DoD Leaks Now Termed “Serious Security Incidents”
Unauthorized disclosures of classified information, leaks to the news media, acts of espionage, and certain other information security offenses are now to be collectively designated as “serious security incidents,” according to a Department of Defense directive that was published this week.
The new terminology was adopted in order to standardize procedures for preventing, identifying, investigating and reporting such violations when they occur. See “Management of Serious Security Incidents Involving Classified Information,” DoD Directive 5210.50, October 27, 2014.
The new directive replaces a previous directive from 2005, which had simply been titled “Unauthorized Disclosure of Classified Information to the Public.”
Not every episode of mishandling classified information qualifies as a “serious security incident.” But that term applies whenever there is an unauthorized disclosure of classified information in the news media, or an act of espionage, or a willful disclosure of classified information to an unauthorized person that involves large amounts of classified information, or that reveals a systemic weakness in classification practices, among other circumstances. The threshold is determined by what is reportable to senior to DoD authorities (as specified in DoD Manual 5200.01, vol. 3, enclosure 6, at p. 88).
(Strictly speaking, the creation of an unauthorized DoD “special access program” would also appear to constitute a “serious security incident” requiring investigation, reporting and accountability. But that possibility is not mentioned in the new directive.)
“Serious security incident investigations and reporting will integrate security, counterintelligence, law enforcement, and other appropriate DoD interests to ensure that the causes of serious security incidents are identified and that all appropriate means are utilized to identify and mitigate damage to national security and avoid similar occurrences,” the new directive states.
This week, Michael Isikoff of Yahoo News reported that the FBI had identified a new leaker (“Feds identify suspected ‘second leaker’ for Snowden reporters,” October 27). The story also cited concerns among some intelligence officials that the Department of Justice may be reluctant to initiate new criminal prosecutions of suspected leakers due to criticism of past overzealousness.
It is hard to confirm from a distance that such reluctance on the part of Justice Department officials exists. But in fact, the government has always had alternatives to Espionage Act prosecutions of suspected leakers, including civil or administrative penalties and loss of security clearance.
The new DoD directive says that “DoD personnel responsible for serious security incidents may be held accountable, as appropriate, in a criminal proceeding, civil judicial action, disciplinary or adverse administrative action, or other administrative action authorized by federal law or regulations.”
Likewise, a July 2013 Department of Justice review of policies concerning the news media said that “The Department will work with others in the Administration to explore ways in which the intelligence agencies themselves, in the first instance, can address information leaks internally through administrative means, such as the withdrawal of security clearances and imposition of other sanctions.”
Americans are paying too much for almost everything, because the United States has long treated its trucking industry as an artifact to be preserved rather than as an opportunity for innovation.
These ideas aim to advance the detailed policy solutions needed to foster public trust and implement fairness in the adoption of AI across diverse domains, from healthcare and government benefits to rural access, education, and worker protections.
The evidence is clear: algorithmic pay-setting is established in app-based work, and payroll/timekeeping failures show how software can produce systemic wage harm at scale
While a few states have taken steps to implement decision-making mechanisms for certain AI systems, too many leaders are simply accepting narratives about AI’s purported public benefit at face value – jumping to the “how” of AI implementation before thoroughly vetting potential systems and deciding whether they are appropriate to use at all.