Army Operations: The New Operational Environment

Other nations, including current and potential adversaries, possess military capabilities that now match or exceed those of the United States, according to a new US Army doctrinal publication.

“Today’s operational environment presents threats to the Army and joint force that are significantly more dangerous in terms of capability and magnitude than those we faced in Iraq and Afghanistan. Major regional powers like Russia, China, Iran, and North Korea are actively seeking to gain strategic positional advantage. These nations, and other adversaries, are fielding capabilities to deny long-held U.S. freedom of action in the air, land, maritime, space, and cyberspace domains and reduce U.S. influence in critical areas of the world.”

“In some contexts they already have overmatch or parity, a challenge the joint force has not faced in twenty-five years.”

That assessment appears in the Foreword to the newly updated US Army Field Manual 3.0 on Operations that was officially released today.

The Field Manual describes the conduct of operations in the new environment, with notably new material on the cyber and space domains.

“Threat operations [by adversaries] in cyberspace are often less encumbered by treaty, law, and policy restrictions than those imposed on U.S. forces, which may allow adversaries or enemies an initial advantage,” the manual states.

The unclassified field manual was released along with two supporting volumes:

ADP 3-0. Operations, Army Doctrine Publication, October 2017, and

ADRP 3-0. Operations, Army Doctrine Reference Publication, October 2017

Last week, Secretary of Defense James Mattis issued a memorandum to all military personnel and DoD employees warning against leaks of classified or otherwise restricted defense information.

“It is a violation of our oath to divulge, in any fashion, non-public DoD information, classified or unclassified, to anyone without the required security clearance as well as a specific need to know in performance of their duties,” he wrote. A copy of the memo was obtained by Military Times. (A security clearance is not required for unclassified information.)

Yet also last week, Secretary Mattis himself disclosed new information that about US rules of engagement that is normally not published, the New York Times reported. A Pentagon spokesman denied that the disclosure would place US forces at risk, or help the enemy. See “Mattis Discloses Part of Afghanistan Battle Plan, but It Hasn’t Yet Been Carried Out” by Thomas Gibbons-Neff, October 6.

Legality of Presidential Disclosures, Continued

“There is no basis” for suggesting that President Trump’s disclosure of classified intelligence to Russian officials was illegal, wrote Morton Halperin this week.

To the contrary, “senior U.S. government officials in conversations with foreign officials decide on a daily basis to provide them with information that is properly classified and that will remain classified,” wrote Halperin, who is himself a former senior official.

“We should not let our desire to confront President Trump lead us to espouse positions that violate his rights and that would constrain future presidents in inappropriate ways.” See “Trump’s Disclosure Did Not Break the Law” by Morton H. Halperin, Just Security, May 23, 2017.

But constraints on presidential disclosure were on the minds of Rep. Stephanie Murphy (D-FL) and 17 House colleagues. They introduced legislation on May 24 “that would require the President to notify the intelligence committees when a U.S. official, including the President, intentionally or inadvertently discloses top-secret information to a nation that sponsors terrorism or, like Russia, is subject to U.S. sanctions.”

Yesterday, Rep. Dutch Ruppersberger (D-MD) introduced a bill “to ensure that a mitigation process and protocols are in place in the case of a disclosure of classified information by the President.”

Rep. Mike Thompson (D-CA) and five colleagues introduced a resolution “disapproving of the irresponsible actions and negligence of President Trump which may have caused grave harm to United States national security.”

For related background, see The Protection of Classified Information: The Legal Framework, Congressional Research Service, updated May 18, 2017, and Criminal Prohibitions on Leaks and Other Disclosures of Classified Defense Information, Congressional Research Service, updated March 7, 2017.

Legality of the Trump Disclosures, Revisited

When President Trump disclosed classified intelligence information to Russian officials last week, did he commit a crime?

Considering that the President is the author of the national security classification system, and that he is empowered to determine who gets access to classified information, it seems obvious that the answer is No. His action might have been reckless, I opined previously, but it was not a crime.

