CYBEREYE

The WikiLeaks lesson? It’s classified.

To better protect important documents, start by classifying fewer of them

The White House has come out strongly for the need to protect its employees from the ill effects of looking at classified information on public websites — at least while they’re using government computers. Toward that end, a number of agencies have begun blocking access to WikiLeaks and the sites of perfectly legitimate news organizations that have posted leaked documents.

The Library of Congress blocked access to WikiLeaks on library computers for employees and patrons, and explained its reasons in a blog posting by Communications Director Matt Raymond: “The Library decided to block WikiLeaks because applicable law obligates federal agencies to protect classified information. Unauthorized disclosures of classified documents do not alter the documents’ classified status or automatically result in declassification of the documents.”

This puts the government in the ludicrous position of standing outside the barn, door wide open, and demanding, “Pay no attention to those horses running around out there!”


Related stories:

WikiWars: The face of future conflicts

WikiLeaks impels White House to order classified data security review


There's no question about it: The government needs to do a better job of protecting its information. The best way to start is to be more selective about what is classified.

Despite dire statements that the State Department communications leaked to WikiLeaks jeopardize American security and puts lives at risk, the reality is that the majority of the material published by WikiLeaks is merely embarrassing and should not have been classified.

Risk management is the foundation of any meaningful information security program, and an essential step in risk management is risk assessment. Ranking the significance of the WikiLeaks cables right up there with serious life-or-death information undermines the concept of risk management and damages information security.

Since the creation of e-mail, the best advice for handling sensitive information has been if you don’t want to see it published, don’t send it. That same advice applies to diplomats and other government employees. If they are embarrassed by the publication of personal assessments of Vladimir Putin or other leaders, they shouldn’t have sent them. If those assessments are accurate and appropriate and contribute to the conduct of U.S. foreign policy, there is no reason to be embarrassed by them.

There is government information that legitimately should be kept secret because lives really are at stake. But as the WikiLeaks kerfuffle shows, most government information doesn’t meet that criterion. There is no reason to assume that assessments made by public servants for the public’s business while on the public payroll should be hidden from the public by default. Classification should be the exception rather than the rule.

The time and effort spent ineffectively protecting the leaked documents and then responding to and investigating their leak have been wasted. That time could be much better spent protecting serious secrets. Reducing the volume of classified material by restricting classification to what is really important is a necessary first step.

This does not eliminate the need for protecting unclassified information. That information belongs to the public, and the government has a responsibility to ensure that it is available and can be relied on. But that information should be protected, not hidden.

Reader Comments

Mon, Jan 3, 2011 Arnie

The government thinks that everything they do is classified from ordering breakfast to gossiping about how much scumbag Russians like Putin drink. The author is correct that if only the really secret stuff was classified, it would be a lot easier to protect. And last time I checked PFC Manning was not yet found guilty of anything.

Tue, Dec 28, 2010

PFC Manning committed treason. Homeland Security implemented a system that was designed to breach US security, and agency should be dissolved because of this. Since 1947, cold war, we have had a "secret" government. Need to return to a public government, with military secrets. Assange is irrelevant, a media distraction from the real issues that need to be addressed. More diplomatic progress has been made since the release than I've seen in years. Public government works.

Tue, Dec 21, 2010 Jeffrey A. Williams

Regardless of whether or not some or most of the information released or passed on to Assange by PFC Manning should have been classified is besides the point, much of it was, and therefore releasing it to the public was the wrong thing to do.

Tue, Dec 21, 2010 Ramon Virginia

This is an unbalanced article. When was the last time GCN shared it's secrets with the competitor? Come on...And let's not start with defining what a "Secret" is. You are not qualified.

Tue, Dec 21, 2010

Mr. Jackson has clearly never worked in an environment where some work is classified and some is not, nor has he apparently been briefed on why certain things are classified at the level that they are. As an example as to why this information should be kept secret, one person making an off hand comment about a foreign Gvt leader is one thing, but 40 comments from different people about the same leader has a very different impact on that person's opinion of the United States... these communications where sent over classified networks, and whereas each individual one may not be classified by itself, the sum of them are because they put the US and risk in a diplomatic way... So, Mr. Jackson I appreciate your opinion, but I respectfully do not agree with your position...

Show All Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above