Director of National Intelligence John Ratcliffe has asked the White House to repeal an Obama-era executive order putting controlled unclassified information re...
Agencies have until the end of the year to tell the National Archives and Records Administration how they plan to standardize information that’s not classified, but also not fit for public use.
Documents marked as “for official use only,” “sensitive but classified,” or “limited official use” generally fall into this legal grey zone.
This jargon, however, has proliferated into more than 100 different markings, with few ground rules for how agency officials can share this information with each other, or with other agencies.
President Barack Obama signed an executive order in 2010 to standardize what agencies now refer to as controlled unclassified information (CUI).
Ten years into that process, agencies have until Dec. 31 to submit a plan to NARA’s Information Security Oversight Office outlining how they will standardize the handling of CUI.
The governmentwide focus on CUI stems from the 9/11 Commission, which found agencies weren’t sharing information they had related to counterterrorism and homeland security, and that there were internal barriers to sharing this information.
The Office of the Director of National Intelligence, however, estimates it would cost the intelligence community more than $1 billion to meet the requirements of the CUI program.
Rather than overcome these “insurmountable hurdles” to comply with the CUI program, Director of National Intelligence John Ratcliffe has asked the White House to repeal the Obama-era executive order putting these requirements in place.
“Although its clear mandate was to simplify the unclassified markings system and sharing rules, the resulting CUI Program is exponentially more complex than the classification system” outlined in the executive order, Ratcliffe wrote in a Dec. 4 memo to National Security Adviser Robert O’Brien.
In the memo, first obtained by the Federation of American Scientists, Ratcliffe said that instead of simplifying the process, the CUI program has become “vastly overcomplicated,” with over 124 categories in 20 groupings, with more than specified and basic categories.
An ODNI spokeswoman declined to comment about the memo or specify whether the agency expected to meet the year-end deadline.
Steven Aftergood, the director of the FAS Project on Government Secrecy, told Federal News Network that the memo, sent a few weeks before the NARA deadline, was a “dramatic gesture,” but unlikely to have an effect.
The Defense Department, which includes several key members of the intelligence community, already issued guidance in March detailing how it would implement CUI policy throughout the agency.
“There’s just too much momentum behind CUI to somehow turn it off and go back in time,” Aftergood said. “It’s hard to see how anybody thought this was a serious move. It certainly is eye-catching, but it’s not how the government produces and implements national policy.”
Rather than request additional time to comply with the CUI program or an exemption, Ratcliffe said the intelligence community would “fully support a long-overdue executive branch-wide E.O. or similar guidance mechanism that provides standardized rules” to protect unclassified information.
“He’s asking to change the entire governmentwide policy, which is not his concern,” Aftergood said. “He doesn’t have any say in what the Department of Commerce of the Department of Agriculture are going to do.”
There is, however, room for criticism with the CUI program. Aftergood said there are more than 100 categories of CUI with rules detailed and complicated requirements, which requires agencies to dedicate a significant amount of time to training personnel.
“If the DNI had written a memo that said, ‘Look, this marking system has gotten too complicated, and it’s too difficult and expensive to train people to follow it. We need a simpler marking system,” I think that’s a decent criticism that deserves a serious response,” Aftergood said.
Mark Bradley, director of the NARA Information Security Oversight Office, told Federal News Network that because of the COVID-19 pandemic, his office has granted reporting extensions to agencies that have requested them.
Bradley said NARA expects to have a sense of how many agencies in total have submitted CUI plans by late January.
Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.
Jory Heckman is a reporter at Federal News Network covering U.S. Postal Service, IRS, big data and technology issues.
Follow @jheckmanWFED