Special access program

Last updated

Special access programs (SAPs) in the U.S. Federal Government are security protocols that provide highly classified information with safeguards and access restrictions that exceed those for regular (collateral) classified information. SAPs can range from black projects to routine but especially-sensitive operations, such as COMSEC maintenance or presidential transportation support. In addition to collateral controls, a SAP may impose more stringent investigative or adjudicative requirements, specialized nondisclosure agreements, special terminology or markings, exclusion from standard contract investigations (carve-outs), and centralized billet systems. [1] Within the Department of Defense, SAP is better known as "SAR" by the mandatory Special Access Required (SAR) markings.

Contents

History

March 22, 1940

Shortly before America's involvement in World War II Franklin D. Roosevelt signs Executive Order 8381, creating the three security levels for his country's most important documents – Restricted, Confidential, and Secret. [2]

February 1, 1950

After the conclusion of World War II, President Harry S. Truman issues Executive order 10104, and creates the "Top Secret classification" designation. [3]

November 5, 1953

Dwight D. Eisenhower issues Executive order 10501. It drops the "restricted" classification level. It removes classification authority from 28 government entities and limits its use in 17 more. There are now explicit guidelines for the remaining three classification levels to prevent a systematic flood of classified documents coming from the Pentagon and other agencies. The Pentagon responds by creating its own "special access" labels to further insulate classified information from outside influence. [4] [5]

March 8, 1972

In Executive Order number 11652 Richard M. Nixon legitimizes the use of special access controls and the "special access program" is finally made official. [5] [6]

Types and categories

Types

Two types of SAP exist – acknowledged and unacknowledged. The existence of an acknowledged SAP may be publicly disclosed, but the details of the program remain classified. An unacknowledged SAP (or USAP) is made known only to authorized persons, including members of the appropriate committees of the United States Congress. Waived SAPs are a subset of unacknowledged SAPs in the Department of Defense. These SAPs are exempt by statutory authority of the Secretary of Defense from most reporting requirements and, within the legislative branch, the only persons who are required to be informed of said SAPs are the chairpersons and ranking committee members of the Senate Appropriations Committee, Senate Armed Services Committee, House Appropriations Committee, and the House Armed Services Committee. [7] Oftentimes, this notification is only oral. [8] [9]

Categories

There are three categories of SAPs within the Department of Defense: [10]

Only the Director of National Intelligence may create IN-SAPs. Sensitive Compartmented Information (SCI) control systems may be the most well-known intelligence SAPs. The treatment of SCI is singular among SAPs, and it seems there is some disagreement within the government as to whether or not SCI is a SAP. Defense Department sources usually state that it is, [11] [12] and at least one publication refers to a separate SCI-SAP category alongside the three listed above. [13] The Intelligence Community, drawing on the DNI's statutory responsibility to protect intelligence sources and methods, finds a legal basis for SCI separate from that of SAPs, and consequently consider SCI and SAPs separate instances of the more general controlled access program. [14]

Marking

SAP documents require special marking to indicate their status. The words SPECIAL ACCESS REQUIRED, followed by the program nickname or codeword, are placed in the document's banner line.

Abbreviations

Abbreviations may be used for either element. Portion markings use SAR and the program's abbreviation. For example, a secret SAP with the nickname MEDIAN BELL would be marked SECRET//SPECIAL ACCESS REQUIRED-MEDIAN BELL. Portions would be marked (S//SAR-MB). [15]

Multiple SAPs

Multiple SAPs are separated by slashes.

