POLICY ON UNAUTHORIZATION DISCLOSURES AND ON DAMAGE ASSESSMENTS

Approved For Release 2009/03/23: CIA-RDP94B0028OR001200050001-0 SECRET DIRECTOR OF CENTRAL INTELLIGENCE Security Committee SECOM-D-344 28 October 1982 MEMORANDUM FOR: Members, DCI Security Committee SUBJECT: Policy on Unauthorized Disclosures and on Damage Assessments 1. In response to SECOM tasking, the Unauthorized Disclosures Investi- gations Subcommittee (UDIS) submitted reports on the subject topics. These were intended for use by the CIA member in responding to tasking from the Interagency Group/Countermeasures. SECOM members were briefed on and dis- cussed these reports at the 12-13 October seminar. Copies of the reports, and of covering memorandum to me, are attached for your information and review. 2. Members agreed at the seminar that there was.no need for another iteration of the Willard Report, and that the DCI should again ask Judge Clark to complete his evaluation of it and provide recommendations to the President. Members also agreed to forward the paper on unauthorized disclosures to the CIA member for his use in responding to the IG/CM. 3. The SECOM was unable to address the paper on a national policy on damage assessments. Members are requested to review the attached report on OFFICIAL USE ONLY WHEN SEPARATED FROM ATTACHMENT SECRET Approved For Release 2009/03/23: CIA-RDP94BOO28OR001200050001-0  Approved For Release 2009/03/23: CIA-RDP94B00280R001200050001-0 r SECRET, 0 12 October 1982 MEMORANDUM FOR : Chairman, DCI Security Committee Chairman, Unauthorized Disclosure Investigations Subcommittee (UDIS) SUBJECT: UDIS Report on Unauthorized Disclosure and Damage Assessment Policy 1. Pursua t to tasking by the Security Committee, the UDIS met on 17 and 24 September and on 1 and 8 October, 1982, to re- examine the Willard Report and to make recommendations with respect to that report. UDIS also met to discuss issues related to damage assessments. The results of our deliberations are embodied in the two attached papers. 2. The first paper, "National Policy on Unauthorized Disclosures," presents three options to stimulate action regarding the problem of unauthorized disclosures. The majority view was that the Community continue to urge Presidential action on the Willard Report in its current form. 3. The second paper, "Points for Consideration Relative to a National Policy on Damage Assessments," represents the views of UDIS on this matter and was unanimously agreed to by all of the members who attended the 8 October 1982 meeting (Air Force, Army, CIA, DIA, Energy, FBI, Treasury, and Navy). 4. The UDIS also discussed the initiative by the Attorney General which calls for establishing an inter-agency group which would review leak cases which are submitted to the Department of Justice with the recommendation that they be investigated by the, FBI. Deputy Attorney General Mark Richard had indicated that he. wanted Intelligence Community participation in the group and, in fact, had suggested that the UDIS might constitute this review group. UDIS members attending the 8 October 1982 meeting felt that the UDIS did have a role to play in this area and requested guidance from the Security Committee as,to whether UDIS should . either participate in, or form the nucleus of, this inter-agency group. SECRET UNCLASSIFIED WHEN SEPARATED FROM ATTACHMENT Approved For Release 2009/03/23: CIA-RDP94B00280R001200050001-0  Approved For Release 2009/03/23: CIA-RDP94BOO28OR001200050001-0 . . NATIONAL POLICY ON UNAUTHORIZED DISCLOSURES I. Background Unauthorized disclosures of classified information represent a lack of discipline within the U.S. Government which may result in one or more of the following: 1) the disclosure of classified or other sensitive government information, 2) the compromise and negation of various intelligence sources and methods, and 3) the foreclosure of policy options available to senior governmental decision makers. In many circumstances, unauthorized disclosures have a negative and. debilitating impact upon the effective and efficient functioning of government. Over the years, successive Administrations have attempted with varying degrees of success to eliminate such disclosures. .It is clear, therefore, that a national policy on unauthorized disclosures does exist, i.e. unauthorized disclosures must be stopped. The most recent examination of the problem of unautho- rized disclosures occurred in early 1982. At that time, an interdepartmental group consisting of representatives from Central Intelligence Agency, and the Departments of Defense, Energy, Justice, State and Treasury, prepared a report (the Willard Report) designed to improve the Government's ability to protect classified information and prevent unauthorized disclosures. The remedial steps suggested were: a. that the Administration support legislation to strengthen existing criminal statutes that prohibit the unauthorized disclosure of classified information. Rather than trying to prosecute federal employees under the espionage laws, it was recommended that a new statute be enacted which would make it a criminal offense. for a federal employee or contractor to disclose classified information to