Yet there is more to it than that.

The Congressional Research Service considered the question and concluded as follows in a report issued yesterday:

“It appears more likely than not that the President is presumed to have the authority to disclose classified information to foreign agents in keeping with his power and responsibility to advance U.S. national security interests.” See Presidential Authority to Permit Access to National Security Information, CRS Legal Sidebar, May 17, 2017.

This tentative, rather strained formulation by CRS legislative attorneys indicates that the question is not entirely settled, and that the answer is not necessarily obvious or categorical.

And the phrase “in keeping with his power and responsibility to advance U.S. national security interests” adds an important qualification. If the president were acting on some other agenda than the U.S. national interest, then the legitimacy of his disclosure could evaporate. If the president were on Putin’s payroll, as the House majority leader lamely joked last year, and had engaged in espionage, he would not be beyond the reach of the law.

Outlandish hypotheticals aside, it still seems fairly clear that the Trump disclosures last week are not a matter for the criminal justice system, though they may reverberate through public opinion and congressional deliberations in a consequential way.

But several legal experts this week insisted that it’s more complicated, and that it remains conceivable that Trump broke the law. See:

“Don’t Be So Quick to Call Those Disclosures ‘Legal'” by Elizabeth Goitein, Just Security, May 17, 2017

“Why Trump’s Disclosure to Russia (and Urging Comey to Drop the Flynn Investigation, and Various Other Actions) Could Be Unlawful” by Marty Lederman and David Pozen, Just Security, May 17, 2017

“Trump’s disclosures to the Russians might actually have been illegal” by Steve Vladeck, Washington Post, May 16, 2017

Update, 05/23/17: But see also Trump’s Disclosure Did Not Break the Law by Morton Halperin, Just Security, May 23, 2017.

37 Leak Cases Were Reported to Dept of Justice in 2016

Executive branch agencies submitted 37 “crimes reports” to the Department of Justice last year regarding leaks of classified information.

In response to a Freedom of Information Act request, wrote Patricia Matthews of the DOJ National Security Division, “We have conducted a search of the Counterintelligence and Export Control Section.  A records search of that Section indicates that 37 crime reports concerning unauthorized disclosures of classified information were received by DOJ in CY 2016.” (The specific nature of the leaks and the government’s responses to them were not disclosed.)

The 2016 figure is double the number of suspected criminal leak cases reported in 2015. But it is consistent with the average number of leak cases from 2009 to 2015, which is 39.7.

What makes the latest number of reported leaks interesting is not that it deviates sharply from past experience but that it does not.

Evidently there is a baseline of leakiness that persists even in the face of strenuous official efforts to combat leaks.

President Obama issued executive order 13587 in 2011 to improve safeguarding of classified information. He issued a National Insider Threat Policy in 2012, which was intended in part to deter unauthorized disclosures of classified information. The Obama Administration famously prosecuted more suspected leakers than ever before. But after all of that, the annual number of suspected criminal leaks is stable and undiminished.

Among other things, this has implications for security policy. Since leaks continue despite government actions to suppress them, prudent security officers will limit their vulnerability by using classification more selectively, by further reducing the security-cleared population, and by aiming for resilience to unwanted disclosure rather than for perfect secrecy.

“There’s been major crimes committed,” House Intelligence Committee chairman Rep. Devin Nunes (R-CA) told reporters yesterday, referring to the latest leaks in the Trump Administration. “What I’m concerned about is no one is focusing on major leaks that have occurred here… We can’t run a government like this. A government can’t function with massive leaks at the highest level.”

But the record of the past decade indicates that the government has no alternative but to operate in a leaky environment.

A stronger argument could even be made that some irreducible level of leakiness serves a salutary purpose as a check against misconduct. A perfectly reliable and altogether leak-proof secrecy system would present an irresistibly dangerous temptation to irresponsible political leaders.

Leaks and the Law, & More from CRS

There is no law that categorically prohibits all leaks of classified (or unclassified) information. Instead, there is a patchwork of statutes that outlaw some unauthorized disclosures under some circumstances.

