On Tuesday, DHS reversed a policy that required all employees to sign an oath that they will not disclose certain information without proper authorization, including material labeled as sensitive but unclassified. Department contractors and consultants, however, still must sign the nondisclosure agreement, which also allows the government "to conduct inspections, at any time or place, for the purpose of ensuring compliance."
Janet Hale, DHS undersecretary for management, issued a memo announcing the policy changes. The memo and a revised management directive were posted online by the Federation of American Scientists' Project on Government Secrecy.
Hale referred to the nondisclosure agreement as "an interim measure" and said that the DHS Office of Security will now develop an "education and awareness program" for all employees on safeguarding sensitive but unclassified information.
The program will consist of classroom or computer-based training sessions "designed to educate employees on what constitutes [sensitive but unclassified] information and the standards for handling and disseminating it." According to the management directive, that category covers information that, if released, "would cause harm to a person's privacy or welfare, adversely impact economic or industrial institutions, or compromise programs or operations essential to the safeguarding of our national interests."
The American Federation of Government Employees and the National Treasury Employees Union welcomed the policy reversal. They had protested the policy and threatened to sue the department over it, saying that the nondisclosure agreement would undermine national security and the public interest by suppressing whistleblowing activity and discouraging dissent.
"The original directive was nothing more than a fear tactic being used by DHS to censor its employees," AFGE president John Gage said. "We are pleased that DHS has recognized its error and is taking the steps to correct it. We only hope that the agency continues on that positive path."
The unions added that they appreciate the necessity--and importance-of safeguarding classified information.
Gage and NTEU president Colleen Kelley issued a joint statement, however, saying that the management directive "still covers a broad and vaguely defined universe of information. It opens up the possibility of using the designation to cover up misconduct, among other things."
They were especially concerned about the "for official use only" category of information.
"DHS' decision to keep the FOUO category is an invitation for injustice," the two said. "The potential for misuse here is astronomical. The policy still is not clear regarding who can designate FOUO and how employees who are found in violation of the agreement will be disciplined.
"Additionally, we still are concerned with the overly broad, subjective designation of sensitive but unclassified information," they added.
AFGE assistant general counsel Anne Wagner said her union wants the department to work with it to develop clear guidelines for handling and designating information, and laying out the consequences for unauthorized disclosure.
The department's reversal has halted legal action for now, but AFGE isn't closing the door on a lawsuit.
"I think because of the vagueness of the directive, we are still considering the possibility of pursing litigation," Wagner said.
Jack Johnson, DHS chief security officer, said the new training program is specifically intended to educate employees on the different types of designations for information, and when and how to use them. He said within a month, the department will begin training new employees. Later, the training effort will be expanded to include all 180,000 workers in the department. The training will be web-based, and recurrent training will be provided in the future.
Johnson said DHS has dealt with "unprecedented amounts and types of information." The department had to find a way to handle the information, he said, and the nondiscolsure agreement was the "quickest and easiest way" until a new policy could be determined.
He said each of the designations have specific criteria associated with them, and are made by officials based on training and departmental guidance. He added that each bureau or agency within the department has officials who can help employees if they have questions about making designations, along with the DHS Office of Security.
"It's not a unilateral, arbitrary designation that we're doing," he said. "We face a balancing act every day about safeguarding information, but at the same time ensuring that we have the ability to share that information with our partners."
The Project on Government Oversight, a watchdog group, said the revised policy is "still problematic" for several reasons. For example, the department still prevents employees from disclosing information that is available to the public under the Freedom of Information Act. Also, any employee, detailee or contractor within the department can designate information to be withheld.
"The Department of Homeland Security's revision of its policy for handling sensitive information changes nothing," said POGO general counsel Scott Amey. "To ensure that secrecy oaths do not happen, Congress must pass legislation and make its intent known. A government agency should never threaten its employees or contractors with criminal prosecution for disclosing information that is available under the Freedom of Information Act."