The release of former Secretary of State Hillary Clintons e-mails from her

private server have caused some confusion in both the media and general public
about how classified documents are marked and stored. This document will
contain an overview of classified information, pulling information from the
Classified Information Nondisclosure Agreement, ISSO, as well as the Department
of States own Foreign Affairs Manuals from 2011, during Mrs. Clintons time as
Secretary of State. Please note that some of these documents have since been
updated, in part or in full, as all government documents are updated from time to
time. This primer is not meant to answer every question, but instead is more to
be used to help with the learning curve involving classified information. In order
to pull information from Department of State FAMs that were current during Mrs.
Clintons time as Secretary of State, the author used the Internet Archiver known
as the Wayback Machine. The links to those documents, and more, are located
at the end of the document under Sources.

What are the different levels of classified

information?
According to Executive Order 13526- Classified National Security
Information, Section 1.2 Classification levels:
(a) Information may be classified at one of the following three levels:
(1) "Top Secret" shall be applied to information, the unauthorized
disclosure of which reasonably could be expected to cause exceptionally grave
damage to the national security that the original classification authority is able to
identify or describe.
(2) "Secret" shall be applied to information, the unauthorized disclosure of
which reasonably could be expected to cause serious damage to the national
security that the original classification authority is able to identify or describe.
(3) "Confidential" shall be applied to information, the unauthorized
disclosure of which reasonably could be expected to cause damage to the national
security that the original classification authority is able to identify or describe.
(b) Except as otherwise provided by statute, no other terms shall be used to
identify United States classified information.

(c) If there is significant doubt about the appropriate level of classification, it shall
be classified at the lower level. [1]

What is classified information?

According to Executive Order 13526- Classified National Security
Information, Section 1.4 Classification Categories:
Information shall not be considered for classification unless its unauthorized
disclosure could reasonably be expected to cause identifiable or describable
damage to the national security in accordance with section 1.2 of this order, and it
pertains to one or more of the following:
(a) military plans, weapons systems, or operations;
(b) foreign government information;
(c) intelligence activities (including covert action), intelligence sources or
methods, or cryptology;
(d) foreign relations or foreign activities of the United States, including
confidential sources;
(e) scientific, technological, or economic matters relating to the national security;
(f) United States Government programs for safeguarding nuclear materials or
facilities;
(g) vulnerabilities or capabilities of systems, installations, infrastructures,
projects, plans, or protection services relating to the national security; or
(h) the development, production, or use of weapons of mass destruction. [1]
In addition, according to the Classified Information Nondisclosure
Agreement Standard Form 312, Paragraph 1:
As used in this Agreement, classified information is marked or unmarked
classified information, including oral communications, that is classified under the
standards of Executive Order 12958, or under any other Executive order or statute
that prohibits the unauthorized disclosure of information in the interest of

national security; and unclassified information that meets the standards for
classification and is in the process of a classification determination as provided in
Sections 1.1. 1.2, 1.3 and 1.4(e) of Executive Order 12958, or under any other
Executive order or statute that requires protection for such information in the
interest of national security. [2]

What is the purpose of the Classified Information

Nondisclosure Agreement Standard Form 312?
The primary purpose of the SF 312 is to inform employees of (a) the trust that is
placed in them by providing them access to classified information; (b) their
responsibilities to protect that information from unauthorized disclosure; and (c)
the consequences that may result from their failure to meet those responsibilities.
Secondly, by establishing the nature of that trust, those responsibilities, and those
consequences in the context of a contractual agreement, if that trust is violated,
the United States will be in a better position to prevent an unauthorized disclosure
or to discipline an employee responsible for such a disclosure by initiating a civil or
administrative action. [3]

What are the 3 requirements necessary to have

access to classified information?
There are 3 requirements necessary in order to gain access to classified
information. These 3 are to have a personnel security investigation completed
and a security clearance granted by your employer, to sign a Classified
Information Nondisclosure Agreement, and to have a need-to-know.
In greater detail, the SF 312 Briefing Booklet states:
As an employee of the Federal Government or one of its contractors, licensees, or
grantees who occupies a position which requires access to classified information,
you have been the subject of a personnel security investigation. The purpose of
this investigation was to determine your trustworthiness for access to classified
information. When the investigation was completed, your employing or
sponsoring department or agency granted you a security clearance based upon a
favorable determination of the investigation results. By being granted a security

