The Public Interest Declassification Board is pleased to announce the completion of its report, Transforming the Security Classification System. The President asked that we study the security classification system and make recommendations for its transformation to better meet the needs of users in the digital age.
The report will be released to the public on the Board’s website on Thursday, December 6, 2012.
The Board consulted extensively with experts from the Government Openness advocacy community, civil society and transparency groups, archival researchers, and technologists and solicited opinions from distinguished civil servants, Executive department and agency officials and the Congress. Our efforts were designed to gain a broad perspective on issues confronting the classification system and led to the fourteen core recommendations in this report.
The classification system exists to protect national security, but its outdated design and implementation often hinders that mission. The system is compromised by over-classification and, not coincidentally, by increasing instances of unauthorized disclosures. This undermines the credibility of the classification system, blurs the focus on what truly requires protection, and fails to serve the public interest. Notwithstanding the best efforts of information security professionals, the current system is outmoded and unsustainable; transformation is not simply advisable but imperative.
We believe transformation will require a White House-led steering committee to drive reform, led by a chair that is carefully selected and appointed with specific authorities granted by the President. In anticipation of the report’s release, we will re-engage our followers by re-opening our blog, Transforming Classification, where we will post summaries of some of the key recommendations in the report beginning Monday, November 26, 2012. Be sure to stay connected to the Board’s activities and look for more information about the Board on our website: http://www.archives.gov/declassification/pidb.
Thank you for participating in the Transforming Classification Blog. The Blog is now closed for comments. The Board appreciates all of the comments and submissions that were received.
We will continue to evaluate the comments and submissions you posted on the blog as we consider what changes to make on how best to transform the classification system in response to the President’s request.
I read the PIDB papers as well as the submissions from the seven commentators. Rather than comment through a blog on each of the proposals, I decided to summarize my reactions and raise a few additional issues. I am numbering the paragraphs to make it easier to see the separate topics.
1. In general, I believe the Board is moving in the right direction. Certainly any transformation must be Janus-faced, just as archival systems are: looking forward to processes to be adopted in the future while finding new ways to deal with the legacy of past systems. The PIDB papers recognize that, although not always explicitly. The aim must be to reduce prospectively reduce the burden while reducing the backlog.
2. Looking forward, the promise of computer technology must be explored, including a process of continuous updating and recording the status of items or portions of items. The idea of a research laboratory somewhere, whether at NDC or in one of the agencies, is a good one. The CACI characterization of “self-declassifying documents” is a useful one to pursue. However, I think these techniques must be coupled with a greatly reduced scope of classification and therefore volume of classified items. The government needs to be very clear about what it really must protect and then do a serious job of managing those items.
3. One area that is not sufficiently explored in the papers is the problem of declassifying audiovisual and geographic material. While some of this could be tagged in the future technology system, it would likely require special handling, especially for streaming audio and video where the discrete parts are not obvious. In the past information in this format has been limited to a few specialized agencies, but it appears likely that many more agencies will use these systems in the future, whether satellite images for flood management, photos from video cams on a battlefield, or feeds to the White House during the Osama bin Laden raid.
4. Regularizing the declassification review of classified Congressional records is needed. The PIDB paper seems aimed exclusively at paper records, but any arrangement should include the full range of Congressional electronic and audiovisual records (such as video or audio of closed hearings) as well. And the availability of these records for FRUS compilers is a very important step.
5. Just as the PIDB is now looking at the legislative branch, it might be worth considering whether the judicial branch retains any classified records when a hearing involves the in-camera presentation. In particular, does the Foreign Intelligence Surveillance Court retain any classified items? If so, a process for declassifying those should also be considered.
6. Discretionary declassification and release of contemporary national security information is certainly possible, although in the past the costs have been considerable for entities like the JFK review board. Rather than set up a separate entity, Congress might give a mandatory instruction to NDC to undertake a specific project.
7. Simplifying the declassification process for historical records—Janus looking back—is essential. The PIDB paper has it just right: until the “ownership” question is solved, this referral system will stymie any other reform efforts. I favor the single centralized review option. I do not think agency training and manuals to be used by many different entities across the government, even if frequently repeated and updated, will be as effective as a single team that can be held accountable for its work.
8. The PIDB needs to address the issue of when and how the U.S. Government will protect the classified information of a foreign government. As I understand the system at present, if the information in a U.S. created item comes from a friendly government, the U.S. will consult that government and if it objects to the disclosure of the information, the U.S. will not overrule that government. This means that we vitiate our disclosure laws in favor of a stricter or more arbitrary regime in use in another country. A balance needs to be struck between the objections of a friendly power and the need for the U.S. to be the master of its own records and their disclosure
9. Another issue that needs to be solved is the problem of agencies not turning records over to the National Archives. Although the statue says that the Archivist can “direct and effect” the transfer of records over 30 years old (44 USC 2107(2)), there is no enforcement mechanism. The agencies routinely ignore the 30-year line, which means that even with a single declassification body for records in the Archives, agencies would still hold many records that include information with other equities. In theory the 30-year line could be enforced through an executive order, but those are so routinely ignored that legislation may be necessary. The Constitution Project’s proposed Historical Records Act could be a vehicle for this.
10. “Automatic” declassification at a 25-year line must have some opt-out procedures for information that truly must be kept secret for longer periods, such as information on the manufacture of weapons of mass destruction. But there also must be some final date at which all information can be open: a “don’t ask, don’t tell” rule for documents. Whether 50 years is long enough is debatable, but the debate needs to occur. The agencies must quit protecting documents such as the 200-year-old item that the NSA recently declassified. They need to turn over the original records (for non-electronic formats) not the duplicate copy that NSA sends while retaining the originals and not, as with the CIA’s two major reports on Guatemala 1954, sending NARA the still classified original while putting a declassified version on the CIA’s website. Furthermore, the records need to be sent in context; again, using NSA as an example, not a sending a selection of random documents (see the recent list which provides no context information) but instead transferring items in file units.
