Intelligence Information: Need-To-Know Vs. Need-To-Share – Analysis
At the heart of the intelligence effort lies a paradox. Intelligence is valuable only if it can be shared with consumers who need it, but, to the extent that it is more widely shared, risks of compromise are enhanced. The necessary goal is to find the best balance between adequate sharing and effective information security. The current Director of National Intelligence (DNI), James R. Clapper, has referred to the need to find the “sweet spot” between sharing and protecting information.1
On a daily basis, professional intelligence officers attempt to find the “sweet spot.” Compromising secrecy can result in the loss of a source but restricting dissemination of information too narrowly may mean that it does not reach those who need it. The basic approach taken by the U.S. Government has been focused on establishing “need-to-know.” Sensitive information is made available only to those persons with appropriate clearances and a “need-to- know” that information for the performance of their duties. The complex systems for handling classified information, especially intelligence information, require careful background investigations of persons with access to classified information, approval by their agencies, and determinations that specific individuals or offices need to use specific classified information.
The contemporary U.S. Intelligence Community with its sixteen agencies is very large. The Defense Intelligence Agency (DIA) alone is said to have over 16,000 employees and the National Security Agency (NSA), the Central Intelligence Agency (CIA), the National Reconnaissance Office (NRO), and the National Geospatial-Intelligence Agency (NGA) also employ thousands of individuals and contractors. Thousands more work for the intelligence organizations of the four military services.
In many agencies an organizational culture has evolved over time that encourages a deep commitment to the agency’s mission and emphasizes support to a limited number of clients. The CIA and the State Department’s Bureau of Intelligence and Research (INR) focus on cabinet officials and the National Security Council (NSC) staff. Agencies in the Department of Defense (DOD) naturally focus on supporting the work of the Pentagon and the operating forces, especially those engaged in combat. In addition to the challenges involved in keeping information secure, organizational cultures and close ties to specific consumers have, however, the potential to discourage sharing information with other agencies. Some observers of bureaucratic practice have perceived a tendency for agencies to restrict dissemination of information that might provide leverage in the decisionmaking process.
In the aftermath of the 9/11 attacks in 2001, a consensus emerged that information sharing, especially between intelligence offices and law enforcement officials had been deficient and had contributed to the failure to detect the plot in advance. The U.S. Intelligence Community, now concentrating on the counterterrorism mission, moved to ensure that information with any potential relevance was shared with counterterrorism analysts throughout the Federal Government. (To a much greater extent than in other areas of intelligence concern, couterterrorism requires that bits of information from widely disparate sources be pieced together in a coherent pattern.)
The consensus in supporting intelligence information sharing persists. At the confirmation hearing for General Clapper as DNI in July 2010, Senator Dianne Feinstein, the Chairman of the Senate Select Committee on Intelligence (SSCI), advised the nominee that “Every day of every week, month by month, the DNI must assure coordination between intelligence agencies to eliminate duplication and improve information sharing.”2 In April 2011, President Barack Obama explained his nomination of General David Petraeus to serve as Director of the Central Intelligence Agency: “he understands that staying a step ahead of nimble adversaries requires sharing and coordinating intelligence.”3
Better information sharing throughout the Federal Government and especially among the agencies of the Intelligence Community has become a priority for both the Executive Branch and Congress. In the aftermath of 9/11, major legislation included significant provisions to encourage and, in some cases, mandate greater sharing of information and these provisions have been implemented by both the Bush and Obama Administrations.
Changes Undertaken In Response To 9/11
Investigations of the September 11, 2001 attacks by the two congressional intelligence committees and the 9/11 Commission (the National Commission on Terrorist Attacks Upon the United States) concluded that a central obstacle to acquiring advance information on the plot was the inability to bring together all information that had been acquired about the plotters—there were many clues but they were retained in the files of different agencies. To some extent, information was not shared because of bureaucratic inertia, but in others efforts by determined analysts were quashed by officials determined to ensure that the “wall” between law enforcement and intelligence entities was not breached.4
Historically, the Federal Government has taken two complementary approaches to this paradox— intelligence information is provided only to those who have appropriate clearances, i.e., they have had background investigations and been judged to be loyal, trustworthy, and capable of safeguarding classified information.5 Having a clearance is not, of course, sufficient to gain access to sensitive information; there must also be a “need-to-know,” i.e. the individual must have a work-related requirement for access to the information not just generalized curiosity. In theory everyone obtaining access to a given piece of classified information has (a) a clearance indicating that he or she is loyal and trustworthy and (b) a need for the information to perform his or her professional responsibilities. In actuality, of course, as with any human system, there can be mistakes. The number of genuine “secret agents,” foreign agents who have been successfully deceptive during their background investigations are very few but not non-existent. Much more numerous are individuals who can be bribed or who become disenchanted with their supervisors, or with a current U.S. policy, and proceed to illegally provide classified information to foreign governments or organizations. Also very damaging are individuals (or whole organizations) that become careless in handling classified information.
Even as information sharing was being made a statutory imperative, it was widely understood that any effort to share more information among intelligence agencies increased the risks of information being stolen or compromised. Various types of technical approaches were identified to maintain the security of shared information. Considerable attention to these approaches was reflected in the 2003 report of the Markle Foundation’s Task Force on National Security in the Information Age which has had an important influence on approaches to information sharing issues. The Task Force maintained that
There are no smart cards or tokens that cannot be cracked, biometrics are not 100 percent reliable, and high-quality passwords are difficult to remember, manage, and enforce. With all of these technologies there are also people and process issues (such as enrollment procedures and audit trails) that can undermine their integrity. Therefore, a multifactored system is a preferable approach. Multifactor authentication typically combines a password with a token or smart cart and can include other forms of authentication including biometrics, challenge codes and questions, and profile access matching. Authentication is strongest when a part of the information resides with the user, a part with the token or smart card, and a part in the network. Credit card companies, good users of multifactor authentication, rely on tokens (credit cards), passwords (PIN), challenge questions (“What’s your mother’s maiden name?), and profile matching (“Is this a typical charge for this individual?”).6
Counterterrorism requires wide varieties of disparate types of information, e.g. visa applications, flight manifests, ties to hostile organizations, conversations with known terrorists, efforts to obtain restricted materials, etc. In counterterrorism and other intelligence missions the intelligence analyst may be involved in piecing together stray bits of information. This greatly complicates establishing need-to-know standards. The WMD Commission argued:
If rigidly applied, the ‘need-to-know rule is incompatible with a networked environment. In a networked environment, providers of information cannot know for sure when a user ‘needs’ a particular piece of information. Instead . . . users of this service must be given access to all information broadly available on the network within the clearance levels of the individual user, and consistent with applicable privacy and civil liberties guidelines.7
As the Bush Administration’s 2007 National Strategy for Information Sharing stated:
Information acquired for one purpose, or under one set of authorities, might provide unique insights when combined, in accordance with applicable law, with seemingly unrelated information from other sources, and therefore we must foster a culture of awareness in which people at all levels of government remain cognizant of the functions and needs of others and use knowledge and information from all sources to support counterterrorism efforts.8
A particular complication of using information sharing to support counterterrorism efforts is the difficulty in maintaining separate procedures for handling information regarding U.S. persons.9 Many types of information including phone or email traffic may involve U.S. persons even if the particular target is a foreign national. Congress and the executive branch continue to address these and related issues in regard to provisions of the Foreign Intelligence Surveillance Act (FISA) and related legislation.10
Information sharing has proven to be essential for the counterterrorism mission and it is likely to be vital in other areas such as cybersecurity and in counterintelligence efforts aimed at preventing foreign exploitation of sensitive U.S. defense technologies. Other missions, such as gathering intelligence on the military plans and capabilities of foreign countries, may require less information from law enforcement agencies.
A major result of the 9/11 investigations was the USA Patriot Act (P.L. 107-56) and other legislation that removed most of the “wall.” Subsequently, the Justice Department modified the Federal Rules of Criminal Procedure to permit release of information relating to counterintelligence or foreign intelligence from grand jury investigations to other government agencies with strict protections against misuse.11
Further, the DNI shall:
The National Counterterrorism Center (NCTC) was also established within the Office of the DNI with specific statutory authorities providing access to all information relevant to terrorist plots.13 NCTC analysts make use of data from all intelligence and law enforcement agencies as part of its counterterrorism responsibilities.
In addition, the Bush Administration published Executive Order 13388 on October 25, 2005 that mandated sharing of terrorist information and established an Information Sharing Council chaired by the Information Sharing Environment Program Manager and composed of representatives from major agencies with counterterrorism responsibilities. In October 2007 a National Strategy for Information Sharing described and provided guidance on information sharing at the Federal, state, local and tribal levels and with the private sector and foreign partners.14
The Information Sharing Environment
The President was also directed by the Intelligence Reform and Terrorism Prevention Act to establish an Information Sharing Environment (ISE) to facilitate the sharing of information relating to terrorism among all Federal agencies and state, local and tribal entities.15 The ISE, with a very small staff, is not focused solely on intelligence agencies, but works to establish consistent policy guidelines and technologies across five major communities—defense, intelligence, homeland security, foreign affairs, and law enforcement.16 It also reaches out to other agencies in the Federal Government and to state, local and tribal entities that are concerned with security issues.
