Updated again below
The Department of Justice said last week that it received dozens of “crimes reports” concerning unauthorized disclosures of classified information each year for most of the past several years, although only 18 such referrals were made in 2015.
In a July 20 response to a Freedom of Information Act request, DOJ’s National Security Division provided the following data on the number of crimes reports — i.e., referrals of suspected violations of criminal law — involving leaks of classified information for each of the last seven Calendar Years (CY):
These data are generally indicative of the number of discrete leak episodes in each year.
Only a fraction of such leak referrals ever lead to an investigation, DOJ told Congress in 2010 and only a fraction of the investigations result in criminal prosecution.
“In most cases, the information included in the referral is not adequate to initiate an investigation. The most typical information gap is a failure to identify all those with authorized access to the information, which is the necessary starting point for any leak investigation.”
“When this information is sufficient to open an investigation, the FBI has been able to identify suspects in approximately 50% of these cases over the past 5 years [i.e. 2005-2009]. Even when a suspect is identified, though, prosecution is extremely rare,” DOJ said then.
A crimes report regarding a classified leak to the media is usually accompanied by a DOJ Media Leak Questionnaire, describing the nature of the unauthorized disclosure, its origin, accuracy, significance and scope of dissemination.
In the era of the mass leak, the number of individual leak episodes does not bear any correlation to the volume of classified material that has been disclosed. So the large Manning releases of 2010 and the Snowden releases of 2013 do not clearly stand out in the new DOJ tabulation. The number of leak referrals also does not provide an indication of the magnitude of damage to national security, if any, that resulted from the leaks.
While unauthorized disclosures of classified information are often prized by reporters as indispensable for independent national security journalism, they can be cause for trepidation among the government officials who have to manage their consequences.
The 1978 book Legend by Edward Jay Epstein “contained enough details to pinpoint [KGB officer Alexei] Kulak as an American agent,” wrote David E. Hoffman in his book The Billion Dollar Spy (Doubleday, 2015, p. 58). As a result, CIA had to immediately prepare an exfiltration plan to get its agent out of the Soviet Union. “If the KGB followed up on details in the book and arrested him, Kulak would certainly face charges of treason, punishable by death.” As things turned out, “Kulak was not discovered and later died of a heart attack” without having left his country. But due to the compromise of information about him, Hoffman wrote, “CIA had lost Kulak as an intelligence source.”
A 1995 New York Times story about “dirty assets” — i.e., intelligence sources who themselves have been involved in criminal activity — is said to have led to the death of another American agent (this could not be independently confirmed by Secrecy News). In response to pleas from government officials, “Some identifying details were omitted [by the New York Times], but way too many weren’t,” wrote former CIA acting general counsel John Rizzo in his memoir Company Man (Scribner, 2014, p. 151).
“It is the only leak I can remember that indisputably caused the death of a CIA source,” wrote Rizzo.
Update: We should not have repeated the unsupported allegation by John Rizzo that a New York Times story caused the death of a CIA source. The story, which dealt with an issue of current public debate, was carefully reported by the Times to exclude identifying details that might have placed individuals in danger. It was prepared with the active cooperation of Jeffrey H. Smith, then-CIA general counsel, who was himself quoted in the story. Under the circumstances, Rizzo’s accusation is outrageous and we were wrong to circulate it.
Second Update, 7/26/16:
Jeffrey H. Smith and John Rizzo responded via email:
We were dismayed to read your note yesterday apologizing for relying on John Rizzo’s book that a leak in the New York Times in 1995 led to the death of a human source of the CIA. Your apology said, accurately, that Jeff Smith had spoken to the Times but then concluded — without speaking to either of us — that because the article was “carefully reported” John Rizzo’s “accusation is outrageous”. Had you spoken to us, who actually know what happened, we would have told you that we stand by the passage in John’s book.