SECRECY NEWS
from the FAS Project on Government Secrecy
Volume 2011, Issue No. 115
December 14, 2011

Secrecy News Blog: http://www.fas.org/blog/secrecy/

CONGRESS AUTHORIZES MILITARY ACTION IN CYBERSPACE

Congress has given the U.S. military a green light to conduct offensive military operations in cyberspace.

"Congress affirms that the Department of Defense has the capability, and upon direction by the President may conduct offensive operations in cyberspace to defend our Nation, allies and interests," said the FY 2012 defense authorization act that was adopted in conference this week (section 954).

The blanket authorization for offensive cyber operations is conditional on compliance with the law of armed conflict, and the War Powers Resolution, which mandated congressional consultation in decisions to go to war.

"The conferees recognize that because of the evolving nature of cyber warfare, there is a lack of historical precedent for what constitutes traditional military activities in relation to cyber operations and that it is necessary to affirm that such operations may be conducted pursuant to the same policy, principles, and legal regimes that pertain to kinetic capabilities," the conference report on the defense authorization act said.

"The conferees also recognize that in certain instances, the most effective way to deal with threats and protect U.S. and coalition forces is to undertake offensive military cyber activities, including where the role of the United States Government is not apparent or to be acknowledged."

"The conferees stress that, as with any use of force, the War Powers Resolution may apply."

This is an odd formulation which suggests that the War Powers Resolution may also not apply. In any case, the Resolution is a weak reed that has rarely been used by Congress to constrain executive action.

According to the Congressional Research Service, "Debate continues on whether using the War Powers Resolution is effective as a means of assuring congressional participation in decisions that might get the United States involved in a significant military conflict."


CONGRESS ENACTS INSIDER THREAT DETECTION PROGRAM

Congress ordered the Secretary of Defense to establish an information security program for detecting "unauthorized access to, use of, or transmission of classified or controlled unclassified information." The provision was included by the FY2012 defense authorization act that was approved in conference this week (section 922).

The insider threat detection program, conceived as a response to WikiLeaks, is intended to "allow for centralized monitoring and detection of unauthorized activities." Among other things, it is supposed to employ technology solutions "to prevent the unauthorized export of information from a network or to render such information unusable in the event of the unauthorized export of such information."

The Congressional action was partially anticipated by President Obama's executive order 13587 of October 7, 2011, which established new governance procedures for improving the security of classified information.

The new legislation adds some further detail and imposes deadlines for compliance.


CIA WILL PROCESS REQUEST ON OPEN SOURCE WORKS

In an abrupt reversal, the Central Intelligence Agency said that it will process a Freedom of Information Act request for documents pertaining to the establishment of Open Source Works, the CIA's in-house open source intelligence organization.

Intelligence historian Jeffrey Richelson had requested the charter of Open Source Works under the Freedom of Information Act, only to be told that the CIA could not confirm or deny the existence (or non-existence) of responsive records. See "Charter of Open Source Org is Classified, CIA Says," Secrecy News, December 12.

But Dr. Richelson said that CIA Information and Privacy Coordinator Susan Viscuso called him yesterday to inform him that the request would be processed after all. The earlier response, she said, was "an administrative error."


DOD SAYS MILITARY INTEL BUDGET REQUEST IS CLASSIFIED

The amount of money that the Pentagon requested for the Military Intelligence Program (MIP) in FY2012 -- around $25 billion -- is classified and will not be disclosed, the Department of Defense said last week in response to a Freedom of Information Act request for the figure.

The MIP budget request number "is currently and properly classified in accordance with Executive Order 13526 Section 1.4(g) concerning vulnerabilities or capability of systems, installations, infrastructures, projects, plans or protection services relating to the national security," the December 7 denial letter stated.

The decision to withhold the MIP budget request number is incongruous, considering that the MIP appropriation is unclassified ($24 billion in FY2011).

Not only that, but the amount of money that was requested for the National Intelligence Program (NIP) is unclassified and has been released by the Director of National Intelligence ($55 billion for FY2012).

"No identifiable damage to national security was caused by the release of the NIP budget request figure," we noted yesterday in an appeal of the initial FOIA denial.

"From a classification policy perspective, there is no substantive difference between the NIP and the MIP. Each Program involves intelligence sources and methods requiring protection, classified acquisition programs, and other sensitive and properly classified activities."

"Just as disclosure of the NIP budget request caused no damage to national security, it is clear that disclosure of the MIP budget request would be likewise harmless," we wrote in the December 13 appeal.

Like other questionable classification choices, the decision to classify the MIP budget request is ripe for reconsideration and correction in the ongoing Fundamental Classification Guidance Review.


SUPPORT SECRECY NEWS

We hope that all Secrecy News readers will give generously to charitable causes that help relieve those who are in distress. After you have done that, we hope you may also contribute to Secrecy News and the work of the FAS Project on Government Secrecy.

As readers know, we do not charge anyone for subscriptions to Secrecy News or for access to the records we collect. We want to make our work available even to those who can't or don't want to pay for it.

But one way or another, we need to pay our bills like everyone else. And so-- this appeal.

If your situation permits, please consider making a tax deductible contribution to the Federation of American Scientists to support Secrecy News. (Thanks to those who have already done so!)

Donations can be made online here (specify that your donation should be directed to "government secrecy"):

If contributing via Paypal, send us a separate email to let us know you want your contribution allocated to the FAS Project on Government Secrecy. Checks payable to FAS may also be mailed to:

Secrecy News
Federation of American Scientists
1725 DeSales Street N.W.
6th Floor
Washington D.C. 20036

******************************

Secrecy News is written by Steven Aftergood and published by the Federation of American Scientists.

The Secrecy News blog is at:
      http://www.fas.org/blog/secrecy/

To SUBSCRIBE to Secrecy News, go to:
     http://www.fas.org/sgp/news/secrecy/subscribe.html

To UNSUBSCRIBE, go to:
      http://www.fas.org/sgp/news/secrecy/unsubscribe.html

OR email your request to saftergood@fas.org

Secrecy News is archived at:
      http://www.fas.org/sgp/news/secrecy/index.html

SUPPORT the FAS Project on Government Secrecy with a donation here:
      http://www.fas.org/member/donate_today.html