SECRECY NEWS
from the FAS Project on Government Secrecy
Volume 2010, Issue No. 86
October 27, 2010

Secrecy News Blog: http://www.fas.org/blog/secrecy/

ODNI ISSUES NEW SECURITY STANDARDS FOR INTEL FACILITIES

The Office of the Director of National Intelligence has issued new standards for the construction of Sensitive Compartmented Information Facilities (SCIFs).

SCIFs (pronounced "skiffs") are rooms, vaults, or even entire buildings that are specially constructed and certified for the handling and storage of classified intelligence information known as Sensitive Compartmented Information (SCI).

The total number of SCIFs around the country and the world is not known, but is likely to be in the thousands. Each of them must be formally inspected and approved (or "accredited") for handling intelligence information and protecting it against loss, theft, unauthorized disclosure, electronic interception or other forms of compromise.

The adoption of new uniform standards for all SCIFs, including existing facilities and new construction, is intended "to enable information sharing to the greatest extent possible." So "Any SCIF that has been accredited by an IC element... shall be reciprocally accepted for use as accredited by all IC elements...."

Copies of the new standards are available on the Federation of American Scientists website. See "Physical and Technical Security Standards for Sensitive Compartmented Information Facilities," Intelligence Community Standard Number 705-1, September 17, 2010:

and "Standards for the Accreditation and Reciprocal Use of Sensitive Compartmented Information," Intelligence Community Standard Number 705-2, September 17, 2010:

The Standards were signed by former Assistant DNI David R. Shedd, who became Deputy Director of the Defense Intelligence Agency on September 20, 2010.

INFORMATION SHARING: FEAST OR FAMINE

Sharing of intelligence and other sensitive information within government and with selected private sector entities remains a work in progress. Depending on one's perspective, there is too little sharing, or too much, or else the right stuff is not being shared.

J. Alan Orlob, the Vice President for Corporate Security at Marriott Hotels, told Congress last year (in a newly published hearing volume) that there was still plenty of room for improvement, and illustrated his point with an anecdote.

"After the bombing of the JW Marriott Hotel in Jakarta, Indonesia [in 2003]," he recalled, "the C.I.A. reached out to me to give me a briefing on the terrorist group, Jemaah Islamiya. I was impressed that they would do so. However, during the briefing, the information that I was being presented was so vague and obtuse that I began correcting the briefer. Again, the information that we needed was not being shared. We do not need specifics and names of individuals. We do need to understand terrorist group history, methods, and means. Only in that way, can we ensure that we are employing proper countermeasures to deter or mitigate an incident."

See "Lessons from the Mumbai Terrorist Attacks, Parts I and II," hearings before the Senate Homeland Security and Governmental Affairs Committee, January 8 and 28, 2009 (published October 2010):

FBI Director Robert S. Mueller told Congress earlier this year that intelligence sharing had actually increased to a now daunting level. "With improved information collection and sharing capabilities within the [U.S. intelligence Community], the FBI receives well over 100 different feeds of criminal and terrorist data from a variety of sources," he said. "It is a great challenge to ensure that intelligence analysts are able to efficiently understand and analyze the enormous volume of information they receive."

See "Securing America's Safety: Improving the Effectiveness of Antiterrorism Tools and Interagency Communication," Senate Judiciary Committee, January 20, 2010 (published October 2010):

The release of a new government-wide policy on "controlled unclassified information" that is supposed to promote the sharing of unclassified "sensitive" information is said to be imminent, more or less.

POLYGRAPH TESTING AGAINST BORDER CORRUPTION

A bill passed by the Senate last month would require U.S. Customs and Border Protection (CBP) to administer polygraph tests to all applicants for law enforcement positions within the agency.

The move was prompted by reports (originally in the New York Times) and testimony before the Senate Homeland Security Committee that Mexican drug trafficking organizations were attempting to infiltrate the Customs and Border Protection agency by sending drug traffickers to take the entrance examination.

The CBP argued that polygraph testing of job applicants offered the most effective response, a Senate Committee report on the bill explained.

"According to CBP, less than one percent of applicants who are cleared by a polygraph examination subsequently fail the required single scope background investigation (SSBI) [for a security clearance], while roughly 22% of applicants who are not subjected to polygraph investigations fail the SSBI."

"Because SSBIs cost an average of $3,200, CBP believes that expanding the use of polygraph examinations would cut down on failed investigations and create a more streamlined and cost-effective process for bringing new applicants on board." See "Anti-Border Corruption Act of 2010," Senate Report 111-338, September 29, 2010:

The bill has been referred to the House of Representatives, where it remains pending.

Polygraph testing of CBP applicants already seems to have paid some dividends. Last week, one job applicant was arrested following a polygraph test in which he confessed to an unrelated crime, the Florida Sun-Sentinel reported October 21.

But CBP reliance on the polygraph is unwise, said critic George Maschke, because "polygraphy is highly vulnerable to countermeasures, and members of criminal enterprises seeking to infiltrate CBP will likely fool the lie detector."

******************************

Secrecy News is written by Steven Aftergood and published by the Federation of American Scientists.

The Secrecy News blog is at:
      http://www.fas.org/blog/secrecy/

To SUBSCRIBE to Secrecy News, go to:
     http://www.fas.org/sgp/news/secrecy/subscribe.html

To UNSUBSCRIBE, go to:
      http://www.fas.org/sgp/news/secrecy/unsubscribe.html

OR email your request to saftergood@fas.org

Secrecy News is archived at:
      http://www.fas.org/sgp/news/secrecy/index.html

SUPPORT the FAS Project on Government Secrecy with a donation here:
      http://www.fas.org/member/donate_today.html