DoD Takes Flexible View on Deleting Wikileaks Docs

Department of Defense employees who downloaded classified documents from Wikileaks onto unclassified government computer systems may delete them without further “sanitizing” their systems or taking any other remedial measures, the Pentagon said in a policy memo (pdf) last week.

The release of classified State Department cables and other classified documents by Wikileaks has produced special consternation among security officers, who have tended to respond “by the book” to this unprecedented breach of security procedures.  But “the book,” which is the product of an earlier era, is quickly becoming obsolete.  And in the worst case, some officials say, the government’s unimaginative response to Wikileaks could do more damage than the original disclosures.

But now some tentative signs of flexibility can be detected from Pentagon policy makers.

Under the new guidance, DoD employees and contractors who have downloaded classified documents from the Wikileaks website onto an unclassified government computer or network — which is still prohibited — do not need to take any extreme corrective measures in response, the Pentagon said.  In particular, there is no need to prepare a formal incident report or to “sanitize” their information systems by overwriting or degaussing them.  Instead, the documents can simply be deleted.

“In the case of classified documents inadvertently accessed or downloaded from the WikiLeaks website or other websites posting WikiLeaks-related classified documents, the IAM [information assurance manager] will document each occurrence and delete the affected file(s) by holding down the SHIFT key while pressing the DELETE key for Windows-based systems,” said Acting Under Secretary of Defense Thomas A. Ferguson in a January 11 memo.

Using the shift and delete keys simultaneously is a way of “permanently deleting” a document, so that it is removed from the file directory and does not appear in the Trash or Recycle Bin.  This action does not, however, physically erase or eliminate the document from the computer’s hard drive.  In other cases of inadvertent transfer of classified information to an unclassified system, a more rigorous response is often required.  But this will now be good enough for the purpose of eliminating classified Wikileaks documents.

“No incident report or further sanitization of government IT systems is required,” Under Secretary Ferguson continued.

The new flexibility only extends to Wikileaks-related documents, not to other “spillages” of classified information, he said.  “This guidance pertains only to the accessing or downloading of the classified documents described above because of the extent of the compromise and the prohibitive cost of standard sanitization procedures.  All other classified spillages must be handled in accordance with existing regulations,” according to the Pentagon memo.

See “Notice to DoD Employees and Contractors on Protecting Classified Information and the Integrity of Unclassified Government Information Technology (IT) Systems,” memorandum for senior DoD officials from Acting Under Secretary of Defense Thomas A. Ferguson, January 11, 2011.