Last month, in the final days of his Administration, President Trump moved to renew the “national emergency” along the US-Mexico border that he had declared in 2019.

“The ongoing border security and humanitarian crisis at the southern border of the United States continues to threaten our national security, including by exacerbating the effect of the pandemic caused by COVID–19,” he told Congress on January 15.

On his first day in office, President Biden terminated that emergency, which he said had been a mistake all along.

“I have determined that the declaration of a national emergency at our southern border was unwarranted. I have also announced that it shall be the policy of my Administration that no more American taxpayer dollars be diverted to construct a border wall, and that I am directing a careful review of all resources appropriated or redirected to that end,” he wrote on February 10.

But President Biden declared a new national emergency arising from the February 1 military coup in Burma. The situation in that country poses an “unusual and extraordinary threat to the national security and foreign policy of the United States,” he said.

Biden also renewed a 2011 declaration of national emergency concerning Libya. “We need to protect against the diversion of assets or other abuse by persons hindering Libyan national reconciliation,” he wrote on February 11.

There are 38 “national emergencies” currently in effect. They typically entail blocking property and restrictions on financial activity of targeted persons. The history and scope of such emergencies were discussed by the Congressional Research Service in a report that was updated this week. See National Emergency Powers, February 16, 2021.

Although climate change is an emerging challenge and threat, it would be a mistake for the President to declare it this kind of a “national emergency,” argued Elizabeth Goitein of the Brennan Center. See “Declaring climate change an ’emergency’ won’t help Biden fight it,” Washington Post, January 29. See also “Why President Biden Should Not Declare a Climate Emergency” by Soren Dayton and Kristy Parker, Just Security, February 10, 2021.

The Department of Defense is authorized to use unmanned aircraft systems within U.S. airspace for more than a dozen different types of operations, from search and rescue to counterintelligence.

These domestic missions, and the official guidance or legal authority behind each of them, were tabulated in a newly updated manual on military support to civilian authorities.

See Appendix 1, Table 1 in Multi-Service Tactics, Techniques, and Procedures for Defense Support of Civil Authorities (DSCA), ATP 3-28.1, February 11, 2021.

Overall guidance on domestic use of DoD drones was provided in a 2018 memorandum issued by then-Secretary of Defense James N. Mattis that is still in effect.

“The primary purpose, and large majority, of DoD domestic UAS operations is for DoD forces to gain realistic training experience, test equipment and tactics in preparation for potential overseas warfighting missions,” according to a cursory DoD website on the subject.

The traditional system for granting or denying security clearances for access to classified information is undergoing a significant overhaul as it transitions into what is called Trusted Workforce 2.0.

Among other changes, Trusted Workforce 2.0 will ultimately phase out the painstaking periodic reinvestigations of cleared personnel in favor of “continuous evaluation” or “continuous vetting.” This relies mainly on regular, automated record checks of law enforcement and other records to identify problematic behavior that requires attention and mitigation.

The transition is well underway.

“Executive branch agencies have enrolled more than two million individuals, nearly half the total cleared population, in continuous vetting capabilities,” according to the final Trump Administration quarterly report on clearance reform issues. See Security Clearance, Suitability/Fitness, and Credentialing Reform, ODNI, DoD, and OMB, January 2021.

On January 13, 2021 ODNI and the Office of Personnel Management issued a Federal Personnel Vetting Core Doctrine for public comment. It is intended “to guide transformative efforts to reform the U.S. Government personnel security vetting processes [in order] to promote mobility, improve efficiencies and move towards an enhanced risk management approach.”

*    *    *

Meanwhile, the procedures for challenging the denial or revocation of a security clearance could be enhanced through an initiative taken late in the Trump Administration by then-Undersecretary of Defense Ezra A. Cohen.

