One of the greatest ironies of some of the heavy-handed government responses to WikiLeaks is, as a new Secrecy News policy release proves, that it is illegal for people with security clearances to access leaked classified documents, but legal for people without security clearances. To this end, people who work for the military are not allowed to read WikiLeaks. The ironies of bureaucracy strike yet again.
The problem, at its heart, is a legal one. People in certain positions in government are subject to legal restrictions on what they are allowed to access or communicate (I won’t say can access or communicate, because that confuses legal threat with personal will, which is how we get into these sorts of paradoxes in the first place). That’s true even after information is leaked, because formally even leaked information is still classified. A document can be “Secret,” or even “Top Secret,” without actually being a secret.
A new Department of Defense (DoD) policy, from the Undersecretary for intelligence, easily illustrates the problem:
Classified information, whether or not already posted on public websites or disclosed to media, remains classified, and must be treated as such… Except as authorized…, DoD employees or contractors shall not, while accessing the web on unclassified government systems, access or download documents that are marked classified (including classified documents publicly available on WikiLeaks.org and other websites), as doing so risks putting classified information on unclassified IT systems…
DoD employees or contractors shall… neither confirm nor deny the presence of classified information in articles or websites in the public domain.
The above regulation extends to home computers if employees use them to check their work email or access their work in any other way. And then there’s this gem:
DoD employees or contractors who believe they have inadvertently accessed or downloaded classified information from a public website… shall contact their information assurance manager… In the case of WikiLeaks-related classified documents, the IAM will document each occurrence and delete the affected file(s) by holding down the SHIFT key while pressing the DELETE key for Windows-based systems… All other classified spillages must be handled in accordance with existing regulations.
I suppose if the “spillage” occurs on a Mac or Linux computer, the manager in question will simply be flummoxed.
This is not solely a DoD problem, because it’s not solely an American problem. Other governments, including Canada’s, have also tried to restrict employee access to WikiLeaks. I’m not certain what the precise policy is with regard to the “Cablegate” documents, but when a large amount of Afghan War material leaked during the summer, the Department of National Defence announced the following exceptionally dubious policy:
DND/CF [Department of National Defence/Canadian Forces] computers are not to be used to visit the WikiLeaks site or any other websites containing such information. Such use constitutes “unauthorized use”… Reasons for not accessing the site are as follows:
- The site attracts a large volume of traffic. Given the nature of the material, third parties could collect and exploit visitor data or deliver malicious software through downloaded files.
- Conducting web searches for this information may expose the user’s computer to malicious search engine poisoning attacks.
The same logic presumably applies to all other high-traffic sites, but I doubt DND has banned, say, Google, on the grounds that someone might “collect… visitor data.” Although Google does collect visitor data. And you can use Google to find confidential material, too.
Document 1. Undersecretary for Defense Intelligence. Memorandum: Notice to DoD Employees and Contractors on Protecting Classified Information and the Integrity of Unclassified Government Information Technology (IT) Systems. January 2011. Via Secrecy News.
Document 2. DWAN Wide Email. Wikileaks Notice/Avis Wikileaks. Via CBC News.Tweet