Classified information in the United States

Last updated

The United States government classification system is established under Executive Order 13526, the latest in a long series of executive orders on the topic of classified information beginning in 1951. [1] Issued by President Barack Obama in 2009, Executive Order 13526 replaced earlier executive orders on the topic and modified the regulations codified to 32 C.F.R. 2001. It lays out the system of classification, declassification, and handling of national security information generated by the U.S. government and its employees and contractors, as well as information received from other governments. [2]

Contents

The desired degree of secrecy about such information is known as its sensitivity. Sensitivity is based upon a calculation of the damage to national security that the release of the information would cause. The United States has three levels of classification: Confidential, Secret, and Top Secret. Each level of classification indicates an increasing degree of sensitivity. Thus, if one holds a Top Secret security clearance, one is allowed to handle information up to the level of Top Secret, including Secret and Confidential information. If one holds a Secret clearance, one may not then handle Top Secret information, but may handle Secret and Confidential classified information.

The United States does not have a British-style Official Secrets Act. Instead, several laws protect classified information, including the Espionage Act of 1917, the Atomic Energy Act of 1954 and the Intelligence Identities Protection Act of 1982. A 2013 report to Congress noted that the relevant laws have been mostly used to prosecute foreign agents, or those passing classified information to them, and that leaks to the press have rarely been prosecuted. [3] The legislative and executive branches of government, including US presidents, have frequently leaked classified information to journalists. [4] [ page needed ] [5] [6] [7] Congress has repeatedly resisted or failed to pass a law that generally outlaws disclosing classified information. Most espionage law criminalizes only national defense information; only a jury can decide if a given document meets that criterion, and judges have repeatedly said that being "classified" does not necessarily make information become related to the "national defense". [8] [9] Furthermore, by law, information may not be classified merely because it would be embarrassing or to cover illegal activity; information may be classified only to protect national security objectives. [10]

The United States over the past decades under the Obama and Clinton administrations has released classified information to foreign governments for diplomatic goodwill, known as declassification diplomacy. Examples include information on Augusto Pinochet to the government of Chile. In October 2015, US Secretary of State John Kerry provided Michelle Bachelet, Chile's president, with a pen drive containing hundreds of newly declassified documents. [11]

A 2007 research report by Harvard history professor Peter Galison, published by the Federation of American Scientists, claimed that the classified universe in the US "is certainly not smaller and very probably is much larger than this unclassified one. ... [And] secrecy ... is a threat to democracy. [12]

Terminology

Derivative classification activity 1996-2011 Information Security Oversight Office (ISOO) 2011 Annual Report to the President.pdf
Derivative classification activity 1996–2011

The U.S. government uses the term Controlled Unclassified Information to refer to information that is not Confidential, Secret, or Top Secret, but whose dissemination is still restricted. [13]

Reasons for such restrictions can include export controls, privacy regulations, court orders, and ongoing criminal investigations, as well as national security. Information that was never classified is sometimes referred to as "open source" by those who work in classified activities. Public Safety Sensitive (PSS) refers to information that is similar to Law Enforcement Sensitive but could be shared between the various public safety disciplines (Law Enforcement, Fire, and Emergency Medical Services).

Peter Louis Galison, a historian and Director [14] in the History of Science department at Harvard University, claims that the U.S. Government produces more classified information than unclassified information. [13]

Levels and categories of classification

The United States government classifies sensitive information according to the degree which the unauthorized disclosure would damage national security. The three primary levels of classification (from least to greatest) are Confidential, Secret, and Top Secret. [15] [16] [17] [18]

However, even Top Secret clearance does not allow one to access all information at, or below, Top Secret level. Access requires the clearance necessary for the sensitivity of the information, as well as a legitimate need to obtain the information. [19] For example, all US military pilots are required to obtain at least a Secret clearance, but they may only access documents directly related to their orders.

To ensure that only those with a legitimate need to know can access information, classified information may have additional categorizations/markings and access controls that could prevent even someone with a sufficient level of clearance from seeing it. Examples of this include: Special Access Program (SAP), Sensitive Compartmented Information (SCI), Restricted Data (RD), and Alternative or Compensatory Control Measures (ACCM). [20] [21] [22] [23] [24] [25]

The classification system is governed by Executive Order rather than by law. An exception is information on nuclear weapons, materials and power, where levels of protection are specified in the Atomic Energy Act of 1954, see restricted data. Typically each president will issue a new executive order, either tightening classification or loosening it. The Clinton administration made a major change in the classification system by issuing an executive order that for the first time required all classified documents to be declassified after 25 years unless they were reviewed by the agency that created the information and determined to require continuing classification. [26] Executive Order 13292, issued by President George W. Bush in 2003 relaxed some declassification requirements.

Primary levels

Confidential

This is the lowest classification level of information obtained by the government. It is defined as information that would "damage" national security if publicly disclosed, again, without the proper authorization. [27]

Examples include information related to military strength and weapons. [28]

During and before World War II, the U.S. had a category of classified information called Restricted, which was below confidential. The U.S. no longer has a Restricted classification, but many other countries and NATO documents do. The U.S. treats Restricted information it receives from other governments as Confidential. The U.S. does use the term restricted data in a completely different way to refer to nuclear secrets, as described below.

Secret

This is the second-highest classification. Information is classified Secret when its unauthorized disclosure would cause "serious damage" to national security. [27] Most information that is classified is held at the secret sensitivity. [29] [30]

"Examples of serious damage include disruption of foreign relations significantly affecting the national security; significant impairment of a program or policy directly related to the national security; revelation of significant military plans or intelligence operations: compromise of significant military plans or intelligence operations; and compromise of significant scientific or technological developments relating to national security." [28]

Top Secret

An example of a U.S. classified document; page 13 of a United States National Security Agency report on the USS Liberty incident, partially declassified and released to the public in July 2003. The original overall classification of the page, "Top Secret" code word UMBRA, is shown at top and bottom. The classification of individual paragraphs and reference titles is shown in parentheses--there are six different levels on this page alone. Notations with leader lines at top and bottom cite statutory authority for not declassifying certain sections. NSALibertyReport.p13.jpg
An example of a U.S. classified document; page 13 of a United States National Security Agency report on the USS Liberty incident, partially declassified and released to the public in July 2003. The original overall classification of the page, "Top Secret" code word UMBRA, is shown at top and bottom. The classification of individual paragraphs and reference titles is shown in parentheses—there are six different levels on this page alone. Notations with leader lines at top and bottom cite statutory authority for not declassifying certain sections.

The highest security classification. "Top Secret shall be applied to information, the unauthorized disclosure of which reasonably could be expected to cause 'exceptionally grave damage' to the National Security that the original classification authority is able to identify or describe." [27] As of 2019, around 1.25 million individuals have Top Secret clearance. [32]

"Examples of exceptionally grave damage include armed hostilities against the United States or its allies; disruption of foreign relations vitally affecting the national security; the compromise of vital national defense plans or complex cryptology and communications intelligence systems; the revelation of sensitive intelligence operations, and the disclosure of scientific or technological developments vital to national security." [28]

Additional proscribed categories

Top Secret is the highest level of classification. However some information is further categorized/marked by adding a code word so that only those who have been cleared for each code word can see it. A document marked SECRET (CODE WORD) could be viewed only by a person with a secret or top secret clearance and that specific code word clearance.

Special Access Program

Executive Order 13526, which forms the legal basis for the U.S. classification system, states that "information may be classified at one of the following three levels", with Top Secret as the highest level (Sec. 1.2). However, this executive order provides for special access programs that further restricted access to a small number of individuals and permit additional security measures (Sec. 4.3). These practices can be compared with (and may have inspired) the concepts multilevel security and role-based access control. U.S. law also has special provisions protecting information related to cryptography (18 USC 798), nuclear weapons and atomic energy (see Controls on atomic-energy information) and the identity of covert intelligence agents (see Intelligence Identities Protection Act).

Sensitive Compartmented Information

Classified information concerning or derived from sensitive intelligence sources, methods, or analytical processes. All SCI must be handled within formal access control systems established by the Director of National Intelligence. [33] [34] [35] [20]

Restricted Data/Formerly Restricted Data

Restricted Data (RD) and Formerly Restricted Data (FRD) are classification markings that concern nuclear information. These are the only two classifications that are established by federal law, being defined by the Atomic Energy Act of 1954. Nuclear information is not automatically declassified after 25 years. Documents with nuclear information covered under the Atomic Energy Act will be marked with a classification level (confidential, secret or top secret) and a restricted data or formerly restricted data marking. [36]

Nuclear information as specified in the act may inadvertently appear in unclassified documents and must be reclassified when discovered. Even documents created by private individuals have been seized for containing nuclear information and classified. Only the Department of Energy may declassify nuclear information. [36]

Most RD and FRD (as well as most classified information in general) are classified at either the Confidential or Secret levels; however they require extra RD/FRD specific clearances in addition to the clearance level. [29]

Unclassified

Unclassified is not technically a classification; this is the default and refers to information that can be released to individuals without a clearance. Information that is unclassified is sometimes restricted in its dissemination as Controlled Unclassified Information. For example, the law enforcement bulletins reported by the U.S. media when the United States Department of Homeland Security raised the U.S. terror threat level were usually classified as "U//LES", or "Unclassified – Law Enforcement Sensitive". This information is supposed to be released only to law enforcement agencies (sheriff, police, etc.), but, because the information is unclassified, it is sometimes released to the public as well.

Information that is unclassified but which the government does not believe should be subject to Freedom of Information Act requests is often classified as Controlled Unclassified Information (CUI). In addition to CUI classification, information can be categorized according to its availability to be distributed, e.g., Distribution D may only be released to approved Department of Defense and U.S. Department of Defense contractor personnel. [37]

The statement of NOFORN (meaning "no foreign nationals") is applied to any information that may not be released to any non-U.S. citizen. NOFORN and distribution statements are often used in conjunction with classified information or alone on Sensitive But Unclassified (SBU) information. Documents subject to export controls have a specific warning to that effect. Information which is "personally identifiable" is governed by the Privacy Act of 1974 and is also subject to strict controls regardless of its level of classification.

Finally, information at one level of classification may be "upgraded by aggregation" to a higher level. For example, a specific technical capability of a weapons system might be classified Secret, but the aggregation of all technical capabilities of the system into a single document could be deemed Top Secret.

Use of information restrictions outside the classification system is growing in the U.S. government. In September 2005 J. William Leonard, director of the U.S. National Archives Information Security Oversight Office, was quoted in the press as saying, "No one individual in government can identify all the controlled, unclassified [categories], let alone describe their rules." [38]

Controlled Unclassified Information (CUI)

One of the 9/11 Commission findings was that "the government keeps too many secrets." To address this problem, the Commission recommended that '[t]he culture of agencies feeling they own the information they gathered at taxpayer expense must be replaced by a culture in which the agencies instead feel they have a duty ... to repay the taxpayers' investment by making that information available.'" [39]

Due to over 100 designations in use by the U.S. government for unclassified information at the time, President George W. Bush issued a Presidential memorandum on May 9, 2008, in an attempt to consolidate the various designations in use into a new category known as Controlled Unclassified Information (CUI). The CUI categories and subcategories were hoped to serve as the exclusive designations for identifying unclassified information throughout the executive branch not covered by Executive Order 12958 or the Atomic Energy Act of 1954 (as amended, though there is CUI//SP-UCNI now [40] ) but still required safeguarding or dissemination controls, pursuant to and consistent with any applicable laws, regulations, and government-wide policies in place at the time. CUI would replace categories such as For Official Use Only (FOUO), Sensitive But Unclassified (SBU) and Law Enforcement Sensitive (LES). [41] [42]

The Presidential memorandum also designated the National Archives as responsible for overseeing and managing the implementation of the new CUI framework. [43]

This memorandum has since been rescinded by Executive Order 13556 of November 4, 2010 and the guidelines previously outlined within the memo were expanded upon in a further attempt to improve the management of information across all federal agencies as well as establish a more standard, government-wide program regarding the controlled declassification designation process itself. [44]

The U.S. Congress has attempted to take steps to resolve this, but did not succeed. The U.S. House of Representatives passed the Reducing Information Control Designations Act H.R. 1323 on March 17, 2009. The bill was referred to the Senate Committee on Homeland Security and Governmental Affairs. Because no action was taken in committee [45] and bills expire at the end of every Congress, there is currently no bill to solve unclassified designations.

For Official Use Only (FOUO)

Among U.S. government information, FOUO was primarily used by the U.S. Department of Defense as a handling instruction for Controlled Unclassified Information (CUI) which may be exempt from release under exemptions two to nine of the Freedom of Information Act (FOIA). [46] It is one of the various sub-categorizations for strictly unclassified information which, on 24 February 2012, was officially consolidated as CUI.

Other departments continuing the use of this designation include the Department of Homeland Security. [47]

Public Trust

According to the Department of Defense, Public Trust is a type of position, not clearance level, though General Services Administration refers to it as clearance level. [18] Certain positions which require access to sensitive information, but not information which is classified, must obtain this designation through a background check. Public Trust Positions can either be moderate-risk or high-risk. [16] [48] [49]

Proper procedure for classifying U.S. government documents

To be properly classified, a classification authority (an individual charged by the U.S. government with the right and responsibility to properly determine the level of classification and the reason for classification) must determine the appropriate classification level, as well as the reason information is to be classified. A determination must be made as to how and when the document will be declassified, and the document marked accordingly. Executive Order 13526 describes the reasons and requirements for information to be classified and declassified (Part 1). Individual agencies within the government develop guidelines for what information is classified and at what level.

The former decision is original classification. A great majority of classified documents are created by derivative classification. For example, if one piece of information, taken from a secret document, is put into a document along with 100 pages of unclassified information, the document, as a whole, will be secret. Proper rules stipulate that every paragraph will bear a classification marking of (U) for Unclassified, (C) for Confidential, (S) for Secret, and (TS) for Top Secret. Therefore, in this example, only one paragraph will have the (S) marking. If the page containing that paragraph is double-sided, the page should be marked SECRET on top and bottom of both sides. [50]

A review of classification policies by the Office of the Director of National Intelligence aimed at developing a uniform classification policy and a single classification guide that could be used by the entire U.S. intelligence community. Significant interagency differences were found that impaired cooperation and performance. The initial ODNI review, completed in January 2008, found that "There appears to be no common understanding of classification levels among the classification guides reviewed by the team, nor any consistent guidance as to what constitutes 'damage,' 'serious damage,' or 'exceptionally grave damage' to national security." [51]

Classification categories

Step 3 in the classification process is to assign a reason for the classification. Classification categories are marked by the number "1.4" followed by one or more letters (a) to (h): [50] [52]

Classifying non-government-generated information

The Invention Secrecy Act of 1951 allows the suppression of patents (for a limited time) for inventions that threaten national security.

Whether information related to nuclear weapons can constitutionally be "born secret" as provided for by the Atomic Energy Act of 1954 has not been tested in the courts.

Guantanamo Bay detention camp has used a "presumptive classification" system to describe the statements of Guantanamo Bay detainees as classified. When challenged by Ammar al-Baluchi in the Guantanamo military commission hearing the 9/11 case, [53] the prosecution abandoned the practice. [54] Presumptive classification continues in the cases involving the habeas corpus petitions of Guantanamo Bay detainees.

