Spillage

By Barton Gellman

This is the 18th in a series of “Provocations,” a LARB series produced in conjunction with “What Cannot Be Said: Freedom of Expression in a Changing World” a conference cosponsored by UCI, USC, and UCLA (January 22 -24, 2016). All contributors are also participants in the conference.

Some of this material appeared previously on the website of The Century Foundation, and is republished with the foundation’s permission.

On September 24, 2015, I gave a keynote presentation at Purdue University about the NSA, Edward Snowden, and national security journalism in the age of surveillance. It was part of the excellent Dawn or Doom colloquium, which I greatly enjoyed. The organizers live-streamed my talk and promised to provide me with a permalink to share.

After unexplained delays, I received a terse e-mail from the university. Upon advice of counsel, it said, Purdue “will not be able to publish your particular video” and would not be sending along a copy to me. The conference hosts, once warm and hospitable, stopped replying to my e-mails and telephone calls. I don’t hold it against them. Very likely they were under lockdown by spokesmen and lawyers.

It turned out that Purdue had wiped all copies of my video and slides from university servers, on grounds that I had displayed classified documents briefly on screen. (Eventually, my colleagues and I managed to and post it on the Century Foundation web site.) A breach report was filed with Purdue’s Research Information Assurance Officer, also known as the Site Security Officer, under the terms of Defense Department Operating Manual 5220.22-M. I am told that Purdue briefly considered, among other things, whether to destroy the projector I had borrowed from them, lest contaminants remain.

Just after I published the first version of this post, I received an e-mail from Julie Rosa, who heads strategic communications for Purdue. She confirmed that Purdue had wiped my video after consulting the Defense Security Service, but that the university now believed it had gone too far.

“In an overreaction while attempting to comply with regulations,” she wrote, “the video was ordered to be deleted instead of just blocking the piece of information in question. Just FYI: The conference organizers were not even aware that any of this had happened until well after the video was already gone.

“I’m told we are attempting to recover the video,” Rosa continued, “but I have not heard yet whether that is going to be possible.”

Let’s rewind. Information Assurance? Site Security?

These are familiar terms elsewhere, but new to me in a university context. I learned that Purdue, like a number of its peers, has a “facility security clearance” to perform classified US government research. The manual of regulations runs to 141 pages. (Its terms forbid uncleared trustees to ask about the work underway on their campus, but that’s a subject for another day.) The pertinent provision here, spelled out at length in a manual called Classified Information Spillage, requires “sanitization, physical removal, or destruction” of classified information discovered on unauthorized media.

If I had the spider sense that we journalists like to claim, I might have seen trouble coming. One of the first questions in the Q&A that followed my talk was:

“In the presentation you just gave, you were showing documents that were TS/SCI [top secret, sensitive compartmented information] and things like that. Since documents started to become published, has the NSA issued a declass order for that?”

I took the opportunity to explain the government’s dilemmas when classified information becomes available to anyone with an Internet connection. “These documents, by and large, are still classified,” I said. “And in many cases, if you work for the government and you have clearance, you’re not allowed to go look at them… Now, it’s perfectly rational for them to say, we’re not going to declassify everything that gets leaked because otherwise we’re letting someone else decide what’s classified and what’s not. But it gets them wound up in pretty bad knots.”

By way of example, I mentioned that the NSA, CIA, and Office of the Director of National Intelligence “have steadfastly refused to give me a secure channel to communicate with them” about the Snowden leaks. Bound by rules against mingling classified and unclassified communications networks, they will not accept, for example, encrypted e-mails from me that discuss Top Secret material. In service of secrecy rules, they resort to speaking, albeit elliptically, on open telephone lines.

My remarks did not answer the question precisely enough for one post-doctoral research engineer. He stood, politely, to nail the matter down.

“Were the documents you showed tonight unclassified?” he asked.

“No. They’re classified still,” I replied.

“Thank you,” he said and resumed his seat.

Eugene Spafford, a Purdue professor of computer science who has held high clearances himself, wrote to me afterward. “We have a number of ‘junior security rangers’ on faculty and staff who tend to be ‘by the book.’ Unfortunately, once noted, that is something that cannot be unnoted.”

Sure enough, someone filed a report with the above-mentioned Information Assurance Officer, who reported in turn to Purdue’s representative at the Defense Security Service, a government agency. By the terms of its Pentagon agreement, Purdue was officially obliged to be shocked to find that spillage is going on at a talk about Snowden and the NSA. A small number of secret slides, covering perhaps five of my 90 minutes on stage, required that video be wiped in its entirety.

This was, I think, a rather devout reading of the rules. (Taken literally, the rules say Purdue should also have notified the FBI. I do not know whether that happened.) A more experienced legal and security team might have taken a deep breath and applied the official guidance to “realistically consider the potential harm that may result from compromise of spilled information.”

