Remembering Jeff Richelson

We were sad to learn that intelligence historian Jeffrey T. Richelson passed away last weekend.

Richelson was one of a small number of pioneers of a new genre of public interest research focused on national security and intelligence. He advanced the boundaries of public knowledge and understanding of the far-flung national security apparatus through his writing based on official documents, carefully read and digested.

Richelson’s book The US Intelligence Community, published last year in its 7th edition, is so richly detailed as to be hard to read– but enormously valuable as a reference. Other works among the entire shelf of books and articles that he authored, such as Spying on the Bomb on the history of nuclear weapons-related espionage, displayed his story-telling gifts more engagingly.

Richelson had a resolutely independent, almost contrarian streak. In the 1990s when it was becoming conventional wisdom to say that the Central Intelligence Agency failed to anticipate the collapse of the Soviet Union, Richelson wrote an article in The National Interest called “The CIA Vindicated” (with Bruce Berkowitz) in which he argued that the opposite was the case.

Not least important, he was a kind and decent person and a generous colleague.

Jeff Richelson was remembered by the National Security Archive here.

What is an Act of War in Cyberspace?

What constitutes an act of war in the cyber domain?

It’s a question that officials have wrestled with for some time without being able to provide a clear-cut answer.

But in newly-published responses to questions from the Senate Armed Services Committee, the Pentagon ventured last year that “The determination of what constitutes an ‘act of war’ in or out of cyberspace, would be made on a case-by-case and fact-specific basis by the President.”

“Specifically,” wrote then-Undersecretary of Defense (Intelligence) Marcel Lettre, “cyber attacks that proximately result in a significant loss of life, injury, destruction of critical infrastructure, or serious economic impact should be closely assessed as to whether or not they would be considered an unlawful attack or an ‘act of war.'”

Notably absent from this description is election-tampering or information operations designed to disrupt the electoral process or manipulate public discourse.

Accordingly, Mr. Lettre declared last year that “As of this point, we have not assessed that any particular cyber activity [against] us has constituted an act of war.”

See Cybersecurity, Encryption and United States National Security Matters, Senate Armed Services Committee, September 13, 2016 (published September 2017), at p. 85.

See related comments from Joint Chiefs Chairman Gen. Joseph Dunford in U.S. National Security Challenges and Ongoing Military Operations, Senate Armed Services Committee, September 22, 2016 (published September 2017), at pp. 56-57.

In January 2017, outgoing Obama DHS Secretary Jeh Johnson for the first time designated the U.S. election system as critical infrastructure. “Given the vital role elections play in this country, it is clear that certain systems and assets of election infrastructure meet the definition of critical infrastructure, in fact and in law,” he wrote. It follows that an attack on the electoral process could now be considered an attack on critical infrastructure and, potentially, an act of war.

“Russia engaged in acts of war against America, not with bullets and bombs, but through a modern form of warfare, a cyberattack on our democracy,” opined Allan Lichtman, a history professor at American University, in a letter published in the latest issue of the New York Review of Books.

Not so fast, replied Noah Feldman and Jacob Weisberg: “The US is not now in a legal state of war with Russia despite that country’s attempts to affect the 2016 election.”

The current issue of the US Army’s Military Intelligence Professional Bulletin (Oct-Dec 2017) includes an article on Recommendations for Intelligence Staffs Concerning Russian New Generation Warfare by MAJ Charles K. Bartles (at pp. 10-17).

NGA Charts New Path in Classification Policy

Changes in classification practices at the National Geospatial-Intelligence Agency (NGA) are expected to yield improvements in the quality of national security classification decisions and to lead to reductions in classification at NGA as well as other defense and intelligence agencies.

The most important innovation adopted by NGA is a requirement for a written justification for why each item of classified information needs to be protected, as well as how the information could be paraphrased or discussed in an unclassified manner.

NGA said it has prepared a new classification guide that includes three types of “enhancement statements” for each classification decision:

*    The “Value” statement explains why the information is being protected.

*    The “Damage” statement describes the potential impact to national security should an unauthorized disclosure occur.

*    The “Unclassified” statement outlines how a user can address the classified line item in an unclassified manner.

Notably, none of this explanatory information is required by the current executive order on classification. The order requires classifiers to be “able to” explain their classification decisions, but not to actually do so.

By contrast, the NGA formula is likely to promote a more thoughtful and limited approach to classifying national security information, said Mark Bradley, director of the Information Security Oversight Office (ISOO).

“Including an unclassified paraphrase is especially useful for helping derivative classifiers understand how it may be possible to use the information in an unclassified context,” said Mr. Bradley. “That alone can certainly move the needle towards reducing overclassification.”

NGA said that as of June 2017 it had produced enhancement statements for 292 classified line items in its new consolidated security classification guide.

The new NGA policy was described in the Agency’s report to ISOO on the recently-completed Fundamental Classification Guidance Review. A copy of the report was obtained from NGA under the Freedom of Information Act.

*    *    *

Why would NGA voluntarily impose new requirements on its own classifiers beyond what the executive order mandates?

There are several factors at work. Of all U.S. intelligence agencies, “NGA has  a greater mission need to work more and more in an unclassified environment,” said Mr. Bradley. “This need is playing a central role in driving their new approach.”

Furthermore, under NGA director Robert Cardillo, “NGA’s leadership supports innovation. They realized that their classification guide process was too ‘old school’,” he said.

More specifically, “NGA took DNI Clapper’s [March 2016] memo on the FCGR process to heart.” (See “DNI Clapper Embraces Review of Secrecy System,” Secrecy News, April 6, 2016). And Mr. Bradley cited a visit to the NGA Director by the Public Interest Declassification Board, which he said also provided a useful impetus.

Overall, “the changes we are seeing at NGA are arcing more towards sharing than protecting. That could help shift the paradigm away from excessive secrecy and over-classification,” Mr. Bradley said.

The Agency itself declared that “NGA is leading the DoD and IC [Intelligence Community] in classification management transformation.”

NGA said that its use of enhancement statements to improve classification guides will soon be adopted throughout the Department of Defense, including all DoD intelligence agencies and military services, in a forthcoming revision of DoD manual 5200.45 on classification guidance.

But Mr. Bradley cautioned that “NGA’s model may not be all that easy to adapt to the rest of the IC.”

“NGA has a comparatively limited and well-defined mission with a significant need to share its information. Agencies most likely to benefit from NGA’s model probably include NRO and maybe NSA, [which are] IC agencies with similarly clearly-defined responsibilities and advanced existing classification management infrastructures already in place.”

On the other hand, “I suspect that applying NGA’s model to CIA, DIA, and the military intelligence services would be more challenging because of their decentralized management structures and technical limitations. And, of course, one would be silly to ignore the always-present institutional resistance to wholesale change,” Mr. Bradley said.

Although NGA’s new approach is mission-driven, it should have positive repercussions for public access to agency information by “enabling greater transparency and information sharing.” The new NGA classification guidance provides “better identification and protection of the truly important information — higher walls around fewer secrets,” NGA said.

NGA’s activity in this area is “extremely impressive, groundbreaking work,” said the Office of the Director of National Intelligence, in feedback quoted by NGA. “Clearly, [it is] a possible example or model for how to achieve transformation, for the IC and nationally.”

The new NGA approach evolved from the second Fundamental Classification Guidance Review in 2016-2017 that was required by the 2009 executive order 13526. That Review process has served to streamline and update classification requirements government-wide.

In recent years there have been signs of a more focused and disciplined approach to classification in several corners of the national security bureaucracy. The volume of new national security secrets tabulated by agencies in each of the past three years is lower than ever previously reported by the Information Security Oversight Office.

Senate Intelligence Authorization Report Filed

Do the security clearance procedures that are used for granting access to classified information actually serve their intended purpose?

To help answer that question, the Senate Intelligence Committee mandated a review of security clearance requirements, including “their collective utility in anticipating future insider threats.”

See the Committee’s new report on the Intelligence Authorization Act for Fiscal Year 2018, filed September 7, 2017.

The report summarizes the content of the pending intelligence authorization bill (S. 1761), which was filed last month, and adds Committee comments on various aspects of current intelligence policy.

