Efing Wikileaks

[John T. Fishel]

in the government hierarchy, there is no penalty for releasing classified info - unless you are Scooter Libby and lie about it to the FBI. When I was a junior officer assigned to the Army's current intel shop, I would often roll my eyes when reading Joe Alsop's column in the Washington Post where I would see half of a SECRET NOFORN cable that I had read yesterday! Clearly, the Administration was leaking classified - we used to jokingly ask who Alsop had lunch with. I would also often see - several days (or weeks) later - in the press stuff that I had seen in classified form. Note that the original messages were still classified but the information had moved into the open source literature.

Later in my career, I saw classification from the other side - that is plans that were classified TS but once executed should have been UNCLAS but somebody forgot to declassify - in other cases they were declassified. So, one issue here is proper classification or its lack. Another is the appropriate response to Adminsitration leaking of only part of the story - is this disinformation? A third, is declassification - what and when? Our system has problems with all of these. IMHO many of those problems could be addressed simply by using some "common sense" and people doing the jobs they are paid to do. Unfortunately "common sense" is uncommon; people don't always do their jobs; and other people want to play the system for their own political ends.

Cheers

JohnT

[Rex Brynen]

When I was a junior officer assigned to the Army's current intel shop, I would often roll my eyes when reading Joe Alsop's column in the Washington Post where I would see half of a SECRET NOFORN cable that I had read yesterday!

I've seen that too (well, not NOFORN, obviously)—although in some case it is the result of the embassy (or whoever) classifying information that is already circulating in the field.

On the issue of wikileaks and the capabilities of Warlock Red/Green et al, there's good reason to keep data on this sort of stuff classified even after the system has passed out of widespread US usage—allies or locals may still be using older systems (or might be in future). I certainly used to use comms stuff in the 1980s that Ken would have remembered from "a generation" earlier

[Ken White]

..........

[Schmedlap]

On my last deployment, there was 30 GB of pornography on the SIPR network, iPods hooked up to secret computers (I guess it was just to charge it; you can't download stuff from iTunes - but still a blatant OPSEC violation), and I stumbled upon a site on the SIPR that had information that had no business being accessible to just anyone with a Secret clearance (not sure if it was S or TS, but I do know that it was, in layman's terms, "need to know" information). After a few months of continually raising these issues, the latter one was solved. I guess batting .333 ain't bad?

There is also the problem of overclassification. Most of the stuff that occurs on the SIPR network is not of a classified nature. Some that occurs via NIPR is. Much of the stuff on SIPR has no business being there, because we don't know where it originated from. Likewise with NIPR, for the opposite reason. It's a weird over/under situation that few people take seriously, including, unfortunately, many commanders.

[Stevely]

On my last deployment, there was 30 GB of pornography on the SIPR network, iPods hooked up to secret computers (I guess it was just to charge it; you can't download stuff from iTunes - but still a blatant OPSEC violation), and I stumbled upon a site on the SIPR that had information that had no business being accessible to just anyone with a Secret clearance (not sure if it was S or TS, but I do know that it was, in layman's terms, "need to know" information). After a few months of continually raising these issues, the latter one was solved. I guess batting .333 ain't bad?

Geez. We took Ft. Drum off the network during a Unified Endeavor exercise due to the presence of reams of porn on their SIPR that just so happened to carry lots of malware (imagine that!).

[Rex Brynen]

iPods hooked up to secret computers (I guess it was just to charge it; you can't download stuff from iTunes

Pretty much every iPod doubles as a USB (or, in the earlier models, Firewire) hard disk. Indeed, its not at all unusual for them to be used by academics to carry sensitive interview notes across borders in places where border guards don't know this (but otherwise do examine or seize laptops, USB keys, CDs, etc).

[selil]

Pretty much every iPod doubles as a USB (or, in the earlier models, Firewire) hard disk. Indeed, its not at all unusual for them to be used by academics to carry sensitive interview notes across borders in places where border guards don't know this (but otherwise do examine or seize laptops, USB keys, CDs, etc).

Ditto.

Though Google Docs has fixed some of that. Or Mobile Me.

