Wanted: Director of the Federal Register (Top Secret)

The National Archives is seeking a new Director of the Federal Register program, a position that requires a Top Secret security clearance.

The Federal Register is sometimes described as the “daily newspaper” of the executive branch. Each weekday, it “provides citizens access to proposed and final regulations, rules, and other administrative actions of the Federal government,” according to an announcement in USA Jobs.

In addition to overseeing the Federal Register itself, the Director of the Federal Register program is responsible for administering the Code of Federal Regulations, the United States Government Manual, the Public Papers of the Presidents, and other foundational U.S. government documents.

So why does the Director need a Top Secret clearance? One reason is that he or she would play a role in continuity of government under conditions of national emergency, and would be responsible in particular for production of the so-called Emergency Federal Register.

“Over the past several years, Federal agencies have developed contingency plans to maintain operations in the case of a broad range of emergency circumstances,” according to a recent proposed rule that was published (naturally) in the Federal Register on October 28. “The FRA [Federal Register Act] authorizes the President to activate the Emergency Federal Register (EFR) system in place of the daily Federal Register in certain limited circumstances…. The purpose of the EFR is to support the preservation of the rule of law and a constitutional form of government,” the proposed rule explained.

Up to now, as far as anyone can tell, the Emergency Federal Register “has never actually replaced the ‘real thing’,” said Harold C. Relyea, a specialist in U.S. government information policy.

The search for a new Director of the Federal Register is open through November 21.

DNI Issues Directive on Polygraph Policy

Polygraph testing is here to stay, judging from a new directive issued by Director of National Intelligence James Clapper. The directive governs the use of polygraph testing in vetting executive branch agency personnel for security clearances or determining their eligibility for “sensitive” positions.

The new Security Executive Agent Directive 2 on the use of the polygraph was obtained by Marisa Taylor of McClatchy News, who has done a series of in-depth news reports on polygraph testing over the past couple of years.

The directive does not seem to entail any major departures from current polygraph policy, but it has several noteworthy features.

Above all, it signals that polygraph testing is not going away. Despite significant skepticism among scientists about the validity of using the polygraph for employee screening, the directive envisions continued reliance on polygraph testing. It states that agencies may even “expand an existing polygraph program” or “establish a new program.”

The directive also represents the further consolidation of the authority of the DNI in his capacity as “Security Executive Agent.” The new directive applies to all executive branch agencies, not just those that are formally members of the U.S. intelligence community.

Finally, among all the possible occasions for use of polygraph testing, the directive singles out “espionage, sabotage, [and] unauthorized disclosure of classified information,” suggesting that these diverse offenses are of comparable significance and concern.

In another recent issuance, the Office of the Director of National Intelligence produced a Strategy and Schedule for Security Clearance Reciprocity in response to a congressional mandate. Reciprocity here refers to the mutual recognition by executive branch agencies of each other’s security clearance approvals, which has been a longstanding but elusive goal.

Congress Grapples with Classification Issues

A bill introduced in the House of Representatives by Rep. Bennie Thompson (D-MS) would direct the President to reduce the amount of classified information by 10%. It is one of several new congressional initiatives seeking to rectify perceived defects in the national security classification system.

Most prominently, the Senate Intelligence Committee is engaged in an ongoing dispute with the Administration over declassification of the Committee’s report on the CIA’s post-9/11 detention and interrogation program.

Sen. Dianne Feinstein, the Committee chair, said the Administration’s proposed redactions to the executive summary of the report were unacceptably broad.

“I have concluded the redactions eliminate or obscure key facts that support the report’s findings and conclusions,” she said on August 5. “Until these redactions are addressed to the committee’s satisfaction, the report will not be made public.”

With this contentious experience fresh in mind, one might have expected the Senate Intelligence Committee to have acquired special insight into the failings of the existing classification system and to have devised some well-considered remedial measures to address them.

But that does not appear to be the case.

In its new intelligence authorization bill for Fiscal Year 2015 (S. 2741, sec. 311), the Committee weakly requires the Director of National Intelligence to prepare a report “describing proposals to improve the declassification process throughout the intelligence community.”

Under current circumstances, this proposed reporting requirement seems like a failure of imagination and leadership, and probably a waste of everyone’s time. Perhaps it is just a placeholder for something more ambitious that is still to come.

