Today’s national security classification system is unsustainable, says a new annual report to the President from the government’s Information Security Oversight Office (ISOO). It is “hamstrung by old practices and outdated technology” and a new, government-wide technology strategy will be required “to combat inaccurate classification and promote more timely declassification.”
The secrecy system has expanded to the point that it is effectively unmanageable and often counterproductive, ISOO indicated.
“Too much classification impedes the proper sharing of information necessary to respond to security threats, while too little declassification undermines the trust of the American people in their Government. Reforms will require adopting strategies that increase the precision and decrease the permissiveness of security classification decisions, improve the efficiency and effectiveness of declassification programs, and use modern technology in security classification programs across the Government,” the report said.
“We are at a crossroads” wrote ISOO director Mark Bradley in a May 31 letter to the President transmitting the report, which was made public today.
ISOO’s sense of urgency is reflected in the annual report itself, which strives to be more forward leaning and policy-relevant than many past ISOO reports. It goes beyond the recitation of (often questionable) statistics on classification activity to present a series of findings and recommended actions that it says are needed to restore the integrity of the system.
In addition to a call for development of a comprehensive new technology strategy for classification and declassification, ISOO specifically recommends adding a new budget line item for security classification in agency budget requests to help regulate and justify expenditures, and adding a public member to the Information Security Classification Appeals Panel to represent the broad public interest in that Panel’s work on declassification.
Some of the other recommendations in the report flag problem areas rather than advance solutions, and tend to do so in the passive voice: “Policies must be revised to improve the effectiveness and efficiency of automatic declassification.” How exactly should the policies be revised? Adopt a “drop-dead date” for classification? Eliminate agency referrals for older documents? Grant broad declassification authority to the National Declassification Center? The report doesn’t say.
Much of the data traditionally reported by ISOO regarding classification activity is suggestive but not truly informative. Just as one cannot judge the overall health of the economy from stock market averages, changes in the volume of classification activity say nothing about its quality or legitimacy. In 2017, ISOO found that original classification activity (production of new secrets) increased for the first time in four years. At the same time, derivative classification decreased. The significance of these developments, if any, is unclear.
But other ISOO findings in the new report are more interesting.
ISOO said that last year there were again hundreds of classification challenges presented by government employees who disputed the classification of particular items of information. Most of the challenges were denied, but in 8% of the cases (a small but non-negligible number) they were upheld and the classifications in question were overturned. Such classification challenges “serve a critical role by uncovering information improperly classified in the first instance,” the ISOO report said, providing “an internal check on the system.” Because the challenges are now mostly localized in just a few agencies, this practice has the potential to have far more impact in combating overclassification if it can be adopted and encouraged more widely across the executive branch.
The ISOO report summarized the results of the latest Fundamental Classification Guidance Review, which led to the cancellation of 221 security classification guides (out of 2,865 guides). The cancelled guides will no longer be available for use in classifying information.
ISOO also cast a favorable spotlight on the new approach to classification led by the National Geospatial-Intelligence Agency. NGA now requires written justifications for original classification decisions, along with a description of the damage that would result from unauthorized disclosure, and an unclassified paraphrase of the classified information. The resulting NGA classification guidance currently represents a “best practice” in classification policy, ISOO said. That is to say, it represents a model that could constructively be applied elsewhere in agencies that classify national security information.
The ISOO report also addressed escalating classification costs (which reached a new high in 2017), growing backlogs of mandatory declassification review requests, and the contentious implementation of Controlled Unclassified Information policy, among other topics.
Fixing the classification system is a slow and uncertain process, and some people don’t want to wait.
Sen. Doug Jones (D-Ala.) introduced legislation this week to accelerate the release of records concerning unsolved criminal civil rights cases from half a century ago. Some of those records, in his estimation, “remain classified unnecessarily.” So his bill (S. 3191) would work around that classification obstacle with an alternative approach. Modeled in part on the JFK Assassination Records Act of 1992, the bill would empower a panel of private citizens to review and decide on disclosure of the records.
Meanwhile, the Department of Defense recently issued a “request for information” about technology that could aid in the classification process. The desired technology “must be able to make real-time decisions about the classification level of the information and an individual’s ability to access, change, delete, receive or forward the information.” (FBO, NextGov, ArsTechnica)