You can argue about the effectiveness of the United States’ national security classification program, but there’s no disputing one point: Keeping secrets costs money—lots of it.
Last year, executive branch agencies shelled out an estimated $11.4 billion on classified information systems and other facets of the program, according to an annual report released this week by the Information Security Oversight Office, a branch of the National Archives and Records Administration.
That’s up 12 percent–or $1.2 billion–from 2010, and more than double the figure from a decade ago. The actual tab to taxpayers is likely much higher, because the report doesn’t include spending by the CIA, the National Reconnaissance Office and four other agencies that do almost all of their work in secret. Their estimates are provided in a classified addendum to the public portion of the report.
ISOO doesn’t speculate on possible reasons behind last year’s double-digit percentage increase, but one obvious suspect is the government’s response to the massive WikiLeaks breach, which became known starting in mid-2010. Spending on “protection and maintenance for classified information systems,” for example, shot up 20 percent last year to $5.65 billion. The cost of physical security also ballooned by more than 20 percent to $1.74 billion. Interestingly, though, estimated agency spending on personnel security dropped 10 percent to about $1.4 billion.
At the National Archives’ Information Security Oversight Office, they were celebrating today’s release of a first-ever registry for controlled unclassified information, as the government describes records deemed worthy of some protection but not outright classification as secret, top secret, etc.
Although a lot of work remains, the new registry “is certainly an important milestone,” John Fitzpatrick, the office’s director, said in a phone interview this morning.
To date, agencies have pretty much been winging it in deciding what should fall under the CUI umbrella and what to call it (Examples include “Sensitive,” Law Enforcement Sensitive,” and “For Official Use Only”). In 2009, a presidential task force counted 117 different markings and concluded that executive branch performance “suffers immensely from interagency inconsistency” in the CUI arena.
The upshot was an executive order from President Obama that basically told the government to get its act together. The registry released today won’t change anything immediately; as the web site notes, the status quo remains in effect until a new yet-to-be-decided marking regimen takes effect. But it does break CUI down into 15 subject categories, such as law enforcement, immigration and privacy, followed by 85 subcategories (“privacy-contract use,” privacy-financial,” and so on.) It also justifies each with a reference to a specific law, regulation or government-wide policy.
“So far, so good I think,” said Sharon Bradford Franklin, senior counsel with The Constitution Project, one of a number of open government advocates that have been providing input to the government. She praised the oversight office for its work in finding a legal basis for each CUI grouping, but voiced concern with guidelines that restrict dissemination of CUI “only to individuals who require the information for an authorized mission purpose.”
“Require” seems a bit strong, Franklin said. “Going forward, I want to make sure that the instructions on dissemination and safeguarding aren’t unduly restrictive and that we’re promoting information-sharing as much as possible.”
Here’s one way to get the press out to your new records storage facility: Promise them peeks at the military personnel files of Army Gen. George S. Patton, Elvis Presley, and Jimi Hendrix.
The National Archives and Records Administration on Oct. 15 will dedicate its new National Personnel Records Center in St. Louis, Mo., which will house more than 100 million files on veterans and former civil servants. Two days before that, they’re inviting reporters to view the facilities, preservation labs where they restore documents — and celebrities’ service records.
Besides Old Blood and Guts, Elvis and Hendrix, the Archives plan to display files on Beat Generation novelist Jack Kerouac, Brooklyn Dodger Jackie Robinson, and Roots author Alex Haley.
Maybe something in Hendrix’s file will settle the debate over why he was quickly discharged from the Army. Did the paratrooper-in-training break his ankle — as Hendrix often claimed — was he a lousy soldier, or did he feign homosexuality to get booted and begin his musical career, as biographer Charles Cross maintains?
As of today, the Information Security Oversight Office has a new director in the person of John P. Fitzpatrick, a former top security official at the Office of the Director of National Intelligence.
ISOO, part of the National Archives and Records Administration, is a small but critical cog in oversight of the government’s security classification system. The agency has also been charged with bringing order to the mishmash of agency approaches for handling controlled unclassified information.
“A strong advocate for information sharing and protection, he has demonstrated his ability to lead and oversee change both within and beyond the intelligence community throughout his career,” Archivist David Ferriero told NARA staff in announcing Fitzpatrick’s appointment. The announcement was posted on the Secrecy News blog of the Federation of American Scientists, where Steven Aftergood wrote that Fitzpatrick is taking over at “at a particularly crucial moment in secrecy policy.”
Fitzpatrick succeeds William Bosanko, who was promoted in March; William Cira, ISOO associate director for classification management, has been filling in.
Fitzpatrick formerly served as assistant deputy director of National Intelligence for Security at ODNI and previously headed the agency’s special security center, according to his official bio. He has also worked at the CIA and the National Reconnaissance Office.
A Senior Executive Service member, Fitzpatrick has a bachelor’s degree in economics and psychology from the College of William and Mary.