Posted on Feb.15, 2018 in CIA, FOIA, Intelligence by Steven Aftergood

CIA Defends Selective Disclosure to Reporters

The Central Intelligence Agency said yesterday that it has the right to disclose classified information to selected journalists and then to withhold the same information from others under the Freedom of Information Act.

FOIA requester Adam Johnson had obtained CIA emails sent to various members of the press including some that were redacted as classified. How, he wondered, could the CIA give information to uncleared reporters — in this case Siobhan Gorman (then) of the Wall Street Journal, David Ignatius of the Washington Post, and Scott Shane of the New York Times — and yet refuse to give it to him? In an effort to discover the secret messages, he filed a FOIA lawsuit.

His question is a good one, said Chief Judge Colleen McMahon of the Southern District of New York in a court order last month. “The issue is whether the CIA waived its right to rely on otherwise applicable exemptions to FOIA disclosure by admittedly disclosing information selectively to one particular reporter [or three].”

“In this case, CIA voluntarily disclosed to outsiders information that it had a perfect right to keep private,” she wrote. “There is absolutely no statutory provision that authorizes limited disclosure of otherwise classified information to anyone, including ‘trusted reporters,’ for any purpose, including the protection of CIA sources and methods that might otherwise be outed. The fact that the reporters might not have printed what was disclosed to them has no logical or legal impact on the waiver analysis, because the only fact relevant to waiver analysis is: Did the CIA do something that worked a waiver of a right it otherwise had?”

Judge McMahon therefore ordered CIA to prepare a more rigorous justification of its legal position. It was filed by the government yesterday.

CIA argued that the court is wrong to think that limited, selective disclosures of classified information are prohibited or unauthorized by law. The National Security Act only requires protection of intelligence sources and methods from “unauthorized” disclosure, not from authorized disclosure. And because the disclosures at issue were actually intended to protect intelligence sources and methods, they were fully authorized, CIA said. “The CIA properly exercised its broad discretion to provide certain limited information to the three reporters.”

“The Court’s supposition that a limited disclosure of information to three journalists necessarily equates to a disclosure to the public at large is legally and factually mistaken,” the CIA response stated. “The record demonstrates beyond dispute that the classified and statutorily protected information withheld from the emails has not entered the public domain. For these reasons, the limited disclosures here did not effect any waiver of FOIA’s exemptions.”

A reply from plaintiff Adam Johnson is due March 1. (Prior coverage: Tech Dirt, Intel Today).

Selective disclosure of classified information to uncleared reporters is a more or less established practice that is recognized by Congress, which has required periodic reporting to Congress of such disclosures. See Disclosing Classified Info to the Press — With Permission, Secrecy News, January 4, 2017.

The nature of FOIA litigation is such that a lawsuit that was intended to challenge the practice of selective disclosure could, if unsuccessful, end up ratifying and reinforcing it.

Posted on Feb.15, 2018 in FOIA, Intelligence, Security Clearances by Steven Aftergood

Release of Security Clearance Data Delayed

Recent news stories on security clearances (like these from the Christian Science Monitor and NPR) cite data from 2015 regarding the number of persons cleared for access to classified information (4.2 million at that time).

Why aren’t more current numbers being cited?

More recent information has already been compiled in an annual report to Congress that was completed in October 2017. But its release to the public has been delayed indefinitely by an internal intelligence community dispute over the classification status or sensitivity of some of the more detailed reporting on individual agency statistics that are contained in the report.

In fact, the same detailed reporting was provided in the 2015 report and the same dispute over publication arose. But at that time, Obama Administration intelligence officials told security officers in effect to “knock it off” and to just release the report, which they did in June 2016.

The public disclosure of security clearance data was one of dozens of fundamental changes to national security information policy that were made during the Obama Administration to promote greater transparency. Although the annual report on security clearances was required by Congress (in the FY 10 intelligence authorization act), its public disclosure was a choice made by the Obama Administration. Now a different choice is being made.

A FOIA request for release of the latest report on security clearances is pending.

Posted on Feb.01, 2018 in Congress, Declassification, Intelligence by Steven Aftergood

Selective Declassification and the Nunes Memo

If Republicans on the House Intelligence Committee want to publicly release a classified memo that they prepared on alleged misconduct in the FBI, what could be wrong with that?

Quite a lot, actually. Even if the risks of disclosing classified information in this case are small (a point that is disputed), the selective disclosure of isolated claims is bound to produce a distorted view of events. The suppression of dissenting views held by Democratic members of the Committee only aggravates the distortion.