Compartments

Compartments within SAPs may be denoted by a hyphen, and are listed alphanumerically. Subcompartments are separated by spaces, and are also listed alphanumerically. Markings do not show the hierarchy beyond the sub-compartment level. Sub-sub-compartments are listed in the same manner as sub-compartments. [16] A more complex banner line with multiple SAPs and subcompartments might read TOP SECRET//SAR-MB/SC-RF 1532-RG A691 D722. [17]

Variations

Older documents used different standard for marking. The banner line might read SECRET//MEDIAN BELL//SPECIAL ACCESS REQUIRED, and the portion marking would read (S//MB). [18] Other variations move the special access warning to a second line, which would read MEDIAN BELL Special Control and Access Required (SCAR) Use Only or some other phrase directed by the program security instructions. [19]

Involved individuals

SAP access ergo policy on classified security categories de facto is understood informally as described as those who need to know have access, access is "on a need to know basis". [20] A SAP can only be initiated, modified, and terminated within their department or agency; the Secretary of State, Secretary of Defense, Secretary of Energy, Secretary of Homeland Security, the Attorney General, the Director of National Intelligence; their principal deputies (e.g. the Deputy Secretary of State in DoS and the Deputy Secretary of Defense in DoD); or others designated in writing by the President. [21] These offices are better known as 'classification authorities.' They retain the right to declassify or revise classification levels.

The U.S. Secretary of Defense is obliged to submit a report, submitted not later than the 1st of March for each year, to the defense committee on special access programs. [22]

Examples

The following national or international SAPs, unless otherwise noted, are identified in 32 CFR 154.17:

See also

Related Research Articles

<span class="mw-page-title-main">Classified information</span> Material that government claims requires confidentiality

Classified information is material that a government body deems to be sensitive information that must be protected. Access is restricted by law or regulation to particular groups of people with the necessary security clearance with a need to know. Mishandling of the material can incur criminal penalties.

<span class="mw-page-title-main">United States Intelligence Community</span> Collective term for US federal intelligence and security agencies

The United States Intelligence Community (IC) is a group of separate U.S. federal government intelligence agencies and subordinate organizations that work both separately and collectively to conduct intelligence activities which support the foreign policy and national security interests of the United States. Member organizations of the IC include intelligence agencies, military intelligence, and civilian intelligence and analysis offices within federal executive departments.

<span class="mw-page-title-main">Sensitive compartmented information</span> Information relative to U.S. National Security

Sensitive compartmented information (SCI) is a type of United States classified information concerning or derived from sensitive intelligence sources, methods, or analytical processes. All SCI must be handled within formal access control systems established by the Director of National Intelligence.

<span class="mw-page-title-main">Bureau of Intelligence and Research</span> Intelligence agency in the U.S. State Department

The Bureau of Intelligence and Research (INR) is an intelligence agency in the United States Department of State. Its central mission is to provide all-source intelligence and analysis in support of U.S. diplomacy and foreign policy. INR is the oldest civilian element of the U.S. Intelligence Community and among the smallest, with roughly 300 personnel. Though lacking the resources and technology of other U.S. intelligence agencies, it is "one of the most highly regarded" for the quality of its work.

<span class="mw-page-title-main">Sensitive compartmented information facility</span> Facility for handling US national secrets

A sensitive compartmented information facility, in United States military, national security/national defense and intelligence parlance, is an enclosed area within a building that is used to process sensitive compartmented information (SCI) types of classified information.

The United States government classification system is established under Executive Order 13526, the latest in a long series of executive orders on the topic of classified information beginning in 1951. Issued by President Barack Obama in 2009, Executive Order 13526 replaced earlier executive orders on the topic and modified the regulations codified to 32 C.F.R. 2001. It lays out the system of classification, declassification, and handling of national security information generated by the U.S. government and its employees and contractors, as well as information received from other governments.

Classified information in the United Kingdom is a system used to protect information from intentional or inadvertent release to unauthorised readers. The system is organised by the Cabinet Office and is implemented throughout central and local government and critical national infrastructure. The system is also used by private sector bodies that provide services to the public sector.

The National Industrial Security Program, or NISP, is the nominal authority in the United States for managing the needs of private industry to access classified information.

The Special Security Office (SSO) is a function within multiple arms of the United States federal government and armed forces with the mission to provide a reliable and secure means to receive and disseminate Sensitive Compartmented Information (SCI) and Special Access Programs (SAP) to authorized recipients in the United States government and military organizations. In the military, they are administered by the National Security Agency or Defense Intelligence Agency depending on the command's mission.

