Skip to content

Secret, but not classified

Post categories

  1. Freedom of Information
TSA officials receive wide latitude to withhold ‘sensitive’ documents, and a new law promises little relief for journalists seeking information.…

TSA officials receive wide latitude to withhold ‘sensitive’ documents, and a new law promises little relief for journalists seeking information.

From the Fall 2006 issue of The News Media & The Law, page 20.

By Nathan Winegar

The Transportation Security Administration convened an open public meeting in October 2003 to review a report that said securing airline cargo should receive increased attention and resources after Sept. 11, 2001.

At the meeting, aviation and security representatives gathered with the media and the public on hand the only restriction being that they could not actually discuss the details of the report that they had gathered to discuss.

Sara Goo, who reported on the meeting for The Washington Post, said whenever the discussion began to wander toward the report’s details, a TSA representative would intervene and remind participants of the rules.

“It was a public meeting about the cargo security report, but no one could talk about what it said,” Goo recalled. “We were all looking at each other like, ‘What is this?’”

Call it open government, TSA-style. And while early versions of a new law held the promise of more access to the agency, the final language of the bill that President Bush signed into law in October will likely prove far less of a tool for journalists trying to find out how effectively transportation security is being managed in the United States.

Since the creation of the TSA after the Sept. 11 attacks, the agency has used a label called “sensitive security information,” or SSI, to withhold information that, while not classified, is still deemed too large a security threat to be released to the public.

The SSI label has been used not only on traditional forms of security information, such as intelligence concerning threats to transportation, but also broader directives and rules affecting everyone who travels. In addition to the TSA, other Department of Homeland Security agencies, including the Coast Guard, use the SSI designation.

Critics say the TSA is overusing the designation not because of security threats, but to deflect criticism and lawsuits.

In the face of this criticism, which came not only from outside advocacy groups but in multiple government reports, Congress imposed rules for disclosing SSI. Under the old rules, once information was marked SSI, it could stay secret indefinitely. The new law creates a limited system for the eventual review and possible release of information marked SSI in certain narrow circumstances.

“This is the first step in that direction to at least create the possibility of review,” said Patrice McDermott, director of, a nonprofit coalition of groups including the Reporters Committee for Freedom of the Press that advocates for greater access to information. “It is a tiny step. It’s an acknowledgement that right now the stuff is going into a black hole.”

The new law says that whatever the TSA designates SSI can remain secret for three years. After that, SSI might be released upon request if it does not fall within one of the dozen categories of protected information. Even if the information falls outside these sheltered categories, release may still be barred if TSA can show a “rational reason” for doing so.

Open government advocates are concerned that the protected categories, with names like “vulnerability assessments” and “security inspection or investigative information,” are vague and leave too much to agency discretion. And “rational reason” is not a high legal threshold for the TSA to meet if it were intent on keeping information that falls outside those broad categories secret.

Nick Schwellenbach, an investigator for the nonprofit Project On Government Oversight, doesn’t view the new law as an improvement. He had hoped the law would at least require the TSA to show the more legally demanding “compelling reason” for continued withholding of SSI.

“Putting this in law is in some ways worse,” Schwellenbach said. “It kind of legitimizes [the TSA’s practices] to a certain degree. Before, when Congress hadn’t really stepped in, it was just an executive agency practice that was criticized by Congress.”

Defense or deflection?

There seems to be little in the new law to alleviate the concern that the TSA’s current practice results in an inconsistent application of the SSI label and rampant overuse in an attempt to limit scrutiny of TSA practices.

Schwellenbach pointed to a recent report that described how Government Accountability Office investigators tried to smuggle bomb components past the screening checkpoints of 21 airports and succeeded in all of them.

The TSA declared the entire report SSI and therefore not subject to release to the public. In doing so, the agency drew no distinction between the need to notify the public of the potential for such security breaches and the desire to shield potential terrorists from the specific techniques employed by GAO officials during their investigation.

“Originally the fact that GAO is able to penetrate screening checkpoints was labeled SSI,” Schwellenbach said. “Somebody had to leak that to a reporter for it to get out.”

A 2004 Congressional Research Service report highlighted several instances where TSA officials engaged in questionable SSI labeling.

For example, in 2003, prosecutors were forced to drop theft and conspiracy charges against a baggage handler at Miami International Airport when the TSA determined the risk of releasing SSI during court proceedings was too great.

Brian F. Sullivan, a retired special agent in the Federal Aviation Administration, which oversaw airline security issues before the creation of the TSA, criticized the TSA for requiring less scrutiny of SSI than of classified information.

Information must fall into certain categories to be deemed classified, and only some officials have the power to declare documents classified. In contrast, a GAO report released last year revealed that TSA regulations “allow anyone within the TSA to designate information SSI” and stated there was no written guidance for when to do so.

By its very definition of being “sensitive but unclassified,” SSI is not as potentially harmful as classified information if released, Sullivan said.

“You dilute the whole purpose of the program when you overclassify,” he said.

Sullivan praised the new law for imposing at least some mechanism for evaluating whether information marked SSI really needed to remain secret after three years.

Ordered in the court

Goo, who covered the TSA extensively in the years after its creation, said she was rarely thwarted in attempts to cover stories that implicated SSI. Instead, she examined TSA policies on SSI as part of broader stories on government secrecy.

“As a practical matter, I didn’t feel that the SSI issue prevented me from writing stories I wanted to write,” she said. “This led to a lot of stories and a lot of probing about larger issues of security and privacy that today are playing themselves out in … bigger ways, such as secret prisons and detaining individuals. Those are all under the same umbrella.”

Goo also reported on civil lawsuits where the TSA intervened to attempt to keep information it deemed SSI from being revealed to the parties, their lawyers, and even the court.

In fact, it is those lawsuits that the new law could end up having the most effect on. The judges and participants in civil proceedings will now have access to SSI if certain requirements are met and unless disclosure “presents a risk of harm to the nation.”

One high-profile lawsuit involves John Gilmore, a California computer industry entrepreneur and civil liberties advocate who this summer filed a petition with the U.S. Supreme Court asking it to review the constitutionality of the TSA’s practice of not revealing publicly the security directive that requires airline passengers to show photo identification before boarding an airplane.

Gilmore was barred from taking a flight in 2004 when he declined to show his ID. When he asked airport officials to see a physical copy of the document stating the requirement, they demurred, saying the policy was SSI.

Gilmore’s lawyers have argued that the United States is premised on laws being open to inspection by the people and have pointed to the inconsistency of revealing the requirements of the TSA policy on signs and through airport public address systems, but not making public a copy of the actual regulation.

“[T]he government’s ‘secrecy’ does not involve keeping sensitive information non-public,” Gilmore’s lawyers write in their brief to the Supreme Court. “What is at stake is instead the government’s refusal to prove that what it claims is the law is, in fact, required.”

In another case in federal court in New York, those injured in the Sept. 11 attacks and family members of victims have seen their case against airlines and the government tied up by the TSA’s reluctance to release information about airline screening practices in place on the day of the attacks. TSA officials have barred lawyers in the case from reviewing material, and disputes over what airline and government officials can discuss in pre-trial proceedings have delayed the lawsuit for years.

Audrey Hudson, who covers homeland security for The Washington Times, said it is these lawsuits that the TSA is concerned about when it designates something “sensitive security information.”

“It should be called sensitive suing information,” she said. “It is used to cover up and not to protect Americans.”