‘Managing Secrets in a Changed World’
As director of the Information Security Oversight Office, I have the pleasure of working in the National Archives Building in the heart of downtown Washington. It’s a pleasure for a number of reasons. First, after working in the Department of Defense for almost 30 years, I’ve spent my fair share of time in converted warehouses and other “improvised” office space. It is also a pleasure, of course, because the Rotunda at the National Archives Building houses and displays our country’s “Charters of Freedom” — the Declaration of Independence and the Constitution, including the Bill of Rights.
I have always made it a point throughout my career as a federal civil servant to keep a copy of the Constitution on my desk. I have, as have millions of my fellow civil servants, military members and political officials, taken an oath to uphold and defend the Constitution. Taking this oath seriously, I have, at times, found it useful to have that document at the ready for consultation. Imagine my delight then, in now being able to simply get up from my desk and walk a few hundred feet to consult the original, which I’ll confess doing every once and a while if only for the inspiration it provides, as well as for the reminder it serves of the liberties I, as well as others, often take for granted.
On my trips to the Rotunda, I am also struck by the charters’ juxtaposition with another document, which, along with a number of other archival treasures from our nation’s history, is also displayed in the Rotunda. The document is a signed resolution passed by the Second Continental Congress on November 9, 1775. This resolution required the members of this Congress to keep their proceedings secret. It reads as follows:
“On motion made, Resolved, That every member of this Congress considers himself under the ties of virtue, honor and love of his country not to divulge directly or indirectly any matter or thing agitated or debated in Congress before the same shall have been determined, without leave of the Congress; nor any matter or thing determined in Congress which a majority of the Congress shall order to be kept secret and that if any member shall violate this agreement he shall be expelled from this Congress and deemed an enemy to the liberties of America and liable to be treated as such and that every member signify his consent to this agreement by signing the same.”
In some regards, this resolution makes today’s nondisclosure agreements appear tame in comparison. Nonetheless, such a step by the Second Continental Congress, which included the future Presidents George Washington, John Adams and Thomas Jefferson, seems entirely appropriate in view of the fact that only several months prior, the King had declared all members to be traitors against the Crown — subject to arrest and possibly death.
The arrangement of these documents from so long ago in one place highlights the challenges of secrecy and openness in government that have been with us since the birth of our noble form of human existence. So it remains today, when, in a post-9/11 environment, our citizens’ sense of vulnerability has increased, as have their expectations of their government to keep them safe. In each situation, information is crucial. On the one hand, Americans are concerned that information may be exploited by our country’s adversaries to harm us. On the other hand, impediments to information sharing among federal agencies with state, local and private entities, as well as the general populace, need to be overcome in the interests of protecting our citizens as well as our democratic institutions. Even more so, the free flow of information is essential if citizens are to be informed and if they are to be successful in holding the government and its leaders accountable. In many regards, the federal government today is confronted with the twin imperatives of information sharing and information protection — two responsibilities that contain inherent tension but are not necessarily incompatible.
For the next several minutes, I intend to provide my personal views as to how we should be managing information-sharing and protection in the changed environment in which we find ourselves as a nation. I also intend to provide some insight into why I believe we need to address this topic as we undertake, as a nation, several fundamental reassessments regarding some longstanding institutions and processes in the national-security arena.
With respect to holding government and its leaders accountable, I realize that there is little for me to say to this audience. Many of you can speak much more eloquently on the subject than I; suffice it to say that an informed American citizenry is an essential element of our unique form of government, which, as that other document in the Rotunda, the Declaration of Independence, emphasizes, derives its just powers from the consent of the people. And throughout our nation’s history, whether confronted with abuse of power by our leaders, or with the sensationalism of “yellow journalism” and other bias by the press, or even with the inflamed passions and emotions of the people themselves, it is an informed citizenry which has always succeeded in maintaining our country’s steadfast commitment to the fundamental ideals and values which set us apart from just about all other societies in the world.
Regarding our nation’s fundamental values, I recognize that it has been opined by some that national security is not a value in itself — contrasted for example with open government, but rather a condition that allows a nation to maintain its values. In this context, it has been argued that it is inappropriate to speak of national security and openness as in some kind of balance. I disagree. In fact, the Preamble to the Constitution is abundantly clear that one of the fundamental purposes of this social compact is to “provide for the common defence” — national security, if you will, in today’s parlance. In other words, then as now, Americans expect to be able to send their loved ones off to work in the morning and not have them killed by our nation’s enemies before they have the chance to come home later that evening. In such a context, the exercise of secrecy can be as legitimate a tool of government power as is taxation, the raising of a militia, the regulation of international trade and interstate commerce, the minting of money, and the like.
And secrecy can be very effective as well. Whether it involves Eisenhower using Patton as a decoy to deceive Hitler prior to D-Day, or Schwarzkopf feinting right and hooking left in retaking Kuwait during the Gulf War, the ability to surprise and deceive the enemy can spell the difference between success and failure on the battlefield. Similarly, it is near impossible for our intelligence services to recruit human sources who often risk their lives aiding our country or to obtain assistance from other countries’ intelligence services, unless such sources can be assured complete and total confidentiality. Likewise, certain intelligence methods can only work if the adversary is unaware of its existence. Finally, the successful discourse between nations often depends upon constructive ambiguity and plausible deniability as the only way to balance competing and divergent national interests.
Secrecy, of course, is a double-edged sword. Denying information to the enemy on the battlefield also increases the risk of a lack of awareness on the part of our own forces, contributing to the potential for fratricide or other failures. Similarly, strict compartmentalization in handling human agents increases our own vulnerability to deception as a consequence of using sources that ultimately prove to be unreliable. Simply put, secrecy comes at a price — sometimes a deadly price — and I believe we have to become more successful in factoring that reality into the overall risk equation when it comes to addressing these twin imperatives of information sharing and information protection.
Our history is replete with the results of excessive secrecy — take, for example, New Coke. Whether developing a consumer product, seeking advances in science and technology, formulating Government policy, developing war plans or assessing intelligence, the end product can always be enhanced as a consequence of a far reaching give and take during which underlying premises are challenged and alternate approaches are considered. As such, secrecy and compartmentalization just about guarantees the absence of an optimized end product. The challenge is ensuring that this tradeoff — i.e., accepting something less than the optimal result in exchange for denying a potential adversary insight or knowledge into our capabilities or intentions as a nation — is taken into account when making a decision to cloak certain information in secrecy. This is an ability that I would suggest we have yet to master.
When the dissemination of information is restricted, the chances of being damaged by a compromise are decreased but the chances of being damaged by being wrong in how the data is interpreted and used are increased. Tough choice, but it is a choice that needs to be made deliberately and with forethought, as opposed to the decades-old default position of, first and foremost, restrict(ing) dissemination, which is followed in some arenas. Secrecy is an important fundamental principle, but it need not and should not be an automatic first principle. In certain circumstances, even with respect to national-security information, secrecy can run counter to our national interest.
For example, in the intelligence arena, not all sources and methods are created equal in terms of sensitivity and dependence upon secrecy to be effective — thus not all are required to be protected by the security classification system. For example, not too long ago the mission of the National Security Agency was classified — and even more recently, so was that of the National Reconnaissance Office. In this overall context, there are many intelligence sources and methods that work not because they are secret but they work simply due to human nature. I have first hand experience in this as a result of 30 years in the security and counterintelligence business, during which I spent a good part of my time making our cleared personnel aware of the intelligence sources and methods used by our nation’s adversaries. Notwithstanding being forearmed with such knowledge, our cleared people would often continue to have the same bad habits that were often easily and fruitfully exploited by the other side. If only it was so easy to be able to negate our adversaries’ collection capabilities by simply making their intelligence sources and methods better known, we would have been much better in denying information to our enemies than we in fact were during the course of the Cold War.
Similarly, as much as I would like to think that the reason that friendly governments and others share information with us is because they are enamored with our system for protecting secrets, I recognize instead that such nations share information with us first and foremost because they determine that it is in their national interest to do so — a determination that will always trump all other issues, to include how closely or widely we will hold their information. Thus, I believe a legitimate question to ask is whether we should use our clear and unchallenged leadership in the world to foster a more balanced approach to handling shared information, or should we automatically default to the lowest common denominator of not disclosing shared information under any circumstances that exists among all the nations in the world today, which includes some truly repressive regimes?
