A document leak is the unintentional release of classified information. This may happen in many ways, from unsecured storage devices to social media sites. Whether it’s a small or broad disclosure, the impact can be significant. Some documents can change the course of history and land the leakers in prison for years. Others merely embarrass political opponents or erode national security.
The federal government’s track record in controlling classified leaks is abysmal. The US needs a new secrecy paradigm that improves government transparency to reduce damage from these leaks while addressing the need for security and privacy.
To avoid a document leak, agencies must establish a professional secrecy ethic for all cleared personnel, rigorously investigate violations and apply severe administrative or criminal sanctions when warranted. In addition, they must train all employees on the proper handling of sensitive material in the digital age, and implement a zero-based review process that includes both technical and procedural review and training.
In the wake of a series of leaks, Defense Department officials have emphasized that anyone with access to classified information is responsible for safeguarding it on government and personal devices. The agency’s information and operations security program manager, Matt Baker, says diligence is key, especially in busy environments where confidential and unclassified data can easily get mixed up.
When a document leak occurs, agencies must take immediate steps to contain the problem and begin the recovery process. This begins with identifying how much information was exposed, where it is now and who had access. Investigators look at access logs, email activity and other internal systems to find the source. They also suspend normal deletion cycles across email servers, file repositories and print systems to prevent accidental overwriting of data.
About the Author
