Sensitive compartmented information

Last updated
Example of intelligence on covert meetings held by the French President Francois Hollande. The intelligence was collected by the National Security Agency and classified as TOP SECRET//COMINT-GAMMA//ORCON/NOFORN, and released in form of a Global SIGINT Highlight on 22 May 2012. Wikileaks-france-nsa-comint-gamma.png
Example of intelligence on covert meetings held by the French President François Hollande. The intelligence was collected by the National Security Agency and classified as TOP SECRET//COMINT-GAMMA//ORCON/NOFORN, and released in form of a Global SIGINT Highlight on 22 May 2012.

Sensitive compartmented information (SCI) is a type of United States classified information concerning or derived from sensitive intelligence sources, methods, or analytical processes. All SCI must be handled within formal access control systems established by the Director of National Intelligence. [1]

Contents

SCI is not a classification; SCI clearance has sometimes been called "above Top Secret", [2] but information at any classification level may exist within an SCI control system. When "decompartmentalized", this information is treated the same as collateral information at the same classification level.

The federal government requires [3] the SCI be processed, stored, used or discussed in a Sensitive compartmented information facility (SCIF).

Access

Eligibility for access to SCI is determined by a Single Scope Background Investigation (SSBI) or periodic reinvestigation. [4] Because the same investigation is used to grant Top Secret security clearances, the two are often written together as TS//SCI. Eligibility alone does not confer access to any specific SCI material; it is simply a qualification. One must receive explicit permission to access an SCI control system or compartment. This process may include a polygraph or other approved investigative or adjudicative action. [5]

Once it is determined a person should have access to an SCI compartment, they sign a nondisclosure agreement, are "read in" or indoctrinated, and the fact of this access is recorded in a local access register or in a computer database. Upon termination from a particular compartment, the employee again signs the nondisclosure agreement.

Control systems

An SCI cover sheet from 1967. SCI cover sheet (1967).jpg
An SCI cover sheet from 1967.

SCI is divided into control systems, which are further subdivided into compartments and sub-compartments. These systems and compartments are usually identified by a classified codeword. Several such codewords have been declassified. The following SCI control systems, with their abbreviations and compartments, are known:

