What is 'SECRET UE' anyway?
24.09.12 @ 08:44
BRUSSELS - EU countries have a protocol for sharing official "secrets." But people's motives for classifying EU files are not always pure and the number of really hush hush papers in Brussels is tiny.
The EU Council - where member states meet to talk about everything from the euro crisis to Iran oil sanctions - has five levels of document security: LIMITE UE, RESTREINT UE, CONFIDENTIEL UE, SECRET UE and TRES SECRET UE.
The "UE" means "Union Europeene" - by custom, the label is always in French, even though the "UE" bit is normally dropped on document markings.
LIMITE is for day-to-day internal papers which are often published later on. Examples are: a statement by Council chief Herman Van Rompuy before he makes it, draft EU summit conclusions or a draft EU policy before ministers rubber-stamp it.
Any EU official or diplomat can read them, email them or print them and people frequently leak them to press.
It does not mean the leaks are benign - advance notice of an EU deal on, say, bank supervision could move markets or trigger lobbying designed to harm it. Meanwhile, non-EU diplomats who get their hands on internal EU papers use the Council's own guide to labelling to check if the documents are authentic.
The red line is RESTREINT - if you leak one, you might lose your job.
"I would never cross that line. I wouldn't even think about it. It needs to be properly declassified," one EU contact said.
It said RESTREINT material could be "disadvantageous" to EU interests if it gets out. It might "adversely affect" diplomatic relations, "distress" individuals or "facilitate" crime and "improper gain."
CONFIDENTIEL information could "harm ... essential" EU interests. It might prompt "formal protest or other sanctions" by non-EU countries. It might also "damage" EU "security or intelligence operations" and "undermine the financial viability of major organisations."
SECRET could "seriously harm" interests. It might "raise international tensions" or "threaten life" or "public order."
TRES SECRET could cause "exceptionally grave prejudice" to EU wellbeing. A breach might cause "widespread loss of life," threaten "internal stability" or "cause severe long-term damage to the EU economy."
The rules on protecting documents indicate how sexy the contents might be.
RESTREINT files are supposed to be sent on an encrypted system called Cortesy, which is cut off from the Internet.
If you want to see CONFIDENTIEL, SECRET or TRES SECRET texts you have to be security-vetted by your home country's intelligence service.
They check your police records, your medical history and your bank account for starters. If you drink too much, if you were part of a "subversive" group in your student days or if your relatives live in a country that might threaten them to get to you, chances are you will get a No.
CONFIDENTIEL and SECRET files are to be sent on a fancier encryption system called Solan.
TOP SECRET papers are hand-delivered by a vetted courier in a sealed envelope marked only with the recipient's name.
The high-level documents are kept in safes in rooms watched by CCTV and with electronic locks which log who goes in and out.
Secure areas for reading them are also "Tempest-protected" - insulated so that eavesdropping devices in neighbouring buildings cannot decode electro-magnetic radiation which comes off computer screens and wires.
If you leak any of this stuff, you might go to jail.
'It's a subjective decision'
EUobserver spoke to several EU officials and former officials with access to SECRET or TRES-SECRET-level papers to learn more on what the labels mean in practice.
It learned that EU officials are not quite sure.
The author of a document decides which label to use and his head-of-unit or director-level superior checks it before it goes out. But even senior people can get it wrong.
"It's not because you just joined the service that you tend to overclassify or that after several years you underclassify because you think it's all business as usual. It's not an algorithm. You don't tick boxes. At the end of the day, it's a subjective decision which comes down to how used you are to handling sensitive information, how well you've been trained and how good your hierarchy is," one EU contact explained.
He said people who underclassify tend to do it because they want a bigger readership for their work. People who overclassify do it to look important or just because they are twitchy by nature.
"I remember a British official who was so secretive that he used to hide his computer screen when colleagues walked by. But other British officials aren't like that," he added.
Another EU contact noted that Austrian and French officials are known for overclassifying. "Sometimes I open a document and I think: 'What? You've put me to all this trouble of decrypting, registering, re-crypting and re-registering for this bullshit?'," he said.
A third contact added: "I've seen two different versions of the same document, each with a different classification."
A look at some (partly) declassified files gives an idea of the niceties of the craft.
Four ex-RESTREINT files concern: a project to train justice officials in Georgia; plans for an EU police mission in Congo; a decision on an EU-Latin-America foundation; and an annual survey of civilian missions abroad.
One ex-CONFIDENTIEL paper is about stopping a massacre in Uganda.
There is a clear difference between RESTREINT and CONFIDENTIEL. The most sensitive RESTREINT item is a mandate for EU police in Congo to combat sexual violence. But the Uganda paper talks about France's "brigadier general Thonier" who is to deploy "1,000 armoured/mechanised troops" in two months' time to snatch control of an airport.
The difference between RESTREINT and LIMITE is less obvious.
The ex-RESTREINT Georgia paper records banalities, such as "sets of furniture have been delivered and assembled in the HQ and co-locations." Meanwhile, one ex-LIMITE paper from 2001 talks about prospects for EU intelligence sharing. Another LIMITE file lists the EU's beefs with Russia shortly after the Georgia-Russia war in 2008.