As ISE Program Manager, Mr. Paul does not control information sharing among agencies but rather his office issues “government-wide procedures, guidelines, instructions, and functional standards, as appropriate, for the management, development, and proper operation of the ISE.”19
Separate from the ISE is the Intelligence Community Information Sharing Executive (IC ISE) whose responsibilities extend only to intelligence agencies. Under the direction of the DNI, the IC ISE prepares plans for encouraging information sharing among intelligence agencies and monitors their implementation with periodic progress reports to the DNI. In March 2011 testimony the IC ISE, Corin R. Stone, described the three-pronged IC ISE strategy for maintaining the security of information within the context of information sharing:
- The first is ACCESS: ensuring that the right people can discover and access the networks and information they need to perform their duties, but not to information that they do not need. This is a complex matter that is centered on the principle of determining “Need to Know.”
- The second element is TECHNICAL PROTECTION: technically limiting the ability to misappropriate, manipulate, or transfer data, especially in large quantities, such as by disabling or prohibiting the use of removable media on classified networks, including thumb drives and CDs.
- The third area is AUDITING and MONITORING: taking actions to give the IC day-to-day confidence that the information access granted to our personnel is being properly used. This involves monitoring and auditing use activity on classified computer systems to identify anomalous activity, and following up accordingly.20
Congressional backing for information sharing within the Intelligence Community appears solid. In addition to the comments by Senator Feinstein noted above, Representative Mike Rogers, the Chairman of the House Permanent Select Committee on Intelligence (HPSCI), has been a strong proponent of integrating information across the Community.22 Support for sharing has not just been verbal; section 402 of the Intelligence Authorization Act for FY2010, P.L. 111-259, enacted October 7, 2010 provided the DNI authority to transfer funds to non–intelligence agencies that maintain systems to store and disseminate intelligence information.
At the same time there are efforts to better protect the security of shared information. In March 2011, DNI James Clapper signed Intelligence Community Directive 502, Integrated Defense of the Intelligence Community Information Environment. This directive mandates the development and implementation of an Intelligence Community-wide approach to defending the intelligence information environment. A concept of operations is to be developed and issued later in 2011 and will establish standards for all intelligence agencies.
The FY2011 Intelligence Authorization bill, H.R. 754, that has been passed by both chambers, includes a provision (section 402) that mandates an effective automated insider threat detection program to be established by October 2013. The report accompanying the Senate version of the bill (S. 719) does not provide details of the program but the use of the term “automated” suggests capabilities to ensure that data is not downloaded or transmitted without authorization, and that a record of transmissions be maintained.23
Limitations And Risks Of Information Sharing
Intelligence sharing has contributed to a number of significant successes. Often mentioned is the arrest of Najibullah Zazi before he could successfully detonate explosives in the New York City subway in 2009 along with a number of other plots planned to occur in the U.S. and against U.S. interests abroad. Most recently, the successful attack on Osama Bin Laden in May 2011 has been officially credited to cooperation among the CIA, NSA, and NGA in particular.24
However, despite the best efforts—and significant successes—of the Intelligence Community in recent years in identifying terrorist plots and providing solid intelligence to policymaking agencies and to military forces fighting in two wars, several important cases suggest that significant impediments to information sharing have persisted. On the other hand, sharing of information led to unauthorized disclosures on the Internet and in the media that have reportedly jeopardized intelligence sources and undermined U.S. diplomacy.
Detroit Bomb Attempt
One significant lapse was the so-called Christmas bombing of December 2009 in which a Nigerian man, Umar Farouk Abdulmutallab, attempted to detonate an explosive on a plane approaching Detroit. The attempt failed because of action by passengers and crew but many questioned why the individual had been allowed to board the aircraft. Concerns grew when it was revealed that the bomber’s father had actually warned U.S. embassy officers in Nigeria that his son may have become radicalized. A report by the Senate intelligence committee concluded that there were various failures to sharing information.