unauthorized. persons.; b. that all persons with authorized access to classified information be required to sign binding and enforceable secrecy agreements acknowledging that they OFFICIAL USE. ONLY Approved For Release 2009/03/23: CIA-RDP94BOO28OR001200050001-0  Approved For Release 2009/03/23: CIA-RDP94BOO28OR001200050001-0 OFFICIAL USE ONLY have been informed of their obligation to protect the classified information to which they have access. These secrecy agreements would include a prepublication review requirement; c. that agencies adopt appropriate policies to govern contacts between media representatives and government officials; d. that each agency that originates or stores classified information adcnt internal procedures to ensure that unauthorized disclosures of classified .information are effectively investigated and that appropriate sanctions are imposed for violations; e. that where the Department of Justice and the affected agencies believe an investigation is warranted, the FBI be permitted to investigate unauthorized disclosures of classified information under circum- stances where the immediate result of a successful investigation would be imposition of administrative sanctions rather than criminal prosecution; f. that existing agency regulations be modified to permit the use of polygraph examinations of government employees under carefully defined circumstances; and go that authorities for the federal personnel security program be revised and updated. There appears to be broad support for the recommendations set forth in the Willard Report with the exception of the polygraph and prepublication review provisions. There was some concern that the polygraph would be objectionable to senior government officials and military personnel and that it was too drastic,* intrusive and unreliable to be used in most leak investiga- tions. The proponents of polygraph testing, on the other hand, point to thirty years of experience in utilizing the polygraph in security investigations. This experience suggests that the polygraph is not. only reliable, it serves as an important deterrent to inappropriate handling of classified information. Moreover, it was noted that the polygraph recommendation was very narrowly focused. The polygraph would only be used when a small number of individuals had been identified as potential suspects and the examination itself would be limited to the unauthorized disclosure being investigated and would not include lifestyle questions. Approved For Release 2009/03/23: CIA-RDP94BOO28OR001200050001-0  Approved For Release 2009/03/23: CIA-RDP94B00280R001200050001-0 ? OFFICIAL USE ONLY ? In a similar vein, the prepublication review requirement has been viewed in some circles as inappropriate for senior government officials and others whose post government activities would involve the writing of numerous works for publication. Proponents argued that existing secrecy agreements already restricted such publication. They noted, moreover, that the U.S. Supreme Court has indicated that the prepublication review requirement was implied. in the granting of access to classified information, whether or not an agreement had been signed. Proponents, therefore, suggested that including a prepublication clause in the secrecy agreement served only to make explicit existing legal requirements. They argued, moreover., that it was. only fair that individuals signing secrecy agreements be placed on clear notice as to what their obligations were in this regard. The Willard Report, after being approved by the Attorney .General, was forwarded to Judge Clark,. Assistant for National Security Affairs, for presidential approval and promulgation. The Report has been with Judge Clark for some time and the prospects of it being sent to the President prior to the November elections appear dim. We.understand that Judge Clark has requested explanations of the various provisions of the Report from his legal officer but it is unclear when the Report will be forwarded to the President. . II. Issues for Decision: There are three suggested strategies to stimulate action on the Willard Report. The first option is to withdraw the Willard Report, and begin again with a new study containing a different mix of recommendations. For example, access to controlled government facilities might be withdrawn if individuals (e.g., journalists) with such access knowingly compromised classified. information. A new and restructured report might recommend an Executive Order on the subject of unauthorized disclosures rather than the National Security Decision Directive suggested by the Willard Report. The advantage of this option is that it capitalizes on the additional thinking within the Community that has occurred since the writing of the Willard Report. A paper with all of the strengths but none of the supposed weaknesses of the Willard Report could be written. The risk associated with this strategy is that the new paper would compete against the Willard Report and,'r.ather than stimulating action, would cause additional delay and inaction resulting from a new protracted period of review. Alternatively, the two reports might be returned to the Community with the