NGA Charts New Path in Classification Policy

Changes in classification practices at the National Geospatial-Intelligence Agency (NGA) are expected to yield improvements in the quality of national security classification decisions and to lead to reductions in classification at NGA as well as other defense and intelligence agencies.

The most important innovation adopted by NGA is a requirement for a written justification for why each item of classified information needs to be protected, as well as how the information could be paraphrased or discussed in an unclassified manner.

NGA said it has prepared a new classification guide that includes three types of “enhancement statements” for each classification decision:

*    The “Value” statement explains why the information is being protected.

*    The “Damage” statement describes the potential impact to national security should an unauthorized disclosure occur.

*    The “Unclassified” statement outlines how a user can address the classified line item in an unclassified manner.

Notably, none of this explanatory information is required by the current executive order on classification. The order requires classifiers to be “able to” explain their classification decisions, but not to actually do so.

By contrast, the NGA formula is likely to promote a more thoughtful and limited approach to classifying national security information, said Mark Bradley, director of the Information Security Oversight Office (ISOO).

“Including an unclassified paraphrase is especially useful for helping derivative classifiers understand how it may be possible to use the information in an unclassified context,” said Mr. Bradley. “That alone can certainly move the needle towards reducing overclassification.”

NGA said that as of June 2017 it had produced enhancement statements for 292 classified line items in its new consolidated security classification guide.

The new NGA policy was described in the Agency’s report to ISOO on the recently-completed Fundamental Classification Guidance Review. A copy of the report was obtained from NGA under the Freedom of Information Act.

*    *    *

Why would NGA voluntarily impose new requirements on its own classifiers beyond what the executive order mandates?

There are several factors at work. Of all U.S. intelligence agencies, “NGA has  a greater mission need to work more and more in an unclassified environment,” said Mr. Bradley. “This need is playing a central role in driving their new approach.”

Furthermore, under NGA director Robert Cardillo, “NGA’s leadership supports innovation. They realized that their classification guide process was too ‘old school’,” he said.

More specifically, “NGA took DNI Clapper’s [March 2016] memo on the FCGR process to heart.” (See “DNI Clapper Embraces Review of Secrecy System,” Secrecy News, April 6, 2016). And Mr. Bradley cited a visit to the NGA Director by the Public Interest Declassification Board, which he said also provided a useful impetus.

Overall, “the changes we are seeing at NGA are arcing more towards sharing than protecting. That could help shift the paradigm away from excessive secrecy and over-classification,” Mr. Bradley said.

The Agency itself declared that “NGA is leading the DoD and IC [Intelligence Community] in classification management transformation.”

NGA said that its use of enhancement statements to improve classification guides will soon be adopted throughout the Department of Defense, including all DoD intelligence agencies and military services, in a forthcoming revision of DoD manual 5200.45 on classification guidance.

But Mr. Bradley cautioned that “NGA’s model may not be all that easy to adapt to the rest of the IC.”

“NGA has a comparatively limited and well-defined mission with a significant need to share its information. Agencies most likely to benefit from NGA’s model probably include NRO and maybe NSA, [which are] IC agencies with similarly clearly-defined responsibilities and advanced existing classification management infrastructures already in place.”

On the other hand, “I suspect that applying NGA’s model to CIA, DIA, and the military intelligence services would be more challenging because of their decentralized management structures and technical limitations. And, of course, one would be silly to ignore the always-present institutional resistance to wholesale change,” Mr. Bradley said.

Although NGA’s new approach is mission-driven, it should have positive repercussions for public access to agency information by “enabling greater transparency and information sharing.” The new NGA classification guidance provides “better identification and protection of the truly important information — higher walls around fewer secrets,” NGA said.

NGA’s activity in this area is “extremely impressive, groundbreaking work,” said the Office of the Director of National Intelligence, in feedback quoted by NGA. “Clearly, [it is] a possible example or model for how to achieve transformation, for the IC and nationally.”

The new NGA approach evolved from the second Fundamental Classification Guidance Review in 2016-2017 that was required by the 2009 executive order 13526. That Review process has served to streamline and update classification requirements government-wide.

In recent years there have been signs of a more focused and disciplined approach to classification in several corners of the national security bureaucracy. The volume of new national security secrets tabulated by agencies in each of the past three years is lower than ever previously reported by the Information Security Oversight Office.

Senate Intelligence Authorization Report Filed

Do the security clearance procedures that are used for granting access to classified information actually serve their intended purpose?

To help answer that question, the Senate Intelligence Committee mandated a review of security clearance requirements, including “their collective utility in anticipating future insider threats.”

See the Committee’s new report on the Intelligence Authorization Act for Fiscal Year 2018, filed September 7, 2017.

The report summarizes the content of the pending intelligence authorization bill (S. 1761), which was filed last month, and adds Committee comments on various aspects of current intelligence policy.

So, for example, “The Committee remains concerned about the level of protection afforded to whistleblowers within the IC and the level of insight congressional committees have into their disclosures.”

The central point of contention in the bill is a provision (sec. 623) declaring a sense of Congress “that WikiLeaks and the senior leadership of WikiLeaks resemble a non-state hostile intelligence service often abetted by state actors and should be treated as such a service by the United States.”

The provision had originally stated that WikiLeaks and its leadership “constitute” a non-state hostile intelligence service. But this was amended to replace “constitute” with “resemble”. That move might have attenuated the provision’s significance except that it went on to say — whether WikiLeaks constitutes or merely resembles a non-state hostile intelligence service — that the U.S. should treat it as such.

A hostile state-based intelligence service would presumably be subject to intense surveillance by the US. A competent US counterintelligence agency might also seek to infiltrate the hostile service, to subvert its agenda, and even to take it over or disable it.

Whether such a response would also be elicited by “a non-state hostile intelligence service” is hard to say since the concept itself is new and undefined.

“The Committee’s bill offers no definition of ‘non-state hostile intelligence service’ to clarify what this term is and is not,” wrote Sen. Kamala Harris, who favored removal of this language, though she said WikiLeaks has “done considerable harm to this country.”

Sen. Ron Wyden, who likewise said that WikiLeaks had been “part of a direct attack on our democracy,” opposed the bill due to the WikiLeaks-related provision.

“My concern is that the use of the novel phrase ‘non-state hostile intelligence service’ may have legal, constitutional, and policy implications, particularly should it be applied to journalists inquiring about secrets,” Sen. Wyden wrote in minority views appended to the report. “The language in the bill suggesting that the U.S. government has some unstated course of action against ‘non-state hostile intelligence services’ is equally troubling.”

Sharing Intelligence with Non-Intel Agencies

Executive branch agencies that are not part of the US Intelligence Community (IC) can still get access to classified intelligence and to IC information technology systems under certain conditions.

But they must follow procedures that were spelled out last month in new policy guidance from Director of National Intelligence Daniel R. Coats.

In a nutshell, the non-IC agency must have an identifiable need for access to intelligence information and must be able to meet required physical security standards for safeguarding the information.

“The originating [IC] element must receive confirmation from the [non-IC] Federal Partner that all applicable safeguarding requirements in law and policy are met prior to gaining access to the data.”

See Federal Partner Access to Intelligence Community Information Technology Systems, Intelligence Community Policy Guidance 404.1, June 16, 2017.

The Director of the Central Intelligence Agency is responsible for monitoring the activities of non-IC personnel who are present on IC networks “to ensure access is consistent with U.S. legal and policy requirements, and report any variance.”

Defense Intelligence Agency Views Russian Military Power

The Defense Intelligence Agency yesterday launched a new series of unclassified publications on foreign military threats to the United States with a report on the Russian military.

“The resurgence of Russia on the world stage — seizing the Crimean Peninsula, destabilizing eastern Ukraine, intervening on behalf of Syrian President Bashar al-Assad, and shaping the information environment to suit its interests — poses a major challenge to the United States,” the report said.

The 116-page report provides DIA data and perspective on Russian military strategy, force structure, defense spending, intelligence, nuclear weaponry, cyber programs, foreign arms sales, and more. Though unclassified and citing open sources, it is presumably consistent with DIA’s classified collection. See Russia Military Power 2017 published by the Defense Intelligence Agency, June 2017.

The new publication is inspired by the Soviet Military Power series that was published by DIA in the 1980s to draw critical attention to Soviet military programs. Both informative and provocative, Soviet Military Power was immensely popular by government document standards though it was viewed by some critics as verging on, or crossing over into, propaganda.

The new report usefully describes official US perceptions of Russian military programs and intentions, allowing those perceptions to be scrutinized, discussed and corrected as necessary. “These products are intended to foster a dialogue between U.S. leaders, the national security community, partner nations, and the public,” DIA said.

A companion report on China Military Power, among others, is expected to be published shortly.

NRO: We Are “Forward Leaning” on Declassification

The National Reconnaissance Office, the U.S. intelligence agency that builds and operates the nation’s spy satellites, says it is all for increased openness, within certain boundaries.

“The NRO takes very seriously its commitment to greater openness and transparency, and makes every effort, in all of its information review and release programs, to release as much information as we can while still protecting our sensitive sources and methods from harm,” the NRO wrote in a newly disclosed report.

But there are practical limits on what can be accomplished, NRO said:

“While the goal of increasing discretionary declassification decisions is a noble one, we believe that such an effort requires a program separate and distinct from the existing systematic, automatic, mandatory, and other release programs; that establishing a new program is counterproductive given our current resource constraints; and that such an endeavor is unnecessary given our current declassification efforts.”

See NRO Responses on Feasibility of Certain Classification Policy Reforms, February 28, 2017, released last week under the Freedom of Information Act. The NRO document was prepared in response to questions posed last year by then-Director of National Intelligence James R. Clapper, Jr.

While currently operational reconnaissance programs are excluded from declassification review, NRO says it “already examines all [other] classified material that comes up for review for declassification regardless of its age, or under what circumstances it has been requested. If we determine that we cannot articulate harm in release, we consider it for declassification and release.”

In sum, “while we do not look proactively for new items to declassify, we do take a forward-leaning approach to performing declassification reviews by going beyond the ‘can we protect this?’ question to asking ‘do we really need to protect this?'”

NRO said that it could do still more to increase disclosure by reviewing classification guidance, anticipating recurring requests, and improving classification management practices. “We believe these measures, over time, will help eliminate over-classification and make much more material available for public release,” NRO said.

Considering that even the name of the National Reconnaissance Office was considered classified information 25 years ago, until it was declassified by former NRO director Martin Faga in September 1992, the NRO has come quite some distance into the daylight.

It has a substantial presence online, with an electronic reading room featuring numerous declassified records of historical interest. NRO is also the first U.S. intelligence agency to successfully undergo a financial audit.

DNI Clapper had specifically asked last year whether intelligence agencies could do more, consistent with 32 CFR 2001.35, to “declassify information when the public interest in disclosure outweighs the need for continued classification.”

This is harder than it sounds, NRO replied. It presumes that the public interest in disclosure and the need for classification can each be measured, or “weighed,” and then meaningfully compared to determine which is the weightier factor. Neither of those presumptions may be correct. For agency officials, the decision whether or not to declassify is likely to be more of a judgment call than a calculation.

“The CFR does not provide a threshold to assist organizations in determining at what point ‘public interest in disclosure outweighs the need for continuing classification’,” NRO wrote. “The NRO would require clarification and further guidance to assist us in gauging when the public interest outweighs the need to protect our currently classified programs.”

In fact, it is probably not realistic to expect agencies such as NRO to second-guess their own classification decisions on behalf of the public interest. Rather, the authority to exercise a public interest override of classification decisions should be vested in a higher-level body such as the Interagency Security Classification Appeals Panel that would be empowered to consider and to act on broad national and public interests. If that were done, then new procedures would also be needed for interested members of the public to present a public interest argument to that higher-level body for its consideration.

Intelligence Budget Requests for FY2018 Published

The Trump Administration requested $57.7 billion for the National Intelligence Program in Fiscal Year 2018, up from a requested $54.9 billion in FY 2017.

The Administration requested $20.7 billion dollars for the Military Intelligence Program in FY 2018, up from a requested $18.5 billion in FY 2017. (The amounts actually appropriated in FY 2017 have not yet been disclosed.)

The intelligence budget request figures were published last week by the Office of the Director of National Intelligence and by the Department of Defense.

The annual disclosure of the requested amount for the National Intelligence Program was mandated by Congress in the Intelligence Authorization Act for FY 2010. So disclosure is required regardless of the preferences of the current Administration. “As directed by statute,” wrote DNI Dan Coats this year in advance of his confirmation hearing, “I will ensure that the public release of figures representing aggregate funds requested by and appropriated for the IC is completed annually.”

Interestingly, however, there is no corresponding statutory requirement for disclosure of the requested amount for the Military Intelligence Program. The practice of voluntarily disclosing the MIP budget request was initiated by Gen. James R. Clapper when he was Under Secretary of Defense (Intelligence).

“I did that,” said then-DNI Clapper in December 2015. “I thought the public had a right to know.”

An Authorized Disclosure of Classified Information

Updated below

President Trump’s disclosure of classified intelligence information to Russian officials, reported by the Washington Post, may have been reckless, damaging and irresponsible. But it was not a crime.

Disclosures of classified information are not categorically prohibited by law. Even intelligence sources and methods are only required to be protected under the National Security Act from “unauthorized disclosure.” This leaves open the possibility that disclosures of such classified information can actually be authorized. And we know that they are, from time to time.

One statute in particular — 18 USC 798 — does come close to matching the circumstances of the Trump disclosure to Russia, with a crucial exception.

That statute makes it a felony to disclose to an unauthorized person any classified information “concerning the communication intelligence activities of the United States or any foreign government; or […] obtained by the processes of communication intelligence from the communications of any foreign government.”

But it further explains that an “unauthorized person” is one who has not been “authorized to receive information… by the President.”

This morning, President Trump tweeted that “As President I wanted to share with Russia (at an openly scheduled W.H. meeting) which I have the absolute right to do, facts pertaining to terrorism and airline flight safety. Humanitarian reasons, plus I want Russia to greatly step up their fight against ISIS & terrorism.”

(Was the gratuitous parenthetical phrase “at an openly scheduled W.H. meeting” intended to rule out a clandestine transfer of classified information?)

All of that is to say that this episode, though it may have far-reaching ramifications for national security, is probably not a matter for law enforcement. (Based on the reporting by the Washington Post, the President’s actions did violate the terms of an intelligence sharing agreement with a foreign government that supplied the information. But that agreement would not be enforced by the criminal justice system.)

Instead, this is something to be weighed by Congress, which has the responsibility to determine whether Donald J. Trump is fit to remain in office.

Update, 05/17/17: For contrasting views arguing that Trump’s disclosure of classified intelligence to the Russians may actually have been illegal, see Marty Lederman and David Pozen, Liza Goitein, and Stephen Vladeck.

Update, 05/23/17: See also Trump’s Disclosure Did Not Break the Law by Morton Halperin, Just Security, May 23.

Garwin on Strategic Security Challenges to the US

There are at least four major “strategic security challenges” that could place the United States at risk within the next decade, physicist Richard L. Garwin told the National Academy of Sciences earlier this month.

“The greatest threat, based on expected value of damage, is cyberattack,” he said. Other challenges arise from the actions of North Korea and Iran, due to their pursuit or acquisition of nuclear weapons and/or missiles. The remaining threat is due to the potential instability associated with the existing U.S. nuclear weapon arsenal.

These four could be ordered, he said, by the relative difficulty of reducing the threat, from “easiest” to hardest: “the Iranian nuclear program; North Korea; the U.S. nuclear weapon capability and its evolution; and, finally, most importantly and probably most difficult of solution, the cyber threat to the United States.”

In his remarks, Garwin characterized each of the challenges and discussed possible steps that could be taken to mitigate the hazards involved. See Strategic Security Challenges for 2017 and Beyond, May 1, 2017.

Among many other things, Dr. Garwin is a former board member of the Federation of American Scientists. He was awarded the Presidential Medal of Freedom by President Obama last November. He was the subject of a biography published earlier this year called True Genius by Joel Shurkin. Many of his publications are archived on the FAS website.

Most of the threats identified by Garwin — other than the one posed by the U.S. nuclear weapon arsenal — were also discussed in the Worldwide Threat Assessment of the US Intelligence Community that was presented to the Senate Intelligence Committee on May 11.

Neither Garwin nor the US Intelligence Community considered the possibility that the US Government could ever be threatened from within. But that is what is now happening, former Director of National Intelligence James R. Clapper told CNN on May 14.

“I think […] our institutions are under assault internally,” Clapper said, referring to recent actions by President Trump, including the abrupt termination of FBI director James Comey. “The founding fathers, in their genius, created a system of three co-equal branches of government and a built-in system of checks and balances,” he said. “I feel as though that is under assault and is eroding.”

“Risk Avoidance” Leads to Over-Classification

When government officials consider whether to classify national security information, they should not aim for perfect security, according to new guidance from the Office of the Director of National Intelligence. Instead, classifiers should seek to limit unnecessary vulnerabilities, while keeping broader mission objectives in view.

“A Risk Avoidance strategy — eliminating risk entirely — is not an acceptable basis for agency [classification] guides because it encourages over-classification, restricts information sharing, [and] hinders the optimal use of intelligence information in support of national security and foreign policy goals,” the ODNI document said.

Rather, “All agencies should reflect in their classification decisions a Risk Management strategy — mitigating the likelihood and severity of risk — in protecting classified information over which they have [classification authority], including clear descriptions in their classification policies of how the strategy is used when making classification determinations.” See Principles of Classification Management for the Intelligence Community, ODNI, March 2017.

This risk management / risk avoidance dichotomy in classification policy has been batted around for a while. It was previously discussed at length in in the thoughtful but not very consequential 1994 report of the Joint Security Commission on Redefining Security in the post-cold war era.

“Some inherent vulnerabilities can never be eliminated fully, nor would the cost and benefit warrant this risk avoidance approach,” the Commission wrote. “We can and must provide a rational, cost-effective, and enduring framework using risk management as the underlying basis for security decision making.”

In short, it is only realistic to admit that some degree of risk is unavoidable and must be tolerated, and classification policy should reflect that reality.

But the risk management construct is not as helpful as one would wish. That is because its proponents, including the Joint Security Commission and the authors of the new ODNI document, typically stop short of providing concrete examples of information that risk avoiders would classify but that risk managers would permit to be disclosed. Without such illustrative guidance, risk management is in the eye of the beholder, and we are back where we started.

Meanwhile, there is persistent dissatisfaction with current secrecy policy within the national security bureaucracy itself.

Classifying too much information is “an impediment to our ability to conduct our operations,” said Air Force Gen. John Hyten of U.S. Strategic Command at a symposium last week (as reported by Phillip Swarts in Space News on April 6).

“We have so many capabilities now,” Gen. Hyten said. “There are all these special classifications that I can’t talk about, and if you look at those capabilities you wonder why are they classified so high. So we’re going to push those down.”

Proposed NSA Headquarters Expansion Under Review

The National Security Agency is proposing to expand and modernize its headquarters site at Fort Meade, Maryland.

“For NSA/CSS to continue leading the Intelligence Community into the next 50 years with state-of-the-art technologies and productivity, its mission elements require new, centralized facilities and infrastructure,” according to a newly released Final Environmental Impact Statement for the site.

Under the proposed action, “The NSA would consolidate mission elements, which would enable grouping services and support services across the NSA Campus based on function; facilitate a more collaborative environment and optimal adjacencies; and provide administrative capacity for up to 13,300 personnel, including 6,100 personnel who currently work on the existing NSA Campus and 7,200 personnel currently located off site.”

The proposal envisions the construction and operation of “approximately 2,880,000 square feet of operational complex and headquarters space consisting of five buildings.” If approved, construction would take place “over a period of approximately 10 years (FY 2019 to 2029).”

See Final Environmental Impact Statement for the East Campus Integration Program, Fort Meade, Maryland, March 2017 (large pdf).