20 20 A Vision for the Digital Age: Modernization of the U.S. National Security Classifcation and Declassifcation System RECOMMENDATIONS SUBMITTED by the PUBLIC INTEREST DECLASSIFICATION BOARD MAY 2020 Table of Contents Letter to the President ii Why the Public Interest Declassifcation Board Did This Study iii Executive Summary 1 A Vision for the Digital Age: Modernization of the U.S. National Security Classifcation and Declassifcation System 6 Appendices: A Biographies of Contributing Members 19 B Public Law 106-567 24 C A White Paper of the Public Interest Declassifcation Board, The Importance of Technology in Classifcation and Declassifcation, June 2016 34 . May 26, 2020 Te Honorable Donald J. Trump President of the United States Te White House Washington, DC 20500 Dear Mr. President: Te FY 2020 National Defense Authorization Act that you signed into law on December 20, 2019, included a provision reauthorizing the Public Interest Declassifcation Board. With this reauthorization, the members of our Board continue to advocate for modernizing classifcation and declassifcation policies and processes as a means of cutting costs, improving agency digital business practices, combating over-classifcation, improving declassifcation, and establishing a transformed, credible security classifcation system. Today, in this report, we ofer recommendations that strongly support your directives and policies to modernize Government Information Technology (IT) by laying out our vision for a future system of classifcation and declassifcation that will operate efectively and efciently in the digital environment. We build upon our previous work by ofering new recommendations for how to achieve these goals. Transformation will be difcult. When it comes to declassifcation, the Government is still in the analog age. Te current system was created before the United States entered World War II, and it remains entrenched today. Despite rapid increases in the volume and variety of digital data, the Government still relies upon inefcient and inefective paper-based processes. Te momentous change that is required cannot be achieved without Presidential leadership to drive reform. As a part of this report and set of recommendations, we propose that you designate a cabinet-level Executive Agent responsible for designing and implementing a new security classifcation system for the digital age. We further recommend that the Executive Agent, working with an Executive Committee, should have authority to implement changes across agencies and at the enterprise level. Te longer the Government waits before adopting new technology in this area, the exponentially further behind it will be in making much needed reforms. Te PIDB stands ready to answer any questions you or members of the Executive branch may have about our report. We also are eager to help improve policies governing classifed national security information, aid our national security, enhance transparency, and support the Government’s IT modernization eforts across the Executive branch. Tank you. Sincerely, Trevor W. Morrison James E. Baker Chair, 2016–2018 Acting Chair, 2018, 2019–2020 A Vision for the Digital Age PIDB VISION FOR THE FUTURE Our vision is a uniform, integrated, and modernized security classifcation system that protects national security interests and instills confdence in the American people and is also sustainable in the digital environment. The declassifcation business model that we envision for the future centers on (1) organizing for success via a more unifed and federated enterprise-level, system-of-systems approach to declassifcation; and (2) acquiring and adopting technologies and processes that leverage cutting-edge IT, telecommunications innovation, and systems development. STRATEGIC POLICY CHANGE: HOW TO DO IT The PIDB developed specifc Concepts and Recommendations for modernizing the declassifcation of Federal Government records going forward. 1. Designate an Executive Agent (EA) and Executive Committee with authorities and responsibilities for designing and implementing a transformed security classifcation system. 2. Organize the national security declassifcation community into a federated National Declassifcation System (NDS). Operate the NDS in a system-of-systems enterprise to streamline and modernize classifcation and declassifcation policies, processes, and technologies. 3. Empower the National Declassifcation Center (NDC) with the authorities and responsibilities to oversee the implementation of the NDS system-of-systems enterprise approach for managing classifed information across the Executive branch, and working with the originating and equity-owning agencies. STRATEGIC TECHNOLOGY CHANGE: HOW TO DO IT 1. Transition to using technology, including tools and services for managing Big Data, Artifcial Intelligence, Machine Learning, and Cloud storage and retrieval, to produce systems and services which support automated classifcation and declassifcation. This transition should institutionalize research and development activities across Government, incentivize private industry participation in these areas, and reform technology acquisition. IMMEDIATE IMPACT: NEAR-TERM IMPROVEMENTS 1. Direct the Secretary of Defense, the Director of National Intelligence, and the Secretary of Energy to develop a unifed or joint plan and to assist the Archivist of the United States in modernizing the systems in use across agencies for the management of classifed records, including electronic records. 2. Deploy technology to support classifcation and declassifcation automation. 3. Implement secure information technology connectivity between and among all agencies managing classifed information, specifcally including the National Archives and Records Administration (NARA), which manages the NDC and classifed records of the Presidential Libraries. 4. Empower the NDC to design and implement a process to solicit, evaluate, prioritize and sponsor topics for declassifcation Government-wide, in consultation with the public and Government agencies. 5. Develop a new model for accurately measuring security classifcation activities across Government, including all costs associated with classifcation and declassifcation. 6. Simplify and streamline the classifcation system; decide how to adopt a two-tiered classifcation system. ~ 1 1/ 1 'I f~I PIDB WHY THE PIDB DID THIS STUDY There is widespread, bipartisan recognition that the Government classifes too much information and keeps it classifed for too long, all at an exorbitant and unacceptable cost to taxpayers. Despite the Government’s signifcant fnancial investment in the security classifcation system, overclassifcation continues to impede the appropriate sharing of information. Inadequate declassifcation contributes to an overall lack of transparency and diminished confdence in the entire security classifcation system. This trend may encourage dangerous information leaks from within Government. The time is ripe for envisioning a new approach to classifcation and declassifcation, before the accelerating infux of classifed electronic information across the Government becomes completely unmanageable. The status quo for classifcation and declassifcation is ineffective and will not work in the digital age. The Government needs a paradigm shift, one centered on the adoption of technologies and policies to support an enterprise-level, system-of-systems approach. The Public Interest Declassifcation Board (the PIDB) continues to advocate for the modernization of classifcation and declassifcation policies and processes across Government as a means of combating over-classifcation, improving declassifcation, and ensuring a credible security classifcation system. To aid this effort, the PIDB presents this vision for the future security classifcation system. Executive Summary ......................................................................................................................................................................................................................................................... T here is widespread, bipartisan recognition that the Government classifes too much information for too long, at great and unnecessary cost to taxpayers. Tis problem is getting worse, as the volume of classifed information grows at an increasing rate. Current policies, practices, and technologies for managing classifed information must be modernized for the digital age. Te time is ripe for envisioning a new approach to classifca- tion and declassifcation, before the accelerating infux of classifed electronic information across the Government becomes completely unmanageable. Te status quo for classifcation and declassifcation can no longer function without a paradigm shif focused on the adoption of technologies required to implement A Vision for the Future of Classification and Declassification Our vision projects a uniform, integrated, and modernized security classifcation system that appropriately defends national security interests, instills confdence in the American people, and maintains sustainability in the digital environment. Te declassifcation business model that we envision for the future centers on: (1) organizing for success via a more unifed and federated enterprise-level, system- an enterprise-level, system-of-systems for Government infor- of-systems approach to mation management. declassifcation; and (2) acquiring and adopting technologies and processes Te Public Interest Declassifcation Board (PIDB) ofers this vision statement, developed to aid in constructing the integrated security classifcation system so urgently needed today: that leverage cutting-edge IT, telecommunications innovation, and systems development. 1 .......................................................................................................................................................................................................................................... Strategic Policy Change: How To Do It 1. Designate an Executive Agent (EA) and Executive Committee with authorities and responsibilities for designing and implementing a transformed security classifcation system. Te EA should develop a long-term strategy for the sustainability of Government-wide reform efforts, potentially assigning authorities and responsibilities to an Executive Committee. Te best initial choice is the Director of National Intelligence (DNI). As the leader in the successful implementation of the Intelligence Community Information Technology Enterprise (ICITE), the Ofce of the Director for National Intelligence (ODNI) has the expertise and experience to design and implement a transformed security classifcation system. In fulflling this role, the DNI should work closely with White House innovation and IT initiatives and with the Ofce of Management and Budget (OMB). OMB is accountable to the President and the Congress, already manages interagency processes, and understands and holds a stake in identifying costs and savings associated with executive-branch programs. Te Committee should be made up of appropriate senior leaders at departments and agencies with signifcant equities in this area—especially the ofces of the Director of National Intelligence, the Under Secretary of Defense for Intelligence, the Secretary of Energy, and the Archivist of the United States—and chaired by the DNI. 2. Organize the national security declassifcation community into a federated National Declassifcation System (NDS), operating as a system-of-systems enterprise to streamline and modernize classifcation and declassifcation policies, processes, and technologies. Programmatic and technical requirements will provide a risk-based, output-oriented architecture supporting timely public access to historically signifcant and permanently valuable information that will aid end-users, especially policymakers and historians. 3. Empower the National Declassifcation Center (NDC) with the authorities and responsibilities to oversee the implementation of the NDS system-of-systems enterprise collective approach for managing classifed information across the Executive branch, working with the originating agencies. Only with adequate resources and with strict implementation deadlines and mandates for managing collective resources to support shared outcomes can the NDC achieve the potential for improvement. Te NDC requires authorities to act, sanction, and fund the NDS. It must have oversight, tracking, and coordination responsibilities for the NDS, operating with records holders as a federated and cooperative collective. Leadership at the NDC should have sufcient interagency experience and qualifcations, including the ability to perform Federal acquisition functions that underpin research and development of the new technologies and architectures necessary to achieve the long-term potential of a cost efec2 tive NDS. Management must coordinate the NDC authorities and the NDS collective, while remaining mindful of Federal department and agency equities. Strategic Technology Change: How To Do It 1. Transition to using technology, including tools and services for managing Big Data, Artifcial Intelligence, Machine Learning, and Cloud storage and retrieval, to produce systems and services that support automated classifcation and declassifcation. Tis transition should institutionalize research and development activities across Government, incentivize private industry participation in these areas, and reform technology acquisition. Capitalize on the current IT success of emerging and existing information technologies and communications to galvanize the modernization of the classifcation and declassifcation system. Te President’s Management Agenda1 promotes and is poised to drive a modernized, multi-generational IT infrastructure change across the Government. Tese aligned eforts must bridge public-private industry opportunities and work across agencies in coordination with stakeholders, including allies. The Importance of Making These Choices: Systemic Issues Impeding Transformation 1. Outdated and excessively costly, the current method for classifying and declassifying national security information remains unsustainable in the digital information age. As all media become fully digital, analog technology and paper records become practically inaccessible and dysfunctional. 