11. Certainly FRD must be reviewed on its merits not on the mere designation as FRD. Using the ISCAP process as described in the PIDB paper is a good idea. However, this should also be extended to RD information when it reaches 25 years of age. The principle must be that no information is withheld from the American people without review.
12. Finally, agencies need to understand that FOIA is an option for withholding information that does not require the information to be classified. It appears that some agencies think that the only way to withhold information is to classify it, ignoring the robust provisions of the FOIA.
Best wishes on the transformation of the system.
Trudy Huskamp Peterson
In order to induce a transformation of the national security classification system, the President should set a performance goal that will advance the desired transformation, and then mandate its achievement by executive branch agencies.
Instead of trying to specify each and every one of the policy and procedural changes needed for an effective transformation, this approach would seek to catalyze change by establishing a mandatory performance objective (or multiple objectives) and then requiring agencies to work out the necessary adjustments.
Several questions immediately arise. First, what is the desired transformation of the classification system that the current process seeks to promote?
My provisional answer to the question would be that the desired transformation should aim to achieve a classification system that has a reduced scope of application (i.e., fewer categories of secrets), a reduced volume of classification activity (less classification), and a reduced duration of classification. In order to best serve its national security purpose, the classification system should be “lean and mean,” not bloated and arbitrary. Its dimensions should be stable or shrinking, not perpetually growing.
What are the characteristics of a performance goal that would help to catalyze a change in classification policy?
Any performance goal that is selected should be intrinsically significant, not abstract or merely procedural. It should be worthwhile as a policy objective in its own right in order to justify and propel the desired changes in current classification policy and practice. And yet it should be reasonably achievable right now or in the near term. Vague or idealized conceptions or labor-intensive proposals that have no realistic chance of acceptance will not serve as effective catalysts.
What is a concrete example of such a performance goal?
One possible example would be a new requirement to publish a declassified documentary history of major U.S. national security policy decisions and actions no later than 25 years after the events they record, allowing for only the narrowest of exemptions. This publication would be analogous to the Foreign Relations of the United States series and to the Public Papers of the President in its professional quality and documentary character, but it would focus on publication of classified national security policy records that are to be newly declassified for this purpose.
As a performance goal for catalyzing transformation of the classification system, this proposal has several pertinent features:
First, the idea that the full record of U.S. national security policy should be regularly disclosed is an inherently powerful one that properly characterizes an open society. The nation should be able to take pride in routinely disclosing the records of its national security history, including even (or especially) shameful or problematic episodes, and airing them fully and publicly. This is a worthy objective independent of its potential for inducing transformation of classification policy– which is one of the things that make it a useful tool for purposes of catalyzing change.
Second, this proposal would engage and require the cooperation of the entire national security establishment, including its military, diplomatic and intelligence components. It would also sweep broadly across different record formats and types of media. To the extent that audio, video, and other records (including congressional records) formed an essential part of the national security record, they would be encompassed as well.
And third, the proposal is both feasible today and it is in significant tension with current classification and declassification policy, which means that it would require and inspire numerous changes in practice.
As noted above, the concept of a regular documentary record of national security policy is similar to the Foreign Relations of the United States (FRUS) series on foreign policy that is published by the U.S. State Department. But the FRUS production process is mired in administrative and classification disputes. It mainly serves a narrow constituency of diplomatic historians. It is far from meeting its goal of publishing records within 30 years of the recorded events. Agencies habitually disregard deadlines for reviewing documents for inclusion in FRUS, and they adhere to obsolete classification practices, such as censoring the amounts of half-century old intelligence budget figures.
By contrast, in the proposed initiative for a new documentary history of national security policy, most of those longstanding obstacles could be eliminated by presidential fiat. For example, the President could set new classification standards for this particular project, ordering that those 25 year old classified records that are deemed essential to a thorough, accurate and reliable account of U.S. national security history will be declassified unless they meet the narrow criteria that ordinarily permit 50 year old records to be exempted from declassification. This would mean that only information that would identify a confidential human intelligence source or reveal key design concepts for weapons of mass destruction could be withheld from publication in the new series. This step alone would drastically simplify the declassification review process by making most such reviews pointless and irrelevant. Also, the kind of missed deadlines that plague FRUS would be interpreted as concurrence by the reviewing agency.
In this way, the continuing production of an official record of national security history, vetted by professional historians (whether at the State Department or elsewhere), would have the catalytic potential to break the current logjam in production of the FRUS series and in declassification more broadly (with indirect but salutary effects on classification as well). It would generate a newly available series of permanently valuable record collections for the nation as a whole. While it would not constitute a transformation of the classification system all by itself, it would advance the process of modernizing and rationalizing classification policy, and would help to galvanize further changes.
Many other types of catalytic performance goals could be imagined and adopted. What is crucial is that they must trigger meaningful and measurable changes in classification and declassification practice in the near term.
Finally, I would like to reiterate the importance of the pending Fundamental Classification Guidance Review, which was mandated by the President in December 2009, and which must be completed by June 2012. If implemented in good faith, this process should both reduce the current scope of classification and diminish the future declassification burden. Nothing else on the near-term policy horizon has comparable transformative potential. But the Review process needs clearly articulated performance goals of its own, as well as active support, encouragement and leadership in order to succeed.
