Dozens of Leak Referrals Sent to DoJ Each Year

Updated below

The Department of Justice said last week that it received dozens of “crimes reports” concerning unauthorized disclosures of classified information each year for most of the past several years, although only 18 such referrals were made in 2015.

In a July 20 response to a Freedom of Information Act request, DOJ’s National Security Division provided the following data on the number of crimes reports — i.e., referrals of suspected violations of criminal law — involving leaks of classified information for each of the last seven Calendar Years (CY):

    CY2009: 44
    CY2010: 33
    CY2011: 41
    CY2012: 46
    CY2013: 55
    CY2014: 41
    CY2015: 18

These data are generally indicative of the number of discrete leak episodes in each year.

Only a fraction of such leak referrals ever lead to an investigation, DOJ told Congress in 2010 and only a fraction of the investigations result in criminal prosecution.

“In most cases, the information included in the referral is not adequate to initiate an investigation. The most typical information gap is a failure to identify all those with authorized access to the information, which is the necessary starting point for any leak investigation.”

“When this information is sufficient to open an investigation, the FBI has been able to identify suspects in approximately 50% of these cases over the past 5 years [i.e. 2005-2009]. Even when a suspect is identified, though, prosecution is extremely rare,” DOJ said then.

A crimes report regarding a classified leak to the media is usually accompanied by a DOJ Media Leak Questionnaire, describing the nature of the unauthorized disclosure, its origin, accuracy, significance and scope of dissemination.

In the era of the mass leak, the number of individual leak episodes does not bear any correlation to the volume of classified material that has been disclosed. So the large Manning releases of 2010 and the Snowden releases of 2013 do not clearly stand out in the new DOJ tabulation. The number of leak referrals also does not provide an indication of the magnitude of damage to national security, if any, that resulted from the leaks.

While unauthorized disclosures of classified information are often prized by reporters as indispensable for independent national security journalism, they can be cause for trepidation among the government officials who have to manage their consequences.

The 1978 book Legend by Edward Jay Epstein “contained enough details to pinpoint [KGB officer Alexei] Kulak as an American agent,” wrote David E. Hoffman in his book The Billion Dollar Spy (Doubleday, 2015, p. 58). As a result, CIA had to immediately prepare an exfiltration plan to get its agent out of the Soviet Union. “If the KGB followed up on details in the book and arrested him, Kulak would certainly face charges of treason, punishable by death.” As things turned out, “Kulak was not discovered and later died of a heart attack” without having left his country. But due to the compromise of information about him, Hoffman wrote, “CIA had lost Kulak as an intelligence source.”

A 1995 New York Times story about “dirty assets” — i.e., intelligence sources who themselves have been involved in criminal activity — is said to have led to the death of another American agent (this could not be independently confirmed by Secrecy News). In response to pleas from government officials, “Some identifying details were omitted [by the New York Times], but way too many weren’t,” wrote former CIA acting general counsel John Rizzo in his memoir Company Man (Scribner, 2014, p. 151).

“It is the only leak I can remember that indisputably caused the death of a CIA source,” wrote Rizzo.

Update: We should not have repeated the unsupported allegation by John Rizzo that a New York Times story caused the death of a CIA source. The story, which dealt with an issue of current public debate, was carefully reported by the Times to exclude identifying details that might have placed individuals in danger. It was prepared with the active cooperation of Jeffrey H. Smith, then-CIA general counsel, who was himself quoted in the story. Under the circumstances, Rizzo’s accusation is outrageous and we were wrong to circulate it.

Punishing Leaks Through Administrative Channels

The Obama Administration has famously prosecuted more individuals for unauthorized disclosures of classified information to the media than all of its predecessors combined. But behind the scenes, it appears to have sought administrative penalties for leaks — rather than criminal ones — with equal or greater vigor.

“This Administration has been historically active in pursuing prosecution of leakers, and the Intelligence Community fully supports this effort,” said ODNI General Counsel Robert S. Litt in testimony from a closed hearing of the Senate Intelligence Committee in 2012 that was released last week in response to a Freedom of Information Act request.

But, he said, “prosecution of unauthorized disclosure cases is often beset with complications, including difficult problems of identifying the leaker, the potential for confirming or revealing even more classified information in a public trial, and graymail by the defense.”

Therefore, Mr. Litt said, in 2011 Director of National Intelligence James Clapper ordered intelligence agencies “to pursue administrative investigations and sanctions against identified leakers wherever appropriate. Pursuant to this DNI directive, individual agencies are instructed to identify those leak incidents that are ripe for an administrative disposition….”

Administrative penalties could include termination of employment, loss of security clearance, fines, or other adverse consequences. The number of individuals who were in fact sanctioned as a result of the ensuing “emphasis on administrative dispositions of leak investigations” was not disclosed. But “by advocating for administrative action in appropriate cases, the DNI hopes that more leakers will be sanctioned, and others similarly situated will be deterred,” he said at that time.

The 2012 Senate Intelligence Committee hearing pre-dated the classified disclosures in 2013 by Edward Snowden, who was obviously not deterred.

In a 2014 memorandum, Homeland Security Advisor Lisa O. Monaco said that “Recent unauthorized disclosures have unfortunately underscored the need to vigilantly safeguard our Nation’s most sensitive intelligence information.” The memo detailed numerous “near-term measures… aimed at further reducing the risk of additional high-impact disclosures.”

Yet “technical fixes alone cannot fully mitigate the threat posed by a determined insider,” she wrote. “As a result, [the corrective steps] include measures to improve business practices, enhance the security culture across the workforce, and reduce the unique risks associated with ‘privileged’ users.”

See “Near-term Measures to Reduce the Risk of High-Impact Unauthorized Disclosures,” memorandum from Homeland Security Advisor Lisa Monaco, February 11, 2014.

The actual efficacy of the measures described, some of which are still being gradually implemented, has not been publicly reported.

Petraeus Deal Cited in Sterling Leak Defense

Attorneys for former CIA officer Jeffrey Sterling, who was found guilty on nine felony counts involving unauthorized disclosure of classified information, argued yesterday that the Sterling verdict should be set aside in view of the misdemeanor plea agreement that was recently offered to former CIA director Gen. David Petraeus for mishandling classified information.

Sterling’s attorneys suggested that the disparate treatment of the two cases was attributable to improper considerations of rank and race.

They noted that Petraeus had acknowledged providing his mistress unauthorized access to “classified information regarding the identities of covert officers, war strategy, intelligence capabilities and mechanisms, diplomatic discussions, quotes and deliberate discussions from high level National Security Council meetings, and […] discussions with the President of the United States of America.”

“For these transgressions, General Petraeus pled guilty to a misdemeanor violation of 18 U.S.C. § 1924 and will not serve a single day in jail. No espionage charge was made. Equally stunning is that General Petraeus admits to making false statements to the Government about his criminal activity and yet avoids a perjury or obstruction charge.”

“On the other hand, Mr. Sterling was charged with espionage and obstruction and faces a prison term. The defense submits again that the principal difference between Mr. Sterling and Generals Petraeus and Cartwright [who was reportedly suspected of leaks concerning the Stuxnet program] are their respective races and rank. Like General Cartwright, General Petraeus is a white, high-ranking official.” Mr. Sterling is African-American.

“The Government must explain why the justice meted out to white Generals is so different from what Mr. Sterling has faced,” the Sterling attorneys wrote in a March 19 filing.

In a letter to the editor of the New York Times today, attorney David E. Kendall said that the Petraeus case differed from other leak cases in that Gen. Petraeus had not intended to publicly release classified information and that the information in question had not in fact been made public.

Yesterday, the Sterling attorneys also urged the court to dismiss the case against Sterling because they said that the government had failed to produce any direct evidence that he committed the crimes he is charged with.

“In this case, not even one witness was called with direct evidence of Mr. Sterling’s guilt on a single charge,” they wrote in another March 19 filing. “The Court can search the record with a fine tooth comb and find no evidence that beyond a reasonable doubt identifies Mr. Sterling as the source” for classified information that appeared in James Risen’s book State of War.

Government attorneys, citing precedent, argued this month that “a conviction may rely entirely on circumstantial evidence.”

Attorney Blasts Double Standard for Punishing Leaks

The Department of Justice has adopted an unacceptable double standard in its treatment of persons accused of leaking or mishandling classified information, the attorney for imprisoned leaker Stephen Kim wrote in a letter to DoJ released yesterday.