“Deliberately misleading by selectively declassifying is an established technique, and it is one that is both shady and dangerous,” said Sen. Sheldon Whitehouse (D-RI) on the Senate floor on Tuesday.

“This business of selectively cherry-picking things out of classified information to spread a false narrative has a very unpleasant echo for me because this is what the Bush administration was up to when it was trying to defend the torture program. They selectively declassified, for instance, that Abu Zubaydah had been the subject of what they called their enhanced interrogation techniques program and that he had produced important, actionable intelligence. What they did not declassify was that all the actionable intelligence he gave them had been provided before they started on the torture techniques.”

Sen. Whitehouse said that the practice resembled Soviet and Russian information warfare activities that were used “to poison the factual environment.”

“You start with the selective release of classified material that the public can’t get behind because the rest is classified, the false narrative that the ranking member has pointed out that that creates, the partisan and peculiar process for getting there, the ignoring of warnings from their own national security officials about how bad this is, the convenient whipping up of all of this in far-right media at the same time, the amplification of that actually by Russian bots and other sources, and the fact that this is all pointed, not coincidentally, at the agency and officials who are engaged in investigating the Trump White House and the Trump campaign, it is so appallingly obvious what the game is that is being played here.”

Meanwhile, Sen. Whitehouse said, Congress has taken no action to protect against foreign interference in U.S. elections.

“We are warned that a hostile foreign power is going to attack our 2018 election. Where is the legislation to defend against that? Where is the markup of the legislation? Where is the effort to do what needs to be done to defend our democracy? Here we are just a few months out from the election. We are 9 months out. Do I have the math right? It is 9 months between here and there. Nothing.”

Yesterday, the FBI put out a brief statement noting that “we have grave concerns about material omissions of fact that fundamentally impact the memo’s accuracy.”

But as far as is known, no similar concerns have been expressed by intelligence community leaders.

“It is stunning to me,” Sen. Whitehouse said, “that we have heard nothing–at least I have heard nothing– […] from our Director of National Intelligence, DNI Coats, and I have heard nothing from CIA Director Pompeo for–how long it has been?”

Yesterday, coincidentally, the Office of the Director of National Intelligence announced that DNI Coats had directed the declassification of classified intelligence records concerning the Tet Offensive launched by North Vietnamese forces in January 1968.

An ODNI posting said that it is part of a “New Transparency Effort To Share Historical Information of Current Relevance.”

Any declassification of historical information is welcome. But for all of its historical gravity, the Tet Offensive could hardly have less “current relevance.”

Posted on Jan.24, 2018 in Intelligence, Oversight by Steven Aftergood

Budget Law May “Neuter” Intelligence Oversight

The new budget law that keeps the government open for the next three weeks includes a provision that would permit the transfer and spending of intelligence funds during that period without congressional authorization or approval.

“This language is troublesome for the [Senate intelligence] committee because it would authorize the intelligence community to spend funds ‘notwithstanding’ the law that requires prior authorization by the Senate Intelligence Committee or by the House Intelligence Committee,” said intelligence committee chairman Sen. Richard Burr on Monday.

“Effectively, the intelligence community could expend funds as it sees fit without an authorization bill in place.”

“Let me just say to my colleagues, a situation like this is untenable,” Sen. Burr said. “If you neuter the committee, you neuter our oversight.”

But efforts by Senator Burr and committee vice chairman Senator Mark Warner to modify the provision were blocked by Appropriations Committee chairman Sen. Thad Cochran. He said the controversial language “is included exactly as requested by the administration” and with his support the budget measure was enacted into law.

The provision was first reported last week by Ryan Grim in The Intercept.

The override of normal oversight requirements was requested by the Office of Management and Budget at the urging of the Pentagon, the Washington Examinerreported. See “Provision in shutdown-ending bill stokes fear of oversight-free intelligence spending” by Steven Nelson, January 23, 2018,

An unnamed congressional staffer told the paper that the change mainly pertains to missile defense funds and “does not give the intelligence community a blank check at all.” The staffer also contended that it does not materially affect the role of the intelligence committees.

But the chairman and vice chairman disagree.

“For the next 3 weeks we will have an inability to exercise, in our estimation, the tools that we might need,” Senator Burr said.

