National Security is partly dependent on a reliable Sensitive Document control procedure. It is not a good idea to let sensitive information get into anyone's hands not having a need-to-know. Procedures, some classified, have been developed to control document (information) distribution. The procedures are time consuming, not what a person's primary job is, and hence prone to be glossed over or partially ignored. This article about security classification is based on my experiences in the days when I was employed and had a security clearance.
Security classification of emails has been in the news lately, so my view of secure documents is timely and maybe of interest. My view of security classification is from the days when I was employed and had a security clearance. I suspect the rules have softened some since then; one of those slippery slopes. My first encounter with classified documents was at the Restricted level in the 50s. That level was retired in the late 50s as being too compromised. Confidential level then became the lowest level classification.
I have a restricted document in my archives. It contains some of my earliest engineering work.
For much of my working career, I had a Top Secret (plus) clearance and had to read and write a lot of classified papers. Much of my classified work was before email (before computers) so mothing classified was emailed. Later email came along but was an infant. It was never used in my day to disseminate classified material. I have no idea what current guidelines for emails are, but the end result should be the same as for the hard copy documents I dealt with.
My clearances were with the Department of Defense, the National Security Agency, and the Central Intelligence Agency. Each had procedures tailored to their work. I presume that is still the case.
Classification levels in my day were Unclassified, Confidential, Secret, and Top Secret. There were others classifications but I am still not allowed to even name them (a criminal offense), much less discuss them, nor is anyone else who knows of them. That said, I have heard on TV vague mentions of them by Congressmen and other government officials.
There were very special rules for writing, reading, and distributing such documents. It goes without saying that you had to have the proper security clearance before even looking at the cover of a classified document. The rules applied to everyone from the CEO to the Janitor. Documents at secret level or below could be mailed as registered mail return receipt required. Higher level classified documents never went to the post office. They were delivered by couriers, always at least two, and never out of their sight.
They were stored behind two sets of closed doors with combination locks. During working hours there were guards at both doors. To see a document you had to sign a log book and then read it in the special secure reading/writing room and return it when finished. The document vault could not be secured (locked) at night until all documents had been returned. If you were writing one, you wrote it in that room as well.
We were instructed to err on the side of classifying at the next higher level.
Rules When Writing. The author was responsible for classifying and marking each paragraph as well as the page the paragraph was on. Once written, the classifications were reviewed and corrected by a second person. Even questionable unclassified papers were second person reviewed. Classification levels were defined in a program specific Security Guidelines Document (also classified.)
Rules When Reading Classified Material. If you were reading a paragraph marked unclassified in a classified paper and you thought it might be classified, you were to alert the Data Management and Security personnel who would take action to review and correct the classification against the Security Guidelines Document. Corrections were then made to all copies of the paper and the replaced pages were destroyed by burning by security persons. The same rules held for paragraphs classified lower than the content dictated.
Rules When Reading Unclassified Material. If you were reading an unclassified document or paper and suspected something in it might be classified, you were to alert Data Management and Security personnel. If it was determined the information was, in fact classified, every means possible was taken to recover and reclassify or destroy all copies of the document or paper. The original author was warned to be more careful in the future. I believe the warning was in writing, but I’m not sure of that. At any rate an author did not want to get that warning, even once. Too many errors would get your clearance revoked, possibly get your employment terminated, and (worst case) get you jailed as well. The death penalty was the worst that could happen.
Rules When Sending. Distribution of marked classified papers was kept to a minimum, usually one at each physical location associated with a program. Records were kept of where each copy went. Signatures of recipient custodians were required. Distribution of unclassified papers related to a classified program were also kept to a minimum. Distribution lists were kept. Unclassified papers and documents could be copied by a recipient and the copy given to someone else so the information could get into unknown hands. A few programs routinely classified every letter, paper, or document to avoid that situation.
Modern Ways versus Old Way.
The modern electronic way is fast. Documents are probably almost never seen in hard copy. Electronic security is relied on and assumed to work. Time and again, over and over, reports have surfaced showing it does not. The hard copy way was slower but absolutely no part of it was electronically connected to anything. The rooms housing security tasks and documents were windowless, guarded, and both magnetically and electrostatically shielded from the outside world. There were no phone lines into the secure area, thus no phones. The power lines were filtered to prevent any electronic signals from PCs or electric typewriters (devices from the past) from leaving the room. All garbage and trash (including carbon paper) was treated as classified and burned under guard by the security force.
In my day no one such as Edward Snowden would have access to documents for more than one program.
To which method, old or new, would you trust your credit card? Or your life?
The You can probably guess how I feel about current security. If you can’t it’s this: the bottom of the slippery slope is being reached and serious breaches of security have occurred. The blame lies jointly with the bureaucracy (relaxed guidelines) and many individuals (placing self-convenience over national-concern).