How We Got Here
In signing Executive Order 13526 – the 10th Executive Order on National Security Classification signed since Roosevelt’s Order in 1940 – President Obama also stated that he looks forward to “…reviewing recommendations from the study that the National Security Advisor will undertake in cooperation with the Public Interest Declassification Board to design a more fundamental transformation of the security classification system.”
Historians regard President Truman’s second Order, EO 10104, and President Clinton’s EO 12958 as sweeping changes to the national security classification system. Most significant of Truman’s changes was the indication that the Chief Executive was relying upon “authority vested in me by the Constitution and statutes, and as President of the United States.” Prior Orders had relied on statutes requiring the protection of military bases in the United States as the basis for classification. Also changed in Truman’s new Order was the first use of the term “national security” as the previous orders had been intended to protect only information related to “national defense.”
President Bill Clinton’s 1995 Order also included sweeping changes to classification. Most significantly it set a specific duration for classification allowing classification to expire, causing automatic declassification, rather than requiring that agencies conduct reviews to declassify information. Also included in this new order was reintroduction of the “balancing test” first introduced in EO 12065 by President Carter in 1978, a provision encouraging employees to challenge classification they believed inaccurate, and creation of the Interagency Security Classification Appeals Panel (ISCAP) as well as the Public Interest Declassification Board (PIDB). The Clinton Order also put tighter controls on the practice of reclassification of information that had been released to the public.
Much has changed in the years since the Roosevelt Order in 1940 issued during WW-II, but despite what has been regarded as “sweeping changes” the national security classification system in the US remains very much the same as it was in the 1950s.
A New Approach to Classified Information
I propose an approach where we start by defining the problem in the context of 2011 and write an entirely new solution without regard for any previous solutions or problems. We can’t continue to regard the world as paper created by typewriters. We also can’t view the world as two opposing sides in a conflict where there are only combatants and outsiders. Rigid conformance to standards based on military protocols and clearly defined roles and responsibilities must be exchanged for a system where essential elements of information are protected and other information is regarded as serving the purpose of our common defense.
No longer is our information structured along government organizational lines or pertaining to only governmental issues. The battles of the 21st Century are asymmetrical; the enemies are amorphous having no uniforms, no political boundaries, or common language. Our “side” of the battle is also not a uniformed army with trained, proven soldiers under the command of a single leader; instead we consist of military, government, private sector, state, local, tribal entities, foreign partners, and sometimes citizens. We simply can’t see classification as a tool to protect military secrets, intelligence and diplomatic affairs from everyone who is not part of the military, diplomatic or intelligence organizations. Our world has changed and we must change classification accordingly.
Terrorism is the result of extreme views manifested in violence with the intent of inflicting the greatest harm possible on every citizen of the United States and allied nations. These views are harbored by foreign citizens of a number of nations, by some American citizens, and by members of extremist factions of certain religions. Terrorists are not restrained behind international borders or organized in a recognizable fashion. They are free to move about the globe striking both our military and our citizens without any warning or notice.
Classified information prepared by the government for the government and distributed to only the government will not win the battles or serve the interests of our nation. At the same time our government has capabilities that can be lost in an instant if the information about those capabilities falls into the wrong hands. We are faced with a dilemma; do we hoard information that we painstakingly collected, knowing it will do no real good, or do we share the information knowing it will potentially be of only short term benefit as its eventual compromise means we will no longer obtain the same information without new techniques and means.
In 2011 we face challenges never envisioned in executive Orders since 1940. We’ve become increasingly aware of these challenges since 9/11/2001, but our framework for identifying information that requires protection and employing safeguards for that protection was designed during World War II and not changed fundamentally since then.
Current Classification Principles
A few core principles define the process for classification in the United States:
1) National Security: Although the definition has changed slightly over time, information subject to categorization and protection is limited to information pertaining to national defense, foreign relations, and since 2003 defense against transnational terrorism.
2) Vetting: Since at least the Eisenhower Order access to information that is marked as Confidential, Secret or Top Secret was restricted to individuals who have been vetted or “cleared” to one of those levels. Progressively more stringent investigation methods are used at each level with the intent of identifying any previous criminal behavior or other personality flaws that will potentially make the individual susceptible to coercion by foreign powers or prone to malfeasance or misfeasance leading to the compromise of the information the United States seeks to protect,
3) Levels: Information regarded as “classified” is placed in categories that are based on the sensitivity of that information. We have titled these categories “Confidential,” “Secret,” and “Top Secret” since the 1953 Eisenhower Order. We have never, however, defined clearly what damage, serious damage or exceptionally grave damage actually means. The lack of definition gives us the greatest flexibility in the current system and is also the single greatest flaw.
4) Safeguarding: For each of these levels of sensitivity a regimen of security safeguards is proscribed to help prevent individuals and adversaries who are not vetted from obtaining the categorized information. The required safeguards, like the vetting process, are progressively more stringent as the level of sensitivity increases. Other than provisions allowing waiver in the case of imminent loss of life, these standards must be firmly adhered to regardless of the volume of sensitive information.
Fundamental transformation may not be without significant wringing of hands by those accustomed to the system we’ve had since 1940, but we simply must change the way we protect and share information.
First, consider some core principles that may help define a new classification system:
Orders since 1953 have narrowly focused on information of military or foreign affairs significance as being classified. The current effort to define Controlled Unclassified Information is an attempt to embrace as important to the United States information about our infrastructure, vulnerabilities of our cities and our citizens, information that crosses the boundary between law enforcement and intelligence, and information that can be used to mount, or defend against, an attack in the United States. We are moving toward a standard our foreign allies have embraced many years ago for protection of information that is in the national interest.
