The cost of implementing the national security classification system in government and industry reached an all-time high of $9.91 billion last year, according to the latest annual report (pdf) from the Information Security Oversight Office (ISOO).
The 2007 classification cost figure, which includes physical security, computer security and other aspects of classified information security, was a 4.6 percent increase over the year before and is the highest amount ever reported by the ISOO.
Is that too much? Not enough? The right amount? The new report doesn’t venture an opinion. Instead, it suggests that “the annual rate of growth for total security costs is declining.” That is not strictly true, since the rate of growth actually increased from 2006 to 2007, though it is now lower than it was in the immediate post-2001 period.
The ISOO annual report each year presents a unique snapshot of classification and declassification activity throughout the executive branch, though the data provided are often of uncertain significance and are cited with exaggerated precision.
The number of new secrets (“original classification decisions”) increased by 1% in 2007 to 233,639, ISOO reported. Meanwhile, “derivative” classification decisions, referring to the restatement of previously classified information in a new form or a new document, increased sharply by 12.5 percent for a combined total of 23,102,257 classification actions (original and derivative) in 2007. Again, no judgment on the quality or propriety of these classifications is offered.
Of 59.7 million pages reviewed for declassification last year, 37.2 million pages were declassified government-wide, a decrease both in the number reviewed and the number declassified but an increase in the rate of declassification. (At the Central Intelligence Agency, the situation was reversed: There was a 138 percent increase in the number of pages reviewed and a slight increase in the number declassified, but “a significant decrease” in the proportion of reviewed pages that were declassified.)
The Department of Transportation reviewed 380,000 pages but declassified none of them because they all had to be referred to other agencies for further processing. The President’s Foreign Intelligence Advisory Board (recently renamed the President’s Intelligence Advisory Board) reviewed 130 pages and declassified 40 of them.
ISOO reported uneven compliance with basic classification system rules and regulations at several agencies.
“Disappointingly, we continued to find deficiencies at multiple agencies relating to basic requirements concerning implementing regulations, security education and training, self-inspections, classification, and document markings,” the report stated.
One interesting data point that does not appear in the report is the number of classification challenges filed by authorized holders of particular information who believe that it is improperly classified. (Section 1.8 of Executive Order 12958, as amended, authorizes and encourages such classification challenges.)
In response to an inquiry from Secrecy News, ISOO indicated that there were 275 classification challenges filed by cleared personnel in FY 2007. The number of challenges that were actually accepted or approved by the originating agencies was not available.
The “2007 Report to the President” from the Information Security Oversight Office, which is the first issued by the new ISOO director William J. Bosanko, was transmitted to the White House on May 30 and made public today.
The new report makes no mention of the Office of the Vice President (OVP) and its continuing refusal to cooperate with ISOO’s reporting requirements on classification and declassification activity. That refusal, highlighted by a complaint filed by the Federation of American Scientists in 2006, led to a confrontation between the OVP and ISOO’s former director J. William Leonard last year, and the issue remains technically unresolved.