Skip to content

Back to the arcane world of classification markings

Post categories

  1. National Security
Title card for RCFP's The Nuance newsletter. Purple and black background with white text that reads: The Nuance: Tackling the legal issues at the forefront of a free press

Two weeks ago, we brought you what I’m sure readers thought was a barnburner of a post on the meaning of “sensitive compartmented information” and “special access programs.”

To recap, SCI refers to control systems related to sensitive intelligence sources, methods and analytical processes, per section 4.3 of Executive Order 13526, whereas SAPs can be broader than just intelligence controlled access programs. You can also have a SAP within an SCI control system — that is, a document could be controlled under one of the control systems mentioned below, but also pertain to a specific SAP, which is denoted by “special access required,” or SAR, and a codename.

This week, let’s dig further into how SCI markings work in practice — and how they apply to the records related to the Justice Department’s high-profile Mar-a-Lago search. The complexities are daunting so this will still be relatively high-level. For more detail, see the relevant Intelligence Community Directives (especially 703710 and 906).

Before we get to what SCI markings look like, it’s important to remember that classification and control are two different things. Classification refers to the level of potential harm to national security from disclosure (“top secret” information would cause “exceptionally grave” damage, whereas “secret” is “serious damage” and “confidential” is just “damage”). Control, on the other hand, refers to limiting access to classified information even among personnel with the same classification level. It also covers the protocols governing where, for instance, information is stored and how (literally what kind of lock you have to have on the door).

If you look at Intelligence Community Directive 906, it refers to “Controlled Access Programs,” or CAPs, which is the term for the top-level control system and any “compartment” or “sub-compartment” thereunder. That means you could have clearance to access some CAP information but there may be even more sensitive compartments that are off limits.

So, SCI control systems are CAPs involving material derived from or concerning intelligence sources, methods or analytical processes. As such, the SCI control systems all refer to a different type of intelligence collection or discipline. With that in mind, we can get to the cloak-and-dagger stuff. Here are the current SCI control systems:

— HCS, or HUMINT Control System, which refers to human intelligence. Human intelligence includes actual spies (assets handled by intelligence officers), as well as individuals under diplomatic cover, military attaches and undercover intelligence officers. The CIA, Defense Department, State Department and FBI all have a HUMINT function. HCS material was found in the cache of documents turned over from Mar-a-Lago in May, and referenced in the now-famous paragraph 47 of the redacted search warrant affidavit.

— SI, or Special Intelligence. Basically signals intelligence, which includes communications intelligence (intercepting phone calls, for instance) and electronic intelligence (using electronic sensors to capture information other than communications). GAMMA is a subcompartment of SI. Also, according to paragraph 47, the initial cache of material returned to the National Archives and Records Administration contained documents with SI markings.

— TK, or TALENT KEYHOLE. Spy satellites and attendant intelligence products. There’s also a legacy system called BYEMAN. Most BYE data is now in TK, except for “BYE special handling,” which is in a National Reconnaissance Office control system called RESERVE.

— And KDK, or KLONDIKE, which is designed to protect sensitive geospatial intelligence.

So, based on all this, we can glean from paragraph 47 of the affidavit that the material returned in May included documents derived from or concerning human intelligence and signals intelligence. We also know they included documents with the dissemination control marking “FISA,” signaling information derived pursuant to the Foreign Intelligence Surveillance Act, which cannot be shared for law enforcement purposes without attorney general approval. The documents were also marked ORCON, requiring approval of the originating agency before sharing further, and NOFORN, meaning not releasable to foreign nationals.

We can go even deeper than this. In part three, I’ll share more of what I learned from reviewing this handy student guide prepared by the Defense Department’s Center for Development of Security Excellence.


Like what you’ve read? Sign up to get The Nuance newsletter delivered straight to your inbox!

The Technology and Press Freedom Project at the Reporters Committee for Freedom of the Press uses integrated advocacy — combining the law, policy analysis, and public education — to defend and promote press rights on issues at the intersection of technology and press freedom, such as reporter-source confidentiality protections, electronic surveillance law and policy, and content regulation online and in other media. TPFP is directed by Reporters Committee attorney Gabe Rottman. He works with RCFP Staff Attorney Grayson Clary.