2. Te costs of the security classifcation system are staggering (reported to be an estimated $18.39 billion in FY 2017), yet resources for declassifcation remain woefully underfunded, while over-classifcation and the declassifcation backlog give rise to leaks and inadvertent disclosures that damage national security imperatives.2 3. By continuing to unnecessarily classify and over-classify information without timely declassifcation and strategic transformation of the information system, the volume and diversity of records inaccessible to policymakers and the public will only continue to increase. 4. Current practices diminish public confdence in the security classifcation system, impede appropriate information-sharing within the Government, and reduce the open discussion of our national history that is so critical to the democratic process. Te Government struggles to increase transparency and to demystify its classifed activities. 5. Outdated technology, insufcient stafng, and a limited budget undermine the mission of the NDC and the National Archives and Records Administration (NARA), which need an infux of resources to improve their capabilities. 3 Our vision for the future 6. At present, NARA simply cannot manage any volume of classifed elec- state of classifcation and tronic records, while its ability to manage unclassifed electronic records declassifcation calls for remains severely limited by inadequate resources. In the very near future, a sustainable security classifcation system transformed to operate in a fully digital information environment. It will support the current lack of basic resources will prevent NARA from storing and managing all formats of classifed and unclassifed records, whether analog or digital. Without immediate action, NARA’s ability to implement its mission remains unlikely to improve in the near-term. and enhance the classifcation and declassifcation of all government information, especially the records most relevant to historians, researchers, and ··········································································································································································· Immediate Impact: Near-Term Improvements Te systemic change we envision and advocate is vitally and urgently important. policymakers. A system-of- It will also require substantial commitment and efort at a Government-wide systems design will support level. (See Figure 1 for an example showing the dramatic growth in digital assets this modernized architecture created in recent Presidential administrations now stored at NARA). While pur- by pooling resources, talent suing that change, however, we also identify a number of immediately feasible and capabilities to support a improvements to the current system that could be made now: more complex organization capable of providing improved functionality and performance in classifcation and declassifcation across agencies. 1. Direct the Secretary of Defense, the Director of National Intelligence, and the Secretary of Energy to assist the Archivist of the United States in modernizing the systems used across agencies for the management of classifed records, including electronic records. 2. Deploy technology to support classifcation and declassifcation automation. 3. Implement secure information technology connectivity between and among all agencies managing classifed information, specifcally including NARA, which manages the NDC and the classifed records of the Presidential Libraries. 4. Direct the NDC to design and implement a process to solicit, evaluate, prioritize, and sponsor topics for declassifcation across the Government, in dialog with Government agencies and the public. 5. Develop a new model for accurately measuring security classifcation activities across Government, including all costs associated with classifcation and declassifcation. 6. Simplify and streamline the classifcation system; decide how to adopt a two-tiered classifcation system. 4 Figure 1 Increase in Digital Assets Within Presidential Libraries National Archives and Records Administration 1989–2017 300 250 250 200 150 100 80 50 0 <2 4 George H. W. Bush Presidential Library William J. Clinton Presidential Library ■ George W. Bush Presidential Library Barack H. Obama Presidential Library Terabytes of Digital Assets Te rapidly expanding volume of electronic records accessioned by each new Presidential Library, compounded by a growing variety of digital assets, challenge the legacy systems that still process Federal records. While digital collections at the George H. W. Bush and William J. Clinton Presidential Libraries mainly include email records, the Presidential Libraries of George W. Bush and Barack Obama maintain a complex array of digital assets that range from email to a variety of datasets, websites, videos, and social media. Analog formats and unstructured data embedded in the archival accessions further underscore the need for Government-wide innovation and modernization in classifcation and declassifcation. 5 A Vision of the Future State of Classifcation and Declassifcation ........................................................................................................................................................................................................................................... Background: Challenges in the Current Paradigm C lassifcation and declassifcation policies and processes have not kept pace with the rapid explosion of data in the digital information age. As the volume of digital information that the Government must manage grows exponentially, agencies remain unable to adequately manage and exploit today’s Big Data resources, let alone prepare for the tsunami of digital information anticipated in the years ahead. For an example of how this digital explosion afects the Presidential Libraries within the National Archives and Records Administration (NARA), see Figure 1 on the preceeding page. Te Internet revolution, the transition to email and other forms of instantaneous communications, and the pervasive use of social media applications have profoundly altered the way the Government conducts business, and how agencies perform their missions, while producing unprecedented volumes of data in need of appropriate organization, management and control.3 As a result, the unmet, Government-wide need to manage proliferating volumes of sensitive and classifed digital information in a sound and consistent manner raises serious concerns. Currently, management of classifed information largely follows established analog and paper-based models long in place at agencies. Executive branch classifcation, declassifcation, and records management functions have fallen dramatically behind in anticipating and preparing for the current infux of digital information. Te failure to modernize information access—both for the public and for ofcials inside the Government—incurs signifcant fnancial costs. It also undermines public confdence in the credibility and competence of Government ofcials and Federal institutions. Te security classifcation system itself imposes much of these costs. Te expectation of more efcient access by users of Government information and the normalization of an open information environment in society at large increases the need to protect Government secrets vital to national security and those secrets alone. To provide the appropriate and necessary access to, and safeguarding of, Government information, agencies must modernize information governance, transforming classifcation and declassifcation so that the Government functions efectively and efciently in the digital information environment, while preparing to better manage classifed information in the future. 6 ........................................................................................................................................................................... Assumptions, Principles, and Drivers for a Future Vision Te digital environment inherently links information management functions, including classifcation, declassifcation, records management, and information security. Only cooperative and complementary reform eforts can modernize these linked but outmoded Government functions. Te strategic principles of Previous PIDB recommendations called for an examination of technology solutions to aid classifcation and declassifcation, both by automating current workfow processes and by assisting decisionmaking. We have previously reducing over-classifcation, improving declassifcation, and ensuring a credible noted the successful develop- security classifcation system must guide this programmatic transformation. ment of a decision-support technology created at the Information management faces major resource constraints, especially in request of the CIA and NARA declassifcation. Considering its Government-wide mandate, the lack of at the Center for Content adequate funding and technology for the National Declassifcation Center (NDC), located within the NARA, is particularly noteworthy. Without signifcant resource investment in the NDC, responsibility for managing declassifcation and handling classifed information falls to individual departments and agencies, and to NARA, all of which lack sufcient funding and technology for these critically important processes. Although individually responsible for managing classifed information, each agency needs to apply a new set of governance and organizing principles to amend and strengthen relationships between their organizations in order to support a Government-wide, system-level approach to declassifcation. Te Understanding (CCU) at the Applied Research Laboratories at the University of Texas at Austin. At the CCU, scientists examined the ability to achieve machine-assisted sensitive content identifcation in classifed records and developed the Sensitive Content Identifcation and Marking (SCIM) tool. Te pilot examined 87,000 email records from the government as a whole needs to design and implement a more integrated, fed- Reagan Administration using erated, and centralized system that adopts a virtual and community-centered a combination of Natural method of declassifcation with technology at its core. Language Processing, expert systems, Machine Learning, A modernized declassifcation system must ultimately account for the functions critical to end-users—both public and Government—including policymakers and historians. Fundamentally, the system must be able to search, retrieve, and use previously declassifed archival data. Due to NARA’s resource constraints and its slow progress in managing electronic records, in some cases, a modernized system must shif the preservation of declassifed information from NARA to the originating departments and agencies. Without the funding needed to develop expertise and a technical alternative, and semantic knowledge representation to identify sensitive content. Te PIDB’s June 2015 public meeting featured experts who developed the SCIM tool and noted the pilot demonstrated substantially accurate identifcation of classifed information. continued on next page. 7 Te search for more NARA is unlikely to provide the large automated system required to manage sophisticated technology the volumes of classifed data currently generated (and ever greater volumes tools to assist classifca- expected in the future). tion and declassifcation decision-making continues. AI promises more accurate and timely classifcation and declassifcation if adopted as part of a Governmentwide technology investment strategy. AI can build on the successes of the SCIM tool and improve information sharing, downgrading, In the interests of simplifcation and standardization, the Records Access and Information Security Policy Coordinating Committee (RAIS PCC) chaired by the National Security Council (NSC) should decide how to adopt a twotiered classifcation system as the United Kingdom and other allies have done. When adopted, this change would refect the de facto state of classifcation in the digital environment, where information resides in systems on either a SECRET or TOP SECRET level. Appropriate controls and handling categories, as well as the implementation of the Government-wide Controlled Unclassifed Information (CUI) program, will remain part of the system. redaction, and declassifcation actions. AI provides the most promising technological capability that can ........................................................................................................................................................................... Vision Statement: a Long-Term Illustration of the Future System transform classifcation and declassifcation. Its potential reinforces the PIDB’s call for agencies to develop technology pilot projects, institutionalize research and development activities, and reform acquisition practices to advance classifcation and declassifcation technology A sustainable security classification system transformed to operate in a fully digital environment will support and enhance the correct classification and declassification of information in all forms, and identify information of historical and public policy interest. A system-of-systems design and architecture will support the modernized system, pooling resources and capabilities to deliver a structure capable of providing improved functionality and performance in classification and declassification across agencies.4 System-of-systems engineering will enhance classification and and architectures. declassification by developing processes, tools, and methods for designing, To see the in-depth CCU Wherever possible, the integral automation of processes will operate as the project briefng with visual re-designing, and deploying unique solutions to programmatic functions.5 cornerstone of the new system design. subject matter given in June 2015, please see PIDB’s Te adoption of a robust Risk Management Framework (RMF) is key to the meeting of June 25, 2015 automation of processes across all agencies. Te framework must be aligned and PIDB’s blog Transform- to agreed-upon goals and objectives. Risk must be better identifed, assessed, ing Classifcation: https:// responded to, monitored, and reported at a system-wide level.6 Te current transforming-classifcation. blogs.archives.gov/. 