The Information Security Oversight Office (ISOO) may not be a household name, but anyone interested in the proper functioning of our democracy should take note of a report it released last week. The report compiles statistics relating to federal agencies’ classification of information for national security purposes in fiscal year 2011. The numbers show that we urgently need to rethink how our government creates and accounts for its secrets.
Classification allows the government to shield information if its public disclosure could harm national security. But officials often are tempted to classify documents for the wrong reasons. Some officials are too busy to make a careful determination; others fear incurring penalties if they mistakenly disclose sensitive information; still others want to enhance their own status or protect their agency’s “turf”; and some seek to hide misconduct or incompetence. Because officials are rarely if ever penalized for improper classification, there is no countervailing disincentive. The result is massive “overclassification,” a phenomenon noted by experts and blue ribbon commissions for decades.
Overclassification is not erring on the side of safety. It actually threatens national security by limiting the sharing of information among officials and agencies, which in turn limits our government’s ability to understand and link data about security threats. It also erodes respect for the classification system among the ever-growing pool of officials and contractors who work with classified information, increasing the risk of leaks. More fundamentally, overclassification undermines the critical ingredient for a well-functioning democracy: an informed citizenry.
The latest ISOO report reveals that there were 92 million decisions to classify information in fiscal year 2011. This number represents a 20 percent increase from 2010, itself a 40 percent increase from 2009. But while the absolute number is staggering, it is difficult to interpret the underlying trend. As ISOO noted, agencies are gradually improving their methods for counting the classification of electronic information. How much of the increase was due to better counts — or even better information-sharing within government, leading to more classified communications — and how much was due to a higher level of secrecy? Under the current reporting system, there is no way to know.
A more telling number is the success rate when members of the public challenge a document’s classification through a process known as mandatory declassification review (MDR). In roughly nine out of ten cases, an agency that receives an MDR request decides to release some or all of the document, suggesting that it either was not properly classified or was classified for a longer period of time than necessary. To be sure, many MDR requests are for older documents. But the process is used for contemporaneous information as well, and the consistency of the requesters’ success rate in recent years suggests that overclassification is no less rampant today than it was in the past.
Two conclusions may be drawn from these numbers. First, we need better metrics to measure government secrecy. An email forwarded to multiple recipients may signify progress in information-sharing, and should be counted differently than multiple decisions to classify information. Improvements in record-keeping should be accompanied by estimates of previous undercounts. In short, more specific information about classification decisions is necessary to identify trends and make sense of the numbers. In its report, ISOO acknowledges the need for better information. Congress should provide ISOO with the resources it needs for that purpose.
Second, the report suggests that curbing overclassification will require major changes to the existing system. In December 2009, President Obama amended the executive order governing classification to bolster training requirements, prohibit indefinite classification, and direct officials to refrain from classifying when in doubt. It is too early to judge these changes’ full effect, but ISOO’s 2010 and 2011 reports constitute early indications that they don’t go far enough. Indeed, the President anticipated the need to go further when he amended the executive order, simultaneously directing his advisory committee on classification policy to develop recommendations for a “more fundamental transformation” of the system.
The advisory committee is reaching the end of its deliberations and will soon present its recommendations. They should include measures to address the fundamental cause of overclassification: the lack of any disincentives to counterbalance the many immutable incentives to overclassify. In particular, agencies should be required to conduct “spot audits” of officials who classify documents. Those who routinely overclassify should be subject to regular follow-up audits, and repeat offenders should face mandatory consequences, including revocation of classification authority in extreme cases.
Overclassification is a threat to our democracy and our national security alike. But the key to tackling it is within reach. If the President adopts measures to introduce accountability into the system, we may see some very different numbers emerging from ISOO in the coming years.