The Joint Worldwide Intelligence Communication System is the United States Department of Defense's secure intranet system that houses top secret and sensitive compartmented information. JWICS superseded the earlier DSNET2 and DSNET3, the Top Secret and SCI levels of the Defense Data Network based on ARPANET technology.

The Public Interest Declassification Board (PIDB) is an advisory committee established by the United States Congress with the official mandate of promoting the fullest possible public access to a thorough, accurate, and reliable documentary record of significant U.S. national security decisions and activities. The Board is composed of nine individuals: five appointed by the President of the United States and one each appointed by the Speaker of the House, House Minority Leader, Senate Majority Leader, and Senate Minority Leader. Appointees must be U.S. citizens preeminent in the fields of history, national security, foreign policy, intelligence policy, social science, law, or archives.

National intelligence programs, and, by extension, the overall defenses of nations, are vulnerable to attack. It is the role of intelligence cycle security to protect the process embodied in the intelligence cycle, and that which it defends. A number of disciplines go into protecting the intelligence cycle. One of the challenges is there are a wide range of potential threats, so threat assessment, if complete, is a complex task. Governments try to protect three things:

The United States Intelligence Community A-Space, or Analytic Space, is a project started in 2007 from the Office of the Director of National Intelligence's (ODNI) Office of Analytic Transformation and Technology to develop a common collaborative workspace for all analysts from the USIC. It is accessible from common workstations and provides unprecedented access to interagency databases, a capability to search classified and unclassified sources simultaneously, web-based messaging, and collaboration tools. The Defense Intelligence Agency (DIA) is the executive agent for building the first phase of A-Space. Initial operational capability was scheduled for December 2007. A-Space went live on the government's classified Joint Worldwide Intelligence Communications System 22 September 2008. A-Space is built on Jive Software's Clearspace application.

For Official Use Only (FOUO) is an information security designation used by some governments.

<span class="mw-page-title-main">Controlled Unclassified Information</span> US government information category

Controlled Unclassified Information (CUI) is a category of unclassified information within the U.S. Federal government. The CUI program was created by President Obama’s Executive Order 13556 to create a streamlined method for information sharing and safeguarding. The Information Security Oversight Office (ISOO) acts as the Executive Agent (EA) of the National Archives and Records Administration (NARA), and is responsible for oversight of the CUI program. The ISOO monitors the implementation of the CUI program by executive branch agencies. CUI will replace agency specific labels such as For Official Use Only (FOUO), Sensitive But Unclassified (SBU), and Law Enforcement Sensitive (LES) on new data and some data with legacy labels will also qualify as Controlled Unclassified Information. Federal contractors who handle CUI will be required to self-assess with the Cybersecurity Maturity Model Certification (CMMC) under the Cyber AB.

The Department of the Navy Central Adjudication Facility, a Naval Criminal Investigative Service (NCIS) organization, was responsible for determining who within the Department of the Navy is eligible to hold a security clearance, to have access to Sensitive Compartmented Information (SCI), or to be assigned to sensitive duties. The aggregate body of DoN personnel consists of Active Duty and Reserve components of the United States Navy and Marine Corps, as well as civilians and contractors. In addition, DoN CAF makes SCI eligibility determinations for select contractor personnel. Collateral clearance determinations for contractor personnel are established by DISCO.

A variety of networks operating in special security domains handle classified information in the United States or sensitive but unclassified information, while other specialized networks are reserved specifically for unclassified use by the same agencies. Some sites accessed from these networks have been referred to as "classified websites" in official communications, such as the American embassy "Amman's Classified Web Site at http://www.state.sgov.gov/pinea/amman/" and "Mexico City's Classified Web Site at http://www.state.sgov.gov/p/wha/mexicocity" Some of these trace back to the Defense Data Network which split from the Internet in 1983.

