The Case for a Security Guarantee for Ukraine
How to Protect the Country—Without NATO Membership
The United States keeps a lot of secrets. In 2017, the last year for which there are complete data, roughly four million Americans with security clearances classified around 50 million documents at a cost to U.S. taxpayers of around $18 billion.
For a short time, I was one of those four million. From 2014 to 2015, I worked for the general counsel of the Department of Defense, a position for which I received a security clearance at the “top secret” level. I came into the job thinking that all the classified documents I would see would include important national security secrets accessible only to those who had gone through an extensive background check and been placed in a position of trust. I was shocked to discover that much of what I read was in fact not all that different from what was available on the Internet. There were exceptions: events I learned about a few hours or even days before the rest of the world, for instance, and information that could be traced to intelligence sources. But the vast bulk of the classified material I saw was remarkable only for how unremarkable it was.
The U.S. system for classifying secrets is based on the idea that the government has access to significant information that is not available, or at least not widely available, to private citizens or organizations. Over time, however, government intelligence sources have lost their advantage over private sources of intelligence. Thanks to new surveillance and monitoring technologies, including geolocation trackers, the Internet of Things, and commercial satellites, private information is now often better—sometimes much better—than the information held by governments.
At the same time, these technologies have given rise to an altogether new threat: troves of personal data, many of them readily available, that can be exploited by foreign powers. Each new piece of information, by itself, is relatively unimportant. But combined, the pieces can give foreign adversaries unprecedented insight into the personal lives of most Americans.
Yet the United States has not begun to adapt its system for protecting information. It remains focused on keeping too many secrets that don’t really matter, treating government information like the crown jewels while leaving private data almost entirely unguarded. This overemphasis on secrecy at the expense of privacy isn’t just inefficient. It undermines American democracy and, increasingly, U.S. national security, as well.
The U.S. government did not always keep so many secrets. At the turn of the twentieth century, in fact, it had no formal nationwide system of secrecy. That began to change after Japan defeated Russia in the Russo-Japanese War of 1905, stunning Western countries and signaling the rise of a new regional power in Asia capable of challenging the major powers in Europe. Japan had long prohibited emigration, but it had lifted this restriction in 1886, just as its military prowess was beginning to grow. By 1908, around 150,000 Japanese immigrants had entered the United States.
As the number of new arrivals ticked up, American newspapers began reporting stories about “Japanese spies roaming about the Philippines, Hawaii, and the continental United States, busily making drawings of the location of guns, mines, and other weapons of defense,” as The Atlanta Constitution put it in 1911. Journalists at The Courier-Journal detailed a sophisticated Japanese spying operation in Los Angeles, Portland, and the harbors around Puget Sound, including rumors that “agents of the Japanese War Office, in the guise of railroad section laborers or servants in families residing in the locality, are stationed at every large railroad bridge on the Pacific coast.” These stories were fantastic—and likely false, for the most part, as were widespread tales of Japanese candy store operators who were really mapmakers, Japanese fishermen who were really taking harbor soundings, and Japanese barbers who picked up military secrets from their unsuspecting clients.
Members of Congress, alarmed by the stories, decided to act. The Defense Secrets Act, passed in 1911, was the first U.S. law to criminalize spying. It provided that “whoever, . . . without proper authority, obtains, takes, or makes, or attempts to obtain, take, or make, any document, sketch, photograph, photographic negative, plan, model, or knowledge of anything connected with the national defense to which he is not entitled” could be fined or imprisoned.
The United States is focused on keeping too many secrets that don’t really matter.
After war broke out in Europe, President Woodrow Wilson appeared before Congress and asked it to strengthen the laws against sedition and the disclosure of information. His racist nativism on full display, he declared, “There are citizens of the United States, I blush to admit, born under other flags but welcomed under our generous naturalization laws to the full freedom and opportunity of America” who “have sought to pry into every confidential transaction of the Government in order to serve interests alien to our own.” The result was the Espionage Act of 1917—a law that, with a few revisions, still forms the main legal basis for proscribing the unauthorized disclosure of national security information in the United States. The law was extraordinarily broad, criminalizing the disclosure of “information respecting the national defence” that could be “used to the injury of the United States.”
Now there were rules criminalizing the disclosure of national security secrets. But what was a secret? Historians consider the American Expeditionary Forces’ General Order No. 64, also issued in 1917, to be the first attempt by the U.S. government to adopt a formal classification system for government information that had national security value. In the years that followed, the U.S. Army and the U.S. Navy adopted their own regulations on classified information, producing a mishmash of classification rules across the military branches. Then, in 1940, President Franklin Roosevelt displaced this series of decentralized classification rules with an executive order making it unlawful to record “certain vital information about military or naval installations” without permission. The rules applied to aircraft, weapons, and other military equipment, as well as to books, pamphlets, and other documents if they were classified as “secret,” “confidential,” or “restricted.”
