Department and to abstain from unilateral action.

If the ongoing FOIA litigation ultimately led to a determination that the Senate report is a “record” for purposes of FOIA, then it would be easy for the Archivist to concur. If not, then it would be more difficult, but not altogether impossible, for the Archivist to conclude that the report is nevertheless a federal record. “The determination of record status under the FRA and the Freedom of Information Act (FOIA), while not identical, is similar,” the Archivist wrote.

In any event, while an immediate resolution of this dispute is foreclosed by the Archivist’s refusal to intervene, the larger question of the status of the Senate report as a federal record remains open.

Legal technicalities aside, it would be astonishing if the full Senate Committee report were not preserved for posterity one way or another, and eventually published. Even if it is not the last word on post-9/11 detention and interrogation, and even if not every word of it turns out to be true and correct, the Committee report has already become central to public discourse on the subject. If it became possible to erase it from the historical record in some kind of Stalinesque act of suppression, then we would all have bigger problems to worry about.

See related coverage from the Constitution Project, the National Security Archive, the Bill of Rights Defense Committee, and Courthouse News.

Punishing Leaks Through Administrative Channels

The Obama Administration has famously prosecuted more individuals for unauthorized disclosures of classified information to the media than all of its predecessors combined. But behind the scenes, it appears to have sought administrative penalties for leaks — rather than criminal ones — with equal or greater vigor.

“This Administration has been historically active in pursuing prosecution of leakers, and the Intelligence Community fully supports this effort,” said ODNI General Counsel Robert S. Litt in testimony from a closed hearing of the Senate Intelligence Committee in 2012 that was released last week in response to a Freedom of Information Act request.

But, he said, “prosecution of unauthorized disclosure cases is often beset with complications, including difficult problems of identifying the leaker, the potential for confirming or revealing even more classified information in a public trial, and graymail by the defense.”

Therefore, Mr. Litt said, in 2011 Director of National Intelligence James Clapper ordered intelligence agencies “to pursue administrative investigations and sanctions against identified leakers wherever appropriate. Pursuant to this DNI directive, individual agencies are instructed to identify those leak incidents that are ripe for an administrative disposition….”

Administrative penalties could include termination of employment, loss of security clearance, fines, or other adverse consequences. The number of individuals who were in fact sanctioned as a result of the ensuing “emphasis on administrative dispositions of leak investigations” was not disclosed. But “by advocating for administrative action in appropriate cases, the DNI hopes that more leakers will be sanctioned, and others similarly situated will be deterred,” he said at that time.

The 2012 Senate Intelligence Committee hearing pre-dated the classified disclosures in 2013 by Edward Snowden, who was obviously not deterred.

In a 2014 memorandum, Homeland Security Advisor Lisa O. Monaco said that “Recent unauthorized disclosures have unfortunately underscored the need to vigilantly safeguard our Nation’s most sensitive intelligence information.” The memo detailed numerous “near-term measures… aimed at further reducing the risk of additional high-impact disclosures.”

Yet “technical fixes alone cannot fully mitigate the threat posed by a determined insider,” she wrote. “As a result, [the corrective steps] include measures to improve business practices, enhance the security culture across the workforce, and reduce the unique risks associated with ‘privileged’ users.”

See “Near-term Measures to Reduce the Risk of High-Impact Unauthorized Disclosures,” memorandum from Homeland Security Advisor Lisa Monaco, February 11, 2014.

The actual efficacy of the measures described, some of which are still being gradually implemented, has not been publicly reported.

ODNI Revises Costly Declassification Rule

As promised, the Office of the Director of National Intelligence (ODNI) last week formally withdrew a new rule on requesting declassification of classified ODNI records after receiving public complaints that it would have imposed onerous costs on requesters. A revised rule was then issued.