With the President’s signing of Executive Order 13549 on CUI, the distinction between CUI and NSI is no longer a legal distinction regarding the power of the Executive, but rather steeped in the way that the classification system has evolved over the past 70 years. The emerging standards for the administration of CUI will likely involve categories of CUI, standards for who can have access, physical and technical security standards for protection of CUI, and standards for duration of control and procedures for decontrol of CUI. We have created a system in almost perfect parallel to the national security classification system, absent only some of the vestiges of the Cold War that are outdated and present weaknesses in the national security system we use today.
We must consider as a fundamental principle of a transformed classification system the need to embrace all information that requires some protection from immediate public disclosure as part of a single system of protections and safeguards.
A fundamental error made in 1940 and not corrected since is the principle that the vetting process used to validate the trustworthiness of individuals who protect sensitive information must be linked to the sensitivity level of each piece of classified information.
People are cleared at the Confidential, Secret or Top Secret level today. In practice there are really only two methods for vetting the people who are trusted with classified information. We should consider moving from three levels of vetting to just two and the ability to list those individuals who do not meet the standard for trust and confidence by the US government:
Trusted: Individuals needing routine access to sensitive information must be determined to be Trusted. To be regarded as trusted, these individuals should be free of criminal convictions or warrants and have had their bona fides verified by a competent authority. The process for hiring all military personnel, all US government civilian personnel, police, fire fighters, first responders, and those in positions requiring the public trust including elected officials must be considered a level of vetting that demonstrates a fundamental level of trust.
Highly Trusted: Individuals who need routine access to highly sensitive information must be determined to be highly trusted. These individuals must meet the standards for Trusted individuals and in addition must undergo a background investigation similar to today’s SSBI used for TS clearance and SCI access. Although not limited to US Government officials.
Excluded: Individuals who have exhibited behaviors that suggest an unacceptable risk of compromise to sensitive information may be listed as excluded from an ability to receive protected information. Only excluded individuals would be precluded from receiving classified information that they may need to do a job unless the information is judged to protect their life or the lives of others under their responsibility.
A key concept in this new approach is “routine access.” Information should always go to individuals who need the information to do their job. Non-routine access to any level of information may be given to individuals who are not either Trusted or Highly Trusted provided they are not on an Excluded list. A transformed classification system must be predicated on identifying information that requires protection from disclosure to adversaries and providing that information to anyone who can reasonably be trusted to use that information and protect it in an appropriate way.
Levels of Classification
For practical purposes there are only two levels of classification now that are tied to two types of employee vetting used by the US Government. Little if any distinction really exists between Confidential and Secret. These levels can easily be combined to a single level.
Particularly sensitive information is now protected as Top Secret and requires a distinctively greater vetting process. In a new model where routine access requires a higher level of trust, a two classification level system for information that is currently in the National Security Classification system would work.
Including aspects of the current process to codify Controlled Unclassified Information (CUI) should also be a part of the new system, particularly with its redefinition of national security to national interest.
Without paying any attention to what any new categories would be named or called, the concept of simplifying classification and including information currently in the CUI domain would look something like the model below:
We are in an electronic age managed under rules developed for paper documents. Access to electronic systems containing classified information requires that users be cleared and read-in to every level of information stored or processed on the system. This has led to the need for clearances and access to Special Access Programs in some cases to actually do unclassified work on a classified system. As a result the number of people cleared/accessed has risen dramatically actually putting at risk the information the system was designed to protect.
Safeguarding rules must also be changed to allow risk management. Systems containing a few documents at the lower levels of classification should not need to meet the more rigorous standards of systems that routinely store and process classified information. Likewise, systems with reasonable safeguards to keep users from accessing data not intended for them must not require that all users have the highest levels of trust.
Similarly, physical security standards for facilities storing hard copy or electronic classified information should also be flexible depending on the volume of data or information in any facility. Facilities holding only small amounts of low level information should be considered a low risk and meet less stringent safeguarding standards than facilities holding vast quantities of paper or electronic records containing sensitive information.
At the top tier there is still a need to identify very sensitive information that can be disseminated to a large number of people with a specific need to have the information, and provisions for some material to have significantly reduced access and additional safeguards.
The current system for Sensitive Compartmented Information (SCI) and Special Access Programs (SAP) has gotten out of control with little formal guidance for most control systems on what aspects of a program are really SCI and what aspects can be protected appropriately as collateral classified information.
Compartmentation at its core is risk management. When classified information is so fragile that exposure to a large number of trusted individuals would still lead to likely compromise of the information, dissemination is restricted to far fewer individuals who are individually approved for access. Compartmentation can also be used to reduce the risk of exposure by simply taking elements of a sensitive program and only allowing a very few individuals to have the entire scope of information.
Like a jigsaw puzzle, compartmentation is a means of protecting individual pieces. It’s the reverse of mosaic or compilation where individual pieces are carved out and given to some people and other pieces are given to other people and virtually nobody gets the whole picture.
We’ve lost that concept in current implementation when hundreds of thousands of people are briefed into a compartment for access to an IT system or when virtually all information about a program is compartmented exactly the same way.
To transform national security classification we simply must look at compartmentation and produce a single set of standards for its use that make sense and are faithful to the purposes for which compartmentation was designed.
We need a bold new approach that starts with a clean piece of paper. Our world has changed and the way we need to protect and share information has also changed. We can no longer look at the protection of information to safeguard our nation as only related to diplomatic negotiation and military strategy and operations.
Similarly the rigid rules for access to information that work well in a military environment, no longer apply. We must separate the elements of trust, sensitivity of information and safeguarding. Each has a purpose, but when these separate sets of rules are tied inextricably to one another the system is bound in a way that makes use of the information ineffective.
I propose we convene a new kind of Continental Congress where those individuals most familiar with the needs to protect and share information can work together to chart a new course for information protection that will work well in the 21st century.
In July 2009, The Constitution Project’s (TCP) bipartisan Liberty and Security Committee published a report entitled Reining in Excessive Secrecy: Recommendations for Reform of the Classification and Controlled Unclassified Information Systems. This report included fifteen specific recommendations to the Executive Branch and three specific recommendations for Congress, all designed to reform the classification regime. In December 2009, President Obama issued Executive Order 13526, and while this Executive Order incorporated some of TCP’s recommendations, the majority were not adopted at all or were not implemented fully. Further, to date, none of TCP’s legislative proposals have been implemented. Therefore, in response to the Public Interest Declassification Board’s (PIDB) request for proposals for transforming the classification system, TCP is submitting its original recommendations, updated to reflect what progress has been made to date and what more remains to be done.
A. RECOMMENDATIONS TO THE EXECUTIVE BRANCH
Endorse Presumption of Openness
1. As TCP noted in Reining in Excessive Secrecy, the executive orders governing classification have been amended over time to increase secrecy, often counter to the goals of openness and accountability. Executive Order 13526 represents a departure from this trend, but did not go far enough. As such, the President should amend the executive order, pledging accountability in the classification process. The order should establish a new framework for designating information with a presumption in favor of openness that limits classification only to information that must be protected to avoid harm to national security, with clear standards and procedures for proper classification.
2. TCP applauds the insertion of Section 1.1(b) in Executive Order 13526, which states that if “significant doubt” exists as to whether information needs to be classified, it should not be classified. However, this provision alone does not ensure adequate safe guards against over-classification. The order should include an affirmative presumption in favor of lower level classifications, or declassification, such that decisionmakers resolve any doubts (not just “significant” doubts) by applying the lower classification level or no classification.
3. TCP previously recommended that then Section 1.1(c), which creates a presumption that foreign government information is classified, should be eliminated. This provision (now contained in Section 1.1(d)) is still unnecessary because such information is already subject to classification as one of the categories noted in Section 1.4.
4. TCP continues to urge adoption of its previous recommendation that the order should clarify that information “may” be classified if standards are met, but that the classifier has discretion. Although Section 1.1(a) clearly states that for original classifications, information “may be originally classified under the terms of this order only if all of the following conditions are met,” this is undermined by the descriptions of available classification levels which include the term “shall.” Specifically, in Section 1.2(a), which sets forth the available classification levels, each category (i.e. Top Secret, Secret, and Confidential) should state that it “applies to” the described information, rather than that it “shall be applied to” such information.
5. TCP previously recommended there be an explicit prohibition on classifying material that does not meet the definitions of Top Secret, Secret, and Confidential outlined in Section 1.2. To date, no such prohibition exists and TCP urges its creation.
Weigh Public Interest in Classification/Declassification Decisions
6. TCP urges that its prior recommendation to require consideration of the public interest before information is classified should be implemented.
7. TCP continues to recommend that the government should be required to weigh the public value of the information in declassification decisions. Specifically, Section 3.1(d) of EO 13526 should be amended to delete the current first sentence and alter the next sentence so that it reads: “Information may continue to be classified only if the need to protect such information outweighs the public interest in disclosure of the information.” Also, Section 3.5(c) should be revised so that the first sentence is expanded as follows: “Agencies conducting a mandatory review for declassification shall declassify information that no longer meets the standards for classification under this order, or where the public interest in disclosure outweighs the need to protect the information.” In the second sentence of this section, “authorized and warranted” should be changed to “required,” so that the sentence would read “They shall release this information unless withholding is otherwise required under applicable law.”
Aid Sharing of National Security Information
8. To ensure national security information may be shared among the necessary parties, TCP again urges the government to create clear and effective processes for sharing classified information.
Provide Accountability and Limits on Classification
9. The Executive Order should explicitly prohibit abuse of classification markings. To date, no such prohibition has been put into place.
10. TCP also previously recommended that the timeframes for automatic declassification be decreased. Like its predecessor order, Section 1.5(b) of EO 13526 presently states that “[i]f the original classification authority cannot determine an earlier specific date or event for declassification,” information shall be automatically declassified after 10 years, unless the sensitivity of the information requires longer classification, in which case it shall be automatically declassified after a period up to 25 years. The lower time limit of this automatic declassification range should be decreased from 10 years to 5 years, and the upper limit should be decreased from 25 years to 20 years.
11. The order should be amended to include more robust methods of systematization and improvement of the process for declassification of historical records and institute stricter standards for reclassification.
12. Contrary to TCP’s recommendation, EO 13526 did not decrease the time period for automatic declassification under Section 3.3 from 25 years down to 20 years, and TCP urges that this change should still be made. However, the order did strengthen the requirements for seeking an extension of this time period. TCP had recommended that Section 3.3(b) be amended so that an extension of the classification time period beyond 25 years should not be available if release of the information simply “could be expected to” result in one of various listed harmful results. TCP welcomes the revised standard, which permits an extension only when release of the information “should clearly and demonstrably be expected to” lead to the listed harmful results.
13. The existing classification order provides for “derivative classification” by personnel who are not required to possess original classification authority to “carry forward” the original classifications into summaries, discussions, and other documents that are created from or rely upon such classified material. While TCP is gratified that EO 13526 added Section 2.1(d), which imposes training requirements on personnel with derivative classification authority, since derivative classifications may be made by personnel who have less training and authority than original classifiers, the order should require greater oversight of the derivative classification process. Specifically, the order should require that derivative classifications must be reviewed and approved by a person with original classification authority within 5 years of the derivative classification marking in order to retain their classification.