“The decision to permit General [David] Petraeus to plead guilty to a misdemeanor demonstrates more clearly than ever the profound double standard that applies when prosecuting so-called ‘leakers’ and those accused of disclosing classified information for their own purposes,” attorney Abbe Lowell wrote in a March 5 letter.

“As we said at the time of Mr. Kim’s sentencing, lower-level employees like Mr. Kim are prosecuted under the Espionage Act because they are easy targets and lack the resources and political connections to fight back. High-level officials (such as General Petraeus and, earlier, Leon Panetta) leak classified information to forward their own agendas (or to impress their mistresses) with virtual impunity.”

In light of the Petraeus plea agreement, Mr. Lowell asked Department attorneys to support Mr. Kim’s immediate release from prison.

In a statement to supporters, Mr. Kim’s sister Yuri Lusternberger-Kim expressed dismay at the Petraeus settlement.

“You can imagine how are hearts sunk and the outrage we felt when we heard this. For pleading to much less, Stephen was given a much harsher sentence — a felony conviction and 13 months in prison. This double standard is inexplicable on its face. For a lot of reasons, the resolution for General Petraeus is fair (the Espionage Act should not be used for these kinds of ‘leaks’), but Stephen should have been given the same benefits.”

“We are let down by our justice system when it applies harsh, unfair judgments on those without power, and who don’t play politics and don’t have powerful political allies.”

“Our family and our friends think it is just terribly unfair and not right that Stephen was given less consideration and different treatment for doing no more, and even less than General Petraeus. The General got the right result, but so should have Stephen. Stephen’s lawyers tried to get the Justice Department to address this disparity but they would not do so. We want others to know this,” Ms. Lustenberger-Kim said.

(More: The Intercept, NYT, Yahoo, Bloomberg)

Leaks Damaged U.S. Intelligence, Official Says

Unauthorized disclosures of classified information by Edward Snowden have damaged U.S. intelligence capabilities, National Counterterrorism Center director Nicholas J. Rasmussen told Congress last week.

“Due to the Snowden leaks and other disclosures, terrorists also have a great understanding of how we seek to conduct surveillance including our methods, our tactics and the scope and scale of our efforts. They’ve altered the ways in which they communicate and this has led to a decrease in collection,” Mr. Rasmussen said at a February 12 hearing of the Senate Select Committee on Intelligence.

“We have specific examples which I believe we have shared with the committee and the committee staff in classified session — specific examples of terrorists who have adopted greater security measures such as using various new types of encryption, terrorists who have dropped or changed email addresses, and terrorists who have simply stopped communicating in ways they had before, in part because they understand how we collected,” he said.

This is not terribly persuasive, particularly since Mr. Rasmussen did not specify which leaks resulted in which changes by which terrorists at what cost to U.S. security. Nor is a public statement by an intelligence official before the Senate Intelligence Committee entitled any longer to a presumption of accuracy since the Committee permits errors to stand uncorrected.

Nevertheless, it seems plausible that leaks which had the power to galvanize public debate over the scope of intelligence surveillance might also have had the power to undermine existing collection capabilities, including collection for valid and necessary purposes.

For some of Edward Snowden’s partisans and supporters, however, the possibility that his leaks had negative as well as positive consequences involves more complexity than they can tolerate. If Snowden intended to defend constitutional values, as he insists, then how dare anyone suggest that he may have also aided America’s enemies, even indirectly?

This sort of complexity does not arise in Laura Poitras’s award-winning film Citizenfour about Snowden, as its few critical reviewers have noted.

Many of the documents Snowden disclosed “go far beyond exposures of spying on Americans,” wrote Fred Kaplan in a review of the film in Slate. “If Snowden and company wanted to take down an intelligence agency, they should say so. But that has nothing to do with whistleblowing or constitutional rights.”

Likewise, wrote George Packer in The New Yorker, “Among the leaked documents are details of foreign-intelligence gathering that do not fall under the heading of unlawful threats to American democracy–what Snowden described as his only concern. [Former NSA official William] Binney, generally a fervent Snowden supporter, told USA Today that Snowden’s references to ‘hacking into China’ went too far: ‘So he is transitioning from whistle-blower to a traitor’.”