request'that a third draft be prepared which would meld ,the two papers. (SUPPORTERS OF OPTION 1: None); Approved For Release 2009/03/23: CIA-RDP94B00280R001200050001-0  Approved For Release 2009/03/23: CIA-RDP94BOO28OR001200050001-0 ? Vr r .Lk_L ILLJ VJti vLVL1 ? The second option would be to retain the Willard Report while eliminating the most controversial items. Each recom- mendation would be evaluated in terms of its effectiveness in addressing the leak problem, ease of implementation and degree of controversy. On the basis of a cost-benefit analysis the controversial issues would be eliminated to ensure implementation of the remaining recommendations in the Willard Report. The advantage of this approach is that it would diffuse the controversy which has surrounded the Report and turn it into a consensus document which would be palatable to all Community agencies and presumably to those who would have to promulgate it. The disadvantage of this strategy is that it might prematurely compromis,7 two of the most important recommendations (polygraph and prepublication review) contained in the Report and, thus, reduce the effectiveness of efforts to eliminate unauthorized disclosures of classified information. In this regard, the view was expressed that despite deep Administration concern about the problem of unauthorized disclosures, it should be expected that the Community will have only one opportunity to have this issue addressed by the President. Consequently, if the Willard Report is weakened, it is unlikely that the Community will be able to go back with additional recommendations. (SUPPORTERS OF OPTION 2: Energy, State, OSD, DIA) The third option is to support the Willard Report in its entirety. The Report has been presented to Judge Clark as the recommendation of the Interagency Group on Unauthorized Dis- closures. The Report was signed by the Attorney General and is fully supported by the Director of Central Intelligence. It is for Judge Clark to take into account the comments of the various agencies and to present the President with his recommendation. Rather than prejudging this recommendation, option three would simply encourage Judge Clark to reach a decision-as expeditiously as possible. The advantage of this strategy is that we will not be negotiating against ourselves by revising our proposal even before a response to our proposal has been received. By supporting the Willard Report in its entirety, we ensure that all of the recommendations will be fully considered. The dis- advantage of this strategy is that the continued presence of the controversial items, May result in continued paralysis of action and may delay implementation of any part of the Willard Report. (SUPPORTERS OF OPTION 3: Justice, Treasury, CIA, Army,. Navy, AF, FBI, NSA, Approved For Release 2009/03/23: CIA-RDP94BOO28OR001200050001-0  Approved For Release 2009/03/23: CIA-RDP94BOO28OR001200050001-0 0 POINTS FOR CONSIDERATION RELATIVE TO A NATIONAL POLICY ON DAMAGE. ASSESSMENTS L. Background This paper represents a preliminary effort to examine the damage assessment process to determine what, if anything, could be done to optimize the process. Rather than attempting a definitive study of the subject, an effort has been made to identify issues which require further exploration. Positions taken on these issues wi71-1pt-ermine what additional work is necessary in this area. As a point of departure it is useful to note that a national policy on damage assessments is articulated in Information Security Oversight Office (ISOO) Directive go. 1. (32 CFR.Part 2001). This Directive, which is binding on the various departments and agencies, was promulgated pursuant to authority granted the Director of that Office by the President in Section 5.2 of Executive,Order 12356 (April 6, 1982). The Directive states in Section 2001.47: Any person who has knowledge of the loss or possible compromise of classified,information shall immediately report the circumstances town official designated for this-purpose by the person's agency or organization. The agency that originated the information shall be notified of the loss or possible compromise so that a damage assessment may be conducted and appropriate measures taken to negate or minimize any adverse effect of the compromise. The agency under whose cognizance the loss or possible compromise occurred shall initiate an inquiry to (a) determine cause, (b) place responsibility, and (c) take corrective measures and appropriate a, dmm'._pistrative, disciplinary, or legal action. The ISOO'Directive attacks the problems of loss or compromise of.classified information along two dimensions. First, the originating agency, that is the agency which owns the. material, is charged with the responsibility to conduct a damage assessment and to.take appropriate measures to negate or minimize any. adverse effect of the compromise. Second, the agency with responsibility for .the loss or compromise is required to Approved For Release 2009/03/23: CIA-RDP94B0028OR001200050001-0  Approved For Release 2009/03/23: CIA-RDP94BOO28OR001200050001-0 ? S E C R E T 49 - determine how the loss occurred, to take corrective and remedial steps to prevent the problem