Thursday, November 25, 2010

WikiLeaks/Manning's aspiration for "open-diplomacy" may spoil your post-Thanksgiving days

The Harry S. Truman Building located at 2201 C...Image via WikipediaVia Wired's Threat Level by Kevin Poulsen: 

[A]ccording to an e-mail from Assistant Secretary for Legislative Affairs Elizabeth King to the Senate and House Armed Services Committees quoted in the report. “State Department cables by their nature contain everyday analysis and candid assessments that any government engages in as part of effective foreign relations…. The publication of this classified information by WikiLeaks is an irresponsible attempt to wreak havoc and destabilize global security. It potentially jeopardizes lives.”
[...]
“Hillary Clinton and several thousand diplomats around the world are going to have a heart attack when they wake up one morning, and find an entire repository of classified foreign policy is available, in searchable format, to the public,” Manning told former-hacker Adrian Lamo.
[...]
The cables were widely accessible within the U.S. military under an information-sharing initiative called Net-Centric Diplomacy.

Established in the government’s post-September 11 drive to break down information barriers between agencies, Net-Centric Diplomacy makes a subset of State Department documents available on the Secret Internet Protocol Router Network, or SIPRNet, the Pentagon’s global, Secret-level wide area network. SIPRnet is accessible to cleared American military service members and civilian agencies around the world.

To put their cables on SIPRnet, foreign service officers add a special designator to the header: “SIPDIS,” for SIPRnet Distribution. Department rules preclude certain types of communications from being marked SIPDIS, such as sensitive cables between an ambassador and the U.S. Secretary of State or the White House. Cables containing personally identifying information, such as Social Security numbers, and cables describing department personnel issues would also be omitted.

Though the leaked cables wouldn’t include the most sensitive communiqués between diplomatic posts and Washington, nearly all State Department “reporting cables” carry the SIPDIS designator, and most of those are classified at the Secret or Confidential level, says a former State Department official.

Read the whole thing here.

This is serious business.  As PJ Crowley, State's Spokesman in the Daily Press Brief  says:
"This is – without getting into any discussion of any specific cables, the kinds of cables that posts send to Washington are – they’re classified. They involve discussions that we’ve had with government officials, with private citizens. They contain analysis. They contain a record of the day-to-day diplomatic activity that our personnel undertake. And this back and forth between government, the government of the United States and governments around the world, it is diplomacy in action. It is part of the system through which we collaborate and cooperate with other countries. Inherent in this day-to-day action is trust that we can convey our perspective to other governments in confidence and that they can convey their perspective on events to us. It helps inform us of what’s happening around the world. It informs our – the policies that we undertake on behalf of the American people.

And when this confidence is betrayed and ends up on the front pages of newspapers or lead stories on television and radio it has an impact. We decry what has happened. These revelations are harmful to the United States and our interests. They are going to create tension in our relationships between our diplomats and our friends around the world. We wish that this would not happen. But we are, obviously, prepared for the possibility that it will."

We went looking for the publicly available regulations that talk about SIPDIS (see below).

5 FAH-2 H-443.1 When and How to Use SIPDIS (PDF link)
(Secret Internet Protocol Router Network) SIPRNet Distribution
(CT:TEL-29; 07-16-2008)
(State Only)
a. The SIPDIS caption should only be applied to reporting and other informational messages deemed appropriate for release to the U.S. Government interagency community. SIPDIS-captioned messages must not include restrictive captions (e.g., NODIS, EXDIS, STADIS, ROGER, DS, or DSX) that explicitly limit distribution. If a message carries conflicting captions, the more restrictive caption will be controlling and the message will not be loaded into the NCD (Net-Centric Diplomacy) database. (Refer to Department Notice, 2007 11 122, Correction: Sharing Washington Outbound Cables with Other Agencies via “SIPDIS” regarding cables containing Privacy Act-protected information that should NOT include the SIPDIS caption.)
[...]
c. The SIPDIS caption should be used on all messages appropriate for sharing with the broader U.S. Government community. SIPDIS can be used in conjunction with NOFORN, CODEL, SENSITIVE, TERREP. [Note on acronyms: NOFORN (Distribution to non-US citizens is prohibited), CODEL (congressional delegation), SENSITIVE, TERREP (information about terrorism distributed to members of the EAC)].

d. SIPDIS is a distribution caption, not a TAGS, and must be appended to the caption line of the message. If SIPDIS is used in conjunction with another distribution caption such as TERREP or CODEL, the SIPDIS caption should be placed on a separate line below the primary distribution caption. Post information management officers can add "SIPDIS" to post's locally managed CableXpress (CX) or enhanced alternate communications terminal (EACT) application since it is a distribution caption. No Terminal Equipment Replacement Program (TERP)-related action is required to process SIPDIS messages.

e. Drafting officers are encouraged to use the SIPDIS caption only on those messages deemed appropriate for sharing such as reporting messages, analytical pieces, and policy instructions. Posting or making available personal information of U.S. citizens or lawful permanent residents (including Social Security Numbers; information concerning employees, such as travel messages, performance reports, and medical assessments; and arrest reports of U.S. citizens) may violate the Privacy Act and/or new Federal requirements on safeguarding personally identifiable information (PII).

f. Information protected by the Privacy Act (Public Law 93-570) is not suitable for posting on SIPRNET and thus messages containing privacy information should not include the SIPDIS caption.

Based on the above regs available online, we can conclude that:

1) The most restricted cables, like Ambassador Eikenberry's NODIS cable leaked to NYT on the US strategy in Afghanistan are excluded from SIPDIS, so most probably won't be included in this cable dump.

2) Personnel issues and most consular cables with PII are excluded from SIPDIS so probably won't be in this cable dump either.

3) The regs says "drafting officers are encouraged to use the SIPDIS caption only on those messages deemed appropriate for sharing such as reporting messages, analytical pieces, and policy instructions."  This could still be a long diplomatic hangover...

How will this cable dump, if it happens, affect interagency information sharing in the future within the Government? 

One thing we still do not quite understand is why DOD was unable to monitor such a huge download from its SIPRnet in the first place? Where was their risk assessment on this system? You'd think that when SIPDIS was rolled out, that somebody had thought of this possibility. Ay, caramba!

Meanwhile, over in Twitter, WikiLeaks citing local press reports tweeted that  the UK, Australia, Canada, Denmark, Israel have been briefed by US embassies over the presumed pending cable released. As of this posting, the WikiLeaks website is not accessible online.   Cryptome just now noted that "Wikileaks is not responding to HTTP requests or pings, either due to an attack or being loaded with new material. Note the recent tweet to download "history insurance."










No comments: