SEMINAR FOR UNAUTHORIZED DISCLOSURE INVESTIGATORS
Document Type:
Collection:
Document Number (FOIA) /ESDN (CREST):
CIA-RDP91-00561R000100140029-5
Release Decision:
RIPPUB
Original Classification:
C
Document Page Count:
9
Document Creation Date:
December 22, 2016
Document Release Date:
February 8, 2012
Sequence Number:
29
Case Number:
Publication Date:
July 15, 1987
Content Type:
REPORT
File:
Attachment | Size |
---|---|
![]() | 460.68 KB |
Body:
Declassified in Part -Sanitized Copy Approved for Release 2012/02/08: CIA-RDP91-00561 R000100140029-5
UDAC 87-123
Seminar for Unauthorized Disclosure Investigators
T5 July 198
Twenty-five Federal investigators, analysts, and supervisors concerned
with the investigation of unauthorized disclosures of classified intelligence
information met at the CIA Headquarters Building on 15 July 1987 to discuss
the conduct of such investigations and how the process might be improved. The
seminar was sponsored by the Unauthorized Disclosure Analysis Center (UDAC) of
the Intelligence Community Staff.
The Chief, UDAC, who served as moderator for the seminar, opened with a
discussion of the UDAC's functions vis a vis leak investigations:
Extensive media review to detect potential unauthorized disclosures of
classified intelligence information relating to sources and methods,
including analytical processes, conclusions, finished intelligence
reports and other aspects of the intelligence process.
Authentication procedures to determine that the apparent disclosure is a
first-time public revelation of classified intelligence, including, where
possible, identification of reports, briefings or documents on which the
disclosure might be based.
Notification of the DCI, CIA's General Counsel, and other departments or
agencies whose interests might be affected; requesting notification of
the Department of Justice that an unauthorized disclosure has occurred;
determination of whether to request investigation by the FBI; and efforts
to ensure that all intelligence leaks are reported to the Department of
Justice to establish a "track record" demonstrating that intelligence
leaks occur frequently and, apparently, uncontrollably.
reference librarian assigned to the UDAC, briefed the
seminar on the use of commercial databases as a valuable tool in the
authentication, investigation and analysis of unauthorized disclosures. She
described the capabilities of the public systems currently available,
especially those relating to science and technology information of the type
commonly disclosed without authorization. She noted that the systems of
particular value to unauthorized disclosure investigations are current to
within 24-to-48 hours.
Declassified in Part -Sanitized Copy Approved for Release 2012/02/08: CIA-RDP91-00561 R000100140029-5
Declassified in Part -Sanitized Copy Approved for Release 2012/02/08: CIA-RDP91-00561 R000100140029-5
chief of information services for the UDAC, explained the
selection and preparation of data for inclusion in the Register of
Unauthorized Disclosures of Intelligence (RUDI). He discussed the form used
to record and transmit data to the computer and stressed the importance of
both accuracy and completeness. Information from RUDI, he said, is used to
prepare reports and analyses for use by senior managers in understanding the
leak problem, for developing possible leads to investigation of unauthorized
disclosures, and to promote efforts to stop classified leaks.
provided statistics on reports of disclosures and investigations sent to the
UDAC by Intelligence Community agencies and services. He reported the
database currently has information on 518 compromises in recent years,
including items covered in the June 1984 DCI Security Committee Survey of
Unauthorized Disclosures of Classified Intelligence FY 1979-FY 1983, an
approximately that have occurred since October 1983, the closing date of
that study. described a second database of "non-leaks," which
records published articles that appear to be first-time leaks of classified
intelligence, but which are determined to have been published previously,
unclassified, or otherwise not qualified for inclusion in the leak database.
Recording the authentication process resulting in the determination, he said,
can eliminate redundant future efforts involving similar published
information. The automated system has been announced in the Federal Register
and specialized searches of the system can be done for investigators to
support their efforts in specific cases.
consultant to the UDAC, provided technical information
on the hardware and software used by the UDAC in maintaining the Register
(RUDI) and in producing the UDAC's reports.
The moderator briefed the participants on the UDAC Unauthorized
Disclosure Summary, a limited dissemination publication for the purpose of
keeping senior officials aware of the nature and scope of the unauthorized
disclosure problem. He advised that all disclosures and investigations
reported to the UDAC during the October 1983-December 1986 period had been
submitted to the originating agencies for validation, amendment or additions,
where appropriate. The revalidated material will be used by the UDAC in an
update of the 1984 leak study.