Posted on Jan.18, 2018 in Intelligence, Leaks by Steven Aftergood

DNI Updates Policy on Classified Leaks

Director of National Intelligence Daniel R. Coats last month issued a newly revised directive that details intelligence community procedures for dealing with leaks of classified information. See Unauthorized Disclosures of Classified National Security Information, Intelligence Community Directive 701, December 22, 2017.

The directive formalizes several notable developments in intelligence policy regarding leaks:

* It presents an expansive definition of an unauthorized disclosure that includes not simply disclosure but also the “confirmation” or “acknowledgement” of classified information to an unauthorized person.

* It mandates the use of “audits and systems monitoring” in order “to detect and attribute attempts to bypass or defeat security safeguards.”

* It specifies that polygraph examinations used by intelligence agencies shall “address the issue of unauthorized disclosures of classified information” as part of the security vetting process.

* It notes that the DNI may prohibit the IC Inspector General from investigating a leak, pursuant to 50 USC 3033(f), “if the Director determines that such prohibition is necessary to protect vital national security interests of the United States.” The DNI is obliged to notify the congressional intelligence committees if he ever exercises this authority.

The new directive defines a hierarchy of unauthorized disclosures based on their severity and the feasibility of investigating and prosecuting them. “This process is designed to identify which incidents can be closed without further review, which call for an internal investigation, and which should be referred [to the Department of Justice] with a request for a criminal investigation.”

The directive updates and expands the provisions of a prior version that was issued in 2007 by then-DNI Mike McConnell.

Posted on Jan.02, 2018 in classification, Intelligence by Steven Aftergood

IC “Portfolios” Overcome Compartmentalization of Intelligence

Excessive compartmentalization of intelligence can be counteracted by the use of “portfolios” of compartmented programs, according to new intelligence community guidance.

Undue secrecy in intelligence is not only a barrier to external oversight and public accountability. It can also be an obstacle to effective mission performance. That is fortunate in a way since it provides a reason for officials to reconsider classification policy and an incentive for them to curtail unnecessary secrecy.

Director of National Intelligence Daniel R. Coats, who has kept a comparatively low public profile lately, surfaced last month to issue new guidance that is intended in part as a way to curb internal IC secrecy.

The guidance discusses the creation and management of intelligence “portfolios.” This term refers to a collection of classified programs that overlap in some way and that are bundled together to facilitate information sharing and collaboration.

“Establishment of a Portfolio may be required in order to achieve unity of effort and effect against the highest priority requirements or when compartmentalization hinders or prevents access to information necessary for intelligence integration,” according to the new guidance. The practice has no bearing on public disclosure of intelligence information.

All portfolio personnel are to be “indoctrinated” (i.e. granted access) to all portfolio programs, in what amounts to a reversal of the compartmentalization process. See Intelligence Community Portfolio Management, Intelligence Community Policy Guidance 906.1, December 15, 2017.

The portfolio concept was previously defined in the 2015 Intelligence Community Directive 906.

The Office of the Director of National Intelligence will convene a day-long “Intelligence Community Civil Liberties, Privacy and Transparency Summit” for IC employees on January 24.

Posted on Nov.15, 2017 in History, In Memoriam, Intelligence by Steven Aftergood

Remembering Jeff Richelson

We were sad to learn that intelligence historian Jeffrey T. Richelson passed away last weekend.

Richelson was one of a small number of pioneers of a new genre of public interest research focused on national security and intelligence. He advanced the boundaries of public knowledge and understanding of the far-flung national security apparatus through his writing based on official documents, carefully read and digested.

Richelson’s book The US Intelligence Community, published last year in its 7th edition, is so richly detailed as to be hard to read– but enormously valuable as a reference. Other works among the entire shelf of books and articles that he authored, such as Spying on the Bomb on the history of nuclear weapons-related espionage, displayed his story-telling gifts more engagingly.

Richelson had a resolutely independent, almost contrarian streak. In the 1990s when it was becoming conventional wisdom to say that the Central Intelligence Agency failed to anticipate the collapse of the Soviet Union, Richelson wrote an article in The National Interest called “The CIA Vindicated” (with Bruce Berkowitz) in which he argued that the opposite was the case.

Not least important, he was a kind and decent person and a generous colleague.

Jeff Richelson was remembered by the National Security Archive here.

Posted on Oct.16, 2017 in Congress, Cyberwar, Intelligence, Military Doctrine by Steven Aftergood

What is an Act of War in Cyberspace?

What constitutes an act of war in the cyber domain?

It’s a question that officials have wrestled with for some time without being able to provide a clear-cut answer.

