Published by The Lawfare Institute
in Cooperation With
The ongoing legal battle over former National Security Adviser John Bolton’s book is in large part a fight over classification. The Department of Justice argues that Bolton published classified information in his memoir, “The Room Where It Happened.” Bolton alleges that a career official at the National Security Council had approved his book for publication after several rounds of edits in prepublication review before political appointees reversed her judgment. On June 20, Judge Royce Lamberth denied the government’s motion to block release of the book but determined that “Bolton likely published classified materials”—and could face the loss of his book royalties as a result.
The Bolton debacle provides an opportunity to explain how the classification system—a system that affects some 4 million Americans—really functions: what law governs classification, what kinds of information may be classified, who decides what’s classified and how classification is enforced.
1. What law governs classified information?
Classification law exists in statutes, executive orders and agency regulations. The Supreme Court in United States v. Nixon acknowledged in dicta, and Justice Department policy has asserted, that some national security information is also entitled to be withheld from disclosure as subject to executive privilege under Article II of the Constitution.
Various statutes define “classified information” for particular statutory purposes. Congress has only occasionally stepped into classification policy in specific areas, including criminalizing disclosures of classified information under the Espionage Act, or regulating the disclosure of certain intelligence personnel under the Intelligence Identities Protection Act. At least since President Franklin Roosevelt issued Executive Order 8381 in 1940, classification law has been defined primarily by a series of about 20 successive executive orders. (Indeed, the 1995 Intelligence Authorization Act codifiedwhat by that year was a half-century-old practice of presidents’ defining the procedures for controlling national security information.) Executive Order 13526, the most recent executive order on classification, was issued by President Obama on Dec. 29, 2009, and revoked prior classification orders.
Intelligence agencies and other executive branch departments establish regulations that create department-specific policies on classification. For example, Intelligence Community Directive 703 provides guidance on the dissemination of “sensitive compartmented information” (SCI), a subset of classified information “concerning or derived from intelligence sources, methods or analytical processes.” Other agency regulations specifically implement the terms of Executive Order 13526 for that department’s needs. For instance, the State Department’s Foreign Affairs Manual section on classification provides extensive internal guidance on the handling of “foreign government information,” or information provided to the U.S. by foreign governments. Agency regulations also commonly designate internal policy governing which officials may classify or declassify information.
2. How is information classified?
Executive Order 13526 specifies that information can be classified through two procedures. First, when information has not been classified before, it may be originally classified if it is related to a topic amenable to classification; the information’s release would, at a minimum, pose a danger to national security; and a government official with original classification authority—that is, the power to say that a piece of information is classified on first review—designates the information as such. Second, information may be derivatively classified if it uses otherwise classified information.
Information can be classified in the first instance only if it pertains to at least one of seven topics defined by the executive order:
(b) foreign government information [i.e., information received from foreign governments, with an expectation of confidentiality];
(c) intelligence activities (including covert action), intelligence sources or methods, or cryptology;
(d) foreign relations or foreign activities of the United States, including confidential sources;
(e) scientific, technological, or economic matters relating to the national security;
(f) United States Government programs for safeguarding nuclear materials or facilities;
(g) vulnerabilities or capabilities of systems, installations, infrastructures, projects, plans, or protection services relating to the national security; or
(h) the development, production, or use of weapons of mass destruction.
Within those topics, the government may classify information under one of three levels based on its sensitivity:
(1) ‘‘Top Secret’’ shall be applied to information, the unauthorized disclosure of which reasonably could be expected to cause exceptionally grave damage to the national security that the original classification authority is able to identify or describe.
(2) ‘‘Secret’’ shall be applied to information, the unauthorized disclosure of which reasonably could be expected to cause serious damage to the national security that the original classification authority is able to identify or describe.
(3) ‘‘Confidential’’ shall be applied to information, the unauthorized disclosure of which reasonably could be expected to cause damage to the national security that the original classification authority is able to identify or describe. (Emphasis added.)
