The director of the Information Security Oversight Office is planning to retire next summer, giving the head of the National Archives the chance to choose ISOO’s next leader amid a White House review of classification policies.
Mark Bradley, a former CIA officer who has served as director of ISOO since December 2016, plans to retire on June 1, 2023. He made the announcement Wednesday during a meeting of the National Industrial Security Program Policy Advisory Committee (NISPPAC).
The ISOO director position is selected by the Archivist of the United States and approved by the president. President Joe Biden’s pick to be the next Archivist is facing headwinds to her confirmation in the Senate.
“Whether we’re going to have a continuation of this administration or another one, I want to give the powers that be ample time to pick another director of ISOO, because I think the position is too important to languish,” Bradley said at the NISPPAC meeting.
ISOO oversees the government-wide secrecy system and advises the president on classification policies. The director also serves as executive secretary of the Public Interest Declassification Board, as well as chairman of the NISPPAC.
Bradley has advocated for modernizing what he called “outdated systems for classifying and declassifying national security information” in ISOO’s latest annual report to President Biden. He also applauded a White House-led effort initiated this year to review information management and classification policies.
“This could not be timelier because we can no longer keep our heads above the tsunami of digitally created classified records,” Bradley wrote. “It will be a mammoth task to turn these tidal waves.”
“This process will engage all key stakeholders, to include the Congress, advocacy organizations, and academic partners, to obtain a wide range of viewpoints on the challenges associated with standardizing information management, classification, declassification, and the control of sensitive information,” she wrote.
Haines also added that the intelligence community supports the effort, and it’s her “continued view that deficiencies in the current system undermine our national security, as well as critical democratic objectives.”
In addition to advising the president on classification issues, ISOO also oversees the sprawling “controlled unclassified information” program. “CUI” refers to information that while unclassified, is required to be protected from public disclosure.
There are 125 categories of CUI ranging from nuclear security-related information to patent applications.
The CUI system has been criticized for being too complex and costly, with a patchwork of rules across agencies for handling and sharing the information. The General Services Administration is now working on a highly anticipated Federal Acquisition Regulation clause to create standard rules for how contractors can manage, protect and share CUI.
Reforms to the CUI program is likely to be another top issue for Bradley’s successor.
“The plethora of previously existing laws, regulations, and government-wide policies that now form the basis for the information included in the CUI program were created over decades to safeguard and share sensitive information without consideration for a standardized framework,” Bradley wrote in ISOO’s annual report. “Many of these requirements are similar to those for CUI but differ enough from the CUI framework — and each other — to make the system unnecessarily more complex. In an attempt to ameliorate some of this complexity, we are working with agencies to modify many of these regulatory authorities so they align with CUI requirements and reduce the many variations.”