Scholarship, Security and ‘Spillage’ on Campus
This article first appeared on The Century Foundation’s website.
This is an adventure in classified speech at an academic conference. If you know a story like it on another campus, please get in touch. Send an email or use my secure contacts for greater privacy.
On September 24 I gave a keynote presentation at Purdue University about the NSA, Edward Snowden, and national security journalism in the age of surveillance. It was part of the excellent Dawn or Doom colloquium, which I greatly enjoyed. The organizers live-streamed my talk and promised to provide me with a permalink to share.
After unexplained delays, I received a terse email from the university last week. Upon advice of counsel, it said, Purdue “will not be able to publish your particular video” and will not be sending me a copy. The conference hosts, once warm and hospitable, stopped replying to my emails and telephone calls. I don’t hold it against them. Very likely they are under lockdown by spokesmen and lawyers.
Naturally, all this piqued my curiosity. With the help of my colleague Sam Adler-Bell, I think I have pieced together most of the story.
It turns out that Purdue has wiped all copies of my video and slides from university servers, on grounds that I displayed classified documents briefly on screen. A breach report was filed with the university’s Research Information Assurance Officer, also known as the Site Security Officer, under the terms of Defense Department Operating Manual 5220.22-M. I am told that Purdue briefly considered, among other things, whether to destroy the projector I borrowed, lest contaminants remain.
UPDATE: Just after posting this item I received an email from Julie Rosa, who heads strategic communications for Purdue. She confirmed that Purdue wiped my video after consulting the Defense Security Service, but the university now believes it went too far.
“In an overreaction while attempting to comply with regulations, the video was ordered to be deleted instead of just blocking the piece of information in question. Just FYI: The conference organizers were not even aware that any of this had happened until well after the video was already gone.”
“I’m told we are attempting to recover the video, but I have not heard yet whether that is going to be possible. When I find out, I will let you know and we will, of course, provide a copy to you.”
Let’s rewind. Information Assurance? Site Security?
These are familiar terms elsewhere, but new to me in a university context. I learned that Purdue, like a number of its peers, has a “facility security clearance” to perform classified U.S. government research. The manual of regulations runs to 141 pages. (Its terms forbid uncleared trustees to ask about the work underway on their campus, but that’s a subject for another day.) The pertinent provision here, spelled out at length in a manual called Classified Information Spillage, requires “sanitization, physical removal, or destruction” of classified information discovered on unauthorized media.
If I had the spider sense that we journalists like to claim, I might have seen trouble coming. One of the first questions in the Q & A that followed my talk was:
“In the presentation you just gave, you were showing documents that were TS/SCI [top secret, sensitive compartmented information] and things like that. Since documents started to become published, has the NSA issued a declass order for that?”
I took the opportunity to explain the government’s dilemmas when classified information becomes available to anyone with an internet connection. I replied:
“These documents, by and large, are still classified. And in many cases, if you work for the government and you have clearance, you’re not allowed to go look at them…”
“Now, it’s perfectly rational for them to say, we’re not going to declassify everything that gets leaked because otherwise we’re letting someone else decide what’s classified and what’s not. But it gets them wound up in pretty bad knots.”
By way of example, I mentioned that the NSA, CIA, and Office of the Director of National Intelligence “have steadfastly refused to give me a secure channel to communicate with them” about the Snowden leaks. Bound by rules against mingling classified and unclassified communications networks, they will not accept, for example, encrypted emails from me that discuss Top Secret material. In service of secrecy rules, they resort to elliptical conversation on open telephone lines.
My remarks did not answer the question precisely enough for one post-doctoral research engineer. He stood, politely, to nail the matter down.
“Were the documents you showed tonight unclassified?” he asked.
“No. They’re classified still,” I replied.
“Thank you,” he said, and resumed his seat.
Eugene Spafford, a Purdue professor of computer science who has held high clearances himself, wrote to me afterward: “We have a number of ‘junior security rangers’ on faculty & staff who tend to be ‘by the book.’ Unfortunately, once noted, that is something that cannot be unnoted.”