By contrast, the bill introduced by Rep. Thompson in the House and by Sen. Ron Wyden in the Senate is prescriptive and solution-oriented in its treatment of the issue.

Among its several provisions, the new bill (HR 5240) would require the President “to establish a goal for the reduction of classified information by not less than 10 percent within five years through improved declassification and improved original and derivative classification decision-making,” according to a Fact Sheet on the bill, dubbed the CORRECT Act. (It is unclear how the 10 percent reduction in information would be measured, whether in pages or bytes or number of classification decisions or by some other standard.)

The Thompson/Wyden bill would also bolster and expand the Public Interest Declassification Board, assigning it the responsibility to evaluate the continuing validity of all current classification guidance. Though this provision may seem innocuous, it is a clear challenge to the autonomy that is currently enjoyed by executive branch agencies regarding what is to be classified. As such, it represents the kernel of a solution to the problem of overclassification.

The bill would further direct the Privacy and Civil Liberties Oversight Board to establish standards for the emerging insider threat program, and it would decisively break from current practice by authorizing the Merit System Protection Board to review agency denials or revocations of security clearances.

However, the deliberative effort that has gone into preparing the bill is not going to yield any near-term reward. In all likelihood, Rep. Thompson’s CORRECT Act will not even receive a hearing in the remainder of this expiring Congress.

Another modest but potentially useful legislative effort is an amendment to be introduced by Sen. Jeanne Shaheen that would enhance the authority and capacity of the National Declassification Center.

If the Senate Intelligence Committee wants a report on “improving declassification,” as the new intelligence authorization bill requires, then there is already a report with that very title that was prepared by the Public Interest Declassification Board in December 2007.

Several of the report’s recommendations have still not been acted on. Among them is a proposal that “formal procedures should be established for the declassification review of classified [congressional] committee reports and hearing transcripts.”

Because such records are produced and held by congressional committees, such as the Senate Intelligence Committee, they are not eligible for declassification unless and until the originating committee takes the initiative to have them reviewed and declassified. Yet this is rarely done, despite the importance of these materials.

“Frequently, closed sessions of congressional committees are the only occasion when executive branch policy in the national security area is explained, challenged (by members), and defended by administration representatives. The exchanges at these hearings, as well as the views of Congress (elaborated in classified committee reports), often affect the policy choices of the executive branch. Yet, because the records of the committees involved are classified and never subjected to declassification review, the public and historians are largely unaware of their existence,” the PIDB report said.

“Despite their historical significance, classified records created by the Congress are reviewed for declassification only on a hit-or-miss and relatively limited basis. As a result, the public is denied a valuable source of historically significant information,” the report said.

So, for example, not a single classified annex to the annual intelligence authorization bills produced by the congressional intelligence committees has ever been declassified.

Wanted: A Chef with a Top Secret Clearance

A secure U.S. government facility in Herndon, Virginia needs a master chef who holds or who can obtain a Top Secret security clearance.

The job opening was announced by Sodexo, the international food service company.

“Sodexo’s Government Services Division is seeking a strong Executive Chef to manage all the culinary operations at a high profile government dining account in Northern Virginia. The successful candidate must be able to obtain a TS/SCI clearance,” the announcement said.

Though it may seem ridiculous, the requirement for a chef with a Top Secret clearance exemplifies a significant policy problem, namely the use of the security clearance process as an employee screening tool.

To all appearances, a chef does not need a security clearance. Although the successful applicant “must become familiar with Sodexo recipes,” those recipes are not national security secrets, and a clearance should not needed to perform the job of Executive Chef.

Nevertheless, a clearance requirement has evidently been imposed because the “culinary operations” are to be conducted in a secure government facility that will place the chef in proximity to secrets, even if he or she does not actually come into possession of any.

This use of the national security clearance process has contributed to the skyrocketing growth in security-cleared personnel. As of October 2013, the number of persons eligible for access to classified information had grown to 5.1 million persons, including over 1.5 million with Top Secret clearances. According to an ODNI report, only 60% of those persons had access to classified information, suggesting that vastly more clearances are being requested and granted than are actually required.

A February 2014 report to the President from the Office of Management and Budget said the security clearance system had become too large and that it needed to be reduced.

