The subject of offensive cyber action by the U.S. government was classified for many years and was hardly discussed in public at all.  Then several years ago the possibility of U.S. cyber offense was formally acknowledged, though it was mostly discussed in the conditional mood, as a capability that might be developed and employed under certain hypothetical circumstances.

Today, however, U.S. offensive cyber warfare is treated as an established fact.  Not only that but, officials say, the U.S. military is pretty good at it.

“We believe our [cyber] offense is the best in the world,” said Gen. Keith B. Alexander, director of the National Security Agency and Commander of U.S. Cyber Command. His comments appeared in newly published answers to questions for the record from a March 2013 hearing of the House Armed Services Committee (at p. 87).

“Cyber offense requires a deep, persistent and pervasive presence on adversary networks in order to precisely deliver effects,” Gen. Alexander explained in response to a question from Rep. Trent Franks (R-AZ). “We maintain that access, gain deep understanding of the adversary, and develop offensive capabilities through the advanced skills and tradecraft of our analysts, operators and developers. When authorized to deliver offensive cyber effects, our technological and operational superiority delivers unparalleled effects against our adversaries’ systems.”

“Potential adversaries are demonstrating a rapidly increasing level of sophistication in their offensive cyber capabilities and tactics. In order for the Department of Defense to deny these adversaries an asymmetric advantage, it is essential that we continue the rapid development and resourcing of our Cyber Mission Forces.”

In response to another question for the record from Rep. James R. Langevin (D-RI), Gen. Alexander said that “Over the next three years we will train the Cyber Mission Forces that will perform world-class offensive and defensive cyber operations as part of our Cyber National Mission Teams, Cyber Combat Mission Teams and Cyber Protection Forces. We do not require additional authorities or resources to train the currently identified cyber professionals” (at page 85).

See Information Technology and Cyber Operations: Modernization and Policy Issues to Support the Future Force, hearing before the House Armed Services Committee, Subcommittee on Intelligence, Emerging Threats and Capabilities, March 13, 2013 (published July 2013).

At the time of his confirmation hearing before the Senate Armed Services Committee in 2010, Gen. Alexander was asked in a pre-hearing question, “Has the U.S. ever ‘demonstrated capabilities’ in cyberspace in a way that would lead to deterrence of potential adversaries?”  He replied (Question 15p):  “Not in any significant way.”

This seems to have been an incomplete response. Committee Chairman Sen. Carl Levin noted in questions for the record of Gen. Alexander’s confirmation hearing in 2010 that in fact offensive cyber capabilities had already been demonstrated: “Unfortunately, we also learned, after asking a specific question following the appearance of a Washington Post article reporting on an apparent offensive cyber operation, that DOD has undertaken a number of offensive cyber operations in the last several years, none of which was reported to the Armed Services Committees….”

On the vital question of oversight, Senator Levin asked:  “Lieutenant General Alexander, do you agree that it is appropriate that the Armed Services Committees be informed of all U.S. offensive cyber operations?”

Gen. Alexander provided an affirmative response, but in a way that altered the terms of the question:  “Yes, I agree that in almost all circumstances the Armed Services Committees should be informed in a timely manner of significant offensive cyber operations conducted by CYBERCOM.”

 

The Department of Homeland Security “is streamlining classification guidance and more clearly identifying categories of what can be released and what needs to remain classified,” according to a new report from the DHS Inspector General.

The Reducing Over-classification Act of 2010 required the Inspector General at each executive branch agency that classifies information to evaluate the agency’s classification practices and to report on the results by the end of September 2013.  The new DHS report is the first of the bunch to be published.  See Reducing Over-classification of DHS’ National Security Information, DHS Office of Inspector General Report OIG-13-106, August 2013.

The report sheds new light on DHS classification practices and provides some useful criticism, but it has a serious conceptual flaw.

The flaw lies in the report’s definition of the problem:  “Over-classification is defined as classifying information that does not meet one or more of the standards necessary for classification under Executive Order 13526.”

The problem is that this is a definition of misclassification, not over-classification.  If information does not meet the standards for classification — for example, if it is not government information — then its classification is simply a mistake, not an act of over-classification.  By using such a definition, the DHS IG fails to recognize the real dimensions of over-classification and overlooks its most vexing aspect:  the classification of information that arguably does meet the standards of the Executive Order but that need not or should not be classified.

Over-classification in this deeper sense is at the center of many current controversies over government secrecy policy.  Can the role of the CIA in targeted killing operations be acknowledged?  Should the fact of bulk collection of telephone metadata records by NSA have been admitted before it was leaked?  Though such information was eligible for classification under the Executive Order, the decision to classify it now appears questionable.

But such issues are unfortunately beyond the scope of the DHS IG report, which does not allow for the possibility that information could both “meet the standards necessary for classification under the Executive Order” and still be over-classified.  Not a single instance of such over-classification was identified.  Rather, the IG concluded that DHS has “successfully implemented all policies and procedures required” and thus “DHS has a strong [classification] program.”

Despite its limited conception of the problem, the IG report found some significant areas for improvement.  Notably, DHS classifiers have been using obsolete software to apply classification markings.  As a result, “59 of the 372 DHS we reviewed contained declassification, sourcing, and marking errors.”  A new Classification Marking Tool is currently being acquired by DHS.  Still, “eighty interviewees noted that they would like more hands-on training to ensure they could classify information properly.”