14. TCP applauds EO 13526’s establishment of a Fundamental Classification Guidance Review. Nonetheless, despite this first step, TCP urges that the order should be amended to establish new mechanisms for oversight of the classification system to guarantee accountability and transparency. The order should be revised to strengthen the role of the Director of the Information Security Oversight Office (ISOO) by replacing “have the authority to” with “regularly” in the first sentence of Section 5.2(b)(4), so that that provision would read “regularly conduct on-site reviews of each agency’s program established under this order, and require of each agency those reports, information, and other cooperation that may be necessary to fulfill its responsibilities.” The order also should require regular audits and reporting by the Inspectors General (IGs) of each federal agency that maintains classified materials, or by some other external oversight authority.
Create Agency-Level Review of Classification
15. As noted above, TCP is gratified that EO 13526 established a Fundamental Classification Guidance Review. However, the current EO does not include sufficient public oversight. The review should be public and should include a public notice and comment period and publication in the Federal Register. The review should also have the explicit objective of reducing national security secrecy to the essential minimum and declassifying all information that has been classified without a valid national security justification, consistent with the declassification standards laid out above.
B. RECOMMENDATIONS TO CONGRESS
1. Provide Accountability and Limits on Classification by Passing Legislation to Limit Classification
It is vital that all branches of government come together to address the problems of over-classification and secrecy. The President should work with Congress to ensure passage of legislation designed to reduce over-classification.
2. Strengthen Congressional Oversight of the Classification Process
Congress should be rigorous in its oversight of the classification processes at each agency and at all levels of government. It should pass legislation designed to reduce over-classification.
3. Pass an Omnibus Historical Records Act
To increase government openness, Congress should pass an omnibus Historical Records Act that would accelerate declassification of historical records. This would ensure that historically significant information is declassified in a timely manner. The HRA would provide government transparency by decreasing unnecessary secrecy as well as increase public access to historical records.
The American Civil Liberties Union commends the Public Interest Declassification Board (PIDB) for recognizing the need to transform our broken national security classification system and for creating a public forum to solicit new and innovative ideas from the American people. The ACLU, a non-partisan organization dedicated to preserving the freedoms guaranteed by the Constitution and Bill of Rights, recognizes that while a limited amount of government secrecy is necessary in certain situations, this secrecy comes with significant costs to a free and open society. Excessive government secrecy undermines the core principles of democratic government; it cripples our constitutional system of checks and balances and kills public accountability, two essential elements for the proper functioning of a healthy democracy.
The white papers produced on the PIDB “Transforming Classification” blog offer many helpful suggestions to enhance, simplify and streamline declassification efforts, but we believe the enduring problem of excessive and unnecessary classification requires more drastic measures to protect the public’s right to know and restore the constitutional balance of powers in matters of national security and foreign relations. Despite reform measures included in the December 2009 Executive Order on classification (EO 13,526), the government made a record 76,795,945 classification decisions last year, which represents more than a 40 percent increase from 2009. Incremental reform efforts have failed because the incentive structure built into the existing classification system makes it too easy for government officials to classify information unnecessarily and keep it hidden for too long, without adequately considering the true costs or the real damage such excessive secrecy does to both national security and our democracy.
We recommend the following measures to tackle the persistent and growing problem of over-classification:
I. Reduce the Amount of Time Information Remains Classified
Reversing the current incentive structure could be accomplished most easily by drastically reducing the amount of time information may be classified before automatic declassification. Section 1.5(b) of Executive Order 13,526 authorizes classification periods of between 10 and 25 years. We recommend reducing this to a period of 3 to 10 years before automatic declassification occurs. The 1997 Moynihan Commission recommended that no information should be classified for more than ten years without recertification based on current threat assessments. Documents that must remain secret after this period could be reclassified pursuant to section 1.5(c) if necessary, but forcing a declassification review of information within an earlier time-frame would increase the likelihood of identifying improperly classified material earlier, and reduce the long-term costs of protecting unnecessary secrets. Forcing an earlier review of classification decisions would also identify more quickly the individual classifiers in need of re-training or reprimand. When officials making classification decisions realize their work will be reviewed by others while they are still employed at the agency in question, rather than long after they’ve retired, they will be more likely to use care in making classification decisions.
Finally, by putting the agency officials in the position of having to re-certify materials within a short time period before the classification automatically expires, they will have to devote more resources to the declassification review earlier in the life cycle of the information. This would force agencies to realize the expenses involved in classification at an earlier point, rather than over years in the future. The incentive would then be to reduce these costs by limiting the amount of information that is classified in the first place, and to keep to an absolute minimum the information that remains classified after review, as it would be again subject to review within a similarly shorter time period.
II. Require Original Classification Authority Review of Derivatively Classified Information
The Information Security Oversight Office reported that 99.7% of classification actions are derivative classifications made not by trained original classification authorities, but by other agency employees or contractors who may be untrained in and less familiar with classification policy. These derivatively classified materials should be reviewed by an original classification authority within a reasonable amount of time (no longer than five years), to detect and remedy improper classification more quickly. Again, by forcing agencies to face the costs of unnecessary classification earlier, they will be encouraged to provide adequate training and oversight in order to reduce these costs.
III. Restore Constitutional Checks and Balances in National Security Matters
EO 13,526 correctly proclaims that “[o]ur democratic principles require that the American people be informed of the activities of their Government.” When executive branch officials use classification to conceal crucial information from Members of Congress, the courts, and the public, they sabotage the checks and balances necessary to the proper functioning of our government and undermine the Constitution they are sworn to protect.
1. Reform the State Secrets Privilege
The most corrosive effect of excessive secrecy on our democratic principles occurs when our government is not held accountable for its actions. In its most sinister form, secrecy has been used not to protect national security, but to hide illegality or shield agencies and elected officials from liability or embarrassment. Under the Bush Administration, the state secrets privilege mutated from a common-law evidentiary rule that permitted the government to block discovery of information that would adversely affect national security, into an alternative form of immunity that is increasingly being used to shield the government from accountability for systemic violations of the Constitution. Unfortunately, the Obama administration has endorsed this expansive interpretation of the state secrets privilege and its 2009 guidelines offered only procedural reforms as an antidote to abuse.
The President should revisit these guidelines and invoke the privilege only when necessary to protect particular pieces of classified evidence, rather than to seek dismissal of lawsuits. The President should also support state secrets reform legislation that would require courts to conduct an independent review of evidence the executive claims is privileged.
2. Encourage Congressional Oversight
Frequently, excessive secrecy means that Members of Congress are not fully informed of important developments or key pieces of intelligence during critical debates. As a co-equal branch of government Congress shares the responsibility for overseeing and funding national security programs and the President should encourage robust congressional participation in national security matters. The Government Accountability Office is mandated to investigate all programs and activities of the U.S. government and report to Congress and the President recommendations regarding how these programs may be performed more efficiently. The President should intervene to prevent the intelligence agencies from obstructing GAO efforts to audit intelligence programs.
The President should also request additional funds and devote additional resources to expand existing declassification efforts. There are significant physical costs to safeguarding secrets, estimated at more than $10 billion per year, while a fraction of that amount is devoted to declassification. Additional resources expended on declassification today will reduce the unnecessary long term costs of securing information that does not need to be protected.
The Public Interest Declassification Board has offered some excellent proposals to improve the broken security classification system. To reverse the disturbing trends of massive overclassification and decreasing openness, to put declassification activities on a firmer budgetary foundation, and to focus resources toward protecting true national security secrets, the National Security Archive proposes levying a classification tax, eliminating redundancies in the equity system, and adhering to “sunshine dates” when classifying and declassifying information.
Levying a Classification Tax.
The existence of the 400 million page backlog of classified historical documents at the National Archives reflects the failure of agency declassification programs, as well as the low priority that federal budget planners have given to declassification. The government spent more than $10 billion in fiscal year 2010 on classification security, but only an infinitesimal amount, $50 million (.5%) on declassification activities. Unless the National Declassification Center and other declassification programs have a dependable source of revenue, the ebbs and flows of federal funding could cause seriously harmful setbacks. Already, federal budget cuts are leading the military services to cut declassification activities. This may be only the beginning. As its first biannual report documents, the NDC requires more funding to increase its output and make better progress in tackling the hundreds of millions of pages of historic documents which remain classified. Sufficient funding would ensure that the future generations of archivists, historians, and policymakers have access to the historic documents of the United States.
To make certain that the National Archives and other federal agencies have a reliable source of funding for declassification, and to make the agencies more directly responsible for their classification decisions, we propose a “Classification Tax,” a designated percentage of what federal agencies spend on classification and information security each year. Congress could designate 2% of the total costs of the classification system for declassification. A 2% designation on classification would produce $200 million this year, a four-fold increase, sufficient to expand funding for the NDC and other programs. While the lion’s share of the revenue should go to the NDC, declassification funds could also be divided among the agencies in proportion to their share of the secrecy budget.
Eliminating Redundancies in the Equity System.
The agency “equity” system is a problem that has ground declassification processing to a halt. This system is based on the understanding that records produced by government agencies in the national security field often contain information from a variety of agencies. For example, a situation report on a war in country X may contain information from CIA, National Security Agency, defense attachés, and embassies. Under the current system, each of those agencies have an equity, close to an ownership stake, in that situation report and each of them must consent to the declassification of their information before the document can be declassified. Because such documents are subject to multiple agency reviews, the declassification process is prolonged, sometimes for years or decades, and the cost of the review is drastically increased.
Contrary to what some agencies argue, agency “ownership” of information is not absolute. The Interagency Classification Appeals Panel frequently overrules agencies and forces declassification of “their” information. Unfortunately, most documents do not go through the ISCAP review process, so it is necessary to conceive of a system where equity interests do not trump timely declassification and efficient use of resources. One of the proposals raised on the PIDB “Transforming Classification” website suggested centralizing declassification authority in the National Declassification Center for historical documentation held at NARA. By applying guidance approved by ISCAP, the Center could take into account all and any legitimate agency concerns about equities. The National Security Archive supports this proposal because, as one commentator suggested, it is likely to “improve efficiency in the system by minimizing or ending multiple reviews, which is critical to saving resources.”
Upgrading the NDC’s authority could do much good, but it would not end the interminable delays caused by equity issues that surface in archival FOIA and other declassification requests. Therefore, we propose an interagency referral center paralleling the NDC. It could begin as a prototype center, combining officials from State, OSD and ODNI, who could promptly consider FOIA documents where multiple equities are at issue.
Adhering to “Sunshine Dates.”
The best mechanism to fundamentally transform classification is already explained in the President’s Executive Order on Classification; unfortunately, it is not followed by declassification authorities.
Executive Order 13526 mandates that “At the time of original classification, the original classification authority shall establish a specific date or event for declassification based on the duration of the national security sensitivity of the information. Upon reaching the date or event, the information shall be automatically declassified.” The executive order exempts confidential human sources, confidential intelligence sources and key design concepts of weapons of mass destruction from automatic declassification.