“[The] growth in the number of clearance-holders increases costs and exposes classified national security information, often at very sensitive levels, to an increasingly large population,” said the OMB review.

Accordingly, the OMB recommended that the government “reduce [the] total population of 5.1M Secret and TS/SCI clearance holders to minimize risk of access to sensitive information and reduce cost.”

Eliminating the TS/SCI clearance requirement for access to the kitchens and dining rooms of government facilities might be a sensible place to start.

Food service at CIA headquarters, which has been managed by Sodexo, was the subject of some persnickety complaints from CIA employees that were recently disclosed through the Freedom of Information Act by MuckRock. (WaPo)

The Department of Defense revoked more than 19,000 existing security clearances from FY2009 through the first half of FY2013, DoD told Congress in a hearing record that was published earlier this month.

 

Security-Cleared Population Rises to 5.1 Million

The number of Americans who have been investigated and deemed eligible for access to classified information rose last year to a total of 5,150,379 as of October 2013. It was the fourth consecutive year of growth in the security-cleared population.

The new total includes civilian and military government employees (3.7 million) and contractor personnel (1 million), as well as indeterminate others (0.4 million). It represents an increase of 4.7% from the previous year’s total of 4.9 million. Of the 5.1 million persons who were found eligible for access to classified information, 60% had access in fact.

An Office of Management and Budget review said that the continuing growth of the security clearance system is problematic both for financial and security reasons.

“[The] growth in the number of clearance-holders increases costs and exposes classified national security information, often at very sensitive levels, to an increasingly large population,” said the OMB review, which was released last week.

Accordingly, the OMB review recommended that the government “reduce [the] total population of 5.1M Secret and TS/SCI clearance holders to minimize risk of access to sensitive information and reduce cost.”

The number of security clearances is supposed to be reported to Congress each year by the Office of the Director of National Intelligence. But ODNI said it has not yet filed its 2013 report. [Update: The report is available here.] However, the data were provided in the OMB review.

“Since 9/11, the number of clearances annual approved by DoD [the Department of Defense] has tripled, and continues to grow,” according to an independent review of the Washington Navy Yard Shooting in September 2013 that was also released last week.

“This growth magnifies the challenge of investigating clearance seekers, judging their applications, and periodically reviewing them after they are approved.”

“The continuing expansion of the cleared population has created a culture in which once-rare security clearances are now too often granted by default.” (Actually, security clearances have not been “rare” for quite a few decades.)

The independent review proposed that “DoD should seek to make a 10 percent cut in the number of positions that require access to material classified as Secret.”

“As soon as this reduction is attained, a follow-on review should determine whether further reductions can be realized.”

The independent review also identified “a growing culture of over-classification” as a related issue that “merit[s] additional focused study.” See Security From Within: Independent Review of the Washington Navy Yard Shooting, Department of Defense, November 2013 (released March 18, 2014).

Another review conducted by the Under Secretary of Defense for Intelligence concurred that there are too many people with security clearances. But it said that reducing the cleared population will not necessarily improve quality control or significantly reduce the burden on background investigators and adjudicators, because they are also responsible for a large number of “suitability” investigations in addition to security clearance investigations.

“The workload challenge will not be eliminated by reducing the number of security clearances because of the pending impacts of the alignment of suitability and security investigations and reinvestigations required by Executive Order 13467 and the 2012 Revised Federal Investigative Standards.”

“The net effect of the new standards will be to increase the Department’s investigative and adjudicative workload, regardless of the number of security clearances.” See Internal Review of the Washington Navy Yard Shooting, Report to the Secrecy of Defense, November 20, 2013.

Last week, the Department of Defense issued updated policy on the DoD Personnel Security Program (PSP), DoD Instruction 5200.02, March 21, 2014.

Among other things, the updated policy dictates that “All personnel in national security positions shall be subject to continuous evaluation,” referring to a process of collecting, reporting and evaluating security-relevant information about cleared individuals on an ongoing basis.

But this policy is aspirational rather than descriptive of current practice, which is limited to small-scale pilot projects to develop such a capacity. Full implementation of the “continuous evaluation” process is at least several years away, according to last week’s OMB report.

Secretary of Defense Chuck Hagel said last week that “We will consider reducing the number of personnel holding Secret security clearances by at least 10 percent, a recommendation in line with the October 2013 guidance from the Director of National Intelligence.”

