National Security Archive Audit of Secrecy Rules Finds 28 Different Policies at Federal Agencies

Breaking News

The first-ever government-wide audit of the ways that federal agencies mark and protect information that is unclassified but sensitive for security reasons has found 28 different and uncoordinated policies, none of which include effective oversight or monitoring of how many records are marked and withheld, by whom, or for how long.

The audit began in February 2005 with Freedom of Information requests from the National Security Archive at George Washington University, to more than 40 agencies, for copies of their policies and guidelines on “sensitive unclassified information.” The Archive released its Audit today at a Congressional hearing held by the Subcommittee on Emerging Threats (chaired by Rep. Christopher Shays, R-CT.), U. S. House of Representatives Committee on Government Reform.

Titled “Pseudo-Secrets: A Freedom of Information Audit of the U.S. Government’s Policies on Sensitive Unclassified Information,” the audit found:

No agency monitors or reports on the use or impact of sensitive unclassified information policies.
Only 8 agencies have policies that are authorized by statute and implemented by regulation.
No challenge or appeals mechanism for questioning the markings exists in any of the policies.
Only one policy contains a “sunset” provision for the sensitive unclassified markings – at the Agriculture Department – but the maximum duration of 10 years is the same as for Top Secret information in the classification system.
8 agencies effectively allow any employee to slap protective markings on records, including the largest single department other than Defense, Homeland Security (more than 180,000 employees).
Only 7 policies include cautions or qualifiers against using the markings to conceal embarrassing, illegal or inefficient agency actions (in the classified system, this is an explicit prohibition).
11 agencies report no policy on sensitive unclassified information (these agencies may use “official use only” and similar markings, but not – apparently – to protect information that is sensitive because of its security implications, which was the focus of the Archive’s Audit).
Archive director Thomas Blanton will testify to the Subcommittee today that “We believe the diversity of policies, the ambiguous and incomplete guidelines, the lack of monitoring, and the decentralized administration of information controls on sensitive unclassified information – all of which is evident in our Audit results – means that neither the Congress nor the public can really tell whether these sensitive unclassified information policies are actually working to safeguard our security, or are being abused for administrative convenience or coverup.”

The National Security Archive Audit report - "Pseudo-Secrets: A Freedom of Information Audit of the U.S. Government's Policies on Sensitive Unclassified Information" - is available online at

comments powered by Disqus