That said, while I believe that the basic framework of the security classification system is sound, in that it implements the president’s well-balanced policy for national-security information of keeping the American people informed of the activities of their government while at the same time maintaining essential information in confidence, I do not believe its implementation has been consistent throughout the executive branch. Such inconsistency, in turn, can undermine the classification system’s integrity. For example, to bring to bear the capabilities of the classification system for national-security information, the information’s originator need simply affix certain classification markings. However, it is not the security markings on the media that protects truly sensitive information from unauthorized disclosure; rather it is the people who deal with the information, their knowledge and understanding of the program, and their belief in the integrity of the system represented by the markings. This knowledge, understanding, and confidence cannot be taken for granted.
It is essential to recognize that the security-classification system is permissive, not prescriptive — it identifies what information can be classified, not what information must be classified. The decision to classify information or not is ultimately the prerogative of an agency and its original classification authorities. In this vein, I often observe that agency prerogative is the one thing that separates us bureaucrats from the tourists in Washington — thus it is often fiercely defended as an end in itself. The problem, however, is, with all due apologies to John Donne, no agency is an island. The exercise of agency prerogative to classify certain information has ripple effects throughout the entire executive branch. For example, it can serve as an impediment to sharing information with another agency, or with the public, who have a genuine need to know for the information. In addition, under some circumstances, it can actually undermine individuals’ confidence in the integrity of the overall system, to include cleared individuals, an outcome with serious implications for everyone.
In this regard, those of you who are familiar with the security-classification system may recall that the governing executive order spells out four standards that must be met in order for information to be legally afforded the protections of security classification. I like to think that there is also an unwritten fifth standard — what I call the “guffaw test,” the reaction of incredulity many of us have when we are confronted with the insistence on the part of an official that information known by any well-read grade-school student needs to remain “secret” in the interest of national security. We are all familiar with examples of information that fail to meet this test — I unfortunately am not at liberty to share with you current examples, since they are still legally classified. Suffice it to say, however, that when agencies elect to classify or to continue to classify information that fails to satisfy this unwritten fifth standard, their decisions can have a corrosive effect on the overall efficacy of the classification system and place truly sensitive information worthy of the protection afforded by the classification system — both their own information or that of other agencies — at needless increased risk. In the final analysis, when agencies consistently run afoul of the “guffaw test,” they run the risk of reducing classification markings to the same level of authority and relevance as a 55-mile-per-hour speed limit sign on the Capital Beltway.
We are a nation under challenge, a nation in transition, and a nation at war. We have and will continue to conduct fundamental assessments with respect to some longstanding processes and institutions within the national security arena. As we undertake these assessments as a nation, I firmly believe how we employ the tool of secrecy must be included. For too long we have focused on the risk associated with wider dissemination of information. We have since experienced firsthand the grave risks that can arise, in part, as a direct consequence of hoarding information. The reconciliation of the imperatives to both share and protect information must be made a deliberate part of the process and we must precipitate informed decisions each and every time a responsible individual elects to use the powerful tool of government secrecy in order to serve a larger end.
Getting back to the extraordinary place I get to hang my hat every workday, the National Archives Building downtown, if you look at the upper reaches of the building on the Seventh Street side, you will see inscribed in the granite the following inscription:
THIS BUILDING HOLDS IN TRUST THE RECORDS OF OUR NATION’S LIFE AND REPRESENTS OUR FAITH IN THE PERMANENCY OF OUR NATIONAL INSTITUTIONS.
Taken together with the juxtaposition of our Charters of Freedom and the aforementioned resolution of the Second Continental Congress, in a sense, this inscription embodies the goals of our security-classification framework. These aspirations recognize that our democratic principles require that the American people be informed of the activities of their government and that our nation’s progress depends upon the free flow of information while at the same time recognizing that throughout our history, the common defense has required that certain information be maintained in confidence in order to protect our citizens, our democratic institutions, our homeland security, and our interactions with foreign nations. This is not an either/or challenge. Deliberate, continuous effort is required to succeed at both — the American people expect and deserve nothing less.