from recurring and to take administrative, disciplinary. or legal action against those responsible for the loss. In discussing damage assessments, an expansive definition of the term, and of the process, has been adopted. When an incident .occurs, it would be expected that a four-step process would begin: First, a preliminary inquiry would be undertaken to determine whether ther-.a has been a compromise of classified information. If a compromise has occurred, then a preliminary judgment must be made as to whether the compromise could reasonably be expected to cause damage to the national security. Second, if a compromise of classified information has occurred and the probability of damage to the national security cannot be discounted, then an inventory of the classified information involved would be prepared and the impact of the compromise on the national security would be evaluated. Third, if it is determined that the compromise could have a significant impact on the national security, appropriate countermeasures to negate or minimize the effect of the compromise would be identified. Fourth, remedial or corrective action would be specified. An attempt would be made to identify the person(s) responsible for the compromise and administrative, disciplinary or legal action would. be proposed to deal with the situation. Even when it is not possible to identify the person responsible for the compromise, it may be possible to examine what went wrong. If existing procedures are deemed adequate, but implementation has been sloppy, employee notices or additional training may be appropriate. If systemic problems or gaps in regulations- or procedures are identified, then more extensive corrective action would be required. A. National Level Guidance With Respect To Damage 'Assessments- Investigative Triggers There was near unanimity that a full-blown damage assessment would not-be appropriate in every case and inflexible requirements would be--counterproductive. If, for 2 - Approved For Release 2009/03/23: CIA-RDP94BOO28OR001200050001-0  Approved For Release 2009/03/23: CIA-RDP94B00280R001200050001-0 0 ? example, a safe were left open in a controlled facility and discovered by a security guard soon afterward, cataloging all of the items in the safe and assessing the national security impact of the possible compromise may not be necessary. On the other hand, even in the above circumstance, if the open safe contained a master list of safe combinations, it would be prudent to change all of the safe combinations. Even at the other end of the spectrum discretion is desirable. If, for example, a diplomatic pouch containing large sums of money were broken into and the money taken while other material and documents were left untouched, a damage assessment might not be required unless the theft were. considered to be a cover for the photographing of the documents. Despite the unanimity that discretion must be built into the system,. there was a division of opinion as to whether there should be any national level guidance. It was suggested that when specialized intelligence equipment or classified military equipment is lost, a human source or a technical collection system is jeopardized, a diplomatic pouch containing classified information is lost, a secure facility is penetrated, or espionage occurs, a full damage .assessment should be required unless the agency head or Apni-cs1Zee expressly determines that this is not necessary. B. Improved Quality Control At present there is no way of evaluating, outside of existing chains of command, whether damage assessments when done are well done. Although there is no clear evidence that damage assessments are deficient, there is considerable question about the extent to which they are merely descriptive rather than analytical and prescriptive. There is, moreover, no current ability to hold up a particularly good damage assessment. as a model for others to emulate. There is always the suspicion, however ill-founded, that damage assessments prepared by the components most intimately involved are self-serving documents which may inflate or devalue impacts or which may mask or minimize problems, procedural inadequacies or poor personnel or program management There was a clear consensus, however, that agencies should not lose control of the damage assessment, process. Each agency should conduct its own damage assessment and should be free to structure an investigative: framework which adequately reflects the realities of that agency. On the other hand, there was less clarity as to whether adequate.. quality control could be assured at the program manager level or whether a broader agency perspective would be helpful. 