The various statutes that have been used to punish leaks of classified information are surveyed in a new publication from the Congressional Research Service. See The Law and Leaks to the Press, CRS Legal Sidebar, February 22, 2017.

“Not every leak to the press is a federal crime,” CRS notes. Even when a disclosure is a potential crime, the underlying statutes are not self-activating or self-enforcing. Investigators and prosecutors retain considerable discretion about how to proceed.

I discussed some of these issues lately in the Washington Post. See President Trump’s war on leaks, explained” by Aaron Blake, February 16.

Other noteworthy new or updated reports from the Congressional Research Service include the following.

A New Authorization for Use of Military Force Against the Islamic State: Issues and Current Proposals, updated February 21, 2017

Iran’s Nuclear Program: Tehran’s Compliance with International Obligations, updated February 23, 2017

Federal Building and Facility Security: Frequently Asked Questions, updated February 22, 2017

U.S. Secret Service: Selected Issues and Executive and Congressional Responses, updated February 22, 2017

“Dear Colleague” Letters in the House of Representatives: Past Practices and Issues for Congress, February 22, 2017

Health Care-Related Expiring Provisions of the 115th Congress, First Session, updated February 22, 2017

El Salvador: Background and U.S. Relations, updated February 23, 2017

The North American Free Trade Agreement (NAFTA), updated February 22, 2017

Disclosing Classified Info to the Press — With Permission

Intelligence officials disclosed classified information to members of the press on at least three occasions in 2013, according to a National Security Agency report to Congress that was released last week under the Freedom of Information Act.

See Congressional Notification — Authorized Disclosures of Classified Information to Media Personnel, NSA memorandum to the staff director, House Permanent Select Committee on Intelligence, December 13, 2013.

The specific information that NSA gave to the unnamed reporters was not declassified. But the disclosures were not “leaks,” or unauthorized disclosures. They were, instead, authorized disclosures. For their part, the reporters agreed not to disseminate the information further.

“Noteworthy among the classified topics disclosed were NSA’s use of metadata to locate terrorists, the techniques we use and the processes we follow to assist in locating hostages, [several words deleted] overseas support to the warfighter and U.S. allies in war zones, and NSA support to overall USG efforts to mitigate cyber threats. The [deleted] personnel executed non-disclosure agreements that covered all classified discussions.”

In one case, “classified information was disclosed in order to correct inaccurate understandings held by the reporter about the nature and circumstances of [deleted].”

On another occasion, “classified information was disclosed in an effort to limit or avoid reporting that could lead to the loss of the capability [deleted].”

In all three cases, “the decision to disclose classified information was made in consultation with the Director of National Intelligence pursuant to Executive Order 13526, and in each case the information disclosed remains properly classified.”

This seems like a generous interpretation of the Executive Order, which does not mention disclosures to the press at all. It does say, in section 4.2(b) that “In an emergency, when necessary to respond to an imminent threat to life or in defense of the homeland, the agency head or any designee may authorize the disclosure of classified information […] to an individual or individuals who are otherwise not eligible for access.” In an emergency, then, but not just “to correct inaccurate understandings.”

Still, the report accurately reflects the true instrumental nature of the classification system. That is, the protection of classified information under all circumstances is not a paramount goal. National security secrecy is a tool to be used if it advances the national interest (and is consistent with law and policy) and to be set aside when it does not.

So hypocrisy in the handling of classified information is not an issue here. The concern, rather, is that the power of selective disclosure of classified material can be easily abused to manage and to manipulate public perceptions. The congressional requirement to report on authorized disclosures of classified information to the press may help to mitigate that danger.

When the President Pardoned a Leaker

In recent discussions of whether President Obama should pardon Edward Snowden, it has gone unnoticed that a presidential pardon was once granted to a person who committed an unauthorized disclosure of classified information to the press, effectively erasing his crime.

In 1985, Samuel L. Morison, a U.S. Navy intelligence analyst, was convicted under the Espionage Act statutes of providing classified intelligence satellite photographs of a Soviet aircraft carrier to Jane’s Defence Weekly. He was sentenced to two years in prison, of which he served eight months.

But in January 2001, President Clinton issued “a full and unconditional pardon” to Morison.

The fact that a leaker received a pardon is an indication that the unauthorized disclosure of classified information is not so intrinsically heinous a crime as to be categorically beyond official forgiveness. Since one president pardoned a leaker, it is certainly within the realm of possibility that another president might choose to do the same.

In several respects, however, the Morison case differs significantly from the circumstances of the Snowden case.

For one thing, Morison submitted to judicial process (after his arrest, anyway), was convicted, and served his sentence. Snowden, on the other hand, is a fugitive and has neither been tried nor convicted of a crime.

Morison did actively seek a pardon, but he did so through formal petition procedures rather than through a grass roots campaign or an appeal to newspaper editorial boards, opinion leaders or celebrities.

Morison had an influential champion in Senator Daniel P. Moynihan, who wrote privately to the President on his behalf in September 1998, more than two years before the pardon was ultimately granted.

Interestingly, Moynihan did not suggest that Morison was an exemplary character or someone who was personally deserving of presidential intervention. (Morison went on to plead guilty to an unrelated crime years later.) Instead, he argued that the use of the Espionage Act as a means to regulate the press was improper and unfair.

“Press censorship has been proposed since [the enactment of the Espionage Act in 1917], but never adopted. Ironically, we now have in Samuel Loring Morison a man who has been convicted for leaking information, while so many real spies are discovered but never prosecuted,” Moynihan wrote.

“I would hope that in your review of Mr. Morison’s application for a pardon you reflect not simply on the relevant law, but the erratic application of that law and the anomaly of this singular conviction in eighty-one years,” he wrote.

Moynihan’s addressed his argument directly to the President, who has exclusive authority to issue a pardon, rather than as part of a public campaign. His letter was released under the Freedom of Information Act after the pardon was granted.

And because Morison’s advocacy of a pardon was conducted quietly, it did not elicit public opposition from intelligence agency officials or their supporters, though President Clinton did encounter significant internal resistance.

“We said we were obviously opposed — it was a vigorous ‘Hell, no’,” one senior intelligence official told the Washington Post. “We think giving classified information to people who are unauthorized to receive it is a bad thing to do and giving pardons to people who are convicted of doing that sends the wrong signal to people who are currently entrusted with classified information.” (“Clinton Ignored CIA in Pardoning Intelligence Analyst” by Vernon Loeb, February 17, 2001)

Remarkably, President Clinton disregarded such complaints from within his Administration and pardoned Samuel Morison, even though there was little or nothing to be gained politically by doing so.

In short, the Morison case represents a template for winning a presidential pardon that other convicted leakers might profitably study and attempt to replicate. But advocates of a pardon for Edward Snowden, and Snowden himself, have necessarily chosen a different path.

Dozens of Leak Referrals Sent to DoJ Each Year

Updated below

Updated again below

Updated a third time

The Department of Justice said last week that it received dozens of “crimes reports” concerning unauthorized disclosures of classified information each year for most of the past several years, although only 18 such referrals were made in 2015.

In a July 20 response to a Freedom of Information Act request, DOJ’s National Security Division provided the following data on the number of crimes reports — i.e., referrals of suspected violations of criminal law — involving leaks of classified information for each of the last seven Calendar Years (CY):

CY2009: 44
CY2010: 33
CY2011: 41
CY2012: 46
CY2013: 55
CY2014: 41
CY2015: 18

These data are generally indicative of the number of discrete leak episodes in each year.

Only a fraction of such leak referrals ever lead to an investigation, DOJ told Congress in 2010 and only a fraction of the investigations result in criminal prosecution.

“In most cases, the information included in the referral is not adequate to initiate an investigation. The most typical information gap is a failure to identify all those with authorized access to the information, which is the necessary starting point for any leak investigation.”