Special Intelligence (SI)
Special Intelligence (so in the CAPCO manual, but always SI in document markings) is the control system covering communications intelligence. Special Intelligence is a term for communications intercepts. [6] The previous title for this control system was COMINT, but this was deprecated in 2011. [7]
SI has several compartments, of which the following are known or declassified:
  • Very Restricted Knowledge (VRK)
  • Exceptionally Controlled Information (ECI), which was used to group compartments for highly sensitive information, but was deprecated as of 2011. [8]
  • SI-GAMMA (SI-G, SI-G-AAAA, AAAA represents 4 alpha characters to indicate sub Gamma compartments), which has subcompartments identified by four alphanumeric characters. [9]
SI-NK and SI-EU are also possible as in under ENDSEAL.
Several now-retired codewords protected SI compartments based on their sensitivity, generally referred to as Top Secret Codeword (TSC) and Secret Codeword (SC). [10] These codewords were:
  • UMBRA for the most sensitive material
  • SPOKE for less sensitive material
  • MORAY for the least sensitive SI that required codeword protection. [11]
These three codewords, the usage of which was terminated in 1999, [12] were attached directly to the classification without reference to COMINT or SI, e.g. Top Secret UMBRA.
STELLARWIND (STLW)
This codeword was revealed on June 27, 2013, when The Guardian published a draft report from the NSA Inspector General about the electronic surveillance program STELLARWIND. This program was started by President George W. Bush shortly after the 9/11 attacks. For information about this program, a new security compartment was created which was given STELLARWIND as its permanent cover term on October 31, 2001. [13]
ENDSEAL (EL)
This U.S. Navy's control system was revealed in the 2013 Classification Manual. ENDSEAL information must always be classified as Special Intelligence (SI), so probably it is related to SIGINT or ELINT. [14] It has two subcompartments: ECRU (SI-EU) and NONBOOK (SI-NK).
TALENT KEYHOLE (TK)
TK covers space-based IMINT (imagery intelligence), SIGINT (signals intelligence), and MASINT (measurement and signature intelligence) collection platforms; related processing and analysis techniques; and research, design, and operation of these platforms (but see Reserve below). [15] The original TALENT compartment was created in the mid-1950s for the U-2. In 1960, it was broadened to cover all national aerial reconnaissance (to later include SR-71 sourced imagery) and the KEYHOLE compartment was created for satellite intelligence. [16] TALENT KEYHOLE is now a top-level control system that merged with KLONDIKE; KEYHOLE is no longer a distinct compartment. Known compartments include RUFF (IMINT satellites), ZARF (ELINT satellites), and CHESS (U-2). [17] The KEYHOLE series KH-1 through KH-4b were part of the new TALENT-KEYHOLE designation. [18] RSEN (Risk Sensitive Notice, portion marking RS) keyword is used for imagery product.
HUMINT Control System (HCS)
HCS is the HUMINT (human-source intelligence) Control System. This system was simply designated "HUMINT" until confusion arose between collateral (regular) HUMINT and the control system. The current nomenclature was chosen to eliminate the ambiguity. [19] There are two compartments HCS-O (Operation) and HCS-P (Product). HCS-O-P marking was also used in "Review of the Unauthorized Disclosures of Former National Security Agency Contractor Edward Snowden". [20]
KLONDIKE (KDK)
KLONDIKE is a legacy system that protected sensitive geospatial intelligence. [21] It had three main subcompartments: KDK BLUEFISH (KDK-BLFH, KDK-BLFH-xxxxxx, xxxxxx represents up to 6 alphanumeric characters indicating a sub BLUEFISH compartment), KDK IDITAROD (KDK-IDIT, KDK-IDIT-xxxxxx, xxxxxx represents up to 6 alphanumeric characters indicating a sub IDITAROD compartment) and KDK KANDIK (KDK-KAND, KDK-KAND-xxxxxx, xxxxxx represents up to 6 alphanumeric characters indicating a sub KANDIK compartment). Nowadays it exists under TALENT KEYHOLE (TK-BLFH, TK-IDIT, TK-KAND).
RESERVE (RSV)
RESERVE is the control system for National Reconnaissance Office compartments protecting new sources and methods during the research, development, and acquisition process. [22] RSV-XXX, XXX represents 3 alphanumeric characters to indicate sub Reserve compartments.
BYEMAN (BYE)
BYEMAN is a retired control system covering certain overhead collection systems, including CORONA and OXCART. [23] Most BYE content was transferred to TK. BYE Special Handling content was transferred to Reserve.

Markings

SCI control system markings are placed immediately after the classification level markings in a banner line (banner spells out TOP SECRET in full) or portion marking (here TS is used). [24] Sometimes, especially on older documents, they are stamped. The following banner line and portion marking describe a top secret document containing information from the notional SI-GAMMA 1234 subcompartment, the notional SI-MANSION compartment, and the notional TALENT KEYHOLE-BLUEFISH compartment (TK is always abbreviated, because in some cases even the full meaning may be classified, like for BUR keyword, BUR-BLG-HCAS, BUR-BLG-JETS):

TOP SECRET//SI-G 1234-M/TK-BLFH//NOFORN
(TS//SI-G 1234-M/TK-BLFH//NF)

Older documents were marked with HANDLE VIA xxxx CONTROL CHANNELS (or "HVxCC"), HANDLE VIA xxxx CHANNELS ONLY (or "HVxCO"), or HANDLE VIA xxxx CHANNELS JOINTLY (or "HVxCJ"), but this requirement was rescinded in 2006. [25] For example, COMINT documents were marked as HANDLE VIA COMINT CHANNELS ONLY. This marking led to the use of the caveat CCO (COMINT Channels Only) in portion markings, [26] but CCO is also obsolete. [27]

