REVIEW OF THE PROCEDURES AND STANDARDS WITHIN THE INTELLIGENCE COMMUNITY FOR THE CONTROL OF SANITIZATION AND DOWNGRADING OF SENSITIVE INTELLIGENCE

25X1 Approve Fpr Releake YbO9rCZ%Of 7ZIA-RDP92BJ90RO02500030128-7 Copy # # I4O of ( copies IBSEC-PR /4 6 September 1963 MEMORANDUM FOR: Members of the United States Intelligence Board Review of the Procedures and Standards Within the Intelligence Community for the Control of Sanitization and Downgrading of Sensitive Intel- ligence Background and Discussion of Problem 1. The current study was presented to the Security Committee USIB expressed its concern as to the effectiveness of sanitization and downgrading procedures and directed that the Security Committee should review the procedures within the intelligence community for the control of sanitization and downgrading of sensitive intelligence. Since it was felt that this problem invblves other community systems for the protec- tion of sensitive intelligence, the review was extended and specifically 25X1 includes COMINT, T, K-HI systems of compartmentation. Coordination was effected as appropriate with the SIGINT, COMOR and GMAIC Committees. 25X1 2. The COMINT, T, K-H systems of compartrnenta- tion vary as to delegated responsibilities and as to procedures followed. Group 1 Vr.W Excluded from automatic Approved For Release 2007/02/08: CIA-RDP9 AO Rd?2#0Q03O128-7 S-E-C-R-E-T declassification  N Approved pr Releasc'2ff0702 b8~cTA-RDP92BQ,yfl90R002500030128-7 Under DCID 6/3, the basic authority for the handling of COMINT, in- cluding sanitization and downgrading, is the responsibility of each agency. Consequently, the procedures for sanitization and downgrading among the departments and agencies vary. These variances will be discussed in detail later below. Procedures for the control and use of T and K-H information are promulgated by COMOR and are uniforml1y implemented throughout the community. COMOR exercises centralized control in many instances. 3. A basic factor in considering compartmented intelligence is that systems of compartmentation protect extremely sensitive intelligence sources and methods which are critical to the national security posture of the United States. In many instances, such systems produce the only intelligence concerning large areas of the Soviet and satellite countries which are highly controlled and inaccessible for intelligence exploitation. The collection capabilities are many and include practically all fields of intelligence. The Committee compiled certain figures set forth in an attachment to this report which are illustrative of the volume of material involved. Highly complex and unique collection facilities and techniques inbeing or planned for future use are involved which require considerable funds to develop and maintain. These must be afforded continuous and absolute protection. This extreme concern is reflected in Presidential Directives which set forth stringent requirements to ensure the protection of such sources and methods. Systems of com- partmentation, therefore, involve two vital considerations and require- ments,. one being maximum source protection and the other being optimum intelligence exploitation of the information collected. It is recognized that in usual circumstances, the exploitation of information may take precedence over the former; however, this is the exception and a decision to so act must be weighed against the risks upon the continued security and pro- ductivity of the sources and methods involved. -2- Approved For Release 2007/02/08 : CIA-RDP92 01090R002500030128-7 S-E-C--R-E-T 25X1  Approver Re1eesC2dDM 6T CIA-RDP92 90R002500030128-7 determined by need-to-know and classification. A security assessment of sanitization procedures would be measured against this basic premise. However, before an assessment can be made of the systems of compart- mentation under review, certain factors should be considered. The methods of collection in the COMINT, T and K-H systems are so highly technical that each method is unique. Certain source data, for example data re- lating to the monitoring of Soviet missiles, rockets and satellites, in- volves necessary technical compilations and as a result is self-revealing of the methods of collection. In some instances, this revealing data may not be readily identifiable as such when material is processed for sanitiza- tion. In many instances, this data is an inherent and integral part of the substantive intelligence and cannot be deleted without affecting the essence of the substantive information. Of particular concern, these unique collec- tion devices are continually collecting vast quantities of intelligence which are beyond the capabilities of normal nontechnical intelligence methods and sources of collection. Further, this vast information includes coverage of broad denied areas within the Soviet Union and elsewhere about which little, if any, intelligence is received from normal intelligence collection facilities. In this regard, the sanitization of COMINT, T and K-H material involves knowledge and understanding of the highly technical factors em- ployed in the original collection process for this material. These highly technical factors make it difficult to devise effective and plausible cover stories that can be carried forward with the sanitized materials. Further, such sources are "impersonal" and do not enjoy the high degree of personal concern and understanding employed in the protection of "live sources." In addition, there appears to be a definite limitation on the number of plausible cover explanations or attributions available, including the attribution of live sources, that can be utilized for the sanitization of COMINT, T and K-H materials. Aggravating the problem is the fact that sources and methods utilized in COMINT, T and K-H systems have been openly identified or alluded to in the press. In certain instances, this re- sulted from official Government action. Recognizing these basic factors, the problem is further aggravated when it is considered that the tremendous volume of COMINT, T and K-H information disseminated is continually subject to sanitization by the USIB member agencies to meet specific individual requirements. In many instances, this action can be taken unilaterally. 25X1 Approved For ReleasSeAQZ-/Q Q.I qA-RDP  25X1 Approved For Release 2007/02/08 : CIA-RDP92BO109OR002500030128-7 Approved For Release 2007/02/08 : CIA-RDP92BO109OR002500030128-7  25X1 Approve~Fpr Relea?e IfJ t0 -'CIA-RDP92BQ O90R002500030128-7 25X1 T and K-H information which were not originally intended or contemplated. The Security Committee recognizes that the problems of sanitization of T and K-H information are matters, for the COMOR Committee to resolve. However, a detailed and extensive review of T and K-H sanitization pro- cedures is considered necessary. Particular emphasis should be given to targetting uses and requirements. Communications Intelligence 7. The procedures for sanitization of COMINT in DCID 6/3 are in vague terminology, permitting the utilization of COMINT in intelligence studies and estimates "provided that the statements contained in them are so generalized that they cannot be traced to their COMINT origin. " This vague language has resulted in varying procedures within the community. The Committee has found that in certain agencies there are focal points established to authorize and record sanitizations; however, in other agencies there have been complete delegations. and centralized control no longer exists. It is difficult to determine what information has been sani- tized in such agencies since central records are not maintained. The Committee also found that markings as set forth in DCID 1/7 are not utilized on sanitized material nor does such material bear any restrictive controls limiting its dissemination and use to the purpose originally intended. It is submitted that in recognition of those factors previously mentioned in paragraph 4. above, which preclude absolute source protection in every instance, that certain minimal procedures should be established and uniformly implemented within the community. The Committee considers that extensive data relative to source collection should wherever possible not be included in sanitized material. If such data is considered an integral part of the substantive data and must be disseminated, the material should be appropriately marked to ensure it is not given broad dissemination. If sanitized material is to be given broad dissemination, it should be reviewed carefully to ensure absolute source protection rather than reliance upon the mechanical application of prescribed sanitization procedures. 8. In considering the inherent security problems regarding source protection, the Security Committee suggests that the SIGINT Committee consider the possibility of separating highly technical and revealing COMINT source and method data into a separate report apart from the substantive information derived from such collection. The separation of source data into a separate report would be the responsibility of NSA, the originating -5- Approved For Release 2007/02/08 :.CIA-RDP9 S-E-C-R-E-T  Approved For ReleftiE~~-t/42/4b,.TCIA-RDP92BQ090RO02500030128-7 25X1 agency, and not the responsibility of receiving agencies since the latter would result in numerous and varying reports on the same information. The Security Committee has found that for the most part, recipients of intelligence reports such as the CIB, and the DIA Summary, both within and outside the intelligence community, are concerned primarily with the substantive information involved and not with the technical manner of col- lection. To assist in ensuring source protection, it is felt that such recipients should be denied highly technical and revealing COMINT source and method techniques unless it is clearly shown that a strict need-to-know exists for such data. The separate report which includes technical and revealing COMINT source data would be disseminated only to those analysts who have need for the information. The Committee is aware that a similar proposal was proposed by NSA in recent years (USIB-C-13.5/70 of 12 April 1962) but was not concurred in by the Board. It is felt, however, that since serious unauthorized disclosures involving highly sensitive COMINT sources and methods of collection have continued to occur it would be an opportune time for the proposal for the separation of source data to be reconsidered by the Board. It is recognized that any such proposal would have to ensure that all intelligence personnel requiring source data are furnished such information. The responsibility, therefore, for the dis- semination of separate reports containing source data would be placed upon an appropriate component within each receiving :agency to which both the substantive publications and the separate source data publications would be disseminated. special controls. 