On a second or tertiary note I think I've mentioned before that stuff I've written has been grabbed by entities and classified. Though the documents reside on my computer outside the walls the context of what I wrote to others had them classify it.

An entity from ODNI and another from DHS when briefed on my dissertation research asked to read it before I publish. Jokingly the person from ODNI suggested they would just have my work classified under the national secrets act which I guess was never actually passed. Ha!

Though I have not had a clearance in 2 decades nor am I currently seeking one I have been shown classified information. I think they call is "special access" or some such type thing. Entities wanted my opinion about something so they let me read some stuff and I gave an opinion. All I had to do was sign an non-disclosure-agreement and those were only for three years. Though I use that as an example of breaches in standard Bell-Lapadula security models there was a certain amount of trust.

Even though the entities likely couldn't care less years later I don't discuss the topics involved. Trust is a form of respect. The public need to know is not more important than my respect for the entities involved or their respect for me. Though I think wikileaks serves some purpose I wonder if it is more about people with no respect for their country acting like fools.

[Ski]

Interesting thread and discussion.

I have been in classified briefings inside the 5 Sided Puzzle Palace and have read about them the next day in the Washington Post AND Washington Times to my amazement.

Overclassification is a MAJOR problem and bogs down the system. Anyone who has been deployed to OIF or OEF and used SIPR understands the mind-numbing stupidity that has become the norm. The system was so abused in Afghanistan that the J3 on our staff called in all the team leaders and read us the riot act on classification standards...people were either overclassifiying information, or misclassifying information.

And now that SIPR has become the medium of choice for anything significant - to include scads of unclassified info - and more people than ever have access to it, I suspect the confusion is only going to get worse.

[Mark O'Neill]

As a Coalition (Australian) member at the COIN CFE I was not 'allowed' (not by US COIN CFE staff) but by the the TF doing the business advice at our centre to the incoming Bde to sit in on the briefings.

Albeit I had a higher clearance than many of the US guys in the room and had already been briefed on the capability before arriving at Taji.

one of those things I guess....

[bismark17]

We need as a country to do a better job of determining what is truly secret and what is just operational knowledge that should be passed on to the end user. While I understand the sources and methods argument, I think at least on the methods end, it's over rated. There is so much information out there that it doesn't take much to put the pieces together in a lot of cases. This obsession on security is more a problem than assistance in the big scheme of things. The bad guys are exploiting every means of commo out there and are a smart adversary. They are sharing what they know. Jails, Prison or Juvenile Detection are like colleges for the miscreants. They pass out information. Another example is the hacker forums on the net. 2600 and another one that escapes my memory are like text books. While there is some misinformation, I would bet money they are more accurate in most cases than the major media outlets.

Some of this secret squirrel nonsense just creates stovepipes in information sharing. The bad guys don't worry about bureaucratic classification levels, they just give the end user what they need to know to accomplish the mission. I could go on with various TTPs that get people up in arms that are common knowledge in novels, TV shows like the Wire, or Film. To repeat once again, the bad guys are sharing what they know. It would be great if we could figure out a system where we could, without worrying about getting into trouble.

[bismark17]

[QUOTE=Ski;62829]Interesting thread and discussion.

"I have been in classified briefings inside the 5 Sided Puzzle Palace and have read about them the next day in the Washington Post AND Washington Times to my amazement."

I had the same experience on a lesser scale when I reported out in a compstat like briefing and watched the news the next day and saw several of my topics on the local evening news.

[jmm99]

The following is a good basic summary of the relevant law, which will be well-known to most regulars here.

CRS RS21900
Updated August 5, 2004
The Protection of Classified Information: The Legal Framework
Nathan Brooks, Legislative Attorney, American Law Division
.....
Criminal Penalties.

Generally, federal law prescribes a prison sentence of no more than a year and/or a $1,000 fine for officers and employees of the federal government who knowingly remove classified material without the authority to do so and with the intention of keeping that material at an unauthorized location. [39]

Stiffer penalties – fines of up to $10,000 and imprisonment for up to ten years – attach when a federal employee transmits classified information to anyone that employee has reason to believe is an agent of a foreign government. [40]

Fines and a ten-year prison terms also await anyone, government employee or not, who publishes, makes available to an unauthorized person, or otherwise uses to the United States’ detriment classified information regarding the codes, cryptography, and communications intelligence utilized by the United States or a foreign government. [41]

[39] 18 U.S.C. § 1924. Agencies often require employees to sign non-disclosure agreements prior to obtaining access to classified information, the validity of which was upheld by the Supreme Court in Snepp v. United States, 444 U.S. 507 (1980).

