The OpSec Blog

Security and privacy information and advice at home and abroad.

Sorry Peter Van Buren, You Asked For It

with 3 comments

Wired Magazine’s Threat Level recently reported on a veteran Foreign Service Officer, Peter Van Buren, in danger of losing his job for posting links to classified Wikileaks cables on a public blog.   This is despite multiple internal warnings on the intranet homepage (including several e-mails, Department notices, a guidance section on the intranet homepage regarding Wikileaks, a Wikileaks Task Force (“WTF”), and post-specific guidance from the management offices regarding the breach).  The defense that facilitating access to already-publicly available (but still classified) information also holds no water, as all Department employees were told specifically of the potential consequences of viewing or linking to classified cables on unclassified systems or to unauthorized persons.  In fact, even viewing a classified cable on an unclassified system would have required an incident report.

For those Foreign Service Employees that love their references, here are just a few to chew on (and yes, Mr. Van Buren – you agreed to abide by the FAM, FAH, and all other U.S. laws as a condition of your continued employment by the State Department… just as we all did).

3 FAM 4139.3 Freedom of Expression…The individual as an employee is obliged to protect or to refrain from unauthorized dissemination of certain types of information which the employee acquires through official duties, such as classified information, privileged financial, commercial, and other business information… An employee may be held accountable for unintentional as well as deliberate and unauthorized public expressions whether written or spoken, which, by violating the confidentiality of privileged information, impede the efficiency of the Service. Such efficiency may be impeded because information appearing insignificant from a security point of view is highly sensitive by virtue of the source or manner in which it was acquired; or because creation of a poor reputation for discretion and security consciousness seriously impairs the trust and confidence the Service normally enjoys with foreign governments and individuals with whom it must deal in candor and mutual confidence.

3 FAM 4377 (6)

6. Violations of other security regulations, guidelines, or instructions such as unauthorized disclosure or exposure of classified/administratively-controlled information, improper handling of classified/administratively controlled information

3 FAM 4377 (28)

28. Failure to follow proper instructions

12 FAM 553.3 (7)

(7)    Introducing classified media without proper authorization into an unclassified system (see 12 FAM 625.2-1, paragraph e).

18 U.S.C. Section 798

(a)    Whoever knowingly and willfully communicates, furnishes, transmits, or otherwise makes available to an unauthorized person, or uses in any manner prejudicial to the safety or interest of the United States for the benefit of any foreign government to the detriment of the United States any classified information—

…Shall be fined not more than $10,000 or imprisoned not more than ten years, or both.

Van Buren rails against the Department and Diplomatic Security in another blog post about the incident.

Of course, nothing compares to what history will no doubt record as the most significant outpouring of classified material ever, the dump of hundreds of thousands of cables that are now on display on WikiLeaks and its mushroom-like mirror sites. The Bureau of Diplomatic Security (an oxymoron if there ever was one) is supposed to protect our American diplomats by securing State’s secrets, and over time they just haven’t done very well at that.

The State Department and its Bureau of Diplomatic Security never took responsibility for their part in the loss of all those cables, never acknowledged their own mistakes or porous security measures.

The implication that DS has some responsibility for the loss of the Wikileaks cables is unfounded. Military personnel (like Bradley Manning) in an active theater of war fall under the command of the theater commander, not the chief of mission.  DS has no authority over personnel actions or technical/physical/procedural security at facilities under the theater commander.  If any agency is responsible for the “porous security measures” that allowed the loss of the cables, it is the Department of Defense (never mind the fact that insider threat is virtually impossible to defend against in any agency, any scenario, or any time period). Is it a perfect system?  Certainly not.  For better or for worse those are the regulations.  The security controls in place protecting the shared information between State and DoD were circumvented by a soldier with a Top Secret security clearance (adjudicated by DoD, not State).  Any Foreign Service Officer could have done exactly the same thing.  A Top Secret clearance is an indication of trust.  In Private Manning’s case that trust was betrayed.  DS could do plenty of things better, but in this case it seems their only mistake was to place trust in the military.  Considering the President of the United States does the same, I’d say DS isn’t in bad company.

While it is unfortunate that Van Buren’s career with State is probably irreversibly tainted by this incident, playing with the Wikileaks fire under one’s real name on a traceable, personal blog seems unwise, to say the least.

Is Peter Van Buren being treated fairly under the law?  That’s not for me to say.  Should he be surprised that DS came down hard?

Probably not.


3 Responses

Subscribe to comments with RSS.

  1. The title of this blog, as well as other places in the text, should say “Peter Van Buren” and not “PAUL Van Buren” as you initially put.


    28/09/2011 at 21:59

    • Thanks. I was just watching Ron Paul on The Daily Show… must be why I got the name wrong.


      28/09/2011 at 23:32

  2. Well said. Mr. Van Buren’s rants have become nothing more than a writer seeking more of the spotlight than the topic he’s covering. He made his bed, now he has to lie in it.


    29/09/2011 at 14:58

Leave a Comment

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: