Authored by John Ratcliffe via RealClear Wire,
Classified information is a mainstay in the news these days and rarely for positive reasons. On the one hand, classified documents seem to be leaking at an unprecedented rate, often revealing not only sensitive national security information but also government impropriety. While in office, I saw this firsthand in Crossfire Hurricane, the bogus counterintelligence investigation into non-existent links between President Trump and Russia. Much of that information should never have been classified and was only tightly controlled to obscure government wrongdoing. On the other hand, overclassification of information that does not meet appropriate classification thresholds is an epidemic inside the national security apparatus. As a result, it is estimated that some 50 million documents are classified each year across the federal government.
Overclassification—or unreasonable resistance to declassification—is sometimes a result of the desire to conceal embarrassing or inappropriate actions, but it’s more often done out of convenience, laziness or good old-fashioned CYA. After all, I’m not aware of any government employee getting in trouble for classifying something that didn’t really need to be classified, but there are serious ramifications for not classifying something that should be.
In part because the executive branch has been so slow to address this issue, a bipartisan group of lawmakers in Congress has filed bills to address over-classification and declassification issues. Perhaps they are hoping to force the White House to take action, but any President should be wary of the legislative branch encroaching on their Constitutional authority to classify and control access to national security information.
However, if we are going to tackle the pervasive overclassification problem, we must also ensure that the government has a reasonable process for handling “controlled unclassified information” (CUI)—information that is not classified but is nonetheless not widely shared by the U.S. government. This is the gray area between highly sensitive national security information and widely available or non-sensitive information that’s suitable for public disclosure.
In a 2020 memo to the President’s National Security Advisor, I laid out how the current system came into effect:
For decades, agencies often employed ad hoc, agency-specific policies, procedures, and markings to handle unclassified information that requires safeguarding or dissemination controls. This patchwork approach apparently resulted in agencies’ marking and handling information inconsistently, implementing allegedly unclear or unnecessarily restrictive dissemination policies, and creating potential obstacles to information sharing.”
This dynamic led to the Obama Administration in 2010 to issue an Executive order (EO 13556) retiring many of the various, inconsistent unclassified dissemination control markings used for this “gray area” information and replacing them all with a single marking: CUI.
This simplified approach sounded like a good idea at the time. But like many other well-intentioned government policies, it broke down in its implementation.
In spite of the mandate to simplify the unclassified markings system, the National Archives and Records Administration’s Information Security Oversight Office (ISOO) expanded the potential new marking system to include, as I wrote in my memo to the National Security Advisor, “over 124 categories in 20 groupings, with 60 Specified and 60+ Basic categories.”
As a result, the new system is so complex and cumbersome that it has still not been fully implemented 13 years later. And it’s not only because it would be a complicated mess; it would also cost a fortune, requiring an estimated $1 billion or more to implement just in the Intelligence Community alone. What critical mission areas, I wonder, will be cut to build this new bureaucratic regime? Perhaps we’ll stop collecting intelligence on some of our hard targets or adversarial nations and divert that money to fund this latest iteration of government gone wild.
Critics called my memo a “bureaucratic bombshell” in 2020, but it is nothing compared to the bureaucratic nuclear bomb of the new CUI methodology that is already wreaking havoc and driving exasperation across the government, particularly within the national security community.
There is no question that the current marking system for both classified information and CUI has gotten way too complicated. We spend an inordinate amount of money and an outrageous amount of time training people on it—with mixed results. But it makes no sense to spend billions to create new problems rather than fix the existing ones. We need simplification. Unfortunately, the result of President Obama’s 2010 Executive order has been the exact opposite of that. And now we are just days away from a deadline, set by the Biden White House, to either revise or replace the Executive Orders dealing with both classified national security information and controlled unclassified information.
No proponent of good government could justify spending good money and wasting more time attempting to implement a clearly broken system. As a former member of Congress, I can tell you that is why some of my savvy former colleagues on the House Permanent Select Committee on Intelligence (HPSCI) are already considering not authorizing funds for the Intelligence Community to implement the unwieldy CUI program come September when the next budget bill arrives. They know we need reform, from cracking down on overclassification to streamlining the handling of CUI. And pushing forward with the current plan doesn’t deliver either.
John Ratcliffe served as the 6th U.S. Director of National Intelligence from 2020-2021. A Republican, he represented Texas’ Fourth Congressional District in the United States House of Representatives from 2015-2020.