Notes

  1. ICD 1, p. 22
  2. Robert S. McNamara, quoted in Richelson, The Intelligence Community, p. 511
  3. "Sensitive Compartmented Information (SCI) Program". August 13, 2022.
  4. ICPG 704.1
  5. ICD 1, p. 9
  6. UKUSA COMINT Agreement, PDF p. 27. Note that common SIGINT terms were defined differently in this version of the UKUSA agreement; the modern definitions were codified by 1955.
  7. Intelligence Community Classification and Control Markings Implementation Manual v4.2, p. 58
  8. NRO Review and Redaction Guide, p. 140.
  9. Intelligence Community Classification and Control Markings Implementation Manual v4.2, p. 60-63
  10. In Camera Affidavit of Eugene F. Yeats
  11. Richelson p. 512-514
  12. " Implementation Guidance for Elimination of Codewords October 22, 1999
  13. NSA inspector general report on email and internet data collection under Stellar Wind – full document June 27, 2013. See page 12 for the assignment of the cover term.
  14. Robert Sesek, My First FOIA Request: ODNI CAPCO v6, April 10, 2014
  15. Intelligence Community Classification and Control Markings Implementation Manual v5.1, p. 65
  16. Critique of the Codeword Compartment
  17. Richelson, The US Intelligence Community, p. 514
  18. "Classification of TALENT and KEYHOLE information" (PDF). nsarchive.gwu.edu. Archived (PDF) from the original on 2016-11-01.
  19. Authorized Classification and Control Markings Register v1.2
  20. "Review of the Unauthorized Disclosures of Former National Security Agency Contractor Edward Snowden" (PDF). December 23, 2016. Retrieved 10 April 2023.
  21. Intelligence Community Classification and Control Markings Implementation Manual v4.2, p. 56
  22. Intelligence Community Classification and Control Markings Implementation Manual v5.1, p. 54
  23. National Reconnaissance Office Review and Redaction Guide, p. 7
  24. Authorized Classification and Control Markings Register v1.2
  25. ICPM 2006-700-8
  26. See this page for an example.
  27. Authorized Classification and Control Markings Register v1.2

Bibliography

Related Research Articles

<span class="mw-page-title-main">Signals intelligence</span> Intelligence-gathering by interception of signals

Signals intelligence (SIGINT) is the act and field of intelligence-gathering by interception of signals, whether communications between people or from electronic signals not directly used in communication. As classified and sensitive information is usually encrypted, signals intelligence may necessarily involve cryptanalysis. Traffic analysis—the study of who is signaling to whom and in what quantity—is also used to integrate information, and it may complement cryptanalysis.

<span class="mw-page-title-main">Counterintelligence</span> Offensive measures using enemy information

Counterintelligence (counter-intelligence) or counterespionage (counter-espionage) is any activity aimed at protecting an agency's intelligence program from an opposition's intelligence service. It includes gathering information and conducting activities to prevent espionage, sabotage, assassinations or other intelligence activities conducted by, for, or on behalf of foreign powers, organizations or persons.

<span class="mw-page-title-main">Classified information</span> Material that government claims requires confidentiality

Classified information is material that a government body deems to be sensitive information that must be protected. Access is restricted by law or regulation to particular groups of people with the necessary security clearance and need to know. Mishandling of the material can incur criminal penalties.

A security clearance is a status granted to individuals allowing them access to classified information or to restricted areas, after completion of a thorough background check. The term "security clearance" is also sometimes used in private organizations that have a formal process to vet employees for access to sensitive information. A clearance by itself is normally not sufficient to gain access; the organization must also determine that the cleared individual needs to know specific information. No individual is supposed to be granted automatic access to classified information solely because of rank, position, or a security clearance.

HCS may refer to:

A medical classification is used to transform descriptions of medical diagnoses or procedures into standardized statistical code in a process known as clinical coding. Diagnosis classifications list diagnosis codes, which are used to track diseases and other health conditions, inclusive of chronic diseases such as diabetes mellitus and heart disease, and infectious diseases such as norovirus, the flu, and athlete's foot. Procedure classifications list procedure code, which are used to capture interventional data. These diagnosis and procedure codes are used by health care providers, government health programs, private health insurance companies, workers' compensation carriers, software developers, and others for a variety of applications in medicine, public health and medical informatics, including:

<span class="mw-page-title-main">Sensitive compartmented information facility</span> Facility for handling US national secrets

A sensitive compartmented information facility, in United States military, national security/national defense and intelligence parlance, is an enclosed area within a building that is used to process sensitive compartmented information (SCI) types of classified information.

