User:VAcharon/SAP

Special Access Programs (SAP) and special access budgets (SAB) are the Pentagon's terminology when used to refer to black programs and black budgets, respectively.^[1] The terms were devised and put into circulation in the late 1980s during Ronald Reagan's presidency when Californian Democratic Representative Ronald V. Dellums wearied of voting against "black programs"/"black budgets" and constantly explaining that these programs referred to covert projects and accounting rather than programs for African-Americans. He succeeded in persuading his colleagues on the House Armed Services Committee's Research and Development Subcommittee to adopt the SAP and SAB phrases in their stead.^[1] The Pentagon and the NSA followed suit.^[1]

Special access programs (SAPs) provide United States classified information with safeguards and access restrictions that exceed those for regular (collateral) classified information. A SAP may be authorized by the Secretaries of State, Defense, Energy, or Homeland Security, the Attorney General, the Director of National Intelligence (DNI), their principal deputies, or others designated by the President.^[2] In addition to collateral controls, a SAP may impose more stringent investigative or adjudicative requirements, specialized nondisclosure agreements, special terminology or markings, exclusion from standard contract investigations (carve-outs), and centralized billet systems.^[3]

Types and categories

Two types of SAP exist: acknowledged and unacknowledged. The existence of an acknowledged SAP may be publicly disclosed, but the details of the program remain classified. An unacknowledged SAP is made known only to authorized persons, including members of the appropriate Congressional committees. Waived SAPs are a subset of unacknowledged SAPs. These SAPs are exempt from most reporting requirements and, within the legislative branch, they are only briefed to ranking committee members.^[4] (See 10 USC 119, which governs SAPs in DOD. Is this generalizable to other SAPs? Statute says only chairman and ranking member of each defense committee is briefed; nothing about intel committees or whoever State or the AG might report to. Must clarify, since approval authority for SAPs has mushroomed.)

There are three categories of SAPs:^[5]

• Acquisition SAPs (AQ-SAPs), which protect the "research, development, testing, modification, and evaluation or procurement" of new systems;
• Intelligence SAPs (IN-SAPs), which protect the "planning and execution of especially sensitive intelligence or CI units or operations";
• Operations and Support SAPs (OS-SAPs), which protect the "planning, execution, and support" of sensitive military activities.

Only the DNI may create IN-SAPs. Sensitive Compartmented Information (SCI) control systems may be the most well-known intelligence SAPs. The treatment of SCI is singular among SAPs, and it seems there is some disagreement within the government as to whether or not SCI is a SAP. Defense Department sources usually state that it is,^[6] and at least one publication refers to a distinct SCI-SAP category alongside the three listed above.^[7] The Intelligence Community, drawing on the DNI's statutory responsibility to protect intelligence sources and methods, finds a legal basis for SCI separate from that of SAPs, and consequently consider SCI and SAPs separate instances of the more general controlled access program.^[8]

SAP security

SAPs may exist at any classification level. Access to a SAP requires a valid security investigation completed within the last five years. Note that, due to the standard reinvestigation period for a Confidential or Secret clearance, one may have access to collateral Secret but not a SAP classified at the Secret level. SAP materials must be stored in a SAP facility (SAPF) or SCI facility (SCIF) (which subsumes the standards for a SAPF) (I think, didn't go through it line by line).

(compare/contrast with collateral/accm/sci)

Naming

Every DOD SAP must have an unclassified nickname comprising two words selected from Joint Army-Navy-Air Force Publication (JANAP) 299. A SAP may also have a classified code word.^[9] The nickname is used to identify acknowledged SAPs to those who do not hold a security clearance, while the code word may only be used among cleared personnel.

Marking

SAP documents require special marking to indicate their status. The words SPECIAL ACCESS REQUIRED, followed by the program nickname or codeword, are placed in the document's banner line. Abbreviations may be used for either element. Portion markings use SAR and the program's abbreviation. For example, a secret SAP with the nickname MEDIAN BELL would be marked SECRET//SPECIAL ACCESS REQUIRED-MEDIAN BELL. Portions would be marked (S//SAR-MB). ^[10] Older documents used a slightly different standard for marking. The banner line would read SECRET//MEDIAN BELL//SPECIAL ACCESS REQUIRED, and the portion marking would read (S//MB).^[11] Other variations move the special access warning to a second line, which would read MEDIAN BELL Special Control and Access Required (SCAR) Use Only or some other phrase directed by the program security instructions.^[12]

Note that the national and international SAPs below are not marked in this manner.

(How do we handle subcompartments in current system? Another dash like SCI? Same with INCLUSIVE?)

Examples

Greenbriar Hotel (http://www.access.gpo.gov/congress/commissions/secrecy/index.html Chapter II) COG, Protection of President ("national programs" operated from Exec Office of President, not one of the aforementioned agencies)

The following national or international SAPs, unless otherwise noted, are identified in 32 CFR 154.17.

• Sensitive Compartmented Information (SCI), national intelligence information concerning sources and methods which is protected by control systems defined by the Director of National Intelligence. Note that SCI markings are separate from those of other SAPs.
• Single Integrated Operational Plan-Extremely Sensitive Information (SIOP-ESI, replaced by NC2-ESI), the national plan for nuclear war. Note that SIOP-ESI was listed among non-IC dissemination control markings on classified documents, not with other SAPs.
• Presidential support activities
• Nuclear Weapon Personnel Reliability Program
• Chemical Personnel Reliability Program^[13]
• Access to North Atlantic Treaty Organization classified information (staff members only)

References

1. "A Revision in Jargon", The New York Times, p. 12, 1989-02-28
2. EO 13526
3. DOD 5200.1-R, 1997, p. 86
4. 10 USC 119
5. AR 380-381, 2004, p. 11
6. 32 CFR 154.17 and NISPOM, 2006, p. 9-3-1
7. AR 380-5, 2000, p. 11
8. DCID 3/29, 1995
9. DOD 5200.1-R, p. 105
10. Authorized Classification and Control Markings Register v1.2, p. 9
11. AR 380-5, 2000, p. 221
12. AR 380-381, 2004, p. 37
13. AR 380-67, 1988, p. 17

External links

• 32 CFR 154.17, 2010
• AR 380-5, Department of the Army Information Security Program, 29 September 2000
• AR 380-67, Personnel Security Program, 9 September 1988
• AR 380-381, Special Access Programs (SAPs) and Sensitive Activities, 21 April 2004
• Authorized Classification and Control Markings Register Version 1.2, 12 May 2008
• DCID 3/29, Controlled Access Program Oversight Committee, 2 June 1995
• DOD 5220.22-M, National Industrial Security Program Operating Manual (NISPOM), 28 February, 2006
• DODD 5200.1-R, Information Security Program, January 1997
• EO 13526, Classified National Security Information, 29 December 2009