“The inconsistencies in distributing key intelligence reports may have contributed to the failure of the Intelligence Community to identify Abdulmutallab as a potential threat. While there was no intent to limit access to the reports, processes failed to disseminate relevant intelligence to all offices and individuals with a need to know.”25 In particular, reporting was not disseminated to all appropriate CIA elements, some reporting was not disseminated until after the attempted attack, some FBI counterterrorism analysts could not access all relevant reports, and analysts at the National Counterterrorism Center did not connect “key intelligence reporting with the other relevant reporting.”26 President Obama described it as “a failure to connect the dots of intelligence that existed across our intelligence community and which, together, could have revealed that Abdulmutallab was planning an attack.”27 In additional views to the Senate Report, Senators Saxby Chambliss and Richard Burr targeted technological issues:
. . .technology across the Intelligence Community still is not adequate to provide search enhancing tools for analysts. Several of the intelligence analysts involved in the Abdulmutallab case said that they were unable to link together the various reports on Abdulmutallab due to the struggle to balance searching the large volume of terrorism-related intelligence available with their daily workloads. The large number of intelligence databases compounded this problem by forcing some analysts and collectors to search multiple databases. NCTC officials told Committee staff that NCTC does not have the technical ability to follow or process all leads. Rather, NCTC is dependent on its personnel to conduct complex searches in multiple intelligence databases and to rely on the memory and knowledge of those analysts to link intelligence. CIA has similar problems with its main all- source counterterrorism database. This remains a problem today.28
Fort Hood Shooting
In another incident, Army Major Nidal Hasan, was accused of shooting some 45 servicemembers at Ft. Hood, Texas on November 5, 2009, of whom 12 died in addition to one civilian. An investigation by the Senate Homeland Security and Governmental Affairs Committee concluded. that information about his contacts with foreign terrorists had not been appropriately shared. The committee report found that:
the FBI and DOD failed to recognize and to link the information they possessed even though they had advantages with respect to Hasan as compared to other lone wolves: (1) Hasan was a military officer who lived under a regimented system with strict officership and security standards, and (2) the government had learned of communications from Hasan to the subject of an unrelated FBI terrorism investigation [REDACTED].29
Senators Lieberman and Collins further underscored the reason for information sharing: “As has been proven time and again in the intelligence context, information that may not appear troubling to one analyst may complete the puzzle for another analyst who has a different perspective or access to other information.”30
Their report criticized in particular the role of the FBI’s Joint Terrorism Task Forces (JTTFs) for failing to ensure that analysts could access all available information. It was unclear to the Committee if officials “detailed” to JTTFs from agencies outside of the FBI were serving as representatives of their home agencies or as part of the JTTF analytical team. The committee noted a tendency not to share FBI information with the detailees. “As revealed in the Hasan case and reinforced by other evidence, detailees to JTTFs have often lacked adequate access to databases and training but paradoxically are relied upon to lead JTTF investigations.”31 Further, the FBI itself had problems with finding relevant information.
The report points out that the FBI could not easily link Hasan’s initial communications with the Suspected Terrorist to his later communications, and the failure to do so was a factor in the government not intervening against Hasan before the attack, and the FBI should have identified and remedied its inability to link his communications together prior to the attack.32
Wikileaks
In addition to other factors, the Detroit bomb attempt and the Fort Hood shooting resulted from failures to share available information, to analyze disparate pieces of intelligence, and provide notice to responsible officials in a timely manner. On the other hand, the WikiLeaks disclosures that began in 2010, have drawn considerable attention to the risks that widespread information sharing entails. One U.S. soldier in Iraq was reportedly able to download many thousands of State Department cables and transfer them to unauthorized recipients who published them on the Internet and in a number of newspapers.33
Most of the messages disseminated to the media were not from intelligence agencies and damage to U.S. intelligence efforts has not been publicly addressed.34 According to congressional testimony by DOD officials in March 2011, forward deployed units had access to a network (the Secret internet Protocol Router Network (SIPRNet)) that has between 400,000 and 500,000 DOD users. As DOD officials testified, “The expanded use of computer networks has also increased the opportunity for even a single authorized user to access, copy, manipulate, download, and intentionally publicize enormous amounts of information from the interconnected databases of interconnected agencies.”35 State Department representatives at the hearing indicated that the practice of making diplomatic cables available on SIPRNet has ended.