Since then, many presidents have issued executive orders that define what information is classified, how it is classified, and who can access it. The latest comprehensive executive order, issued by President Barack Obama in 2009, lays out three levels of classification—top secret, secret, and confidential—along with a vast array of rules about what each level of classification means. Under the order, classified documents originate in two ways: one of the 1,867 officials designated as having “original classification authority” decides that a document should be classified or one of the four million or so individuals with access to classified material creates a new document using information that was already classified—so-called derivative classification. In 2017, more than 49 million government-generated documents were derivatively classified.
Almost everyone who has examined the U.S. system of keeping secrets has concluded that it results in mass overclassification. J. William Leonard, who led the Information Security Oversight Office during the Bush administration, once observed that more than half of the information that meets the criteria for classification “really should not be classified.” Others would put that number much higher. Michael Hayden, a former director of the National Security Agency and later of the CIA, once complained of receiving a “Merry Christmas” email that carried a top-secret classification.
One factor driving overclassification is the fact that those who do the classifying are almost always incentivized to err on the side of caution—classifying up rather than down. When I worked at the Pentagon, if I made a mistake and classified a document or an email at too high a level, there would likely be no penalty. As far as I know, no one in the offices I worked with was ever disciplined for classifying a document too high. Classifying a document too low, however, can bring serious professional consequences—not to mention potentially threaten U.S. national security. Secrecy, in other words, is the easiest and safest course of action.
Secrecy also begets more secrecy, because documents must be classified at the highest level of classification of any information they contain. If a ten-page memo contains even a single sentence that is classified as top secret, for instance, the memo as a whole must be classified as top secret (unless it is “portion marked,” meaning that each segment—the title, each paragraph, each bullet point, and each table, for instance—is given a separate mark of classification). This requirement fuels an endless progression of derivative classification that compounds the United States’ already enormous overclassification problem.
The democratic costs of overclassification are hard to overstate. To note the obvious: a state cannot keep secrets from its enemies without also keeping them from its own population. Massive government secret keeping undermines democratic checks and balances, since it makes it difficult, if not impossible, for the public—and, often, for members of Congress—to know what the executive branch is up to.
The U.S. government has done horrific things when acting in secret. CIA black sites, where detainees suspected of involvement in terrorist groups were tortured during the Bush administration, could not have survived public scrutiny—which is why they operated in secret for years. Secrecy also undermines American democracy in more subtle ways. When the government keeps secrets, those secrets enable—and sometimes require—lies. When those lies are exposed, public trust in the government takes a hit—as it did in 2013, when Edward Snowden, then a contractor for the National Security Agency, revealed the existence of a massive surveillance program under which the agency had accessed the email, instant-messaging, and cell phone data of millions of Americans. That revelation eroded trust in U.S. intelligence agencies, making it harder for them to operate—precisely the opposite of what the government’s secrecy was meant to achieve.
Secrets also have a chilling effect on free speech. In May 2019, the Department of Justice indicted Julian Assange, the founder of the whistle-blowing organization WikiLeaks, on 17 counts of violating the Espionage Act for obtaining and publishing classified documents. It was the first time the government had brought such charges for publication alone, raising fears in the media that the government might start using the Espionage Act to prosecute journalists. As The New York Times reported at the time, Assange had been charged for actions that the paper itself had taken: it had obtained the same documents as WikiLeaks, also without government authorization, and published subsets of them, albeit with the names of informants withheld.
And it is not just whistleblowers and journalists who need to worry; former government officials can also be caught in the classification vise. Even after leaving office, government employees are not only subject to potential criminal prosecution if they disclose classified information that they learned while in government but also required to submit their writings (and drafts of public talks) for “prepublication review.” John Bolton, who served as national security adviser to President Donald Trump, became an unexpected poster child for abuse of the prepublication review process after his book was subjected to delays that appeared politically motivated. He is far from alone. Millions of former government employees, including me, are bound by similar rules. The real harm of this system is not to former government employees, however. It is to the quality of public discourse, as former government employees with knowledge about the U.S. national security system too often decide that it is easier to simply stay silent.
Overclassification also makes it difficult to keep the secrets that really matter. As the Supreme Court justice Potter Stewart put it in his concurring opinion in the 1971 case ordering the release of the Pentagon Papers, the Defense Department’s classified history of the U.S. role in Vietnam, “When everything is classified, then nothing is classified, and the system becomes one to be disregarded by the cynical or the careless, and to be manipulated by those intent on self-protection or self-promotion.” Too much secrecy can also make it harder to protect the American public from national security threats—for instance, by limiting information sharing that could inform decision-making or identify new dangers. One reason the plot to carry out the 9/11 terrorist attacks was not detected in advance, the 9/11 Commission found, was too much secrecy: the failure to share information between agencies and with the public allowed the attackers to succeed. “We’re better off with openness,” said Thomas Kean, the chair of the commission. “The best ally we have in protecting ourselves against terrorism is an informed public.”
But perhaps the biggest cost of keeping too many secrets is that it has blinded the United States to an emerging and potentially even more dangerous threat: new tracking and monitoring technologies that are making it increasingly difficult to conceal even the most sensitive information. Take the exercise app Strava, which allows athletes to record their runs and bike rides, among other activities, and share them with friends. In 2017, this seemingly innocuous app became a national security nightmare after a student in Australia began posting images that showed the activities of American Strava users on what appeared to be forward operating bases in Afghanistan and military patrols in Syria. Others quickly generated maps of a French military base in Niger and of an Italian base and an undisclosed CIA site in Djibouti. Soon, it became clear that Strava data could be used not only to reveal the inner workings of such military installations but also, with a few tweaks, to identify and track particular individuals.
Hundreds of similar apps track the locations of unwitting Americans every day, collecting information that is bought and sold by data aggregators. One such company, X-Mode, collects, aggregates, and resells location data so granular that it can track the movements of individual devices and even determine their hardware settings. X-Mode collects this information through its own applications, but it also pays app developers who use X-Mode’s software developer and its location-tracking code for their data. According to a 2019 news report, X-Mode had access to location information for an average of 60 million global monthly users. In late 2020, Apple and Google banned X-Mode from collecting location information from mobile devices running their operating systems, but the tracking technology remains widespread.
X-Mode is the best-known location-tracking data aggregator, but it is far from the only company taking advantage of publicly available information to track people’s private lives. The New York–based company Clearview AI has devised a groundbreaking facial recognition app that allows users to upload photos and run them against a database of more than three billion images scraped from Facebook, Venmo, YouTube, and millions of other websites to identify the people in the photos. Federal and state law enforcement agencies have found the app to be much better than the FBI’s own database for tracking down criminal suspects. In 2019, the Indiana State Police solved a case in 20 minutes after uploading to Clearview an image from a cell phone video shot by a bystander to a crime. The man identified as the criminal suspect did not have a driver’s license and was not in any government database, but someone (not the man himself) had posted a video of him on social media along with a caption containing his name. He was quickly arrested and charged.
Keeping too many secrets has blinded the United States to an emerging and dangerous threat.
The rise of the Internet of Things—networked devices—means that more information is being collected about people’s daily lives than ever before, including vast troves of voice data generated by voice-operated assistants such as Amazon’s Alexa. In a 2017 report, Dan Coats, the director of national intelligence, identified the cybersecurity vulnerabilities produced by the Internet of Things as a key threat to national security. But the report focused narrowly on the physical dangers that sophisticated cybertools might pose to consumer products such as cars and medical devices and did not address the threats that these tools might pose to information security. Late last year, Congress enacted the Internet of Things Cybersecurity Improvement Act, which established minimum security requirements for connected devices. But the law applies only to devices sold to the federal government. Private citizens are on their own. And devices are hardly the only way that companies collect personal information. Facebook makes third-party plug-ins, such as “like” and “follow” buttons and tracking pixels, that its advertising partners can add to their own, non-Facebook websites and applications. These plug-ins, in addition to collecting data for Facebook partners, enable Facebook to monitor the online activities of its users even when they are not on its site.
The spies that necessitated the Espionage Act a century ago have largely been replaced by this ubiquitous tracking and monitoring technology. If an app can expose the location and identity of U.S. soldiers on forward operating bases in Afghanistan, it can do the same to intelligence officers working at the CIA’s headquarters, in Langley, Virginia, or even to the secretary of defense and his or her family members. Forget trying to place operatives under cover again. No matter how careful they have been to keep their identities off the Internet, their friends’ photos of them on Facebook and Instagram and inescapable surveillance videos that data aggregators and their customers can easily access will make it nearly impossible to hide their true identities and contacts, much less the identities and whereabouts of their families and friends.
The U.S. government may have refrained from sounding the alarm in part because its own intelligence agencies are exploiting such vulnerabilities themselves. Documents disclosed by WikiLeaks in 2017, for instance, revealed that the CIA had exploited a vulnerability in Samsung-connected televisions to use them as covert listening devices. But while the U.S. government has kept mum, private industry has met and sometimes surpassed authorities’ ability to collect information. Nongovernmental organizations working in conflict zones now crowdsource conflict-related information that is often as good as or better than the information gathered by U.S. intelligence agencies. At the same time, private satellite companies provide on-demand access to sophisticated satellite imagery of practically any location on earth. In short, the government no longer has a monopoly on the information that matters.
In the national security world, there is a concept known as “the mosaic theory.” It holds that disparate, seemingly innocuous pieces of information can become significant when combined with other pieces of information. This theory is one reason why the vast majority of individuals with access to classified information are told that they cannot judge what information should be classified. A document that appears meaningless might, when put together with other information, give away an important piece of the mosaic to an adversary.
Historically, intelligence analysts have pieced together bits of information to complete the mosaic. As specialists in their fields, good analysts come to know when a seemingly inconsequential piece of information may be significant in context. The advent of big data, combined with artificial intelligence, promises to upend this traditional approach. To understand why, consider the breakthrough made by the retail giant Target almost a decade ago. Like most companies, Target assigns its customers ID numbers tied to their in-store cards and to their credit cards, names, and email addresses. When a customer makes a purchase, that information is collected and aggregated. In 2012, a statistician working at Target figured out that he could use this information, together with purchase information from women who had set up baby registries, to determine who was likely pregnant. Women who were pregnant started buying unscented lotion, for instance, and they were more likely to purchase calcium, magnesium, and zinc supplements. Using this information, Target was able to create a “pregnancy prediction score,” calculate where women probably were in the course of their pregnancies, and send women coupons for products they may need. This technology only came to public attention after an angry customer complained to a manager at Target that the company was sending mailers to his daughter that clearly targeted pregnant women. Later, he called to apologize: “It turns out there’s been some activities in my house I haven’t been completely aware of. She’s due in August. I owe you an apology.”
That was one company monitoring one set of purchases nearly a decade ago with the help of a simple statistical analysis. Now consider what an adversary could do if it combined that kind of information with similar information from a variety of databases and then used modern artificial intelligence to detect patterns.
This is likely already happening. China is suspected of collecting the personal data of millions of Americans. William Evanina, former director of the U.S. National Counterintelligence and Security Center, warned in early 2021 that China had stolen personal information belonging to 80 percent of Americans, including by hacking health-care companies and smart home devices that connect to the Internet. In April, federal investigators concluded that Chinese hackers may have scraped information from social media sites such as LinkedIn to help them determine which email accounts belonged to system administrators, information that they then used to target Microsoft’s email software with a cyberattack. In other words, China appears to have built a massive data set of Americans’ private information using data illegally obtained and scraped from publicly available websites.
In March 2014, Chinese hackers broke into computer networks of the U.S. Office of Personnel Management, which houses personal information of all federal employees, and obtained the files of tens of thousands of employees who had applied for top-secret security clearances—including me. Although these files were not classified, they contained valuable national security information: the identities of government employees with top-secret clearances, as well as their family contacts, overseas travel and international contacts, Social Security numbers, and contact information for neighbors and friends. Combined with the database of Americans’ personal information, this information has likely put China in a position to determine which federal government employees with top-secret access are carrying large credit card debts, have used dating apps while married, have children studying abroad, or are staying unusually late at the office (possibly signaling that an important operation is underway). In short, while the U.S. government has been wasting its energy protecting classified information, the vast bulk of which is unimportant, information with much greater national security value has been left out for the taking.
The current U.S. national security system was designed to protect twentieth-century secrets. At the time the system was created, most important national security information was in the government’s hands. It made sense to design a system devoted almost entirely to keeping spies from obtaining that information and preventing insiders from disclosing it. Today, however, government information has been eclipsed by private information. The United States needs an approach to national security information that reflects that new reality. It must fundamentally reform the massive national security system that has created a giant edifice of mostly useless classified information and reduce the amount of private information that is easily attainable.
In pursuit of the first aim, the United States should start by imposing an automatic ten-year declassification rule for all classified information. Currently, all classified records older than 25 years are supposed to be automatically declassified, but there are so many exceptions to that rule that many documents remain secret for a half century or more. It took until 2017 to declassify 2,800 classified records relating to the assassination of President John F. Kennedy, for instance, and even then the Trump administration held some records back.
A ten-year declassification timeline should have only two exceptions: information classified as “restricted data” under the Atomic Energy Act and information identifying intelligence agency informants who are still alive. Decisions about whether declassifying any other information might harm national security should be left to an independent review board made up of former government officials, historians, journalists, and civil rights advocates. A government agency facing the automatic declassification of information it deemed potentially harmful could appeal to the board to extend the classification period—in essence, forcing the agency to justify any deviation from the rule. By making declassification the default, such a rule would incentivize the government to adequately resource the review process and to allow it to take place in a timely manner.