8 analog process of sequentially referring classifed records to multiple agencies with equities under review must be minimized to the greatest extent possible. Some level of agreed-upon risk tolerance must allow the NDC and each agency Te PIDB’s 2014 Report to the Presi- to make limited declassifcation decisions concerning the equities of other dent, Setting Priorities: An Essential agencies. Similarly, in classifcation, agencies need to consider risk tolerance when evaluating the implications that the classifcation of information has for information sharing and decontrol. Real-time decision-making in classifcation and declassifcation will occur with the assistance of advanced technologies, which, in pilot tests and in current use,7 conclusively demonstrate superior accuracy to human review. Content understanding, Machine Learning, Natural Language Processing, and other Step in Transforming Declassifcation, makes the case for the Government to adopt a centralized approach to topic-based prioritization and recommends specifc policy and process changes aimed at improving access to historically signifcant records most sought-afer by the public. advanced technologies will assist in searches of sensitive and classifed infor- With input from the public, agency mation. Artifcial Intelligence (AI) and other Machine Learning technologies classifers, declassifers and historians, will play a signifcant role in amplifying and complementing nuanced human decision-making in classifcation and declassifcation, improving the accuracy and timeliness of access to classifed records. 8 Te application of standards, rules, and guidance will be critical to the implementation and functionality of these technologies. NARA and the NDC will lead in establishing this governance with the assistance and input from key agencies, and by overseeing implementation rather than attempting to continue the current practice of employing declassifcation review at one physical location. the recommendations found in this supplemental report are meant to assist the Records Access and Information Security Policy Coordination Committee (RAIS PCC) in developing a Government-wide approach to fundamentally transforming the security classifcation system. Te PIDB concluded that automatic declassifcation should no longer be A universal “grand bargain” is necessary to defne the changing roles of NARA, the NDC, and key agencies in assigning appropriate authorities and responsibilities within a modernized system. NARA will play a pivotal role in the new declassifcation process, perhaps even in supporting the acquisition and development of technology, as well as by serving as the primary center for processing classifed records. NARA guidance and directives concerning records management, especially with regard to the requirements for universal electronic records management, will support the new declassifcation paradigm. Setting priorities for declassifcation will begin to mitigate ongoing resource constraints and the backlog of records in need of review at agencies. To appro- the sole policy driving declassifcation programming across government. In practice, automatic declassifcation has fueled a risk-averse process that limits quality declassifcation review, generates expensive re-reviews, and adds unnecessary costs to an overburdened system. As the volume of information continues to increase exponentially, topic-based prioritization ensures declassifcation review of records with the greatest potential use priately set priorities, the new system will implement better-defned rules for by the public, historians, public policy identifying “permanently valuable” classifed records that warrant systematic professionals and the national secu- declassifcation review, leaving the remainder for review only when requested rity community. Prioritization will by a researcher. more closely align with electronic continued on next page. 9 information management practices Crucial reforms to the system will include a tightening of defnitions and designed to ensure discovery and greater specifcity for categories requiring protection in the frst place. Some access to relevant information. measure of constraint on the system will be necessary to combat over-clas- Te Setting Priorities Report provided six recommendations in support of topic-based prioritization that gives greatest attention to records sifcation, a topic which requires broader study and more clearly defned outcomes to reverse the trend of excessive secrecy. Over-classifcation manifested in excessive secrecy is and will remain a serious challenge to appropriate information sharing and control. Te benefts of sharing classifed of public interest: information with properly cleared users outweighs the perceived detriments 1. Topic-based declassifcation should of inappropriate distribution. Classifcation need no longer be the default be the normal process rather than selection to ensure national security interests are adequately protected. Te the exception. future system will manage all classifed information to include Restricted 2. Te NDC, in consultation with the public and with agencies, should design and implement a process Data (RD) and Formerly Restricted Data (FRD) information and classifed Congressional records. to solicit, evaluate and prioritize standard topics for Governmentwide declassifcation. 3. End pass/fail determinations and identify necessary redactions for topic-based reviews. 4. Te Government should require agencies to develop and use new technologies to assist and improve declassifcation review. Strategy to Achieve the Future Vision: Recommendations to Facilitate Strategic Policy Change 1. Designate an Executive Agent (EA) and Executive Committee with authorities and responsibilities for designing and implementing a transformed security classifcation system. Te vision of a future security classifcation system transformed to oper- 5. Agencies and the NDC must im- ate in a fully digital information environment will require White House prove risk management practices. endorsement and leadership. Te President will need to designate an EA 6. Revisions to the current Executive responsible for designing and implementing the future paradigm. Te Order are needed to lessen the EA will need to develop a long-term strategy for the sustainability of burden of automatic declassifca- reform eforts, potentially realigning authorities and responsibilities for tion on agencies in support of topic-based declassifcation review. Setting Priorities also included a list of topics solicited from the stakeholders inside and outside Government. Tis list should provide a suitable starting the program to an Executive Committee made up of appropriate senior leaders at those departments and agencies most impacted (i.e. Ofce of the Director of National Intelligence, Ofce of the Under Secretary of Defense for Intelligence, the Secretaries of State and Energy, and the Archivist of the United States) and led by the Director of National Intelligence. point for Government policymakers to begin designing and implementing a In the new paradigm, the EA will ensure a centralized yet federated prioritization process. Government-wide collective by redefning organizational and governance 10 processes to serve the equities of both NARA and classifed information managers across the government. Te EA will also give consideration to establishing an acquisition approach and contracting techniques in support of innovation and IT tool development.9 Te best initial choice for the EA is the Director of National Intelligence. As the leader in the successful implementation of the Intelligence Community Information Technology Enterprise (ICITE), ODNI has the expertise and experience to design and implement a transformed security classifcation system. In fulflling this role, the DNI should work closely with White House innovation and IT initiatives and with the Ofce of Management and Budget (OMB). OMB is accountable to the President and the Congress, already manages interagency processes, and understands and holds a stake in identifying costs and savings associated with Executive branch programs. 10 Successful design and implementation of the future vision will require agency support, as well as public endorsement from leaders in the public interest groups and Sunshine in Government Community. Te PIDB can serve as a conduit for public participation and can continue to advise the President and the leaders of Congress on the transformation of the security classifcation system. 2. Deploy technology to support classifcation and declassifcation automation. Only strict implementation deadlines and mandates for increasing resources in support of shared outcomes can achieve the necessary improvement. Agencies must share resources, personnel, and programmatic functions in order to access the systems, technologies, tools, processes, and best practices required by the new architecture. Without accountability for sharing resources and implementing incremental changes on a universal timeframe, the future vision will not succeed. Successful adoption depends in large part on the active participation of all stakeholders. 3. Organize the national security declassifcation community into a federated National Declassifcation System (NDS), operating as a system-of-systems enterprise to streamline and modernize classifcation and declassifcation policies, processes, and technologies. In the new paradigm, programmatic and technical requirements are necessary for the modernization of classifcation, declassifcation, and information management. Te goal of these requirements will be to design a risk-based output-oriented architecture that supports timely public access to historically signifcant and permanently valuable information, and that implements modernized digital information management to aid end-users—especially Government policymakers and historians. Te requirements will need to ensure that applicable information assurance and security are used to support both the appropriate protection of classifed information, and to improve sharing throughout the records continuum model.11 11 4. Empower the NDC with the authorities and responsibilities to oversee the implementation of the NDS system-of-systems enterprise collective approach for managing classifed information across the Executive branch and working with originating agencies. Te NDC will require authorities to act, sanction, and fund the NDS. It must have oversight, tracking, and coordination responsibilities for the NDS. Leadership at the NDC should have sufcient interagency experience and qualifcations, including the ability to perform Federal acquisition functions that support research, development and the deployment of new technologies necessary for realizing the long-term potential of the NDS. Strategy to Achieve the Future Vision: Recommendations to Facilitate Strategic Technology Change 1. Transition to using technology, including tools and services for managing Big data, AI, Machine Learning, and Cloud storage and retrieval, to produce systems and services that support automated classifcation and declassifcation. Tis transition should institutionalize research and development activities across Government, incentivize private industry participation in these areas, and reform technology acquisition. Information Technology, and particularly tools and services that apply AI, Big Data, and Cloud solutions, among others are key to transitioning from the current analog model into a highly functioning digital paradigm. Agencies need to realign their IT resources appropriately using business-focused, data-driven analysis and technical evaluation. Te Government-wide IT enterprise-level plan of action requires adjustable standardization that champions investment in research and development initiatives through partnerships. Tese partnerships should include advanced project agencies such as Intelligence Advanced Research Projects Activity (IARPA), Defense Advanced Research Projects Agency (DARPA) and Homeland Security Advanced Research Projects Agency (HSARPA) as well non-proft strategic ventures such as In-Q-Tel, the private sector and industry. For the IT cross-agency enterprise-level plan to advance, it is crucial to reform acquisition and contract management capabilities and practices. Incentivizing and rewarding public and private industry cross-agency priorities will drive efcient and agile business standards, coordinate acquisition requirements in business associate agreements (BAA), requests for information (RFI), and requests for proposals (RFP). 