Government prosecutors have been aggressively pursuing suspected leakers of classified information:

Reality Winner, accused of disclosing a document “information relating to the national defense” to a news outlet, changed her plea this week from “not guilty” to “guilty.”

Former FBI agent Terry J. Albury likewise pleaded guilty last April to unauthorized retention and disclosure of national defense information.

Former Senate Intelligence Committee security officer James A. Wolfe was indicted this month for allegedly lying to the FBI in the course of a leak investigation.

And also this month, Joshua Adam Schulte was indicted for allegedly disclosing national defense information to a certain “organization that purports to publicly disseminate classified, sensitive, and confidential information.”

But not every leak results in an official leak investigation. And not every leak investigation produces a suspect. Nor is every leak suspect prosecuted.

In its latest semi-annual report, the Office of the Intelligence Community Inspector General describes one recent case of an acknowledged leaker of classified information who was allowed to resign without prosecution.

The IC Inspector General “substantiated allegations that an ODNI cadre officer disclosed classified information without authorization, transmitted classified information via unauthorized means, and disclosed classified information to persons not authorized to receive it.”

“During a voluntary interview, the ODNI cadre officer admitted to transmitting classified information over unclassified (internet) email to recipients not authorized to receive classified national security information.”

But the matter was resolved outside of the criminal justice system.

“The U.S. Attorney’s Office for the Eastern District of Virginia declined prosecution. The officer, who was retirement eligible, retired before termination,” the IC IG report said.

No other details about the episode were disclosed. But the case illustrates that a variety of responses to leak incidents are available to the government short of criminal prosecution.

A House bill to authorize intelligence spending for FY 18 and 19 (HR 6237), introduced yesterday, would require expanded reporting to Congress on unauthorized disclosures of classified information.

Increasing transparency in intelligence may help to build public trust, as Director of National Intelligence Dan Coats said last month. But not all acts of transparency are likely to have that effect to the same degree, if at all.

Some of the most powerful trust-building actions, we suggested, involve “admissions against interest,” or voluntary acknowledgements of error, inadequacy or wrong-doing.

We should have noted that the Intelligence Community has already adopted this approach up to a point in connection with surveillance activity under Section 702 of the Foreign Intelligence Surveillance Act.

For example, a number of classified reports on (non-)compliance with Section 702 have been declassified and published by the Office of the Director of National Intelligence in lightly redacted form.

These and other official disclosures provided sufficient detail, for example, to enable preparation of “A History of FISA Section 702 Compliance Violations” by the Open Technology Institute at the New America Foundation.

Compliance issues are also addressed in opinions of the Foreign Intelligence Surveillance Court, many of which have now been partially declassified and published. An April 2017 FISC opinion posted by ODNI concerned a case of “significant non-compliance with the NSA’s minimization procedures.”

This uncommon transparency is notably focused on Section 702 which, important as it is, is only a slice of Intelligence Community activity. And some of the disclosures are not entirely voluntary as they follow from Freedom of Information Act litigation. (The IC Inspector General also intermittently publishes summaries of its own investigative work in semiannual reports.)

Nevertheless, the disclosures provide a proof of principle, and suggest how more could be done in other areas. Did these “admissions against interest” also build public trust? There are no known data to support such a conclusion. But at a minimum, they did serve to focus attention on actual, not speculative problem areas.

The revision and reissuance of Intelligence Community Directive 107 should help to institutionalize and expand the role of transparency in supporting intelligence oversight and public accountability.

DNI Coats said yesterday that he would “declassify as much as possible” concerning the controversial professional background of Gina Haspel, who has been nominated to be CIA Director.

Director of National Intelligence Dan Coats recently revised a 2012 Intelligence Community Directive (ICD) on “Civil Liberties and Privacy” to address transparency policy, and reissued it as “Civil Liberties, Privacy, and Transparency.”

The revised directive ICD 107 states that “the DNI is committed to protecting civil liberties and privacy and promoting greater public transparency, consistent with United States values and founding principles as a democratic society.”

ICD 107 now mandates “external engagements” with the public; it calls for use of “new technologies to make intelligence information. . . accessible to the public. . . with sufficient clarity and context so that it is readily understandable”; and it directs that IC agencies shall describe to the public “why certain information can and cannot be released.”

In a March 22 memorandum to agencies announcing the revised directive, DNI Coats said that “With the reissuance of ICD 107, we have firmly established transparency as a foundational element of securing public trust in our endeavors, alongside the protection of civil liberties and privacy.”

As indicators of recent progress in transparency, the DNI cited the relaunch of the Intelligence.gov website that provides information about IC agencies; a new historical declassification program that will review records concerning the 1968 Tet Offensive; and new details regarding oversight and use of Section 702 of the Foreign Intelligence Surveillance Act.

But while these are all commendable steps, they do not seem well calculated to achieve the goal of “securing public trust.”

Building trust requires more than public relations or even declassification of historical documents. Remarkably, dozens of breakthroughs in transparency during the Obama Administration did little to generate trust and were largely ignored and unappreciated.

Trust building depends on a willingness to be held accountable, and on responsiveness (not just unilateral gestures) to overseers and the public.

Transparency for trust-building should therefore stress what lawyers call “admissions against interest,” or disclosures that could risk placing the agency in an unfavorable light, at least initially, but that would build credibility over time. Such disclosures might include regular release of compliance reports regarding suspected deviations from law or policy, investigative reports or summaries from intelligence agency Inspectors General, and the like.

Public trust could also be strengthened positively by responsively adding value to public discourse. The intelligence community could help foster a constructive relationship with the public by routine publication of open source intelligence products, and by setting up an orderly process for responding to substantial public interest in topics of current intelligence importance or controversy (beyond Section 702).

A panel discussion on “Building and Sustaining Democratic Legitimacy” in intelligence was held last week as part of a symposium organized by the Intelligence Studies Project at the University of Texas at Austin.

Update: Some follow-on thoughts about steps that the Intelligence Community has already taken to increase transparency are here.

The Central Intelligence Agency said yesterday that it has the right to disclose classified information to selected journalists and then to withhold the same information from others under the Freedom of Information Act.

FOIA requester Adam Johnson had obtained CIA emails sent to various members of the press including some that were redacted as classified. How, he wondered, could the CIA give information to uncleared reporters — in this case Siobhan Gorman (then) of the Wall Street Journal, David Ignatius of the Washington Post, and Scott Shane of the New York Times — and yet refuse to give it to him? In an effort to discover the secret messages, he filed a FOIA lawsuit.

His question is a good one, said Chief Judge Colleen McMahon of the Southern District of New York in a court order last month. “The issue is whether the CIA waived its right to rely on otherwise applicable exemptions to FOIA disclosure by admittedly disclosing information selectively to one particular reporter [or three].”

“In this case, CIA voluntarily disclosed to outsiders information that it had a perfect right to keep private,” she wrote. “There is absolutely no statutory provision that authorizes limited disclosure of otherwise classified information to anyone, including ‘trusted reporters,’ for any purpose, including the protection of CIA sources and methods that might otherwise be outed. The fact that the reporters might not have printed what was disclosed to them has no logical or legal impact on the waiver analysis, because the only fact relevant to waiver analysis is: Did the CIA do something that worked a waiver of a right it otherwise had?”

Judge McMahon therefore ordered CIA to prepare a more rigorous justification of its legal position. It was filed by the government yesterday.

CIA argued that the court is wrong to think that limited, selective disclosures of classified information are prohibited or unauthorized by law. The National Security Act only requires protection of intelligence sources and methods from “unauthorized” disclosure, not from authorized disclosure. And because the disclosures at issue were actually intended to protect intelligence sources and methods, they were fully authorized, CIA said. “The CIA properly exercised its broad discretion to provide certain limited information to the three reporters.”

“The Court’s supposition that a limited disclosure of information to three journalists necessarily equates to a disclosure to the public at large is legally and factually mistaken,” the CIA response stated. “The record demonstrates beyond dispute that the classified and statutorily protected information withheld from the emails has not entered the public domain. For these reasons, the limited disclosures here did not effect any waiver of FOIA’s exemptions.”

