from the FAS Project on Government Secrecy
Volume 2002, Issue No. 29
April 10, 2002


In one of its more astute recommendations, the new report of the Webster Commission on FBI security practices urged creation of an interagency mechanism that would enable intelligence agencies to learn from each other's security failures, so that each agency would not need to repeat every such mistake on its own.

"A system should be established whereby security lapses in a particular entity lead to improved security measures throughout the entire Intelligence Community," the Webster Commission stated in its report (page 22).

But as if to exemplify the problem, the Commission was evidently unaware of recent efforts to establish precisely this kind of system, and so it was unable to draw any lessons from the failure of those efforts.

The Commission did recall that a 1994 DOD-DCI Joint Security Commission recommended the establishment of an interagency "security executive committee" in order to "unify security policy development; serve as a mechanism for coordination, dispute resolution, evaluation, and oversight; and provide a focal point for Congressional and public inquiries regarding security policy...." (page 21).

Yet the authors failed to note that this recommendation was accepted, and such an interagency Committee was actually created.

See the Charter of the Joint Security Executive Committee (JSEC), which was established by the Deputy Secretary of Defense and the Director of Central Intelligence in June 1994, here:

The JSEC was redesignated the Security Policy Board (SPB) in September 1994, with expanded membership to include all national security agencies, and with a mandate to develop consistent and cost-effective security policies government-wide. See Presidential Decision Directive 29 on "Security Policy Coordination":

But in April 2001, after seven years of largely fruitless wrangling, the SPB was abolished by President Bush's National Security Presidential Directive 1.

Now, before establishing a new interagency security coordination process as recommended by the Webster Commission, one would think that the lessons of the demise of the Security Policy Board ought to be considered.

No formal post-mortem assessment of the SPB has been conducted to determine exactly why it proved ineffective (even though, on occasion, it made a useful contribution).

A preliminary assessment suggests that the SPB membership grew too large and its deliberations became burdensome and inconclusive as a result. The SPB leadership in CIA and DOD was not committed to the process, and so it never gained the confidence of other senior policy makers. Public input into the security policy process was discouraged by naming retired government security officials to represent the "non-governmental and public interest perspective" on the Security Policy Advisory Board.

See an archive of Security Policy Board documents here:

See the text of the 1994 DOD-CIA Joint Security Commission report, "Redefining Security," here:

The Webster Commission report, "A Review of FBI Security Programs," is posted here:


A new annotated list of judicial decisions in Freedom of Information Act (FOIA) lawsuits for the first quarter of 2002 has just been published by the Department of Justice. Although it is a mixed bag, most of the latest rulings appear to favor the government rather than the FOIA requester. See:

"Litigation intended to promote openness in government in the national security arena almost invariably harms the cause of open government," according to Steven Garfinkel, former director of the Information Security Oversight Office, who spoke at the Freedom Forum on March 15.

"By now, everyone here should know that the courts almost never substitute their judgment for that of the executive branch on national security issues," Mr. Garfinkel said. See his remarks here:


Secrecy News is written by Steven Aftergood and published by the Federation of American Scientists.

To SUBSCRIBE to Secrecy News, send email to with this command in the body of the message:
      subscribe secrecy_news [your email address]
To UNSUBSCRIBE, send email to with this command in the body of the message:
      unsubscribe secrecy_news [your email address]
OR email your request to

Secrecy News is archived at: