The controversy over Hillary Clinton's use of a private email account while she was secretary of state has centered on whether she used it to send or receive classified messages. This focus obscures the larger question of whether Clinton's setup affected the State Department's compliance with the Freedom of Information Act and legal requirements for federal agencies to retain records, as well as other questions about agencies' information-management practices.
The following statements may not be the facts that some believe them to be:
- Information can be "classified," even if no one has classified it.
Many news reports and commentators have suggested that "information is classified by [its] nature" (as Sean Davis writes in the Federalist), even if no agency or official has classified it yet. These accounts treat "classified" as a quality rather than an action--one that is self-evident. If information is sensitive enough, it's classified, no matter what.
When it comes to "original classification"--the initial decision to classify information--that portrayal is wrong. Under the executive order that governs classification, the 2,000-plus officials who have this authority "may" classify information if its disclosure reasonably could be expected to damage national security. The determination of harm is often highly subjective, and even if an official decides that disclosure would be harmful, he or she is not required to classify.
Information provided by foreign governments in confidence is different. The executive order cautions that the release of such information is "presumed" to harm national security; agency rules provide that such information "must be classified." There is a difference, however, between "must be classified" and "is classified." After all, when an official receives information, its source and the circumstances of its disclosure may not be apparent.
An official who transmits that information without classifying it has violated agency rules. But the recipient now possesses information that someone else should have classified, not classified information. Classifying the information, then sending it through unclassified channels to a private email account, also would be impermissible. Emails released by the State Department show that some of Clinton's correspondents dealt with this by asking to set up conversations over secure telephone lines.
- It's easy to figure out whether information has been classified.
There is a common refrain that Clinton "should have known" there was classified information in e-mails she got, even if it wasn't marked.
The classification rules treat this myth as if it were true. Once information has been classified by an authorized official, anyone who retransmits it must mark it as classified, even if it was not marked when received. This is called "derivative classification" and it can be performed by any of the 4.5 million individuals who are eligible to access classified information. They rely on "classification guides"--a kind of index of original classification decisions, mostly kept on secure websites--to determine what information has been classified and therefore must be marked.
Derivative classification is intended to be a straightforward task. But the system breaks down in practice. The categories of information listed in guides are sometimes so broad or vague that they leave officials to guess whether any given piece of information has been classified.
- Anything classified is sensitive.
Many discussions of Clinton's email assume that all classified information deserves to be classified and that every leak of classified information is dangerous.
In fact, the classification system is marked by discretion (intended) on the front end and uncertainty (unintended) on the back end. This lack of clear boundaries opens the door to a huge amount of unnecessary classification.
It is easier and safer for busy officials to classify by rote rather than to pause for thought. Classification is a way for officials to enhance their status or protect agencies' turf. It can hide embarrassing facts or evidence of misconduct. There are no countervailing disincentives as classification decisions normally go unreviewed and agencies do not punish over-classifying. The result is massive over-classification. Current and former government officials have estimated that 50 to 90 percent of classified documents could safely be released.
One need look no further than Clinton's own emails for evidence of this problem. In February 2010, Clinton's top foreign policy adviser emailed that he was unable to send her a statement by former British prime minister Tony Blair because someone had entered it into the State Department's classified system "for reasons that elude me." Clinton responded incredulously: "It's a public statement!" Yet her adviser was unable to access it, let alone send it to an unsecured email address.
- Any mishandling of classified information is illegal.
Some 2016 presidential candidates have not hesitated to label the mishandling of classified information as criminal, with former Arkansas governor Mike Huckabee calling Clinton's actions "beyond outrageously illegal."
In fact, in a nod to the complexities of handling classified information, the law criminalizes only violations that are "knowing," "negligent" or the like. The law falls short, however, in failing to give express protection to knowing releases of classified information by whistleblowers. The Obama administration has used the Espionage Act--a statute meant for spies and traitors--to prosecute federal employees who revealed waste, fraud and abuse. Judges allowed these cases to go forward even though none of the defendants harmed or intended to harm national security.
The lack of protection for whistleblowers allows the government to graft its own "intent" requirement onto the law through selective prosecution. Those who seek to reveal government misconduct are prosecuted. Those who don't are not (or, in the unusual case of Gen. David Petraeus, are given a deal to avoid jail time).
This double standard should be eliminated, not by prosecuting every slip, but by focusing on actions that are intended and likely to harm national security, and by protecting disclosures that serve the public interest by revealing wrongdoing.
- Our classification system protects us from harm.
This myth flows naturally from the assumptions that all classified information is automatically and self-evidently sensitive and that any release of classified information would compromise national security.
Actually, it is our bloated classification system that puts our security at risk. Some classification is unquestionably necessary to keep the nation safe, but over-classification not only stifles public discussion and debate, it also discourages people from following the rules. Officials who routinely encounter innocuous information marked "top secret" lose respect for the system. They are more likely to handle information carelessly or even engage in unauthorized disclosures. The danger is that the baby could get thrown out with the bathwater: A casual approach to classified information jeopardizes the real secrets buried within the excess.
Over-classification also creates practical barriers to compliance. The procedures for storing, accessing and transmitting classified information are burdensome. That's a feature, not a bug: These logistical barriers not only prevent unauthorized access but also aim to keep the bar for classifying information appropriately high. But when onerous security measures must be followed to transact even the most routine official business, the burden can become untenable.
These problems could be solved. Meaningful limits could be placed on officials' discretion to classify, and an internal oversight system could be established to ensure that officials do not overstep these lines. Declassification could be made automatic after a reasonable time, rather than allowing agencies to create a bottleneck by conducting lengthy reviews. Shrinking the pool of secrets would make it easier to ensure that classified information is properly marked and protected, which would enhance national security and relieve the burden on busy officials. Otherwise, over-classification is sure to continue.
Elizabeth Goitein is co-director of the liberty and national security program at the Brennan Center for Justice at New York University School of Law.
Editorial on 09/27/2015