Protecting classified information

A GSA-approved security container GSAclass6SecurityContainer.jpg
A GSA-approved security container

Facilities and handling

One of the reasons for classifying state secrets into sensitivity levels is to tailor the risk to the level of protection. The U.S. government specifies in some detail the procedures for protecting classified information. The rooms or buildings for holding and handling classified material must have a facility clearance at the same level as the most sensitive material to be handled. Good quality commercial physical security standards generally suffice for lower levels of classification. At the highest levels, people sometimes must work in rooms designed like bank vaults (see Sensitive Compartmented Information Facility – SCIF). The U.S. Congress has such facilities inside the Capitol Building, among other Congressional handling procedures for protecting confidentiality. [55]

The U.S. General Services Administration sets standards for locks and containers used to store classified material. The most commonly-approved security containers resemble heavy-duty file cabinets with a combination lock in the middle of one drawer. In response to advances in methods to defeat mechanical combination locks, the U.S. government switched to electromechanical locks that limit the rate of attempts to unlock them. After a specific number of failed attempts, they will permanently lock, requiring a locksmith to reset them.

The most sensitive material requires two-person integrity, where two cleared individuals are responsible for the material at all times. Approved containers for such material have two separate combination locks, both of which must be opened to access the contents.[ citation needed ]

Marking

Classified U.S. government documents typically must be stamped with their classification on the cover and at the top and bottom of each page. Authors must mark each paragraph, title and caption in a document with the highest level of information it contains, usually by placing appropriate initials in parentheses at the beginning of the paragraph, title, or caption, for example (C), (S), (TS), (TS-SCI), etc., or (U) for unclassified.

Cover sheets

Classified documents with and without cover sheets found by the Federal Bureau of Investigation during its search of Mar-a-Lago in August 2022. Classified intelligence material found during search of Mar-a-Lago.jpg
Classified documents with and without cover sheets found by the Federal Bureau of Investigation during its search of Mar-a-Lago in August 2022.

Commonly, one must affix a brightly colored cover sheet to the cover of each classified document to prevent unauthorized observation of classified material (shoulder surfing) and to remind users to lock up unattended documents. The cover sheets warn viewers of the sensitive nature of the enclosed material, but are themselves unclassified. Typical colors are blue for confidential, red for secret and orange for top secret. [56]

Transmission

Restrictions dictate shipment methods for classified documents. Top Secret material must go by special courier, Secret material within the U.S. via registered mail, and Confidential material by certified mail. Electronic transmission of classified information largely requires the use of National Security Agency approved/certified "Type 1" cryptosystems using NSA's unpublished and classified Suite A algorithms. The classification of the Suite A algorithms categorizes the hardware that store them as a Controlled Cryptographic Item (CCI) under the International Traffic in Arms Regulations, or ITAR. [57]

CCI equipment and keying material must be controlled and stored with heightened physical security, even when the device is not processing classified information or contains no cryptographic key. NSA is currently implementing what it calls Suite B, a group of commercial algorithms such as Advanced Encryption Standard (AES), Secure Hash Algorithm (SHA), Elliptic Curve Digital Signature Algorithm (ECDSA) and Elliptic curve Diffie–Hellman (ECDH). Suite B provides protection for data up to Top Secret on non-CCI devices, which is especially useful in high-risk environments or operations needed to prevent Suite A compromise. These less stringent hardware requirements stem from the device not having to "protect" classified Suite A algorithms. [57]

Specialized computer operating systems known as trusted operating systems are available for processing classified information. These systems enforce the classification and labeling rules described above in software. Since 2005 they are not considered secure enough to allow uncleared users to share computers with classified activities. Thus, if one creates an unclassified document on a secret device, the resultant data is classified secret until it can be manually reviewed. Computer networks for sharing classified information are segregated by the highest sensitivity level they are allowed to transmit, for example, SIPRNet (Secret) and JWICS (Top Secret-SCI).

Destruction

The destruction of certain types of classified documents requires burning, shredding, pulping or pulverizing using approved procedures and must be witnessed and logged.[ citation needed ] Classified computer data presents special problems. See Data remanence.

Lifetime commitment

When a cleared individual leaves the job or employer for which they were granted access to classified information, they are formally debriefed from the program. Debriefing is an administrative process that accomplishes two main goals: it creates a formal record that the individual no longer has access to the classified information for that program; and it reminds the individual of their lifetime commitment to protect that information.

Typically, the individual is asked to sign another non-disclosure agreement (NDA), similar to that which they signed when initially briefed, and this document serves as the formal record. The debriefed individual does not lose their security clearance; they have only surrendered the need to know for information related to that particular job.

Classifications and clearances between U.S. government agencies

Senator Barry Goldwater reprimanding CIA director William J. Casey for Secret info showing up in The New York Times, but then saying it was over-classified to begin with. 1983 Goldwater casey nyt leak.png
Senator Barry Goldwater reprimanding CIA director William J. Casey for Secret info showing up in The New York Times , but then saying it was over-classified to begin with. 1983

In the past, clearances did not necessarily transfer between various U.S. government agencies. For example, an individual cleared for Department of Defense Top Secret had to undergo another investigation before being granted a Department of Energy Q clearance. Agencies are now supposed to honor background investigations by other agencies if they are still current.

Because most security clearances only apply inside the agency where the holder works, if one needs to meet with another agency to discuss classified matters, it is possible and necessary to pass one's clearance to the other agency. For example, officials visiting at the White House from other government agencies would pass their clearances to the Executive Office of the President (EOP).

The Department of Energy security clearance required to access Top Secret Restricted Data, Formerly Restricted Data, and National Security Information, as well as Secret Restricted Data, is a Q clearance. The lower-level L clearance is sufficient for access to Secret Formerly Restricted Data and National Security Information, as well as Confidential Restricted Data and Formerly Restricted Data. [58] In practice, access to Restricted Data is granted, on a need-to-know basis, to personnel with appropriate clearances. At one time, a person might hold both a TS and a Q clearance, but that duplication and cost is no longer required. For all practical purposes, Q is equivalent to Top Secret, and L is equivalent to Secret.

Contrary to popular lore, the Yankee White clearance given to personnel who work directly with the President is not a classification. Individuals having Yankee White clearances undergo extensive background investigations. The criteria include U.S. citizenship, unquestionable loyalty, and an absolute absence of any foreign influence over the individual, their family, or "persons to whom the individual is closely linked". [59] [60]

Also, they must not have traveled (save while in government employ and at the instructions of the United States) to countries that are considered to be unfriendly to the United States.[ citation needed ] Yankee White cleared personnel are granted access to any information for which they have a need to know, regardless of which organization classified it or at what level.[ citation needed ]

See also the Single Scope Background Investigation below, along with explicit compartmented access indoctrination. Some compartments, especially intelligence-related, may require a polygraph examination, although the reliability of the polygraph is controversial. The NSA uses the polygraph early in the clearance process[ citation needed ] while the CIA uses it at the end, which may suggest divergent opinions on the proper use of the polygraph.

Standard form 312

Standard Form 312 (SF 312) is a non-disclosure agreement required under Executive Order 13292 to be signed by employees of the U.S. Federal Government or one of its contractors when they are granted a security clearance for access to classified information. The form is issued by the Information Security Oversight Office of the National Archives and Records Administration and its title is "Classified Information Nondisclosure Agreement." SF 312 prohibits confirming or repeating classified information to unauthorized individuals, even if that information is already leaked. The SF 312 replaces the earlier forms SF 189 or the SF 189-A. Enforcement of SF-312 is limited to civil actions to enjoin disclosure or seek monetary damages and administrative sanctions, "including reprimand, suspension, demotion or removal, in addition to the likely loss of the security clearance." [61]

Categories that are not classifications

Compartments also exist, that employ code words pertaining to specific projects and are used to more easily manage individual access requirements. Code words are not levels of classification themselves, but a person working on a project may have the code word for that project added to their file, and then will be given access to the relevant documents. Code words may also label the sources of various documents; for example, code words are used to indicate that a document may break the cover of intelligence operatives if its content becomes known. The World War II code word Ultra identified information found by decrypting German ciphers, such as the Enigma machine, and which—regardless of its own significance—might inform the Germans that Enigma was broken if they became aware that it was known.