“ODNI received comments regarding the fee provisions [with] the recommendation that those provisions be withdrawn and replaced with fee provisions comparable to those in ODNI’s Freedom of Information Act program,” ODNI said in an April 22 Federal Register notice. (Comments to that effect from the Federation of American Scientists are here; comments submitted by Openthegovernment.org are here.)

“ODNI agrees and therefore is withdrawing its direct final rule.”

A revised rule with amended fee provisions was published in the Federal Register today.

Under the revised rule:

*    photocopying charges would be 10 cents per page instead of 50 cents per page;

*    fees would be waived whenever costs incurred were $10 or less;

*    and the revised rule now allows for a public interest waiver of fees when “the disclosure is likely to contribute significantly to the public understanding of the operations or activities of the United States Government and is not primarily in the commercial interest of the requester.”

Cross-Cutting Intelligence Issues, and More from CRS

A new report from the Congressional Research Service raises the possibility that polygraph testing of intelligence employees could be phased out in favor of “continuous evaluation” (CE), i.e. the automated monitoring of financial, criminal and other databases.

The notion was suggested in a CRS overview of selected intelligence policy issues, including budget management, the quality of analysis, big data, workforce diversity, global coverage, and transparency.

The new CRS report, written by Anne Daugherty Miles, does not make recommendations, but instead presents a series of questions for congressional consideration, such as:

**     “In light of the IC’s use of CE to continually monitor an employee’s social and financial activity, are polygraph examinations still necessary?”

**     “Are there portions of the IC budget that could be made more transparent to the American public without endangering national security?”

**     “Should the IC be expected to monitor every corner of the world every hour of the day?”

**     “What authorities are needed to enhance cooperation with outside experts?”

**     “Are the new principles of transparency sufficient? Can the DNI do more to promote transparency across the IC?” (The April 15 CRS report does not take note of the latest steps by DNI Clapper to invigorate IC implementation of the Fundamental Classification Guidance Review or to establish the IC Transparency Council.)

This particular CRS report does not address intelligence surveillance policy, whistleblower policy, or various other intelligence-related topics of current controversy or interest. See The U.S. Intelligence Community: Selected Cross-Cutting Issues, April 12, 2016.

Some other new or updated products from the Congressional Research Service include the following.

Contested Presidential Nominating Conventions: Brief Background and Questions, CRS Insight, April 15, 2016

Sexual Violence at Institutions of Higher Education, updated April 15, 2016

The Federal Communications Commission: Current Structure and Its Role in the Changing Telecommunications Landscape, updated April 15, 2016

European Security and Islamist Terrorism, CRS Insight, updated April 18, 2016

Navy Littoral Combat Ship (LCS)/Frigate Program: Background and Issues for Congress, updated April 18, 2016

DNI Establishes Intelligence Transparency Council

The notion of “intelligence transparency,” which once would have been considered an oxymoron, is instead becoming institutionalized with the establishment of a new Intelligence Transparency Council. Director of National Intelligence James Clapper signed the Charter of the new Council on April 5.

The Council includes representatives of each of the 17 Intelligence Community member agencies. Its role is to identify and promote appropriate areas for intelligence-related transparency and specifically to coordinate and oversee the implementation of the 2015 Principles of Intelligence Transparency.

For a start, the Council is supposed to “ensure that the public has information that clearly presents the mission, authorities, and oversight mechanism that direct and guide the IC.”

Beyond that, it will also “serve as the principal mechanism to identify possible new priority IC transparency topics to be selected by the DNI and IC leadership for implementation” and it will “establish interagency working groups to address specific transparency topics, as appropriate, in order to advance IC transparency efforts.”

As an inward-looking body that mostly meets behind closed doors, the Intelligence Transparency Council seems to be an internal forum for grappling with questions of increased disclosure, rather than an obvious public relations ploy. The Charter envisions votes and procedures for resolving disagreements, implying that the Council could serve a decision-making function.

Significantly, the Charter signed last week by DNI Clapper will remain in effect for five years. This means that “intelligence transparency” is likely to endure as a problem and a challenge well into the next Administration.