I was watching a thriller movie that I had seen sometime in the 80's. It was as good as the first time I saw it. The scene played out where the police catch a bad guy in the act of espionage. As the good guys move in for the kill, the bad guy yell's out "Diplomatic Immunity" and holds up his credentials. We see our dejected investigators halted by those two powerful words. It's not until later after several minutes of good snooping to even better suspense music that our heroes save the day and the perpetrator is put away in spite of his diplomatic status.
Sometimes life imitates art. Just like in the thrillers that we watch or read, the evil doers seem to either be or think they are smarter than the good guys. They find loopholes that protect their crimes and there isn't a thing the good guys can do about it. Finally, at the last climatic moments, the good guys find the evidence they need to make a prosecution stick. Just as in the movie mentioned above.
A similar thriller plays out in a court room according to a January 22, 2010 Washington Examiner article called "Defense Official's Mom Introduces Him to Chinese Spy". According to the Article, James Wilbur Fondren provided three papers to a Taiwanese business man who paid a consulting fee. Unbeknownst to Mr. Fondren, the Taiwanese business man was a Chinese Spy.
Mr. Fondren’s defense brought up three issues. The first is that Mr. Fondren only provided classified information in one of the three papers. Two, the classified information was over-classified. Third, the classified information would have been public knowledge within hours of release.
Mr. Fondren gets to have his day in court and he is innocent until proven guilty. So, just for education purposes, let’s leave the case and look at the issues the defense brings up. We can take it on a point by point basis and provide valuable learning opportunities.
Pont one: Only part of the three articles provided classified information.
All classified information should be handled according to the National Industrial Security Program. For defense contractors, the National Industrial Security Program Operating Manual describes how cleared contractors should protect classified information.
Point two: The classified information was over-classified.
Depending on the source, up to 85% of classified information may be over-classified. That is a problem for the original classification authority (OCA) to resolve. Cleared contractors should only be concerned with how to protect classified information according to the markings provided by the OCA. Failure to protect classified information could result in various degrees of damage to national security.
Point three: The classified information was public knowledge within hours of the paper being written.
Until notified by the OCA, classified information will remain classified. If an open source reveals information a user knows is classified by an OCA, the holder is to continue to treat information according to classification markings. In other words, just because someone puts unclassified information in a book or posts it to a website, that information does not become unclassified. That is the OCA’s decision.
These three points should also apply when protecting technical information identified in the United States Munitions Lists (USML) as provided in the International Traffic In Arms Regulation (ITAR). Just because someone posts the technical information online or in a book doesn’t make it open source. That is always a Department of State Determination, not the perpetrator.
Art sometimes does imitate life. The above scenario could easily be the subplot of an international thriller. Some contractors may not completely understand how to protect sensitive information. They may try to find loopholes or shortcuts to meet their agendas. Good FSOs are training their cleared employees to do things the right way by following requirements found in NISPOM and ITAR. Some of the points I’ve used above came from real life situations that I’ve discovered while consulting or working as an FSO or Export Compliance Officer.
No comments:
Post a Comment