Sensitive Compartmented Information (SCI) and Special Access Programs (SAP)

The terms "Sensitive Compartmented Information" (SCI) [62] [63] and "Special Access Program" (SAP) [64] are widely misunderstood as classification levels or specific clearances.

In fact, the terms refer to methods of handling certain types of classified information that relate to specific national-security topics or programs (whose existence may not be publicly acknowledged) or the sensitive nature of which requires special handling, and thereby those accessing it require special approval to access it.

The paradigms for these two categories, SCI originating in the intelligence community and SAP in the Department of Defense, formalize 'Need to Know' and addresses two key logistical issues encountered in the day-to-day control of classified information:

  • Individuals with a legitimate need to know may not be able to function effectively without knowing certain facts about their work. However, granting all such individuals a blanket DoD clearance (often known as a "collateral" clearance) at the Top Secret level would be undesirable, not to mention prohibitively expensive.
  • The government may wish to limit certain types of sensitive information only to those who work directly on related programs, regardless of the collateral clearance they hold. Thus, even someone with a Top Secret clearance cannot gain access to its Confidential information unless it is specifically granted.

To be clear, "collateral" (formerly referred to as General Service or GENSER) simply means one lacks special access (e.g. SCI, SAP, COMSEC, NATO, etc.). Confidential, Secret, and Top Secret are all, by themselves, collateral clearance levels. [65] [63]

SAP and SCI are usually found at the Top Secret classification, but there is no prohibition of applying such segregation to Confidential and Secret information. [66] [67]

SAP and SCI implementation are roughly equivalent, and it is reasonable to discuss their implementation as one topic. For example, SAP material needs to be stored and used in a facility much like the SCIF described below.

Department of Energy information, especially the more sensitive SIGMA categories, may be treated as SAP or SCI.

Access to compartmented information

Personnel who require knowledge of SCI or SAP information fall into two general categories:

  • Persons with a need to know
  • Persons with actual access

Access to classified information is not authorized based on clearance status. Access is only permitted to individuals after determining they have a need to know. [68] Need-to-know is a determination that an individual requires access to specific classified information in the performance of (or assist in the performance of) lawful and authorized government functions and duties. [69] [70]

To achieve selective separation of program information while still allowing full access to those working on the program, a separate compartment, identified by a unique codeword, is created for the information. This entails establishing communication channels, data storage, and work locations (SCIF—Sensitive Compartmented Information Facility), which are physically and logically separated not only from the unclassified world, but from general Department of Defense classified channels as well.

Thus established, all information generated within the compartment is classified according to the general rules above. However, to emphasize that the information is compartmented, all documents are marked with both the classification level and the codeword (and the caveat "Handle via <compartment name> Channels Only", or "Handle via <compartment names> Jointly" if the document contains material from multiple programs).

A cover sheet for information protected by the BYEMAN control system BYEMAN Coversheet.jpg
A cover sheet for information protected by the BYEMAN control system

A person is granted access to a specific compartment after the individual has: (a) had a Single Scope Background Investigation similar to that required for a collateral Top Secret clearance; (b) been "read into" or briefed on the nature and sensitivity of the compartment; and (c) signed a non-disclosure agreement (NDA).

Access does not extend to any other compartment; i.e., there is no single "SCI clearance" analogous to DoD collateral Top Secret. The requirements for DCID 6/4 eligibility (a determination that an individual is eligible for access to SCI), subsumes the requirements for a TS collateral clearance. Being granted DCID 6/4 eligibility includes the simultaneous granting of a TS collateral clearance, as adjudicators are required to adjudicate to the highest level that the investigation (SSBI) supports.

Examples

Examples of such control systems and subsystems are: [71]

  • SCI – Sensitive Compartmented Information
    • BYEMAN (BYE or B)
    • COMINT or Special Intelligence (SI)
      • Very Restricted Knowledge (VRK)
      • Exceptionally Controlled Information (ECI), which was used to group compartments for highly sensitive information, but was deprecated as of 2011. [72] [73]
      • GAMMA (SI-G)
    • ENDSEAL (EL)
    • HUMINT Control System (HCS)
    • KLONDIKE (KDK)
    • RESERVE (RSV)
    • TALENT KEYHOLE (TK)
  • SAP – Special Access Programs

Groups of compartmented information

SAPs in the Department of Defense are subdivided into three further groups, as defined in 10 U.S.C.   § 119 . [74]

There is no public reference to whether SCI is divided in the same manner, but news reports reflecting that only the Gang of Eight members of Congress are briefed on certain intelligence activities, it may be assumed that similar rules apply for SCI or for programs with overlapping SAP and SCI content.

The groups for Department of Defense SAPs are:

  • Acknowledged: appears as a line item as "classified project" or the equivalent in the federal budget, although details of its content are not revealed. The budget element will associate the SAP with a Department of Defense component organization, such as a Military Department (e.g. Department of the Navy), a Combatant Command (e.g. U.S. Special Operations Command) or a Defense Agency (e.g. Defense Information Systems Agency.)
  • Unacknowledged: no reference to such SAPs is found in the publicly published federal budget; its funding is hidden in a classified annex, often called the "black budget". The Congressional defense committees, however, are briefed on the specifics of such SAPs.
  • Waived: At the sole discretion of the Secretary of Defense, on a case-by-case basis in the interest of national security, there is no mention in the budget at all, and only the "Big 6" members of Congress: the chairman and Ranking Minority Members of the armed services committees, the appropriations committees and the defense appropriations subcommittees; receive notification of such SAPs.

Examples of SCI topics are human intelligence, communications intelligence, and intelligence collected by satellites. One or more compartments may be created for each area, and each of these compartments may contain multiple subcompartments (e.g., a specific HUMINT operation), themselves with their own code names.

Specific compartmented programs will have their own specific rules. For example, it is standard that no person is allowed unaccompanied access to a nuclear weapon or to command-and-control systems for nuclear weapons. Personnel with nuclear-weapons access are under the Personnel Reliability Program.

Some highly sensitive SAP or SCI programs may also use the "no lone zone" method (that is, a physical location into which no one is allowed to enter unaccompanied) described for nuclear weapons.

Handling caveats

The United States also has a system of restrictive caveats that can be added to a document: these are constantly changing, but can include (in abbreviated form) a requirement that the document not be shared with a civilian contractor or not leave a specific room. These restrictions are not classifications in and of themselves; rather, they restrict the dissemination of information within those who have the appropriate clearance level and possibly the need to know the information. Remarks such as "EYES ONLY" and "DO NOT COPY [75] " also limit the restriction. One violating these directives might be guilty of violating a lawful order or mishandling classified information.

