Security classification

Security classification
This article is licensed under the GNU Free Documentation License. It uses material from the Wikipedia article "Security_classification".

"Top Secret" redirects here. For other uses, see Top Secret (disambiguation).

A typical classified document. Page 13 of a U.S. National Security Agency report [1] on the USS Liberty incident, partially declassified and released to the public in July 2003. The original overall classification of the page, "top secret", and the Special Intelligence code word "umbra," are shown at top and bottom. The classification of individual paragraphs and reference titles is shown in parentheses - there are six different levels on this page alone. Notations with leader lines at top and bottom cite statutory authority for not declassifying certain sections.

Classified information is sensitive information to which access is restricted by law or regulation to particular classes of people. A formal security clearance is required to handle classified documents or access classified data. The clearance process requires a satisfactory background investigation. There are typically several levels of sensitivity, with differing clearance requirements. This sort of hierarchical system of secrecy is used by virtually every national government. The act of assigning the level of sensitivity to data is called data classification.

Certain non-government organisations and corporations also have classified information, normally rather referred to as trade secrets.

content

Government classification

The purpose of classification is ostensibly to protect information from being used to damage or endanger national security. Classification formalises what constitutes a "state secret" and accords different levels of protection based on the expected damage the information might cause in the wrong hands.

Classification levels

Although the classification systems vary from country to country, most have levels corresponding to the following British definitions (from the highest level to lowest):

Top Secret (TS): The highest level of classification of material on a national level. Such material would cause "exceptionally grave damage" to national security if publicly available.
Secret: Such material would cause "serious damage" to national security if publicly available.
Confidential: Such material would cause "damage" or be "prejudicial" to national security if publicly available.
Restricted: Such material would cause "undesirable effects" if publicly available. Some countries do not have such a classification.
Unclassified: Technically not a classification level, but is used for government documents that do not have a classification listed above. Such documents can sometimes be viewed by those without security clearance.

Depending on the level of classification there are different rules controlling the level of clearance needed to view such information, and how it must be stored, transmitted, and destroyed. Additionally, access is restricted on a "need to know" basis. Simply possessing a clearance does not automatically authorise the individual to view all material classified at that level or below that level. The individual must present a legitimate "need to know" in addition to the proper level of clearance.

Compartmented information

In addition to the general risk-based classification levels above, often there are additional constraints on access, such as (in the U.S.) Special Intelligence (SI) which protects intelligence sources and methods, No Foreign dissemination (NOFORN) which restricts dissemination to U.S. nationals, and Originator Controlled dissemination (ORCON), which ensures that the originator can track possessors of the information. Documents in some compartments are marked with specific "code words" in addition to the classification level. "Code word" classification can be more restricted than top secret.

Atomic information

Government information about nuclear weapons such as nuclear warheads often has an additional marking to show it contains such information. The marker ESI or "Extremely Sensitive Information" is applied.

Sharing classified information between countries

When a government agency or group shares information between an agency or group of other country’s government they will generally employ a special classification scheme which both parties have previously agreed to honour. For example, sensitive information shared amongst NATO allies has five levels of security classification; from most to least classified, COSMIC TOP SECRET (CTS), FOCAL TOP SECRET (FTS), NATO SECRET (NS), NATO CONFIDENTIAL (NC), and NATO RESTRICTED (NR). A special case exists with regard to NATO UNCLASSIFIED (NU) information. This is NATO property and must not be made public without NATO permission.

Another marking, ATOMAL, is applied to U.S. RESTRICTED DATA or FORMERLY RESTRICTED DATA and United Kingdom Atomic information that has been released to NATO. ATOMAL information is marked COSMIC TOP SECRET ATOMAL (CTSA), NATO SECRET ATOMAL (NSA), or NATO CONFIDENTIAL ATOMAL (NCA).

In cases where a country wishes to share classified information bilaterally (or multilaterally) with a country that has a sharing agreement, the information is with the countries it can be shared with. Those countries would have to maintain the classification of the document at the level originally classified (TOP-SECRET, SECRET, etc.) with the appropriate caveat (USNZ, AUSGE, CANUK, etc.).