The order also allows the departments of State, Defense, Energy, Homeland Security and Justice, along with the Office of the Director of National Intelligence, to designate “special access programs,” subsets of classified information that are more tightly controlled. The most commonly known special access program is that governing access to information derived from or otherwise related to intelligence sources and methods, which the director of national intelligence controls and has designated as SCI under Intelligence Community Directive 703. The SCI system helps the intelligence community manage access to particular categories of information among people with access to the appropriate level of classification. So a person with a “top secret” security clearance will ordinarily have access only to a subset of “compartments” within the classification level. (The intelligence community uses the same background-check process—the Single Scope Background Investigation—to authorize employees or contractors to receive both top secret information and SCI, but despite the common designation of holding a “top secret/SCI” clearance, the two categories are distinct.)
The executive order also explicitly prohibits certain inappropriate uses of the classification power. The government may not classify information to “conceal violations of law, inefficiency, or administrative error;” “prevent embarrassment to a person, organization, or agency;” “restrain competition;” or otherwise “prevent or delay the release of information that does not require protection in the interest of the national security.” In other words, a reasonable belief that disclosure of information would at least damage national security interests is the only valid reason to classify information.
Within those parameters, the executive branch tends to earn deference from courts on its classification judgments. Under the U.S. Court of Appeals for the D.C. Circuit’s ruling in McGehee v. Casey, in cases challenging classification decisions the government must show with “reasonable specificity … a logical connection” (emphasis added) between the classified information and the reason for classification. While McGehee admonished courts to “satisfy themselves from the record, in camera or otherwise, that the [government] in fact had good reason to classify … the materials at issue” and should not presume regularity without verifying the justification, it then retreated, saying judges “cannot second-guess CIA judgments on matters in which the judiciary lacks the requisite expertise.” Despite carving out room for judicial review, McGehee left ample discretion to the intelligence community in classification judgments. That deference is evident in subsequent applications of McGehee’s standard.
3. Who decides whether information is classified?
Executive Order 13526 also specifies who may designate information as originally classified. The order specifies that the president, the vice president, “agency heads and officials,” and officials to whom those officials formally delegate such authority are original classification authorities, sometimes called OCAs. OCAs have authority to classify information up to a specific level: Some officials have the authority to designate information at the top secret level, like the CIA director or the attorney general, while others, like the commerce secretary, may only designate information as secret. OCAs may typically only classify information within their area of responsibility. Additionally, OCAs may delegate their authority to subordinates, often extensively, with some limits based on the level of classification.
When intelligence products use information that is already classified, those products may be derivatively classified. Derivative classification does not need to be approved by an OCA, but agencies must issue guidelines for derivative classification by their employees. Further procedural details on derivative classification can be found in Part II of Executive Order 13526 and implementing agency regulations.
4. When does information become classified?
Just because there’s a valid reason to classify information does not automatically mean it is classified. Classification requires an affirmative decision. While much of the sensitive information the government acquires is classified as soon as it comes into the government’s possession, some information may not be formally designated as classified until the agency that controls it receives a request, usually from Congress, to share it. One common example is foreign government information, which may not have been classified by the originating government but should nevertheless be classified because public knowledge of the fact that the material has been shared could itself damage national security. Agencies often have specific procedures, sometimes requiring involvement at more senior levels of the department, for classifying information after it has received an outside request for it.
5. Who can access classified information?
Access to classified information is controlled through the security clearance system, which is coordinated by national security agencies through a branch of the National Archives called the Information Security Oversight Office. The system dates back to the Truman administration, but the modern system, governed by executive order, requires three criteria for a person to gain a security clearance: approval by the head of an authorized agency (usually through the infamously slow, erratic, and widely disclaimed as “broken” security clearance background-check process); a signed classified information nondisclosure agreement; and a need to know the information. Security clearances correspond to the level of information—confidential, secret or top secret—that a person is allowed to have.
6. How does the government enforce the classification system?
The government enforces the classification system through classified information nondisclosure agreements and through several criminal statutes, whose application depends on the type of information, the recipient and other circumstances.