For ease of use, caveats and abbreviations have been adopted that can be included in the summary classification marking (header/footer) to enable the restrictions to be identified at a glance. They are sometimes known as Dissemination Control Abbreviations. [76] Some of these caveats are (or were):

  • CUI: Controlled Unclassified Information Replaces the labels For Official Use Only (FOUO), Sensitive But Unclassified (SBU), and Law Enforcement Sensitive (LES).
    • FOUO: For Official Use Only. Superseded by CUI and no longer in use with the exception of Department of Homeland Security documents. Used for documents or products which contain material which is exempt from release under the Freedom of Information Act.
  • NFIBONLY: National Foreign Intelligence Board Departments Only [76]
  • NOFORN (NF): Distribution to non-US citizens is prohibited, regardless of their clearance or access permissions (NO FOReign National access allowed).
  • NOCONTRACTOR: Distribution to contractor personnel (non-US-government employees) is prohibited, regardless of their clearance or access permissions.
  • ORCON (OC), ORCON-USGOV (OC-USGOV): Originator controls dissemination and/or release of the document.
  • RSEN (RS): Risk Sensitive Notice.
  • EXDIS (XD): Exclusive distribution
  • RELIDO: Releasable by Information Disclosure Official
  • PROPIN (PR): Caution—Proprietary Information Involved [76]
  • REL<country code(s)>: Distribution to citizens of the countries listed is permitted, providing they have appropriate accesses and need to know. Example: "REL TO USA, AUS, CAN, GBR, NZL" indicates that the information may be shared with appropriate personnel from Australia, the United Kingdom, Canada, and New Zealand.
  • FVEY is the country code used as shorthand for the Five Eyes.
  • <nn>X<m>: Information is exempt from automatic declassification (after the statutory default of 25 years) for exemption reason <m>, and declassification review shall not be permitted for <nn> years (as determined by law or the Interagency Security Classification Appeals Panel). For the most part, the exemption reasoning and caveats are outlined in paragraphs (b)–(d) and (g)–(i) of Sec. 3.3 of Executive Order 13526, but paragraph (b) is typically the one being referenced as the exemption reason value <m>.
Example: "50X1" indicates the information must remain classified for 50 years, since it pertains to intelligence activities, sources, or methods (reason (1) of Section 3.3, paragraph (b)).
  • RESTRICTED: Distribution to non-US citizens or those holding an interim clearance is prohibited; certain other special handling procedures apply.
  • FISA: is used in FISC [77] and probably in FISCR since at least 2017. [78]

Classification level and caveats are typically separated by "//" in the summary classification marking. For example, the final summary marking of a document might be:

SECRET//<compartment name>//ORCON/NOFORN

or

TOP SECRET//NOFORN/FISA [79]

Controls on atomic-energy information

The Atomic Energy Act of 1954 sets requirements for protection of information about nuclear weapons and special nuclear materials. Such information is "classified from birth", unlike all other sensitive information, which must be classified by some authorized individual. However, authorized classifiers still must determine whether documents or material are classified or restricted.

The U.S. Department of Energy recognizes two types of Restricted Data: [80]

Documents containing such information must be marked "RESTRICTED DATA" (RD) or "FORMERLY RESTRICTED DATA" (FRD) in addition to any other classification marking. Restricted Data and Formerly Restricted Data are further categorized as Top Secret, Secret, or Confidential.

SIGMA categories and Critical Nuclear Weapon Design Information

RESTRICTED DATA contains further compartments. The Department of Energy establishes a list of SIGMA Categories [81] for more fine-grained control than RESTRICTED DATA. Critical Nuclear Weapon Design Information (CNWDI, colloquially pronounced "Sin-Widdy") reveals the theory of operation or design of the components of a nuclear weapon. As such, it would be SIGMA 1 or SIGMA 2 material, assuming laser fusion is not involved in the information.

Access to CNWDI is supposed to be kept to the minimum number of individuals needed. In written documents, paragraphs containing the material, assuming it is Top Secret, would be marked (TS//RD-CNWDI). SIGMA information of special sensitivity may be handled much like SAP or SCI material (q.v.)

While most Naval Nuclear Propulsion Information is sensitive, it may or may not be classified. The desired power densities of naval reactors make their design peculiar to military use, specifically high-displacement, high-speed vessels. The proliferation of quieter- or higher-performance marine propulsion systems presents a national-security threat to the United States. Due to this fact, all but the most basic information concerning NNPI is classified. The United States Navy recognizes that the public has an interest in environmental, safety, and health information, and that the basic research the Navy carries out can be useful to industry.[ citation needed ]

Sharing of classified information with other countries

In cases where the United States wishes to share classified information bilaterally (or multilaterally) with a country that has a sharing agreement, the information is marked with "REL TO USA", (release) and the three-letter country code. [82] For example, if the U.S. wanted to release classified information to the government of Canada, it would mark the document "REL TO USA, CAN". There are also group releases, such as NATO, FVEY or UKUSA. Those countries would have to maintain the classification of the document at the level originally classified (Top Secret, Secret, etc.).[ citation needed ]

Claims of U.S. government misuse of the classification system

It is desired that no document be released which refers to experiments with humans and might have adverse effect on public opinion or result in legal suits. Documents covering such work field should be classified 'secret'.

—April 17, 1947 Atomic Energy Commission memo from Colonel O. G. Haywood Jr. to Dr. Fidler at the Oak Ridge Laboratory in Tennessee [83]

Excessive secrecy

While the classification of information by the government is not supposed to be used to prevent information from being made public that would be simply embarrassing or reveal criminal acts, it has been alleged that the government routinely misuses the classification system to cover up criminal activity and potentially embarrassing discoveries.

Steven Aftergood, director of the Project on Government Secrecy at the Federation of American Scientists notes that

... inquiring into classified government information and disclosing it is something that many national security reporters and policy analysts do, or try to do, every day. And with a few narrow exceptions—for particularly sensitive types of information—courts have determined that this is not a crime." Aftergood notes, "The universe of classified information includes not only genuine national security secrets, such as confidential intelligence sources or advanced military technologies, but an endless supply of mundane bureaucratic trivia, such as 50-year-old intelligence budget figures, as well as the occasional crime or cover-up. [84]

As early as 1956, the U.S. Department of Defense estimated that 90% of its classified documents could be publicly disclosed with no harm to national security. [85] The National Security Archive has collected a number of examples of overclassification and government censors blacking out documents that have already been released in full, or redacting entirely different parts of the same document at different times. [86] In a similar vein, an official named William G. Florence, who for decades had a major role in writing the secrecy regulations and classification system for the Pentagon, in 1971 testified to Congress that at most 5% of information labeled classified, confidential, secret, or top secret really merited such designation at the time it was so designated, and that 3–4 years later only a tenth of that 5% still deserved such designation, according to an account of the testimony by Pentagon whistleblower Daniel Ellsberg. [87]

Prosecution for disclosing classified information

In the Pentagon Papers case, a classified study was published revealing that four administrations had misled the American public about their intentions in the Vietnam War, increasing the credibility gap. Tony Russo and Daniel Ellsberg were prosecuted under espionage law. The case prompted Harold Edgar & Benno C. Schmidt Jr. to write a review of espionage law in the 1973 Columbia Law Review. Their article was entitled "The Espionage Statutes and Publication of Defense Information". In it, they point out that espionage law does not criminalize classified information, only national defense information. They point out that Congress has repeatedly resisted or failed to make the disclosing of classified information illegal, in and of itself. Instead, Congress has strictly limited which sort of classified information is illegal, and under which specific circumstances it is illegal. i.e. in 18 U.S.C.   § 798 Congress specifically criminalized leaking cryptographic information that is classified, but when it passed the law it specifically stated the law did not criminalize disclosing other types of classified information. [8] Another article that discusses the issue is by Jennifer Elsea of the Congressional Research Service. [3]

Responsible agencies

Any agency designated by the President can originate classified information if it meets the content criteria. Each agency is responsible for safeguarding and declassifying its own documents. The National Archives and Records Administration (NARA) has custody of classified documents from defunct agencies, and also houses the National Declassification Center (since 2010) and Information Security Oversight Office. The Interagency Security Classification Appeals Panel has representatives from the United States Department of State, United States Department of Justice; the National Archives, the Office of the Director of National Intelligence (DNI); the National Security Advisor (NSA); the Central Intelligence Agency (CIA); and Information Security Oversight Office. [88]

Declassification

Declassification is the process of removing the classification of a document and opening it for public inspection.