12 Immediate Impact: Recommendations for Near-Term Improvements to the Current System Te Government can take immediate action to improve the functioning of the current system while also preparing for the future of classifcation and declassifcation in a fully digital information environment. Tese high-impact recommendations support the goals of reducing over-classifcation and improving declassifcation in order to begin the transformation necessary for ensuring a credible and sustainable security classifcation system. 1. Direct the Secretary of Defense, the Director of National Intelligence, and the Secretary of Energy to assist the Archivist of the United States in modernizing the systems used across agencies for the management of classifed records, including electronic records. Te Presidential Memorandum on Implementing Executive Order 13526 states that the President is "directing that the Secretary of Defense and the Director of National Intelligence each support research to assist the NDC in addressing the cross-agency challenges associated with declassifcation." Action on this tasking is long overdue. Te NDC needs the assistance of the Secretary of Defense and the Director of National Intelligence in providing both resources and technical expertise to modernize the management of classifed records. 2. Deploy technology to support classifcation and declassifcation automation. When seeking new technologies, agencies must use a coordinated, Government-wide approach to better leverage resources and technical expertise. The use and sharing of technology to improve workflow should increase across the Government.12 In addition to workflow tools, the Government remains in need of advanced technological tools to assist analysis and decisionmaking in support of declassification review. In our 2012 Transforming Classification Report to the President we underscored the importance of metadata standardization and data-tagging. It is essential to create a Government-wide metadata registry that remains critical in adopting and implementing technology solutions for classification and declassification. Lessons learned from the Intelligence Community’s ongoing efforts focusing on the generation of classified datatagging and classified metadata standards are critical for implementing AI technology solutions for classification (front-end) and declassification (back-end) of the classified information continuum. 13 Policy changes should support the adoption of these technologies, including advanced analytics and Machine Learning. 13 Revisions to Executive 3. Implement secure information technology connectivity between Order 13526 can provide and among all agencies managing classifed information, specifcally the means to achieve including NARA, which manages the NDC and classifed records of these near-term goals and prepare the system for this future vision. Te PIDB stands ready to assist the Records Access and Information Security Policy Coordination Committee at the National Security Council in its eforts to engage the interagency in the Presidential Libraries. Many agencies that hold classifed information do not possess appropriate secure connectivity or networks to participate in a unifed declassifcation program. Tis lack of connectivity and technology substantially impacts the equity recognition and referral process, with particularly negative consequences for the management of classifed records at the NDC and the collections of the Presidential Libraries. 4. Direct the NDC to design and implement a process to solicit, evalu- revising the Order, and ate, and prioritize topics for declassifcation across the Government, in will continue to engage dialog with Government agencies and the public. public interest groups, the “Sunshine in Government Establishing efective priorities that satisfy the widely varied needs Community,” and the and interests of researchers, the public, and Government agencies is public at large to advocate not simple and will require senior-level decision-making. Public par- for transformation of the security classifcation system. ticipation in this process will be critical to its success. Involving the public and stakeholders in determining priorities will be critical to the success of priority-based reviews that strengthen the credibility of a federated NDS. 5. Develop a new model for accurately measuring security classifcation activities across Government, including all costs associated with classifcation and declassifcation. Te current methodology for measuring security classifcation activities remains woefully outdated and analog-based. At present, the data collected does not accurately portray the volume of information choking the security classifcation system, or account for the ways in which Government communicates using digital information. Without an accurate accounting of programmatic activities, determining appropriate resources for information management across Government will remain impossible. 14 An Executive Agency with the authority to develop a new methodological model would allow for accurate and consistent measurement of security classifcation activities, including declassifcation. Executive Order 13526 assigns the Information Security Oversight Ofce (ISOO) the responsibility for evaluating the efectiveness of the security classifcation programs of Executive branch agencies and industry, and reported in its Annual Report to the President. ISOO’s 2017 Annual Report14 recognized the shortcomings of current analog-based measurements. Te Report noted the need to recalibrate and design more efective approaches to cost assessments and data collection that align with the digital transformation of Government and its corresponding new business practices. Te 2018 Annual Report noted that ISOO has started a process to reform and modernize its classifcation and declassifcation measurements.15 6. Simplify and streamline the classifcation system; decide how best to adopt a two-tiered classifcation system. Led by the NSC, the RAIS PCC should conduct a study to decide how to adopt a simplifed two-tier system. Te study should require agencies to clearly identify and describe the harm anticipated in the event of an unauthorized disclosure. Tis will allow agencies to assess and categorize information by linking a clearly identifable risk to an accurate harm assessment. Adopting a two-tiered model should not be difcult. In the digital environment today, classifed information resides in either a SECRET system where information up to the SECRET level can be stored and disseminated, or a TOP SECRET system where information up to the TOP SECRET level can be stored and disseminated.”. Agencies are beginning to rethink whether the use of CONFIDENTIAL is meaningful in the digital environment. A prime example of implementation has been the elimination of the CONFIDENTIAL level in NGA’s security classifcation guide.16 Te two classifcation levels would include access permission requirements to sensitive compartmented information (SCI) and special access program (SAP) information integrated into the system design, as is the current practice for SCI and SAP. TOP SECRET, the higher-level category, would aford a high level of protection and access permissions. All other classifed information would be protected at the lower SECRET level using criteria for the lower level of access permissions. 17 Additionally, the CUI program represents the President’s order to standardize public access processes across the Executive branch so they correspond and are consistent with laws, regulations, and/or Government-wide policies. Tis instruction, once implemented in the next fscal year, will enable timely and consistent information-sharing by properly protecting CUI from improper public release. Implementation plans include requirements for agencies to have appropriate access controls and handling caveats in their systems. In Fiscal Years 2019 and 2020, OMB required agencies to identify costs associated with implementation, and this requirement is included in the Fiscal Year 2021 budget process. 15 Endnotes ........................................................................................................................................................................................................................................... Te President’s Management Agenda, 2018. https://www.whitehouse.gov/wp-content/uploads/2018/03/Presidents-Management-Agenda.pdf. Accessed July 17, 2018. 2 Although the total costs of security classifcation activities is an unknowable fgure, the cost estimates presented are those reported by agencies and departments to the Information Security Oversight Ofce (ISOO). ISOO Report to the President, 2017. https://www.archives.gov/fles/isoo/reports/2017-annual-report.pdf. Accessed July 17, 2018. 3 Te precise measurement of digital information produced by the Government remains elusive. To garner perspective on the exponential rate of information creation across Government, the Barack Obama Presidential Library estimates that it holds 250 terabytes of digital information, a fgure exponentially greater than the 80 terabytes held by the George W. Bush Presidential Library and Museum. Te Clinton Presidential Library holds roughly 4 terabytes of digital information. See Figure 1. 4 “System-of-systems” is the viewing of multiple, dispersed, independent systems in context as part of a larger, more complex system. A system is a group of interacting, interrelated and interdependent components that form a complex and unifed whole. For a defnition, see TechTarget at https://searchapparchitecture.techtarget.com/defnition/system-of-systems-SoS. Accessed on January 2, 2018. 5 “Te Evolution of Systems Engineering,” Systems Engineering Guide, Te Mitre Corporation 1-11. http://www.mitre.org/sites/ default/fles/publications/se-guide-book-interactive.pdf. Accessed May 14, 2020. Accessed January 4, 2018. 6 Enterprise Risk Management: Selected Agencies’ Experiences Illustrate Good Practices in Managing Risk GAO-17-63: Published: Dec 1, 2016. Publicly Released: Dec 1, 2016. https://www.gao.gov/products/GAO-17-63. Accessed May 14, 2020. 7 For example, the National Geospatial-Intelligence Agency (NGA) recently completed a year-long project to consolidate all its security classifcation guides into a single guide, called the Consolidated National Geospatial-Intelligence Agency (CoNGA) Security Classifcation Guide (SCG) and then integrate its use into NGA systems. See an overview of the consolidation of security classifcation guides at https://www.archives.gov/fles/isoo/fcgr/nga2017.pdf. Accessed July 17, 2018. 8 “Te Business of Artifcial Intelligence,” by Erik Brynjolfsson and Andrew McAfee, Harvard Business Review, August 7, 2017. https://hbr.org/cover-story/2017/07/the-business-of-artifcial-intelligence. Accessed April 17, 2018. 9 Techniques may include the use of Broad Agency Announcements (BAA), Other Transaction Authorities (OTA), Requests for Information (RFI), Requests for Quotations (RFQ), Requests for Proposals (RFP), and/or Indefnite Deliveries/Indefnite Quantities (IDIQ). 10 Te Ofce of Management and Budget (OMB) serves the President of the United States in overseeing the implementation of his vision across the Executive branch. Specifcally, OMB’s mission is to assist the President in meeting his policy, budget, management and regulatory objectives, and to fulfll the agency’s statutory responsibilities. It carries out its mission through fve critical processes that are essential to the President’s ability to plan and implement his priorities across the Executive branch: 1. Budget development and execution. 2. Management, including oversight of agency performance, human capital, federal procurement, fnancial management, and information technology. 3. Regulatory policy, including coordination and review of all signifcant federal regulations by executive agencies. 4. Legislative clearance and coordination. 5. Executive Orders and Presidential Memoranda. https://www.whitehouse.gov/omb/. Accessed January 20, 2018. 11 Te records continuum model is a model of archival science that emphasizes overlapping characteristics of recordkeeping, evidence, transaction, and the identity of the creator. It deemphasizes the time-bound stages of the life cycle model. A continuum-based approach suggests integrated time-space dimensions. Records are ‘fxed’ in time and space from the moment of their creation, but record-keeping regimes carry them forward and enable their use for multiple purposes by delivering them to people living in diferent times and spaces. A Glossary of Archival and Records Terminology, Society of American Archivists. https://www2.archivists.org/glossary. Accessed January 2, 2018. 1 16 A beneft to investing and adopting advanced technologies as part of a robust information management system would incorporate solutions to modernize and improve Freedom of Information Act (FOIA) processes. “Te Intelligence Community Ofce of Inspector General (IC OIG) issued a report titled, Assessment of IC Freedom of Information Act (FOIA) Programs, in September 2018 and publicly released in November, 2018. https://www.dni.gov/fles/ICIG/Documents/Publications/Reports/2018/ IC%20FOIA%20Programs/ICIG_Assess_IC_FOIA_Programs_INS-2018-01-U.pdf. Several of the IC OIG’s Findings and recommendations for FOIA improvements echo recommendations in this report. Tey include the need for: 1) DNI leadership to better support interagency integration and collaboration; 2) the use of information technologies to facilitate the interagency referral and consultation process; and 3) DNI support to lead development of a secure virtual collaboration space. Te IC OIG report highlighted the fact that not all IC agency FOIA ofces have the ability to electronically transmit records under review to other agencies. Like the NDC and many other agency declassifcation ofces, these IC FOIA ofces lack access to the Joint Worldwide Intelligence Communications System (JWICS). Access to JWICS would enable signifcantly more efcient declassifcation and FOIA review of Top Secret information that otherwise must be hand-carried between agencies. 13 See Recommendation 13 in Transforming the Security Classifcation System: Report to the President from the Public Interest Declassifcation Board, November 2012. https://www.archives.gov/fles/declassifcation/pidb/recommendations/transformingclassifcation.pdf. Accessed July 17, 2018. 14 https://www.archives.gov/fles/isoo/reports/2017-annual-report.pdf. February 25, 2020. 15 https://www.archives.gov/fles/isoo/images/2018-isoo-annual-report.pdf. Accessed February 25, 2020. 16 See Endnote 7. For a discussion of a two-tiered model, see Recommendation 3 of Transforming the Security Classifcation System: Report to the President from the Public Interest Declassifcation Board, November 2012. https://www.archives.gov/ declassifcation/pidb/recommendations/transforming-classifcation.html. Accessed July 17, 2018. 17 For additional information on this recommendation, see: Transforming the Security Classifcation System: Report to the President from the Public Interest Declassifcation Board, November 2012. https://www.archives.gov/fles/declassifcation/pidb/ recommendations/transforming-classifcation.pdf. Accessed July 17, 2018. Te PIDB’s second and third recommendations in this earlier report advocate for simplifcation of the classifcation system. 12 17 Appendix A ........................................................................................................................................................................................................................................... Biographies Contributing Current Members Presidential Appointees James E. Baker was appointed by President Barack Obama on June 22, 2016, and served as Acting Chairman in 2018 and 2020. Judge Baker retired from the United States Court of Appeals for the Armed Forces in July 2015 afer ffeen years of service, the last four as Chief Judge. Judge Baker is currently a Professor at the Syracuse University College of Law and the Maxwell School of Citizenship and Public Afairs where he also serves as Director of the Syracuse University Institute for Security Policy and Law.. He previously served as the Robert J. Wilhelm Fellow at the Massachusetts Institute of Technology (2017–2018) and Chair of the ABA Standing Committee on Law and National Security (2015–2018). He previously served as Special Assistant to the President and Legal Adviser to the National Security Council (NSC) (1997–2000), Deputy Legal Adviser to the National Security Council (1994–1997) and as Counsel to the President’s Foreign Intelligence Advisory Board and Intelligence Oversight Board. Judge Baker has also served as an attorney adviser in the Ofce of the Legal Advisor, Department of State, a legislative aide and acting Chief of Staf to Senator Daniel Patrick Moynihan (1985–1987), and as a Marine Corps infantry ofcer, resigning his Reserve commission upon joining the United States Court of Appeals for the Armed Forces. He is the author of In the Common Defense: National Security Law for Perilous Times (Cambridge: 2007) and, with Michael Riesman, Regulating Covert Action (Yale University Press: 1992). He received a B.A from Yale University and a J.D. from Yale Law School. He is serving his frst term on the PIDB. Trevor W. Morrison was appointed by President Barack Obama on June 22, 2016, serving as Chairman from his appointment date until June 21, 2018. Mr. Morrison is currently the Dean and Eric M. and Laurie B. Roth Professor of Law at New York University School of Law, where he is also faculty co-director of the Reiss Center on Law and Security. He was previously the Liviu Librescu Professor of Law at Columbia Law School. Mr. Morrison spent 2009 in the White House, where he served as associate counsel to President Barack Obama. Before entering academia, he was a law clerk to Judge Betty B. Fletcher of the U.S. Court of Appeals for the Ninth Circuit (1998-99) and to Justice Ruth Bader Ginsburg of the U.S. Supreme Court (2002-03). Between those clerkships, he was a Bristow Fellow in the U.S. Justice Department's Ofce of the Solicitor General (1999–2000), an attorney-advisor in the Justice Department's Ofce of Legal Counsel (2000-01), and an associate at Wilmer, Cutler & Pickering (now WilmerHale) (2001-02). Mr. Morrison is a Fellow of the American Academy of Arts and Sciences and a member of the American Law 18 Institute and the Council on Foreign Relations. He received a B.A. (hons.) in history from the University of British Columbia in 1994, and a J.D. from Columbia Law School in 1998. Mr. Morrison is serving his frst term on the PIDB. .......................................................................................................................................................................................................................................... Congressional Appointees Alissa M. Starzak was appointed by Charles E. Schumer, Minority Leader of the Senate on February 27, 2018. Presently, Ms. Starzak is Head of Public Policy at Cloudfare, a web security and optimization company. Prior to joining Cloudfare, she worked for the U.S government in a variety of national security positions. Most recently, she served as the 21st General Counsel of the Department of the Army, afer confrmation by the Senate. As General Counsel of the Army, she was the primary legal counsel to the Secretary of the Army and the Army’s chief legal officer. Before her appointment as Army General Counsel, Ms. Starzak served as the Deputy General Counsel (Legislation) of the U.S. Department of Defense, advising on legal issues with a legislative or congressional component and managing an ofce of attorneys responsible for developing the Department of Defense legislative program. Prior to moving to the Department of Defense, she served as Counsel to the Senate Select Committee on Intelligence, focusing on legal issues relating to intelligence collection and covert action, and as an Assistant General Counsel at the Central Intelligence Agency’s Ofce of General Counsel. She also worked in private practice in Washington, D.C., and clerked for Te Honorable E. Grady Jolly, U.S. Court of Appeals for the Fifh Circuit. She graduated from Amherst College and the University of Chicago Law School, where she served as an editor of the University of Chicago Law Review. Ms. Starzak is serving her frst term on the PIDB. John F. Tierney was appointed by Nancy Pelosi as Minority Leader of the House of Representatives on July 20, 2017. He is presently Executive Director at the Center for Arms Control & Non-Proliferation and its sister organization, The Council for a Livable World. His work focuses on national security issues, nuclear non-proliferation, missile defense and areas concerning peace and security. Mr. Tierney is a former nine-term Massachusetts Congressman who served on the House Permanent Select Commitee on Intelligence and chaired the National Security and Foreign Affairs Subcommittee of the Government Oversight and Reform Committee. His 18-year career included oversight of the Government Accountability Office’s annual assessment of the Pentagon’s Weapons Selection Programs and reform of overall Pentagon spending. Additionally, Mr. Tierney was a senior member of the Education and Workforce Committee of the House, where he served as Ranking Member on the Health, 19 Employment, Labor and Pension Subcommittee, and served on the Higher Education and Workforce Development Committee where he had a prominent role in several Higher Education Reauthorization and Workforce Opportunity Reauthorization Acts and related legislation. Prior to being elected to Congress, Mr. Tierney was a Partner in the law firm Tierney, Kalis and Lucas, counsel for several community governments, a Trustee of Salem State College (now University) and member and President of the local Chamber of Commerce. He holds a B.A. from Salem State College and J.D. from Suffolk University Law School. Mr. Tierney is serving his first term on the PIDB. Kenneth L. Wainstein was appointed by Mitch McConnell as Minority Leader of the Senate on September 20, 2016. He currently is a partner at Davis Polk & Wardwell LLP. He is an adjunct professor of law at the Georgetown University Center of Law. Mr. Wainstein previously was a partner at Cadwalader, Wickersham & Taft LLP. Mr. Wainstein served as an Assistant U.S. Attorney, first in the Southern District of New York and then in the District of Columbia. In 2001, he served as the Director of the Executive office for U.S. Attorneys. In 2002, Mr. Wainstein joined the Federal Bureau of Investigation as General Counsel. FBI Director Robert S. Mueller appointed him Chief of Staff in 2003. Mr. Wainstein was appointed by President George W. Bush to serve as the United States Attorney for the District of Columbia in 2004, a position he held until his appointment as Assistant Attorney General for National Security at the Justice Department in 2006. As the first Assistant Attorney General for National Security, he established and led the new National Security Division, which consolidated the Justice Department’s law enforcement and intelligence activities on counter-terrorism and counterintelligence matters. In 2008, after 19 years at the Justice Department, Mr. Wainstein was named Homeland Security Advisor by President George W. Bush. As the Assistant to the President for Homeland Security and Counter-Terrorism, he advised the President on all homeland security matters, chaired the Homeland Security Council, and oversaw the inter-agency coordination process for homeland security and counter-terrorism programs. Mr. Wainstein holds a B.A. from the University of Virginia and a J.D. from the University of California, Berkeley. Mr. Wainstein is serving his second term on the PIDB. .......................................................................................................................................................................................................................................... Contributing Former Members Laura A. DeBonis was appointed by President Barack Obama in March 2015 and served one term until March 2018. Ms. DeBonis has over 20 years’ experience in the information technology and media felds. She currently serves as a founding Board Member for the Digital Public Library of America, an organization dedicated to creating an open network of online resources from libraries, archives and museums and making them freely available to all. Her professional experience includes a variety of leadership roles at Google, including her last position there as the Director of Library Partnerships for Book Search. Since Google, 20 Ms. DeBonis has been a consultant to a number of organizations, including serving as chair of the technology review team for the Internet Safety Technical Task Force at the Berkman Center at Harvard University. DeBonis is an emeritus trustee for WGHB Boston and previously served on the board of the Boston Public Library. She received a B.A. from Harvard College and an M.B.A. from Harvard Business School. Martin C. Faga was appointed by President George W. Bush in October 2004 and served three terms until October 2014. He was the President and Chief Executive Ofcer of Te MITRE Corporation for six years, retiring in 2006. Before joining MITRE, Mr. Faga served as Assistant Secretary of the Air Force for Space from 1989 until 1993. At the same time, he served as Director of the National Reconnaissance Ofce, responsible to the Secretary of Defense and the Director of Central Intelligence for the development, acquisition, and operation of all U.S. satellite reconnaissance programs. Mr. Faga has been awarded the National Intelligence Distinguished Service Medal, the Department of Defense Distinguished Public Service Medal, the Air Force Exceptional Civilian Service Medal, and the NASA Distinguished Service Medal. In 2004, he was awarded the Intelligence Community Seal Medallion. He was frst appointed to the Board in October 2004, and again in January 2009. He has also served on the President's Intelligence Advisory Board. Mr. Faga graduated from Lehigh University with a B.S. and an M.S. in electrical engineering. William H. Leary was appointed by President Barack Obama in February 2012 and served two terms until January 2018. He was the Special Adviser to the National Security Advisor and Senior Director for Records and Access Management on the National Security Staf until his retirement in 2011. In that capacity, he had served as Chair of the Interagency Security Classifcation Appeals Panel and Chair of the Records Access and Information Security Interagency Policy Committee. A strong proponent of governmental transparency, Mr. Leary was one of the primary Executive branch ofcials behind the creation of the PIDB in 2000 and the development of President Obama’s Executive Order 13526 on Classifed National Security Information. Prior to joining the National Security Council staf, he served as the Deputy Director of the Agency Services Division at the National Archives and Records Administration for fve years. From 1968 until 1973, Mr. Leary taught American history at