One of the more encouraging changes in classification policy over the past decade has been the sharp reduction in the number of decisions to classify information reported each year by executive branch agencies.
In 2005 there were a total of 258,633 original classification actions, or new secrets, reported; in 2015, there were said to be 53,425 such actions. (See Number of New Secrets in 2015 Near Historic Low, Secrecy News, July 29, 2016).
Despite the misleading precision with which they are reported, these numbers — which are derived from agency reports to the Information Security Oversight Office and published in ISOO annual reports — were understood to be estimates, not precise tabulations.
Now, however, a new report from the State Department Inspector General suggests that State’s reporting of its classification activity to ISOO may not only be imprecise, but actually inaccurate and incorrect.
The Inspector General “found shortcomings with the count of classification decisions” reported to ISOO. The estimates that were generated were not validated, and they did not reflect the full scope of State Department classification activity.
So, “For example, classified documents created within the Office of the Secretary were not included” in the survey, the IG said. See Compliance Follow-up Review of the Department of State’s Implementation of Executive Order 13526, Classified National Security Information, Office of Inspector General, Department of State, September 2016.
The bottom line, the IG said, is that reported classification totals “will not accurately represent all of the Department’s classification decisions because not all decisions are being identified or sampled as part of the Department’s self-inspection program.”
William Cira, the acting director of the Information Security Oversight Office, said he was not surprised by the Inspector General findings, and not especially troubled.
He recalled that ISOO itself stated in its 2009 report that “the data reported has not truly reflected the changing ways agencies have generated and used classified information in the electronic environment.”
“It has been recognized, even long before we asked the agencies to include the electronic environment, that an actual count is not feasible,” Mr. Cira added. “The sampling and extrapolation technique described in that report has been in widespread use for a long time.”
“It is actually one of the suggested methods that we impart to the agencies when we send out our data collection request each year. Since FY 2009, ISOO has asked agencies to do their best to estimate the volume of all classified products in the electronic environment.”
“We have always acknowledged that this would not be easy. We do ask them [agencies] to estimate, we do suggest that they sample and extrapolate, and we acknowledge that in almost all cases they will not have the resources to conduct a scientific survey as that is defined by professional statisticians.”
“This method may seem crude but we recognize that almost none of agency data collectors have trained statisticians to call upon, and there is no expectation that they hire one.” Still, “If the Dept. of State OIG believes that the Office of the Secretary should be included that is a welcome suggestion.”
“The one thing for certain is that this method has been consistently applied across many agencies for a very long time,” Mr. Cira said.
In other words, if the collection method is crude, at least it is consistent in its crudeness, and so perhaps some rough trend information may still be discerned within the noise.
But without real quantitative and qualitative clarity, effective management of agency classification activity will be beyond reach.
After months of delay, the council tasked by President Trump to review the FEMA released its final report. Our disaster policy nerds have thoughts.
FAS and FLI partnered to build a series of convenings and reports across the intersections of artificial intelligence (AI) with biosecurity, cybersecurity, nuclear command and control, military integration, and frontier AI governance. This project brought together leaders across these areas and created a space that was rigorous, transpartisan, and solutions-oriented to approach how we should think about how AI is rapidly changing global risks.
Investment should instead be directed at sectors where American technology and innovation exist but the infrastructure to commercialize them domestically does not—and where the national security case is clear.
To tune into the action on the ground, we convened practitioners, state and local officials, advocates, and policy experts to discuss what it will actually take to deploy clean energy faster, modernize electricity systems, and lower costs for households.