Automatic declassification

In accordance with Executive Order 13526, published January 5, 2010 (which superseded Executive Order 12958, as amended), an executive agency must declassify its documents after 25 years unless they fall under one of the nine narrow exemptions outlined by section 3.3 of the order. Classified documents 25 years or older must be reviewed by any and all agencies that possess an interest in the sensitive information found in the document. Documents classified for longer than 50 years must concern human intelligence sources or weapons of mass destruction, or get special permission. [89] All documents older than 75 years must have special permission. [90]

See also

Related Research Articles

<span class="mw-page-title-main">Classified information</span> Material that government claims requires confidentiality

Classified information is material that a government body deems to be sensitive information that must be protected. Access is restricted by law or regulation to particular groups of people with the necessary security clearance with a need to know. Mishandling of the material can incur criminal penalties.

A security clearance is a status granted to individuals allowing them access to classified information or to restricted areas, after completion of a thorough background check. The term "security clearance" is also sometimes used in private organizations that have a formal process to vet employees for access to sensitive information. A clearance by itself is normally not sufficient to gain access; the organization must also determine that the cleared individual needs to know specific information. No individual is supposed to be granted automatic access to classified information solely because of rank, position, or a security clearance.

The Bell–LaPadula model (BLP) is a state machine model used for enforcing access control in government and military applications. It was developed by David Elliott Bell, and Leonard J. LaPadula, subsequent to strong guidance from Roger R. Schell, to formalize the U.S. Department of Defense (DoD) multilevel security (MLS) policy. The model is a formal state transition model of computer security policy that describes a set of access control rules which use security labels on objects and clearances for subjects. Security labels range from the most sensitive, down to the least sensitive.

<span class="mw-page-title-main">Sensitive compartmented information</span> Information relative to U.S. National Security

Sensitive compartmented information (SCI) is a type of United States classified information concerning or derived from sensitive intelligence sources, methods, or analytical processes. All SCI must be handled within formal access control systems established by the Director of National Intelligence.

<span class="mw-page-title-main">Sensitive compartmented information facility</span> Facility for handling US national secrets

A sensitive compartmented information facility, in United States military, national security/national defense and intelligence parlance, is an enclosed area within a building that is used to process sensitive compartmented information (SCI) types of classified information.

Redaction or sanitization is the process of removing sensitive information from a document so that it may be distributed to a broader audience. It is intended to allow the selective disclosure of information. Typically, the result is a document that is suitable for publication or for dissemination to others rather than the intended audience of the original document.

<span class="mw-page-title-main">Information Security Oversight Office</span> Office of the National Archives of the United States

The Information Security Oversight Office (ISOO) is responsible to the President for policy and oversight of the government-wide security classification system and the National Industrial Security Program in the United States. The ISOO is a component of the National Archives and Records Administration (NARA) and receives policy and program guidance from the National Security Council (NSC).

<span class="mw-page-title-main">Sensitive but unclassified</span> American federal information sensitivity designation

Sensitive But Unclassified (SBU) is a designation of information in the United States federal government that, though unclassified, often requires strict controls over its distribution. SBU is a broad category of information that includes material covered by such designations as For Official Use Only (FOUO), Law Enforcement Sensitive (LES), Sensitive Homeland Security Information, Sensitive Security Information (SSI), Critical Infrastructure Information (CII), etc. It also includes Internal Revenue Service materials like individual tax records, systems information, and enforcement procedures. Some categories of SBU information have authority in statute or regulation while others, including FOUO, do not.

Special access programs (SAPs) in the U.S. Federal Government are security protocols that provide highly classified information with safeguards and access restrictions that exceed those for regular (collateral) classified information. SAPs can range from black projects to routine but especially-sensitive operations, such as COMSEC maintenance or presidential transportation support. In addition to collateral controls, a SAP may impose more stringent investigative or adjudicative requirements, specialized nondisclosure agreements, special terminology or markings, exclusion from standard contract investigations (carve-outs), and centralized billet systems. Within the Department of Defense, SAP is better known as "SAR" by the mandatory Special Access Required (SAR) markings.

<span class="mw-page-title-main">Q clearance</span> U.S. Department of Energy security clearance level

Q clearance or Q access authorization is the U.S. Department of Energy (DOE) security clearance required to access Top Secret Restricted Data, Formerly Restricted Data, and National Security Information, as well as Secret Restricted Data. Restricted Data (RD) is defined in the Atomic Energy Act of 1954 and covers nuclear weapons and related materials. The lower-level L clearance is sufficient for access to Secret Formerly Restricted Data (FRD) and National Security Information, as well as Confidential Restricted Data and Formerly Restricted Data. Access to Restricted Data is only granted on a need-to-know basis to personnel with appropriate clearances.

Classified information in the United Kingdom is a system used to protect information from intentional or inadvertent release to unauthorised readers. The system is organised by the Cabinet Office and is implemented throughout central and local government and critical national infrastructure. The system is also used by private sector bodies that provide services to the public sector.

<span class="mw-page-title-main">Information sensitivity</span> Classification of secrecy of information

Information sensitivity is the control of access to information or knowledge that might result in loss of an advantage or level of security if disclosed to others. Loss, misuse, modification, or unauthorized access to sensitive information can adversely affect the privacy or welfare of an individual, trade secrets of a business or even the security and international relations of a nation depending on the level of sensitivity and nature of the information.

The withdrawal of previously declassified U.S. federal records is a process in which agencies can remove records from public access that they believe were incorrectly declassified and made available to the public at the National Archives and Records Administration. The process is often referred to as "reclassification," but because the records were never properly declassified and remained classified even when made publicly available, they are not re-classified.

The Joint Worldwide Intelligence Communication System is the United States Department of Defense's secure intranet system that houses top secret and sensitive compartmented information. JWICS superseded the earlier DSNET2 and DSNET3, the Top Secret and SCI levels of the Defense Data Network based on ARPANET technology.

<span class="mw-page-title-main">Restricted Data</span> Legal category of US nuclear secrets

Restricted Data (RD) is a category of proscribed information, per National Industrial Security Program Operating Manual (NISPOM). Specifically, it is defined by the Atomic Energy Act of 1954 as:

National intelligence programs, and, by extension, the overall defenses of nations, are vulnerable to attack. It is the role of intelligence cycle security to protect the process embodied in the intelligence cycle, and that which it defends. A number of disciplines go into protecting the intelligence cycle. One of the challenges is there are a wide range of potential threats, so threat assessment, if complete, is a complex task. Governments try to protect three things:

The United States Intelligence Community A-Space, or Analytic Space, is a project started in 2007 from the Office of the Director of National Intelligence's (ODNI) Office of Analytic Transformation and Technology to develop a common collaborative workspace for all analysts from the USIC. It is accessible from common workstations and provides unprecedented access to interagency databases, a capability to search classified and unclassified sources simultaneously, web-based messaging, and collaboration tools. The Defense Intelligence Agency (DIA) is the executive agent for building the first phase of A-Space. Initial operational capability was scheduled for December 2007. A-Space went live on the government's classified Joint Worldwide Intelligence Communications System 22 September 2008. A-Space is built on Jive Software's Clearspace application.

A variety of networks operating in special security domains handle classified information in the United States or sensitive but unclassified information, while other specialized networks are reserved specifically for unclassified use by the same agencies. Some sites accessed from these networks have been referred to as "classified websites" in official communications, such as the American embassy "Amman's Classified Web Site at http://www.state.sgov.gov/pinea/amman/" and "Mexico City's Classified Web Site at http://www.state.sgov.gov/p/wha/mexicocity" Some of these trace back to the Defense Data Network which split from the Internet in 1983.

The Government Security Classifications Policy (GSCP) is a system for classifying sensitive government data in the United Kingdom.