In the open discussion that followed, one participant noted that a
problem for leak investigators is the lack of feedback on the outcome of
cases. Some leaks may be investigated by several agencies, but the individual
investigators ordinarily do not learn the outcome of the case, what
investigative techniques worked well and what did not, etc. There was general
agreement that this is a significant problem that diminishes the effectiveness
and raises the cost of leak investigations. One attendee suggested a
centralized database in which information on leak investigations would be
indexed and made available to leak investigations throughout the Community.
Subsequent discussion raised the issues of privacy and third-agency
restrictions, but there was support for exploring the possibility of making
more data available to investigators.
2
CONFIDENTIAL
STAT
25X1
25X1
25X1
Declassified in Part -Sanitized Copy Approved for Release 2012/02/08: CIA-RDP91-00561 R000100140029-5
PA-ICTInr-ITT AI
Declassified in Part -Sanitized Copy Approved for Release 2012/02/08: CIA-RDP91-00561 R000100140029-5
Dr. Robert M. Gates, Deputy Director of Central Intelligence, addressed
the seminar, saying there has been "too much fingerpointing on leaks" when
there is "plenty of blame to go around." He suggested that the Executive
Branch probably is responsible for most leaks, despite repeated charges that
the Congress is leak-prone. It appears that most leaks come from senior
officials, he said, but it is difficult to determine whether the discloser's
action is malicious, inadvertent, a high-level policy ploy, or has another
purpose. He also expressed a tendency to agree with the perception that the
higher-up the offender the less likely it is that the leaker will be
penalized.
Among the senior people who leak, Dr. Gates said, many apparently don't
even recognize that they are leaking. He noted that in his experience, those
suspected of leaking often do not realize the danger or the costs of their
actions. "We must educate them to the consequences of disclosures of
intelligence," he said.
The DDCI believes some things can be done about the leak problem. One is
to investigate vigorously to identify those who leak and take action against
them. Another is to increase the degree of cooperation among agencies charged
with investigating such disclosures. It is necessary, he said, to recognize
what is important and what is not, i.e., setting priorities in allocating
investigative resources. Similarly, recognition of the elements that reflect
the potential for fruitful investigation is also im ortant e.g. how many
people had access to the information.
Dr. Gates emphasized to the attendees that despite the popular perception
that senior level leakers get away with it and junior level leakers are
punished, "As far as Director Webster and I are concerned, if you
investigators make a strong case, we are prepared to take these issues to the
highest levels of th vernment, without regard to the rank of the
offender."
After a break, the moderator reviewed some familiar problems associated
with leak investigations, including the broad dissemination of classified
data, the consensual nature of the act of leaking, investigative policy
constraints, the time criticality of leak investigations, etc. A general
discussion, led by a panel of four attendees, attempted to explore problems,
techniques, and the infrequent successes in investigating unauthorized
disclosures of classified intelligence. One echoed Dr. Gates's remarks about
high-level disclosers and the difficulty of determining whether the
disclosures are officially authorized, partially sanctioned, or totally
unauthorized. He noted that the attitude in the Executive Branch toward leaks
is lax, and pointed to the disclosures that followed the Berlin disco
bombing. He expressed the belief that there is now greater professionalism in
leak investigations and more probability of success, particularly in taking
administrative action against leakers, but "it takes its toll, it wears
investigators down."
3
CONFIDENTIAL
Declassified in Part -Sanitized Copy Approved for Release 2012/02/08: CIA-RDP91-00561 R000100140029-5
Declassified in Part -Sanitized Copy Approved for Release 2012/02/08: CIA-RDP91-00561 R000100140029-5
The discussion included thoughts on how leak investigators might improve
their techniques, especially through the use of an indirect approach. It was
generally agreed that direct, confrontational interviews of suspects were not
likely to yield good results. In one case, several suspects denied knowing
the reporter who published the leak under investigation. One of them was
determined, through a review of visitor logs, to have sponsored visits by the
reporter to his building. Confronted with evidence of his effort to deceive
investigators, the suspect chose to resign rather than have the investigation
continue. Later, an associate of the suspect, while undergoing a routine
polygraph examination for assignment to a sensitive agency, admitted he had
been present when the suspect ha lassified information to a
journalist on another occasion.
One experienced investigator expressed concern about acceptance of the
attribution used by reporters in publishing classified information. For
example, he cited the deception in which a reporter draws a correct conclusion
and attributes the story to a notional source. He recalled a case in which a
reporter attributed an unauthorized disclosure to "White House sources" in
order to protect the Congressional committee staffer who was his actual
source. The moderator noted that although attribution may be inaccurate or
deliberately misleading, it is the only consistent measurable offering any
insight at all into sourcing. The moderator wondered how often it has been
determined that media people have used deceptive sourcing in their stories.
Another participant noted that CIA and NSA have the heaviest case loads
of unauthorized disclosure investigations. He stressed that this does not
indicate that more leaks emanate from CIA and NSA, but that more information
originating from or affecting these agencies is leaked. He pointed out the
heavy demands for manpower these leaks entail and the extensive coordination
they require, as well as the high costs of changing or replacing collection
systems to remedy the impact of unauthorized disclosures involving sensitive
sources and methods.
All of those in attendance lamented the scarcity of human resources
devoted to the investigation of leaks. It was pointed out that the FBI does
not have enough investigators to develop the kind of information that can be
produced by preliminary internal investigations conducted by individual
elements of the Intelligence Community. It was noted that the FBI's sole
function in this field is to develop prosecutable cases. Another participant
reminded the meeting that it can be productive for the individual agencies to
continue internal investigations even after FBI assistance has been
requested. The moderator noted that NSDD 84 provided that the FBI could
investigate leaks even in cases whe ative action, rather than
prosecution, was likely to result.
4
CONFIDENTIAL
Declassified in Part -Sanitized Copy Approved for Release 2012/02/08: CIA-RDP91-00561 R000100140029-5
Declassified in Part - Sanitized Copy Approved for Release 2012/02/08: CIA-RDP91-00561 R000100140029-5
It was explained that in order to bring a leak case to prosecution, the
leaker must be identified and there must be evidence the leaker had reason to
believe the disclosure would harm the United States or assist a foreign
nation. This involves a Catch-22 for the investigator. If he obtains an
admission of complicity, it is difficult to secure an admission of intent.
Or, if the suspect acknowledges the disclosure is harmful, it is unlikely that
he will admit to the act that he described as damaging to the national
security. In the event it is impossible to obtain an admission that the
suspect was aware of damage to the national security, it may be possible to
secure such evidence from a second party or indirectly, through a previous
acknowledgment by the suspect that such disclosures are damaging.
There was extensive discussion of the need to answer the "11 questions"
asked by the Department of Justice (DOJ) in unauthorized disclosure cases. It
was suggested that time can be saved by answering the questions, including
whether the disclosed information can be declassified to permit its use in
court during prosecution. It was noted that DOJ does not ordinarily initiate
cases which do not lead to prosecution, although in some cases a fallback
position may be taken when prosecution proves impossible or impractical which
permits the offender's parent organization to take administrative action. In
cases going to prosecution, the importance of "jury appeal" was stressed,
citing the Morison Case as one in which certain facts, e.g., that the
defendant was being paid for information by a foreign publication, probably
influenced the jury.
One participant, discussing special inquiries into possible leaks, spoke
of the need for a systematic approach. It is most important to find the best
qualified geographical or technical specialists, for example, to provide
validation and damage estimates. Such specialists are most likely to be aware
of any officially-approved "backgrounders," a vital consideration in
determining how to proceed with an investigation. Within his agency, the
attendee said, a systematic validation process helps to eliminate those cases
in which the leaked information originated with another agency, or was
misrepresented by the media as classified when it was not, or where a source
document cannot be located or a cited classified briefing cannot be verified,
or, as is often the case, the leaked intelligence was so widely disseminated
that investigation would be impractical. The speaker stressed the importance
g strong cases and not gaining the reputation of "crying wolf."
In response to a question, a participant advised that interviews of
reporters to elicit information concerning the source of an unauthorized
disclosure are rarely done because of policy considerations and because
reporters will not answer the question anyway. In one of the rare exceptions,
the participant recalled, the reporter's editor-in-chief became incensed and
contacted the head of the investigator',s aaencv to demand that such inquiries
be handled "at the director's level."
