Fighting online leaks

When a classified CIA overview of the U.S. intelligence community appeared

on the Internet this month, it raised serious questions in national security

circles about how the Digital Age has popped the top off classified information.

The CIA had prepared the briefing documents for Japanese intelligence

officials and had included the names of hundreds of Japanese security agents,

as well as the author's home telephone number, e-mail address and secure

satellite telephone number.

The online posting of the briefing is the latest incident in a string

of leaks that has the intelligence community and Congress up in arms (see

box). Intelligence experts point to a fundamental breakdown in discipline

as the likely culprit behind the seemingly unending leaks.

John Young, a New York City-based architect, runs the World Wide Web

site Cryptome. For the past six years, he has collected and posted to the

site a library's worth of documents that pertain to intelligence and encryption

from people who have access to sensitive or classified information.

He first posted the CIA overview briefing shortly after receiving it

from Noda Hironari, a former officer in Japan's Public Security Investigation

Agency.

Young received a direct request from the FBI to remove the documents

from his Web site, but he defended his decision to keep the briefing online

on the grounds that a court had not ordered him to remove the documents.

"The stuff comes in pretty much ready to read," Young said.

However, deciding whether to post an item is rarely an issue, he said.

"We don't really get that much sent to us that is controversial, much less

classified," Young said. "So when we do get a hot item, it's almost sure

to be offered."

Young said he recalls only one item in the past four years that he did

not post. That document included the specifications of a commercial encryption

chip. The source of the document eventually gave Young permission to post

it, and he did.

However, the disclosure of sensitive intelligence information, including

the names of agents and other sources and methods, has the CIA and Congress

concerned. Congress, in a report on the fiscal 2001 intelligence authorization

bill, ordered the CIA to produce a report by December outlining all security

leaks that have taken place since 1998, including the damage the leaks have

caused.

All Access

A spokesperson for the CIA acknowledged that the agency views the problem

primarily as a personnel issue but said the Internet now provides access

to thousands of people who otherwise would not have had it.

"You have to question what the utility of doing this is," the spokesperson

said. "We are very concerned about any leaks of classified information,

particularly when it concerns possible disclosure of sources and methods."

Steven Aftergood, an intelligence specialist who runs the Federation

of American Scientists' Project on Government Secrecy, said the leaks stem

from a combination of factors, including an erosion of discipline, a loss

of respect for the classification system and the increased ability to disseminate

information.

"Although people still sign nondisclosure agreements in which they make

a solemn commitment to respect classification restrictions, it seems that

more and more people are prepared to renege on that commitment," Aftergood

said.

The intelligence community has been slow to adapt to the Digital Age

and is in desperate need of a major policy overhaul, particularly in the

area of classification policy, Aftergood said. However, the policy will

likely be "wait and see what happens," he said.