More About 'Secret' Info on the Front Page

I mentioned yesterday a memo sent to employees and contractors of the Department of Commerce, warning that even though Wiki-leaked State Department cables had been published all over the world, their contents should still be considered "classified." Therefore employees were still forbidden to quote or discuss this material while using their workplace computer or email systems.

Since then I've received copies of similar memos from almost every federal Department and many big contractors. And many accounts like this, from a reader:

>>A number of defense contractors have taken the step of totally blocking access to the Wikileaks web site, to prevent employees from accessing the leaks at work.

As well, they've issued warnings not to even think about keeping copies of any of the leaked documents on any company IT assets, lest the company as well as the individual responsible be guilty of a security violation.<<

But a number of past and present government employees have written in to say: Not so fast. What may look like a pointless "shutting the barn door" gesture actually has some merit. For the record, here's their case:

As a matter of principle, one person explained to me, anyone who handles classified material has signed a legal pledge to protect that information. The fact that someone else -- say, Pfc Bradley Manning -- has broken the pledge doesn't relieve others from the legal commitment they made.

That may seem purely symbolic -- although, as another person pointed out, leaked information would have additional weight if the act of leaking freed everyone in the government to say, "Oh, sure, that's all true" rather than declining to comment. But a scientist who has done classified work wrote to explain the practical consequence that had federal administrators really worried: the "contamination" and consequent immobilization of their regular, non-classified computer networks with still-classified info. This scientist says:

>>I am not a fan of 'security theater'. But I am actually sympathetic to the officials that put out the memo....

If you discuss classified info on an unclassified computer system, then you have contaminated your hard drive.

That is very, very bad for your workplace productivity because an IT person has to come over, take out your hard drive and run it through a shredder.

You will get a new HD with your last 'clean' backup.

You think that is not a big deal, because your stuff is backed up over the network nightly or hourly.

But you share a backup tape or drive with other folks, who may also be chattering [ie, quoting a Wikileaked passage that they saw online or in the NYT]. Suppose they started chattering last week? When was your last 'clean' backup?

This can be a real nightmare as a small cadre of IT staff have to scrub hundreds (or thousands) of systems while people sit on their hands, waiting to get their system scrubbed.

Just because something has been leaked, doesn't mean it is now clear. That email isn't a threat. It's a reminder to people not to put classified info on their unclassified hard drive or mail server.

If they have to shut down a mail server because of your indiscretion, all your coworkers on the same mail server will also be shut down. And some of them might hold grudges or be less helpful when you need a favor in the future.<<

Reasonable point. Update: An interesting Christian Science Monitor story on similar concerns, here.