A reply from plaintiff Adam Johnson is due March 1. (Prior coverage: Tech Dirt, Intel Today).

Selective disclosure of classified information to uncleared reporters is a more or less established practice that is recognized by Congress, which has required periodic reporting to Congress of such disclosures. See Disclosing Classified Info to the Press — With Permission, Secrecy News, January 4, 2017.

The nature of FOIA litigation is such that a lawsuit that was intended to challenge the practice of selective disclosure could, if unsuccessful, end up ratifying and reinforcing it.

Recent news stories on security clearances (like these from the Christian Science Monitor and NPR) cite data from 2015 regarding the number of persons cleared for access to classified information (4.2 million at that time).

Why aren’t more current numbers being cited?

More recent information has already been compiled in an annual report to Congress that was completed in October 2017. But its release to the public has been delayed indefinitely by an internal intelligence community dispute over the classification status or sensitivity of some of the more detailed reporting on individual agency statistics that are contained in the report.

In fact, the same detailed reporting was provided in the 2015 report and the same dispute over publication arose. But at that time, Obama Administration intelligence officials told security officers in effect to “knock it off” and to just release the report, which they did in June 2016.

The public disclosure of security clearance data was one of dozens of fundamental changes to national security information policy that were made during the Obama Administration to promote greater transparency. Although the annual report on security clearances was required by Congress (in the FY 10 intelligence authorization act), its public disclosure was a choice made by the Obama Administration. Now a different choice is being made.

A FOIA request for release of the latest report on security clearances is pending.

If Republicans on the House Intelligence Committee want to publicly release a classified memo that they prepared on alleged misconduct in the FBI, what could be wrong with that?

Quite a lot, actually. Even if the risks of disclosing classified information in this case are small (a point that is disputed), the selective disclosure of isolated claims is bound to produce a distorted view of events. The suppression of dissenting views held by Democratic members of the Committee only aggravates the distortion.

“Deliberately misleading by selectively declassifying is an established technique, and it is one that is both shady and dangerous,” said Sen. Sheldon Whitehouse (D-RI) on the Senate floor on Tuesday.

“This business of selectively cherry-picking things out of classified information to spread a false narrative has a very unpleasant echo for me because this is what the Bush administration was up to when it was trying to defend the torture program. They selectively declassified, for instance, that Abu Zubaydah had been the subject of what they called their enhanced interrogation techniques program and that he had produced important, actionable intelligence. What they did not declassify was that all the actionable intelligence he gave them had been provided before they started on the torture techniques.”

Sen. Whitehouse said that the practice resembled Soviet and Russian information warfare activities that were used “to poison the factual environment.”

“You start with the selective release of classified material that the public can’t get behind because the rest is classified, the false narrative that the ranking member has pointed out that that creates, the partisan and peculiar process for getting there, the ignoring of warnings from their own national security officials about how bad this is, the convenient whipping up of all of this in far-right media at the same time, the amplification of that actually by Russian bots and other sources, and the fact that this is all pointed, not coincidentally, at the agency and officials who are engaged in investigating the Trump White House and the Trump campaign, it is so appallingly obvious what the game is that is being played here.”

Meanwhile, Sen. Whitehouse said, Congress has taken no action to protect against foreign interference in U.S. elections.

“We are warned that a hostile foreign power is going to attack our 2018 election. Where is the legislation to defend against that? Where is the markup of the legislation? Where is the effort to do what needs to be done to defend our democracy? Here we are just a few months out from the election. We are 9 months out. Do I have the math right? It is 9 months between here and there. Nothing.”

Yesterday, the FBI put out a brief statement noting that “we have grave concerns about material omissions of fact that fundamentally impact the memo’s accuracy.”

But as far as is known, no similar concerns have been expressed by intelligence community leaders.

“It is stunning to me,” Sen. Whitehouse said, “that we have heard nothing–at least I have heard nothing– […] from our Director of National Intelligence, DNI Coats, and I have heard nothing from CIA Director Pompeo for–how long it has been?”

Yesterday, coincidentally, the Office of the Director of National Intelligence announced that DNI Coats had directed the declassification of classified intelligence records concerning the Tet Offensive launched by North Vietnamese forces in January 1968.

An ODNI posting said that it is part of a “New Transparency Effort To Share Historical Information of Current Relevance.”

Any declassification of historical information is welcome. But for all of its historical gravity, the Tet Offensive could hardly have less “current relevance.”

The new budget law that keeps the government open for the next three weeks includes a provision that would permit the transfer and spending of intelligence funds during that period without congressional authorization or approval.

“This language is troublesome for the [Senate intelligence] committee because it would authorize the intelligence community to spend funds ‘notwithstanding’ the law that requires prior authorization by the Senate Intelligence Committee or by the House Intelligence Committee,” said intelligence committee chairman Sen. Richard Burr on Monday.

“Effectively, the intelligence community could expend funds as it sees fit without an authorization bill in place.”

“Let me just say to my colleagues, a situation like this is untenable,” Sen. Burr said. “If you neuter the committee, you neuter our oversight.”

But efforts by Senator Burr and committee vice chairman Senator Mark Warner to modify the provision were blocked by Appropriations Committee chairman Sen. Thad Cochran. He said the controversial language “is included exactly as requested by the administration” and with his support the budget measure was enacted into law.

The provision was first reported last week by Ryan Grim in The Intercept.

The override of normal oversight requirements was requested by the Office of Management and Budget at the urging of the Pentagon, the Washington Examinerreported. See “Provision in shutdown-ending bill stokes fear of oversight-free intelligence spending” by Steven Nelson, January 23, 2018,

An unnamed congressional staffer told the paper that the change mainly pertains to missile defense funds and “does not give the intelligence community a blank check at all.” The staffer also contended that it does not materially affect the role of the intelligence committees.

But the chairman and vice chairman disagree.

“For the next 3 weeks we will have an inability to exercise, in our estimation, the tools that we might need,” Senator Burr said.

Director of National Intelligence Daniel R. Coats last month issued a newly revised directive that details intelligence community procedures for dealing with leaks of classified information. See Unauthorized Disclosures of Classified National Security Information, Intelligence Community Directive 701, December 22, 2017.

The directive formalizes several notable developments in intelligence policy regarding leaks:

*    It presents an expansive definition of an unauthorized disclosure that includes not simply disclosure but also the “confirmation” or “acknowledgement” of classified information to an unauthorized person.

*    It mandates the use of “audits and systems monitoring” in order “to detect and attribute attempts to bypass or defeat security safeguards.”

*    It specifies that polygraph examinations used by intelligence agencies shall “address the issue of unauthorized disclosures of classified information” as part of the security vetting process.

*    It notes that the DNI may prohibit the IC Inspector General from investigating a leak, pursuant to 50 USC 3033(f), “if the Director determines that such prohibition is necessary to protect vital national security interests of the United States.” The DNI is obliged to notify the congressional intelligence committees if he ever exercises this authority.

The new directive defines a hierarchy of unauthorized disclosures based on their severity and the feasibility of investigating and prosecuting them. “This process is designed to identify which incidents can be closed without further review, which call for an internal investigation, and which should be referred [to the Department of Justice] with a request for a criminal investigation.”

The directive updates and expands the provisions of a prior version that was issued in 2007 by then-DNI Mike McConnell.

Excessive compartmentalization of intelligence can be counteracted by the use of “portfolios” of compartmented programs, according to new intelligence community guidance.

Undue secrecy in intelligence is not only a barrier to external oversight and public accountability. It can also be an obstacle to effective mission performance. That is fortunate in a way since it provides a reason for officials to reconsider classification policy and an incentive for them to curtail unnecessary secrecy.

Director of National Intelligence Daniel R. Coats, who has kept a comparatively low public profile lately, surfaced last month to issue new guidance that is intended in part as a way to curb internal IC secrecy.

The guidance discusses the creation and management of intelligence “portfolios.” This term refers to a collection of classified programs that overlap in some way and that are bundled together to facilitate information sharing and collaboration.

“Establishment of a Portfolio may be required in order to achieve unity of effort and effect against the highest priority requirements or when compartmentalization hinders or prevents access to information necessary for intelligence integration,” according to the new guidance. The practice has no bearing on public disclosure of intelligence information.

