Management Matters Management MattersManagement Matters
Practical advice for federal leaders on managing people, processes and projects.

A Word About Leaks


Leaks of classified information are back in the news. Or more precisely, the hunt for leakers is making headlines again. After big news scoops on intelligence programs—involving counterterrorism operations in Yemen, drone strikes and a cyberwar campaign against Iran—lawmakers are accusing the White House of disclosing covert operations to make President Obama look strong on national security in an election year. The Obama administration, which has prosecuted an unprecedented number of government employees for allegedly disclosing classified information to journalists, insists that the president abhors leaks and no one in the White House gave away any national security secrets.

The truth lies somewhere in the middle. And it all depends on how you define the word “leak.” For argument’s sake, let’s consider leaks to be disclosures of classified information. Officials reveal all kinds of information every day that could be sensitive or potentially embarrassing, but isn’t covered by a classification regime.

The next question is whether the leak was authorized.  

Authorized leaking happens all the time in Washington. If the president tells his counterterrorism adviser to give a speech on the United States’ use of drones to kill terrorists—which he did recently—the president has effectively declassified whatever information his adviser relays.

Authorized leaks were also a part of at least one of the recent news scoops that has so many officials in a lather. David E. Sanger, a reporter for The New York Times and the author of the book Confront and Conceal (Crown, 2012), revealed new details about the administration’s cyberwar tactics. Sanger tells us in his book that he was granted access to almost every member of the president’s national security team. Such access is rare and is the result, in part, of a decision by the Obama administration to disclose certain secrets. They might not have been the most startling revelations that Sanger discovered in his reporting—which was surely based on some un-authorized leaks—or even the most secret. But the mere fact that officials were talking with a journalist about intelligence programs meant leaks of some kind were blessed at a high level.      

It’s the unauthorized leaks that tend to cause the most controversy and put government employees in the most danger. How do we know when a leak is unauthorized? For reporters, it can be hard to tell sometimes, but a good indication is if the person sharing the information says, “I could lose my job over this.” Or, “I might go to jail for this.”

Does it follow that the information shared in an unauthorized leak must be more sensitive, more revealing, more potentially damaging to the United States than the authorized leak? Absolutely not.

Former National Security Agency official Thomas Drake was not authorized to talk to journalists when he contacted a reporter forThe Baltimore Sun and told her about wasteful spending at NSA. The information he conveyed was nowhere near as sensitive as secrets about drone strikes or cyberwar. And yet, the Justice Department indicted Drake under the 1917 Espionage Act for illegally disclosing classified information.

Drake insisted he’d done no such thing, and the dubious case against him fell apart before it went to trial. But it proved an essential point: In matters of leaks, it’s not the leak itself that’s at issue, but whether it was authorized. When lower level career employees make that decision—however more principled it may be—they’re open to prosecution.

No system of secrecy can work if people are allowed to arbitrarily break its rules. But a decision to leak may be arbitrary, too, even if it was authorized.   

Shane Harris is the author of The Watchers: The Rise of America’s Surveillance State and was a staff writer for Government Executive.

Close [ x ] More from GovExec

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Sponsored by G Suite

    Cross-Agency Teamwork, Anytime and Anywhere

    Dan McCrae, director of IT service delivery division, National Oceanic and Atmospheric Administration (NOAA)

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

  • Federal IT Applications: Assessing Government's Core Drivers

    In order to better understand the current state of external and internal-facing agency workplace applications, Government Business Council (GBC) and Riverbed undertook an in-depth research study of federal employees. Overall, survey findings indicate that federal IT applications still face a gamut of challenges with regard to quality, reliability, and performance management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security


When you download a report, your information may be shared with the underwriters of that document.