CENTER FOR ETHICS AND THE RULE OF LAW​
Reddavebatcave – stock.adobe.com

A Damage Assessment of Trump’s “Declassification Defense”

Editor’s note: This opinion was originally published on Just Security.

Image: Reddavebatcave – stock.adobe.com

A Damage Assessment of Trump’s “Declassification Defense”

On Friday, the Director of National Intelligence (DNI) Avril Haines informed Congress that her office will lead an “assessment of the potential risk to national security that would result from the disclosure of the relevant documents” that were housed at former President Donald Trump’s residence at Mar-a-Lago. We can already anticipate broad outlines of what such an assessment may find – not in terms of the substantive policy areas and intelligence product that the classified documents cover because that is currently unknown, but in terms of the sources and methods potentially compromised by such disclosures based on publicly available information about the classified material at issue.

In this article, I focus on a specific aspect related to the national security risks from the disclosure of such documents. I address on its own terms Trump and his allies’ claim that, while president, he issued either a general or standing declassification order that covered these documents. If that is to be the defense on which the former president relies in the court of public opinion or in a court of law, we should understand the national security implications that would flow from such a presidential decision. It should be shocking to the American public and to jurors in a courtroom to hear such a line of defense to allegations of mishandling national defense information. That justifiable shock can come, however, only if people comprehend the grievous harms to national security from any such order.

Documents at Issue

From the FBI’s perspective, the August search was productive. The property receipt provided to one of Trump’s attorneys documented that the FBI had retrieved numerous documents including “Various classified TS/SCI documents,” “Miscellaneous Secret Documents,” “Miscellaneous Top Secret Documents,” and “Miscellaneous Confidential Documents.” “Top Secret,” “Secret,” and “Confidential” represent the three categories used to designate information as classified under the current Executive Order governing the classification of national security information the disclosure of which reasonably can be expected to cause damage to the national security. Under the criteria of that Executive Order, “Top Secret” information, if released, could cause “exceptionally grave damage” to U.S. national security. We also know that the January retrieval of documents from Mar-a-Lago included “the highest levels of classification, including Special Access Program (SAP) materials,” based on a letter the National Archives sent to Trump’s lawyers. And that trove of materials from January also included Special Intelligence, signals intelligence (including intercepts derived from authorities under the Foreign Intelligence Surveillance Act), and human clandestine sources, according to the redacted Affidavit submitted to the magistrate judge.

Background: Sources and Methods and the Classification System

Sources and methods are the assets, techniques, programs, processes and capabilities used by the Intelligence Community to collect the substantive information that is analyzed, distilled, and provided to consumers of intelligence product ranging from the president of the United States, to cabinet secretaries, to high-ranking military officers, or to a platoon leader on the battlefield. Unlike substantive intelligence which is generally discernible from the intelligence report itself, intelligence sources and methods are usually not identified in an intelligence product. Consequently, many consumers possess little understanding of, or appreciation for, the fragility of the sources and methods used to produce any particular piece of intelligence and how those valuable, and perhaps irreplaceable, sources and methods might be compromised by a sophisticated foreign adversary coming into possession of the information that Trump and his allies now claim was “declassified” by his verbal “standing order.”

As intelligence professionals know, sources and methods represent some of the Crown Jewels of U.S. intelligence activities and often involve collection programs and capabilities acquired through billions of dollars of investment and development under the highest levels of security. In many cases, those intelligence sources and methods are not only vital to U.S. national security but simultaneously are highly vulnerable to compromise or exploitation by sophisticated intelligence services of foreign adversaries. This singular combination of critical importance and unique fragility is reflected in the classification structures that have been developed, both by statute and executive order, to protect U.S. sources and methods.

Congress, for example, has enacted a statutory mandate requiring the DNI to “protect intelligence sources and methods from unauthorized disclosure” and to “establish and implement guidelines for the intelligence community” regarding “classification of information under applicable law.”

