“While evaluating the . . . incidents of alleged unauthorized releases of non-public information, we identified challenges to criminal prosecution or taking significant administrative actions against individuals responsible for the release of this type of information,” the report said.
The author of the report, Assistant Inspector General for Investigations Aaron R. Jordan, recommended the department establish policies to address unauthorized release of information and that it train employees on the protection and marking of “controlled unclassified information.”
Jordan wrote that implementing the proposed recommendations could make it easier for department officials to punish future leakers and “may increase the potential” for the inspector general “to obtain a criminal prosecution in certain cases.”
In a footnote, however, he added that any new policies should “take into consideration whistleblower rights and protections,” because “there may be times when what may be viewed as a ‘leak’ or unauthorized release of non-public information could involve a protected disclosure.”
The Education Department did not respond Wednesday to a request for comment. Jordan also did not respond to a request for comment. His report said the department “did not provide a formal response to the suggestions” he had made.
The Education Department leaks were hardly rare in the Trump administration; there are routine leaks of information from the White House, and President Trump has taken to Twitter to urge the FBI to find those responsible.
DeVos routinely bars the media from department forums on key issues and rarely gives interviews. Her public schedule is often released late.
The department request to the inspector general and the response were detailed in Jordan’s report, which is dated March 29, and was sent to Kent Talbert, who is acting as the Education Department’s No. 2 official. The Office of the Inspector General investigates “prosecutable violations of law by department employees within the scope of their employment,” the report says. It generally focuses investigative efforts on “federal felonies,” though it may also pursue noncriminal probes of “serious misconduct” by employees.
Titled “Final Management Information Report Unauthorized Release of Non-Public Information,” the report says the department wanted to know the feasibility of punishing leakers and cites three examples:
“Between May and October 2017, the Department requested that the OIG investigate three incidents in which there appeared to be unauthorized releases of non-public information.“May 17 and 18, 2017: The Washington Post published news articles that included information from the President’s FY 2018 Budget Request for the Department. This information was not scheduled to be released until May 23, 2017.“June 20, 2017: Politico published an article indicating the Department’s intention to delay the effective date of the borrower defense regulations published the prior November. The article stated that Politico had obtained internal documents showing ‘that the Trump administration wrestled with the precise rationale for delaying the rules’ and that the Department had ‘considered writing a new “interim final rule” that pushed back the effective date of the rules by two years to July 2019.’“October 31, 2017: we received notification from the Department regarding the unauthorized release of the draft document titled, Assistance to States for the Education of Children with Disabilities: Preschool Grants for Children (NPRM). We were informed that the document was still in the clearance process and was still under deliberation and internal review when it became public.”
Borrower defense regulations, which date to the 1990s, wipe away federal loans for students whose colleges used illegal or deceptive tactics to get them to borrow money to attend. The Obama administration revised the regulations to simplify the claims process and shift more of the cost of discharging loans onto schools, but DeVos is rewriting the rules to the benefit of for-profit colleges.
In May 2017, days before the administration made public its 2018 budget, the Post published information from the Education Department’s budget. There was deep interest in the education world about the administration’s budget priorities because Trump and DeVos had said they were charting a new course for U.S. public education.
Their top education priority, they said, would be expanding alternatives to traditional public schools, and the proposed budget would have made deep federal funding cuts to traditional public schools — which educate the vast majority of America’s children. It also sought about $400 million to expand charter schools and vouchers for private and religious schools, and $1 billion to push public schools to adopt policies that encourage alternatives to traditional public schools. Congress rejected much of that budget proposal.
The administration’s proposed 2019 budget had some of the same elements in it, and Congress has made clear it will again reject them.
Administration staffers, who asked not to be identified because they feared repercussions, said DeVos was furious with the budget document leaks to the Post, and officials sought to find the person or people who leaked them. One source said DeVos believed the leak came from the Budget Service office, and that led her to seek to split the now-centralized budget office during her major reorganization of the Education Department.
Congress took a dim view of that idea, inserting language into the massive spending bill passed last month that not only rejected many of DeVos’s 2019 budget priorities but also forbade her from making fundamental changes to the budget office. DeVos had wanted to send staff members in the Budget Service office to different sections of the department, which could make it more difficult for career budget staffers to see how money is being spent overall.
This was not the first time Education Department officials have been told there are no written policies or regulations for employees on how to handle information deemed sensitive.
The recent report notes that in June 2012, the Office of Inspector General issued an audit concluding that when the department begins setting new rules by negotiating with interested parties, it should have “specific documented protocols to protect sensitive information during the process” and that “a lack of written protocols increases the risk to the Department that sensitive information may be inappropriately shared with parties who are not privileged to such information.”
David Pozen, a law professor at Columbia University who researches government leaks, said he is not aware of criminal prosecution of any Education Department employees or contractors for leaking government information.
The Trump administration has said it would vigorously go after leakers. Last August, Attorney General Jeff Sessions said the Justice Department was investigating three times as many leak allegations as the Obama administration had left open. And federal prosecutors last summer charged a federal contractor with giving a top secret document to a news organization.
Trump is continuing practices of the administrations of George W. Bush and Barack Obama, both of which went after leakers, and in some cases, journalists. Under Bush, New York Times reporter Judith Miller stayed in jail for 85 days after refusing to identify a source and being slapped with contempt of court charges. According to the Committee to Protect Journalists, most of the prosecutions under the Espionage Act for leaking secrets came while Obama was president.
The difference between those cases and the Education Department leaks: The earlier episodes involved top secret material. Education budget documents and regulations are not classified.
Here is the complete list of recommendations Jordan made in his report to the department:
- Develop interim policy requiring Department employees to clearly mark non-public documents with markings that indicate the information is not for public release.
- Provide training to all Department employees and at least once again every two years thereafter on the proper protection and marking of controlled unclassified information, as specified in 32 C.F.R. § 2002.30.
- Create a new ACS [Administrative Communications System] Directive to address prohibitions on the unauthorized release of sensitive or non-public information, the definition of controlled unclassified information, and proper marking of documents as indicated in Executive Order 13556, 32 C.F.R. Part 2002, and the guidance located at https://www.archives.gov/cui.
- Update ACS Handbook OCIO-15, as necessary, for consistency with the new ACS Directive and pertinent National Institute of Standards and Technology publications.
- Evaluate the current list of offenses within the table of penalties located in HCP 751-1, and consider the inclusion of “Unauthorized Release of Non-Public Information” and/or “Unauthorized Release of Controlled Unclassified Information.”
- Apply Information Rights Management (IRM) to sensitive electronic documents during the review process when additional security controls are warranted. IRM can be used to prevent a document from being opened, forwarded, copied, or printed, except by those who have permissions to do so.
Here’s the full report: