Management Matters Management MattersManagement Matters
Practical advice for federal leaders on managing people, processes and projects.

A Word About Leaks


Leaks of classified information are back in the news. Or more precisely, the hunt for leakers is making headlines again. After big news scoops on intelligence programs—involving counterterrorism operations in Yemen, drone strikes and a cyberwar campaign against Iran—lawmakers are accusing the White House of disclosing covert operations to make President Obama look strong on national security in an election year. The Obama administration, which has prosecuted an unprecedented number of government employees for allegedly disclosing classified information to journalists, insists that the president abhors leaks and no one in the White House gave away any national security secrets.

The truth lies somewhere in the middle. And it all depends on how you define the word “leak.” For argument’s sake, let’s consider leaks to be disclosures of classified information. Officials reveal all kinds of information every day that could be sensitive or potentially embarrassing, but isn’t covered by a classification regime.

The next question is whether the leak was authorized.  

Authorized leaking happens all the time in Washington. If the president tells his counterterrorism adviser to give a speech on the United States’ use of drones to kill terrorists—which he did recently—the president has effectively declassified whatever information his adviser relays.

Authorized leaks were also a part of at least one of the recent news scoops that has so many officials in a lather. David E. Sanger, a reporter for The New York Times and the author of the book Confront and Conceal (Crown, 2012), revealed new details about the administration’s cyberwar tactics. Sanger tells us in his book that he was granted access to almost every member of the president’s national security team. Such access is rare and is the result, in part, of a decision by the Obama administration to disclose certain secrets. They might not have been the most startling revelations that Sanger discovered in his reporting—which was surely based on some un-authorized leaks—or even the most secret. But the mere fact that officials were talking with a journalist about intelligence programs meant leaks of some kind were blessed at a high level.      

It’s the unauthorized leaks that tend to cause the most controversy and put government employees in the most danger. How do we know when a leak is unauthorized? For reporters, it can be hard to tell sometimes, but a good indication is if the person sharing the information says, “I could lose my job over this.” Or, “I might go to jail for this.”

Does it follow that the information shared in an unauthorized leak must be more sensitive, more revealing, more potentially damaging to the United States than the authorized leak? Absolutely not.

Former National Security Agency official Thomas Drake was not authorized to talk to journalists when he contacted a reporter forThe Baltimore Sun and told her about wasteful spending at NSA. The information he conveyed was nowhere near as sensitive as secrets about drone strikes or cyberwar. And yet, the Justice Department indicted Drake under the 1917 Espionage Act for illegally disclosing classified information.

Drake insisted he’d done no such thing, and the dubious case against him fell apart before it went to trial. But it proved an essential point: In matters of leaks, it’s not the leak itself that’s at issue, but whether it was authorized. When lower level career employees make that decision—however more principled it may be—they’re open to prosecution.

No system of secrecy can work if people are allowed to arbitrarily break its rules. But a decision to leak may be arbitrary, too, even if it was authorized.   

Shane Harris is the author of The Watchers: The Rise of America’s Surveillance State and was a staff writer for Government Executive.

Close [ x ] More from GovExec

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Sponsored by G Suite

    Cross-Agency Teamwork, Anytime and Anywhere

    Dan McCrae, director of IT service delivery division, National Oceanic and Atmospheric Administration (NOAA)

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

  • Sponsored by One Identity

    One Nation Under Guard: Securing User Identities Across State and Local Government

    In 2016, the government can expect even more sophisticated threats on the horizon, making it all the more imperative that agencies enforce proper identity and access management (IAM) practices. In order to better measure the current state of IAM at the state and local level, Government Business Council (GBC) conducted an in-depth research study of state and local employees.

  • Sponsored by Aquilent

    The Next Federal Evolution of Cloud

    This GBC report explains the evolution of cloud computing in federal government, and provides an outlook for the future of the cloud in government IT.

  • Sponsored by LTC Partners, administrators of the Federal Long Term Care Insurance Program

    Approaching the Brink of Federal Retirement

    Approximately 10,000 baby boomers are reaching retirement age per day, and a growing number of federal employees are preparing themselves for the next chapter of their lives. Learn how to tackle the challenges that today's workforce faces in laying the groundwork for a smooth and secure retirement.

  • Sponsored by Hewlett Packard Enterprise

    Cyber Defense 101: Arming the Next Generation of Government Employees

    Read this issue brief to learn about the sector's most potent challenges in the new cyber landscape and how government organizations are building a robust, threat-aware infrastructure

  • Sponsored by Aquilent

    GBC Issue Brief: Cultivating Digital Services in the Federal Landscape

    Read this GBC issue brief to learn more about the current state of digital services in the government, and how key players are pushing enhancements towards a user-centric approach.


When you download a report, your information may be shared with the underwriters of that document.