References

[91]

Citations

  1. "Executive Order 13526 – Classified National Security Information". Information Security Oversight Office of The National Archives. Archived from the original on July 19, 2017. Retrieved January 5, 2010.
  2. "Executive Order 13526 of December 29, 2009, Classified National Security Information". The National Archives. Archived from the original on September 28, 2012. Retrieved January 5, 2010.
  3. 1 2 Jennifer Elsea Archived September 28, 2019, at the Wayback Machine , January 2013, "Criminal Prohibitions on the Publication of Classified Defense Information"
  4. Turner, Stansfield (2005). Burn Before Reading. Hachette Books. ISBN   9781401383466.
  5. LaFaber, Walter (2005). The Deadly Bet: LBJ, Vietnam, and the 1968 Election. Rowman & Littlefield Publishers. ISBN   9780742543928.
  6. Peters, Gretchen (2009). Seeds of Terror: How Heroin Is Bankrolling the Taliban and Al Qaeda. St. Martin's Press. ISBN   9780312379278.
  7. Classified Information in "Obama's Wars" Archived June 28, 2018, at the Wayback Machine , September 29, 2010, Jack Goldsmith, Lawfare, via stephenkim.org
  8. 1 2 The Edgar & Schmidt 1973 Columbia Law Review, "The Espionage Statutes and Publication of Defense Information". The article is available online at https://fas.org/sgp/library/ Archived January 25, 2021, at the Wayback Machine
  9. Judge T.S. Ellis III Archived May 19, 2017, at the Wayback Machine , reduction of Franklin sentence hearing, 2009
  10. "Google Scholar". Archived from the original on April 2, 2019. Retrieved July 4, 2013.
  11. "Sunlight diplomacy". The Economist. September 24, 2016. ISSN   0013-0613. Archived from the original on June 3, 2017. Retrieved September 30, 2016.
  12. Peter Galison (2004), Removing knowledge (PDF), Federation of American Scientists, Wikidata   Q116287295
  13. 1 2 Department of the History of Science, Harvard University Archived July 19, 2014, at the Wayback Machine
  14. "People – The Department of the History of Science, Harvard University". Fas.harvard.edu. June 24, 2003. Archived from the original on July 1, 2013. Retrieved July 4, 2013.
  15. "Legal Resources | Intelligence Committee". U.S. Senate Select Committee on Intelligence. U.S. Senate. Archived from the original on October 17, 2021. Retrieved October 17, 2021.
  16. 1 2 "Security Clearances". United States Department of State. Archived from the original on October 17, 2021. Retrieved October 17, 2021.
  17. "Security Classification of Information, volume 2 (Quist), Chapter Seven". Project on Government Secrecy. Federation of American Scientists. Archived from the original on September 17, 2021. Retrieved October 17, 2021.
  18. 1 2 "Top Secret / Sensitive Compartmented Information (TS/SCI) Clearance | TTS Handbook". handbook.tts.gsa.gov. Archived from the original on August 14, 2022. Retrieved October 17, 2021.
  19. "How to Receive and Maintain Your Security Clearance" (PDF). dami.army.pentagon.mil. Defense Security Service. Archived (PDF) from the original on October 17, 2021. Retrieved October 17, 2021.
  20. 1 2 "DCMA Manual 3301-08: Information Security" (PDF). Defense Contract Management Agency. Department of Defense. Archived (PDF) from the original on October 17, 2021. Retrieved October 17, 2021.
  21. "Department of Defense Manual" (PDF). 2013. Archived (PDF) from the original on October 15, 2021. Retrieved October 17, 2021.
  22. "PART 117 – National Industrial Security Program Operating Manual". Archived from the original on August 14, 2022. Retrieved October 17, 2021.
  23. "Glossary of Security Clearance Terms". Military.com. March 13, 2019. Archived from the original on October 17, 2021. Retrieved October 17, 2021.
  24. "Executive Order 12958 on Classified National Security Information". sgp.fas.org. Archived from the original on July 5, 2021. Retrieved May 14, 2016.
  25. 1 2 3 Part 1, Sec. 1.2, "Executive Order 13526 of December 29, 2009, "Classified National Security Information"". Federal Register – U.S. National Archives and Records Administration, Vol. 75, No. 2, p. 707. January 5, 2010. Archived (PDF) from the original on April 4, 2019.
  26. 1 2 3 "An Introduction to the Security and Classification System". Federation of American Scientists. Archived from the original on October 17, 2021. Retrieved October 17, 2021.
  27. 1 2 "Security Classification of Information, volume 2 (Quist), Chapter Seven". sgp.fas.org. Archived from the original on September 17, 2021. Retrieved October 17, 2021.
  28. "What's the Difference Between "Top Secret" and "Confidential"?". Slate Magazine. July 6, 2000. Archived from the original on October 17, 2021. Retrieved October 17, 2021.
  29. William D. Gerhard and Henry W. Millington, "Attack on a Sigint Collector, the U.S.S. Liberty" Archived March 13, 2004, at the Wayback Machine , 1981
  30. "Fiscal Year 2019 Annual Report on Security Clearance Determinations" (PDF). Office of the Director of National Intelligence (ODNI) National Counterintelligence and Security Center (NCSC). Archived (PDF) from the original on August 14, 2022. Retrieved October 17, 2021.
  31. "NSA/CSS POLICY MANUAL 1-52: NSA/CSS CLASSIFICATION" (PDF). NSA. Archived (PDF) from the original on October 17, 2021. Retrieved October 17, 2021.
  32. "Sensitive Compartmented Information (SCI) – Glossary | CSRC". Computer Security Resource Center (CSRC). National Institute of Standards and Technology (NIST). Archived from the original on October 17, 2021. Retrieved October 17, 2021.
  33. "Controlled Access Programs" (PDF). Director of National Intelligence. Archived (PDF) from the original on October 17, 2021. Retrieved October 17, 2021.
  34. 1 2 CLASSIFICATION OF NUCLEAR WEAPONS-RELATED INFORMATION, http://energy.gov/sites/prod/files/hss/Classification/docs/CTI-Training-RD-FRD-Briefing.pdf Archived November 26, 2020, at the Wayback Machine
  35. U.S. Department of Defense Directive DoDD 5230.24, March 18, 1987
  36. Michael J. Sniffen, "Report: Gov't Secrecy Grows, Costs More" [ permanent dead link ], Associated Press, September 5, 2005 . Retrieved December 15, 2006.
  37. "House Report 110-810 – REDUCING INFORMATION CONTROL DESIGNATIONS ACT". BACKGROUND AND NEED FOR LEGISLATION. Washington, D.C.: Congress of the United States. July 30, 2008. Archived from the original on December 12, 2012. Retrieved October 21, 2008.
  38. "CUI Markings". Home. Archived from the original on March 28, 2022. Retrieved August 13, 2022.
  39. Casteli, Elise (January 22, 2008). "New policy expected soon for sensitive information". Federal Times. Archived from the original on January 2, 2013.
  40. "Memorandum For The Heads Of Executive Departments And Agencies – Designation and Sharing of Controlled Unclassified Information (CUI)". whitehouse.gov (Press release). May 9, 2008. Archived from the original on October 25, 2017. Retrieved October 21, 2008 via National Archives.
  41. "Archivist of the United States Establishes "Controlled Unclassified Information Office"" (Press release). The National Archives. May 22, 2008. Archived from the original on August 4, 2017. Retrieved October 21, 2008.
  42. Executive Order 13556 of November 4, 2010, Controlled Unclassified Information, Federal Register – U.S. National Archives and Records Administration, Vol. 75, No. 216, November 9, 2010, p. 68675.
  43. Steve, Driehaus (March 18, 2009). "Actions - H.R.1323 - 111th Congress (2009-2010): Reducing Information Control Designations Act". www.congress.gov. Archived from the original on January 9, 2015. Retrieved April 5, 2018.
