On Friday, July 29, the Information Security Oversight Office (ISOO) published its FY 2021 Annual Report to the President. Each year, ISOO reports to the President on the implementation of the Classified National Security Information (CNSI) system, following requirements in Executive Order (E.O.) 13526.
Unfortunately, this E.O is now over 12 years old and contains guidance and direction that is woefully outdated. This year’s Report highlights significant changes needed to update the CNSI system in order to bring it into the digital age.
In our 2020 report to the President, A Vision for the Digital Age: Modernization of the U.S. National Security Classification and Declassification System, the Public Interest Declassification Board (PIDB) built upon our previous work by offering new recommendations for how to achieve these same goals. We called for government-wide reform of the nation’s outdated classification and declassification system.
ISOO’s current report adopts several recommendations that the PIDB included in its Vision report in 2020. These recommendations include:
- Eliminating the Confidential level of classification.
- This would more closely align with our approach to cybersecurity domains and with the two-tiered classification systems of many of our closest allies.
- Overhauling or eliminating the automatic declassification system as it currently exists.
- Applying modern technologies to the declassification system.
- Moving permanently from a paper paradigm to a digital approach for the creation, management, and declassification of CNSI.
- Funding a fully digital declassification pilot program coordinated within the Intelligence Community by the Office of the Director of National Intelligence.
The ISOO report is aligned with the PIDB’s 2020 Vision, and we endorse it. Our report and current efforts emphasize the critical need for the acquisition and deployment of advanced technologies in classification and declassification processes. Outdated and excessively costly, the current method for classifying and declassifying CNSI remains unsustainable in the digital information age and can no longer function without a paradigm shift focused on adopting technologies required to implement an enterprise-level, system-of-systems for government information management. Technologies such as artificial intelligence, machine learning, and cloud storage offer effective solutions that will support the rapid growth in digital information.
Additionally, the report addresses several issues that are currently being examined by the board, including the excessive proliferation of Special Access Programs and Controlled Access programs, the need for a well-funded interagency program office to develop and implement automated classification management tools, and the simplification of agency security classification guides. The Board plans to integrate suggestions to address these issues in our recommendations to the National Security Council as it moves to update Executive Order 13526. The Board suggests that in future years ISOO take steps to curb the overuse of the “NOFORN” caveat, which effects information sharing and operational integration with our FVEY partners.
The time is ripe for envisioning a new approach to classification and declassification, before the accelerating influx of classified electronic information across the government becomes completely unmanageable. We embrace ISOO’s forward-leaning recommendations for overhauling the CNSI system and look forward to working with the White House in any way possible in this herculean effort.