9. Since the beginning of this inquiry, the Committee has found that some of the difficulties result from confusing and often overlapping defini- tions. The word "downgrading" under Executive Order 10501 describes the simple act of lowering the level of classification on an item of classified information. In the context of Executive Order 10501, it has no connotation of inducing or reducing handling procedures or controls. However, down- grading is defined in the 19 February 1962 Talent Sanitization Manual as follows: "Downgrading: The release of Talent controlled materials and in- formation from the Talent Control System in their original form and substance at a lower classification and with Talent Control System identifica- tion removed. t? By this definition the emphasis is switched from lowering the classification to taking the item out of a system of special handling and -6- Approved For Release 2007/02/08: CIA-RD S-E-C-R-E-T 25X1  Approve~For Reled a -ODl /U8 TCIA-RDP92 90R002500030128-7 The Com- mittee also has found, as previously indicated above for the T and K-H. systems, that the term "sanitization" is being used to describe certain prescribed procedures of editing which, however, do not absolutely conceal sources and methods. The Committee strongly affirms that the word "sanitization" should be applied strictly to describe only those pro- cedures which absolutely ensure source concealment. To ensure uniform understanding and effective security, particularly in those instances wherein information from more than one system of compartmentation is included in one document, consideration should be given to the adoption of uniform definitions within the intelligence community. 10. The COMOR Committee review its current sanitization pro- cedures, particularly for targetting uses, and assess the concealment of sources and methods. For this review, the following suggestions are offered: a. Sanitization procedures effected by COMOR should produce and carry forward adequate cover stories. b. Consideration should be given to the preparation of targetting and similar publications to be controlled within the T and K-H systems and disseminated only to appropriately cleared personnel. c. If it is determined that current procedures of editing for including T and K-H information in targetting9 mapping and similar publications do not conceal T and K-H sources, but that in order to meet vital targetting or other requirements the publications cannot be re- stricted within the T and K-H systems, then the Security Committee would recommend the following: (1) The dissemination and use of targetting and similar publications containing T and K-H informa- tion be severely limited to those having a predetermined -7- Approved For Relea a 220Q /p2/ IA-RD 92B0l090R002500030128-7  Approver Release 2Lp040/0:_YA-RDP92BU490R002500030128-7 need-to-know by virtue of involvement in or support of target destruction missions. (2) Targetting and similar publications should be prepared and disseminated to those persons having an established need-to-know and concern with given geographical areas and not be prepared and dis- seminated on a world-wide basis to all recipients. .(3) T and K-H information should not be automatically included in targetting and similar publications but rather should be included only to meet specific requirements concerning a previously identified strike target. (4) The risks to sources and methods involved in preparing targetting, mapping and similar publica- tions should be carefully assessed at the highest levels and reviewed periodically. (5) It should be clearly recognized that the edited T and K-H information currently included in targetting, mapping and similar publications is not sanitized and this should be clearly stated in appropriate COMOR manuals. 11. The SIGINT Committee consider the issuance of certain mini- mum uniform procedures for the sanitization of communications intel- ligence and control of sanitized material. The following are suggested: a. The SIGINT Committee consider for the Board the possibility of separating highly technical source data into a separate report apart from the substantive infor- mation derived from such collection. The separation of such data would be the responsibility of NSA and each agency would receive both the substantive publications and separate source data publications. b. Extensive facts and figures relating to source data should not be included in the sanitized material. -8- Approved For Release 2007/02/08: CIA-RDP9 S-E-CAR-E-T  Approved For Release 2007/02/08 : CIA-RDP92B01090R002500030128-7 S-E-C-R-E-T =. If such data, of absolute necessity, must be included, the material should bear the marking "CONTROLLED DISSEM" which will confine the document to the intel- ligence community and enhance source protection. c. If sanitization is for a specific use and not intended for broad dissemination, then an appropriate caveat or control should be placed upon the sanitized material to ensure that it is disseminated and used only for that intended purpose. d. Material which is sanitized for broad dissemina- tion and use based upon classification and need-to-know alone should be closely reviewed to ensure that sanitiza- tion procedures followed absolutely ensure source pro- tection. e. Focal points should be established within each department and agency to authorize and record the sanitization and downgrading of COMINT. Information recorded would include the name of the requester, the purpose of the sanitization or downgrading; the document in which the sanitized material is to be included; and a copy of the sanitization. 12. The following definitions be uniformly adopted by the intel- ligence community and utilized in appropriate sanitization and similar manuals. The effective concealment in classified material of intelligence sources and methods through editing, attribution, altering and other techniques. The removal of material from a system of compart- mentation for sensitive intelligence. Approved For Release gn'LQ/. _ jg1LRDP94B01090R002500030128-7  Approved r Releat% boar/D OF.:- CIA-RDP92B( OR002500030128-7 DOWNGRADING: The change of existing classification to a lower level of classification. DEC LASS IFICATION: The complete removal of classification. (This includes removal from a system of control). Attachment: Figures approximating the flow of Special Intelligence, T and K-H information within the intelligence community Approved For Relea'e /DF/Df'-~IA-RD*2B01090R002500030128-7