5
CONFIDENTIAL
Declassified in Part - Sanitized Copy Approved for Release 2012/02/08: CIA-RDP91-00561 R000100140029-5
Declassified in Part -Sanitized Copy Approved for Release 2012/02/08: CIA-RDP91-00561 R000100140029-5
The previously-established focal point system for Community agencies to
report intelligence leaks was raised. A straw vote determined that none of
the attendees knew the identity of the current (or last extant) focal point
for his or her agency. It appears that when the initial focal points
transferred or retired, a replacement was not appointed or if one was
annointpd- he designation was not communicated to those who needed to know.
Various efforts by members of congress or executive branch agencies to
seek legislation specifically outlawing unauthorized disclosures of classified
information were reviewed; these include HR 1082, Title IV, "Federal Employee
Unauthorized Disclosures of Classified Information Act," introduced by
Rep. Bob Stump in 1985; and HR 271, Sec. 509, "Unauthorized Disclosure of
Classified Information" introduced by Rep. Charles E. Bennett in 1985; and
various CIA efforts to draft anti-leak legislative proposals. It was pointed
out that none of these has reached the floor of either house. The suggestion
was made that a Director of Central Intelligence Directive on unauthorized
disclosures be issued, but it was agreed that without legisla f, such
a DCID probably would not have much impact on the situation.
One attendee expressed the opinion that the possibility of prosecution
may be stronger under the Uniform Code of Military Justice than in civilian
courts. Cases rejected by the DOJ might be prosecutable under the UCMJ if the
suspect is subiert to it
Some of the baser aspects of leaker motivation, as established through
investigation, included leaks designed to assist companies in which the
leakers held stock and those calculated to gain favor with a company in which
the leaker had prospects of employment after retiring from the government.
The practical advantages of "graymail" legislation in assisting
prosecution of leak cases were discussed. The Classified Information
Procedures Act is primarily helpful in cases where the court will accept a
redacted copy of the compromised document, with the classified information
deleted and replaced with a non-sensitive description of what was removed. If
the court declines to permit deletion of sensitive material, the government
has two choices: reveal the secrets in open court or drop the prosecution.
6
CONFIDENTIAL
25X1
LOA-1
Declassified in Part -Sanitized Copy Approved for Release 2012/02/08: CIA-RDP91-00561 R000100140029-5
Declassified in Part -Sanitized Copy Approved for Release 2012/02/08: CIA-RDP91-00561 R000100140029-5
In summary, the group agreed that there is a need to enforce need-to-know
over wide dissemination; to support the educational efforts advocated by the
DDCI; to stimulate activism against the continued use of classified
information to further policy objectives; and to recognize and beware of the
skills of the media in eliciting classified data. In light of current
attitudes and policies. the "best shot" is to seek administrative action
against leakers.
The seminar extended 30 minutes beyond its scheduled termination because
of active discussion. It developed a consensus that it is important to share
ideas and techniques, even if they must be expressed in hypothetical terms to
protect sensitive information, to help all leak investigators benefit from the
experience of others. There was considerable sentiment for another seminar
soon, with more time allocated to sharing experiences and problem-solving
exercises, preferably a two-day off-site meeting.
7
CONFIDENTIAL
Declassified in Part -Sanitized Copy Approved for Release 2012/02/08: CIA-RDP91-00561 R000100140029-5
Declassified in Part -Sanitized Copy Approved for Release 2012/02/08: CIA-RDP91-00561 R000100140029-5
Declassified in Part -Sanitized Copy Approved for Release 2012/02/08: CIA-RDP91-00561 R000100140029-5
Declassified in Part -Sanitized Copy Approved for Release 2012/02/08: CIA-RDP91-00561 R000100140029-5
SUBJECT: Notes on 15 July 1987 Leak Investigator Seminar
Distribution: UDAC 87-123-wJa-
1-D/ICS; DD/ICS
1-D/CCISCMO
1- /OCA
-1=D/PAO
1-OGC
1-DOJ
1-FBI
1-OACSI
1-STATE
1-NIC
1-DIA
1-CIA
1-AFIS/INS
1-NSA/M5
1-UDAC Chrono
1-UDAC Subj
1-C/AP/UDAC
1-ICS/R
UDAC/ICS 107/29/87)
Declassified in Part -Sanitized Copy Approved for Release 2012/02/08: CIA-RDP91-00561 R000100140029-5