International organisations

OCCAR, a European defence organisation, has three levels of classification: OCCAR SECRET, OCCAR CONFIDENTIAL, OCCAR RESTRICTED. PDF.
NATO, has 5 levels: COSMIC TOP SECRET (CTS), FOCAL TOP SECRET (FTS), NATO SECRET (NS), NATO CONFIDENTIAL (NC), and NATO RESTRICTED (NR)
European Commission, has 5 levels, EU TOP SECRET, EU SECRET, EU CONFIDENTIAL, EU RESTRICTED, and EU COUNCIL / COMMISSION.[3][4] (Note that usually the French term is used)

By country

Facsimile of the cover page from an East German operation manual for the M-125 Fialka cipher machine. The underlined classification markings can be translated as "Cryptologic material! Secret classified material" [2].

Most countries employ some sort of classification system for certain government information. For example, in Canada information which the U.S. would classify SBU (Sensitive but Unclassified) is called "protected" and further subcategorised into levels A, B, and C.

Australia

Australia also has the classification grade of RESTRICTED. Similar in intent to New Zealand in regards as 'not for general dissemination' it is still a classification level in Federal Government. Background checks are done for this level, although not to the extent as higher classifications.

Australia also has a non-national security based classification system that is used in areas of the Federal Government not directly related to national security matters. This system is used for information whose compromise would not directly threaten the security of the nation, but the release of which could threaten the security or interests of individuals, groups, commercial entities, government business and interests, or the safety of the community

Highly protected: which broadly corresponds to SECRET in the national security system.
Protected: which broadly corresponds to CONFIDENTIAL in the national security system.
'X'-in-confidence: which broadly corresponds to RESTRICTED in the national security system.

In addition, documents marked 'CABINET-IN-CONFIDENCE', relating to discussions in Federal Cabinet, are treated as PROTECTED.

Canada

Further information: Security Clearances in Canada

Background and hierarchy

There are 2 main type of sensitive information designation used by the Government of Canada: Classified and Protected. The access and protection of both types of information is governed by the Security of Information Act, effective December 24, 2001, replacing the Official Secrets Act 1981¹. In order to access the information, a person must have the appropriate level of clearance and a Need to know.

Special operational information

SOI is not a classification of data per se, rather it is defined under the Security of Information Act for which the unauthorised release of such information constitute a higher breach of trust, with penalty of life imprisonment.

SOIs include:

military operations in respect of a potential, imminent or present armed conflict
the identity of confidential source of information, intelligence or assistance to the Government of Canada
tools used for information gathering or intelligence
the object of a covert investigation, or a covert collection of information or intelligence
the identity of any person who is under covert survalliance
encryption and cryptographic systems
information or intelligence to, or received from, a foreign entity or terrorist group

Classified information

Classified information can be designated Top Secret, Secret or Confidential. These classifications are only used on matters of national security.

Top Secret: This applies when compromise might reasonably cause exceptionally grave injury to the national interest. The possible impact must be great, immediate and irreparable.
Secret: This applies when compromise might reasonably cause serious injury to the national interest.
Confidential: When disclosure might reasonably cause injury to the national interest.

Protected information

Protected information is not classified. Protected information pertains to any sensitive information which does not relate to national security and cannot be disclosed under the access and privacy legislation because of the possible injury to particular public or private interests. ²³

Protected C (Extremely Sensitive designated information): is used to protect extremely sensitive information if compromised, could reasonably be expected to cause extremely grave injury outside the national interest. Examples could include bankruptcy, identities of informants in criminal investigations, etc.
Protected B (Particularly Sensitive designated information): is used to protect information which could cause severe injury or damage to the people or group involved if it was released. Examples include medical records, annual personnel performance reviews, etc.
Protected A (Low-Sensitive designated information): is applied to low sensitivity information which should not be disclosed to the public without authorisation and could reasonably be expected to cause injury or embarrassment outside the national interest. Example of Protected A information could include employee number, pay deposit banking information, etc.

