Friday, 29 January 2016

Understanding NSA / INR Security Classifications on Intelligence Assessments

The misuse and mishandling of sensitive information by Hillary Clinton and her staffers at Foggy Bottom during her tenure as Secretary of State was a criminal act.


Clinton apologists seek to dilute the gravity of the situation and describe it as “no big deal.” Obfuscation does not change the fact that the placing of highly classified information on an unclassified and unencrypted network is a very serious matter. But what does it actually mean? What type of information was misused.

IC analysts write “finished” intelligence assessments based on multiple information sources every day and then classify them according to their content and the sensitivity / source of the information contained therein. These assessments are authored every day by analysts at multiple American intelligence agencies and offices, then shared with senior leadership.

The Secretary of State is always a top consumer of such intelligence.

The State Department has its own in-house intelligence analysis shop, termed the Bureau of Intelligence and Research (INR) to meet their department’s need for additional classified assessments and reporting.

Classifications are: TOPSECRET//SI//TK//NOFORN

What follows is a short intelligence assessment of the kind U.S. Government officials read every single day, made up by The XX Committee but adhering to the style and substance of what would be produced by an IC analyst.

TOPSECRET//SI//TK//NOFORN 

(S) Economic, Political Problems for Zendia Ahead 

(TS//SI) The Zendian Ambassador to Dirtbagistan believes it is increasingly likely that his country will fail to make its next International Monetary Fund (IMF) payment, scheduled for mid-September. This IMF payment of 475 billion Zendian wangos ($8.4 billion) is beyond his government’s ability to pay, Ambassador Abu Travolta explained to a senior member of his country’s Ministry of Finance (believed to be Deputy Finance Minister Abu Nugent) on 12 August. The ambassador further opined that, in the event of this likely default, the government of Prime Minister Barack Dukakis would not last long, politically. For this reason the Zendian government is going to great lengths to prevent word of the impending IMF default from reaching the media, according to Ambassador Travolta. 

(TS//SI//TK) This information was supported by Zendian Deputy Foreign Minister Abu Bon Jovi, who last week informed the Ministry of Foreign Affairs (MFA) that budget constraints, which he expected to get significantly worse in mid-September, meant that MFA payrolls may not be met upon “something big” happening then. This is believed to be a reference to a possible default on Zendia’s IMF loan. 

(S//NF) According to U.S. Government information obtained from multiple agencies, Ambassador Travolta is a well-connected member of the ruling party and is close to Prime Minister Dukakis. He has a track record of accurate predictions about forthcoming events in his country. 

(FOUO) According to media reports, Ambassador Travolta has been experiencing health problems (NFI) which may indicate his willingness to be unusually frank with fellow members of the Zendian ruling party. 

(U) This situation will be updated as soon as additional information becomes available. 


TOPSECRET//SI//TK//NOFORN

Analyzing the Context of the Classifications

TOPSECRET//SI//TK//NOFORN at the top and bottom of an assessment reflects the highest classification levels of anything incorporated in an assessment. Only people cleared to that level — a very high one — can read a report with this classification.

Each report has a title slug reflecting what it’s about. It’s classified S for SECRET then each paragraph has its classification stated in parentheses at the beginning. This is called “portion marking” by the IC.

The first paragraph is classified TOPSECRET, the highest “official” classification in the U.S. Government, while the addition of SI, meaning Special Intelligence, indicates this is very sensitive stuff. SI is a security caveat that falls under the rubric of Sensitive Compartmented Information or SCI. Not everybody cleared for TOPSECRET also has access to SCI, that’s a separate matter and all SCI materials require special handling to protect them from compromise. Here, SI indicates that the paragraph is based on information from signals intelligence or SIGINT from NSA — in this case an intercepted phone call between two senior Zendian officials.

Although the report never states that this is SIGINT, the kind of information provided plus the SI caveat indicate this is based on NSA reporting, as anybody experienced with intelligence would immediately recognize.

The following paragraph is also based on NSA SIGINT, albeit from a different, even more sensitive source: the TK in its classification stands for TALENT KEYHOLE and indicates that information is derived from foreign communications intercepted by an intelligence satellite. This, again, is a conversation between top Zendian officials, so it’s valuable “horse’s mouth” information. Here two senior bureaucrats seem to corroborate each other, which is an important revelation.

The third paragraph has a lower classification, SECRET, is not based on SIGINT, and has the NOFORN caveat, meaning it cannot be shared with non-Americans (a good deal of NSA SIGINT, even at the TS/SI level, is shared with close foreign partners such as the Anglosphere Five Eyes countries). This paragraph is based on local classified assessments — probably from the US Embassy to Zendia as well as the CIA Station there — that are sent back as regular reports to Washington, DC about the political lay of the land in that country.

The last substantive paragraph isn’t classified at all but has the For Official Use Only marking, meaning it cannot be released to the public without official approval. It’s based on media reports, which represent an important source of information for the IC and the State Department.

OSINT & SIGINT

CIA’s Open Source Center is the IC’s hub for translating foreign media in many languages and, pound for pound, represents the best value in the Intelligence Community. Here, unclassified media (termed Open Source Intelligence or OSINT) by some, is used to round out the assessment, and how the analyst has reached a tentative conclusion based on that media is considered to be FOUO. NFI means No Further Information.

The last line is entirely unclassified, as indicated by the U at the beginning, and states simply that more information will be forthcoming on this issue as the analyst gets it. That last line is the only part of the assessment that is wholly unclassified and, in theory, could be released to the public without a cumbersome approval process: of course, taken alone it says nothing of interest, which perhaps is the point.

The larger point, however, is that, save that last line, absolutely none of the information in this assessment could be released to the public, or placed on any unclassified information system, by anybody, not even a cabinet secretary, without specific approval from outside agencies.

The SIGINT, in particular, is highly sensitive and could only be placed in unclassified channels with an explicit NSA (and probably Director of National Intelligence) go-ahead, which is rare. Even “talking around” such information, especially in written fashion, is unwise and usually represents a serious security breach, not to mention it may be illegal.

Acceptable Use of the Information

For example, this is how a top official who read that Zendian intelligence assessment might proceed:

1. “We’re hearing Zendia will probably default on its IMF loan.” (Marginally acceptable because there’s no attribution, no sources and methods are mentioned, though even so it’s really at least FOUO if it’s a cabinet secretary putting it in an unclassified email.)

2. “We’re getting intel that Zendia will probably default on its IMF loan.” (Unacceptable, a security violation, but not classified higher than SECRET due to lack of source attribution.)

3. “NSA says Zendia will default on its IMF loan in September.” (Absolutely unacceptable in any unclassified format, a compromise of TS//SI sources and methods….call the FBI.)

What exactly happened in the case of Hillary Clinton’s classified emails we don’t know yet, but the FBI is now on the case, and I’m sure the Bureau will eventually find out. What happens after that? It’s too soon to tell ….