Bradley Manning, left, and the Joint Operations Center in Tampa, Fla.
The leak of 91,000 secret documents about the Afghanistan war may not offer major new insights about that conflict. But the WikiLeaks drama does spotlight a vexing challenge for the military: how to secure sensitive national-security information in the 21st century.
In this digital version of asymmetrical warfare, a lone critic of U.S. policies can combine a security clearance with the power of the Internet to shake the nation's political debate. Though neither WikiLeaks nor government officials have identified the source of the leaked Afghanistan trove, speculation has focused on Bradley Manning, a 22-year-old Army intelligence analyst recently charged by the military with leaking classified information to an unauthorized source. (The Pentagon has acknowledged Manning is a suspect.)
Manning is the type of figure who must terrify the Pentagon's secret safekeepers. In late May, a person believed to be the Potomac, Md., resident sent an instant message from his post in Iraq to former computer hacker Adrian Lamo, whom he'd read about. "If you had unprecedented access to classified networks 14 hours a day 7 days a week for 8+ months, what would you do?" Manning wrote, according to excerpts published by Wired magazine.
Manning confessed that he wanted the secrets to which he was privy exposed: "I want people to see the truth ... because without information, you cannot make informed decisions as a public," he wrote. Manning said his clearance level allowed him to access two classified computer networks, the Secret Internet Protocol Router Network (SIPRNET) and Joint Worldwide Intelligence Communications System (JWICS), on which he had seen "incredible things, awful things" that "belong in the public domain." He told Lamo that he had downloaded data from a military server — which he characterized as "vulnerable as f___" — onto blank CDs. And he went on to claim that he had supplied sensitive material to WikiLeaks, including tens of thousands of secret diplomatic cables and disturbing video of a 2007 helicopter attack on journalists and unarmed Iraqi civilians. (Lamo informed federal authorities, who have Manning in custody. He was transferred July 29 from a facility in Kuwait to a military jail in Quantico, Va., according to an Army spokesman.)
Whether or not he was the source of the latest war logs, Manning's story raises a much bigger question: How could a disaffected junior officer have access to such sensitive material? One explanation is that it wasn't actually so sensitive. "In many cases it's hard to believe these records could damage national security," says Steven Aftergood, director of the Project on Government Secrecy at the Federation of American Scientists. "Many of them seem utterly benign."
But more importantly, the leak highlights an intelligence paradox: the more data classified as secret, the less secure that data becomes. More classified information requires clearing more people to handle it, a bigger network to process it and more secure facilities to store it. "Access tends to expand," says Paul Pillar, a former CIA analyst and professor at Georgetown University. It sure does: a recent Washington Post series chronicling the national-security industry's post-9/11 bloat estimates that 854,000 individuals now have top-secret clearance. That kind of ever growing information chain naturally increases the risk of a weak link, be it a porous technological barrier or a rogue individual. "The reform that may be needed more urgently than any other is a careful reduction in the size of the secrecy system. When less information is kept secret, it will become easier to keep it secure," Aftergood says.
The Obama Administration has taken a step in that direction. In December, President Obama issued an Executive Order mandating that national-security information be declassified as soon as safely possible, that officials err on the side of a lower secrecy classification and that agency heads periodically scour state secrets to ensure they still require protection. And as far back as late 2008, the Department of Defense was already preparing for the likes of Manning by prohibiting the use of thumb drives and other portable memory-storage devices on military computers. (That ban was partially lifted in February to restore access to critical data.)
But that's only a start. The broader problem of overclassification remains, many experts say. "There is both a recognition of the problem and a plan to deal with it," says Aftergood. "Whether it's going to work, we don't know yet." Pillar is more skeptical, saying he doesn't expect any "grand reform" in the intelligence community. Instead, he suggests that the WikiLeaks stunner could prompt authorities to reassess the post–Sept. 11 obsession with nearly unbridled information-sharing throughout the government. That, of course, could come with its own costs to America's national security.
Which may be why the Pentagon isn't promising to overhaul its policies and procedures. "[T]here are no changes under way or expected" to the military's classification system, Colonel David Lapan said in an e-mail to TIME. "A key element of security is the trust and confidence placed in those individuals who hold security clearances, the vast majority of whom uphold that trust and responsibility on a daily basis," he wrote. Likewise, Defense Secretary Robert Gates said in July that he would be "loath to change" the military's security clearances "because there are a few bad apples." Yet while the documents leaked by this bad apple may not have had dire national-security consequences, the next such breach might be a different story.