3 - Approved For Release 2009/03/23: CIA-RDP94B00280 R001200050001-0  Approved For Release 2009/03/23: CIA-RDP94B00280R001200050001-0 ? S E C R E T ? It?was suggested that it might be useful to establish a separate mechanism within each agency to ensure the timeli- ness and quality of damage assessments. There was some feeling that a separate mechanism which focused exclusively on the quality and timeliness of such assessments could in time appreciably enhance the value of such asssessments to each agency.. The specific mechanism would vary according to the unique configuration and structure of each agency. Each quality control mechanism, however, would be empowerer' to make recommendations involving specific damage assessments to the extent that discrete deficiencies are found. In addition, by analyzing large numbers of damage assessments over time, the quality control mechanism could make recommendations concerning improvement in the methodology and approach taken in putting together such assessments. For example, it could ensure that the substantive and technical expertise represented by the operational components whose information was compromised and the specialized knc,.vledge of the analytical components able to assess the impact of the compromise had been adequately utilized. In addition, it could ensure that security, counterintelligence and inspection or program audit perspectives had been included. It also could review whether damage assessments could better be conducted by individuals or teams specially designated to examine a particular leak or by units with a permanent membership. It could assess whether organizational changes were needed in order to spur new thinking or whether there was a need to create or improve institutional memory and level of experience in examining compromises. C. Assessment Implementation The-most significant parts of a damage assessment are its forward looking aspects. Obviously countermeasure recommendations help to make a bad situation better. The remedial or corrective steps which are designed to determine cause, to place responsibility, to recommend administrative, disciplinary or legal action, or to implement policy and. procedural.chang.es are critically important. There is considerable question, however, about the extent to which any, recommendations which are made are actually implemented. It is suggested,. therefore, that a tickler or review system .je established to revisit damage assessments after a three or six-month interval to determine. whether it is still "business as usual," or whether the changes which have been made are really working and are adequate to prevent a recurrence. Opponents suggest that under current procedures, the chain of command is -responsible for implementing corrective or remedial measures; and that there is no need for any change in the system. Proponents suggest that under the current system the status of damage assessments, the status of. various recommended courses of action, or even whether the case has been closed from an administrative,,-disciplinary or 4 - Approved For Release 2009/03/23: CIA-RDP94B00280R001200050001-0  Approved For Release 2009/03/23: CIA-RDP94BOO28OR001200050001-0 ? S E C R E T ? legal point of view often is unclear. In sum, proponents suggest that there is such a variety and diversity of disclosures which are reported through so many different chains of command that appropriates r.dination and necessary feedback very often is lacking. D. Sharing of Information The present damage assessment system is deficient because of the paucity of mechanisms by which lessons learned can be shared. There is some dissatisfaction with the current, informal, ad hoc system of exchanging information. It is recognized that there is a natural concern about airing "dirty linen" in public. There are justifiable concerns about security, particularly when compartmented or "bigoted" programs'are involved. There also is the view that many of the remedial measures proposed may be program or organization specific with little relevance outside a very narrow circle. To be sure there may be natural boundaries beyond which the costs of sharing information may exceed the benefits. However, even if it is argued that it is not useful to share information outside these natural boundaries, greater sharing of information than currently is the case should be encouraged. It is suggested that there is-a military hardware or weapons system grouping. There is an Intelligence Community and within that there is an SCI Community. At least within each of these groupings information can be pooled. Mistakes which have been made on one program or compartment may later be made by individuals working on another program or in another compartment. It often is possible to generalize from remedial measures taken in one program so that other program managers can benefit. More to the point, this can'be done without touching upon the particularly sensitive information. In the Boyce-Lee case, for example, it was not necessary to discuss the specific company, or the specific intelligence system involved in order to share with other program managers the utility of the two person rule or the desirability of instituting an industrial polygraph program. The issue here is whether there should be some national level guid,=.nce which encourages or mandates sharing of information or whether the present system, which largely leaves sharing of information to each program manager, is adequate. ~ Currently, the Air Force has a newsletter (published 3 to 4 times a year) that synopsizes various cases involving unauthorized disclosures of SCI which the Air. Force determines to be of 'general applicability and