So, for example, “The Committee remains concerned about the level of protection afforded to whistleblowers within the IC and the level of insight congressional committees have into their disclosures.”

The central point of contention in the bill is a provision (sec. 623) declaring a sense of Congress “that WikiLeaks and the senior leadership of WikiLeaks resemble a non-state hostile intelligence service often abetted by state actors and should be treated as such a service by the United States.”

The provision had originally stated that WikiLeaks and its leadership “constitute” a non-state hostile intelligence service. But this was amended to replace “constitute” with “resemble”. That move might have attenuated the provision’s significance except that it went on to say — whether WikiLeaks constitutes or merely resembles a non-state hostile intelligence service — that the U.S. should treat it as such.

A hostile state-based intelligence service would presumably be subject to intense surveillance by the US. A competent US counterintelligence agency might also seek to infiltrate the hostile service, to subvert its agenda, and even to take it over or disable it.

Whether such a response would also be elicited by “a non-state hostile intelligence service” is hard to say since the concept itself is new and undefined.

“The Committee’s bill offers no definition of ‘non-state hostile intelligence service’ to clarify what this term is and is not,” wrote Sen. Kamala Harris, who favored removal of this language, though she said WikiLeaks has “done considerable harm to this country.”

Sen. Ron Wyden, who likewise said that WikiLeaks had been “part of a direct attack on our democracy,” opposed the bill due to the WikiLeaks-related provision.

“My concern is that the use of the novel phrase ‘non-state hostile intelligence service’ may have legal, constitutional, and policy implications, particularly should it be applied to journalists inquiring about secrets,” Sen. Wyden wrote in minority views appended to the report. “The language in the bill suggesting that the U.S. government has some unstated course of action against ‘non-state hostile intelligence services’ is equally troubling.”

Sharing Intelligence with Non-Intel Agencies

Executive branch agencies that are not part of the US Intelligence Community (IC) can still get access to classified intelligence and to IC information technology systems under certain conditions.

But they must follow procedures that were spelled out last month in new policy guidance from Director of National Intelligence Daniel R. Coats.

In a nutshell, the non-IC agency must have an identifiable need for access to intelligence information and must be able to meet required physical security standards for safeguarding the information.

“The originating [IC] element must receive confirmation from the [non-IC] Federal Partner that all applicable safeguarding requirements in law and policy are met prior to gaining access to the data.”

See Federal Partner Access to Intelligence Community Information Technology Systems, Intelligence Community Policy Guidance 404.1, June 16, 2017.

The Director of the Central Intelligence Agency is responsible for monitoring the activities of non-IC personnel who are present on IC networks “to ensure access is consistent with U.S. legal and policy requirements, and report any variance.”

Defense Intelligence Agency Views Russian Military Power

The Defense Intelligence Agency yesterday launched a new series of unclassified publications on foreign military threats to the United States with a report on the Russian military.

“The resurgence of Russia on the world stage — seizing the Crimean Peninsula, destabilizing eastern Ukraine, intervening on behalf of Syrian President Bashar al-Assad, and shaping the information environment to suit its interests — poses a major challenge to the United States,” the report said.

The 116-page report provides DIA data and perspective on Russian military strategy, force structure, defense spending, intelligence, nuclear weaponry, cyber programs, foreign arms sales, and more. Though unclassified and citing open sources, it is presumably consistent with DIA’s classified collection. See Russia Military Power 2017 published by the Defense Intelligence Agency, June 2017.

The new publication is inspired by the Soviet Military Power series that was published by DIA in the 1980s to draw critical attention to Soviet military programs. Both informative and provocative, Soviet Military Power was immensely popular by government document standards though it was viewed by some critics as verging on, or crossing over into, propaganda.

The new report usefully describes official US perceptions of Russian military programs and intentions, allowing those perceptions to be scrutinized, discussed and corrected as necessary. “These products are intended to foster a dialogue between U.S. leaders, the national security community, partner nations, and the public,” DIA said.

A companion report on China Military Power, among others, is expected to be published shortly.

NRO: We Are “Forward Leaning” on Declassification

The National Reconnaissance Office, the U.S. intelligence agency that builds and operates the nation’s spy satellites, says it is all for increased openness, within certain boundaries.