Curiously, the IG report found that DHS officials had an equivocal attitude towards efforts to challenge classification decisions.

“All persons interviewed knew and were trained on the process of formally or informally challenging a classification, but some stated that they would be reluctant to disagree with the originator’s classification.  They did not fear retribution from senior management, but they did not believe that they were experts in challenging classification” (p. 16).

However, DHS employees resisted the possibility of offering incentives to challenge classification decisions.  “When asked, 90 out of 100 DHS derivative classifier interviewees said that they believed offering incentives may lead to unnecessary challenges, and challenges will be raised not in the spirit of reducing classification but for incentive reasons” (p. 10).

Such skepticism is totally speculative, and ought to be tested in practice.  But instead of proposing a pilot program to validate or discredit the use of incentives for classification challenges, the DHS Inspector General unfortunately just dropped the subject.

The IG report found that DHS had successfully performed the Fundamental Classification Guidance Review, leading to a 39 percent reduction in the number of security classification guides.

The report also noted that the classification statistics reported by DHS to the Information Security Oversight Office “may not be accurate,” and DHS officials acknowledged that there are “long-standing issues associated with the reliability and accuracy” of the reported numbers.

Despite its limitations, the DHS IG review seems to have been a useful exercise that focused new attention on the Department’s classification activities.  Additional reports from other agencies that conduct much larger classification programs are expected shortly.

“The recent disclosure of classified information regarding U.S. national security programs requires a thorough assessment of the current classification system,” wrote Rep. Duncan Hunter in a letter to the Government Accountability Office, the investigative arm of Congress.

The leaks by Edward Snowden, in other words, are a sign that there are serious problems in government secrecy policy.

In his June 19, 2013 letter, Rep. Hunter asked GAO to perform the desired assessment, and his request was endorsed by Rep. Martha Roby, chair of the House Armed Services Committee Subcommittee on Oversight and Investigations.  In a July 30 reply, GAO accepted the request and said it would “begin the work shortly.”

For Rep. Hunter, the starting point is a concern that unnecessary secrecy may put legitimate secrets at risk.  Overclassification is bad security policy.

“With access to classified information contingent on the issuance of security clearances, overclassification stands to dangerously expand access to material that should ordinarily be limited,” he wrote.  He therefore posed a series of questions that cover a range of classification policy issues.

He asked GAO to determine “the degree to which material is classified that does not materially impact national security.”  This is one definition of overclassification, though it is not one that is used or recognized by the executive branch.

Under the executive order on classification, a national security secret need not “materially impact national security.”  It is enough if its unauthorized disclosure could reasonably be expected to cause damage to national security in the judgment of a person who is authorized to classify.  If the authorized classifier’s judgment reflects bias, inertia, erroneous or incomplete information– well, the executive order has nothing to say about that.

The result, Rep. Hunter said in a news release, is that “There’s real classification inflation going on, putting information that should be available to the public out of view and creating a degree of exposure by widening access to sensitive information that should be limited.”

Rep. Hunter also asked GAO to review “the degree to which material is classified in excess of current security procedures,” which is another form of overclassification.  It refers to information that is be classified Top Secret when it should only be classified Secret, for example.

Rep. Hunter asked “Whether narrowing classification requirements would reduce the need for nearly 5 million individuals to hold security clearances, and whether reducing that number would limit security disclosures.”

It stands to reason that less classification would likely entail the need for fewer clearances and that a leaner secrecy and security system would be easier to manage with improved quality control.  But there is no particular reason to suppose that the number of leakers is directly proportional to the number of clearances.

Crucially, Rep. Hunter asked GAO to investigate “if there are accountability systems in place to review agency and employee classification decisions to identify persistent instances of overclassification.”  There aren’t!

While classification guidance is supposed to be reviewed by the classifying agency itself every five years, and there are isolated mechanisms for challenging specific classification decisions, there is no systemic procedure for independent review and correction of classification judgments.  There should be.  (An extended argument for impartial review of classification decisions is here.)

For good measure, Rep. Hunter asked GAO to consider “the degree to which excessive classification harms information sharing” and “the effectiveness of the process to declassify information.”

Though his request letter was broadly framed with respect to classification policy generally, it appears that the GAO response will focus on classification activity within the Department of Defense.  Rep. Hunter is a member of the House Armed Services Committee and Rep. Roby is a HASC subcommittee chair, and so DoD secrecy policy is clearly within their jurisdiction.

The unauthorized disclosures of classified information by Edward Snowden have presented numerous important issues of public policy.  Is bulk collection of telephone and email records an acceptable practice, or should it be categorically proscribed?  How did congressional oversight fail to accurately gauge and to effectively represent conflicted public sentiment concerning domestic surveillance?  What is to be done with the Foreign Intelligence Surveillance Court?

But Rep. Hunter identified secrecy policy as a deeper systemic problem that also requires a constructive response.  With the GAO’s new engagement, and with the ongoing work of agency Inspectors General under the Reducing Over-classification Act, secrecy policy is now receiving some long overdue attention that may yet yield corrective action.