And from Michael Cohen in The Daily Beast: “What is left out of Poitras’s highly sympathetic portrayal of Snowden is so much of what we still don’t know about him. For example, why did he steal so many documents that have nothing to do with domestic surveillance but rather overseas–and legal–intelligence-gathering operations?”

But for a discussion of Citizenfour that presents no such dissonant, skeptical notes or troublesome opposing views, see the late David Carr’s final interview with Snowden, Poitras and Glenn Greenwald.

“How’d you like the movie?” Mr. Carr asked Snowden. “It’s incredible,” Mr. Snowden affirmed. “I don’t think there’s any film like it.”

Congress Tells DoD to Report on Leaks, Insider Threats

For the next two years, Congress wants to receive quarterly reports from the Department of Defense on how the Pentagon is responding to leaks of classified information. The reporting requirement was included in the pending National Defense Authorization Act for FY 2015 (Sec. 1052).

“Compromises of classified information cause indiscriminate and long-lasting damage to United States national security and often have a direct impact on the safety of warfighters,” the Act states.

“In 2010, hundreds of thousands of classified documents were illegally copied and disclosed across the Internet,” it says, presumably referring to the WikiLeaks disclosures of that year.

“In 2013, nearly 1,700,000 files were downloaded from United States Government information systems, threatening the national security of the United States and placing the lives of United States personnel at extreme risk,” the Act states, in a presumed reference to the Snowden disclosures. “The majority of the information compromised relates to the capabilities, operations, tactics, techniques, and procedures of the Armed Forces of the United States, and is the single greatest quantitative compromise in the history of the United States.”

The Secretary of Defense will be required to report on changes in policy and resource allocations that are adopted in response to significant compromises of classified information.

The defense authorization act does not address irregularities in the classification system, such as overclassification or failure to timely declassify information.

It does call for additional reporting on the Department of Defense “insider threat” program (Sec. 1628), and on “the adoption of an interim capability to continuously evaluate the security status of the employees and contractors of the Department who have been determined eligible for and granted access to classified information.”

By definition, this continuous evaluation approach does not focus on suspicious individuals or activities, but rather is designed to monitor all security-cleared personnel.

Rep. Moran Urges Presidential Pardon for John Kiriakou

Rep. James P. Moran this week called on President Obama to pardon John Kiriakou, the former CIA officer who was convicted of disclosing the name of an undercover intelligence officer and who is currently serving a prison sentence in the Federal Correctional Institution in Loretto, Pennsylvania.

“Mr. Speaker, I rise today to ask for a Presidential pardon for John Kiriakou,” said Rep. Moran (D-VA), who is retiring from Congress, in a statement entered in the Congressional Record. “Mr. Kiriakou is an American hero.”

John Kiriakou is a whistleblower, as well. The first American intelligence officer to officially and on-record reveal that the U.S. was in the torture business as a matter of White House policy under President Bush. In confirming what the American media and policymakers were hearing whispered–that waterboarding and other enhanced interrogation techniques were a matter of standard military and intelligence procedures–he helped begin an intense and overdue debate over whether torture violated international law, tarnished our higher American principles and undermined the critical need for reliable, actionable information,” Rep. Moran said.

“And John Kiriakou is a convicted felon, serving a 2\1/2\ year plea bargained sentence in a Pennsylvania federal prison. The charge against him is violating the Intelligence Identities Protection Act, whereby John answered a question from a U.S. reporter who was duplicitously fronting for lawyers defending Al Qaeda prisoners held at Guantanamo Bay and in the process unintentionally confirmed the classified identity of a CIA colleague. A colleague who, by the way, was being erroneously labeled as an enhanced interrogation techniques torturer.”

“The real issue here is the extremely selective prosecution of John and the ongoing efforts to intimidate him from talking about our intelligence community’s misfires,” he said.

“Whatever John’s misdeeds–and he admits that answering that reporter’s questions was ill-advised and naive–he has more than paid for them. After fifteen years of service to his country, the personal risks and costs of a life in the intelligence world, the legal double-standard applied, and now two years in prison John Kiriakou deserves a Presidential pardon so his record can be cleared, just as this country is trying to heal from a dark chapter in its history,” Rep. Moran said.