But in newly-published responses to questions from the Senate Armed Services Committee, the Pentagon ventured last year that “The determination of what constitutes an ‘act of war’ in or out of cyberspace, would be made on a case-by-case and fact-specific basis by the President.”

“Specifically,” wrote then-Undersecretary of Defense (Intelligence) Marcel Lettre, “cyber attacks that proximately result in a significant loss of life, injury, destruction of critical infrastructure, or serious economic impact should be closely assessed as to whether or not they would be considered an unlawful attack or an ‘act of war.'”

Notably absent from this description is election-tampering or information operations designed to disrupt the electoral process or manipulate public discourse.

Accordingly, Mr. Lettre declared last year that “As of this point, we have not assessed that any particular cyber activity [against] us has constituted an act of war.”

See Cybersecurity, Encryption and United States National Security Matters, Senate Armed Services Committee, September 13, 2016 (published September 2017), at p. 85.

See related comments from Joint Chiefs Chairman Gen. Joseph Dunford in U.S. National Security Challenges and Ongoing Military Operations, Senate Armed Services Committee, September 22, 2016 (published September 2017), at pp. 56-57.

In January 2017, outgoing Obama DHS Secretary Jeh Johnson for the first time designated the U.S. election system as critical infrastructure. “Given the vital role elections play in this country, it is clear that certain systems and assets of election infrastructure meet the definition of critical infrastructure, in fact and in law,” he wrote. It follows that an attack on the electoral process could now be considered an attack on critical infrastructure and, potentially, an act of war.

“Russia engaged in acts of war against America, not with bullets and bombs, but through a modern form of warfare, a cyberattack on our democracy,” opined Allan Lichtman, a history professor at American University, in a letter published in the latest issue of the New York Review of Books.

Not so fast, replied Noah Feldman and Jacob Weisberg: “The US is not now in a legal state of war with Russia despite that country’s attempts to affect the 2016 election.”

The current issue of the US Army’s Military Intelligence Professional Bulletin (Oct-Dec 2017) includes an article on Recommendations for Intelligence Staffs Concerning Russian New Generation Warfare by MAJ Charles K. Bartles (at pp. 10-17).

Posted on Sep.13, 2017 in classification, Intelligence by Steven Aftergood

NGA Charts New Path in Classification Policy

Changes in classification practices at the National Geospatial-Intelligence Agency (NGA) are expected to yield improvements in the quality of national security classification decisions and to lead to reductions in classification at NGA as well as other defense and intelligence agencies.

The most important innovation adopted by NGA is a requirement for a written justification for why each item of classified information needs to be protected, as well as how the information could be paraphrased or discussed in an unclassified manner.

NGA said it has prepared a new classification guide that includes three types of “enhancement statements” for each classification decision:

* The “Value” statement explains why the information is being protected.

* The “Damage” statement describes the potential impact to national security should an unauthorized disclosure occur.

* The “Unclassified” statement outlines how a user can address the classified line item in an unclassified manner.

Notably, none of this explanatory information is required by the current executive order on classification. The order requires classifiers to be “able to” explain their classification decisions, but not to actually do so.

By contrast, the NGA formula is likely to promote a more thoughtful and limited approach to classifying national security information, said Mark Bradley, director of the Information Security Oversight Office (ISOO).

“Including an unclassified paraphrase is especially useful for helping derivative classifiers understand how it may be possible to use the information in an unclassified context,” said Mr. Bradley. “That alone can certainly move the needle towards reducing overclassification.”

NGA said that as of June 2017 it had produced enhancement statements for 292 classified line items in its new consolidated security classification guide.

The new NGA policy was described in the Agency’s report to ISOO on the recently-completed Fundamental Classification Guidance Review. A copy of the report was obtained from NGA under the Freedom of Information Act.

* * *

Why would NGA voluntarily impose new requirements on its own classifiers beyond what the executive order mandates?

There are several factors at work. Of all U.S. intelligence agencies, “NGA has a greater mission need to work more and more in an unclassified environment,” said Mr. Bradley. “This need is playing a central role in driving their new approach.”

Furthermore, under NGA director Robert Cardillo, “NGA’s leadership supports innovation. They realized that their classification guide process was too ‘old school’,” he said.

More specifically, “NGA took DNI Clapper’s [March 2016] memo on the FCGR process to heart.” (See “DNI Clapper Embraces Review of Secrecy System,” Secrecy News, April 6, 2016). And Mr. Bradley cited a visit to the NGA Director by the Public Interest Declassification Board, which he said also provided a useful impetus.

