[ExI] Security clearances

John Tracy Cunningham johntc at gmail.com
Thu May 12 08:23:57 UTC 2016


I was a commissioned officer in the United States Air Force, later a
defense contractor, and spent about 35 years with security clearances.  I
offer the following as background information, from a US perspective.

The first question is, is there information (or objects) that need to be
protected from disclosure to potential enemies, because of the damage that
an enemy might be able to do in peace or war?  For example, I worked for
years on the plans that NATO would have used had the Warsaw Pact ever come
across the inter-German border.  There were many aspects of these plans
that were classified, as people thought that the Pact knowing would be bad
for NATO.

There are Security Classification Guides that describe what is or is not to
be classified, and at what level - Confidential, Secret, Top Secret.
 (There is also For Official Use Only, which means don't release to the
public, but don't protect in other ways.)  There is also Sensitive
Compartmented Information for the stuff that needs the strongest
protection; one doesn't even know that a compartment exists until one is
invited into it.

There is a list of generally high-ranking people who can classify something
from scratch; this is Original Classification Authority.  All else is
derivative classification.

Once classified information exists, the question becomes, who can see it?
There will be people who need to see it to make plans, perform day-to-day
operations, or execute military operations; to do their jobs.  They have
Need To Know.  A person so identified is background checked via a Single
Scope Background Investigation.  The investigators gather information from
many sources.  The investigatee identifies three or five long-time friends,
and the investigators talk to them.  The investigators then ask them for
contacts, and they talk to them too.  Eventually they make a recommendation
to the person who can grant clearances.

The investigatee receives security training and signs nondisclosure
agreements, perhaps the Espionage Act, receives the clearances, and goes to
work.  There is regular recurring training and constant reminders in the
form of newsletters, posters, etc.  There are procedures for storing and
mailing information; with the advent of IT, everything has become more
complicated.  All of this is prescribed by law and supplemented with
various regulations.

Ultimately, we trust people to classify information properly; to
investigate properly; to grant clearances properly; to use and protect
information properly.  People being people, turns out not everyone is
always careful, and some people break the rules intentionally.  We punish
them if we can.  There is a problem with courts; often the Government is
asked to confirm that the information disclosed was genuine, and they don't
want to confirm that in public.

A couple of observations on recent cases:

Edward Snowden went through all of this and intentionally broke the rules
in a major way.  While many may approve, he broke the law.  If the US ever
gets hold of him, he will go to jail forever.

Hillary Clinton was a Senator and Secretary of State.  Many Senators have
clearances, and the Secretary certainly does.  (Although sometimes the
holders of classified info don't trust certain elected/appointed officials,
and don't send stuff to them.)  She put classified information on
unclassified computers, or caused that to be done.  That is illegal.  Were
she not Hillary Clinton, she would have been punished when the breach was
discovered.  Were the laws equally applied, as they're supposed to be, she
would be punished.

This is an extremely large area, and I've only touched on basics.  Would be
glad to go into more detail.



On Thu, May 12, 2016 at 10:05 AM, Anders Sandberg <anders at aleph.se> wrote:

> Since I will be working on information hazards this summer, I am curious
> about the world of security clearances. How do they *actually* work?
> Practically, it seems to be a combination of (1) getting people to
> acknowledge that they will deal with Important Stuff and are responsible (a
> psychological effect), (2) creating a cultural environment where
> information flow is shaped (a social effect), (3) creating penalties for
> doing things wrong (an incentive effect). I assume there is also an assumed
> (4): that cleared people are less likely to leak or mishandle information
> (a selection effect). Does anybody know if there have been any proper
> studies of how well 1-4 actually work?
> Bringing this into the transhuman world, we may consider what happens if
> we get really good at these things.
> On 2016-05-10 22:49, spike wrote:
>  Ja.  When the security people hear a credible rumor, they can call the
> clearance holder in for an interview, without even telling why.  If the
> holder refuses, clearance is suspended.  If the holder accepts and
> confesses everything, then the holder is in trouble for not coming forth
> earlier before he was caught, but might hold on to the clearance if the
> investigation decides national security was not compromised.  If they find
> the holder intentionally tried to cover his tracks, or if the other
> participant wasn’t cleared at the same level, or they want to make an
> example of the guy, or if the ranking official is in a bad mood that day,
> or any number of other factors, the holder gets his clearance suspended or
> revoked.
> Any big aerospace company is populated with straight-arrow law-abiding
> types, which is how they qualified for those clearances to start with.  If
> any high-up leader has a clearance suspended, word quickly gets around why
> it happened, and that guy can no longer effectively lead that crowd: they
> have no respect for him.  This is what happened to the LM second in command
> a few years ago.
> Funny aside: a long time ago, I was in a proposal group where we were
> trying to find civilian uses for a whole bunch of surplus military stuff we
> could buy for about a nickel on the dollar, stuff that was idled by a
> treaty that took effect right at the tail end of Bush41’s term.  It
> included rocket motors, guidance systems, not the nukes of course but all
> kinds of cool rocket stuff, originally designed to carry nukes but now all
> of it surplus and ready to haul rich people to space, that kinda thing.
> In that building where we were generating proposals, we had a soundproof
> meeting room.  It was seldom used for anything: it was a pain in the ass to
> even get there, since it was a structure within a structure, kinda like a
> massive refrigerator inside a building, and you had to code in, etc, so
> they could archive who went in and when.  We decided to find out if it
> really was sound proof.  We had exactly one woman in that group, mid
> thirties, fun sense of humor type.  We said “Hey Lurleen, go in there and
> close up, then scream like you are being murdered or something.”
> Leave it to her to respond, “Or something, OK.”
> {8^D
> Took us several minutes to stop laughing.  Then, she went in there, closed
> up, screamed.  We couldn’t hear it.  The structure worked as advertised.
> We didn’t need Lurleen to point out to us what that facility enabled.  I
> don’t know if anyone ever used it for that purpose, but I wouldn’t be a bit
> surprised.  If they did that and self-reported, the security people
> probably wouldn’t tell the company (I wouldn’t think (they would have
> nothing to gain by telling.))
> In any case, the security people make it clear during initial training and
> all subsequent periodic updates: they get it that people are not saints.
> They understand.  They are not your priest.  But they do need to know what
> you did, so they can watch out for negative consequences.  If you cross
> them, they can hurt you.  If you lie to them, this is a bad thing.
> spike
> --
> Anders Sandberg
> Future of Humanity Institute
> Oxford Martin School
> Oxford University
> _______________________________________________
> extropy-chat mailing list
> extropy-chat at lists.extropy.org
> http://lists.extropy.org/mailman/listinfo.cgi/extropy-chat
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.extropy.org/pipermail/extropy-chat/attachments/20160512/44768d66/attachment.html>

More information about the extropy-chat mailing list