An array of statutes prohibit the unauthorized handling or disclosure of classified information, aimed at least in part at deterring leaks by government officials. The Intelligence Identities Protection Act, famously at issue in the leak investigation of former CIA officer Valerie Plame’s identity to New York Times columnist Robert Novak, prohibits those with access to the identities of covert government officers from disclosing that information.
The 1917 Espionage Act also prohibits disclosure of national defense information or classified information. Codified at 18 U.S.C. § 798, it prohibits knowingly disclosing “to an unauthorized person,” publishing, or “us[ing] in any manner prejudicial to the safety or interest of the United States or for the benefit of any foreign government to the detriment of the United States” a variety of classified information. Prosecutors have used the statute to charge government employees who gave classified information to the media, including Edward Snowden and Pentagon Papers whistleblower Daniel Ellsberg. A separate provision of the Espionage Act, 18 U.S.C. § 793, prohibits, among other things, gathering information regarding “national defense” without authorization or delivering it to people not approved to have it. Several counts in Chelsea Manning’s court-martial charge sheet incorporated this provision, and the Justice Department used it to charge Snowden and Julian Assange. Leaks intended to benefit foreign governments may be prosecuted under 18 U.S.C. § 794, often used to charge government employees who give classified information to adversaries. (Steve Vladeck has an informative book chapter on the history of prosecutions under the Espionage Act.)
Other statutes make leaking a crime, too. Leaks of diplomatic correspondence may be charged under 18 U.S.C. § 952. And unlawfully retaining classified information, even without disclosing it, may be charged under 18 U.S.C. § 1924.
The classified information nondisclosure agreements, such as Standard Form 312, is also a common tool in enforcing security clearances. Prosecutors often cite the contract, which lists the criminal provisions that create liability for unauthorized disclosures, as evidence of an alleged leaker’s criminal intent. But in addition to reminding employees of possible tools for criminal liability, the contract creates independent tools for deterring unauthorized disclosure and enforcing the classification system. First, Clause 5 “assign[s] to the United States Government all royalties, remunerations, and emoluments that have resulted, will result or may result from any disclosure, publication, or revelation of classified information not consistent with the terms of this Agreement.” The government used the analogous provision in the National Security Agency’s classified information nondisclosure agreement, for example, to win a court orderseizing the proceeds from Edward Snowden’s 2019 memoir.
Agency-specific nondisclosure agreements typically impose specific requirements for former clearance holders to submit any writing possibly containing classified information to the agency for review. (The Supreme Court enforced penalties for failing to comply with prepublication requirements in Snepp v. United States, but the modern system is the subject of a challenge by the ACLU and Knight Institute currently on appeal in the U.S. Court of Appeals for the Fourth Circuit.) Finally, nondisclosure agreements (and other agency policies) typically prohibit those who unlawfully disclose classified information from holding security clearances in the future. Though perhaps not intended to deter intentional disclosures, such provisions may be a considerable deterrent against reckless or negligent handling of classified information for those making a career in national security.
7. How does all this affect Bolton?
The government’s lawsuit alleges that Bolton published classified information in his book, especially information about the president’s conversations with foreign government leaders, and that he failed to comply with his contractual prepublication requirements. Bolton’s opposition brief, by comparison, argues that he submitted his manuscript to review, that National Security Council senior director Ellen Knight orally approved his manuscript for publication after edits in April, and that the National Security Council subsequently refused to formally clear the book for publication and later asserted that it still contained classified information. Though Judge Lamberth declined to issue an injunction against publishing the book last weekend, his order suggests that the government is likely to succeed on its assertion that Bolton did, in fact, publish information that is classified and that he is in breach of his nondisclosure agreement by failing to comply with the government’s prepublication review, however arduous.
With Lamberth suggesting that the law may not be on Bolton’s side, his defense seems to increasingly depend on what he can prove about the facts of the National Security Council’s classification and review process. The deferential standard of review for classification judgments makes that an uphill battle. What comes next may depend, as Jack Goldsmith and Marty Lederman suggested last week regarding the injunction, on whether at the merits stage Lamberth sees the Bolton case as adequately unusual to probe the basis and intent behind the government’s classification decisions.