China is suspected of collecting the personal data of millions of Americans.
The government should also harness the power of artificial intelligence and machine learning to identify cases of overclassification. Individual government employees who routinely overclassify information relative to their peers could be identified, notified that they classify documents more often than others, and encouraged to be more careful to assess the true need to classify. Artificial intelligence may also eventually be able to suggest classification levels at the time employees are writing documents or emails, to challenge incorrect classification decisions at the time they are made, and to review the classification of stored documents.
Ending mass overclassification would free officials to think more creatively about addressing the emerging threat posed by enormous troves of readily available personal data. Washington can begin by following the lead of Beijing, which despite being an intrusive surveillance state recently enacted one of the strongest data privacy laws in the world—likely not primarily to protect its citizens’ privacy but to prevent their data from being collected and exploited by foreign adversaries. The law applies to all entities and individuals, both inside and outside China, that process the personal data of Chinese citizens or organizations, imposing controls on the data and allowing Chinese citizens to sue if the information is stolen, misused, or corrupted. In so doing, the law discourages companies doing business in China from collecting and retaining personal data that could be of interest to foreign intelligence services. In other words, China is working to close the door to foreign powers seeking to exploit the personal data of its citizens, while the United States has left that door wide open.
Privacy in the United States, meanwhile, relies on a patchwork of federal and state laws, each of which addresses elements of the problem, but none of which is comprehensive. For years, civil liberties groups have been calling on the federal government to protect the private information of individuals, but those calls have gone mostly unheeded. Today, however, it is increasingly clear that protecting the privacy of Americans is necessary not just to ensure their civil liberties but also to defend the country.
A twenty-first-century approach to national security information requires greater attention to privacy.
Congress should start by expanding to all Internet-connected devices the same security requirements that currently apply only to those such devices that the government owns or operates. One subset of Internet-connected devices poses an especially acute danger: those that monitor the human body. These include fitness trackers that are worn on the body but also devices that are implanted or inserted into it: pacemakers, cardioverter defibrillators, and “digital pills” with embedded sensors that record that the medication has been taken. To reduce the vulnerability of these devices to hacking, federal regulators must require manufacturers to improve their security protocols.
The government should also give consumers new and better tools to control the data that companies collect about them. The Information Transparency and Personal Data Control Act, introduced in March by Representative Suzan DelBene, Democrat of Washington, would require “opt in” and “opt out” consent and “plain English privacy notices.” These measures would certainly be improvements over the status quo. But research shows that consumers tend not to read disclosures, so even clear individual opt-in and opt-out requirements may not limit data collection from unwitting consumers. The proposed legislation would also preempt state laws that may be more protective than the federal law, meaning that it may actually reduce protections in some places. A better option would be for Congress to enact a federal law that follows the example recently set by California, requiring businesses to respect individuals’ choices to universally opt out of data collection. That would be an important step toward giving control back to consumers.
Last, Congress should create an independent federal agency to monitor and enforce data protection rules. The United States is one of only a few democracies that does not have an agency dedicated to data protection. Instead, it relies on the Federal Trade Commission, which has many competing obligations. The proposed Data Protection Act of 2021, introduced in June by Senator Kirsten Gillibrand, Democratic of New York, would create an agency to “regulate high-risk data practices and the collection, processing, and sharing of personal data”—in particular, by data aggregators. Establishing such an agency would also allow the federal government to develop expertise in data privacy issues and to respond more quickly and effectively to new challenges and threats.
The inventor Charles Kettering once observed that “when you lock the laboratory door, you lock out more than you lock in.” In the early twentieth century, when the current classification system took shape, the information worth protecting was mostly located inside federal agencies, so locking the door made some sense. Today, however, Kettering’s observation applies more than ever. Private entities have access to more, and in many cases better, information than the government, so locking the door only isolates federal agencies without protecting much information worth keeping secure.
What a twenty-first-century approach to national security information requires is greater attention to privacy. Yet the United States has done little to protect the information about ordinary citizens that in a world of artificial intelligence and machine learning poses a growing threat to national security. The United States spends billions of dollars to protect classified information, much of which is already readily available from public sources. But it does little to enable its citizens, including those in important government positions, to keep their private lives from being documented, tracked, and exposed. In so doing, it is leaving pieces of the mosaic of U.S. national security lying around for its adversaries to gather up and put together.
Why U.S. Intelligence Agencies Must Adapt or Fail