Former CIA Director Gen. David Petraeus — perhaps the most revered military commander of his generation — has agreed to a plea deal for passing highly classified material to Paula Broadwell, his biographer and erstwhile mistress. General Petraeus gave Ms. Broadwell several "black books" in which he kept information on strategy, intelligence capabilities, meetings and — most shockingly — covert identities, according to press accounts. After he allowed her to keep them unsecured for several days, he brought them to his house where he stored them in an unlocked desk drawer, even after he resigned as CIA director.
He joins a long, embarrassing line of national security principals who have flouted information security rules and gotten off relatively easily: Attorney General Alberto Gonzales kept National Security Agency wiretap program information in his home, National Security Advisor Sandy Berger removed classified documents from the National Archives, and CIA Director John Deutch loaded secret files on his unsecure home computers.
The cavalier actions of these senior leaders is lamentable and not only because their actions presented real counterintelligence vulnerabilities. Stories like these breed cynicism among rank-and-file intelligence officers and a perception that they, too, can play fast and loose with classified information, undercutting the professionalism that the secret services require to function both well and confidentially.
At its heart, the Petraeus incident is about a double standard that exists on two levels.
First, under the plea deal, General Petraeus will plead guilty to a single misdemeanor, and the government will pursue a fine and probation, not jail time. Such a punishment is a slap on the wrist compared to the penalties faced by lower-level officers who have recently intentionally leaked classified information, including: a year-long prison sentence for a contractor who disclosed classified information to Fox News, a nearly four-year term for an FBI bomb technician who discussed classified information with the Associated Press, and a thirty-month sentence for a former CIA analyst and case officer who leaked information about controversial interrogation practices to the press. (Edward Snowden rightly faces espionage charges.) Leaks do serious damage, and these sentences may be just, but the discrepancy between the penalties for the mighty and for the lowly is shocking.
Second, there is a double standard when the men and women of the intelligence community bear the daily inconveniences to protect our country's secrets, and the higher-ups do not. Protecting classified information is difficult; it can be a headache to make sure you are not accidentally carrying classified material home in your briefcase, speaking loosely at a party or using an open phone line to discuss sensitive work. But most officers (and most principals) take the trouble to abide by security protocols because they would get in trouble if they did not and — critically — because they believe their actions help keep the nation safe. Consider how hard it is to endure those petty annoyances if you think the rules do not apply to the most august leaders in your agency, who harbor the secrets most worth protecting.
It is not as though General Petraeus and the other brass escaped scot-free. According to reports, Mr. Petraeus will serve two years probation and pay a $40,000 fine; Mr. Berger pleaded guilty to a misdemeanor, paid a $50,000 fine, served two years probation and was stripped of his security clearance for three years; and Mr. Deutch lost his security clearances, though was never charged. But these are light punishments considering both the scope of the infractions and the message the seniors' wrongdoing sends to the hundreds of thousands of national security professionals.
So what should be done? As a start, agencies and Congress should consider imposing stiffer penalties — both administrative and criminal — on senior executives and political appointees for mishandling sensitive information. Higher-ups should face graver consequences than the rank-and-file. But more important than official sanction, national security leaders need to embrace a culture in which they ask nothing of their underlings that they do not ask of themselves. And if a security requirement is too cumbersome for the principal, perhaps the agency head should repeal it for everyone.
Fighting against cynicism within the ranks takes effort and leadership — and a willingness to follow the rules. That starts at the top.