EUobserver's contacts added a bit of flesh to the official terminology.
They said RESTREINT files normally cover: operational plans for EU civilian/police missions; updates on security risks at the EU's foreign embassies; EU ambassadors' political reports; details of upcoming sanctions on small countries such as Belarus or Burma; reports on contacts with dissidents who visit the EU capital or in their home country.
CONFIDENTIEL texts would be: plans for EU military missions; sanctions decisions on important countries such as China or Iran; reports containing EU officials and diplomats' personal judgements on third countries' VIPs; details of talks by EU diplomats in the Political and Security Committee; discussions in the Council's counter-terrorism groups; some reports on terrorism and foreign crises by IntCen, the European External Action Service's (EEAS) intelligence-sharing office; the EU's negotiating position in bilateral trade talks.
SECRET papers would include: information about EU or non-EU ministers or leaders which could be used against them; reports with names of foreign officials who leak sensitive information; the EU's negotiating position on a major international agreement designed to generate wealth for the Union; some IntCen reports; details of the "P5+1" anti-nuclear-proliferation talks with Iran; details of "Quartet" talks on the Middle East Peace Process.
TRES SECRET documents could be: advance warning of a coup d'etat in a foreign country; the cryptographic keys to EU communications networks; information which exposes high-level intelligence sources.
"If [Russian foreign minister Sergei] Lavrov has a secret meeting with the Iranian foreign minister and they know that we know, then they know they have a mole, that we are plugged into a certain level of their decision-making," one EU contact said.
"Imagine the UK has the codes to read the diplomatic cables of another country. One blunder and that country changes its codes and you never get that access again," another EU source noted.
Zooming out of the Council, the European Commission does things differently, creating extra scope for confusion.
The commission - which circulates commercially-valuable files - uses Council tags and said a "significant majority" of its sensitive documents are marked no higher than RESTREINT. But some departments have invented their own labels as well. Its anti-trust office, DG Comp, uses COMP OPERATIONS and COMP SPECIAL HANDLING.
The commission also uses different encryption systems, called NCN (New Communications System) and Rue (Restreint Union Europeene) to send documents.
The EEAS uses NCN and Rue as well as Cortesy and Solan. It also uses Nato systems for contact with foreign delegations.
Meanwhile, another motive for classification would make a pro-transparency activist grind his teeth.
One EU source said: "It may have happened that a document was classified because it made us look bad. But this is not something regular."
Another EU contact said face-saving secrecy is normal.
He gave the example that if Germany, for instance, was processing nuclear waste despite Chancellor Angela Merkel's commitments not to, the information would be marked up partly for security reasons (to prevent protests at the site) and partly to protect Merkel's reputation.
"If something is embarrassing, then it is a secret. This is what they call raison d'etat. If you don't like it - tough, grow up," he said.
EU embarrassment is not always a bad thing, however.
A RESTREINT report on Israeli settler violence leaked this year showed that EU ambassadors on the ground favour tougher action than EU ministers in the Council.
EUobserver in 2010 saw a RESTREINT report about EU-Russia human rights talks. EU diplomats at the time said it was classified to protect victims' names. But the report also showed that EU officials think the talks amount to little, even though EU leaders say the opposite in public.
When German journalist Hans-Martin Tillack in 2002 exposed fraud in the commission, its anti-fraud office, Olaf, had marked one relevant document and a second important paper as "CONFIDENTIAL." But the scandal helped to clean things up instead of harming "essential" EU interests.
Is that all?
The minute number of top-level texts in circulation also testifies to lack of trust between EU countries and institutions.
Contacts estimated the Council sees between 600 to 1,000 new RESTREINT documents each year, 250 to 300 CONFIDENTIEL files and 30 to 100 SECRET ones.
They said the number of TOP SECRET texts is between two and six.
The figures come with a warning: the more sensitive the material, the more it is shared on a "need to know" basis. Some of EUobserver's contacts who were cleared to read TOP SECRET files had not seen a single one in over 10 years of work.
One source joked that since Council chief Van Rompuy "isn't building a nuclear weapon, isn't fighting a war and doesn't run covert espionage programmes" the EU does not have hard information of its own.
Another contact said EU countries which do all of these things do not see the EU institutions as the right place to talk about them. "We [EU institutions] don't have secrets because member states basically don't trust us ... If Israel attacks Iran, the first time that we hear about it will be on CNN," he said.
A third source recalled how hard it was to get EU countries to share even low-level intelligence in the early days of IntCen 10 years ago.
"Countries wouldn't share because they thought what they had was too good to share ... Spain would not send information on Colombia. Germany would not send information about its business activities in Kazakhstan," he said.
He noted that the flow of information between EU capitals depends on human relationships as well as protocols.
"Who are these people [from Brussels]? Can I trust them? The world of intelligence, the world of secrets is very much like that. Who do you know? Who do you trust? ... It's all about people," he said.