All portfolio personnel are to be “indoctrinated” (i.e. granted access) to all portfolio programs, in what amounts to a reversal of the compartmentalization process. See Intelligence Community Portfolio Management, Intelligence Community Policy Guidance 906.1, December 15, 2017.

The portfolio concept was previously defined in the 2015 Intelligence Community Directive 906.

The Office of the Director of National Intelligence will convene a day-long “Intelligence Community Civil Liberties, Privacy and Transparency Summit” for IC employees on January 24.

We were sad to learn that intelligence historian Jeffrey T. Richelson passed away last weekend.

Richelson was one of a small number of pioneers of a new genre of public interest research focused on national security and intelligence. He advanced the boundaries of public knowledge and understanding of the far-flung national security apparatus through his writing based on official documents, carefully read and digested.

Richelson’s book The US Intelligence Community, published last year in its 7th edition, is so richly detailed as to be hard to read– but enormously valuable as a reference. Other works among the entire shelf of books and articles that he authored, such as Spying on the Bomb on the history of nuclear weapons-related espionage, displayed his story-telling gifts more engagingly.

Richelson had a resolutely independent, almost contrarian streak. In the 1990s when it was becoming conventional wisdom to say that the Central Intelligence Agency failed to anticipate the collapse of the Soviet Union, Richelson wrote an article in The National Interest called “The CIA Vindicated” (with Bruce Berkowitz) in which he argued that the opposite was the case.

Not least important, he was a kind and decent person and a generous colleague.

Jeff Richelson was remembered by the National Security Archive here.

What constitutes an act of war in the cyber domain?

It’s a question that officials have wrestled with for some time without being able to provide a clear-cut answer.

But in newly-published responses to questions from the Senate Armed Services Committee, the Pentagon ventured last year that “The determination of what constitutes an ‘act of war’ in or out of cyberspace, would be made on a case-by-case and fact-specific basis by the President.”

“Specifically,” wrote then-Undersecretary of Defense (Intelligence) Marcel Lettre, “cyber attacks that proximately result in a significant loss of life, injury, destruction of critical infrastructure, or serious economic impact should be closely assessed as to whether or not they would be considered an unlawful attack or an ‘act of war.'”

Notably absent from this description is election-tampering or information operations designed to disrupt the electoral process or manipulate public discourse.

Accordingly, Mr. Lettre declared last year that “As of this point, we have not assessed that any particular cyber activity [against] us has constituted an act of war.”

See Cybersecurity, Encryption and United States National Security Matters, Senate Armed Services Committee, September 13, 2016 (published September 2017), at p. 85.

See related comments from Joint Chiefs Chairman Gen. Joseph Dunford in U.S. National Security Challenges and Ongoing Military Operations, Senate Armed Services Committee, September 22, 2016 (published September 2017), at pp. 56-57.

In January 2017, outgoing Obama DHS Secretary Jeh Johnson for the first time designated the U.S. election system as critical infrastructure. “Given the vital role elections play in this country, it is clear that certain systems and assets of election infrastructure meet the definition of critical infrastructure, in fact and in law,” he wrote. It follows that an attack on the electoral process could now be considered an attack on critical infrastructure and, potentially, an act of war.

“Russia engaged in acts of war against America, not with bullets and bombs, but through a modern form of warfare, a cyberattack on our democracy,” opined Allan Lichtman, a history professor at American University, in a letter published in the latest issue of the New York Review of Books.

Not so fast, replied Noah Feldman and Jacob Weisberg: “The US is not now in a legal state of war with Russia despite that country’s attempts to affect the 2016 election.”

The current issue of the US Army’s Military Intelligence Professional Bulletin (Oct-Dec 2017) includes an article on Recommendations for Intelligence Staffs Concerning Russian New Generation Warfare by MAJ Charles K. Bartles (at pp. 10-17).

Changes in classification practices at the National Geospatial-Intelligence Agency (NGA) are expected to yield improvements in the quality of national security classification decisions and to lead to reductions in classification at NGA as well as other defense and intelligence agencies.

