YOUR MEMORANDUM OF 27 MAY 1988

cprnpw- Declassified in Part - Sanitized Copy Approved for Release 2012/11/09: CIA-RDP90G01353R001700070089-4 ???? ??????????? 8?1101WA?lb Washington. D.C. 20505 Security Evaluation Office 3 June 1988 MEMORANDUM FOR: Robert E. Lamb, Assistant Secretary Bureau of Diplomatic Security Department of State FROM: SUBJECT: Director, Security Evaluation Office Your Memorandum of 27 may 1988 (U) 1. Our discussion on the afternoon of 27 May was useful in that you explained why you intend to move slowly in an orientation program for me on State security issues and you made clear your reservations about various aspects of the Security Evaluation Office mission. The 27 May memorandum you gave me makes some of your reservations even more clear. The memorandum also raises a point or two that did not arise in our conversation. First, let me address the items raised in your 27 May memorandum. 2. Your understanding of the Secretary Shultz-Judge Webster conversation of 25 May differs from mine. Before reciting my understanding let me say that neither of us should try to parse our respective understandings of that conversation without going back to the principals. My general understanding of their conversation is consistent with my concept for the Security Evaluation Office, however. I believe Secretary Shultz informed Judge Webster that: o Some members of the Department were concerned that the Security Evaluation Office might try to force the polygraph on State; o that, and some other concerns, was in a letter proposed for Secretary Shultz's signature; ? Secretary Shultz believed the proposed letter failed to capture his positions adequately and did not reflect fully his understandings with Judge Webster; something they could discuss later; o Secretary Shultz would ask the Department to proceed with the orientations I had requested. Declassified in Part - Sanitized Copy Approved for Release 2012/11/09: CIA-RDP90G01353R001700070089-4 Declassified in Part - Sanitized Copy Approved for Release 2012/11/09: CIA-RDP90G01353R001700070089-4 If that is substantially different than your understanding of Secretary Shultz's views and guidance to Ron Spiers, we should ask the principals to clarify. First paragraph of Your 27 May Memorandum 3. The point in your reference to the Shultz-Webster understanding that the Security Evaluation Office would be ". . . related primarily to technical security . . ." is not necessarily inconsistent with my concept of the mission of the Security Evaluation Office if you note the word primarily. First, let me emphasize my conviction that one cannot counter technical threats with only technical countermeasures. Physical security factors, the positive control of the work space, are fundamental to a defense against technical attacks by hostile intelligence services. One cannot assure physical security without attention to personnel security issues. We must have adequate personnel, physical, and technical security standards if our overseas missions are to be protected against the intelligence threat and the actual intelligence operations that you and I know to exist. The technical security issues certainly have been highlighted in the typewriters and the office building incidents in the USSR but the remedy is not to be found solely in technical security standards. I defer to the DCI, the Secretary of State, and the President as to whether they want to ignore the personnel and physical security issues. That would be a difficult position to defend in the wake of the next espionage or security problem overseas. 4. You raised another point in your 27 May memorandum, that the Security Evaluation Office is ". . . to report problems and recommendations to the Secretary of State . . ." (your added emphasis). Your point is not clear, but it was raised also by a woman in the Management Council meeting. My response was and is that the Director, Security Evaluation Office provides his standards, inspection results, and recommendationsto both the DCI and the Secretary of State. The Secretary of State receives them for action; he is responsible for managing embassies and missions abroad. The DCI receives information at the same time. The DCI and the Secretary will be fully informed on a timely and equal basis. I plan to keep the Secretary informed through the Assistant Secretary for Diplomatic Security. My choice is to do it through you rather than directly to the Secretary. That ensures that you and your bureau are fully informed and it preserves the integrity of the complete chain of State management authority. If you are implying that the Director of the Security Evaluation Office should report directly to the Secretary, i do not understand why and would wish to discuss that further. Second Paragraph of Your 27 May Memorandum 5. You assert that the Secretary of State does not consider it acceptable for the Security Evaluation Office ". . . to establish and monitor personnel standards." That may be but I was unaware that he objected to personnel security standards. Allow me a literal interpretation of your language, I never envisioned any interest in "personnel standards" in terms of whether 2 CrDVT Declassified in Part - Sanitized Copy Approved for Release 2012/11/09: CIA-RDP90G01353R001700070089-4 Declassified in Part - Sanitized Copy Approved for Release 2012/11/09: CIA-RDP90G01353R001700070089-4 State or anyone else wishes to hire the short or the tall, the quick or the slow, etc. My mission is to provide standards to protect embassies and missions from hostile intelligence services. Further, the Security Evaluation Office mission encompasses standards applicable to all tenants of our overseas missions, State and other organizations. These are security standards, minimum standards for all missions, exceptional security standards for high threat areas or high vulnerability environments. Your citation of "personnel standards" appears to refer to something different from my concept of "standards for personnel, physical, and technical security." Consider, if you will, the case of Sergeant Lonetree. We must have personnel security standards, and abide by them, if we are to protect the physical area from pilfering or technical attack by the Soviet intelligence services. Are you suggesting that the Secretary of State objects to personnel security standards/security standards for personnel as a function of the Security Evaluation Office? Should we discuss this further? 6. The second point you make in that paragraph has been dealt with in my paragraph 4 above. The point is that the DCI will be informed fully on a timely and equal basis. It is the Secretary of State who must act on the standards or non-compliance. It is the DCI who must be informed in the event of non-acceptance or non-compliance because then he, the DCI, is directed to report to the President and the Congress. Third Paragraph of Your 27 May Memorandum 7. I look forward to Brian Flanigan's orientation program on State technical activities. 8. The delay in briefings, delay in our joint visits, and delay in notifying State's posts and security officers of the Security Evaluation Office is not well understood. The advantages to the Department of State in ensuring that I am well informed of your perspectives and the advantages of being seen by congress and the President as cooperating as both requested appear to favor doing these things sooner rather than later. 9. I have attached a general description of the duties envisioned for the three functional groups of the Security Evaluation Office; standards, intelligence threat and vulnerability assessments, and inspections. 10. A small point on the name; we will avoid the abbreviation SE0 whenever possible. It would be misleading to add Technical to the office name because we believe the security problem overseas is broader than that implies. By the way, the Evaluation in Security Evaluation Office was placed there by the DCI to ensure there is no misunderstanding that the Secretary of State is responsible for security; the DCI Security Evaluation Office sets standards and monitors compliance. Attachment 3 CFrDT Declassified in Part - Sanitized Copy Approved for Release 2012/11/09: CIA-RDP90G01353R001700070089-4 Declassified in Part - Sanitized Copy Approved for Release 2012/11/09: CIA-RDP90G01353R001700070089-4 R Next 3 Page(s) In Document Denied Declassified in Part - Sanitized Copy Approved for Release 2012/11/09: CIA-RDP90G01353R001700070089-4 25X1