His January 14, 2021 memorandum would bring all Department of Defense civilian, military and contractor clearance disputes under the umbrella of the Defense Office of Hearings and Appeals (DOHA), providing increased due process to those who are denied a clearance. Unlike current practice, the DOHA due process rights would also extend to contested DoD intelligence clearances for access to sensitive compartmented information.

The move was hailed by attorney Mark S. Zaid, who said it will help thousands of people.

“I cannot speak highly enough of what was accomplished,” he said on Twitter. “DOHA is [the] gold standard of clearance due process. Their hearing process features experienced administrative judges, lawyers on both sides, witnesses, cross-examination, access to evidence, submission of exhibits, and opening and closing statements; all aimed at getting to truth,” said Mr. Zaid, who also represents Mr. Cohen on other matters.

Last year, DOHA conducted 3,248 legal reviews of security clearance cases, said DOHA director Peregrine Russell-Hunter at a recent meeting of the NISPPAC industrial security advisory group. The new DoD policy, which would add to DOHA’s workload, is to take effect by September 2022 unless it is rescinded or modified by the Biden Administration.

Ezra Cohen, a figure of some controversy who was brought into the Trump National Security Council by disgraced national security advisor Michael Flynn, was appointed by President Trump on December 22, 2020 to serve as the new Chair of the Public Interest Declassification Board. The Board advises the White House on classification and declassification policies.

*    *    *

The number of people holding security clearances making them eligible for access to classified information in Fiscal Year 2019 was 4,243,937, according to the latest annual report to Congress on the subject from the Office of the Director of National Intelligence (ODNI).

The 2019 figure represents a 4.2 percent increase over the previous year. The total number of clearances is about the same as it was a decade ago, but well below the reported peak of 5.1 million cleared persons in FY 2013.

The number of security clearance approvals in 2019 — including both new clearances and renewals — increased by a solid 44 percent over the year before. About two-thirds of the cleared personnel were actually granted access to classified information, while the rest remained eligible for possible future access.

See Fiscal Year 2019 Annual Report on Security Clearance Determinations, ODNI, April 2020, released last month under the Freedom of Information Act.

*    *    *

While disclosing the number of clearances, ODNI redacted other information in the report such as the composition of the cleared workforce (government employees vs contractors), the distribution of clearance levels, and the percentage number of denials and revocations of clearances.

According to the January 26, 2021 transmittal letter (appended to the report), the redacted information was withheld pursuant to the statute “which protects information pertaining to intelligence sources and methods.”

This makes no sense, and it could simply be a mistake. The report is not primarily about the intelligence community. It profiles the entire government and contractor clearance system, including cleared non-intelligence agency personnel. Intelligence sources and methods are not implicated in the government-wide data summaries that were redacted. (The report does contain some IC-specific data that were likewise redacted, though this is also not “source or method” information.)

Alternatively, this might be a case where the FOIA exemption for intelligence sources and methods is being expanded and exploited beyond its legitimate boundaries. That is a longstanding and recurring form of abuse, and fixing it is something that remains to be accomplished.

The Moynihan Commission described the issue in its 1997 report (Chapter 1, p. 8, emphasis added):

“One persistent problem in this context has been the intermingling of secrecy used to protect carefully defined national interests with secrecy used primarily to enhance such political or bureaucratic power. This creates the potential that some officials, welcoming insulation from outside scrutiny, will seek means to develop and maintain secrecy beyond what is authorized in a statute or regulation. (An example is when sources and methods protection under the National Security Act is used to deny access to information that does not reveal a particular intelligence source or method.)”

Further (Chapter 2, p. 23):

“[N]either the National Security Act nor any of the relevant executive orders has defined what constitutes a ‘source’ or a ‘method,’ and the use of these provisions has been the subject of frequent criticism. Protection of sources and methods has been used to justify the classification of a range of information sometimes only indirectly related to a specific source or method.”

The problem described by the Moynihan Commission is neatly demonstrated by the ODNI redaction of the security clearance report. This and similar actions could help draw new attention to the need to clearly define and limit the meaning of “intelligence sources and methods.”