These responsibilities of the DNI are echoed in Executive Order 12333, which governs “United States Intelligence Activities” and tasks the DNI with “protecting, and ensuring programs are developed to protect, intelligence sources, methods, and activities from unauthorized disclosure,” and with establishing guidelines for Intelligence Community elements for “classification and declassification of all intelligence and intelligence-related information.” Similarly, Executive Order 13526, issued by President Obama in 2009, currently prescribes the “uniform system for classifying, safeguarding, and declassifying national security information,” and specific provisions within that Order identify “intelligence activities (including covert action), intelligence sources and methods, or cryptology” as a separately designated “classification category.”

The importance and vulnerability of intelligence sources and methods also frequently dictate that any particulars relating to a source or method and the substantive information produced using those sources or methods be protected by rigorous special handling procedures. For example, the property receipt for the Mar-a-Lago search reflects that the FBI seized “various TS/SCI documents.” The “SCI” designation refers to “Sensitive Compartmented Information” a special security designation used with information of particular import. In the same statute where Congress tasks the DNI with protecting intelligence sources and methods, Congress also directs the DNI to “establish uniform standards and procedures for the grant of access to sensitive compartmented information” while ensuring “the consistent implementation of those standards and procedures throughout” the executive branch.

The DNI has executed this congressional mandate through Intelligence Community Directive 703. That directive defines “Sensitive Compartmented Information (SCI)” as “a subset of Classified National Intelligence” concerning or derived from intelligence sources, methods or analytical processes that is required to be protected within formal access control systems established by the DNI.” This is consistent with the statutory definition of SCI found in legislation which describes SCI as “classified material concerning or derived from intelligence sources, methods, or analytical processes that requires such information to be handled within formal access control systems.”

According to IC Directive 703, the protection of SCI shall be accomplished through disciplined adherence to the proper application of a series of special handling protocols that include the requirement that “all SCI be processed, stored, used, or discussed in a Sensitive Compartmented Information Facility,” or SCIF.

The procedures and protections designed for handling SCI are not the only special handling provisions apparently violated by Trump’s actions. In a May 10, 2022 letter to one of Trump’s lawyers, the Acting Archivist noted that documents found in 15 boxes of records returned to NARA by Trump in January 2022 included more than 700 pages with classification markings “some include the highest levels of classification, including Special Access Program (SAP) materials.” “SAP materials” refers to the designation for “Special Access Programs” found in §4.3 of Executive Order 13526. These Programs are used with the most closely guarded of the nation’s secrets where “the vulnerability of, or threat to, specific information is exceptional” and the normal criteria used for determining access to information classified at the same level are not deemed sufficient to protect the information from unauthorized disclosure.

For example, if there is Top Secret information pertinent to a designated classified project but the normal criteria for protecting Top Secret information are considered inadequate to securely protect the information for this project, then a Special Access Program can be established by one of a very select group of individuals (the Secretaries of Defense, State, Homeland Security, and Energy, the Attorney General, and the Director of National Intelligence) to include more rigorous access and handling controls for the information related to that project. To further ensure security for these highly sensitive programs, SAPs are specifically intended to have access limited to a “reasonably small number of individuals commensurate with the objective of providing enhanced protection for the information involved.” A former senior intelligence official has described the network of SAPs as “its own ecosystem in the biodome of classified programs” while analogizing the purpose and effect of the access restrictions associated with SAPs in this way: “If a building contained classified information, many officials would have access to the facility. But the SAPs would be locked in a single room with only a handful of personnel provided keys — and only because they need the information to carry out their specific duties.”

Colloquially, some SAPs are often referred to as “black” programs due to their extremely sensitive subject matter, highly limited access, and virtually nonexistent public visibility. By way of example, Special Access Programs may be (1) a small part of a less-highly classified acquisition program (for example, a highly sensitive guidance system used in an otherwise unclassified aircraft program may be protected as a special access program), (2) a major weapons program initiative like “stealth” aviation technology or submarine noise reduction technology, or (3) the most sensitive of NSA’s cryptologic activities.

No one in the Intelligence Community with any level of familiarity with the access controls used with a Special Access Program would view Mara-Lago as a suitable location for storing any information related to SAP activities. That’s why Rep. Chris Stewart (R-Utah), a House Intelligence Committee member, told Politico, “I mean, if he had actual Special Access Programs — do you know how extraordinarily sensitive that is? That’s very, very sensitive. If that were actually at his residence, that would be a problem.”

The Cascading Effects That Would Result from Trump’s Claimed Declassification Order

All of the requirements associated with the handling of SCI and the operation of Special Access Programs confirm that the DNI cannot possibly protect intelligence sources and methods as mandated by both 50 U.S.C. § 3024 and Executive Order 12333 in a security environment where a president purports to declassify information orally, on spontaneous whim, without internal consultation with affected agencies or any sort of written record of his actions. Indeed, the Information Security Oversight Office, the implementing authority for Executive Order 13526, has issued an entire manual detailing the proper procedures and markings to be used in the classification (and declassification) of national security information.

Not surprisingly, then, past practice confirms that a president’s decision to declassify a given document would first be memorialized in a written memorandum, usually drafted by White House counsel, which the president would then sign. Moreover, typically, the leadership of the agency or agencies with equities in the document would be consulted and given an opportunity to provide their views on the declassification decision. As the ultimate declassification authority, the president can decide to override any objections they raise but this process ensures, at minimum, notification to the cognizant agency and some level of consultation on the declassification decision. Then, once a final decision is made, and the relevant agency receives the president’s signed memorandum, the physical document in question would be marked — the old classification level would be crossed out — and the document would then be stamped, “Declassified on “X” date” by the agency in question.

The enhanced protections mandated for SCI and Special Access Programs and their associated intelligence sources and methods accentuate the unacceptable dangers of compromise posed by an incautious, verbally issued “standing” declassification order. Declassification decisions reverberate through a vast U.S. intelligence apparatus that carefully tracks and handles information in accordance with the prescribed standards of Executive Order 13526. The coherent handling and safeguarding of the information that is the lifeblood of intelligence work, and the corresponding protection required for the sources and methods used to produce that information, are entirely dependent on community-wide confidence in the functioning of the system intended to provide that protection. In its manual for “Marking Classified National Security Information,” the Information Security Oversight Office emphasizes, for example, that “the marking of classified information shall not deviate from the prescribed formats and markings and shall be uniformly and conspicuously applied to leave no doubt about the classified status of the information, the level of protection required, and the duration of classification.”

This acknowledged need for uniform handling in accordance with detailed instructions is all the more critical for the heightened security required for information designated as SCI or associated with a Special Access Program. Any intelligence professional who has been afforded access to SCI or to a SAP will attest that the general classification standards prescribed by Executive Order 13526 are augmented by a variety of additional access and handling protocols intended to secure the secrets associated not only with the substantive program information itself but often with the sensitive intelligence sources and methods used to collect that information. The notion that SCI or information associated with a Special Access Program can be “declassified” through haphazard, ad hoc verbal instructions, even from a president, is anathema to this Intelligence Community environment and introduces unnecessary chaos that carries entirely unacceptable risks of exposure to the intelligence sources and methods that the carefully structured classification system is designed to protect.

The unique dangers posed to sources and methods often represent the most serious adverse consequence of a compromise of classified information; and at the same time such a compromise is also the impact most difficult to confirm and quantify. Picture, for example, a sophisticated adversary acquiring a document previously classified as Top Secret/Sensitive Compartmented Information (TS/SCI) but now “declassified” pursuant to Trump’s unwritten “standing” order. By careful analysis, a foreign intelligence service might deduce that the substantive information in the now “declassified” document (1) was derived from NSA’s exploitation of a complex cryptographic system previously believed by the foreign adversary to be entirely secure and used to transmit that adversary’s most sensitive communications; or, (2) was derived from a uniquely positioned human intelligence source whose access, not to mention personal safety, is now entirely jeopardized; or, (3) was derived from a novel overhead collection system with capabilities completely unknown to the foreign adversary until exposed by the content of the substantive information in the “declassified” document. In any of these examples, the adversary may initiate countermeasures designed to deny further collection or seek to parlay its new insights into efforts to use these sources and methods for its own purposes of deception or disinformation.

Critically, then, where an intelligence source or method is compromised through a foreign intelligence service’s exploitation of a thoughtlessly “declassified” document not only is the substantive information in that document neutered but the future ability to obtain similar sensitive information is often lost or seriously degraded.

Even more dangerous than a recognizable loss of collection from a previously productive intelligence source is an adversary’s successful conversion of that source into a tool of deception or disinformation. In these circumstances, a formerly reliable source, whether it be a human agent or an exploited foreign communication system, now poses a perilous and, at times, undetectable threat to U.S. security. The mere suspicion that a foreign adversary may have converted a compromised source into an active tool to spread disinformation, even when not conclusively confirmed, can precipitate a loss of confidence that compels the U.S. Intelligence Community to abandon a valuable source or method with all the considerable associated costs in terms of expense and the loss of valuable intelligence accompanying such an abandonment. We have to assume such risks are posed by the documents derived from human sources that Trump retained at Mar-a-Lago (carrying the “HCS” codeword designation) and also those documents derived from the National Security Agency’s signals intelligence activities (carrying the ”SI” and/or “FISA” codeword designations) which rely heavily on masking from any adversary the degree of success NSA may have achieved in exploiting that adversary’s communications systems. Information identified as derived from each of these codewords is identified as such in the Affidavit for the search warrant.

These costs are exacerbated where the potential compromise involves sources or methods generating SCI or associated with a SAP. The property receipt associated with the Mar-a-Lago search and the Acting Archivist’s May 10, 2022 letter confirm that the documents at Mar-a-Lago included both SCI and SAP information. An undocumented, ipso facto decision to declassify a particular document made by one with no genuine appreciation for the fragility and vulnerability of those sources and methods endangers not only the substantive intelligence content of that document but, more gravely in many scenarios, exposes the sources and methods used to collect that content to irreplaceable loss or potential co-optation by a foreign adversary for use in deception or disinformation operations. These legitimate concerns explain the intense interest that “the FBI and others in the Intelligence Community” have in reviewing the contents of the documents spirited away to Mar-a-Lago by the former president, as attested in the Acting Archivist’s May 10, 2022 letter.

Consequently, the extraordinary sensitivity of the codeword designations used in the Mar-a-Lago documents conveys the serious repercussions for intelligence sources and methods of any Trump “declassification.” By virtue of such a “declassification” action, information previously protected by special access restrictions at a level above Top Secret is now arguably subject to release in response to any Freedom of Information Act request because it no longer qualifies for exemption by virtue of having been “declassified” since Trump carried it to the White House residence one evening. The introduction of this sort of chaos undermines the integrity of the classification system which, in turn, diminishes the confidence that intelligence professionals must possess in that system’s ability to securely protect their handling of the nation’s most sensitive secrets. Imagine, for example, the adverse impact on a covert operative who now carries a gnawing distrust that his secret identity is no longer entirely secure within a classification system where the ultimate classification authority may have little or no appreciation for the potential harms associated with “declassification” because he has neither the interest nor the energy to ensure that that classification system operates in the manner needed to protect those individuals who have put their lives at risk in service to the United States. Notably some of these disastrous effects result from Trump and his allies’ suggesting publicly that there was such a declassification order, even if there was not (and there most likely was not) one.


The Mar-a-Lago search warrant represents only one chapter in an evolving drama. Whatever else lies ahead in this story, however, it is irrefutably true that the dangers associated with the possible compromise of those U.S. intelligence sources and methods used to collect the information contained in the documents haphazardly stored at Mar-a-Lago and used by the former president in presently unknown ways poses an immediate and ongoing threat to U.S. national security with potentially serious and disquietingly unknowable consequences.

George W. Croner (@GeorgeCroner) is former principal litigation counsel at the National Security Agency. He is a Senior Fellow at the Foreign Policy Research Institute, and a member of the Advisory Council at the Center for Ethics and the Rule of Law (CERL) at the University of Pennsylvania.


The opinions expressed in this post are those of the authors and do not necessarily represent CERL’s official views.

Mailing List

Submissions

Submissions to The Rule of Law Post. Please refer to CERL’s submission guidelines for additional details on the blog post format. Should your submission be accepted, we ask that you please complete the Agreement to Transfer Copyright.

Please upload text in one document under 6 mb. Preferred format as a simple text file (.txt).

Share A Damage Assessment of Trump’s “Declassification Defense” on:

LinkedIn
Twitter
Facebook
Reddit
Email
Print
A Damage Assessment of Trump’s “Declassification Defense”