The pending GAO review of secrecy policy was previously reported in “Manning, Snowden Trigger First-of-its-Kind Secrecy Review” by Shane Harris, Foreign Policy, July 31;  “‘Classification inflation’ at Pentagon under investigation: GAO” by Shaun Waterman, Washington Times, July 31;  “Too many classified papers at Pentagon? Time for a secrecy audit” by Anna Mulrine, Christian Science Monitor, August 2.

On July 30, a military judge found Army Pfc. Bradley Manning guilty of multiple violations of the Espionage Act and other laws because of his unauthorized disclosure of restricted government records to the WikiLeaks website.

On July 31, the Secretary of the Army formally established the Army Insider Threat Program. Remarkably, this is still a pending initiative rather than an accomplished fact.

The program “will ensure the security and safety of Army computer networks by establishing an integrated capability to monitor and audit user activity across all domains to detect and mitigate activity indicative of insider threat behavior,” wrote Army Secretary John M. McHugh in Army Directive 2013-18.

The directive requires development and implementation of “a technical capability to monitor user activity on the Secure Internet Protocol Router Network” used by Manning as well as on the Joint World Intelligence Communication System.

In order to facilitate the identification of insider threats, the directive authorizes the sharing of counterintelligence and a variety of other sensitive information, including personal medical information.  (“The Surgeon General will provide information from medical sources, consistent with privacy laws and regulations, to authorized personnel to help them recognize the presence of an insider threat.”)

The new Army directive was issued in response to a November 21, 2012 Obama White House memorandum on “National Insider Threat Policy and Minimum Standards for Executive Branch Insider Threat Programs.”

Some government insider threat programs go beyond encouraging sensible security practices, and seem to promote free-ranging suspicion in the workplace.

A slide prepared by the Defense Information Systems Agency for an online training module on insider threats suggests that an employee who “speaks openly of unhappiness with U.S. foreign policy” may represent a risk.  (The only thing more troubling might be someone who speaks openly of happiness with U.S. foreign policy.)  See “Unhappy With U.S. Foreign Policy? Pentagon Says You Might Be A ‘High Threat'” by Matt Sledge, Huffington Post, August 7.

On June 21, 2013 the Director of National Intelligence issued Intelligence Community Directive 703 on “Protection of Classified National Intelligence, Including Sensitive Compartmented Information.”

The directive summarizes and re-states classified information security policy, including little-known facts such as: “The Director of the Central Intelligence Agency (CIA) provides SCI access determinations and Sensitive Compartmented Information Facility (SCIF) accreditation for the legislative and judicial branches of the U.S. Government.”

Updated below, Updated again, 8/9/13

The U.S. military has been investigating the use of sophisticated data mining tools to probe social media and other open sources in order to support military operations against money laundering, drug trafficking, terrorism and other threats.  But the window for doing so may be closing as the social media landscape changes, according to an internal assessment.

U.S. Special Operations Command (SOCOM) National Capital Region (NCR) conducted a series of experiments over the past year under the rubric “QUANTUM LEAP” that was intended to test “non-traditional” tools and techniques to advance the SOCOM mission. [In fact, only the first experiment was carried out; see update below.]

An after-action report on the first experiment said it “was successful in identifying strategies and techniques for exploiting open sources of information, particularly social media, in support of a counter threat finance mission.”  Counter threat finance refers to efforts to disrupt an adversary’s finances.  A copy of the SOCOM NCR report was obtained by Secrecy News.  See “Project QUANTUM LEAP: After Action Report,” 12 September 2012.

“Major lessons learned were the pronounced utility of social media in exploiting human networks, including networks in which individual members actively seek to limit their exposure to the internet and social media…,” the report said.

The QUANTUM LEAP project, which did not utilize classified intelligence, relied heavily on participation by private sector firms identified in the report, who demonstrated tools they had developed “to enhance the ability to discover relationships, human networks, and geospatial features” from open source data.

A tool called Social Bubble permitted the search of Twitter-related content “to explore human networks associated with the [counter threat finance] scenario and enabled identification of various entities… associated with the moneylaundering network.”  A tool called Recon was used to reconstruct source documents from a raw data stream.  Another tool served to “collect large quantities of data from the ‘deep web’, or sources which are accessible via the internet but not necessarily indexed or linked via a world wide web page.”  And another called Semantica “is capable of ingesting structured and semi-structured data and displaying it in a ‘triplet’ format, e.g. two entities and a relationship, such as [A is owned by B].”

“More than 200 additional open-source tools and sources were identified relevant to counter threat finance,” the SOCOM report said.

The report said that as valuable as the opportunity created by new techniques for data mining of open sources appears to be, it may prove to be transient.

“We are currently in a ‘window’ of opportunity for exploitation of social media sources for application to CTF [counter threat finance] or other SOCOM NCR missions. This window could be as narrow as 18-24 months before the social media phenomenon transforms. This future transformation is unknown and could offer additional opportunities, or existing opportunities could be closed, but the only thing that is certain is that there will continue to be rapid change.”

There are also unresolved legal issues.

“Legal review of the appropriate use and application of social media data is in its infancy. Social media is transforming notions of privacy and distinctions between personally identifiable information (PII) and self-reported public information will have to be established by precedent in case law,” the report said.

“Almost all information relevant to the QUANTUM LEAP experiment has a locative context [revealing the location of the source]. Location based services (LBS) are becoming integrated into every facet of our lives and are becoming much more accepted. There is a cultural/generational component to acceptance of LBS in social media,” the report said.