Federal Cabinet (Queen's Privy Council for Canada) papers are either designated (ie. overhead slides prepared to make presentations to Cabinet) or classified (draft legislations, certain memos).⁴

People's Republic of China

The Criminal Law of the People's Republic of China (which is not operative in the Special Administrative Regions of Hong Kong and Macau) makes it a crime to release a state secret. However, what constitutes a state secret is vaguely defined. There is no formal system of classification, nor are there legal requirements limiting what can be declared secret or even preventing information previously released from being retroactively declared state secrets.

France

In France, classified information defined by article 413-9 of the Penal Code.⁵ The three levels of military classification are

Confidentiel défense (Confidential Defence): information deemed potentially harmful to national defence, or which could lead to uncovering an information classified at a higher level of security.
Secret défense (secret defence): information deemed very harmful to national defence. Such information cannot be reproduced without authorisation from the emitting authority, except in exceptional emergencies.
Très Secret Défense (very secret defence): information deemed extremely harmful to national defence, and relative to governmental priorities in national defence. No service or organisation can elaborate, process, stock, transfer, display or destroy information or protected supports classified at this level without authorisation from the Prime Minister or the national secretry for National Defence. Partial or exhaustive reproduction is strictly forbidden.

Less sensitive information is "protected". The levels are

Non Protégé (unprotected)
Diffusion restreinte administrateur ("administrative restricted information")
Diffusion restreinte ("restricted information")
Confidentiel personnels Sous-Officiers ("Confidential non-commissioned officers")
Confidentiel personnels Officiers ("Confidential officers")

A further mention, "spécial France" (reserved France) restricts the document to French citizens (in its entirety or by extracts). This is not a classification level.

Declassification of documents can be done by the Commission consultative du secret de la défense nationale (CCSDN), an independent authority. Transfer of classified information is done with double enveloppes, the outer layer being plastified and numbered, and the inner in strong paper. Reception of the document involves examination of the physical integrity of the container and registration of the document. In foreign countries, the document must be transferred through specialised military mail or diplomatic bag. Transport is done by an authorised convoyer or habilitated person for mail under 20 kg. The letter must bear a seal mentionning "PAR VALISE ACCOMPAGNEE-SACOCHE". Once a year, ministers have an inventory of classified information and supports by competent authorities.

Once their usage period is expired, documents are transferred to archives, where they are either destroyed (by incineration, crushing or electrical overtension), or stored.

In case of compromission of a classified information, competent authorities are the Ministry of Interior, the Haut fonctionnaire de défense et de sécurité ("high civil servant for defence and security") of the relevant ministry, and the General secretary for National Defence. Violation of such secrets is an offence punishable with 7 years of imprisonment and a 100 000 Euro fine; if the offence is committed by imprudence or negligence, the penalties are 3 years of imprisonment and a 45 000 Euro fine.

Hong Kong

Security Bureau is responsible for developing policies in regards to the protection and handling of confidential government information. In general, the system used in Hong Kong is very similar to the UK system, developed from the Colonial Hong Kong era.

4 classifications exists in Hong Kong, from highest to lowest in sensitivity⁶:

Top Secret (高度機密)
Secret (機密)
Confidential (保密)
- Temporary Confidential (臨時保密)
Restricted (限閱文件/內部文件)
- Restricted (staff) (限閱文件（人事))
- Restricted (tender) (限閱文件 (投標))
- Restricted (administration) (限閱文件 (行政))

Restricted documents are not classified per se, but only those who have a need to know will have access to such information, in accordance with the Personal Data (Privacy) Ordinance. ⁷

New Zealand

Like the United Kingdom, New Zealand uses the Restricted grade, which is lower than Confidential. Information with a Restricted classification is not for general dissemination, but is not classified in the strictest sense of the word - it is often used for controlling the release of reports and other documents until it can be done officially.

People may be given access to Restricted and Confidential information on the strength of an authorisation by their Head of Department, without being subjected to the background vetting associated with Secret and Top Secret clearances. New Zealand's security classifications and the national-harm requirements associated with their use are roughly similar to those of the United States.

In addition to national security classifications there are a number of classifications used within ministries and departments of the government, to indicate, for example, that information should not be released outside the originating ministry.

Because of strict privacy requirements around personal information, personnel files are controlled in all parts of the public and private sectors. Information relating to the security vetting of an individual is usually classified at the Confidential level even though it has no national security significance, because of the detail that is recorded through the vetting process.

Sweden

The Swedish classification has been updated due to increased NATO/PfP co-operation. All classified defence documents will now have both a Swedish classification (Kvalificerat Hemlig or Hemlig), and an English classification (Top Secret, Secret, Confidential or Restricted).^{citation needed}

United Kingdom

Main article: Classified information in the United Kingdom

The United Kingdom currently uses four levels of classification — from lowest to highest, they are: RESTRICTED, CONFIDENTIAL, SECRET and TOP SECRET. Those working with such material must have the relevant security clearance and often must sign to confirm their understanding and acceptance of the Official Secrets Act. Government documents without a classification may be marked as "UNCLASSIFIED".

United States

Main article: Classified information in the United States

The U.S. classification system is currently established under Executive Order 13292 and has three levels of classification — Confidential, Secret, and Top Secret. The U.S. had a Restricted level during World War II but no longer does. U.S. regulations state that information received from other countries at the Restricted level should be handled as Confidential. A variety of markings are used for material that is not classified, but whose distribution is limited administratively or by other laws, e.g., For Official Use Only (FOUO), or Sensitive but Unclassified (SBU). The Atomic Energy Act of 1954 provides for the protection of information related to the design of nuclear weapons. The term "Restricted Data" is used to denote certain nuclear technology. Information about the storage, use or handling of nuclear material or weapons is marked "Formerly Restricted Data." These designations are used in addition to level markings (Confidential, Secret and Top Secret). Information protected by the Atomic Energy Act is protected by law and information classified under the Executive Order is protected by Executive privilege.

Table of equivalent classification markings in various countries

Country	Top Secret	Secret	Confidential	Restricted
Argentina	Estrictamente Secreto y Confidencial	Secreto	Confidencial	Reservado
Australia	Top Secret	Secret	Confidential	Restricted
Austria	Streng Geheim	Geheim	Verschlußsache	Nur für den Dienstgebrauch
Belgium (Dutch)	Zeer Geheim	Geheim	Vertrouwelijk	Beperkte Verspreiding
Bolivia	Supersecreto or Muy Secreto	Secreto	Confidencial	Reservado
Bosnia	Strogo Povjerljivo	Tanjno	Konfidencialno	Restiktirano
Brazil	Ultra Secreto	Secreto	Confidencial	Reservado
Bulgaria	Строго секретно	Секретно	Поверително	За служебно ползване
Cambodia	Sam Ngat Bamphot	Sam Ngat Roeung	Art Kambang	Ham Kom Psay
Canada	Top Secret/Très secret	Secret/Secret	Confidential/ Confidentiel
Chile	Secreto	Secreto	Reservado	Reservado
China, People's Republic of	Juémì (绝密)	Jīmì (机密)	Mìmì (秘密)	Neibu(内部)
Colombia	Ultrasecreto	Secreto	Confidencial	Reserva del sumario
Costa Rica	Alto Secreto	Secreto	Confidencial
Croatia	Vrlo tajno	Tajno	Povjerljivo
Czech Republic	Přísně Tajné	Tajné	Důvěrné	Vyhrazené
Denmark	Yderst Hemmeligt	Hemmeligt	Fortroligt	Til Tjenestebrug Foreign Service: Fortroligt (thin Black border}
Ecuador	Secretisimo	Secreto	Confidencial	Reservado
Egypt	Sirri Lilghayeh	Sirri gedan	khas	mahzoor
El Salvador	Ultra Secreto	Secreto	Confidencial	Reservado
Estonia	Täiesti salajane	Salajane	Konfidentsiaalne	Piiratud
Ethiopia	Yemiaz Birtou Mistir	Mistir	Kilkil
Finland	Erittäin salainen (TTL I)	Salainen (TTL II)	Luottamuksellinen (TTL III)	Viranomaiskäyttöön (TTL IV) ¹
France	Très secret défense	Secret défense	Confidentiel défense	Diffusion restreinte
Germany	Streng Geheim	Geheim	VS-Vertraulich	VS-Nur für den Dienstgebrauch
Greece	Άκρως Απόρρητον	Απόρρητον	Εμπιστευτικόν	Περιορισμένης Χρήσης
Guatemala	Alto Secreto	Secreto	Confidencial	Reservado
Haiti	Top Secret	Secret	Confidential	Reserve
Honduras	Super Secreto	Secreto	Confidencial	Reservado
Hong Kong S.A.R., People's Republic of China	Top Secret, 高度機密	Secret, 機密	Confidential, 保密	Restricted, 內部文件/限閱文件
Hungary	Szigorúan Titkos	Titkos	Bizalmas
India	परम गुप्त (Param Gupt)	गुप्त (Gupt)	गोपनीय (Gopniya)	प्रतिबंधित/सीमित (Pratibandhit/seemit)
Indonesia	Sangat Rahasia	Rahasia	Rahasia Dinas	Terbatas
Iran	Bekoliserri به کلّى سرّى	Serri سرّى	Kheili Mahramaneh خيلى محرمانه	Mahramaneh محرمانه
Iraq	Sirri Lil-ghayah	Sirri	Khass	Mehdoud
Iceland	Algert Leyndarmál	Leyndarmál	Þjónustuskjal	Trúnaðarmál
Ireland (Irish language)	An-sicreideach	Sicreideach	Runda	Srianta
Israel	Sodi Beyoter סודי ביותר	Sodi סודי	Shamur שמור	Mugbal מוגבל
Italy	Segretissimo	Segreto	Riservatissimo	Riservato
Japan	Kimitsu, 機密	Gokuhi, 極秘	Hi, 秘	Toriatsukaichuui, 取り扱い注意
Jordan	Maktum Jiddan	Maktum	Sirri	Mahdud
Korea, South	I-Kup Bi Mil, 1급비밀	II-Kup Bi Mil, 2급비밀	III-Kup Bi Mil, 3급비밀	Dae Woi Bi, 대외비
Laos	Lup Sood Gnod	Kuam Lup	Kuam Lap	Chum Kut Kon Arn
Latvia	Sevišķi slepeni	Slepeni	Konfidenciāli	Dienesta vajadzībām
Lebanon	Tres Secret	Secret	Confidentiel
Lithuania	Visiškai Slaptai	Slaptai	Konfidencialiai	Riboto Naudojimo
Malaysia	Rahsia Besar	Rahsia	Sulit	Terhad
Mexico	Ultra Secreto	Secreto	Confidencial	Restringido
Netherlands	Zeer Geheim	Geheim	Vertrouwelijk	Beperkt verspreid
New Zealand	Top Secret	Secret	Confidential	Restricted
Nicaragua	Alto Secreto	Secreto	Confidencial	Reservado
Norway	STRENGT HEMMELIG	HEMMELIG	KONFIDENSIELT	BEGRENSET
Pakistan (Urdu)	Intahai Khufia	Khufia	Sigh-e-Raz	Barai Mahdud Taqsim
Pakistan (English)	Top Secret	Secret	Confidential	Restricted
Paraguay	Secreto	Secreto	Confidencial	Reservado
Peru	Estrictamente Secreto	Secreto	Confidencial	Reservado
Philippines	Top Secret	Secret	Confidential	Restricted
Poland	Ściśle tajne	Tajne	Poufne	Zastrzeżone
Portugal	Muito Secreto	Secreto	Confidencial	Reservado
Romania	Strict Secret de Importanţă Deosebită	Strict Secret	Secret	Secret de serviciu
Russia	Особой важности (вариант: Совершенно Секретно (Sovershenno Sekretno))	Совершенно секретно (вариант: Секретно (Sekretno))	Секретно (вариант: Не подлежит оглашению (Конфиденциально) (Ne podlezhit oglasheniyu (Konfidentsial'no))	Для Служебного Пользования (ДСП) (Dlya Sluzhebnogo Pol'zovaniya)
Saudi Arabia	Saudi Top Secret	Saudi Very Secret	Saudi Secret	Saudi Restricted
Serbia Proposition of non government organisation (in parliament procedure)	Drzavna tajna	Strogo poverljivo	Poverljivo	Interno
Singapore	Top Secret	Secret	Confidential	Restricted
Slovak Republic	Prísne tajné	Tajné	Dôverné	Vyhradené
Slovenija	Strogo tajno	Tajno	Zaupno	Interno
Spain	Secreto	Reservado	Confidencial	Difusión Limitada
Sweden	Kvalificerat Hemlig (KH); Hemlig/Top Secret (H/TS)	Hemlig (H); Hemlig/Secret H/S)	Hemlig/Confidential (H/C)	Hemlig/Restricted (H/R)
Switzerland		Geheim / Secret	Vertraulich / Confidentiel	Dienstlich / Interne au service
Thailand	Lup Tisud, ลับที่สุด	Lup Maag, ลับมาก	Lup,ลับ
Turkey	Çok Gizli	Gizli	Özel	Hizmete Özel
South Africa (English)	Top Secret	Secret	Confidential	Restricted
South Africa (Afrikaans)	Uiters Geheim	Geheim	Vertroulik	Beperk
United Kingdom	TOP SECRET	SECRET	CONFIDENTIAL	RESTRICTED
United States	Top Secret	Secret	Confidential
Uruguay	Ultra Secreto	Secreto	Confidencial	Reservado
Vietnam	Tối Mật (最密)	Mật (密)	Kín	Phổ Biến Hạn Chế
NATO	Cosmic Top Secret	NATO Secret	NATO Confidential	NATO Restricted

Original source: NISPOM Appendix B [5] ¹ In addition, Finland uses label Salassa pidettävä, "to be kept secret" for information which is not classified but must not be revealed on some other basis than national security. (E.g. privacy, trade secrets etc.)

Corporate classification

Private corporations often require written confidentiality agreements and conduct background checks on candidates for sensitive positions. [6] In the U.S. the Employee Polygraph Protection Act prohibits private employers from requiring lie detector tests, but there are a few exceptions. Policies dictating methods for marking and safeguarding company-sensitive information (e.g. "IBM Confidential") are common and some companies have more than one level. Such information is protected under trade secret laws. New product development teams are often sequestered and forbidden to share information about their efforts with un-cleared fellow employees, the original Apple Macintosh project being a famous example. Other activities, such as mergers and financial report preparation generally involve similar restrictions. However, corporate security generally lacks the elaborate hierarchical clearance and sensitivity structures and the harsh criminal sanctions that give government classification systems their particular tone.

Example

EDS uses three classifications of information. Disclosure of EDS Limited Distribution information could cause serious damage to an affected party. Disclosure of EDS Confidential information could damage an affected party. Disclosure of EDS Internal information (most EDS business information) could be inappropriate or problematic.

References

External links and references

US "NISPOM" manual, explaining rules on classified information among other things - full title is "National Industrial Security Program Operating Manual".
Marking Classified National Security Information ISOO booklet PDF
Trusted operating systems
Defence Vetting Agency. Carries out national security checks in the UK.
Los Alamos table of equivalent US and UK classifications
The National Security Archive - a collection of declassified documents acquired through the FOIA
Lerner, Brenda Wilmoth & K. Lee Lerner, eds. Terrorism : essential primary sources. Thomson Gale, 2006. ISBN 9781414406213 Library of Congress. Jefferson or Adams Bldg General or Area Studies Reading Rms LC Control Number: 2005024002.
Peter Galison, Removing Knowledge in Critical Inquiry n°31 (Autumn 2004)
RADNA GRUPA ZA IZRADU ZAKONA O TAJNIM INFORMACIJAMA, proposition of Serbian non government working group for Classification of secrets law, .DOC serbian

Your Ad Here

Contents