clearance, you have met the first of three requirements necessary to have access
to classified information.
The second requirement that you must fulfill is to sign a "Classified Information
Nondisclosure Agreement," the SF 312. The President first established this
requirement in a directive that states: "All persons with authorized access to
classified information shall be required to sign a nondisclosure agreement as a
condition of access." This requirement is reiterated in the executive order on
classified national security information. The SF 312 is a contractual agreement
between the U.S. Government and you, a cleared employee, in which you agree
never to disclose classified information to an unauthorized person. Its primary
purpose is to inform you of (1) the trust that is placed in you by providing you
access to classified information; (2) your responsibilities to protect that
information from unauthorized disclosure; and (3) the consequences that may
result from your failure to meet those responsibilities. Additionally, by establishing
the nature of this trust, your responsibilities, and the potential consequences of
noncompliance in the context of a contractual agreement, if you violate that trust,
the United States will be better able to prevent an unauthorized disclosure or to
discipline you for such a disclosure by initiating a civil or administrative action.
The third and final requirement for access to classified information is the "need-toknow;" that is, you must have a need to know the information in order to perform
your official duties. The holder of classified information to which you seek access is
responsible for confirming your identity, your clearance, and your "need-to-know."
As a holder of classified information, you are responsible for making these same
determinations with respect to any individual to whom you may disclose it.
As a cleared employee you should receive, according to paragraph No. 2 of the SF
312, a "security indoctrination briefing concerning the nature and protection of
classified information, including procedures to be followed in ascertaining whether
other persons to whom you contemplate disclosing this information have been
approved for access to it...." [3]

What is an Original Classification Authority?

An authorized individual in the executive branch who initially determines that
particular information requires a specific degree of protection against

unauthorized disclosure in the interest of national security and applies the

classification designation Top Secret, Secret, or Confidential. [4]

What is derivative classification?

Derivative classification is the act of incorporating, paraphrasing, restating, or
generating in new form information that is already classified, and marking the
newly developed material consistent with the markings of the source information.
The source information ordinarily consists of a classified document or documents,
or a classification guide issued by an original classification authority.
When using a classified source document as the basis for derivative classification,
the markings on the source document determine the markings to be applied to the
derivative document. When using a classification guide as the basis for derivative
classification, the instructions provided by the guide are to be applied to the
derivative document. [5]

Are electronically transmitted documents and

information containing classified information
supposed to be marked?
Yes, all electronic documents (memos, e-mails, etc) are supposed to be
properly marked before being sent. Failure to properly mark these documents
does NOT lower the classification of the information in the document, as
classified information is both marked and unmarked classified information, per SF
312. [2]
12 FAM 525 Electronically Transmitted Information [6] covers how to mark
e-mails that contain classified information. Also, Slide 40 of the Marking Classified
National Security Information [5] shows an example of a properly marked e-mail.

If information that a signer of the SF 312 knows to

have been classified appears in a public source, for
example, in a newspaper article, may the signer

assume that the information has been declassified

and disseminate it elsewhere?
No. Information remains classified until it has been officially declassified. Its
disclosure in a public source does not declassify the information. Of course, merely
quoting the public source in the abstract is not a second unauthorized disclosure.
However, before disseminating the information elsewhere or confirming the
accuracy of what appears in the public source, the signer of the SF 312 must
confirm through an authorized official that the information has, in fact, been
declassified. If it has not, further dissemination of the information or confirmation
of its accuracy is also an unauthorized disclosure. [3]

What is a security incident?

A security incident is a failure to safeguard classified materials in accordance
with 12 FAM 500, 12 FAM 600, 12 FAH-6, 5 FAH-6, and other applicable
requirements for the safeguarding of classified material. Security incidents may be
judged as either security infractions or security violations (see 12 FAM 012, Legal
Authorities). [7]

What is a security infraction?

A security infraction is a security incident that, in the judgment of DS/ISP/APB,
does not result in actual or possible compromise of the information. For example,
at the end of the workday, an employee leaves a security container unlocked and
unattended, containing classified information, in an area which has been
authorized for the storage of classified information (i.e., it meets the requirements
of 12 FAM 530 or 12 FAH-6). No unauthorized entry was evidenced. This incident
would be adjudicated as an infraction. [7]

What is a security violation?

A security violation is a security incident that, in the judgment of DS/ISP/APB,
results in actual or possible compromise of the information. For example, if an
employee transmits a classified document over an unclassified facsimile machine,

the incident would be adjudicated as a violation, as the possibility for electronic

interception and transcription of the classified document is real. [7]

Who is required to report improperly secured

classified information?
Employees must inform the appropriate security officer, orally or in writing, of
any improper security practice that comes to the employees attention in order
that remedial action may be taken. [7]

Could the information stored on the server lead to

a disqualification of Mrs. Clintons security
clearance?
Yes. Security clearances are subject to periodic reinvestigation every 5
years. The Office of Personnel Security and Suitability notifies the individual when
it is time for their reinvestigation. The individual will submit an updated security
package and another background investigation will be conducted. The
investigation will again cover key aspects of the individuals life, but will start from
ones previous background investigation. Also, per the SF 312, the United States
Government could (and in the authors opinion SHOULD) suspend the clearances
of those involved during the investigation into the spillage of classified
information from the Classified computer systems to the server not authorized to
view, store, etc., classified information. This suspension of the clearance would
last until the FBI and DOJ investigation is completed, at which time the United
States Government would decide to either reinstate their clearance, or not.
Guideline K:
Handling Protected Information
33. The Concern. Deliberate or negligent failure to comply with rules and
regulations for protecting classified or other sensitive information raises doubt
about an individual's trustworthiness, judgment, reliability, or willingness and
ability to safeguard such information, and is a serious security concern.

