FAS | Gov't Secrecy | ISOO Docs || Index | Search |


Information Security Oversight Office
National Archives and Records Administration
700 Pennsylvania Avenue, NW
Washington, DC 20408

August 15, 2000

The President
The White House
Washington, DC 20500

Dear Mr. President:

We are pleased to submit the Information Security Oversight Office's 1999 Report to the President.

In the fourth year of implementation of Executive Order 12958, the executive branch can again report achievements in the President's security classification program. Although legislation enacted in 1999 caused a decrease in declassification activity within the executive branch, the program continued to add significantly to the unprecedented number of pages declassified. Further, agencies reported yet another decrease in the number of original classifiers. Security cost estimates for FY 1999 remained the same.

In the declassification program, agencies of the executive branch reported declassifying almost 127 million pages of records having permanent historical value. Combined with the figures reported for the first three years of the Order's implementation, the executive branch has declassified almost 720 million pages of records under this Order. This achievement is exceptional. The hundreds of millions of pages declassified under your Executive order will ultimately serve as an irreplaceable resource for historians and other researchers for generations to come.

When E.O. 12958 took effect in FY 1996, you called upon agency heads who have original classification authority to review carefully the number of officials within their agencies to whom they delegate this authority. Since that time they have responded every year with a reduction in their numbers. With a further reduction of 57 individuals in FY 1999, we believe that some executive branch agencies have reached the minimum necessary for effective operations.

Notwithstanding these positive trends, we are concerned about the continuing increase in classification activity. The increase, although lower than last year, appears to be a function of the reporting of electronic transmissions like e-mail, and the application of data collection methods rather than actual increases in classified programs. The results of the classified document reviews conducted by ISOO during the year did not point to anything in particular that would account for the increase. However, the results did point to a continuing need for agencies to educate personnel about the security classification system and assess their classified product as part of their self-inspection programs. Future oversight activities and increased commitment by the agencies will determine whether this upward trend continues.

Respectfully,

Steven Garfinkel
Director, Information Security Oversight Office


Summary of FY 1999 Program Activity

The following Report to the President is the fourth report under E.O. 12958, which went into effect in October 1995. The following data highlight ISOO's findings.

Classification

Declassification


YEAR FOUR

Implementation of the Automatic
Declassification Provision of
Executive Order 12958 --

"Classified National Security Information"

1. BACKGROUND

Executive Order 12958, "Classified National Security Information," signed by President Clinton on April 17, 1995, and effective on October 14, 1995, marked a radical departure from the secrecy policies of the past. The first order to revise the security classification system since the end of the Cold War, E.O. 12958 included major changes which should ultimately result in fewer new secrets being created, and has already resulted in dramatically more information being declassified. Fiscal Year 1999 marked the fourth year in which the policies of the Order were in effect.

The declassification provisions of Section 3.4 contain the most far-reaching reforms in the new security classification system. This section, entitled "Automatic Declassification," requires the automatic declassification of most historically valuable information that is 25 years old. In the past, these older classified records remained classified indefinitely. Under E.O. 12958, these same records, including approximately 1.5 billion pages created over the past 50 years, would be subject to automatic declassification five years from the issuance date of the Order, or April 17, 2000. Executive Order 13142, issued by President Clinton on November 19, 1999, amended E.O. 12958, to extend the date of the imposition of the automatic declassification provision until October 14, 2001. For two groups of records, those that contain information classified by more than one agency and those that almost invariably contain information pertaining to intelligence sources and methods, E.O. 13142 extended the date of imposition of the automatic declassification provision an additional eighteen months, until April 17, 2003. The text of E.O. 13142 appears as Appendix A to this report.

In order to keep information classified beyond 25 years, agency heads must be able to demonstrate that: (1) Particular information falls within a narrow exception to automatic declassification. This determination is then subject to outside review by an interagency panel of senior officials; or (2) Particular file series, identified by the agency head and approved by the President, almost invariably contain exempted information.

In effect, E.O. 12958 reverses the resource burden. Unlike prior systems, in which agencies had to expend resources in order to declassify older information, under E.O. 12958, agencies must expend the resources necessary to demonstrate why older, historical information needs to remain classified.

2. PAGES DECLASSIFlED

The data gathered by the Information Security Oversight Office (ISOO) for this report reveal that in Fiscal Year 1999, the agencies of the executive branch continued to declassify historically valuable documents in numbers unprecedented before the issuance of Executive Order 12958. In FY 1999, executive branch agencies declassified almost 127 million pages of historically valuable records. Extensive declassification continued in the face of legislation that now requires the re-review of those records that have previously been declassified before they are made available to the public. The purpose of this legislation is to make certain that the declassified records do not inadvertently contain information classified under the terms of the Atomic Energy Act, called "Restricted Data" and "Formerly Restricted Data." Records classified under the Atomic Energy Act are not subject to E.O. 12958 or its declassification provisions.

While the number of pages declassified in FY 1999 decreased by slightly more than one-third from the number of pages declassified in FY 1998, the achieved product is still remarkable. It took place in the face of an 80% reduction in the declassified product of the National Archives and Records Administration (NARA), brought about by legislation which dramatically slowed the rate of review at NARA. NARA had previously accounted for more than 50% of the number of pages declassified throughout the entire executive branch. As explained in greater detail in the "Declassification" section of this report, the legislation requires a page by page declassification review and a re-review of documents already declassified in order to search for information that might be classified under the Atomic Energy Act. On a very positive note, the Department of Defense, led by the Departments of Navy and Army, declassified almost 80 million pages of permanently valuable records in FY 1999, an increase of more than 10 million pages from FY 1998. DOD's total represents 63% of the total number of pages declassified in FY 1999.

During the first four years that E.O. 12958 has been in effect, the agencies of the executive branch have declassified approximately 720 million pages of permanently valuable records. In FY 1995, after the President had signed the Order but before it went into effect, an additional 69 million pages of permanently valuable records were declassified. Since ISOO came into existence in late 1978, and began collecting and analyzing data beginning with data for Fiscal Year 1980, it has reported the declassification of permanently valuable records totaling 977 million pages. Of that total, 789 million pages, or more than 80%, have been declassified since the President issued E.O. 12958 in April 1995.

3. FILE SERIES EXEMPTIONS FROM AUTOMATIC DECLASSIFICATION

There was no new activity in this area during FY 1999. For a wrap-up on this subject, please refer to ISOO's Report to the President for FY 1998. ISOO estimates that approximately 295 million pages have been exempted to date from automatic declassification, including almost 187 million pages covered by a file series exemption.

4. INTERAGENCY SECURITY CLASSIFICATION APPEALS PANEL

During FY 1999, the ISCAP continued to be an avenue for positive change on the cutting edge of what information should be declassified. For more detailed information on the ISCAP, please refer to page 7 of this report [below].

5. LOOKING AHEAD -- THE NEAR TERM

6. LOOKING AHEAD -- THE LONG TERM

While the continuation of the declassification policies of E.O. 12958, or a close variant of those policies, clearly remains in the national interest, whatever happens cannot destroy the unprecedented success of the Order's first four years. The hundreds of millions of pages declassified during this time will ultimately serve as an irreplaceable resource for historians and other researchers for generations to come. Moreover, the ability of the executive branch to protect information in our national security interest will have been enhanced by the massive reduction in the number of documents that are no longer sensitive but remained unnecessarily classified. The policies of E.O. 12958, and the agencies' implementation of those policies, have begun the creation of a legacy for the people of the United States -- a legacy that we can hope will be maintained and expanded upon in the future.


Interagency Security Classification Appeals Panel

AUTHORITY

FUNCTIONS

MEMBERS

EXECUTIVE SECRETARY

SUPPORT STAFF

Summary of Activity

The President created the Interagency Security Appeals Panel (ISCAP) under E.O. 12958 to perform the critical functions noted above. The ISCAP, comprised of senior level representatives appointed by the Secretaries of State and Defense, the Attorney General, the Director of Central Intelligence, the Archivist of the United States, and the Assistant to the President for National Security Affairs, began meeting in May 1996. The President designates its Chair, the Director of ISOO serves as its Executive Secretary, and ISOO provides its staff support.

To date, the majority of the ISCAP's efforts have focused on mandatory review appeals. Viewing the totality of its decision docket from May 1996 through September 1999, the ISCAP has decided appeals seeking the declassification of 151 documents that remained fully or partially classified upon the completion of agency processing. Of these, the ISCAP declassified information in 83% of the documents on which it has voted (82 documents in full, 54%; 44 documents in part, 29%). The ISCAP has voted to affirm the agency's classification action fully for 25 documents (17%). ISCAP actions to date illustrate how faithful application of the declassification standards for 25-year-old information results in access to historically valuable records. Several examples of portions of the documents declassified by the ISCAP during the past year are reproduced on the following pages. [not included here]

A database of decisions rendered by the ISCAP is available from ISOO on diskette. The database is maintained in Microsoft Access 6.0. Documents declassified by the ISCAP are usually made available through the entity that has custody of them, often a presidential library.

For copies of the ISCAP's bylaws, its decision database, or for assistance in identifying and requesting copies of the documents discussed in this section, please contact the ISCAP Staff at ISOO.


Security Classification: What Does it Cost?

The security classification program is now in its fifth year of reporting costs for both Government and industry. Congress first requested security classification cost estimates from the executive branch in 1994. The Office of Management and Budget reported those cost estimates to Congress while working with agencies to develop better sampling methodology for future years. In addition, ISOO is tasked through Executive Order 12958 to report these costs to the President. Executive Order 12928, "National Industrial Security Program," also requires that industry or contractor costs be collected and reported by ISOO to the President.

Until the last few years, the costs for the security classification program were deemed non-quantifiable, intertwined with other somewhat amorphous overhead expenses. While many of the program's costs remain ambiguous, ISOO continues to monitor the methodology used to collect the cost estimate data. Requiring agencies to provide exact responses to the cost collection efforts would be cost prohibitive. Consequently, ISOO relies on sampling. The measurements of costs of the security classification system will be estimates. Nevertheless, by maintaining stability in methodology, ISOO should gain over time a good indication of the total cost burden and its upward and downward trends.

GOVERNMENT

The data presented below were collected by categories based on common definitions developed by an executive branch working group. The categories are defined below.

Personnel Security: A series of interlocking and mutually supporting program elements that initially establish a government or contractor employee's eligibility, and ensure suitability for the continued access to classified information.

Physical Security: That portion of security concerned with physical measures designed to safeguard and protect classified facilities and information, domestic or foreign.

Information Security: Includes three sub-categories:

Professional Education, Training and Awareness: The establishment, maintenance, direction, support and assessment of a security training and awareness program; the certification and approval of the training program; the development, management, and maintenance of training records; the training of personnel to perform tasks associated with their duties; and qualification and/or certification of personnel before assignment of security responsibilities related to classified information.

Security Management and Planning: Development and implementation of plans, procedures and actions to accomplish policy requirements, develop budget and resource requirements, oversee organizational activities and respond to management requests related to classified information.

Unique Items: Those department or agency-specific activities that are not reported in any of the primary categories but are nonetheless significant and need to be included.

Because of expressed interest in the declassification programs established under Executive Order 12958, ISOO also requested agencies to identify that portion of their cost estimates in the category of information security/classification management that was attributable to their declassification programs. For FY 1999, the agencies reported declassification cost estimates of $233,186,266 or 6.1 percent of their total cost estimates.

The total security classification costs estimate within Government for FY 1999 is $3,797,520,901. This figure represents estimates provided by 35 executive branch agencies including the Department of Defense, whose estimate incorporates the National Foreign Intelligence Program. It does not include, however, the cost estimates of the CIA, which that agency has classified.

INDUSTRY

A joint Department of Defense and industry group developed a cost collection methodology for those costs associated with the use and protection of classified information within industry. Because industry accounts for its costs differently than Government, cost estimate data are not provided by category. Rather a sampling method was applied that included volunteer companies from four different categories of facilities. The category of facility is based on the complexity of security requirements that a particular company must meet in order to hold a classified contract with a government agency.

The 1999 cost estimate totals for industry pertain to the twelve month accounting period for the most recently completed fiscal year of each company that was part of the industry sample. For most of the companies included in the sample December 31, 1999, was the end of their fiscal year. The estimate of total security costs for 1999 within industry was $1,228,839,000. The Government cost estimate shows a modest six percent increase above the cost estimate reported for FY 1998. Industry, on the other hand, reported a 14 percent increase in its cost estimate. The total cost estimate for Government and industry for 1999 remains the same at $5 billion.

The increased cost estimates for Government appear to result from the agencies' ability to estimate these costs more accurately rather than from any new programs. The Unique Items category seems to reflect this best, given the dramatic 85 percent decrease from FY 1998. The relatively low increase is reflected in all the categories except unique items, as just noted, and security management, which dropped for the first time since cost data have been collected.

With respect to the decrease in contractor costs, this year's estimate appears to be the middle ground for industry. The wide variations between the years 1996 through 1998 are not reflected in the 1999 estimate of $1.2 billion. The current estimate was based on sampling from a larger pool of companies than used in the past four years. Almost 86 percent more companies participated in the collection in 1999 than in 1998. Again, the larger sample tends to suggest greater accuracy. It appears the Department of Defense, the Executive Agent for the National Industrial Security Program, was correct in its assumption that a larger mix of small and large companies reporting data would provide a better sample. ISOO expects that future estimates will continue to include the larger mix of small and large companies, which appears to yield the most realistic data reported to date in what remains an evolving process.


Classified Document Review

During 1999 ISOO began a series of classified document reviews at selected agencies as part of fulfilling its oversight responsibilities. Classified document reviews are not new to ISOO or executive branch agencies. Under the prior executive order, E.O. 12356, they became an integral part of ISOO's oversight. So much so, that Executive Order 12958 included a requirement that agencies incorporate "the periodic review and assessment of the agency's classified product" into their self-inspections programs. Reviewing and assessing the classified product of an agency provide important insights into the status of its security classification program. How well an agency is implementing the classification and marking requirements of the Order becomes readily apparent in a classified document review. Most important, of course, is the opportunity to assess whether information is being classified unnecessarily. Also, finding numerous errors in marking on documents could suggest that an agency has not educated its classifiers about the Order's requirements. Consequently, classifiers are applying markings without the proper knowledge and understanding of the system. A classified document review can also suggest a need for policy guidance or change. If a sample of classified documents includes a large number of original classification decisions, for example, it may suggest a need for an agency to develop a security classification guide to provide consistency and uniformity to its classified product. Further, document reviews have potential value in reminding classifiers that their judgments may be challenged. This may help improve classification practices and keep abuses in check.

Classified document reviews have limitations, which must be taken into account when assessing the data presented here. First, ISOO does not claim that the sample is fully representative of the universe of classified documents. In fact, ISOO has doubts whether it is even possible to construct a sample that is fully representative, particularly since the amount and nature of classified information generated tends to ebb and flow with world events. Second, most of the documents in the sample were created within headquarters units, rather than within field units. Third, intelligence community agencies are more than proportionally represented: their classified product constitutes 61 percent of the sample. And, finally, almost all the documents examined were created since the effective date of the Order (October 14, 1995), and are maintained in active files. Logically, and from ISOO's experience, there is a very significant difference in the national security sensitivity between recent documents and those that have remained classified in inactive files for a number of years.

Another factor merits consideration. ISOO has summarized its findings for this report to present a clearer picture of the classified product as a whole. When broken down by agency, however, the variation in results is often considerable. For example, a few agencies accounted for a substantially disproportionate share of the discrepancies described below, while the classified product of a few others revealed very few or no discrepancies.

Three teams of three program analysts reviewed 3,106 classified documents at eight agencies during 1999. These agencies are listed at the end of this section. Each agency received an individual report on the results. Here, ISOO combines the data from these eight agencies to look at the total sample in terms of the classification of each document; that is, the type of document, its classification level, the basis for classification, and the assigned duration of classification. Next, ISOO discusses the discrepancies in classification and markings. To promote consistency in the recording of data and the interpretation of the results, ISOO analysts work with a number of definitions for discrepancies. These appear with the chart on discrepancies.

TYPES OF DOCUMENTS

Of the 3,106 documents ISOO reviewed in 1999, 264 were cables or messages; 1,826 were memoranda and letters; and 1,106 were other types of documents, such as reports, presentations, e-mails, point papers, or studies. At some agencies the teams reviewed classified documents in electronic form.

CLASSIFICATION LEVELS

By level of classification, 286 of the documents were classified Top Secret; 2,049 Secret; and 771 Confidential. It is interesting to note, although perhaps coincidental, that the proportional breakdown in classification levels is very similar to the data collected from the entire executive branch discussed in the Classification section of this report.

CLASSIFICATION BASIS

All classified documents are documents are required to note the basis for classification, original (Classified by) or derivative (Derived from). Executive Order 12356 did not require electronically transmitted information to indicate the basis for classification and when such a document did not contain the information, it was not considered a discrepancy. Under the current system, when this information is absent from electronically transmitted information, it is considered a discrepancy. Requiring the basis for classification regardless of media on all types of information recognizes the impact of the electronic environment on classified information. No matter what form that classified information takes, it is important that the identifying information concerning classification be complete. Of the 2,832 documents in the sample for which the classification basis was known, 787 were original classifications and 2,045 were derivative classifications. Of these derivative classifications, 1,517 (74%) were classified on the basis of a classification guide; 409 (20%) were based on multiple sources; and 119 (6%) were based on a single source. The 274 documents for which the basis of classification was not known were considered errors and are included in the discrepancy categories noted below.

DURATION OF CLASSIFICATION

Classifiers must determine a time frame for the protection of information as part of the classification process. Under E.O. 12958 there are three possible outcomes: First, if applicable to the duration of the information's national security sensitivity, information should be marked for declassification upon a specific date or event. Second, if the original classification authority could not determine an earlier specific date or event for declassification, information should ordinarily be marked for declassification 10 years from the date of the original decision. Third, if the specific information falls within one or more of eight categories, the classifier may exempt it from declassification at 10 years. For records having permanent value, this will result in the information within them being subject to automatic declassification at 25 years. In derivative classification, the classifier must carry forward the duration specified in the source document. The indefinite duration marking used under Executive Order 12356, "Originating Agency's Determination Required" or "OADR," was eliminated with the issuance of E.O. 12958. However, source documents with this marking may be used in derivative classifications. Consequently, E.O. 12958 provides a means to cite such a document and still provide a time frame for declassification. When a document is classified derivatively from a source document(s) that contains the instruction "OADR," the derivative classifier shall carry forward the fact that the source document(s) was marked with this instruction; and the date of the source document(s). The date serves as the starting point for the 25-year declassification. "OADR" may not be cited when the source document is dated later than October 14, 1995, the effective date of Executive Order 12958. Generally, the instruction would look like the following:

Of the 3,106 documents in the sample, 953 were marked with a date or event 10 years or less from the date of original classification; 1,509 documents were marked as exempt from 10 year declassification; 427 documents cited correctly "Originating Agency's Determination Required" (OADR), including the date of the source document; and 217 documents did not indicate the duration of classification and are included among the discrepancies listed below. ISOO noted 14 documents that were marked as exempt from 10 year declassification but should have cited a date or event 10 years or less from the date of original classification. These are also cited as discrepancies.

DISCREPANCIES

the 1,178 discrepancies identified in these documents represent an error rate of 38 percent. This rate is obtained by dividing the number of discrepancies by the number of documents reviewed. It should be kept in mind, however, that some documents had more than one discrepancy (838) while others did not have any (2,268). While this rate is much too high, ISOO had anticipated such a finding. This was based upon past experience with document reviews, and given the fact that Executive Order 12958 is relatively new and includes new marking requirements. In fact, this discrepancy rate is slightly less than ISOO reported when E.O. 12356, E.O. 12958's predecessor was relatively new.

It is important to ensure that documents do not become unnecessarily classified or improperly marked. As part of its oversight activities, ISOO has emphasized that errors involving clear-cut overclassification, the absence of declassification instructions, the improper application of a time frame for the protection of classified information, the failure to cite the classification source, and the lack of portion markings damage the integrity of the classification system. Unwarranted classification is an abuse of the system that results in a loss of credibility and misuse of resources. The cost of managing classified information emphasizes the need to apply the classification stamp judiciously. The absence of declassification instructions or incorrect declassification instructions multiplies every time one of these documents is used as a source of classification in the derivative process, and creates an additional barrier when declassification and public access are warranted. Citing "Source marked OADR. Date of Source" with an incorrect date of source further confuses and complicates the process. Citing the classification source provides the means to trace a classification decision to its origin. Omitting it eliminates this option. The absence of portion markings also invites error in the derivative process by potentially causing needless and unnecessary classification of information.

The discrepancies indicate that agencies are still grappling with some of the new marking requirements of E.O. 12958. However, the discrepancy rate of the documents reviewed by ISOO is weighted toward errors that are less serious than those noted above. For example, E.O. 12958 requires agencies to use a "Derived from" line on derivatively classified documents. Under E.O. 12356, the "Classified by" line was used on both originally and derivatively classified documents. Further, agencies are experiencing problems with how to properly cite a source document that is marked with "OADR" on the "Declassify on" line. Given how long classifiers had been using the "Classified by" line and "OADR," it is understandable why these discrepancies represent the majority of the discrepancies found. Old habits are hard to break. While ISOO is concerned about the overclassification discrepancies, we believe they are a result of a lack of attention to detail rather than a blatant disregard for the standards and requirements for classification and marking. Clear-cut overclassification represented less than one percent of all discrepancies found.

Further complicating the classification process is the electronic environment. While the computer monitor may show a classified document with all the required markings, the paper product may not, at least in terms of identifying information concerning the classification of the document. Some of the ISOO teams reviewed classified documents by computer. There were some instances where the documents appeared to be classified on the computer screen, but when printed on paper were not. Discussions with agency security personnel revealed that this was a function of the software. In another instance, the hard copy of a document taken from the computer had an overall classification marking at the top of the first page of the document and then at the bottom of the last page of the document. The pages in between did not contain the overall marking. The computer monitor probably showed clearly the overall marking on each page. However, if a hard copy is printed, then each page requires overall classification markings.

Agencies will need to be vigilant with their information by ensuring that, whether the information is in electronic form or paper, it contains all the identifying information necessary to determine whether it's classified or not and how it fits into the agency's records management system. Further, as we in Government continue to move to the "paperless" work environment, it is increasingly important that the electronic environment designate very clearly what is and is not classified, such that it is apparent to any user of an electronic system. Consistency between the electronic and paper environments is absolutely essential. ISOO believes the combination of security education, self-inspections programs and, most importantly, top and senior management support will help to ensure effective management of classified information. ISOO will continue to work with agency officials to help make this a reality.


Classification

Original Classifiers

Original classification authorities (OCAs), also called original classifiers, are those individuals designated in writing, either by the President or by selected agency heads, to classify information in the first instance. Under Executive Order 12958, only original classifiers determine what information, if disclosed without authority, could reasonably be expected to cause damage to the national security. Original classifiers must also be able to identify or describe the damage.

For fiscal year 1999, the number of original classifiers throughout the executive branch was 3,846, which represents a reduction of 57 classifiers from the previous year.* This figure, for the ninth consecutive year, represents the lowest number of original classifiers ever reported by ISOO. ISOO continues to believe that Executive Order 12958's requirement that agency heads carefully scrutinize and re-issue delegations of original classification authority has been the largest contributing factor to this decrease. This review, taken in conjunction with the widespread use of classification guidance (see "Derivative Classification," below) in an automated environment, has revealed a reduced need for OCAs for operational needs. In ISOO's view, some agencies have reached a level in the number of original classification authorities that seems reasonable for the conduct of their missions. Nevertheless, some of the larger agencies that had comparable classification activity, but many more original classification authorities, could reduce the number of original classification authorities without negatively affecting operations through increased use of classification guidance.

Another factor that may account for the reduction in the number of original classifiers is the consolidation and reorganization of several agencies. These organizational changes include combining the functions of the Arms Control and Disarmament Agency and the United States Information Agency within the Department of State and the emergence of the Defense Threat Reduction Agency from a consolidation of the Defense Special Weapons Agency, the On-Site Inspection Agency and several components of the Office of the Secretary of Defense. Although neither State nor DTRA specifically mentioned a reduction in original classifiers for fiscal year 1999, reductions were noted just by the absence of data from the affected agencies. Future statistical reporting from State and DOD may provide further insight concerning the impact of these organizational changes.

In fiscal year 1999, agencies reported minor decreases in the number of original classifiers for the Top Secret and Secret classification levels. Inexplicably, OCAs at the Confidential level increased 6 percent overall, due in large part to an increase in DOD. As if fiscal year 1998, DOD reported small decreases in the number of Top Secret and Secret original classifiers; however, the number of Confidential original classifiers increased significantly, up 35 percent from last year. Overall, DOD reduced its OCAs by two percent. For the second year in a row, the Department of State reported the same number of original classification authorities. State has not decreased its OCAs since fiscal year 1997. Whether the consolidations in State and DOD have any impact on the number of OCAs will be of particular interest in the fiscal year 2000 reporting. ISOO wishes to recognize the efforts of Commerce, the Export-Import Bank and the USTR for reducing the number of OCAs at the Confidential level. USTR also reduced the number of OCAs at the Secret level, as did DOE. While most agencies are reducing the number of OCAs, ISOO noted, with concern, that two agencies, OMB and NRC, have experienced an increase of 67 percent and 39 percent respectively, from fiscal year 1998. The original classification activity of these agencies for fiscal year 1999 does not appear to support such an increase. ISOO will monitor this aspect of these and other agencies' programs through its oversight activities.

Original Classification

Original Classification is an initial determination by an authorized classifier that information requires extraordinary protection, because unauthorized disclosure of the information could reasonably be expected to cause damage to the national security. The process of original classification ordinarily includes both the determination of the need to protect the information and the placement of markings to identify the information as classified. By definition, original classification precedes all other aspects of the security classification system, e.g., derivative classification, safeguarding and declassification. Therefore, ISOO often refers to the number of original classification actions as the most important figure that it reports.

For fiscal year 1999, agencies reported a total of 169,735 original classification decisions. This figure represents an increase of 24 percent over the number of original classification decisions reported in fiscal year 1998. By classification level, Top Secret decreased by 26 percent, while Secret increased by 38 percent. Confidential decreased by one percent. A review of original classification activity under E.O. 12958 does not show a steady trend. During fiscal year 1997, the second full year of implementation of the Order, original classification activity increased by 51 percent, while fiscal year 1998 saw a decrease of 14 percent. The 24 percent increase for fiscal year 1999 may be a function of the requirement to review and issue classification guides.

Three agencies -- DOD, Justice, and State -- now account for 98 percent of all original classification decisions. DOD reported a total of 87,992 original classification decisions, which represents a 57 percent increase from the previous year. It is not clear whether this is a signal for DOD to develop new classification guides or whether the increase represents unique events from DOD operations.

For the third year in a row, Justice also reported an increase. The increase from fiscal year 1998 was 7 percent. This is significantly lower than last year's increase of 29 percent. State registered a 1 percent increase. ISOO continues to believe security classification guides will help reduce the number of State original classification decisions and authorities

Several agencies with smaller security classification programs reported marked decreases in the number of original classification decisions. In particular, ISOO commends OVP, AID, USTR, OSTP, Treasury, and NSC, which reported decreases of 42 percent, 31 percent, 28 percent, 20 percent, 18 percent, and 3 percent respectively.

As part of the original classification process, the classifiers must determine a time frame for the protection of the information. This is commonly called the "duration" of classification. Executive Order 12958 creates three possible outcomes at the time of original classification. First, if applicable to the duration of the information's national security sensitivity, information should be marked for declassification upon a specific date or event. For example, a classifier could determine that the information's sensitivity will lapse upon the completion of a particular project. The event would be noted on the face of the document, and when the project had been completed, the information would automatically be declassified. Second, if the original classification authority could not determine an earlier specific date or event for declassification, information should ordinarily be marked for declassification 10 years from the date of the original decision. Third, if the specific information falls within one or more of eight categories, the classifier may exempt it from declassification at 10 years. In almost all instances, this will result in the information being subject to automatic declassification at 25 years. The indefinite duration marking used under Executive Order 12356, "Originating Agency's Determination Required" or "OADR," was eliminated with the issuance of E.O. 12958.

During fiscal year 1999, classifiers chose declassification upon a specific date or event less than 10 years, or upon the 10-year date for 84,053 original classification decisions. On the remaining 85,682 original classification decisions, original classifiers elected to apply an exemption from 10-year declassification. This is a return to a trend noted in both fiscal years 1996 and 1997 under this Order, when approximately half of all original classification actions were marked for automatic declassification in 10 years or less. (Fiscal year 1998's percentage was markedly lower than the previous two years, although at 36 percent it is still higher than the figures reported under prior systems, when more than 90 percent of referral decisions were marked for indefinite duration.)

Derivative Classification

Derivative classification is the act of incorporating, paraphrasing, restating, or generating in new form classified source information. Information may be classified in two ways: (a) through the use of a source document, usually correspondence or publications generated by an original classification authority; or (b) through the use of a classification guide. A classification guide is a set of instructions issued by an original classification authority. It pertains to a particular subject and describes the elements of information about that subject that must be classified, and the level and duration of classification. Only executive branch or Government contractor employees with the appropriate security clearance, who are required by their work to restate classified source information, may classify derivatively.

For fiscal year 1999, agencies reported 7,868,857 derivative classification actions. This figure represents an increase of 10 percent from that reported in fiscal year 1998.

The majority of the increase comes from three of the major classifying agencies, Justice, CIA and DOD. Justice reported a 41 percent increase while CIA reported a 21 percent increase from last year. DOD reported a 4 percent increase. For fiscal year 1999, CIA, DOD, NRO, Justice, and State represented 99 percent of all derivative classification actions reported. For the second year in a row, CIA derivatively classified the most information of the five agencies. NRO reported a 2 percent decrease, while State reported virtually the same derivative activity as the previous year. ISOO commends NRO and State for their efforts to reduce or curb derivative classification. All other agencies reported 40,204 derivative classification actions, a 27 percent increase from fiscal year 1998. ISOO recognizes those agencies decreasing their derivative activity: AID (76%), DOE (15%), EPA (100%), GSA (64%), HHS (25%), NASA (39%), NRC (29%), OMB (38%), PFIAB (48%), and USPS (2%).

The increase in derivative classification activity is influenced by a variety of factors. World events continue to influence the amount of derivative activity, in particular, worldwide peacekeeping operations. However, ISOO is convinced that the vastly increased use of automated information management systems, and advancements in technology will continue to affect how information is created, collected, analyzed, and disseminated, thus affecting the tabulation of derivative classification activity. For example, many classified conversations over secure telephone, which would not have been counted as classification decisions, have been replaced by secure e-mail messages, which, depending on several factors, may or may not be counted as classification decisions. The application of the collection methodology used by three of the five major classifying agencies may also be affecting the data being reported to ISOO. DOD, CIA and NRO use sampling methods approved by ISOO. Whether it is the method itself or the implementation of the method that is affecting the data collected, is not clear. However, ISOO plans to study this problem with an eye towards developing guidance to standardize both the impact of sampling and application of what constitutes a classification decision.

Combined Classification

Together, original and derivative classification decisions make up what ISOO calls combined classification activity. In fiscal year 1999, combined classification activity increased by 743,824 (10%), to a total of 8,038,592 actions. Since derivative actions outnumbered original actions by a ratio of more than 46:1, the fluctuation in derivative activity essentially determines the fluctuation of combined classification activity.

CIA accounted for 44 percent of all combined classification activity reported for fiscal year 1999; DOD, 27 percent; Justice, 2 percent and State, 2 percent.

As in the past, the remaining agencies accounted for only one percent of the combined classification activity. CIA and DOD reported increases in combined classification by 21 and 6 percent, respectively. State reported virtually the same combined activity from the previous year.

ISOO continues to be concerned about the upward trend in classification activity. As noted above, to a large extent, technology may explain the increase. However, given the downward trend under the prior executive order, the upward trend remains troubling. ISOO will continue to increase its oversight activities, particularly in the area of classified document reviews.


Declassification

During fiscal year 1999, declassification activity within the executive branch experienced its first significant decrease since E.O. 12958 became effective. Nevertheless, declassification under this Order continued to exceed the average under prior executive orders by tenfold. Instituting two declassification programs under E.O. 12958: (1) "Automatic Declassification," Section 3.4 of E.O. 12958; and (2) "Systematic Declassification Review," Section 3.5 of the Order, has very clearly driven the increase in declassification activity. The "Automatic Declassification" program began in mid-October 1995 with the effective date of Executive Order 12958. Under the "Automatic Declassification" program, information appraised as having permanent historical value is automatically declassified once it reaches 25 years of age unless an agency head has determined that it falls within a narrow exemption that permits continued classification. Fiscal year 1996 was the first full year of implementation for this program. Started in 1972, "Systematic Review for Declassification" is the program under which classified permanently valuable records are reviewed for the purpose of declassification after the records reach a specific age. Under E.O. 12356, NARA was the only agency required to conduct a systematic review of its classified holdings. Now E.O. 12958 requires all agencies that originate classified information to establish and conduct a systematic declassification review program, which is undertaken in conjunction with the potential onset of automatic declassification.

In effect, systematic review has become an appendage of the automatic declassification program. ISOO has collected data on declassification that does not distinguish between the two programs because they are now so interrelated.

During FY 1999, the executive branch declassified almost 127 million pages. This figure represents a 34 percent decrease over FY 1998, but it is still very markedly higher than any one year under prior executive orders. This decrease is largely attributed to legislation enacted in FY 1999, addressing the protection of Restricted Data and Formerly Restricted Data. In order to fulfill the requirements of this legislation, agencies had to shift resources away from the automatic and systematic declassification programs.

This legislation had a very significant impact on NARA's declassification program. NARA's pages declassified in FY 1999 decreased by 80 percent from FY 1998. In past years NARA has been the lead agency in the number of pages declassified. There were three reasons for this decrease in NARA: First, a number of NARA's reviewers began the re-review of previously declassified records, to determine, as required by legislation, whether these records inadvertently contained Restricted Data or Formerly Restricted Data under the Atomic Energy Act. Second, many NARA staff members who previously worked on declassification were assigned to assist in the massive transfer of permanently valuable records from the Washington National Records Center to the National Archives in College Park. Finally, those NARA staff members who continued to do declassification review were required by the legislation pertaining to Restricted Data and Formerly Restricted Data to review everything on a page-by-page basis; in the past as much as 85 percent of NARA's declassification actions involved sampling methods.

In the four years that Executive Order 12958 has been in effect, over 720 million pages have been declassified. Compared to the total of pages declassified under two prior executive orders (E.O. 12065 and E.O. 12356) over the course of 15 years, 257 million pages, the executive branch in the past four years almost tripled the number of pages declassified. For the 20 years during which ISOO has been collecting data, declassification activity within the executive branch resulted in over 977 million pages declassified.

DOD replaced NARA as the lead agency in the number of total pages declassified in FY 1999. DOD accounts for 63 percent of the total, while NARA still comes in second with 14 percent. The legislation has also affected DOE's progress, which experienced a 48 percent reduction from its FY 1998 declassification efforts. Even so, the programs in AID (61%), CIA (189%), Justice (903%), NASA (307%), and OPIC (59%) experienced significant increases in the number of pages declassified in FY 1999 as compared to FY 1998. ISOO commends these agencies for their efforts, and certainly encourages even more from Justice and CIA.


Mandatory Review

Under Executive Order 12958, the mandatory review process permits individuals or agencies to require an agency to review specified national security information for purposes of seeking its declassification. Requests must be in writing and describe the information with sufficient detail to permit the agency to retrieve it with a reasonable amount of effort. Mandatory review remains popular with some researchers as a less contentious alternative to Freedom of Information Act (FOIA) requests. It is also used to seek the declassification of presidential papers or records, which are not subject to the FOIA.

During FY 1999 agencies processed 2,990 cases totaling 90,744 pages. The number of pages processed decreased by 71 percent from the previous year. The legislation enacted in 1999 and mentioned earlier in this report has been cited by some agencies as the reason for their decrease in processing mandatory declassification review requests. Although the number of cases acted on was 34 percent less than last year, the percentage of pages declassified in whole or in part (93 percent) increased by 11 percent from last year. ISOO believes that this increase is an indication that mandatory review remains a very successful means for declassifying information. With the establishment of the Interagency Security Classification Appeals Panel (ISCAP), created under Executive Order 12958 and discussed earlier in this report, mandatory review requests are likely to increase.

During FY 1999, agencies processed 64 appeals that comprised 935 pages. Of these, 92 percent of the pages were granted in whole or in part. The rate is 6 percent higher than last year. The higher rate of declassification suggests that researchers can continue to anticipate greater return in declassified information if they pursue an appeal.


Security Training Aids

Executive Order 12958 brought many changes in principles, practices, and procedures. Security education remains more critical than ever. Familiarizing those who have access to classified information with the requirements of the classification system is a major undertaking for security professionals in both Government and industry. ISOO continues to explore ways to coordinate the dissemination of as many security education tools as possible or to develop them within the context of budgetary considerations. For now, ISOO has available a marking pamphlet to serve as a general guide for use by both original and derivative classifiers. We have also revised our popular Standard Form (SF) 312 briefing booklet by including the Executive Order 12958, updating the "Questions and Answers" segment and including a copy of the updated SF 312 form. ISOO also will soon launch a home page under the National Archives and Records Administration Web site.

MARKING BOOKLET

This booklet is a general, illustrated guide on how to mark classified documents in accordance with the requirements of Executive Order 12958 and its implementing directives. Authorized original and derivative classifiers as well as administrative personnel who prepare classified documents can rely on this booklet whenever there is a question about the marking of a classified document.

SF 312 BRIEFING BOOKLET

This booklet remains popular with agency and industry security managers who provide briefings on the SF 312 "Classified Information Nondisclosure Agreement." It includes the complete text of all the laws and regulations that must be available if requested by someone signing the SF 312, including the text of Executive Order 12958, a copy of the SF 312 and updated answers to the most frequently asked questions about the nondisclosure agreement.

The revised SF 312 Booklet will include the latest version of the SF 312 form and the text of another law that applies to individuals signing the SF 312. Availability will be late summer or early fall 2000.

THE SF 312 VIDEO

This 13-minute video provides an entertaining but informative approach to answering most of the questions that employees raise about the purpose of the nondisclosure agreement and their obligations under it. It provides an excellent base for an employee briefing on the SF 312.

EXECUTIVE ORDER 12958 AND IMPLEMENTING DIRECTIVE PACKET

This packet is a three-hole punched, shrink-wrapped document that includes Executive Order 12958, its implementing directives, the President's Original Classification Authority designations, and amendments. Tabs identify each of these items. They are printed in a very clear and a very easy to read format. This is one of the most "user friendly" versions of the Order and its related documents.

An amendment packet, which includes the (1) Referral Standard, (2) E.O. 13142, Amendment to E.O. 12958, and (3) the Safeguarding Directive, will be available late summer or early fall 2000.

ISOO HOME PAGE UNDER DEVELOPMENT

ISOO is developing a home page on the National Archives and Records Administration Web site. The publications listed here, except for the SF 312 video, will be available on the home page. In addition, ISOO's home page will provide information on current issues of concern to the security classification community. Look for our site in late summer 2000 at www.nara.gov.




FAS | Gov't Secrecy | ISOO Docs || Index | Search |