The most important innovation adopted by NGA is a requirement for a written justification for why each item of classified information needs to be protected, as well as how the information could be paraphrased or discussed in an unclassified manner.

NGA said it has prepared a new classification guide that includes three types of “enhancement statements” for each classification decision:

*    The “Value” statement explains why the information is being protected.

*    The “Damage” statement describes the potential impact to national security should an unauthorized disclosure occur.

*    The “Unclassified” statement outlines how a user can address the classified line item in an unclassified manner.

Notably, none of this explanatory information is required by the current executive order on classification. The order requires classifiers to be “able to” explain their classification decisions, but not to actually do so.

By contrast, the NGA formula is likely to promote a more thoughtful and limited approach to classifying national security information, said Mark Bradley, director of the Information Security Oversight Office (ISOO).

“Including an unclassified paraphrase is especially useful for helping derivative classifiers understand how it may be possible to use the information in an unclassified context,” said Mr. Bradley. “That alone can certainly move the needle towards reducing overclassification.”

NGA said that as of June 2017 it had produced enhancement statements for 292 classified line items in its new consolidated security classification guide.

The new NGA policy was described in the Agency’s report to ISOO on the recently-completed Fundamental Classification Guidance Review. A copy of the report was obtained from NGA under the Freedom of Information Act.

*    *    *

Why would NGA voluntarily impose new requirements on its own classifiers beyond what the executive order mandates?

There are several factors at work. Of all U.S. intelligence agencies, “NGA has  a greater mission need to work more and more in an unclassified environment,” said Mr. Bradley. “This need is playing a central role in driving their new approach.”

Furthermore, under NGA director Robert Cardillo, “NGA’s leadership supports innovation. They realized that their classification guide process was too ‘old school’,” he said.

More specifically, “NGA took DNI Clapper’s [March 2016] memo on the FCGR process to heart.” (See “DNI Clapper Embraces Review of Secrecy System,” Secrecy News, April 6, 2016). And Mr. Bradley cited a visit to the NGA Director by the Public Interest Declassification Board, which he said also provided a useful impetus.

Overall, “the changes we are seeing at NGA are arcing more towards sharing than protecting. That could help shift the paradigm away from excessive secrecy and over-classification,” Mr. Bradley said.

The Agency itself declared that “NGA is leading the DoD and IC [Intelligence Community] in classification management transformation.”

NGA said that its use of enhancement statements to improve classification guides will soon be adopted throughout the Department of Defense, including all DoD intelligence agencies and military services, in a forthcoming revision of DoD manual 5200.45 on classification guidance.

But Mr. Bradley cautioned that “NGA’s model may not be all that easy to adapt to the rest of the IC.”

“NGA has a comparatively limited and well-defined mission with a significant need to share its information. Agencies most likely to benefit from NGA’s model probably include NRO and maybe NSA, [which are] IC agencies with similarly clearly-defined responsibilities and advanced existing classification management infrastructures already in place.”

On the other hand, “I suspect that applying NGA’s model to CIA, DIA, and the military intelligence services would be more challenging because of their decentralized management structures and technical limitations. And, of course, one would be silly to ignore the always-present institutional resistance to wholesale change,” Mr. Bradley said.

Although NGA’s new approach is mission-driven, it should have positive repercussions for public access to agency information by “enabling greater transparency and information sharing.” The new NGA classification guidance provides “better identification and protection of the truly important information — higher walls around fewer secrets,” NGA said.

NGA’s activity in this area is “extremely impressive, groundbreaking work,” said the Office of the Director of National Intelligence, in feedback quoted by NGA. “Clearly, [it is] a possible example or model for how to achieve transformation, for the IC and nationally.”

The new NGA approach evolved from the second Fundamental Classification Guidance Review in 2016-2017 that was required by the 2009 executive order 13526. That Review process has served to streamline and update classification requirements government-wide.

In recent years there have been signs of a more focused and disciplined approach to classification in several corners of the national security bureaucracy. The volume of new national security secrets tabulated by agencies in each of the past three years is lower than ever previously reported by the Information Security Oversight Office.