Rep. Moran’s statement does not constitute an application for a presidential pardon, and Mr. Kiriakou would not normally be eligible for such a pardon until at least 5 years after his impending release from prison.

The Moran statement does, however, represent a rare congressional expression of sympathy for a convicted leaker, and an unusual gesture of respect for an incarcerated American of any kind.

And in fact, there is some precedent for a pardon, even among the small cohort of convicted leakers of classified information.

In January 2001, President Clinton formally pardoned Samuel Loring Morison, the first person to be convicted of unauthorized disclosure of classified information to the press. A copy of the certificate of clemency is here.

“What is remarkable is not the crime,” wrote Sen. Patrick Moynihan in a 1998 letter to the President about the Morison case, “but that he is the only one convicted of an activity which has become a routine aspect of government life: leaking information to the press in order to bring pressure to bear on a policy question.”

“A presidential pardon is a sign of forgiveness,” wrote Justice Department pardon attorney Roger C. Adams at the time. “It does not erase or expunge the record of conviction and does not indicate innocence.”

DoD Leaks Now Termed “Serious Security Incidents”

Unauthorized disclosures of classified information, leaks to the news media, acts of espionage, and certain other information security offenses are now to be collectively designated as “serious security incidents,” according to a Department of Defense directive that was published this week.

The new terminology was adopted in order to standardize procedures for preventing, identifying, investigating and reporting such violations when they occur. See “Management of Serious Security Incidents Involving Classified Information,” DoD Directive 5210.50, October 27, 2014.

The new directive replaces a previous directive from 2005, which had simply been titled “Unauthorized Disclosure of Classified Information to the Public.”

Not every episode of mishandling classified information qualifies as a “serious security incident.” But that term applies whenever there is an unauthorized disclosure of classified information in the news media, or an act of espionage, or a willful disclosure of classified information to an unauthorized person that involves large amounts of classified information, or that reveals a systemic weakness in classification practices, among other circumstances. The threshold is determined by what is reportable to senior to DoD authorities (as specified in DoD Manual 5200.01, vol. 3, enclosure 6, at p. 88).

(Strictly speaking, the creation of an unauthorized DoD “special access program” would also appear to constitute a “serious security incident” requiring investigation, reporting and accountability. But that possibility is not mentioned in the new directive.)

“Serious security incident investigations and reporting will integrate security, counterintelligence, law enforcement, and other appropriate DoD interests to ensure that the causes of serious security incidents are identified and that all appropriate means are utilized to identify and mitigate damage to national security and avoid similar occurrences,” the new directive states.

This week, Michael Isikoff of Yahoo News reported that the FBI had identified a new leaker (“Feds identify suspected ‘second leaker’ for Snowden reporters,” October 27). The story also cited concerns among some intelligence officials that the Department of Justice may be reluctant to initiate new criminal prosecutions of suspected leakers due to criticism of past overzealousness.

It is hard to confirm from a distance that such reluctance on the part of Justice Department officials exists. But in fact, the government has always had alternatives to Espionage Act prosecutions of suspected leakers, including civil or administrative penalties and loss of security clearance.

The new DoD directive says that “DoD personnel responsible for serious security incidents may be held accountable, as appropriate, in a criminal proceeding, civil judicial action, disciplinary or adverse administrative action, or other administrative action authorized by federal law or regulations.”

Likewise, a July 2013 Department of Justice review of policies concerning the news media said that “The Department will work with others in the Administration to explore ways in which the intelligence agencies themselves, in the first instance, can address information leaks internally through administrative means, such as the withdrawal of security clearances and imposition of other sanctions.”

Report on Disclosures to the Media is Classified

A report to Congress on authorized disclosures of classified intelligence to the media — not unauthorized disclosures — is classified and is exempt from disclosure under the Freedom of Information Act, the National Security Agency said.

The notion of an authorized disclosure of classified information is close to being a contradiction in terms. If something is classified, how can its disclosure be authorized (without declassification)? And if something is disclosed by an official who is authorized to do so, how can it still be classified? And yet, it seems that there is such a thing.

Confronted by a pressing question from a reporter on a classified matter, an official might opt to acknowledge or disclose classified information in response, without necessarily intending to broadcast that information to everyone. In such cases, the information might be disclosed without being declassified, especially if it is already known to the reporter through other channels.