interest. The Air Force disseminates this newsletter throughout the SCI; Community, both inside and outside the Department of Defense. By means of this newsletter the SCI Community is given the benefit of. Air Force experience in.a variety of - 5 - Approved For Release 2009/03/23: CIA-RDP94BOO28OR001200050001-0  I 1\GIGGJG LVV V/VV/LV VIlI-1\VI VZVVVLVVI\VV ILVVVVVVV 1-V S E C R E T ? unauthorized disclosure cases and is able to apply any preventive measures necessary to safeguard against a repetition elsewhere in the Community of the circumstances which led to particular unauthorized disclosures. It is suggested that the Air Force newsletter serve as a model for other newsletters which would address the needs and interests of various appropriate communities. The SECOM could publish such a newsletter regarding cases of broad interest to the Intelligence Community, in general, or to the SCI Community, in particular. Similarly, the ISOO could be tasked with publishing such a newsletter concerning unauthorized disclosures within various communities of interest that relate to the world of collateral classified information. It is significant to note that DCID 1/19, as currently revised, provides for sharing with the SECOM and the DCI summaries of investigations and actions in cases involving significant compromises. Another area of discussion centered upon the proposed establishment of an unauthorized disclosure data base. It appears that the Department of Justice (DOJ) an,_: the Federal Bureau of Investigation (FBI) are moving inexorably toward establishing a data base which would contain all information relating to unauthorized disclosures reported to them. DOJ strongly believes that such a i.ata base would be useful to it and to the FB-I in getting an analytical handle on the problem of unauthorized disclosures. That is to say, DOJ is interested in analyzing large numbers of unauthorized disclosures to determine if there are any significant commonalities, patterns, or trends that emerge from the data that would aid the FBI in its investigations of such matters. With this DOJ initiative on the horizon, it is believed that an even broader data base would be useful to agencies within various appropriate communities. Under a proposal for a broad data base, the participating agencies would, above some pre-determined level of triviality, contribute information on unauthorized disclosures to a central system, whether or not the disclosures were reported to DOJ. The greatest concern with the establishment of such a system was that in order for the system to be. effective, it would require that all relevant information regarding unauthorized disclosures be fed into the stem. This might include very sensitive information. The concern expressed fails?to take into account the? fact that other very sensitive data bases already exist with appropriate safeguards. For example, there is a Government- wide register of human intelligence sources which, though extremely sensitive, provides an invaluable reservoir of - 6 - Approved For Release 2009/03/23: CIA-RDP94B00280R001200050001-0  Approved For Release 2009/03/23: CIA-RDP94B00280R001200050001-0 I S E C R E T Q information that enables the Intelligence Community to more efficiently and effectively conduct its assessment and recruiting activities. To avoid widespread dissemination of sensitive information relating to unauthorized disclosures, the. proposed system could be similar in design to the 4C System, which is intended to contain an equally sensitive data base of all SCI accesses for all SCI programs. Only a limited number of people would have access to the proposed system and an even more limited number would have access to, the particularly sensitive information in such a system. Hopefully, as a comprehensive analytical platform, such a data base could ultimately become an important diagnostic tool for the participating agencies. The data base would provide useful information concerning the specific types of information being disclosed, any correlation between types of disclosures and government processes, any correlation between types of disclosures and media representatives, and past disinformation programs. The information gained from the analysis of such a data base would assist in evaluating existing security practices and developing any new ones determined to be necessary. It would assist in developing models of the various types of inadvertent disclosures. It would assist in concentrating security resources in specific areas where the risk of disclosure is high. It would quickly identify old releases, isolate chronic leakers, develop countermeasures for disinformation and deception programs. Finally, it may be useful in predicting future trends with -respect to unauthorized disclosures so that anticipatory countermeasures may be implemented. F. Regulations As a final point it was noted that it would be useful for those agencies which have not yet issued regulations implementing ISOO Directive No. 1 to do so. In addition, if any of the above recommendations are adopted, they might be included-in existing or new regulations. - 7 - Approved For Release 2009/03/23: CIA-RDP94B00280R001200050001-0