Page 2 of 2   <      

WikiLeaks cable dump reveals flaws of State Department's information-sharing tool

The U.S. diplomatic cables released by WikiLeaks offer unvarnished insights into the personal proclivities of world leaders.

The flaws did not become apparent until much later. One of biggest problems: Sensitive cables were often dumped willy-nilly into the database regardless of whether they belonged there, according to two department officials familiar with the internal procedures for data storage.

Thousands of cables and other documents pass through Foggy Bottom daily, and to ensure that they are routed properly, each is assigned a code or codes, similar to a Zip code. One such six-letter code - SIPDIS - flags a computer to route the document to the Net-Centric database, allowing it to be viewed by intelligence officers and military personnel worldwide.

In practice, embassy employees added the code word SIPDIS by rote, often without fully understanding what it meant, said one of the department officials, who spoke on the condition of anonymity because he was not authorized to discuss the subject.

"It wasn't clear what was to be shared or not shared," the official said. "So you end up with a cable in the database that contains embarrassing stuff about [German Prime Minister Angela] Merkel. Is that the kind of stuff that a war fighter really needs to see?"

Limited oversight

A few State Department officials expressed early concerns about unauthorized access to the database, but these worries mostly involved threats to individual privacy, department officials said. In practice, agency officials relied on the end-users of the data - mostly military and intelligence personnel - to guard against abuse.

The department was not equipped to assign individual passwords or perform independent scrutiny over the hundreds of thousands of users authorized by the Pentagon to use the database, said Kennedy, the undersecretary of state.

"It is the responsibility of the receiving agency to ensure that the information is handled, stored and processed in accordance with U.S. government procedures," he said.

To prevent illegal intrusion, the State Department has long maintained safeguards that make it difficult for an individual to download sensitive information onto a portable device such as a flash drive or compact disc. But Kennedy acknowledged that the department had no means of overseeing practices by other agencies using its data.

U.S. investigators suspect that Bradley Manning, an Army private stationed in the Persian Gulf, downloaded the 250,000 State Department cables to compact discs from a computer terminal in Kuwait. He then allegedly provided the files to WikiLeaks, which shared them with newspapers and posted hundreds of them online.

In the wake of the leak, State Department officials cut off outside access to Net-Centric Diplomacy pending a review. Some secret documents are still being made available to other agencies through a different network designed to handle highly classified data, Kennedy said.

Although it is perhaps small comfort, the disclosures could have been worse. In May, the Obama administration's top intelligence officer asked the State Department to expand the amount of material available to other agencies through Net-Centric Diplomacy.

In a letter to Secretary of State Hillary Rodham Clinton, then-Director of National Intelligence Dennis C. Blair urged that the database include not only cables but also e-mails between State Department officials. Such a move would "ensure that critical information will reach the necessary readers across the government," Blair wrote.

Clinton refused.

<       2

© 2010 The Washington Post Company