“The NRO takes very seriously its commitment to greater openness and transparency, and makes every effort, in all of its information review and release programs, to release as much information as we can while still protecting our sensitive sources and methods from harm,” the NRO wrote in a newly disclosed report.

But there are practical limits on what can be accomplished, NRO said:

“While the goal of increasing discretionary declassification decisions is a noble one, we believe that such an effort requires a program separate and distinct from the existing systematic, automatic, mandatory, and other release programs; that establishing a new program is counterproductive given our current resource constraints; and that such an endeavor is unnecessary given our current declassification efforts.”

See NRO Responses on Feasibility of Certain Classification Policy Reforms, February 28, 2017, released last week under the Freedom of Information Act. The NRO document was prepared in response to questions posed last year by then-Director of National Intelligence James R. Clapper, Jr.

While currently operational reconnaissance programs are excluded from declassification review, NRO says it “already examines all [other] classified material that comes up for review for declassification regardless of its age, or under what circumstances it has been requested. If we determine that we cannot articulate harm in release, we consider it for declassification and release.”

In sum, “while we do not look proactively for new items to declassify, we do take a forward-leaning approach to performing declassification reviews by going beyond the ‘can we protect this?’ question to asking ‘do we really need to protect this?'”

NRO said that it could do still more to increase disclosure by reviewing classification guidance, anticipating recurring requests, and improving classification management practices. “We believe these measures, over time, will help eliminate over-classification and make much more material available for public release,” NRO said.

Considering that even the name of the National Reconnaissance Office was considered classified information 25 years ago, until it was declassified by former NRO director Martin Faga in September 1992, the NRO has come quite some distance into the daylight.

It has a substantial presence online, with an electronic reading room featuring numerous declassified records of historical interest. NRO is also the first U.S. intelligence agency to successfully undergo a financial audit.

DNI Clapper had specifically asked last year whether intelligence agencies could do more, consistent with 32 CFR 2001.35, to “declassify information when the public interest in disclosure outweighs the need for continued classification.”

This is harder than it sounds, NRO replied. It presumes that the public interest in disclosure and the need for classification can each be measured, or “weighed,” and then meaningfully compared to determine which is the weightier factor. Neither of those presumptions may be correct. For agency officials, the decision whether or not to declassify is likely to be more of a judgment call than a calculation.

“The CFR does not provide a threshold to assist organizations in determining at what point ‘public interest in disclosure outweighs the need for continuing classification’,” NRO wrote. “The NRO would require clarification and further guidance to assist us in gauging when the public interest outweighs the need to protect our currently classified programs.”

In fact, it is probably not realistic to expect agencies such as NRO to second-guess their own classification decisions on behalf of the public interest. Rather, the authority to exercise a public interest override of classification decisions should be vested in a higher-level body such as the Interagency Security Classification Appeals Panel that would be empowered to consider and to act on broad national and public interests. If that were done, then new procedures would also be needed for interested members of the public to present a public interest argument to that higher-level body for its consideration.

Intelligence Budget Requests for FY2018 Published

The Trump Administration requested $57.7 billion for the National Intelligence Program in Fiscal Year 2018, up from a requested $54.9 billion in FY 2017.

The Administration requested $20.7 billion dollars for the Military Intelligence Program in FY 2018, up from a requested $18.5 billion in FY 2017. (The amounts actually appropriated in FY 2017 have not yet been disclosed.)

The intelligence budget request figures were published last week by the Office of the Director of National Intelligence and by the Department of Defense.

The annual disclosure of the requested amount for the National Intelligence Program was mandated by Congress in the Intelligence Authorization Act for FY 2010. So disclosure is required regardless of the preferences of the current Administration. “As directed by statute,” wrote DNI Dan Coats this year in advance of his confirmation hearing, “I will ensure that the public release of figures representing aggregate funds requested by and appropriated for the IC is completed annually.”

Interestingly, however, there is no corresponding statutory requirement for disclosure of the requested amount for the Military Intelligence Program. The practice of voluntarily disclosing the MIP budget request was initiated by Gen. James R. Clapper when he was Under Secretary of Defense (Intelligence).