SOCOM Public Affairs did not respond to requests for comment or further information about the project, and the report describing the effort (labeled “draft”) has not been formally released.  However, the report was kept unclassified, facilitating its dissemination and discussion among the interested public.

Meanwhile, the future of SOCOM National Capital Region is itself uncertain, as Congress has thus far declined to authorize or appropriate funds that were requested for it in the coming fiscal year.

“The Committee remains unclear about the function, purpose, and costs associated with the operations, infrastructure, and facilities for this entity [SOCOM National Capital Region] both in the interim phase and the final end-state,” according to a June 2013 report of the House Appropriations Committee. “Further, the Committee has received conflicting information over the course of the last year as to the purpose of this entity.”

Project QUANTUM LEAP derives its name and inspiration from an initiative in the late 1990s to incorporate advanced technologies into Naval Special Warfare capabilities.  That earlier Project QUANTUM LEAP was described in “Stimulating Innovation in Naval Special Warfare by Utilizing Small Working Groups” by Thomas A. Rainville, Master’s Thesis, March 2001.

Update (Aug. 6, 4:30 pm): Ken McGraw of U.S. Special Operations Command advised as follows: “We cannot confirm the validity of any of the information listed in the After Action Report. The only information we have received so far is the program is no longer in existence and the people who worked on the program are no longer there. We will provide you additional information when we get it.”

Update 2 (Aug. 9, 11:00 am): Ken McGraw of U.S. Special Operations Command provided the following information:

Quantum Leap was a small, little known experiment that was defunded some time ago so it took us a while to get answers to peoples’ questions.

Question: What is the current status of Project QUANTUM LEAP?

Answer: Quantum Leap was defunded and is no longer in existence.

Question: Were all of the planned six parts of the project carried out?

Answer: No. Only one of the six parts was completed.

Question: Is it possible to briefly summarize the utility of the Project to date?

Answer: As I stated above, Quantum Leap was a very small, little-known, inconsequential experiment that was defunded. The reason it took us so long to get any information on it was because it was so small and inconsequential. The people who worked on the experiment are no longer even in the headquarters. The real focus of Quantum Leap was creating an environment and a process that would improve collaboration with interagency organizations.

It is unfortunate that people took a draft after action report that was filled with incorrect information, as best we can determine, and made quantum leaps in judgment about the importance of the experiment. The experiment was so inconsequential the after action report was never finalized.

Question: Will it have any continuing legacy for SOCOM (or SOCOM-NCR)?

Answer: Quantum Leap will not have a continuing legacy.

Ken McGraw

Public Affairs Officer

US Special Operations Command

Newspapers can be held criminally liable for publishing secret information, according to a newly disclosed Office of Legal Counsel (OLC) opinion dating from World War II.  A reporter who writes a story based on defense secrets could be found to have violated the Espionage Act for revealing secret information, as could his editor and publisher.

“A reporter who kept or copied a Navy dispatch containing a list of Japanese ships expected to take part in an upcoming naval battle, and later submitted for publication a newspaper article with information from the dispatch, appears to have violated… the Espionage Act,” the 1942 OLC opinion said.

“Whether the managing editor and publisher of the newspaper that published the article might also be criminally liable under the Espionage Act depends on their intent and knowledge of the facts.”  See “Criminal Liability for Newspaper Publication of Naval Secrets,” Office of Legal Counsel, June 16, 1942.

Under the authority of the Attorney General, the Office of Legal Counsel provides authoritative legal advice to the President and to executive branch agencies. The 1942 OLC opinion has no binding legal force, and it does not necessarily represent executive branch views today. But it fills in a gap in the legal genealogy of leak prosecutions.  It also highlights the latent possibility under the Espionage Act of criminalizing not just leaks but also news reports based on them.

Although not named by OLC, the reporter whose actions prompted the opinion was Stanley Johnston of the Chicago Tribune. Based on a classified document that was shared with him by a naval officer, Johnston wrote a front-page story in the Tribune on June 7, 1942 identifying the Japanese order of battle and implicitly revealing that U.S. intelligence had been able to decrypt Japanese military communications. A grand jury was convened to investigate the matter but was disbanded at the request of the Secretary of the Navy in order to avoid further publicizing the disclosure.  (Gabriel Schoenfeld recounted the episode in his 2010 book Necessary Secrets.)

“The reporter’s conduct in taking and copying a dispatch of immense importance — as this one seems obviously to have been — is characterized by real turpitude and disregard of his obligations as a citizen,” the OLC opinion said. “It is hard to believe that any jury or judge would take a sympathetic view of his case, or seek to free him on any narrow view of the facts of the law. He thoroughly deserves punishment.”

In an assessment that may resonate in some quarters in the networked world of the following century, the OLC opinion said that the newspaper’s broad distribution aggravated the original offense to the point of evil.

“In this case, the vast circulation of the newspapers involved puts the reporter in a position where he must pause and consider the consequences of his act. At best, his conduct was reckless and negligent, rather than specifically intended to do harm. Yet the negligence and recklessness were of such magnitude as to be fairly characterized as criminal and evil…,” the OLC opinion said.