  44. "DoD Publications". DoD Issuances. US Department of Defense. Archived from the original on August 22, 2008. Retrieved March 26, 2012.
    - "DOD releases New Controlled Unclassified Information Instruction". National Defense Industrial Association. March 16, 2020. Archived from the original on October 17, 2021. Retrieved December 14, 2020.
  45. "SAFEGUARDING SENSITIVE BUT UNCLASSIFIED" (PDF). Department of Homeland Security. Archived (PDF) from the original on October 25, 2021. Retrieved August 8, 2019.
  46. "National Security Positions vs. Public Trust Positions". Archived from the original on November 21, 2018. Retrieved March 9, 2014.
  47. "FEDERAL SECURITY/SUITABILITY CLEARANCE CHART" (PDF). Archived (PDF) from the original on May 17, 2017. Retrieved March 9, 2014.
  48. 1 2 "U.S. Department of State Foreign Affairs Handbook Volume 5 Handbook 3 - TAGS/Terms Handbook: 5 FAH-3 H-700 E.O. 12958, AS AMENDED, TELEGRAM CLASSIFICATION MARKING". U.S. Department of State. July 14, 2009. Archived from the original on January 14, 2016. Retrieved January 12, 2016.
  49. "U.S. Intelligence Agencies Rethink Classification Policy | Secrecy NewsSecrecy News". Fas.org. April 10, 2008. Archived from the original on January 30, 2013. Retrieved July 4, 2013.
  50. Obama, Barack (December 29, 2009). "Executive Order 13526- Classified National Security Information". whitehouse.gov . Archived from the original on January 26, 2017. Retrieved May 4, 2015 via National Archives.
  51. Currier, Cora (July 17, 2012). "Classified in Gitmo Trials: Detainees' Every Word". Archived from the original on September 5, 2014. Retrieved September 5, 2014.
  52. Bennett, Wells (October 16, 2012). "October 16 Commission Session #3: Presumptive Classification Debated (Kinda)". www.lawfaremedia.org. Archived from the original on May 22, 2013. Retrieved September 5, 2014.
  53. Kaiser, Frederick M. (May 27, 2008). "Protection of Classified Information by Congress: Practices and Proposals" (PDF). Congressional Research Service. Archived (PDF) from the original on March 11, 2015. Retrieved June 22, 2008.
  54. 32 CFR 2001.90
  55. 1 2 "NSA Suite B Cryptography – NSA/CSS". Nsa.gov. Archived from the original on June 18, 2011. Retrieved July 4, 2013.
  56. Los Alamos National Laboratory, Clearance Processing Archived October 11, 2006, at the Wayback Machine . Retrieved December 15, 2006.
  57. The Football Archived April 15, 2005, at the Wayback Machine , GlobalSecurity.org
  58. Selection of DoD Military and Civilian Personnel and Contractor Employees for Assignment to Presidential Support Activities (PSAs), Department of Defense Instruction No. 5210.87 (November 30, 1998).
  59. Director of Central Intelligence (June 1998). "Director of Central Intelligence Directive 1/7: Security Controls on the Dissemination of Intelligence Information". sci. Archived from the original on October 21, 2007. Retrieved September 30, 2007.
  60. 1 2 "Directives Division" (PDF). www.dtic.mil. Archived from the original (PDF) on March 9, 2013. Retrieved April 5, 2018.
  61. United States Department of Defense (February 1995). "Department of Defense Overprint to the National Industrial Security Program" (PDF). nispom. Archived (PDF) from the original on January 7, 2016. Retrieved April 4, 2015.
  62. "Security Clearance FAQs – ClearedJobs.Net". clearedjobs.net. Archived from the original on April 6, 2018. Retrieved April 5, 2018.
  63. http://www.nicoe.capmed.mil/About%20Us/Shared%20Documents/security_clearance_faq.pdf Archived January 31, 2017, at the Wayback Machine [ bare URL PDF ]
  64. "GSA Clearance Verification-Passing Procedures". www.gsa.gov. Archived from the original on March 16, 2017. Retrieved April 5, 2018.
  65. "Does possessing a Top Secret security clearance mean you have a TS/SCI security clearance?". DC Security Clearance Consultants. Archived from the original on November 21, 2020. Retrieved April 5, 2021.
  66. "Glossary: Sensitive Compartmented Information Refresher" (PDF). cdse.edu. Archived (PDF) from the original on August 22, 2021. Retrieved April 5, 2021.
  67. 5 CFR 1312.23
  68. Top Level Telecommunications, The US Classification System Archived March 25, 2014, at the Wayback Machine
  69. NRO Review and Redaction Guide, p. 140.
  70. Ball, James (September 6, 2013). "Explaining the latest NSA revelations – Q&A with internet privacy experts". The Guardian. Archived from the original on September 7, 2013. Retrieved September 7, 2013.
  71. "National Industrial Security Program Operating Manual". Fas.org. Archived from the original on March 26, 2015. Retrieved December 1, 2010.
  72. "Memorandum of July 25, 2019, telephone conversation between President Donald Trump and Ukraine President Volodymyr Zelensky" (PDF). whitehouse.gov . Archived (PDF) from the original on January 20, 2021. Retrieved February 28, 2021 via National Archives.
  73. 1 2 3 "Agriculture-Related Pollution in the USSR". CIA. November 1977. Archived from the original on January 3, 2022. Retrieved January 18, 2010.
  74. "United States Senate Committee on the Judiciary". www.judiciary.senate.gov. Archived from the original on June 24, 2020. Retrieved April 19, 2020.
  75. "The Office of the Director of National Intelligence Classification Guide" (PDF). www.dni.gov. Archived (PDF) from the original on May 16, 2020. Retrieved April 20, 2020. When used, the "FISA" control marking shall be included in the banner.
  76. "Semiannual Assessment of Compliance with Procedures and Guidelines Issued Pursuant to Section 702 of the Foreign Intelligence Surveillance Act, Submitted by the Attorney General and the Director of National Intelligence" (PDF). Archived (PDF) from the original on June 24, 2020. Retrieved April 20, 2020.
  77. Los Alamos National Laboratory, Guide to Portion Marking Documents and Material, Appendix B, Definitions Archived October 11, 2006, at the Wayback Machine . Retrieved December 15, 2006.
  78. "[no title, apparent extract from University of California laboratory security briefing]" (PDF). University of California. n.d. sigmas. Archived from the original (PDF) on September 8, 2006. Retrieved September 30, 2007.
  79. See the WATERWITCH document at right for an example of a document marked REL TO USA, FVEY
  80. Atomic Energy Commission's Declassification Review of Reports on Human Experiments and the Public Relations and Legal Liability Consequences Archived June 6, 2013, at the Wayback Machine , presented as evidence during the 1994 ACHRE hearings.
  81. Aftergood, Steven (Spring 2008). "Classified Documents: Secrecy vs. Citizenship". Nieman Foundation for Journalism at Harvard University. Archived from the original on October 9, 2018. Retrieved April 16, 2008.
  82. Monte Reel, "A Brotherhood of Spies: The U2 and the CIA's Secret War", (New York: Anchor Books, 2019), p. 71
  83. Byrne, Malcolm (April 18, 2019). "Redactions: The Declassified File". Archived from the original on April 18, 2019. Retrieved April 18, 2019.
  84. Past@Present blog of University of Massachusetts, Department of History, 28 Oct. 2019 "My Papers at UMass Show How Much Is Concealed From the Public, Scholars, and Congress"
  85. Executive Order 13526, Sec. 5.3.
  86. Executive Order 12958, Section 3.3 (h)
  87. Executive Order 12958, Section 3.3 (h)(3)
  88. "Intelligence Community Classification Guidance: Findings and Recommendations Report" (PDF). Office of the Director of National Intelligence. January 2008. Archived (PDF) from the original on June 26, 2015. Retrieved April 10, 2008.

General and cited sources

Further reading