“I did that,” said then-DNI Clapper in December 2015. “I thought the public had a right to know.”

An Authorized Disclosure of Classified Information

Updated below

President Trump’s disclosure of classified intelligence information to Russian officials, reported by the Washington Post, may have been reckless, damaging and irresponsible. But it was not a crime.

Disclosures of classified information are not categorically prohibited by law. Even intelligence sources and methods are only required to be protected under the National Security Act from “unauthorized disclosure.” This leaves open the possibility that disclosures of such classified information can actually be authorized. And we know that they are, from time to time.

One statute in particular — 18 USC 798 — does come close to matching the circumstances of the Trump disclosure to Russia, with a crucial exception.

That statute makes it a felony to disclose to an unauthorized person any classified information “concerning the communication intelligence activities of the United States or any foreign government; or […] obtained by the processes of communication intelligence from the communications of any foreign government.”

But it further explains that an “unauthorized person” is one who has not been “authorized to receive information… by the President.”

This morning, President Trump tweeted that “As President I wanted to share with Russia (at an openly scheduled W.H. meeting) which I have the absolute right to do, facts pertaining to terrorism and airline flight safety. Humanitarian reasons, plus I want Russia to greatly step up their fight against ISIS & terrorism.”

(Was the gratuitous parenthetical phrase “at an openly scheduled W.H. meeting” intended to rule out a clandestine transfer of classified information?)

All of that is to say that this episode, though it may have far-reaching ramifications for national security, is probably not a matter for law enforcement. (Based on the reporting by the Washington Post, the President’s actions did violate the terms of an intelligence sharing agreement with a foreign government that supplied the information. But that agreement would not be enforced by the criminal justice system.)

Instead, this is something to be weighed by Congress, which has the responsibility to determine whether Donald J. Trump is fit to remain in office.

Update, 05/17/17: For contrasting views arguing that Trump’s disclosure of classified intelligence to the Russians may actually have been illegal, see Marty Lederman and David Pozen, Liza Goitein, and Stephen Vladeck.

Update, 05/23/17: See also Trump’s Disclosure Did Not Break the Law by Morton Halperin, Just Security, May 23.

Garwin on Strategic Security Challenges to the US

There are at least four major “strategic security challenges” that could place the United States at risk within the next decade, physicist Richard L. Garwin told the National Academy of Sciences earlier this month.

“The greatest threat, based on expected value of damage, is cyberattack,” he said. Other challenges arise from the actions of North Korea and Iran, due to their pursuit or acquisition of nuclear weapons and/or missiles. The remaining threat is due to the potential instability associated with the existing U.S. nuclear weapon arsenal.

These four could be ordered, he said, by the relative difficulty of reducing the threat, from “easiest” to hardest: “the Iranian nuclear program; North Korea; the U.S. nuclear weapon capability and its evolution; and, finally, most importantly and probably most difficult of solution, the cyber threat to the United States.”

In his remarks, Garwin characterized each of the challenges and discussed possible steps that could be taken to mitigate the hazards involved. See Strategic Security Challenges for 2017 and Beyond, May 1, 2017.

Among many other things, Dr. Garwin is a former board member of the Federation of American Scientists. He was awarded the Presidential Medal of Freedom by President Obama last November. He was the subject of a biography published earlier this year called True Genius by Joel Shurkin. Many of his publications are archived on the FAS website.

Most of the threats identified by Garwin — other than the one posed by the U.S. nuclear weapon arsenal — were also discussed in the Worldwide Threat Assessment of the US Intelligence Community that was presented to the Senate Intelligence Committee on May 11.

Neither Garwin nor the US Intelligence Community considered the possibility that the US Government could ever be threatened from within. But that is what is now happening, former Director of National Intelligence James R. Clapper told CNN on May 14.

“I think […] our institutions are under assault internally,” Clapper said, referring to recent actions by President Trump, including the abrupt termination of FBI director James Comey. “The founding fathers, in their genius, created a system of three co-equal branches of government and a built-in system of checks and balances,” he said. “I feel as though that is under assault and is eroding.”