<span class="mw-page-title-main">Bullrun (decryption program)</span> Code name of a decryption program run by the NSA

Bullrun is a clandestine, highly classified program to crack encryption of online communications and data, which is run by the United States National Security Agency (NSA). The British Government Communications Headquarters (GCHQ) has a similar program codenamed Edgehill. According to the Bullrun classification guide published by The Guardian, the program uses multiple methods including computer network exploitation, interdiction, industry relationships, collaboration with other intelligence community entities, and advanced mathematical techniques.

A United States security clearance is an official determination that an individual may access information classified by the United States Government. Security clearances are hierarchical; each level grants the holder access to information in that level and the levels below it.

References

  1. Information Security Program (PDF) (Report). Pentagon, Washington, D.C.: U.S. Assistant Secretary of Defense, for Command, Control, Communications, and Intelligence. 1997-01-14. p. 86. Archived from the original on 2023-02-05. Retrieved 2024-11-04.
  2. "Executive Order No. 8381: Defining Certain Vital Military and Naval Installations and Equipment (PDF), 5 Fed. Reg. 1147 (1940-03-26). Retrieved 2024-11-05. Archived from the original on 2024-11-05
  3. "Executive Order No. 10104: Defining Certain Vital Military and Naval Installations and Equipment as Requiring Protection Against the General Dissemination of Information Relative Thereto," (PDF) 5 Fed. Reg. 1147 (1950-02-03). Retrieved 2024-11-05. Archived (National Archives) from the original on 2006-01-04.
  4. "Executive Order 10501: Safeguarding Official Information in the Interests of the Defense of the United States," (PDF) 18 Fed. Reg. 7049 (1953-11-10). Retrieved 2024-11-05.. Archived (CIA) from the original on 2017-01-03.
  5. 1 2 Relyea, Harold C. (2010). Security Classified and Controlled Information: History, Status, and Emerging Management Issues. DIANE Publishing. ISBN   9781437935776. Archived from the original on 2024-09-03. Retrieved 2020-11-21.
  6. "EXECUTIVE ORDER 11652 -- 'CLASSIFICATION AND DECLASSIFICATION OF NATIONAL SECURITY INFORMATION AND MATERIAL' | CIA FOIA (foia.cia.gov)". www.cia.gov. Archived from the original on January 23, 2017. Retrieved 2019-06-01.
  7. "10 U.S. Code § 119—Special access programs: congressional oversight". Legal Information Institute. Cornell University. Archived from the original on September 5, 2022. Retrieved May 9, 2017.
  8. United States Senate (1997). Report of the Commission on Protecting and Reducing Government Secrecy: pursuant to Public Law 236, 103rd Congress (PDF). Senate Document 105-2. Washington, D.C.: United States Government Publishing Office. ISBN   978-0-16-054119-3. Archived from the original (PDF) on August 21, 2019. Retrieved November 6, 2024.
  9. "Hearing before the Select Committee on Intelligence" (PDF). Archived (PDF) from the original on 2021-03-08. Retrieved 2016-01-01.
  10. AR 380-381, 2004, p. 11
  11. Exec. Order No. 12356, 32 CFR 154.17 (2016) Archived from the original on November 6, 2024.
  12. and NISPOM, 2006, p. 9-3-1 [ full citation needed ]
  13. AR 380-5, 2000, p. 11
  14. DCID 3/29, 1995
  15. Authorized Classification and Control Markings Register v1.2, p. 9
  16. Intelligence Community Authorized Classification and Control Markings Register and Manual, v5.1, p. 67-68
  17. For the aforementioned notional MEDIAN BELL program, and the RED FAN 1532 and RED GLUE A691 and D722 sub-compartments of the notional SPACKLE CEILING program. It is possible that A691 is a sub-sub-compartment of D722, or vice versa.
  18. AR 380-5, 2000, p. 221
  19. AR 380-381, 2004, p. 37
  20. F.A.S. - Intelligence and Security Doctrine Archived 2021-07-25 at the Wayback Machine published by the Federation of American Scientists [Retrieved 2015-12-13]
  21. Executive Order 13526
  22. 10 U.S.C. § 119 Archived from the original on May 21, 2012.
  23. AR 380-67, 1988, p. 17
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.