In a December 29 Order published in the Federal Register yesterday, President Obama designated more than two dozen officials as “original classification authorities” (OCAs) who have the power to classify information as Top Secret or Secret, and (in most cases) to delegate such authority to their subordinates.
The new list of authorized classifiers contains only a few changes from past practice, but the Executive Order on classification policy that was also issued on December 29 imposes several new conditions on original classifiers that should help limit excessive secrecy.
A prior list of classifiers issued in 1995 by President Clinton had granted Top Secret classification authority to the Director of the Office of Management and Budget (OMB). That authority was rescinded by President Obama. Also newly rescinded are the classification authorities of the Chairman of the Council of Economic Advisors (Secret), the President of the Export-Import Bank of the United States (Confidential), and the President of the Overseas Private Investment Corporation (Confidential). These officials lost their classification authority primarily because they were not using it very much. “An analysis of OCA activity since 1995 was part of the process [of identifying which OCAs were needed]” said William J. Bosanko, director of the Information Security Oversight Office, who himself was newly granted Top Secret classification authority in the Obama Order.
Other changes in the new list of officials reflect the establishment of new organizations (DHS, ODNI), and the absorption or elimination of others (FEMA, USIA, ACDA). Since 2003, the Vice President has been named as a classification authority in the body of the executive order on classification, and that remains the case today, so his designation is not included in the list of authorized officials (as it had been in the 1995 Clinton Order). Bush Administration grants of classification authority to HHS, Agriculture, EPA, and OSTP are preserved in the Obama list.
Beyond that, a web of new requirements in the latest presidential orders seems likely to discourage freewheeling classification activity. In a December 29 memo on implementation, the President directed all agency heads to review their existing delegations of classification authority, to limit them “to the minimum necessary,” and to report on the results of the review within 120 days. In order to eliminate phantom or unidentified classifiers, any delegations of classification authority also must now be reported by name or position to the ISOO Director, the new Obama Executive Order states (sect. 1.3c5).
Most significant of all, new language in the Obama Executive Order 13526 directs that “All original classification authorities must receive training in proper classification (including the avoidance of over-classification)… at least once a calendar year.” And should they fail to receive such training in a given year, they “shall have their classification authority suspended….” (section 1.3d).
Could it really be true that “all” original classifiers will have to receive annual classification training, or have their ability to classify suspended? Will the President get such training? The Director of National Intelligence? The Director of the Information Security Oversight Office (ISOO), who is the one responsible for developing such training?
The President is a special case, said Mr. Bosanko, the ISOO Director. But otherwise, “all means all.”
“Leadership at agencies starts at the top,” he said. He pointed to section 5.4(a) of the new order which provides that agency heads “shall demonstrate personal commitment and commit senior management to the successful implementation of the program….” “How can that be done,” Mr. Bosanko said, “if the rules do not apply to them?”
And “Yes,” he added, “[the classification training requirement] applies to me. My staff has already reminded me. I will be sitting down with them for a briefing at least annually.”
At the end of FY2008, there were a total of 4,109 original classification authorities in the executive branch, according to the most recent annual report (pdf) of the Information Security Oversight Office.
A bill introduced last month by Senators Russ Feingold and Sheldon Whitehouse would require the President to publish a notice in the Federal Register whenever he modifies or revokes a published Executive Order. The bill, previously introduced in 2008, is intended to help “reverse the growth of secret law in the executive branch.” It responds to the previous Administration’s claim that the President is not bound by Executive Orders and can depart from their terms at will, and without public or congressional notification.