*    *    *

The Office of Legal Counsel opinion on potential criminal liability for newspapers appeared this month in an extraordinary new collection of previously unpublished OLC opinions written between 1933 and 1977. (Formal publication of OLC opinions did not begin until 1977.)

“This volume begins what the Office of Legal Counsel intends to become a continuing supplement to its primary series of published opinions, covering all years during which the Office has been in existence,” according to the Foreword by Virginia Seitz, the current head of OLC, and Nathan A. Forrester.

The contents of the volume are wonderfully rich and interesting.

A 1937 OLC opinion concludes, with evident regret, that there is no legal basis for censoring the broadcast of a speech by Leon Trotsky. “The Federal Communications Commission does not have statutory authority to censor the telephone transmission from Mexico into the United States of a speech by Leon Trotzky.”

A 1974 opinion recommends that the FBI exercise its discretion to release files concerning a New Left figure even though it may have a legal right to withhold the files:

“In the last analysis, the only policy reason for withholding most of the requested documents is to prevent a citizen from discovering the existence of possible misconduct and abuse of government power directed against him. In my view, this is not only no reason for asserting the exemption; it is a positive reason for declining to use it, even where other reasons for asserting it exist. The obtaining of information of this sort is perhaps the most important reason for which the Freedom of Information Act exists.” The opinion was signed by then-OLC head Antonin Scalia.

The “legality and practical consequences” of a U.S. blockade of Cuba are considered in a 1962 opinion, and the use of federal marshals to protect civil rights workers in Mississippi is discussed in a 1964 opinion.

Other OLC opinions treat the invasion of Cambodia during the Vietnam War, Watergate, and many other topics.  The whole collection is an unexpected feast of historical and legal scholarship that is surprisingly accessible to non-specialist readers.

“Notwithstanding that some of these opinions may no longer be good law, our hope is that all will prove to be of value to legal practitioners and legal historians. This volume was a labor of love and respect for the history, traditions, and people of OLC and the Department of Justice,” the OLC editors wrote.

Marine Corps Commandant Gen. James Amos exercised “unlawful command influence” in an attempt to punish Marines who allegedly urinated on enemy corpses in Afghanistan in 2011, attorneys for the Marine defendants said.  And then Gen. Amos improperly classified information in an effort to conceal his own misconduct, the attorneys said.

“The evidence shows that the CMC [Commandant, Marine Corps] could not resist the temptation and decided to further the concealment of his unlawful intentions by ordering…, without proper authority or basis, the imposition of a secret classification upon the testimony and materials disclosed by the previously unclassified investigations of the alleged desecration cases,” defense attorneys said in a motion filed last week.

It’s a sordid story all around. What makes it interesting here is that a Marine Corps official warned in 2012 that the classification action was a mistake that could backfire against the Marine Corps if it ever became public.

“If this goes to the next level of administration or judicial action, there are some additional considerations that a lawyer, versed in classification issues, might be able to use to shoot holes in our whole process and bring the whole decision making process into question,” wrote William Potts in an internal email quoted in last week’s motion.

Improbably enough, he then cited the FAS Project on Government Secrecy and me (at page 19). A potential court-martial of the defendants would “spread us all over the media; would probably get Steven Aftergood, Project on Government Secrecy, involved…. He’d make us look silly if he supported a defense contention that the video was improperly classified.”

There is a creaky old saying to the effect that you should not do (or say or write or email) anything “if you wouldn’t want to see it on the front page of the Washington Post.” A similar principle might be applicable in the world of national security classification.  If you couldn’t justify the classification of information to an outside reviewer, then you probably shouldn’t classify it.

Unfortunately, in the normal course of business, there are few occasions on which any official is ever called upon to justify his classification action to an impartial, independent observer.  That’s just not the way the classification system is currently structured.  But it could be.  Increasing the number of opportunities for independently evaluating classification actions would quickly serve to improve the quality and legitimacy of classification activity.

For more background on the Marine Corps case, see these stories in Military Times and CNN.

 

In a new interpretation of the Espionage Act, a federal judge made it easier for prosecutors in leak cases to meet their burden of proof, while reducing protections for accused leakers.

Judge Colleen Kollar-Kotelly ruled that the prosecution in the pending case of former State Department contractor Stephen Kim need not show that the information he allegedly leaked could damage U.S. national security or benefit a foreign power, even potentially.  Her opinion was a departure from a 30-year-old ruling in the case of U.S. v. Morison, which held that the government must show that the leak was potentially damaging to the U.S. or beneficial to an adversary.  (In that case, Samuel L. Morison was convicted of unauthorized disclosure of classified intelligence satellite photographs, which he provided to Jane’s Defence Weekly. He was later pardoned by President Clinton.)

“The Court declines to adopt the Morison court’s construction of information relating to the ‘national defense’ insofar as it requires the Government to show that disclosure of the information would be potentially damaging to the United States or useful to an enemy of the United States,” Judge Kollar-Kotelly wrote in a May 30 opinion. The opinion was redacted and unsealed (in partially illegible form) last week.

The prosecution must still show that the defendant “reasonably believed” that the information “could be used to the injury of the United States or to the advantage of a foreign nation” and that the defendant “willfully” communicated it to an unauthorized person.  But it would no longer be necessary for prosecutors to demonstrate that the information itself could potentially damage national security or benefit an adversary.