“When this information is sufficient to open an investigation, the FBI has been able to identify suspects in approximately 50% of these cases over the past 5 years [i.e. 2005-2009]. Even when a suspect is identified, though, prosecution is extremely rare,” DOJ said then.

A crimes report regarding a classified leak to the media is usually accompanied by a DOJ Media Leak Questionnaire, describing the nature of the unauthorized disclosure, its origin, accuracy, significance and scope of dissemination.

In the era of the mass leak, the number of individual leak episodes does not bear any correlation to the volume of classified material that has been disclosed. So the large Manning releases of 2010 and the Snowden releases of 2013 do not clearly stand out in the new DOJ tabulation. The number of leak referrals also does not provide an indication of the magnitude of damage to national security, if any, that resulted from the leaks.

While unauthorized disclosures of classified information are often prized by reporters as indispensable for independent national security journalism, they can be cause for trepidation among the government officials who have to manage their consequences.

The 1978 book Legend by Edward Jay Epstein “contained enough details to pinpoint [KGB officer Alexei] Kulak as an American agent,” wrote David E. Hoffman in his book The Billion Dollar Spy (Doubleday, 2015, p. 58). As a result, CIA had to immediately prepare an exfiltration plan to get its agent out of the Soviet Union. “If the KGB followed up on details in the book and arrested him, Kulak would certainly face charges of treason, punishable by death.” As things turned out, “Kulak was not discovered and later died of a heart attack” without having left his country. But due to the compromise of information about him, Hoffman wrote, “CIA had lost Kulak as an intelligence source.”

A 1995 New York Times story about “dirty assets” — i.e., intelligence sources who themselves have been involved in criminal activity — is said to have led to the death of another American agent (this could not be independently confirmed by Secrecy News). In response to pleas from government officials, “Some identifying details were omitted [by the New York Times], but way too many weren’t,” wrote former CIA acting general counsel John Rizzo in his memoir Company Man (Scribner, 2014, p. 151).

“It is the only leak I can remember that indisputably caused the death of a CIA source,” wrote Rizzo.

Update: We should not have repeated the unsupported allegation by John Rizzo that a New York Times story caused the death of a CIA source. The story, which dealt with an issue of current public debate, was carefully reported by the Times to exclude identifying details that might have placed individuals in danger. It was prepared with the active cooperation of Jeffrey H. Smith, then-CIA general counsel, who was himself quoted in the story. Under the circumstances, Rizzo’s accusation is outrageous and we were wrong to circulate it.

Second Update, 7/26/16:

Jeffrey H. Smith and John Rizzo responded via email:

We were dismayed to read your note yesterday apologizing for relying on John Rizzo’s book that a leak in the New York Times in 1995 led to the death of a human source of the CIA. Your apology said, accurately, that Jeff Smith had spoken to the Times but then concluded — without speaking to either of us — that because the article was “carefully reported” John Rizzo’s “accusation is outrageous”. Had you spoken to us, who actually know what happened, we would have told you that we stand by the passage in John’s book.

Third Update, 6/27/17:

A gripping interview with John Rizzo, Jeffrey Smith and Tim Weiner of the New York Times regarding the story of the CIA source was conducted by Malcolm Gladwell and broadcast on Revisionist History.

Punishing Leaks Through Administrative Channels

The Obama Administration has famously prosecuted more individuals for unauthorized disclosures of classified information to the media than all of its predecessors combined. But behind the scenes, it appears to have sought administrative penalties for leaks — rather than criminal ones — with equal or greater vigor.

“This Administration has been historically active in pursuing prosecution of leakers, and the Intelligence Community fully supports this effort,” said ODNI General Counsel Robert S. Litt in testimony from a closed hearing of the Senate Intelligence Committee in 2012 that was released last week in response to a Freedom of Information Act request.

But, he said, “prosecution of unauthorized disclosure cases is often beset with complications, including difficult problems of identifying the leaker, the potential for confirming or revealing even more classified information in a public trial, and graymail by the defense.”

Therefore, Mr. Litt said, in 2011 Director of National Intelligence James Clapper ordered intelligence agencies “to pursue administrative investigations and sanctions against identified leakers wherever appropriate. Pursuant to this DNI directive, individual agencies are instructed to identify those leak incidents that are ripe for an administrative disposition….”

Administrative penalties could include termination of employment, loss of security clearance, fines, or other adverse consequences. The number of individuals who were in fact sanctioned as a result of the ensuing “emphasis on administrative dispositions of leak investigations” was not disclosed. But “by advocating for administrative action in appropriate cases, the DNI hopes that more leakers will be sanctioned, and others similarly situated will be deterred,” he said at that time.

The 2012 Senate Intelligence Committee hearing pre-dated the classified disclosures in 2013 by Edward Snowden, who was obviously not deterred.

In a 2014 memorandum, Homeland Security Advisor Lisa O. Monaco said that “Recent unauthorized disclosures have unfortunately underscored the need to vigilantly safeguard our Nation’s most sensitive intelligence information.” The memo detailed numerous “near-term measures… aimed at further reducing the risk of additional high-impact disclosures.”

Yet “technical fixes alone cannot fully mitigate the threat posed by a determined insider,” she wrote. “As a result, [the corrective steps] include measures to improve business practices, enhance the security culture across the workforce, and reduce the unique risks associated with ‘privileged’ users.”

See “Near-term Measures to Reduce the Risk of High-Impact Unauthorized Disclosures,” memorandum from Homeland Security Advisor Lisa Monaco, February 11, 2014.

The actual efficacy of the measures described, some of which are still being gradually implemented, has not been publicly reported.

Petraeus Deal Cited in Sterling Leak Defense

Attorneys for former CIA officer Jeffrey Sterling, who was found guilty on nine felony counts involving unauthorized disclosure of classified information, argued yesterday that the Sterling verdict should be set aside in view of the misdemeanor plea agreement that was recently offered to former CIA director Gen. David Petraeus for mishandling classified information.

Sterling’s attorneys suggested that the disparate treatment of the two cases was attributable to improper considerations of rank and race.

They noted that Petraeus had acknowledged providing his mistress unauthorized access to “classified information regarding the identities of covert officers, war strategy, intelligence capabilities and mechanisms, diplomatic discussions, quotes and deliberate discussions from high level National Security Council meetings, and […] discussions with the President of the United States of America.”

“For these transgressions, General Petraeus pled guilty to a misdemeanor violation of 18 U.S.C. § 1924 and will not serve a single day in jail. No espionage charge was made. Equally stunning is that General Petraeus admits to making false statements to the Government about his criminal activity and yet avoids a perjury or obstruction charge.”

“On the other hand, Mr. Sterling was charged with espionage and obstruction and faces a prison term. The defense submits again that the principal difference between Mr. Sterling and Generals Petraeus and Cartwright [who was reportedly suspected of leaks concerning the Stuxnet program] are their respective races and rank. Like General Cartwright, General Petraeus is a white, high-ranking official.” Mr. Sterling is African-American.

“The Government must explain why the justice meted out to white Generals is so different from what Mr. Sterling has faced,” the Sterling attorneys wrote in a March 19 filing.

In a letter to the editor of the New York Times today, attorney David E. Kendall said that the Petraeus case differed from other leak cases in that Gen. Petraeus had not intended to publicly release classified information and that the information in question had not in fact been made public.

Yesterday, the Sterling attorneys also urged the court to dismiss the case against Sterling because they said that the government had failed to produce any direct evidence that he committed the crimes he is charged with.

“In this case, not even one witness was called with direct evidence of Mr. Sterling’s guilt on a single charge,” they wrote in another March 19 filing. “The Court can search the record with a fine tooth comb and find no evidence that beyond a reasonable doubt identifies Mr. Sterling as the source” for classified information that appeared in James Risen’s book State of War.

Government attorneys, citing precedent, argued this month that “a conviction may rely entirely on circumstantial evidence.”