the University of Virginia, the College of William and Mary, and the University of South Alabama. He received his B.A. in foreign afairs and M.A. and A.B.D. in history, all from the University of Virginia. David E. Skaggs was appointed by Nancy Pelosi as Minority Leader House of Representatives in January 2005 and served three terms until March 2015. He is the Chairman of the board of the Ofce of Congressional Ethics and former (2007–2009) Executive Director of the Colorado Department of Higher Education. He served 12 years in Congress (1987–1999) as the Representative from the 2nd Congressional District in Colorado, including 8 years on the House Appropriations Committee and 6 years on the House Permanent Select Committee on Intelligence. Afer leaving Congress, he served as Executive Director of the Center for Democracy and Citizenship at the Council for Excellence in Government (1999–2006), counsel to a 21 Washington, DC-based law frm, and 3 years as an adjunct professor at the University of Colorado. He has a B.A. in philosophy from Wesleyan University and an LL.B from Yale Law School. Admiral William O. Studeman, USN (Ret.) was appointed by John Boehner as the Speaker of the House in June 2006 and served three terms until May of 2015. He retired from Northrop Grumman Corporation as Vice President and Deputy General Manager of Mission Systems. Admiral Studeman’s fag tours included OPNAV Director of Long Range Navy Planning; Director of Naval Intelligence; Director of the National Security Agency; and Deputy Director of the Central Intelligence Agency, with two extended periods as Acting Director. He served as a member of the Commission on the Intelligence Capabilities of the United States Regarding Weapons of Mass Destruction and is currently serving on the National Advisory Board on Bio-Security and the Defense Science Board. He holds a B.A. in history from the University of the South in Sewanee, TN, and an M.A. in public and international afairs from George Washington University. Solomon B. Watson IV was appointed by President Barack Obama in March 2015 and served one term until March 2018. He was Senior Vice President and Chief Legal Ofcer of Te New York Times Company, positions he held from 2005 to 2006. He began his career at Te New York Times Company in 1974 and held various positions including Senior Vice President and General Counsel from 1996 to 2005, Vice President and General Counsel from 1990 to 1996, General Counsel from 1989 to 1990, Corporate Secretary from 1979 to 1989 and 2000 to 2002, and Corporate Counsel from 1974 to 1979. Mr. Watson has been a Special Master in the Appellate Division of the New York State Supreme Court and a member of the American Bar Association, the National Bar Association, and the Association of the Bar of the City of New York. From 1966 to 1968 he served in the U.S. Army as a lieutenant in the Military Police Corps and was awarded the Bronze Star and Army Commendation Medals for his service while in Vietnam. Mr. Watson received a B.A. from Howard University and a J.D. from Harvard Law School. 22 Appendix B ........................................................................................................................................................................................................................................... Public Interest Declassifcation Act of 2000, as amended See: Public Law 106-567 (December 27, 2000) SEC. 701. SHORT TITLE. Tis title may be cited as the ‘‘Public Interest Declassifcation Act of 2000’’. SEC. 702. FINDINGS. Congress makes the following fndings: (1) It is in the national interest to establish an efective, coordinated, and cost-efective means by which records on specifc subjects of extraordinary public interest that do not undermine the national security interests of the United States may be collected, retained, reviewed, and disseminated to Congress, policymakers in the executive branch, and the public. (2) Ensuring, through such measures, public access to information that does not require continued protection to maintain the national security interests of the United States is a key to striking the balance between secrecy essential to national security and the openness that is central to the proper functioning of the political institutions of the United States. SEC. 703. PUBLIC INTEREST DECLASSIFICATION BOARD. (a) ESTABLISHMENT. — (1) Tere is established within the executive branch of the United States a board to be known as the ‘‘Public Interest Declassifcation Board’’ (in this title referred to as the‘‘Board’’). (2) Te Board shall report directly to the President or, upon designation by the President, the Vice President, the Attorney General, or other designee of the President. Te other designee of the President under this paragraph may not be an agency head or ofcial authorized to classify information under Executive Order 12958, or any successor order. (b) PURPOSES. — Te purposes of the Board are as follows: (1) To advise the President, the Assistant to the President for National Security Afairs, the Director of the Ofce of Management and Budget, and such other executive branch ofcials as the Board consid- 23 ers appropriate on the systematic, thorough, coordinated, and comprehensive identifcation, collection, review for declassifcation, and release to Congress, interested agencies, and the public of declassifed records and materials (including donated historical materials) that are of archival value, including records and materials of extraordinary public interest. (2) To promote the fullest possible public access to a thorough, accurate, and reliable documentary record of signifcant United States national security decisions and signifcant United States national security activities in order to— (A) support the oversight and legislative functions of Congress; (B) support the policymaking role of the executive branch; (C) respond to the interest of the public in national security matters; and (D) promote reliable historical analysis and new avenues of historical study in national security matters. (3) To provide recommendations to the President for the identifcation, collection, and review for declassifcation of information of extraordinary public interest that does not undermine the national security of the United States, to be undertaken in accordance with a declassifcation program that has been established or may be established by the President by Executive order. (4) To advise the President, the Assistant to the President for National Security Afairs, the Director of the Ofce of Management and Budget, and such other executive branch ofcials as the Board considers appropriate on policies deriving from the issuance by the President of Executive orders regarding the classifcation and declassifcation of national security information. (5) To review and make recommendations to the President in a timely manner with respect to any congressional request, made by the committee of jurisdiction or by a member of the committee of jurisdiction, to declassify certain records, to evaluate the proper classifcation of certain records, or to reconsider a declination to declassify specifc records. (c) MEMBERSHIP. — (1) Te Board shall be composed of nine individuals appointed from among citizens of the United States who are preeminent in the felds of history, national security, foreign policy, intelligence policy, social science, law, or archives, including individuals who have served in Congress or otherwise in the Federal Government or have otherwise engaged in research, scholarship, or publication in such felds on matters relating to the national security of the United States, of whom— (A) fve shall be appointed by the President; (B) one shall be appointed by the Speaker of the House of Representatives; (C) one shall be appointed by the majority leader of the Senate; (D) one shall be appointed by the minority leader of the Senate; and (E) one shall be appointed by the minority leader of the House of Representatives. (2) (A) Of the members initially appointed to the Board by the President— (i) three shall be appointed for a term of 4 years; 24 (ii) one shall be appointed for a term of 3 years; and (iii) one shall be appointed for a term of 2 years. (B) Te members initially appointed to the Board by the Speaker of the House of Representatives or by the majority leader of the Senate shall be appointed for a term of 3 years. (C) Te members initially appointed to the Board by the minority leader of the House of Representatives or the Senate shall be appointed for a term of 2 years. (D) Any subsequent appointment to the Board shall be for a term of 3 years from the date of the appointment. (3) A vacancy in the Board shall be flled in the same manner as the original appointment. (4) A member of the Board may be appointed to a new term on the Board upon the expiration of the member’s term on the Board, except that no member may serve more than three full terms on the Board. (d) CHAIRPERSON; EXECUTIVE SECRETARY. — (1) (A) Te President shall designate one of the members of the Board as the chairperson of the Board. (B) Te term of service as Chairperson of the Board shall be 2 years. (C) A member serving as Chairperson of the Board may be redesignated as Chairperson of the Board upon the expiration of the member’s term as Chairperson of the Board, except that no member shall serve as Chairperson of the Board for more than 6 years. (2) Te Director of the Information Security Oversight Ofce shall serve as the Executive Secretary of the Board. (e) MEETINGS. — Te Board shall meet as needed to accomplish its mission, consistent with the availability of funds, but shall meet in person not less frequently than on a quarterly basis.. A majority of the members of the Board shall constitute a quorum. (f ) STAFF. — Any employee of the Federal Government may be detailed to the Board, with the agreement of and without reimbursement to the detailing agency, and such detail shall be without interruption or loss of civil, military, or foreign service status or privilege. (g) SECURITY. — (1) Te members and staf of the Board shall, as a condition of appointment to or employment with the Board, hold appropriate security clearances for access to the classifed records and materials to be reviewed by the Board or its staf, and shall follow the guidance and practices on security under applicable Executive orders and Presidential or agency directives. (2) Te head of an agency shall, as a condition of granting access to a member of the Board, the Executive Secretary of the Board, or a member of the staf of the Board to classifed records or materials of the agency under this title, require the member, the Executive Secretary, or the member of the staf, as the case may be, to— (A) execute an agreement regarding the security of such records or materials that is approved by the head of the agency; and (B) hold an appropriate security clearance granted or recognized under the standard procedures and eligibility criteria of the agency, including any special access approval required for access to such records or materials. 25 (3) Te members of the Board, the Executive Secretary of the Board, and the members of the staf of the Board may not use any information acquired in the course of their ofcial activities on the Board for nonofcial purposes. (4) For purposes of any law or regulation governing access to classifed information that pertains to the national security of the United States, and subject to any limitations on access arising under section 706(b), and to facilitate the advisory functions of the Board under this title, a member of the Board seeking access to a record or material under this title shall be deemed for purposes of this subsection to have a need to know the contents of the record or material. (h) COMPENSATION. — (1) Each member of the Board shall receive compensation at a rate not to exceed the daily equivalent of the annual rate of basic pay payable for positions at ES–1 of the Senior Executive Service under section 5382 of title 5, United States Code, for each day such member is engaged in the actual performance of duties of the Board. (2) Members of the Board shall be allowed travel expenses, including per diem in lieu of subsistence at rates authorized for employees of agencies under subchapter I of chapter 57 of title 5, United States Code, while away from their homes or regular places of business in the performance of the duties of the Board. (i) GUIDANCE; ANNUAL BUDGET. — (1) On behalf of the President, the Assistant to the President for National Security Afairs shall provide guidance on policy to the Board. (2) Te Executive Secretary of the Board, under the direction of the Chairperson of the Board and the Board, and acting in consultation with the Archivist of the United States, the Assistant to the President for National Security Afairs, and the Director of the Ofce of Management and Budget, shall prepare the annual budget of the Board. (j) SUPPORT. — Te Information Security Oversight Ofce may support the activities of the Board under this title. Such support shall be provided on a reimbursable basis. (k) PUBLIC AVAILABILITY OF RECORDS AND REPORTS. — (1) Te Board shall make available for public inspection records of its proceedings and reports prepared in the course of its activities under this title to the extent such records and reports are not classifed and would not be exempt from release under the provisions of section 552 of title 5, United States Code. (2) In making records and reports available under paragraph (1), the Board shall coordinate the release of such records and reports with appropriate ofcials from agencies with expertise in classifed information in order to ensure that such records and reports do not inadvertently contain classifed information. (l) APPLICABILITY OF CERTAIN ADMINISTRATIVE LAWS. — Te provisions of the Federal Advisory Committee Act (5 U.S.C. App.) shall not apply to the activities of the Board under this title. However, the records of the Board shall be governed by the provisions of the Federal Records Act of 1950. 