In the Intelligence Authorization Act for FY 2013 (sec. 504), Congress directed that “In the event of an authorized disclosure of national intelligence” to the media, the government official responsible for authorizing the disclosure shall notify Congress in a timely fashion whenever the intelligence disclosed is classified (or declassified for the purpose of the disclosure).

The purpose of that requirement was to ensure that the congressional intelligence committees are made aware of authorized disclosures to the press “so that, among other things, these authorized disclosures may be distinguished from unauthorized ‘leaks’,” according to the Senate report on the FY2013 intelligence bill.

So what disclosures of classified intelligence to the media were approved by government officials and reported to Congress, we asked earlier this year? The National Security Agency refuses to disclose those disclosures.

“The document responsive to your request has been reviewed by this Agency as required by the FOIA and has been found to be currently and properly classified in accordance with Executive Order 13526,” according to an October 2 letter signed by retiring NSA FOIA chief Pamela N. Phillips. “The document is classified because its disclosure could reasonably be expected to cause exceptionally grave damage to the national security.”

We appealed the denial.

“It is well established that information, including classified information, that has been publicly disclosed on an authorized basis loses its exemption from disclosure under FOIA,” the FAS appeal letter said.

“Since the requested document addresses ‘authorized public disclosures,’ the substance of those authorized disclosures may no longer be withheld.”

WWII Atomic Bomb Project Had More Than 1,500 “Leaks”

The Manhattan Project to develop the first atomic bomb during World War II was among the most highly classified and tightly secured programs ever undertaken by the U.S. government. Nevertheless, it generated more than 1,500 leak investigations involving unauthorized disclosures of classified Project information.

That remarkable fact is noted in the latest declassified volume of the official Manhattan District History (Volume 14, Intelligence & Security) that was approved for release and posted online by the Department of Energy last month.

In several respects, the Manhattan Project established the template for secret government programs during the Cold War (and after). It pioneered or refined the practices of compartmentalization of information, “black” budgets, cover and deception to conceal secret facilities, minimal notification to Congress, and more.

But wherever there are national security secrets, it seems that leaks and spies are not far behind.

During the course of the Manhattan Project, counterintelligence agents “handled more than 1,000 general subversive investigations, over 1,500 cases in which classified project information was transmitted to unauthorized persons, approximately 100 suspected espionage cases, and approximately 200 suspected sabotage cases,” according to the newly declassified history (at pp. S2-3).

Most of the 1,500 leak cases seem to have been inadvertent disclosures rather than deliberate releases to the news media of the contemporary sort. But they were diligently investigated nonetheless. “Complete security of information could be achieved only by following all leaks to their source.”

In 1943, there were several seemingly unrelated cases of Protestant clergymen in the South preaching sermons that alarmingly cited “the devastating energy contained in minute quantities of Uranium 235” (while contrasting it with “the power of God [that] was infinitely greater”). The sermons were eventually traced back to a pamphlet distributed by a Bible college in Chicago, which was determined to be harmless. Other disclosures cited in the history involved more serious indiscretions that drew punitive action.

“Since September 1943, investigations were conducted of more than 1500 ‘loose talk’ or leakage of information cases and corrective action was taken in more than 1200 violations of procedures for handling classified material,” the history said (p. 6.5).

“Upon discovery of the source of a violation of regulations for safeguarding military information, the violator, if a project employee, was usually reprimanded, informed of the possible application of the Espionage Act, and warned not to repeat the violation.”

Fundamentally, however, information security was not to be achieved by the force of law or the threat of punishment. Rather, it was rooted in shared values and common commitments, the Project history said.

“Grounds for protecting information were largely patriotism, loyalty to the fighting men, and the reasoning that the less publicity given the Project, the more difficult it would be for the enemy to acquire information about it and also, the greater would be the element of surprise” (p. 6.13).

The only other remaining portion of the official history, Foreign Intelligence Supplement No. 1 to Manhattan District History Volume 14, was also published online last month. It provided an account of U.S. wartime intelligence collection aimed at enemy scientific research and development. Some information in that volume was deleted by the Central Intelligence Agency.

The entire thirty-six volume Manhattan District history has now been declassified and posted online.