At the start of World War II, Britain set up a large and highly secret codebreaking operation. Every document related to the project was “above top secret:” they were all marked “Top Secret Ultra” and handled by separate security teams from merely “Top Secret” military information. This strategy seems to have kept the activity secret, at least from the general public. Military adversaries seem to penetrate such measures more quickly.
The intelligence community’s arrogance about secrecy grew from the Cold War. Very few intelligence agency secrets leaked to the general public back then, regardless of whether they had leaked to adversaries or not. This has had a profound political impact.
No one discusses or questions the intelligence community’s value proposition.
Given the recent dumps of classified information into Wikileaks, newspapers, and everywhere else, I think it’s time to kill the “above top secret” idea. History shows it hasn’t really worked that well anyway. There are much easier and cheaper ways to restrict access and control sharing. We also need to share more information with the public so we can judge the true value of our intelligence community.
The irony is that the major elements of everything “above top secret” leaks to our adversaries much faster than to our citizens. The fact that our key adversaries have uncovered some information does not encourage intelligence agencies to share that information with the public. This is the thread of truth in Steve Bannon’s talk of the “deep state.”
(I also encourage people interested in this topic to read the late Daniel Patrick Moynahan’s article Secrecy: A Brief Account of the American Experience (PDF link). This was part of the final report of a commission he chaired on government secrecy.)
Let’s look at some historical examples of “big secrets” and their disclosure. I omit the atomic bomb example: it’s not clear that they used the same techniques to control their secrets. Their results were comparably unsuccessful.
Bletchley Park and Ultra
Above, I describe Bletchley Park’s “Ultra” system as an early version of “above top secret.” Leaks from the Park itself posed only part of the threat of disclosure: there were also risks whenever dispatches based on decrypted messages were distributed to military commanders. Bletchley set up their own system to control the distribution process. Such material was marked “Ultra.”
It’s not clear how well this “Ultra” secret was kept. Ironically, the U.S. Navy in the Pacific Theater used the word “Ultra” colloquially to refer to dispatches based on decrypted Japanese messages. So at least the name and its role was well known in military circles.
It seems to be an article of faith among Bletchley historians that the secret never really leaked to the Germans. There were no obvious or effective countermeasures taken in German crypto handling that could be traced to German concern about weak crypto.
On the other hand, this could be bureaucratic inertia. The British likewise took few countermeasures when their European spy networks were cracked (see Leo Marks’ book).
Bride/Canoe/Venona and Soviet one-time ciphers
A one-time pad is the only provably secure cipher, but its strength relies on using it exactly as the mathematicians demand. Specifically, every message must use its own secret keying information, and no keying information should ever be repeated. In the 1940s, a world war put pressure on Soviet spy networks. They took the shortcut of reusing their one-time keys in two presumably separate locations, assuming that an adversary wouldn’t collect both messages.
The Army Security Agency, eventually renamed to National Security Agency, discovered this mistake and proceeded to crack several thousand Soviet spy messages over the next few decades. This program carried code names BRIDE and CANOE over the years, but it’s best known today as Venona.
The NSA takes rightful pride in Venona’s success at cracking Soviet messages. The decrypted messages implicated numerous highly placed Soviet spies in the US. But this “happy ending” obscures other parts of the story.
In 1949, the British Special Intelligence Service sent a highly decorated officer to serve in Washington, DC, as First Secretary of the British Embassy and as the senior intelligence contact between the US and British governments. H. A. R. “Kim” Philby, OBE, was also a Soviet spy and promptly passed along what he learned about Venona. The Soviets duly modified their crypto procedures. The NSA continued cracking older Soviet messages for the next decade or so, but newer messages would need a newer attack.
Thus, the intelligence target knew all about the intelligence leak, but uncleared government executives, lawmakers, and citizens remained largely in the dark. In fact, evidence suggests that President Harry Truman was not briefed in much detail, if at all. (See VENONA: Soviet Espionage and the American Response, 1939-1957, published by the National Security Agency and the Central Intelligence Agency; in connection with a major October 1996 conference on VENONA). This secrecy also aided Joe McCarthy’s red scare hysteria in the 1950s.
Discoverer/Corona and Satellite Imagery
In the late 1950s, highly-placed US intelligence officials promoted the development of orbiting satellites carrying spy cameras. Satellite launches were large-scale events at the time, and the spy satellites would somehow need to remain secret. As a young boy fascinated by space travel, I had wondered why I heard so little about the Discoverer satellite program, which allegedly shot animals (Ham the chimp) and other biological specimens into orbit.
The Discoverer was actually a cover for the Corona program. The launches took place at Vandenberg Air Force Base, far from Cape Canaveral and the news media. Launches were never announced and reported. In fact, they were timed to avoid passenger trains scheduled to pass within sight of Vandenberg.
(Visit the National Security Archive at George Washington University for an interesting briefing paper on secrecy and US satellite imagery. They republish numerous Corona reports that have been declassified over the past decade and put them into context.)
In early 1959, Corona project planners issued a very frank memo (PDF) outlining security measures and their likely effectiveness. The memo describes the important role of the Discoverer (“Discovery”) program as a cover story for Corona launches. It also acknowledges several ways in which the Corona program might be disclosed, and how the Discoverer cover story can counteract such disclosures. The memo’s final paragraph admits that Corona’s secrecy is very fragile and that details might be made public in 1959 or 1960. The memo recommends reviewing its security status and to consider the wisdom of disclosure instead of concealment.
If we fast forward to March, 1962, we find a now-released Top Secret report (PDF) assessing the degree of knowledge the Soviet Union has about the Corona program. The released report doesn’t describe likely results from Soviet spying, though a hefty paragraph has been redacted from that section of the report. The report does identify reports in open Soviet publications that talk about US reconnaissance satellites and their relationship to the Discoverer program, one published in late 1960.
Anyone familiar with The Falcon and the Snowman and the Boyce/Lee spy story should realize that their spying undoubtedly disclosed numerous details of US spy satellites in the mid 1970s.
Despite complicated and expensive security measures, the essentials of the Corona program were known by its principal target within 18 months of the security plan’s distribution. Well-known spy figures must have more thoroughly compromised Corona’s secrecy over the next 15 years. Unlike the plan’s suggestion, such disclosures didn’t change the security procedures.
During the Cold War we were told that our national existence depends on keeping our intelligence apparatus totally secret. In fact, our principal adversary, the Soviet Union, generally had a better understanding of our capabilities that American lawmakers and commentators outside the intelligence community.
This is just wrong.
Citizens and lawmakers can’t make informed decisions when so much information is kept secret.
All that “above top secret” classifications do is prevent citizen oversight. They haven’t prevented disclosure to our existential foes. They’re shredding to pieces in the modern world.