Sloppiness in Handling Highly Classified Information is Widespread

By John Sipher

John Sipher worked for the CIA’s clandestine service for 28 years. He is now a nonresident senior fellow at the Atlantic Council and a co-founder of Spycraft Entertainment. John served multiple overseas tours as Chief of Station and Deputy Chief of Station in Europe, Asia, and in high-threat environments. He is the recipient of CIA’s Distinguished Career Intelligence Medal.

FBI Director James Comey’s 5 July statement on the investigation into Hillary Clinton’s private e-mail server was exactly what we would expect from a professional investigative service.  He explained the issues in plain language, focused on facts, and made clear that the multitude of political opinions swirling around the case are uninformed and had no impact on the investigation.  However, I am certain that the Director’s recommendation to not indict Clinton will surprise many people who heard him reveal Clinton had mishandled classified information. 

It may be difficult for many Americans to understand how anyone can have it both ways.  How can someone share classified information on an unclassified computer system and not be held accountable?  Why isn’t this a slam dunk?

Realistically, however, Director Comey had no other choice.  To indict Hillary Clinton would raise the question as to why we don’t arrest scores of senior officials.

The problem is that you can’t indict everybody.  Sadly, there are numerous incidents where senior officials who should have known better were, as Director Comey characterized, “extremely careless in the handling of very sensitive, highly classified information.”  This sloppiness is widespread.

Was Hillary Clinton careless and arrogant?  Certainly.  However, such hubris is practically a job requirement in Washington.  In fact, those who have spent any time in the Intelligence Community have seen similar sloppy behavior by senior officials at the Department of Defense (DoD), CIA, FBI and the White House (although admittedly, one of the worst is the Department of State). 

While hubris is part of the potent mix leading to such behavior, equally important is a bureaucracy rife with poorly articulated and managed information, as well as overlapping systems with inconsistent security procedures.  Further, senior executives operate in an environment which is far more gray than black and white when it comes to the use of classified and unclassified information.

There are two sides of this coin that security professionals deal with every day.  On one side, there are senior leaders who clearly believe that they are above the need to protect information.  At the same time there is almost no way to maintain a clear line between what is classified, and what is not – a fact which helps to protect those who abuse the privilege.

From my experience, Secretary Clinton’s actions fit a familiar pattern.  Many senior officials complain that they cannot be expected to keep track of what is classified and what is not, because they need to make quick decisions and take action based upon the information they receive.  They are in the arena and are held accountable for results.  Practitioners assume that the purpose of secret information is to help them do their job, and therefore they should be able to “use” the information as they see fit in order to accomplish larger mission objectives.  In this way, many senior officials develop a mindset that they are above it all.  They are doers who cannot be held back by bureaucracy and conflicting rules.  Is this hubris?  Yes, and it is widespread.

Despite the entitled attitude, there is some truth to their claim.  Senior policymakers indeed are forced to work in a gray area.  For senior leaders entrusted to help solve big issues, it is hard to clearly compartment secret from non-secret information.  The fact that the USG over-classifies information makes this even harder.  For every issue involving a key foreign partner, a senior official receives reams of classified and unclassified information from numerous agencies and sources, spoken and written alike.  Some of the classified information is conflicting or simply confirms other information from unclassified sources.  It is easy to blur the distinction over where the line should be. 

As a senior intelligence officer, it becomes an executive function to know how to parse your language and know exactly how far to go when discussing issues outside of the Intelligence Community.  Junior practitioners can simply say nothing, but senior leaders don’t have that luxury.  A good portion of the information that they share is likely “classified” in some sense.

However, the fact that former senior CIA officials like Michael Hayden, Mike Morrell, Leon Panetta and George Tenet have to excise material from their books after submitting them to the CIA’s publication review board, makes clear that this is not an easy distinction.  If CIA Directors can’t easily determine what is classified, and what is not, it is surely difficult for other consumers of intelligence information to do so.  The classification system itself plays into this problem.  The level of classification of a specific document is based on a judgment call as to how damaging the information would be if released.  Reasonable and experienced people can disagree, and find it expedient to simply classify at the higher level.  This, in turn, leads many busy policymakers to dismiss the classifications as expedient and unjustified.

Further, the systems senior government leaders are forced to use are unwieldy and insecure.  I for one, do not believe Clinton’s e-mail server was any less secure than those of the State Department.  And it is not just State.  DoD systems are leaky and poorly protected, as well.  Senior State, DoD, and FBI officials do not have systems that allow them to communicate quickly and securely with other agencies, not to mention within their own organizations. 

When I worked with the FBI on tremendously sensitive espionage matters, their top officials were forced to go to a separate facility to process secure fax transmissions since they could not write or speak at the requisite level on their own systems.  Many busy FBI executives would simply resort to double-speak on the phone, a practice arguably less secure than using unclassified e-mail. It is also a too frequent practice at the State Department and the White House to simply strip off the classification headers on material so that they can transmit it on unclassified systems.  Many of us in CIA joked how fun it would be to serve as a foreign intelligence officer in the U.S.  You would have a field day.

Nonetheless, there are also times when senior leaders just don’t seem to care.  I can recall as a young officer given the rotating assignment to go into Ambassador Richard Holbrooke’s hotel room in a foreign country every time he left to pick up the classified material he routinely would leave behind.

The commentary on Mrs. Clinton will surely continue.  Those who dislike her will focus on her apparent disregard for security practices, while her supporters will focus on the fact that she will face no criminal charges.  While the vast majority of those with access to classified material take their responsibilities seriously, the sloppy handling of classified information will also continue. 

Despite the ease of stealing information from the U.S., we will nonetheless continue to collect important information and run successful operations.  We succeed because we are big and powerful and have just too many operations for any opponent to manage, not because we are efficient or careful.  If we can feel any sense of relief, it is because stealing information is the easy part.  Putting it all together and have it make sense is much harder.

Related Articles