Sure enough, someone filed a report with the above-mentioned Information Assurance Officer, who reported in turn to Purdue’s representative at the Defense Security Service. By the terms of its Pentagon agreement, Purdue was officially obliged to be shocked to find that spillage is going on at a talk about Snowden and the NSA. Three secret slides, covering perhaps five of my ninety minutes on stage, required that video be wiped in its entirety.
This was, I think, a rather devout reading of the rules. (Taken literally, the rules say Purdue should also have notified the FBI. I do not know whether that happened.) A more experienced legal and security team might have taken a deep breath and applied the official guidance to “realistically consider the potential harm that may result from compromise of spilled information.”
Or perhaps not. Yes, the images I displayed had been viewed already by millions of people online. Even so, federal funding might be at stake for Purdue, and the notoriously vague terms of the Espionage Act hung over the decision. For most lawyers, “abundance of caution” would be the default choice.
This kind of zeal is commonplace in the military and intelligence services. They have periodically forbidden personnel — and even their families — to visit mainstream sites such as the Washington Post and the New York Times for fear of exposure to documents from Snowden or Wikileaks.
But universities are not secret agencies. They cannot lightly wear the shackles of a National Industrial Security Program, as Purdue agreed to do. The values at their core, in principle and often in practice, are open inquiry and expression.
I do not claim I suffered any great harm when Purdue purged my remarks from its conference proceedings. I do not lack for publishers or public forums. But the next person whose talk is disappeared may have fewer resources.
More importantly, to my mind, Purdue has compromised its own independence and that of its students and faculty. It set an unhappy precedent, even if the people responsible thought they were merely following routine procedures.
Think of it as a classic case of mission creep. Purdue invited the secret-keepers of the Defense Security Service into one cloistered corner of campus (“a small but significant fraction” of research in certain fields, as the university counsel put it). The trustees accepted what may have seemed a limited burden, confined to the precincts of classified research.
Now the security apparatus claims jurisdiction over the campus (“facility”) at large. The university finds itself “sanitizing” a conference that has nothing to do with any government contract. Where does it stop? Suppose a professor wants to teach a network security course, or a student wants to write a foreign policy paper, that draws on the rich public record made available by Snowden and Chelsea Manning? Those cases will be hard to distinguish from mine.
If the faculty and trustees are comfortable with this arrangement, I honestly do not know how.
Some are not, I discovered.
“There is a fundamental conflict between the role of the university and the application of the [facility clearance] rules,” Spafford told me. “I’m not sure if the university is taking them too far, or if the rules are too constraining and they didn’t understand what they were getting into.”
Before writing this post, I reached out to a vice president and other senior figures I met on campus. I hoped to find that there had been some mistake. I received no reply.
Then I left word for Mitch Daniels, the former Indiana governor who became Purdue’s president two years ago. Daniels had introduced my talk and asked me to speak again for guests at a dinner he held that night. He was a delightful, well-read and open-minded host, but he has not returned my messages either. I sent one last note, detailing my main points here, to Purdue’s assistant vice president for strategic communications. I’ll update with her reply if she sends one.
The irony is that the Dawn or Doom colloquium was Daniels’s own personal project. Two of the organizers told me he is fascinated by the contradictory responses — from celebration to alarm — that tend to accompany big technological advances. He proposed to convene Purdue faculty members and leading national experts to explore the risks and promises of artificial intelligence, robotics, and Big Data surveillance, among other developments.
In his own view, Dawn or Doom is not a hard question. Daniels and I chatted about that theme as we stood in the wings off stage, shortly before my talk.
“The answer always turns out to be, it’s dawn,” he said.
I wonder.
Postscript: Someone is bound to suggest I post the Purdue talk here. I wish I could, but I did not write it out. Nor are the slides self-explanatory. Most of them are just amusing images, intended to make my remarks sound wittier than they probably are. On the other hand: If you have a samizdat copy of the video, please send it my way. I’ll be glad to publish it.
Photo credit: @PurdueUnivNews, https://twitter.com/PurdueUnivNews/status/647390605862023169