The new ruling was a boon to prosecutors and a blow to the defense in the Kim case and perhaps other leak trials to come.

The Kim defense had argued that the requirement to show that the leaked information could cause at least potential damage was essential to a proper understanding of the Espionage Act statute.  Without it, defense attorneys argued, the Espionage Act would become something like an Official Secrets Act, enabling the government to punish disclosure of anything that was designated classified, even if it was improperly classified.  They cited a concurring opinion in the Morison case stating that its interpretation of the law was necessary “to avoid converting the Espionage Act into the simple Government Secrets Act which Congress has refused to enact.”

In a subsequent reply, the defense added that “The requirement that disclosure of the information be ‘potentially damaging’ is ‘implicit in the purpose of the statute and assures that the government cannot abuse the statute by penalizing citizens for discussing information the government has no compelling reason to keep confidential’ .”

“The Court should decline the government’s invitation to reject the leading Espionage Act cases of the past quarter century,” the defense urged.

But prosecutors insisted successfully that, contrary to the Morison court and other Fourth Circuit cases, there is no requirement in the statute to show that disclosure could cause harm. “By its terms, Section 793(d) [of the Espionage Act] does not require the United States to prove any harm, whether potential or not….”

In her ruling, Judge Kollar-Kotelly accepted the prosecution view.

“In cases like this which involve the alleged unauthorized disclosure of classified information, the Morison approach invites (if not requires) the jury to second guess the classification of the information,” she wrote in the newly disclosed May 30 opinion.

Although a review by the jury of the information’s classification might seem like a wholesome and necessary check on overclassification, Judge Kollar-Kotelly said it would lead to an “absurdity” — “The trial of the individual charged with unauthorized disclosure would be converted into a trial of the classifying party,” as she put it, citing an earlier precedent.

Moreover, “the Court was unable to locate a single case outside the Fourth Circuit employing this standard,” she wrote. The Morison case was tried in the Fourth Circuit, as was the AIPAC case, the Kiriakou case, and the still-pending Jeffrey Sterling case.

By imposing such a requirement, the Kim prosecutors said, the Fourth Circuit had arguably offered “more protection to defendants than required by [the Supreme Court].”

So for defendants who are accused of leaking classified information, it seems that the Fourth Circuit would be the most advantageous location in which to be tried.  Stephen Kim is on trial in the DC Circuit.

Several other rulings (and underlying pleadings) in the Kim case were unsealed last week, and they were discussed in the Washington Post (“Attorney for accused leaker says other U.S. officials may be responsible,” July 25) and Legal Times (“In Leak Case, Prosecutors Allowed to Keep Information Secret,” July 25).

There have been 71 federal judges who have served on the Foreign Intelligence Surveillance Court or the Foreign Intelligence Surveillance Court of Review from 1979 until the present.  A complete list of the Court’s membership, prepared by the Court’s Administrative staff, was obtained by the New York Times.  Although this comprehensive listing was not formally secret, neither had it been previously been made publicly available.  A copy is posted here.

Under the Foreign Intelligence Surveillance Act, appointments to the Court are made by the Chief Justice of the United States. An analysis of the Court’s membership by the New York Times found that during the tenure of Chief Justice John G. Roberts Jr., a higher number of Republican judges had been appointed than in the past — 10 of the current 11 members, compared to 66% under previous Chief Justices — as well as a higher number of judges who had once worked for the federal government — 50% versus 39% in the past. See “Roberts’s Picks Reshaping Secret Surveillance Court” by Charlie Savage, New York Times, July 25.

The premise of the story is that Chief Justice Roberts’s selection pattern is not merely a statistical curiosity but that it has altered the performance of the court, or “reshaped” it, to favor the executive branch.  The Times does not directly embrace this view, but attributes it to “critics,” including Sen. Richard Blumenthal (D-CT), who is proposing legislation to change the way the Court’s members are appointed.

“Viewing this data, people with responsibility for national security ought to be very concerned about the impression and appearance, if not the reality, of bias — for favoring the executive branch in its applications for warrants and other action,” Senator Blumenthal told the Times.

But the claim that Chief Justice Roberts’s appointments have “reshaped” the Court to favor the executive branch in applications for warrants does not withstand a moment’s scrutiny.  That’s because the Court’s approval rate has always hovered near 100% — both before and after the Roberts era. No discernable reshaping has occurred.

In fact, based on the available data, one could perhaps say that the Court has exercised greater scrutiny lately than it once did. In 1979, in the Court’s very first year of operation, all applications for surveillance were approved without modification.  In 2012, the most recent year, no applications were denied outright, but 40 of them were modified by the Court.

A more substantial concern is that the function of the FISA Court has expanded in the past decade beyond the routine consideration of surveillance applications, and now extends to the secret interpretation of government authorities under the law.  This is indeed an area when ideological predispositions could manifest themselves in reshaping the applicable law.

Whether that has actually happened is impossible to ascertain since most of the Court’s opinions, including those that the Court itself has deemed “significant legal interpretations,” remain classified and unavailable.

But the notion that the behavior of FISA Court judges can be reliably inferred from the political party of the President that appointed them, or from their past service in the executive branch, is cynical and vaguely insulting.

The Times names Judge Reggie B. Walton as one of the current Court members appointed by Justice Roberts who previously served in the executive branch (working “on drug and crime issues for the White House”) and who is therefore purportedly more likely to defer to the interests of the executive.

But the suggestion that Judge Walton has been unduly deferential to executive authority is not borne out by his record.  Years ago I filed a Freedom of Information Act lawsuit against the National Reconnaissance Office that was heard by Judge Walton. I was seeking agency budget information that the NRO refused to provide, withholding it under an intelligence agency exemption for “operational files.”  It was a dispute between a multi-billion dollar agency and an individual plaintiff (me) who was not even represented by an attorney.  This was a perfect opportunity for a judge to display deference to an executive branch intelligence agency, particularly since there was no conceivable ideological or political incentive for the court to rule in my favor. But instead, Judge Walton denied the NRO’s motion to dismiss the case, and he granted my motion to compel disclosure of the requested budget information. It was not the outcome that a cynic would have predicted.

My experience with Judge Walton may be exceptional.  Or maybe not.  One of the academic studies linked from the Times article to support the proposition that judges appointed by Republicans are more likely to rule in favor of the government actually reported that “even in the most controversial cases, Republican and Democratic appointees agree more than they disagree.”

The practical lesson is that to focus on the membership of the FISA Court is probably not the best way to regulate the Court’s conduct or to affect its performance.  Assuming that there is only a limited amount of political energy available for addressing FISA policy, efforts to reform the Court would more profitably be directed toward declassification of Court decisions, and reconsideration of the statutory framework that the Court operates within.

Sometimes it seems that the national security classification system is static, monolithic and hopelessly inert.  But in fact it is relentlessly in motion, with new secrets constantly being created as old secrets are gradually released.

Two months ago, the fact that the Foreign Intelligence Surveillance Court had authorized the bulk collection and transfer of telephone metadata to the National Security Agency was a highly classified secret.  But by last Friday, the Court’s renewal of that same authority for bulk collection was actually announced in a press release from the Office of the Director of National Intelligence.

In the interim, of course, the previously Top Secret FIS Court order had been leaked by Edward Snowden and published by The Guardian.  But Snowden did not leak the fact of the latest renewal.  It was disclosed at the initiative of the ODNI.

And other related disclosures may be on the way. “The Administration is undertaking a careful and thorough review of whether and to what extent additional information or documents pertaining to this program may be declassified, consistent with the protection of national security,” the ODNI press release said.

In effect, the Snowden disclosures shifted the Administration’s calculation of what should be secret and what should be public.  From a secrecy policy point of view, this is as noteworthy as the disclosures themselves.

(“This discussion can, and should, have taken place without the recent disclosures,” said ODNI General Counsel Robert S. Litt in a speech at the Brookings Institution on July 19 which detailed the government’s perspective on the matter. Maybe it can, and maybe it should– but it didn’t.)

Setting aside the specific content of the disclosures, the shifting boundaries of national security secrecy highlight the fact that the decision to classify information is inherently a matter of judgment.  And because it is an act of judgment, an official decision to classify is subject to disagreement, error, reconsideration and revision.

But how exactly do judgments about secrecy change?  If the factors that enter into classification judgments could be clarified, the prospects for a more rational and comprehensible secrecy policy would be improved.  A better understanding of the process would also serve to focus and guide efforts to change secrecy policy.

In a new paper, I tried to describe some of those factors and to draw practical conclusions from them.  “An Inquiry into the Dynamics of Government Secrecy” was just published in Harvard Civil Rights-Civil Liberties Law Review, Vol. 48, No. 2, Summer 2013.

The essential point of departure is a recognition that classification of national security information is a subjective process, not a rigorously objective one.

“There appears to be no common understanding of classification levels… nor any consistent guidance as to what constitutes ‘damage,’ ‘serious damage,’ or ‘exceptionally grave damage’ to national security,” according to an ODNI classification study cited in the paper.  “There is wide variance in application of classification levels.”

This subjectivity and lack of common understanding can produce erratic results. Different classifiers may classify the same information differently.  Classification levels of particular items of information whose sensitivity would normally be expected to diminish over time will sometimes increase.  Often, decisions to classify seem to be skewed by habit, political or bureaucratic self-interest, or simple error. Illogically, the same information may be treated as both classified and unclassified, even in a single document.

But if classification unavoidably involves individual judgments then it stands to reason that the quality of the classification process can be improved by submitting those judgments to a form of external review.

“Precisely because classification is a subjective process, the act of introducing additional ‘subjects’ into the process can destabilize it in a fruitful way,” I argue in the paper.

“While individual classifiers rarely seem to change their own judgments when challenged, those individual judgments are overturned with some frequency when the opinions of other persons are consulted and integrated into the process.”

That is the case, for example, with the Interagency Security Classification Appeals Panel, which now has a 17 year record of declassifying at least some information in the large majority of documents that have been presented to it on appeal after the originating agencies declined to do so on their own.

“It is possible to counter any official tendency to exploit the classification system for political or bureaucratic advantage by engaging a broader circle of participants, whose interests do not all coincide, in the classification process,” the paper suggests.

“Providing for a series of layered reviews of classification decisions — within agencies, across the executive branch, and with the active oversight of Congress and the courts — offers a straightforward mechanism for mitigating classification abuses.”