<span class="mw-page-title-main">Directorate of Operations (CIA)</span> US clandestine intelligence organization

The Directorate of Operations (DO), less formally called the Clandestine Service, is a component of the US Central Intelligence Agency. It was known as the Directorate of Plans from 1951 to 1973; as the Directorate of Operations from 1973 to 2005; and as the National Clandestine Service (NCS) from 2005 to 2015.

The United States government classification system is established under Executive Order 13526, the latest in a long series of executive orders on the topic of classified information beginning in 1951. Issued by President Barack Obama in 2009, Executive Order 13526 replaced earlier executive orders on the topic and modified the regulations codified to 32 C.F.R. 2001. It lays out the system of classification, declassification, and handling of national security information generated by the U.S. government and its employees and contractors, as well as information received from other governments.

Special access programs (SAPs) in the U.S. Federal Government are security protocols that provide highly classified information with safeguards and access restrictions that exceed those for regular (collateral) classified information. SAPs can range from black projects to routine but especially-sensitive operations, such as COMSEC maintenance or presidential transportation support. In addition to collateral controls, a SAP may impose more stringent investigative or adjudicative requirements, specialized nondisclosure agreements, special terminology or markings, exclusion from standard contract investigations (carve-outs), and centralized billet systems. Within the Department of Defense, SAP is better known as "SAR" by the mandatory Special Access Required (SAR) markings.

Classified information in the United Kingdom is a system used to protect information from intentional or inadvertent release to unauthorised readers. The system is organised by the Cabinet Office and is implemented throughout central and local government and critical national infrastructure. The system is also used by private sector bodies that provide services to the public sector.

Compartmentalization, in information security, whether public or private, is the limiting of access to information to persons or other entities on a need-to-know basis to perform certain tasks.

The Special Security Office (SSO) is a function within multiple arms of the United States federal government and armed forces with the mission to provide a reliable and secure means to receive and disseminate Sensitive Compartmented Information (SCI) and Special Access Programs (SAP) to authorized recipients in the United States government and military organizations. In the military, they are administered by the National Security Agency or Defense Intelligence Agency depending on the command's mission.

Signals intelligence by alliances, nations and industries comprises signals intelligence (SIGINT) gathering activities by national and non-national entities; these entities are commonly responsible for communications security (COMSEC) as well.

National intelligence programs, and, by extension, the overall defenses of nations, are vulnerable to attack. It is the role of intelligence cycle security to protect the process embodied in the intelligence cycle, and that which it defends. A number of disciplines go into protecting the intelligence cycle. One of the challenges is there are a wide range of potential threats, so threat assessment, if complete, is a complex task. Governments try to protect three things:

The United States Intelligence Community A-Space, or Analytic Space, is a project started in 2007 from the Office of the Director of National Intelligence's (ODNI) Office of Analytic Transformation and Technology to develop a common collaborative workspace for all analysts from the USIC. It is accessible from common workstations and provides unprecedented access to interagency databases, a capability to search classified and unclassified sources simultaneously, web-based messaging, and collaboration tools. The Defense Intelligence Agency (DIA) is the executive agent for building the first phase of A-Space. Initial operational capability was scheduled for December 2007. A-Space went live on the government's classified Joint Worldwide Intelligence Communications System 22 September 2008. A-Space is built on Jive Software's Clearspace application.

A variety of networks operating in special security domains handle classified information in the United States or sensitive but unclassified information, while other specialized networks are reserved specifically for unclassified use by the same agencies. Some sites accessed from these networks have been referred to as "classified websites" in official communications, such as the American embassy "Amman's Classified Web Site at http://www.state.sgov.gov/pinea/amman/" and "Mexico City's Classified Web Site at http://www.state.sgov.gov/p/wha/mexicocity" Some of these trace back to the Defense Data Network which split from the Internet in 1983.

<span class="mw-page-title-main">Bullrun (decryption program)</span> Code name of a decryption program run by the NSA

Bullrun is a clandestine, highly classified program to crack encryption of online communications and data, which is run by the United States National Security Agency (NSA). The British Government Communications Headquarters (GCHQ) has a similar program codenamed Edgehill. According to the Bullrun classification guide published by The Guardian, the program uses multiple methods including computer network exploitation, interdiction, industry relationships, collaboration with other intelligence community entities, and advanced mathematical techniques.

The Government Security Classifications Policy (GSCP) is a system for classifying sensitive government data in the United Kingdom.