26 SEC. 704. IDENTIFICATION, COLLECTION, AND REVIEW FOR DECLASSIFICATION OF INFORMATION OF ARCHIVAL VALUE OR EXTRAORDINARY PUBLIC INTEREST. (a) BRIEFINGS ON AGENCY DECLASSIFICATION PROGRAMS. — (1) As requested by the Board, or by the Select Committee on Intelligence of the Senate or the Permanent Select Committee on Intelligence of the House of Representatives, the head of any agency with the authority under an Executive order to classify information shall provide to the Board, the Select Committee on Intelligence of the Senate, or the Permanent Select Committee on Intelligence of the House of Representatives, on an annual basis, a summary briefng and report on such agency’s progress and plans in the declassifcation of national security information. Such briefng shall cover the declassifcation goals set by statute, regulation, or policy, the agency’s progress with respect to such goals, and the agency’s planned goals and priorities for its declassifcation activities over the next 2 fscal years. Agency briefngs and reports shall give particular attention to progress on the declassifcation of records and materials that are of archival value or extraordinary public interest to the people of the United States. (2)(A) Te annual briefng and report under paragraph (1) for agencies within the Department of Defense, including the military departments and the elements of the intelligence community, shall be provided on a consolidated basis. (B) In this paragraph, the term ‘‘elements of the intelligence community’’ means the elements of the intelligence community specifed or designated under section 3(4) of the National Security Act of 1947 (50 U.S.C. 401a(4)). (b) RECOMMENDATIONS ON AGENCY DECLASSIFICATION PROGRAMS. — (1) Upon reviewing and discussing declassifcation plans and progress with an agency, the Board shall provide to the head of the agency the written recommendations of the Board as to how the agency’s declassifcation program could be improved. A copy of each recommendation shall also be submitted to the Assistant to the President for National Security Afairs and the Director of the Ofce of Management and Budget. (2) Consistent with the provisions of section 703(k), the Board’s recommendations to the head of an agency under paragraph (1) shall become public 60 days afer such recommendations are sent to the head of the agency under that paragraph. (c) RECOMMENDATIONS ON SPECIAL SEARCHES FOR RECORDS OF EXTRAORDINARY PUBLIC INTEREST. — (1) Te Board shall also make recommendations to the President regarding proposed initiatives to identify, collect, and review for declassifcation classifed records and materials of extraordinary public interest. (2) In making recommendations under paragraph (1), the Board shall consider the following: (A) Te opinions and requests of Members of Congress, including opinions and requests expressed or embodied in letters or legislative proposals, and also including specifc requests for the declassifcation of certain records or for the reconsideration of declinations to declassify specifc records. (B) Te opinions and requests of the National Security Council, the Director of National Intelligence, and the heads of other agencies. (C) Te opinions of United States citizens. (D) Te opinions of members of the Board. (E) Te impact of special searches on systematic and all other on-going declassifcation programs. (F) Te costs (including budgetary costs) and the impact that complying with the recommendations would have on agency budgets, programs, and operations. (G) Te benefts of the recommendations. (H) Te impact of compliance with the recommendations on the national security of the United States. (d) PRESIDENT’S DECLASSIFICATION PRIORITIES. — (1) Concurrent with the submission to Congress of the budget of the President each fscal year under section 1105 of title 31, United States Code, the Director of the Ofce of Management and Budget shall publish a description of the President’s declassifcation program and priorities, together with a listing of the funds requested to implement that program. (2) Nothing in this title shall be construed to substitute or supersede, or establish a funding process for, any declassifcation program that has been established or may be established by the President by Executive order. (e) DECLASSIFICATION REVIEWS. — (1) IN GENERAL – If requested by the President, the Board shall review in a timely manner certain records or declinations to declassify specifc records, the declassifcation of which has been the subject of specifc congressional request described in section 703(b)(5). (2) AUTHORITY OF THE BOARD – Upon receiving a congressional request described in section 703(b)(5), the Board may conduct the review and make the recommendations described in that section, regardless of whether such a review is requested by the President. (3) REPORTING – Any recommendations submitted to the President by the Board under section 703(b) (5), shall be submitted to the chairman and ranking minority member of the committee of Congress that made the request relating to such recommendations. SEC. 705. PROTECTION OF NATIONAL SECURITY INFORMATION AND OTHER INFORMATION. (a) IN GENERAL. — Nothing in this title shall be construed to limit the authority of the head of an agency to classify information or to continue the classifcation of information previously classifed by that agency. (b) SPECIAL ACCESS PROGRAMS. — Nothing in this title shall be construed to limit the authority of the head of an agency to grant or deny access to a special access program. (c) AUTHORITIES OF DIRECTOR OF NATIONAL INTELLIGENCE. — Nothing in this title shall be construed to limit the authorities of the Director of National Intelligence as the head of the intelligence community, including the Director’s responsibility to protect intelligence sources and methods from unauthorized disclosure as required by section 103(c)(6) of the National Security Act of 1947 (50 U.S.C. 403–3(c)(6)). (d) EXEMPTIONS TO RELEASE OF INFORMATION. — Nothing in this title shall be construed to limit any exemption or exception to the release to the public under this title of information that is protected under subsection (b) of section 552 of title 5, United States Code (commonly referred to as the ‘‘Freedom of Information Act’’), or section 552a of title 5, United States Code (commonly referred to as the ‘‘Privacy Act’’). (e) WITHHOLDING INFORMATION FROM CONGRESS. — Nothing in this title shall be construed to authorize the withholding of information from Congress. SEC. 706. STANDARDS AND PROCEDURES. (a) LIAISON. — (1) Te head of each agency with the authority under an Executive order to classify information and the head of each Federal Presidential library shall designate an employee of such agency or library to act as liaison to the Board for purposes of this title. (2) Te Board may establish liaison and otherwise consult with such other historical and advisory committees as the Board considers appropriate for purposes of this title. (b) LIMITATIONS ON ACCESS. — (1) (A) Except as provided in paragraph (2), if the head of an agency or the head of a Federal Presidential library determines it necessary to deny or restrict access of the Board, or of the agency or library liaison to the Board, to information contained in a record or material, in whole or in part, the head of the agency or the head of the library shall promptly notify the Board in writing of such determination. (B) Each notice to the Board under subparagraph (A) shall include a description of the nature of the records or materials, and a justifcation for the determination, covered by such notice. (2) In the case of a determination referred to in paragraph (1) with respect to a special access program created by the Secretary of Defense, the Director of National Intelligence, or the head of any other agency, the notifcation of denial of access under paragraph (1), including a description of the nature of the Board’s request for access, shall be submitted to the Assistant to the President for National Security Afairs rather than to the Board. (c) DISCRETION TO DISCLOSE. — At the conclusion of a declassifcation review, the head of an agency may, in the discretion of the head of the agency, determine that the public’s interest in the disclosure of records or materials of the agency covered by such review, and still properly classifed, outweighs the Government’s need to protect such records or materials, and may release such records or materials in accordance with the provisions of Executive Order No. 12958 or any successor order to such Executive order. (d) DISCRETION TO PROTECT. — At the conclusion of a declassification review, the head of an agency may, in the discretion of the head of the agency, determine that the interest of the agency in 29 the protection of records or materials of the agency covered by such review, and still properly classified, outweighs the public’s need for access to such records or materials, and may deny release of such records or materials in accordance with the provisions of Executive Order No. 12958 or any successor order to such Executive order. (e) REPORTS. — (1) (A) Except as provided in paragraph (2), the Board shall annually submit to the appropriate congressional committees a report on the activities of the Board under this title, including summary information regarding any denials to the Board by the head of an agency or the head of a Federal Presidential library of access to records or materials under this title. (B) In this paragraph, the term ‘‘appropriate congressional committees’’ means the Select Committee on Intelligence and the Committee on Governmental Affairs of the Senate and the Permanent Select Committee on Intelligence and the Committee on Government Reform of the House of Representatives. (2) Notwithstanding paragraph (1), notice that the Board has been denied access to records and materials, and a justifcation for the determination in support of the denial, shall be submitted by the agency denying the access as follows: (A) In the case of the denial of access to a special access program created by the Secretary of Defense, to the Committees on Armed Services and Appropriations of the Senate and to the Committees on Armed Services and Appropriations of the House of Representatives. (B) In the case of the denial of access to a special access program created by the Director of National Intelligence, or by the head of any other agency (including the Department of Defense) if the special access program pertains to intelligence activities, or of access to any information and materials relating to intelligence sources and methods, to the Select Committee on Intelligence of the Senate and the Permanent Select Committee on Intelligence of the House of Representatives. (C) In the case of the denial of access to a special access program created by the Secretary of Energy or the Administrator for Nuclear Security, to the Committees on Armed Services and Appropriations and the Select Committee on Intelligence of the Senate and to the Committees on Armed Services and Appropriations and the Permanent Select Committee on Intelligence of the House of Representatives. (f) NOTIFICATION OF REVIEW. — In response to a specifc congressional request for declassifcation review described in section 703(b)(5), the Board shall advise the originators of the request in a timely manner whether the Board intends to conduct such review. SEC. 707. JUDICIAL REVIEW. Nothing in this title limits the protection aforded to any information under any other provision of law. Tis title is not intended and may not be construed to create any right or beneft, substantive or procedural, 30 enforceable against the United States, its agencies, its ofcers, or its employees. Tis title does not modify in any way the substantive criteria or procedures for the classifcation of information, nor does this title create any right or beneft subject to judicial review. SEC. 708. FUNDING. (a) AUTHORIZATION OF APPROPRIATIONS. — Tere is hereby authorized to be appropriated to carry out the provisions of this title amounts as follows: (1) For fscal year 2001, $650,000. (2) For each fscal year afer fscal year 2001, such sums as may be necessary for such fscal year. (b) FUNDING REQUESTS. — Te President shall include in the budget submitted to Congress for each fscal year under section 1105 of title 31, United States Code, a request for amounts for the activities of the Board under this title during such fscal year. SEC. 709. DEFINITIONS. In this title: (1) AGENCY.— (A) Except as provided in subparagraph (B), the term ‘‘agency’’ means the following: (i) An Executive agency, as that term is defned in section 105 of title 5, United States Code. (ii) A military department, as that term is defned in section 102 of such title. (iii) Any other entity in the executive branch that comes into the possession of classifed information. (B) Te term does not include the Board. (2) CLASSIFIED MATERIAL OR RECORD.— Te terms ‘‘classifed material’’ and ‘‘classifed record’’ include any correspondence, memorandum, book, plan, map, drawing, diagram, pictorial or graphic work, photograph, flm, microflm, sound recording, videotape, machine readable records, and other documentary material, regardless of physical form or characteristics, that has been determined pursuant to Executive order to require protection against unauthorized disclosure in the interests of the national security of the United States. (3) DECLASSIFICATION.