Or perhaps not. Yes, the images I displayed had been viewed already by millions of people online. Even so, federal funding might be at stake for Purdue, and the notoriously vague terms of the Espionage Act also hung over the decision. For many lawyers, “abundance of caution” would be the default choice.

This kind of zeal is commonplace in the military and intelligence services. They have periodically forbidden personnel — and even their families — to visit mainstream sites such as The Washington Post and The New York Times for fear of exposure to documents from Snowden or Wikileaks.

But universities are not secret agencies. They cannot lightly wear the shackles of a National Industrial Security Program, as Purdue agreed to do. The values at their core, in principle and often in practice, are open inquiry and expression.

I do not claim I suffered any great harm when Purdue purged my remarks from its conference proceedings. I do not lack for publishers or public forums. But the next person whose talk is disappeared may have fewer resources.

More importantly, to my mind, Purdue has compromised its own independence and that of its students and faculty. It set an unhappy precedent, even if the people responsible thought they were merely following routine procedures.

Think of it as a classic case of mission creep. Purdue invited the secret-keepers of the Defense Security Service into one cloistered corner of campus (“a small but significant fraction” of research in certain fields, as the university counsel put it). The trustees accepted what may have seemed a limited burden, confined to the precincts of classified research.

Now, the security apparatus claims jurisdiction over the campus (“facility”) at large. The university finds itself “sanitizing” a conference that has nothing to do with any government contract. Where does it stop? Should a faculty member ignore the Snowden documents when designing a course on network security architecture? Should a student write a dissertation on modern U.S.-Saudi relations without consulting the numerous diplomatic cables on Wikileaks?

I honestly do not know how faculty and trustees can be comfortable with this arrangement. Some are not, I discovered.

“There is a fundamental conflict between the role of the university and the application of the [facility clearance] rules,” Spafford told me. “I’m not sure if the university is taking them too far, or if the rules are too constraining and they didn’t understand what they were getting into.”

Before writing this post, I reached out to a vice president and other senior figures I met on campus. I hoped to find that there had been some mistake. I received no reply. Days later, when the incident became briefly notorious, Purdue issued a , alleging that my lecture was an act of civil disobedience in breach of “clear federal law.” That compounded the damage, I think. It is an eccentric view of federal law, at best, to equate First Amendment speech with civil disobedience. The government itself has made no such claim. Marty Lederman, who served in the Justice Department’s Office of Legal Counsel, offered a  .

The irony is that the Dawn or Doom colloquium was the personal project of Mitch Daniels, the former Indiana governor who became Purdue’s president two years ago. Daniels had introduced my talk and asked me to speak again for guests at a dinner he held that night.. Two of the organizers told me he is fascinated by the contradictory responses — from celebration to alarm — that tend to accompany big technological advances. He proposed to convene Purdue faculty members and leading national experts to explore the risks and promises of artificial intelligence, robotics, and Big Data surveillance, among other developments.

In his own view, Dawn or Doom is not a hard question. Daniels and I chatted about that theme as we stood in the wings off stage, shortly before my talk.

“The answer always turns out to be, it’s dawn,” he said.

I wonder.

Postscript: At Princeton, where I have been a visiting lecturer, two of my best students nearly dropped a course I taught a few years back, called “Secrecy, Accountability and the National Security State,” when they learned the syllabus would include documents from Wikileaks. Both had security clearances for summer jobs, and feared losing them. I told them that I would put the documents on Blackboard, an internal university server. They need not visit the Wikileaks site itself, but the readings were mandatory.

Both, to their credit, stayed in the course. They did so against the advice of some of their mentors, including faculty members. The advice was purely practical. The U.S. government will not give a clear answer when asked whether this sort of exposure to published secrets will harm job prospects or future security clearances. Why take the risk?

Every student and scholar must decide for him- or herself, but I think universities should push back harder, and perhaps in concert. There is a treasure trove of primary documents in the archives made available by Snowden and Chelsea Manning. The government may wish otherwise, but that information is irretrievably in the public domain. If higher education has one sacred mission, it is to seek out authoritative sources of knowledge, wherever they reside, and defend the freedom to read, speak and write about them without fear.

Barton Gellman (@bartongellman), a Pulitzer Prize and Emmy Award winning writer, is a senior fellow at the Century Foundation and visiting research fellow at Princeton. He led coverage of the NSA at The Washington Post, based on a classified archive that Edward Snowden gave him in 2013. He is now writing a book for Penguin Press on surveillance and privacy. Angler: The Cheney Vice Presidency, his previous book, won the Los Angeles Times Book Prize and was a New York Times Best Book of 2008He will participate in the conference Freedom of Expression in a Changing World: What Cannot Be Said.

Leave a Reply