There’s an uncomfortable truth that many clearance holders must confront: being held to a higher standard. While your friends might freely share links to leaked documents or engage in spirited debates on Reddit about whistleblower revelations, your best course of action is to steer clear.
This is particularly pertinent with the recent coverage in The Atlantic concerning the Signal leaks.
Yes, it’s The Atlantic—a reputable, mainstream publication, not some obscure blog. However, the classification and disclosure status of the materials discussed remain unchanged, regardless of the publication’s prestige or the depth of its analysis. Under Guideline K—Handling Protected Information—intentions are secondary to outcomes. And while government officials are arguing classified wasn’t shared, it seems clear sensitive information surely was – which is why it’s a good time for a refresher on what Guideline K includes, and how sensitive but unclassified information shouldn’t be shared, either.
GUIDELINE K: WHAT YOU KNOW CAN HURT YOU
Guideline K of the adjudicative guidelines addresses concerns related to the mishandling of protected information, whether classified or otherwise sensitive. This encompasses actions ranging from failing to properly secure documents to—crucially—knowingly accessing or continuing to possess classified information outside of official channels.
Even when a news outlet publishes classified or even sensitive information that hasn’t been approved for release, it doesn’t automatically become declassified for you. Engaging with that information—by reading, downloading, or sharing—can be deemed a violation, especially if done with awareness of its sensitive nature.
The Atlantic has begun the process of sharing more of the details behind the text threads it was erroneously added to. And government officials have argued about the sensitivity of information shared (security officers everywhere nodded in recognition as senior intelligence officials noted not knowing what CUI was)—however the data lands on the sensitivity spectrum, it’s clear it wasn’t intended for a journalist and likely should have fallen into a protected category. But those protections have fallen away and as details are leaked into the press and the open web, security clearance holders should avoid perusing them.
LESSONS FROM THE WIKILEAKS ERA
This isn’t the first time clearance holders have faced such dilemmas. Recall the WikiLeaks disclosures. At that time, federal agencies issued clear directives: employees and contractors were to avoid accessing or discussing the leaked materials, even though they were widely available online. The rationale was straightforward—the information remained classified, and engaging with it could compromise one’s security clearance.
“BUT I’M JUST READING!”
It’s understandable to be curious. Perhaps you aim to stay informed or to comprehend the implications of the leak to better defend your agency or program. However, security clearance adjudicators focus less on your motives and more on your judgment.
In today’s digital landscape, your activities leave a trace. If your agency’s insider threat program detects that you’ve accessed unauthorized material, claiming, “I just wanted to see what all the fuss was about,” won’t suffice.
Even passive consumption of leaked information—especially when it’s recent, still classified, or part of an ongoing investigation—can raise significant concerns. This is something to be aware of as the government prepares to implement the Personnel Vetting Questionnaire (PVQ). It puts increased emphasis on handling protected information and asks security clearance holders more pointed questions about what sensitive materials they may have accessed or improperly disclosed.
The best advice for clearance holders? If you encounter an article referencing leaked material—whether it’s in The Atlantic, The Intercept, or any other publication—refrain from engaging. Don’t open the link. Don’t read summaries. Avoid discussing the contents in casual conversations. And certainly, don’t comment on it from your personal social media profiles (yes, we see you).
YOU CAN’T UNSEE IT
One of the most challenging aspects of unauthorized access to classified information is dealing with the aftermath. If you become aware of operational details that you’re not authorized to know, you’ve complicated your professional life. Your judgment may come into question—a precarious position during any polygraph session.
Let those without clearances indulge in clickbait and opinion pieces. Your responsibility is to remain above the fray. If you require clarity on a topic involving classified material, utilize official channels. Consult your security officer. Rely on internal communications. Stay in your lane—and stay out of trouble.