[40] 50 U.S.C. § 783.

[41] 18 U.S.C. § 798. This provision is part of the Espionage Act (codified at 18 U.S.C. §§ 792 - 799), which generally protects against the unauthorized transmission of a much broader category of “national defense” information, prescribing fines and a prison term of up to ten years.

http://www.firstamendmentcenter.org/....security4.pdf

---------------------------------
1. The mildest penalty (1 yr max) under 18 U.S.C. § 1924 (note [39] in report) is clear as to the officer or employee. The statute is here.

The issues become murkier as we go down the chain of transmission, which could involve a number of people before it reaches the Web or media outlets. The possibility of using a conspiracy charge against others in the chain becomes less likely the further removed from the original source.

----------------------------------
2. The upgraded penalty (10 yr max) under 50 U.S.C. § 783 (note [40] in report) was part of the Cold War Communist Control package. The relevant subpart is here.

TITLE 50 > CHAPTER 23 > SUBCHAPTER I
SUBCHAPTER I—CONTROL OF SUBVERSIVE ACTIVITIES
§ 781. Repealed.]
§ 782. Repealed.]
§ 783. Offenses
§§ 784, 785. Repealed.]
§§ 786, 787. Repealed.]
§§ 788 to 795. Repealed.]
§ 796. Effect of subchapter on other criminal laws
§ 797. Penalty for violation of security regulations and orders
§ 798. Repealed.]

Many sections have been repealed; but 783, 796 and 797 are still viable.

The guts of the statute is "... to communicate in any manner or by any means, to any other person whom such officer or employee knows or has reason to believe to be an agent or representative of any foreign government, any information of a kind which shall have been classified ...."

The limitation here is transmission to a foreign government agent or representative. So, if Cavguy transmits classified to JMM, this statute does not apply. Honest, I'm not an agent of the Finnish consulate.

-------------------------------------------
3. The more general statute (also 10 yr max in most cases; death or life in others) is the Espionage Act (note [41] in report), which goes back to WWI. The relevant subpart is here.

TITLE 18 > PART I > CHAPTER 37
CHAPTER 37—ESPIONAGE AND CENSORSHIP
[§ 791. Repealed.]
§ 792. Harboring or concealing persons
§ 793. Gathering, transmitting or losing defense information
§ 794. Gathering or delivering defense information to aid foreign government
§ 795. Photographing and sketching defense installations
§ 796. Use of aircraft for photographing defense installations
§ 797. Publication and sale of photographs of defense installations
§ 798. Disclosure of classified information
§ 798A. Temporary extension of section 794
§ 799. Violation of regulations of National Aeronautics and Space Administration

Prosecutions can generally be brought under 793 and/or 794, with a number of specific crimes (photos, sketches, etc.) in other sections. 798 is not of general application to classified information - it applies to codes, etc.

The usual problem in these cases is establishing a specific intent to injure national security.

----------------------------------------------------
4. These specific charges (all three chapters could apply in a given case) can be combined with the general conspiracy statute, 18 USC § 371. Conspiracy to commit offense or to defraud United States, which is here.

For an example of multiple charges, see the proffer in the AIPAC case (the facts underlying Larry Franklin's guilty plea), which is here.

Litigation under the Espionage Act gets complicated (e.g., the Rosenberg case), but more currently the slew of pleadings filed in the AIPAC case, which are here.

-------------------------------------------------
These statutes are badly in need of a complete revamping. Basically, we have the equivalent of a WWI tank to which parts have been added and subtracted in every subsequent armed conflict. Since each administration and Congress has its own take on the problem, a rational classified information policy seems unlikely.

PS: Cavguy - the Pentagon Papers case could have been prosecuted successfully; except that prosecution led to some shady stuff which the Nixon administration did not want to disclose. Sort of a Mexican standoff.