—Te term ‘‘declassifcation’’ means the process by which records or materials that have been classifed are determined no longer to require protection from unauthorized disclosure to protect the national security of the United States. (4) DONATED HISTORICAL MATERIAL.—Te term ‘‘donated historical material’’ means collections of personal papers donated or given to a Federal Presidential library or other archival repository under a deed of gif or otherwise. (5) FEDERAL PRESIDENTIAL LIBRARY.—Te term ‘‘Federal Presidential library’’ means a library operated and maintained by the United States Government through the National Archives and Records Administration under the applicable provisions of the Federal Records Act of 1950. 31 (6) NATIONAL SECURITY.—Te term ‘‘national security’’ means the national defense or foreign relations of the United States. (7) RECORDS OR MATERIALS OF EXTRAORDINARY PUBLIC INTEREST.—Te term ‘‘records or materials of extraordinary public interest’’ means records or materials that— (A) demonstrate and record the national security policies, actions, and decisions of the United States, including— (i) policies, events, actions, and decisions which led to signifcant national security outcomes; and (ii) the development and evolution of signifcant United States national security policies, actions, and decisions; (B) will provide a signifcantly diferent perspective in general from records and materials publicly available in other historical sources; and (C) would need to be addressed through ad hoc record searches outside any systematic declassifcation program established under Executive order. (8) RECORDS OF ARCHIVAL VALUE.—Te term ‘‘records of archival value’’ means records that have been determined by the Archivist of the United States to have sufcient historical or other value to warrant their continued preservation by the Federal Government. SEC. 710. EFFECTIVE DATE. Tis title shall take efect on the date that is 120 days afer the date of the enactment of this Act. 32 Appendix C ........................................................................................................................................................................................................................................... Te Importance of Technology in Classifcation and Declassifcation A White Paper of the Public Interest Declassifcation Board June 2016 Introduction to the PIDB Declassifcation Technology Working Group At the direction of the President, the Public Interest Declassifcation Board (PIDB) continues to investigate technologies and related policy solutions to transform the security classifcation system to one capable of functioning more efectively in an increasingly complex information age.1 Core to our democratic ideals is the ability for the public to access its government’s records. Te responsibility lies with senior government leaders to develop sound policies and implement technological capabilities that will ensure long-term preservation and accessibility to the nation’s historical records. Nearly all users of the security classifcation system agree that it is no longer able to handle the current volume and forms of information, especially given the exponential growth of digital information that is only exacerbating the many challenges facing the system. As the PIDB has previously noted in all of our reports, we reafrm that our most important recommendation for developing and ensuring such a system is the adoption of a government-wide technology investment strategy for the management of classifed information. In support of this recommendation and those commitments found in the President’s Open Government National Action Plans, the PIDB began an in-depth study of agency declassifcation technology initiatives last year. In May 2015, we established an informal Declassifcation Technology Working Group (Working Group) at the National Archives and asked for agency participation in a high-level questionnaire concerning agency preparedness for declassifcation in the digital age. We sought support from agency Chief Information Ofcers (CIOs) when setting up the Working Group in order to highlight declassifcation technology development as a need for agencies. We believe the support of agency CIOs is critical to modernizing declassifcation and making the management of classifed information at agencies a priority in planning their information technology programs now and in the years ahead. Te Working Group has representation from technologists at 14 agencies and departments in the Executive Branch. Te PIDB hosted four Working Group meetings in the past year. Tese meetings are an opportunity for agencies to share their successes, challenges, best practices, requirements and declassifcation program needs. Agenda items covered at these meetings included agencies briefngs on their eforts at declassifcation technology planning, discussions of best practices concerning the management of classifed records 33 (including email), the sharing of metadata standards and transfer guidance, and more. We have received positive feedback from agencies about the usefulness of meeting in this informal Working Group environment; agency technologists are able to work collaboratively, share best practices and discuss new ideas with their inter-agency counterparts on these ofen overlooked technology challenges. Now, at the one-year anniversary of the beginning of our Working Group exercise, we have collected some observations and lessons-learned to share from these meetings with the public. Our goal is to refect on the progress of the Working Group and plan next steps and potential areas in need of further study. Finding the Baseline: Where Agencies Stand Overall, agencies lack appropriate technological investment to support the activities of their declassifcation and related records management programs. Most agencies do not possess basic workfow applications to assist human review of records, applications that are readily available in the commercial world. While one or two agencies are exploring advanced content understanding and analytics as technical capabilities to assist review, the vast majority of agencies lack the most basic technological infrastructure to support simple automation or search technologies to assist in the management of records through the review process. By policy design, declassifcation largely operates in an information environment twenty-fve years in the past, making paper the dominant review format agencies must prioritize. Solutions that can assist in managing the large volumes of paper found at agencies and the National Archives already exist in the commercial world. But implementing these known solutions within government remains elusive and problematic. Funding for declassifcation and records management in most agencies is minimal, at best. What little funding is available supports outdated processes designed in the 1990s in response to the mandates aforded with the onset of automatic declassifcation. Prior to the notion of automatic declassifcation, declassifcation review occurred ad hoc and inconsistently across agencies. When adopted and implemented, these 1990s processes elevated declassifcation review to the program level. Tey have served their intended purpose - to institutionalize declassifcation at agencies—and presently are largely outmoded for managing electronic records. Tese 1990s processes will remain in place for the foreseeable future, barring resources for the development of new processes and the adoption of automated workfow tools. In addition to the challenges of outdated paper-based processes, agencies also lack capabilities to manage the review of special media formats and legacy electronic records, including frst generation born-digital records. As prioritization of records for declassifcation review largely depends upon records’ age, the coming of “age” of electronic records review is now of serious consequence for agencies, with the added complication that no relief from paper records review appears to be in sight. Common challenges exist among agencies in managing legacy electronic records, yet there is no serious efort underway to acknowledge or describe these challenges, let alone develop a universal approach or solution. 34 Other common problems exist concerning electronic records beyond the issue of exponential growth and volume in need of review. Connectivity, integration and communication of systems that support declassifcation and records management within and between agencies is fragmented and sparse. Agencies lack universal metadata requirements and standards for managing declassifcation. Requirements and standards are of the utmost importance as declassifcation is increasingly dependent on the ability of agencies to refer their records to other agencies for equity review. Agencies must adopt and implement common solutions to these challenges across government; progress of any one agency in building a technological framework to modernize its declassifcation program is dependent on its ability to interact and share information with its counterparts. Sharing information among agencies also exposes cultural challenges found in the declassifcation world. A common understanding and agreement for how agencies should mitigate risk does not exist. Agency practices are intolerant of risk and the consequences of not striking a balance between openness and continued secrecy in declassifcation review are too high for the system to sustain indefnitely, both in resources and credibility. Today’s information world, including the national security structure, is increasingly dependent on transparency and open source informational content. Risk management and mitigation must be key elements of forethought in designing technical declassifcation capabilities, not an aferthought in response to disclosure events. Next Steps: What Agencies Need Technological modernization of declassifcation and its related functional counterpart, records management, will require leadership and resources. Agencies require both simple workfow tools and advanced content processing, analytic tools and storage/access means. Agencies should integrate declassifcation reviewers and records managers, organizing for success, to share best practices, manage metadata and efciently harvest all the capabilities of information age technologies for the beneft of all system users, including policymakers and historians. Additionally, special media and frst generation born-digital records demand serious consideration. A government-wide investment strategy should consider and build upon those tools in use at agencies with more modernized declassifcation capabilities, such as the intelligence community. A phased adoption of sophisticated content analytic solutions should occur, beginning with an increase in the number of pilots used to test these capabilities within declassifcation programs. Capabilities, like those developed at the Center for Content Understanding at the Applied Research Laboratory at the University of Texas at Austin, should be implemented to a greater extent at agencies.2 For most agencies, there is an immediate need to implement automated workfow solutions and basic search capabilities, solutions that largely exist in the commercial world that are readily available for adoption. Even while grappling with basic workfow challenges, agencies must also seriously invest in advanced content analytic tools. Te sustainability of the system is dependent on agencies exploring advanced content analytic solutions while also solving immediate workfow automation challenges. 35 Even more importantly, the long-term transformation of the declassifcation system will require leadership from the White House and a commitment to funding a government-wide technology investment strategy. Te PIDB will continue studying declassifcation technology investment at agencies with the recommendation that agencies receive the resources they need to make the records of our government accessible to future generations. Our desire is to support policymakers, while maintaining our principal responsibility of responding to the public interest in having an open and transparent government. We believe the government will only be able to achieve this goal with the adoption of technological capabilities that will modernize the security classifcation system to function efectively in the current digital information environment. Memorandum for Implementation of the Executive Order 13526, “Classifed National Security Information,” December 29, 2009, 75 FR 733, Document Number E9-31424. https://www.federalregister.gov/documents/2010/01/05/E9-31424/ implementation-of-the-executive-order-classifed-national-security-information. Accessed May 14, 2020. 2 At the request of the CIA and the National Archives, the Center for Content Understanding at the Applied Research Laboratories at the University of Texas at Austin piloted decision- support technology for records declassifcation review and release. Te pilots successfully yielded a Sensitive Content Identifcation and Marking (SCIM) tool that uses a combination of natural language processing, expert systems, machine learning and semantic knowledge representation to identify sensitive content in textual information found in classifed email records. Te SCIM tool is the only tool of this level of sophistication being explored for the sole purpose of aiding decision-support in classifcation and declassifcation. 1 36 37 ~ ''ll'J f~I PIDB