Adhering to this “sunshine date” and then declassifying the vast bulk of classified information at the date specified, rather than requiring a line-by-line review by a declassifying authority, would substantially decrease the universe of classified information and the burden on the limited resource of security reviewers.
Of course, no transformational declassification policy will be without critics. Transparency advocates may argue that this “sunshine date” will encourage classification authorities to establish the maximum possible classification dates –which the current executive order defines at 25 years. While all efforts should be made to train classifying authorities to properly classify documents in relation to their sensitivity, automatic declassification of documents at 25 years is better for the American public than the status quo. Currently, hundreds of millions of pages of documents ripe for declassification, all older than twenty five years, remain mothballed in storage due to lack of resources.
Supporters of the existing system may argue that the danger posed to US national security outweighs adhering to the “sunshine dates” defined in Executive Order 13526, and that it is necessary to withhold hundreds of millions of pages of classified documents from the US public. Several measures can be implemented to assuage these concerns of damage to national security. Classifying authorities must be trained or re-trained to follow the Executive Order on classification and mark each newly classified document with an accurate automatic declassification date. They must also be certain to identify human sources, intelligence sources, and WMD designs that cannot be automatically declassified and must be reviewed by declassification experts. This will ensure that all future classified information not mentioning human sources, intelligence sources, or WMD design, can be declassified on the date specified by the classifying authority without undue harm to US national security. “Sunshine dates” will ensure that information security professionals can direct the bulk of their efforts toward protecting America’s real national security secrets, rather than decades-old historic records which should be expeditiously declassified.
The amount of classified information in America is growing at an exponential rate while the amount of resources available to declassify information remains flat. The current system of declassification has become untenable. We believe that levying a classification tax of 2% to ensure steady declassification funding, reforming the equity system to eliminate redundant human declassification reviews, and adhering to “sunshine dates” to automatically declassify the bulk of information in the classified universe, are the best solutions to transform classification, to focus on protecting true national security secrets, and to ensure the public’s access to its formerly classified history.
The creation of the National Declassification Center (NDC) by President Obama in December 2009 specifies the centralization and streamlining of all declassification processes with the objective of shortening the time to declassify a document. This enormous task mandates the use of the newest technology to assist with streamlining processes as well as creating consistent, more accurate processes. The Executive Order also specifies that declassification instructions accompany all document classifications. This leads the way to a major new form of support and automation for consistent declassification: by embedding or formally associating declassification information in the document at the time of creation and classification, a system can treat these documents as essentially self-declassifying, rather than requiring intensive manual labor to identify their suitability for declassification and redactions required for release.
When classification is first applied to a document or portion, the classification authority must determine the elements of content that cause the classification and the reason that this content must be classified. In addition, according to Executive Order 13526, the classification authority must establish a date or event for the declassification of the material, at the occurrence of which the material automatically becomes declassified. Making full practical use of this information requires a new approach to classification and declassification. Without this, the fact that the material becomes declassified as a matter of policy may have no direct effect in practice; a reviewer must still read the material, consider its original classification, determine the applicability of declassification, and apply the change. This creates essentially duplicate work, and it limits the value of identifying the declassification criteria at the time of the original classification. To take full advantage of the available declassification criteria therefore requires a new approach, with automation that follows the content through its classification life cycle.
We envision a system that enables document self-declassification while maintaining security safeguards and the extent of manual verification and additional review required by policy. The self-declassification (SDC) system should consist of a set of software and networked components to track and apply declassification instructions. Any person who creates a document, or edits one if allowed by policy, must enable the association of applicable classification information. The classification authority must specify not only the classification of each portion but also the conditions for declassification of any classified portion. The system should then aid declassification in two ways:
- Based on its own recognition, the system should identify when documents become releasable, or when certain document portions as no longer require redaction before release. For example, the system can recognize on its own that the date for declassification has arrived, and can automatically identify this document for declassification, either applying the automatic declassification directly or placing the document in a queue for any final review that a specialized policy may require. The system may also include a capability to track events that are entered by authorized individuals, in order to automatically apply event-driven declassification; this is likely to apply primarily to events that may affect the classification of large numbers of documents.
- The system should further present documents or redactions for potential release to a reviewer, with a specification of the conditions for release. This allows the reviewer to determine directly whether those conditions have been met, without requiring the reviewer to engage in a labor-intensive process of considering all content in the document for potential sensitivity. This approach is suitable for conditions the system cannot verify directly. Once the reviewer has identified that release criteria are met, the system should handle the document as above, thus relieving the reviewer of the requirement to read the entire document and re-apply the same reasoning that was applied when the document or portion was originally classified.
The SDC system should thus support classification awareness throughout the life cycle of a document.
- At creation and editing time, classification and declassification information should be associated with the document and its portions, systematically and securely, in a form designed for use with automated systems. Documents for which this information is complete and unchanging should be considered “closed” and unavailable for editing, a condition that the system should enforce.
- Declassification can be triggered either by automated recognition that the criteria are satisfied or by external system or human request.
- All declassification should be performed to the maximum extent possible by automated application of previously defined rules.
- All information about the classification decision and the rules applied in this decision should be made directly available to the individuals who perform any required manual review.
A self-declassification system as described will streamline the declassification process by allowing subject matter experts to make decisions about classification only once. By maintaining full classification and declassification information tightly linked to the document and its portions throughout the content life cycle, the system will take responsibility for maintaining a consistent application of the decision made by the original classifier. In essence, from the point of view of an information consumer or declassification reviewer, each document will perform its own declassification, subject only to the entry of information not directly available to the system and to any specialized manual review that is required for verification and policy.