The WikiLeaks incident reflects a number of concerns that affect intelligence information sharing. First, there are inevitably communications personnel and message handlers who are in a position to do serious damage. Secondly, widespread use of computer databases increases the number of individuals with access as well as the number of documents that are accessible. Furthermore, intelligence officials have to be aware that once information is made available to bloggers or journalists, with a number of exceptions, there are very few legal restraints on their ability to make it public on the Internet or in the media.36
In the wake of WikiLeaks and other disclosures of classified information some observers may call into question the advisability of greater and more routine information sharing among intelligence agencies. Indeed, as Representative Rogers, the HPSCI Chairman, has commented: “Need-to- know is an important provision when you are trying to do some operation to keep us safer. But need-to-share got us into trouble with WikiLeaks and with other leaks.”37 Mass leaks of documents that reveal the names of U.S. contacts in foreign countries and foreign governments, including their intelligence services could result in severe repercussions and even death for individuals who have attempted to assist the U.S. Observers also believe that public revelations about U.S. successes in monitoring foreign communications channels would lead to their discontinuance. There is, some observers suggest, a reasonable likelihood that greater restrictions on dissemination of sensitive intelligence lowers the chances for leaks and compromises.
Conclusion
There are a number of technical approaches to reducing opportunities for unauthorized sharing of information. Computers can be configured to prevent downloading of large document files. Computers can also be programmed to make any downloads identifiable by date, time and individual. According to media accounts some of these features have been available on government systems but were not activated. Congress may choose to determine if these reports are accurate and if changes currently being planned by the Intelligence Community have been instituted. In calling for legislation to address the dangers of unauthorized information sharing, HPSCI Chairman Rogers emphasized the need for “smart access,” which is “an identity-based information security management system that improves our ability to detect and deter the few bad actors, and not unnecessarily punish responsible actors by denying them access to the sensitive information they need to get their work done.”38
Congress may wish to review the Information Sharing Environment to ensure that there are proper boundaries to intelligence information sharing and that appropriate metrics are established to assist in determining what information must be limited to a very narrow set of consumers. As noted above, however, it may be very difficult, given the requirements of counterterrorism, to know in advance what information a counterterrorism analyst will “need to know.” Although these analysts will need to be able to draw on a multiplicity of databases, observers suggest that there are ways to categorize information according to especially sensitive programs and all agree that not every analyst needs to be able to see every piece of information.39 An oft-cited concern is the tendency to over-classify documents which adds to administrative burdens and undermines respect for the classification process.
It is possible to limit dissemination of especially sensitive information, whether it is sensitive because of the nature of its contents or because it was acquired from an especially sensitive source. It is also possible to prevent the downloading and reproduction of large masses of information. It is possible to trace the identities of those who had access to particular pieces of information. Ultimately, however, security depends on the loyalty of cleared officials at all levels. A clerk with the right access can unlawfully transfer highly sensitive information as readily or more readily than a senior official. Some highly sensitive information—the identity of an agent or the fact that a code has been broken—can be found in a short document or even memorized for verbal transmission.
Those responsible for information security must of course be aware of the extent of the interest in acquiring classified U.S. information. Foreign countries (including friendly ones or even allies) may not turn down opportunities to gain insight into U.S. policymaking or military capabilities. Various anti-American organizations worldwide eagerly seek information that can damage or embarrass the U.S. Government. Major media outlets, not all of which are in foreign countries,40 consider themselves free to publish classified information regardless of possible damage to U.S. persons, interests, or foreign supporters. There is, in short, an active market for classified information held by U.S. intelligence agencies with thousands of officials having some access. Personnel security is a crucial part of the problem. Despite procedural and technical approaches taken to limit misuse of classified information, disloyal or careless officials can be the source of leaks.
For the U.S. Intelligence Community, the policy decision of whether the emphasis should be on “need-to-know” or the “need-to-share” can be viewed as a false choice. Information must always be shared with those with a genuine need to know even if this potential universe is a large one. At the same time, Congress may wish to ensure that clearance procedures are thorough as well as expeditious. More rigorous analyses of instances in which cleared personnel have transferred or sold classified information may lead to improved procedures for maintaining security. There may well be more technological approaches that will make it possible to establish greater accountability for the use of classified intelligence information.
Intelligence efforts are never risk-free. Acquiring information is often hazardous; analysis efforts can be wrong and result in mission failure and the loss of life. Good analysis can be delayed or not provided to the right consumer in a timely manner resulting in expensive wasted efforts. Congressional oversight of intelligence activities can improve executive branch performance and provide encouragement to intelligence officials to prevent compromises of sensitive materials. Ultimately, however, a degree of risk seems inevitable.
Government officials must also accept the enduring reality of a media culture that is prepared to publish official secrets and considers such disclosure a patriotic contribution to democratic discourse. That individual civil servants or servicemembers can be very harshly punished for their role in releasing information while editors and reporters are honored and celebrated seems to some as paradoxical. Ultimately the security of information, as is the case with the security of the nation, depends on those who willingly uphold the oaths that they have taken.