“By itself, this kind of approach will not resolve all disputes over what should or should not be secret. But a more consensual style of making classification decisions, with more robust opportunities for error detection and correction, would be a marked improvement over current practice.”

In a new ruling with ominous implications for national security reporting, an appeals court said today that there is no reporter’s privilege that would allow New York Times reporter James Risen to decline to identify the source of classified information that he revealed in his book State of War.

Mr. Risen had been subpoenaed to testify in the leak prosecution of former CIA officer Jeffrey Sterling, who is accused of leaking information to Risen about a failed CIA operation against Iran’s nuclear program.  In 2011, the lower court had ruled that Risen would not be compelled to reveal his source.  The Fourth Circuit court of appeals today reversed that ruling.

“There is no First Amendment testimonial privilege, absolute or qualified, that protects a reporter from being compelled to testify by the prosecution or the defense in criminal proceedings about criminal conduct that the reporter personally witnessed or participated in, absent a showing of bad faith, harassment, or other such non-legitimate motive, even though the reporter promised confidentiality to his source,” said the majority ruling, written by Chief Judge William B. Traxler Jr.

“So long as the subpoena is issued in good faith and is based on a legitimate need of law enforcement, the government need not make any special showing to obtain evidence of criminal conduct from a reporter in a criminal proceeding. The reporter must appear and give testimony just as every other citizen must. We are not at liberty to conclude otherwise,” Judge Traxler wrote.

In a dissenting opinion, Circuit Judge Roger L. Gregory said the majority ruling was a fateful mistake.

“Our country’s Founders established the First Amendment’s guarantee of a free press as a recognition that a government unaccountable to public discourse renders that essential element of democracy — the vote — meaningless. The majority reads narrowly the law governing the protection of a reporter from revealing his sources, a decision that is, in my view, contrary to the will and wisdom of our Founders.”

“I find it sad that the majority departs from… our established precedent to announce for the first time that the First Amendment provides no protection for reporters,” Judge Gregory wrote.

“Under the majority’s articulation of the reporter’s privilege, or lack thereof, absent a showing of bad faith by the government, a reporter can always be compelled against her will to reveal her confidential sources in a criminal trial.”

“The majority exalts the interests of the government while unduly trampling those of the press, and in doing so, severely impinges on the press and the free flow of information in our society. The First Amendment was designed to counteract the very result the majority reaches today,” Judge Gregory wrote.

There is a permanent tension, if not an irreconcilable conflict, between a free press and the operations of national security.  The tension can be managed by the exercise of prudent self-restraint on both sides.  So, for example, news organizations do not publish all secret information they acquire, and the government does not exercise its full legal authority to penalize unauthorized publication.  But the tension can also be exacerbated, as in the present case, perhaps to a breaking point.

A national policy on “insider threats” was developed by the Obama Administration in order to protect against actions by government employees who would harm the security of the nation.  But under the rubric of insider threats, the policy subsumes the seemingly disparate acts of spies, terrorists, and those who leak classified information.

The insider threat is defined as “the threat that an insider will use his/her authorized access, wittingly or unwittingly, to do harm to the security of the United States.  This threat can include damage to the United States through espionage, terrorism, [or] unauthorized disclosure of national security information,” according to the newly disclosed National Insider Threat Policy, issued in November 2012.

One of the implications of aggregating spies, terrorists and leakers in a single category is that the nation’s spy-hunters and counterterrorism specialists can now be trained upon those who are suspected of leaking classified information.

The National Insider Threat Policy directs agencies to “leverag[e] counterintelligence (CI), security, information assurance, and other relevant functions and resources to identify and counter the insider threat.”

“Agency heads shall ensure personnel assigned to the insider threat program are fully trained in… counterintelligence and security fundamentals….”

Agency heads are directed to grant insider threat program personnel access to “all relevant databases and files” needed to identify, analyze, and resolve insider threat matters.

The National Insider Threat Policy was developed by the Insider Threat Task Force that was established in 2011 by executive order 13587.  The Policy document itself was issued by the White House via Presidential Memorandum on November 21, 2012 but it was not publicly released until last week.

The document was disclosed by the National Counterintelligence Executive (NCIX) after it was independently obtained and reported by Jonathan Landay and Marisa Taylor of McClatchy Newspapers. (“Obama’s crackdown views leaks as aiding enemies of U.S.,” June 20, 2013).

“The National Insider Threat Policy policy is intended to provide direction and guidance to promote the development of effective insider threat programs within departments and agencies to deter, detect, and mitigate actions by employees who may represent a threat to national security,” according to NCIX.

Among the activities mandated by the National Insider Threat Policy is the routine monitoring of user activity on classified government computer networks. “This refers to audit data collection strategies for insider threat detection, leveraging hardware and/or software with triggers deployed on classified networks to detect, monitor, and analyze anomalous user behavior for indicators of misuse.”

But a different sort of approach to combating leaks — an approach not represented in the Insider Threat Policy — would require an ongoing critical examination of the scope and application of official secrecy.  This view was articulated by the late Senator Daniel P. Moynihan when he said “If you want a secret respected, see that it’s respectable in the first place.”

“The best way to ensure that secrecy is respected, and that the most important secrets remain secret,” Sen. Moynihan said, “is for secrecy to be returned to its limited but necessary role. Secrets can be protected more effectively if secrecy is reduced overall.”