Reducing the number of “personnel” that hold security clearances is a slightly different objective than reducing the number of “positions” that require access to classified information, as recommended by the Independent Review. It is not clear if the Secretary intended to make such a distinction.

In response to a request from Secrecy News, ODNI public affairs refused to provide a copy of the October 2013 DNI guidance. (Update: The DNI guidance was described further in this article from Politico.)

HPSCI Seeks “Continuous Evaluation” of Security-Cleared Employees

Recent unauthorized disclosures of classified information might have been prevented if U.S. intelligence agencies “continuously evaluated the backgrounds of employees and contractors,” according to the House Permanent Select Committee on Intelligence (HPSCI).

In its new report on the FY 2014 intelligence authorization bill, the Committee would require intelligence agencies to “continuously determine whether their employees and contractors are eligible for access to classified information” by using all available transactional records and social media.

“Continuous evaluation allows the IC to take advantage of lawfully available government and public information to detect warning signals that the current system of five-year periodic reinvestigation misses,” the HPSCI report said.

“That information might include: foreign travel; reports of foreign contacts financial disclosure information; checks of criminal, commercial marketing, and credit databases; and other appropriate publicly available information.”

The recently developed concept of continuous evaluation (CE) “allows for a review at any time of an individual with eligibility or access to classified information or in a sensitive position to ensure that that individual continues to meet the requirements for eligibility,” said Brian Prioletti of the ODNI National Counterintelligence Executive at a November 13 hearing of the House Homeland Security Committee.

“As envisioned in the reformed security clearance process, [continuous evaluation] includes automated record checks of commercial databases, government databases, and other information lawfully available,” Mr. Prioletti said. “Manual checks are inefficient and resource-intensive. The C.E. initiative currently under development will enable us to more reliably determine an individual’s eligibility to hold a security clearance or a sensitive position on an ongoing basis.”

“There are a number of ongoing pilot studies to assess the feasibility of selected automated record checks and the utility of publicly available electronic information to include social media sites in the personnel security process,” he added.

“While we fully recognize the value of publicly available electronic information and its relevancy from an adjudicative perspective, there are resource, privacy, and civil liberty concerns that must be addressed as we incorporate such checks into our security processes,” Mr. Prioletti acknowledged.

Up Next: Continuous Monitoring

“Continuous evaluation” itself is just an interim stage, said Gregory Marshall, chief security officer at the Department of Homeland Security.  It is a stepping stone to the desired end state of “continuous monitoring,” which involves more extensive collection directed at the individual subject. [Update: This is a non-standard use of the term “continuous monitoring,” which normally refers to monitoring of information systems, not persons.]

“This administration’s recent information-sharing and safeguarding initiative, also known as Insider Threat, seeks to complement background investigations and continuous evaluation with continuous monitoring,” Mr. Marshall said. “This program will incorporate and analyze data in near-real time from a much broader set of sources. Its focus is the protection of classified information but its applicability to suitability and contractor fitness is evident.”

Indeed, the “applicability” of this approach to all sorts of concerns is evident. If leaks of national security information are deemed to be a counterintelligence threat, why wouldn’t the full arsenal of surveillance tools, including the NSA’s PRISM, be employed against them?

An NSA memorandum reported in the Huffington Post today noted that “vulnerabilities of character” revealed through intelligence gathering can be effectively used to discredit individual “radicalizers.”  In one particularly horrifying case, it was found that a suspect “publishes articles without checking facts.” (“Top-Secret Document Reveals NSA Spied On Porn Habits As Part Of Plan To Discredit ‘Radicalizers’,” by Glenn Greenwald, Ryan Gallagher, and Ryan Grim, November 26).

The Director of National Intelligence recently ordered a review to see whether the number of persons who hold security clearances — nearly 5 million persons — could be reduced. (“Obama Administration Looks to Scrub Security Clearance List” by Josh Gerstein, Politico, November 21).

That objective could be inadvertently advanced by efforts to ratchet up personnel security procedures. Facing continuous evaluation and the prospect of continuous monitoring, some individuals might decide to opt out of the security clearance system voluntarily.