34. Conditions that could raise a security concern and may be disqualifying
include:
(a) deliberate or negligent disclosure of classified or other protected information
to unauthorized persons, including but not limited to personal or business
contacts, to the media, or to persons present at seminars, meetings, or
conferences;
(b) collecting or storing classified or other protected information in any
unauthorized location;
(c) loading, drafting, editing, modifying, storing, transmitting, or otherwise
handling classified reports, data, or other information on any unapproved
equipment including but not limited to any typewriter, word processor, or
computer hardware, software, drive, system, gameboard, handheld, "palm" or
pocket device or other adjunct equipment;
(d) inappropriate efforts to obtain or view classified or other protected
information outside one's need to know;
(e) copying classified or other protected information in a manner designed to
conceal or remove classification or other document control markings;
(f) viewing or downloading information from a secure system when the
information is beyond the individual's need to know;
(g) any failure to comply with rules for the protection of classified or other
sensitive information;
(h) negligence or lax security habits that persist despite counseling by
management;
(i) failure to comply with rules or regulations that results in damage to the
National Security, regardless of whether it was deliberate or negligent. [8]
Guideline M:
Use of Information Technology Systems
39. The Concern. Noncompliance with rules, procedures, guidelines or regulations
pertaining to information technology systems may raise security concerns about
an individual's reliability and trustworthiness, calling into question the willingness

or ability to properly protect sensitive systems, networks, and information.

Information Technology Systems include all related computer hardware, software,
firmware, and data used for the communication, transmission, processing,
manipulation, storage, or protection of information.
40. Conditions that could raise a security concern and may be disqualifying
include:
(a) illegal or unauthorized entry into any information technology system or
component thereof;
(b) illegal or unauthorized modification, destruction, manipulation or denial of
access to information, software, firmware, or hardware in an information
technology system;
(c) use of any information technology system to gain unauthorized access to
another system or to a compartmented area within the same system;
(d) downloading, storing, or transmitting classified information on or to any
unauthorized software, hardware, or information technology system;
(e) unauthorized use of a government or other information technology system;
(f) introduction, removal, or duplication of hardware, firmware, software, or
media to or from any information technology system without authorization, when
prohibited by rules, procedures, guidelines or regulations.
(g) negligence or lax security habits in handling information technology that
persist despite counseling by management;
(h) any misuse of information technology, whether deliberate or negligent, that
results in damage to the national security. [8]

Sources:
1. Executive Order 13526- Classified National Security
Information: https://www.whitehouse.gov/thepress-office/executive-order-classified-nationalsecurity-information
2. Classified Information Nondisclosure Agreement
Standard Form 312:
https://www.fas.org/sgp/isoo/new_sf312.pdf
3. Classified Information Nondisclosure Agreement
(Standard Form 312) Briefing Booklet:
https://www.fas.org/sgp/isoo/sf312.html
4. Definitions of Diplomatic Security Terms:
https://web.archive.org/web/20101128105307/http
://www.state.gov/documents/organization/88330.p
df
5. Marking Classified National Security Information:
https://www.fas.org/sgp/isoo/marking-2010.pdf
6. 12 FAM 520 529:
https://web.archive.org/web/20101128105332/http
://www.state.gov/documents/organization/88402.p
df
7. 12 FAM 550 558:
https://web.archive.org/web/20101128105335/http

://www.state.gov/documents/organization/88405.p
df
8. Adjudicative Guidelines for Determining Eligibility for
Access to Classified Information:
http://www.state.gov/m/ds/clearances/60321.htm
Other links of interest:
1. 12 FAMplease note that most of the
classification related information is located in the
500 and 600 subsections:
https://web.archive.org/web/20110105000716/ht
tp://www.state.gov/m/a/dir/regs/fam/12fam/ind
ex.htm
2. Information Security Oversight Office (ISSO):
https://www.fas.org/sgp/isoo/
3. http://www.state.gov/m/ds/clearances/c10977.ht
m
4. http://www.state.gov/m/ds/clearances/c10978.ht
m