FAS

“Risk Avoidance” Leads to Over-Classification

04.10.17 | 2 min read | Text by Steven Aftergood

When government officials consider whether to classify national security information, they should not aim for perfect security, according to new guidance from the Office of the Director of National Intelligence. Instead, classifiers should seek to limit unnecessary vulnerabilities, while keeping broader mission objectives in view.

“A Risk Avoidance strategy — eliminating risk entirely — is not an acceptable basis for agency [classification] guides because it encourages over-classification, restricts information sharing, [and] hinders the optimal use of intelligence information in support of national security and foreign policy goals,” the ODNI document said.

Rather, “All agencies should reflect in their classification decisions a Risk Management strategy — mitigating the likelihood and severity of risk — in protecting classified information over which they have [classification authority], including clear descriptions in their classification policies of how the strategy is used when making classification determinations.” See Principles of Classification Management for the Intelligence Community, ODNI, March 2017.

This risk management / risk avoidance dichotomy in classification policy has been batted around for a while. It was previously discussed at length in in the thoughtful but not very consequential 1994 report of the Joint Security Commission on Redefining Security in the post-cold war era.

“Some inherent vulnerabilities can never be eliminated fully, nor would the cost and benefit warrant this risk avoidance approach,” the Commission wrote. “We can and must provide a rational, cost-effective, and enduring framework using risk management as the underlying basis for security decision making.”

In short, it is only realistic to admit that some degree of risk is unavoidable and must be tolerated, and classification policy should reflect that reality.

But the risk management construct is not as helpful as one would wish. That is because its proponents, including the Joint Security Commission and the authors of the new ODNI document, typically stop short of providing concrete examples of information that risk avoiders would classify but that risk managers would permit to be disclosed. Without such illustrative guidance, risk management is in the eye of the beholder, and we are back where we started.

Meanwhile, there is persistent dissatisfaction with current secrecy policy within the national security bureaucracy itself.

Classifying too much information is “an impediment to our ability to conduct our operations,” said Air Force Gen. John Hyten of U.S. Strategic Command at a symposium last week (as reported by Phillip Swarts in Space News on April 6).

“We have so many capabilities now,” Gen. Hyten said. “There are all these special classifications that I can’t talk about, and if you look at those capabilities you wonder why are they classified so high. So we’re going to push those down.”

publications
See all publications
Government Capacity
Policy Memo
We Need a U.S. Permitting Corps: Executive and Legislative Recommendations

Despite significant political momentum behind reform efforts, limited attention has been paid to the federal workforce that will actually be responsible for interpreting and implementing new permitting regulations and better outcomes.

07.08.26 | 10 min read
read more
Environment
Press release
Amid Sweltering Weather, the Federation of American Scientists Releases Expert-Sourced “State and Local Heat Policy Agenda”

Nearly 150 organizations and government officials have endorsed the call to action and solutions for extreme heat, now public at HeatAgenda.US Washington, D.C. – July 7, 2026 – As millions of Americans continue to struggle to stay cool following one of the hottest Independence Day holidays on record, the Federation of American Scientists (FAS), one […]

07.07.26 | 3 min read
read more
Environment
Issue Brief
Policy Memo
The State and Local Heat Policy Agenda

Addressing rising heat will take all of us. Together, we can create heat-safe homes, workplaces, schools, childcare facilities, and communities – the backbone of a heat-ready nation.

07.07.26 | 5 min read
read more
Emerging Technology
Blog
A conversation with Lee Hood on The Human Phenome Initiative and the next frontier in biomedical research

We sat down with biomedical research pioneer Lee Hood to talk moonshots, metascience in medicine, and the Human Phenome Initiative.

07.06.26 | 9 min read
read more