We appealed the partial denial and asked ODNI to reconsider the redactions.

(Update, October 2021: ODNI granted the appeal in part and released the report with the numbers of government employees and contractors intact.)

“In a democracy, the public deserves as much transparency as possible regarding the work of our national security institutions, consistent with legitimate needs to protect sources and methods and sensitive foreign relationships,” according to a memorandum issued by President Biden on February 4.

“The revitalization of our national security and foreign policy workforce requires a recommitment to the highest standards of transparency,” the President wrote.

See Revitalizing America’s Foreign Policy and National Security Workforce, Institutions, and Partnerships, National Security Memorandum, February 4, 2021.

The memorandum presents a set of principles to guide the conduct and operation of the whole national security apparatus with a particular focus on “strengthening the national security workforce.”

The President notably envisions increased engagement with public interest organizations, among others.

“It is the policy of my Administration to advance its national security and foreign policy goals by harnessing the ideas, perspectives, support, and contributions of a diverse array of partners, such as State and local governments, academic and research institutions, the private sector, nongovernmental organizations, and civil society.”

The memorandum also calls for “a foreign policy for the middle class.”

“Our work abroad is — and always will be — tethered to our needs at home. I have committed to the American people that my Administration will prioritize policies abroad that help Americans to succeed in the global economy and ensure that everyone shares in the success of our country here at home.”

*    *    *

Despite the previous issuance of “National Security Directive 1” on January 21, the national security directives of the Biden Administration are to be known as National Security Memoranda (NSMs). (Update: National Security Directive 1 was subsequently redesignated as National Security Memorandum 1.)

The President made the new designation in National Security Memorandum (NSM) 2 on Renewing the National Security Council System, February 4.

“This document is one in a series of National Security Memoranda that, along with National Security Study Memoranda, shall replace National Security Presidential Memoranda and Space Policy Directives [of the Trump Administration] as instruments for communicating Presidential decisions about national security policies of the United States,” the NSM states.

NSM-2 defines the organization of the National Security Council in the Biden Administration. So, for example, the prior system of NSC Policy Coordination Committees will be replaced by a new system of Interagency Policy Committees.

“The Biden NSC structure will reflect the cross-cutting nature of our most critical national challenges by more regularly integrating cabinet officials from domestically-focused agencies into national security decision-making,” according to a White House statement.

“President Biden has also made clear that his National Security Council will bring professionalism, respect, transparency, inclusivity, collaboration, collegiality, and accountability to its work. Above all, the Biden administration will respect the rule of law and act consistently with our values,” the statement said.

There will of course be many opportunities to test that vision.

The declassification process has been overwhelmed by the flood of classified records awaiting review, said Sen. Ron Wyden last week. “I intend to push the Director of National Intelligence to fix a broken declassification system,” he said.

One highly effective way to begin fixing the declassification system would be to set a maximum period of time that information can remain classified. This maximum lifetime for classification is sometimes referred to as a “drop dead” date.

Records that reach the drop dead date would not require review and they would not even need to be declassified in any formal way. Their prior classification status would simply lapse without any further processing.

This approach was favored by the Information Security Oversight Office (ISOO) during the Clinton Administration.

“We’re looking at the idea of a ‘drop dead’ date — [meaning that] anything that is x number of years old is declassified,” the late Steven Garfinkel said in a 1992 interview, when he was ISOO director. But “x” is “going to be a lot longer than twenty years,” he said then.

How long should it be? Mr. Garfinkel thought that a forty year duration for classification would be the optimal period for maximizing declassification while minimizing risk.

“When we looked at material that was 40 years old or older, we were ending up declassifying just about every bit of it, far more than 99 percent of it,” Mr. Garfinkel told a Defense Department advisory panel in 1996. In fact, he recalled, the first draft of the Clinton executive order actually “had a 40-year drop dead date.”

But under pressure from openness advocates (including myself), who argued that 40 years was too long to wait, the final Clinton executive order instead adopted a 25 year period for “automatic declassification.” Unfortunately, however, in doing so it also provided nine exemptions from declassification. This negated the concept of a drop dead date. It entailed painstaking review by agencies to locate and redact exempted information. The resulting declassification process was anything but “automatic” — as Steve Garfinkel had anticipated.

But the idea of a drop dead date is still a good one that has many positive features.

It would put a temporal boundary on the classification system. It would complement current efforts to prioritize the declassification of documents that are in high public demand by ensuring that all other documents will also ultimately be declassified. It would terminate the spiral of repeated reviews of the same partially redacted documents. And it would relieve agencies of a massive bureaucratic burden — at literally no cost — that will be difficult or impossible to overcome in any other practical way.

Arguably, a drop dead date is already implicit in current policy. Executive Order 13526 (sect. 1.5d) states that “No information may remain classified indefinitely.” All that is needed is to act on that established principle and to set a definite limit on the duration of classification.

A drop dead date for classification would not solve all declassification problems, even for the oldest classified documents. Information concerning nuclear weapons that is still classified under the Atomic Energy Act cannot be declassified by fiat, no matter how old it is. Certain classified information that is controlled by international agreement or treaty would also have to be protected regardless of its age. But these represent a small fraction of the massive accumulation of old records awaiting declassification.

It is possible to imagine a document that is 40 or more years old that nevertheless poses some kind of articulable national security threat. If this proved to be a real concern, then some allowance for the rare exception to the drop dead date could be made. But considering that current US government information systems have been widely penetrated by foreign actors, any residual threat from applying a drop dead date to half-century old documents could reasonably be deemed tolerable — especially if it helped agencies to finally overcome their declassification backlogs.

“I agree that current policies, practices, and technologies cannot keep pace with the amount of classified information generated each year,” said Avril D. Haines, the new Director of National Intelligence, last week in response to pre-confirmation questions from the Senate Intelligence Committee.

“I look forward to examining these challenges and identifying what changes may be warranted,” she said.

Update: National Security Directive 1 was redesignated as National Security Memorandum 1.

Amid the whirlwind of White House activity following inauguration last week, President Biden issued his first presidential directive on national security to designate pandemic response as a priority.

“My Administration will treat epidemic and pandemic preparedness, health security, and global health as top national security priorities, and will work with other nations to combat COVID-19 and seek to create a world that is safe and secure from biological threats,” the President wrote.

See National Security Directive 1, January 21, 2021.

National security directives are instruments of presidential authority that are used to define national policy objectives and to mobilize the government to address them. They are not published in the Federal Register nor are they consistently provided to Congress. Sometimes they are posted on the White House website, but about as often as not they are classified and are not disclosed until years later.

Presidents since Harry Truman have issued such directives under different names. Under Reagan they were called National Security Decision Directives (NSDDs). Under Obama they were known as Presidential Policy Directives (PPDs). And so on.

President Biden’s adoption of the term “National Security Directives” (NSDs) may cause some small confusion, since that is the same name used for President George H.W. Bush’s directives, some of which are still in effect. So in the future it may be necessary to cite the NSD number as well as the title or date to avoid misunderstanding. [Update: Following the issuance of NSD-1, the Biden Administration designated its national security directives as National Security Memoranda.]

Meanwhile, President Trump issued his own last (known) National Security Presidential Memorandum (NSPM) on January 14. NSPM-33 addresses the security of US Government-funded research and development “against foreign government interference and exploitation.” It appears to be aimed mainly at China and involves increased screening of foreign scientists, expanded disclosure of financial relationships, and other steps. It is not known whether the new Administration will preserve, rescind, or modify the Trump directive.

The fact that this was the thirty-third such directive means that around one third of the national security directives (NSPMs) issued by President Trump have not been been publicly identified to date, either because they are classified or because they have otherwise been withheld from public release.