Overall, “the changes we are seeing at NGA are arcing more towards sharing than protecting. That could help shift the paradigm away from excessive secrecy and over-classification,” Mr. Bradley said.

The Agency itself declared that “NGA is leading the DoD and IC [Intelligence Community] in classification management transformation.”

NGA said that its use of enhancement statements to improve classification guides will soon be adopted throughout the Department of Defense, including all DoD intelligence agencies and military services, in a forthcoming revision of DoD manual 5200.45 on classification guidance.

But Mr. Bradley cautioned that “NGA’s model may not be all that easy to adapt to the rest of the IC.”

“NGA has a comparatively limited and well-defined mission with a significant need to share its information. Agencies most likely to benefit from NGA’s model probably include NRO and maybe NSA, [which are] IC agencies with similarly clearly-defined responsibilities and advanced existing classification management infrastructures already in place.”

On the other hand, “I suspect that applying NGA’s model to CIA, DIA, and the military intelligence services would be more challenging because of their decentralized management structures and technical limitations. And, of course, one would be silly to ignore the always-present institutional resistance to wholesale change,” Mr. Bradley said.

Although NGA’s new approach is mission-driven, it should have positive repercussions for public access to agency information by “enabling greater transparency and information sharing.” The new NGA classification guidance provides “better identification and protection of the truly important information — higher walls around fewer secrets,” NGA said.

NGA’s activity in this area is “extremely impressive, groundbreaking work,” said the Office of the Director of National Intelligence, in feedback quoted by NGA. “Clearly, [it is] a possible example or model for how to achieve transformation, for the IC and nationally.”

The new NGA approach evolved from the second Fundamental Classification Guidance Review in 2016-2017 that was required by the 2009 executive order 13526. That Review process has served to streamline and update classification requirements government-wide.

In recent years there have been signs of a more focused and disciplined approach to classification in several corners of the national security bureaucracy. The volume of new national security secrets tabulated by agencies in each of the past three years is lower than ever previously reported by the Information Security Oversight Office.

Posted on Sep.11, 2017 in Congress, Intelligence, Oversight by Steven Aftergood

Senate Intelligence Authorization Report Filed

Do the security clearance procedures that are used for granting access to classified information actually serve their intended purpose?

To help answer that question, the Senate Intelligence Committee mandated a review of security clearance requirements, including “their collective utility in anticipating future insider threats.”

See the Committee’s new report on the Intelligence Authorization Act for Fiscal Year 2018, filed September 7, 2017.

The report summarizes the content of the pending intelligence authorization bill (S. 1761), which was filed last month, and adds Committee comments on various aspects of current intelligence policy.

So, for example, “The Committee remains concerned about the level of protection afforded to whistleblowers within the IC and the level of insight congressional committees have into their disclosures.”

The central point of contention in the bill is a provision (sec. 623) declaring a sense of Congress “that WikiLeaks and the senior leadership of WikiLeaks resemble a non-state hostile intelligence service often abetted by state actors and should be treated as such a service by the United States.”

The provision had originally stated that WikiLeaks and its leadership “constitute” a non-state hostile intelligence service. But this was amended to replace “constitute” with “resemble”. That move might have attenuated the provision’s significance except that it went on to say — whether WikiLeaks constitutes or merely resembles a non-state hostile intelligence service — that the U.S. should treat it as such.

A hostile state-based intelligence service would presumably be subject to intense surveillance by the US. A competent US counterintelligence agency might also seek to infiltrate the hostile service, to subvert its agenda, and even to take it over or disable it.

Whether such a response would also be elicited by “a non-state hostile intelligence service” is hard to say since the concept itself is new and undefined.

“The Committee’s bill offers no definition of ‘non-state hostile intelligence service’ to clarify what this term is and is not,” wrote Sen. Kamala Harris, who favored removal of this language, though she said WikiLeaks has “done considerable harm to this country.”

Sen. Ron Wyden, who likewise said that WikiLeaks had been “part of a direct attack on our democracy,” opposed the bill due to the WikiLeaks-related provision.

“My concern is that the use of the novel phrase ‘non-state hostile intelligence service’ may have legal, constitutional, and policy implications, particularly should it be applied to journalists inquiring about secrets,” Sen. Wyden wrote in minority views appended to the report. “The language in the bill suggesting that the U.S. government has some unstated course of action against ‘non-state hostile intelligence services’ is equally troubling.”