The Security Clearance Process, and More from CRS

An introduction to the process for granting security clearances for access to classified information was presented in a new report from the Congressional Research Service. See Security Clearance Process: Answers to Frequently Asked Questions, September 9, 2013.

A related CRS report on leaks and the law was also updated this week.  See Criminal Prohibitions on the Publication of Classified Defense Information, updated September 9, 2013.

And for good measure, there is this new CRS report:  The Potential Federal Tax Implications of United States v. Windsor (Striking Section 3 of the Defense of Marriage Act (DOMA)): Selected Issues, September 9, 2013.

Security Clearance Denials and Constitutional Rights

It is generally understood that there is no legally enforceable “right” to be granted a security clearance for access to classified information.  And a landmark 1988 U.S. Supreme Court ruling in Department of the Navy v. Egan has often been interpreted to preclude judicial review of the merits of an agency decision to deny or revoke a security clearance.

But can a court review the denial of a security clearance if it involves an unconstitutional act of discrimination or a restriction of constitutionally guaranteed rights?

A new petition for certiorari asks the U.S. Supreme Court to clarify this issue, which has been a recurring source of confusion.

In a lawsuit filed against the National Geospatial-Intelligence Agency in 2011, petitioner Mahmoud Hegab argued that his security clearance had been improperly revoked by NGA in violation of his constitutional rights.  Specifically, Hegab alleged that he was being punished because his wife was employed by an Islamic faith-based charity (Islamic Relief USA), that she had attended a Saudi-funded academic institution, and that she had participated in an anti-war demonstration. (All government allegations against her were based on open sources, not classified intelligence.)

In short, Mr. Hegab argued the security process was being used punitively to violate his constitutional freedom of religion, freedom of speech and freedom of association.  (“Clearance Lost Due to Anti-Islamic Prejudice, Lawsuit Says,” Secrecy News, October 6, 2011).

The National Geospatial-Intelligence Agency disputed this characterization, and a court declined to review the matter.  Judge James C. Cacheris of the Eastern District of Virginia said that even if it were true that the government had violated the Constitution, the court was barred by Egan and prior precedent from reviewing the NGA decision to revoke Hegab’s security clearance. (“Court Says Review of Security Clearance Dispute is ‘Prohibited’,” Secrecy News, January 23, 2012).  An appeals court upheld dismissal of the case.

This holding would seem to leave an entire domain of potentially unconstitutional government action beyond judicial review.  It is also arguably contrary to another U.S. Supreme Court ruling in a case called Webster v. Doe, in which the Court held that security-based employment decisions could be reviewed where an employee alleged that his constitutional rights had been violated.  In Webster v. Doe, a CIA employee challenged his dismissal on grounds of his homosexuality, and the Supreme Court ruled that the matter was judicially reviewable.

In an August 20, 2013 petition to the Supreme Court, Mr. Hegab’s attorney Sheldon I. Cohen asked the Court to rule that the Hegab case is likewise judicially reviewable.  The Court is not asked to adjudicate the specific claims of discrimination made by Mr. Hegab but simply to affirm that his claims are eligible for judicial review.

The case law in this area is in “disarray,” Mr. Cohen wrote, and there is “confusion among the lower courts on the permissibility of judicial review of challenges to security clearance determinations where constitutional rights are alleged to have been violated.”

“This case is of exceptional importance because close to five million federal civilian employees, members of the military and employees of defense contractors hold security clearances,” Mr. Cohen wrote.  Affirming a right of judicial review in cases like Mr. Hegab’s “would not only protect and uphold the constitutional rights of the affected individual, but would put agency decision makers on notice that they do not have carte blanche to violate the Constitution in this realm.”

A government response to the Hegab petition is due by September 25.

An internal Justice Department working group acknowledged in 1997 that the Webster case “appears to authorize, indeed require, judicial review of equitable constitutional claims.”  In a candid Discussion Paper obtained by Secrecy News that was not intended for public release, the working group proposed a narrow form of judicial review in security clearance cases where constitutional claims were raised.  But that proposal does not appear to have been accepted or acted upon.  See Judicial Review of Claims of Discrimination in Security Clearance Determinations, Department of Justice working group, 1997.

A critical account of the impact of the Supreme Court ruling in Department of the Navy v. Egan was presented in Judicial Interpretations of Egan by Louis Fisher, Law Library of Congress, November 13, 2009.