top_secret

We’ve heard a lot this week about “classified” documents, state secrets, and how the spreading of this information either makes you a hero or a traitor, if you’re into simple dichotomies.

We’ll leave the “hero/traitor/traitriot” talk surrounding NSA leaker Edward Snowden to the politicos and pundits. As the discussion heats up over whether what Snowden did was treason or not, what we’re wondering is, who decides what’s “classified” and what’s not?

The answer is, to an extent, itself a mystery, in a Catch-22 worthy of that other guy named Snowden. But while the specifics can be vague, one thing is clear from reading executive orders and policy reviews: That the guidelines for determining and describing classified information are rarely consistent from agency to agency, a troubling fact when there are people facing decades in prison for disclosing it.

Below, we’ll explain how information becomes classified, who classifies it, and what can happen if you disclose it to unauthorized parties:

How does information become “classified”?

When someone who is granted the authority to classify information says so. The criteria for deeming something “classified” (as outlined by Executive Order 13526) is met when “unauthorized disclosure of the information reasonably could be expected to result in damage to the national security.” The person classifying the information, referred to as a “classification authority,” must also describe how the information could be damaging before making that distinction.

So how do you become a “classification authority”?

Get elected President, or become one of the administration’s executive officers or agency heads listed here. Most of those individuals are who you’d expect; people like the Secretary of Defense and the Director of the CIA. But it also includes figures who may or may not be experts on what constitutes a national security threat, like the Secretary of Agriculture and the Director of National Drug Control Policy. And in some cases, these individuals can delegate classification authority to other subordinate senior officials not listed here.

Is all “classified information” treated the same?

No. There are three designations for “classified information” in the United States, with different security clearances assigned to each:

Top Secret, meaning that the information could cause “exceptionally grave damage” to national security.

Secret, meaning that the information could cause “serious damage” to national security.

Confidential, meaning that the information could cause plain-old “damage” to national security.

How was the information leaked by Edward Snowden classified?

Both the court order renewing the collection of phone records and the PRISM powerpoint slides Snowden provided to the Guardian were classified as “top secret.”  That makes sense because the purported function of the data collection was to protect against terror attacks, which is about as “exceptionally grave” as it gets. (Although according to the AP, there are doubts as to whether PRISM was really needed to intercept the email that thwarted a 2009 New York terror plot).

So is it always illegal to disclose classified information?

Not always, but often: Disclosing classified information that impacts national security is a violation of the Espionage Act of 1917, which has been used to prosecute Bradley Manning, the originator of the Wikileaks documents, and Daniel Ellsberg, who leaked the Pentagon Papers exposing the lies of multiple presidential administrations during the Vietnam War.

But in 1989 the United States passed the Whistleblower Protection Act, designed shield leakers when the classified information they disclose exposes wrongdoing or illegality. However, the NSA claims that what it was doing was not illegal. And besides, in another absurd Catch-22, you don’t get protection if you work for the NSA.

So what’s the problem? If these secrets protect national security, shouldn’t they stay secret?

The problem is that with so many agencies and individuals empowered to place “classified” status on information, the definition of “national security” is far from settled. A review published by the Office of the Director of National Security in 2008 states, “The definitions of ‘national security’ and what constitutes ‘intelligence’ — and thus what must be classified — are unclear.”

Nor are the distinctions between “top secret,” “secret,” and “confidential” clear, the paper states: “There appears to be no common understanding of classification levels among the classification guides reviewed by the team, nor any consistent guidance as to what constitutes ‘damage,’ ‘serious damage,’ or ‘exceptionally grave damage’ to national security.”

With such little agreement over what can be called “classified” information, and such potentially high penalties for disclosing it — Snowden risks decades in prison — the NSA scandal is as much an opportunity to review how we designate classified information as it is to examine our surveillance practices.