In a bureaucratic bombshell, Director of National Intelligence John Ratcliffe has asked the White House to rescind a ten-year-old executive order that required a uniform policy for marking and handling “controlled unclassified information” (CUI).

CUI refers to information that while unclassified is nevertheless restricted by law or policy from broad distribution. It includes more than 100 distinct categories of unclassified information ranging from export controlled data to privacy information to information systems vulnerability and much more.

In order to facilitate both the appropriate protection and the authorized sharing of such diverse information, Executive Order 13556 was issued in 2010 to develop a comprehensive system of CUI practices that would replace the dozens of different, incompatible controls on unclassified information that have proliferated over time.

It is just now starting to take effect. Executive branch agencies are required to issue their implementation plans for CUI policy by December 31 — two weeks from now — according to the Information Security Oversight Office, the executive agent for CUI.

But DNI Ratcliffe did not request an extension of time to achieve compliance, as he might ordinarily have done. Nor did he seek an exemption for intelligence agencies from the overall policy. Nor did he suggest another approach to address the persistent problem of identifying, sharing and protecting CUI whose broad contours have long been recognized, including by President Bush in 2008.

Instead, he asked the White House to completely nullify more than ten years of government-wide policy development in this area and to cancel its application to all government agencies both inside and outside of the intelligence community.

“Given the complexity of the program, I believe that the full rescission of E.O. 13556 is the only viable alternative,” he wrote in a December 4 memo to the National Security Advisor.

This is a breathtaking move, given its timing and considering that the executive order has been fully embraced by most other agencies. The Department of Defense, where much of the intelligence community is housed, issued a directive last March (DoD Instruction 5200.48) to implement CUI policy throughout the Department.

“Although its clear mandate was to simplify the unclassified markings system and sharing rules, the resulting CUI program is exponentially more complex than the classification system,” DNI Ratcliffe wrote.

But this is a non sequitur, since the classification system deals exclusively with national security information. In contrast, CUI encompasses many unrelated domains including taxpayer data, health records, nuclear safeguards, law enforcement information, and various other categories established in statute. And CUI involves every government agency. Within the intelligence community, CUI pertains to certain geospatial data, operations security information, financial records obtained for counterintelligence purposes, and other items.

So it was always clear that CUI policy would be more complex and far-reaching than national security secrecy. Its detailed particularity follows from the need to make it as precise and limited in its application as possible.

But “The complexity and lack of clarity within the CUI Program has stymied uniform implementation policy within the IC,” the DNI said. “I cannot justify the continued investment in time and resources required for CUI implementation in the IC.”

The Information Security Oversight Office said in its most recent (2019) annual report to the President that it was “working with the Office of the Director of National Intelligence to address CUI implementation issues that are unique to the Intelligence Community.” Still, the Ratcliffe memo said “our concerns remain unaddressed.”

The White House response to the DNI’s request is thus far unknown. The Office of the DNI declined to comment on the record. Mark Bradley, director of the Information Security Oversight Office, said that CUI “plays a vital role in the twilight realm between classified and unclassified information.” He said that current program deadlines remain in effect.

According to an ISOO Notice last May, “”Most agencies project full [CUI] program implementation by the end of the third quarter of FY 2021.” So cancellation of the policy at this late date, without a well-defined strategy to replace it, would be disruptive to say the least, likely including adverse impacts on information security.

DNI Ratcliffe’s “strong opposition” to US Government policy on CUI together with his inability to formulate an acceptable alternate approach may, however, serve to elevate information policy as a priority for the Biden Administration.

DNI Ratcliffe’s memo was marked FOUO, For Official Use Only.

The procedural steps leading up to inauguration of the next President on January 20, 2021 are described in a recent Congressional Research Service publication. See The Electoral College: A 2020 Presidential Election Timeline, CRS In Focus, October 22, 2020.

An updated CRS report describes the joint session of Congress at which electoral votes are certified and counted. See Counting Electoral Votes: An Overview of Procedures at the Joint Session, Including Objections by Members of Congress, December 8, 2020.

Having survived a Pentagon attempt to terminate it, the JASON panel that performs independent technical assessments for government agencies now seems set for a period of relative stability.

Last year Mike Griffin, then-Under Secretary of Defense (Research and Engineering), abruptly refused to renew his Office’s sponsorship of the JASONs, and the panel was temporarily taken over by the National Nuclear Security Administration under then-Administrator Lisa Gordon-Hagerty.

In response, Congress directed the Department of Defense to engage the JASONs “on an ongoing basis, on matters involving science, technology, and national security, including methods to defeat existential and technologically-amplified threats to national security.”

Despite that clear directive, DoD requested no funding at all for the JASONs in the current fiscal year. So the House added $3 million to cover overhead costs for the JASONs and the money was in fact authorized in the pending defense authorization act for fiscal year 2021 that is expected to pass this week.

The Department of Defense recently indicated that it would solicit competitive bids for administrative and management support to the JASONs, which is currently provided by the MITRE Corporation. (“Pentagon’s Advisory Group, JASON, Survives Another Competition,” by Robert Levinson, Bloomberg Government, December 1).

The demand for the sort of independent evaluations that the JASONs produce is limited. Unlike many other government advisory panels, the JASONs insist on selecting their own members. That means that their studies cannot be skewed by appointing political allies or persons of dubious qualifications, as the Trump Administration has done lately with the Defense Business Board. Their expertise and independence does not guarantee that they will be right or effective, but the JASONs offer a kind of integrity that is increasingly absent from other such panels.

The majority of JASON products are classified or otherwise restricted from public release. One recent unclassified report that was done by the JASONs for the Census Bureau discussed ways to employ secure computation technologies to increase the usage and the utility of datasets held by the Bureau. See Secure Computation for Business Data, November 23, 2020.

Another recent report offered suggestions to the National Science Foundation on how to mitigate the effects of large constellations of orbiting satellites on ground-based astronomical observations. See Impacts of Large Satellite Constellations on Optical Astronomy, September 10, 2020.

These and other JASON reports are moderately dense and technical and may not attract a large audience. But interested readers will often find them stimulating and informative.

After failing to publicly disclose its proposed legislative agenda, the Department of Defense will soon be required to do so.

Each year DoD generates proposals for legislative actions that it would like to see incorporated in the coming year’s national defense authorization act. These may include tweaks to existing statutes, requests for relief from reporting requirements, or something more ambitious.

It used to be the case — until two years ago — that those legislative proposals were routinely posted on the website of the DoD Office of Legislative Counsel where they could be publicly examined and evaluated. Then, without explanation, DoD stopped posting them.

Last spring, one of DoD’s more far-reaching but publicly undisclosed proposals sought to rescind a requirement to produce an unclassified version of the Future Years Defense Program budget document. (Secrecy News, 03/30/20),

That proposal was not adopted in the House-Senate conference version of the FY2021 defense authorization act (HR 6395).

But Congress did adopt a provision (sec. 1059) crafted by Reps. Katie Porter and Jackie Speier that will now require DoD to publish its legislative proposals online within 21 days of their transmission to Congress.

*    *    *

Last month, the Departments of Energy and Defense denied a request from the Federation of American Scientists to disclose the current size of the U.S. nuclear arsenal and the number of warheads that have been dismantled. Such information had previously been declassified and published by the executive branch each year through 2017. But for now it remains classified. See “Trump Administration Again Refuses To Disclose Nuclear Weapons Stockpile Size” by Hans Kristensen, FAS Strategic Security, December 3.

Classified records that turn 25 years old this year will be automatically declassified on December 31 — despite requests from agencies to extend the deadline due to the pandemic — unless the records are reviewed and specifically found to be subject to an authorized exemption.

Mark A. Bradley, the director of the Information Security Oversight Office, notified executive branch agencies last week that there is no basis in law or policy for deferring the automatic declassification deadline.

“Several agencies have expressed concerns that, due to diminished operational capacity and capability, they would likely be unable to complete declassification reviews of their 25-year old classified permanent records before the onset of automatic declassification on December 31, 2020. These agencies have requested some form of relief, such as a declassification delay or waiver,” Mr. Bradley said in his November 20 letter.

But the executive order that governs declassification and the implementing regulations “do not permit the declassification delays or waivers requested in this instance,” he wrote.

Mr. Bradley advised agencies “to adopt a risk-based approach and prioritize the review of their most sensitive records” in order to identify the most important information that might be exempt from automatic declassification.

But the fact remains that any “Originating agency information in 25-year old permanent records that are not reviewed prior to December 31, 2020 will be automatically declassified,” he wrote.

Mr. Bradley’s letter emphasized that automatic declassification applies only to information in records held by the originating agency, but not to information that originated with other agencies. Such other agency “equity” information is supposed to be referred to those agencies for their subsequent review.

Yet although the letter does not mention it, under the terms of the executive order (sec. 3.3d(3)) the identification of information generated by another agency is also supposed to be completed in advance of the December 31 deadline. It is unclear whether an agency’s failure to identify information for referral to other agencies prior to the deadline would nullify the referral and eliminate the opportunity for subsequent review.

While records that have been automatically declassified can in principle be reclassified, that is easier said than done. Though automatic declassification can be performed in bulk, reclassification is only permitted on a document by document basis, requiring in each case a written justification by the agency head.

Last week, the State Department announced the publication of the latest volume of the Foreign Relations of the United States series documenting the Iran hostage crisis of 1979-80.

Few if any of the newly published records were subject to automatic declassification. Instead, “The declassification review of this volume . . . began in 2010 and was completed in 2018,” the editors wrote.

On November 8 Donald J. Trump Jr., the President’s oldest son, tweeted: “DECLASSIFY EVERYTHING!!!” adding “We can’t let the bad actors get away with it.”

This was not an actual policy proposal and it was not seriously intended for classification officials or even for Trump’s own father, who as President is the one ultimately responsible for classification policy.

Rather, it was directed at Trump Jr.’s 6.4 million Twitter followers, telling them that classification is a corrupt process that protects “bad actors” and that must therefore be discredited and dismantled. It’s a juvenile notion but not, given the size and malleability of Trump’s audience, an inconsequential one.

To the extent that national security classification is in fact required, for example, to protect advanced military technologies, the conduct of diplomacy or the collection of intelligence, it is important to establish and maintain the legitimacy of classification policy. For the same reason, abuse of classification authority can itself be a threat to national security.

The current executive order on classification policy (sect. 1.7a(1)) directs that “in no case shall information be classified . . . in order to conceal violations of law.”

But this is merely a limitation on the classifier’s mental state — which is unverifiable — and not on classification itself. It is entirely permissible for classified information to conceal violations of law, according to a judicial interpretation of the executive order, as long as the information is not classified with that specific purpose (“in order to”) in mind. This is a standard that has never been enforced and that is probably unenforceable.

So one step that the incoming Biden Administration could take to enhance the integrity and accountability of classification policy would be to direct that classification may not conceal violations of US law at all, whether or not that is the intent of classifying. (It is probably necessary to specify “US” law since classified intelligence collection may often involve the violation of foreign laws.)

Donald Trump is the first president since George H.W. Bush who made no formal changes to the executive order on classification policy.

Instead, Trump often defied or disregarded existing classification and declassification policies, withholding previously public information (e.g. the number of nuclear warheads dismantled each year) and disclosing normally classified information (e.g. an actual application for counterintelligence surveillance) when it advanced his political interests to do so.

But it seems that arbitrary secrecy combined with selective declassification is not the way to stop “bad actors.”