Wikilegal/Publication of Classified Documents

Note: This page shares the Wikimedia Foundation’s preliminary perspective on a legal issue. This page is not final – if you have additional information, or want to provide a different perspective, please feel free to expand or add to it. Please remember – this is not legal advice! This page may not be accurate, and may fall out of date over time. The purpose of these pages is to present the Wikimedia Foundation's perspective on an issue. However, because these pages may be edited and updated by the community, they may not continue to represent the viewpoints of the Wikimedia Foundation. The legal team can only represent the Wikimedia Foundation on legal matters, so if you feel you need personal legal advice, please contact a lawyer. Because the legal team represents the Foundation, we cannot provide consultations with community members. Contacting the legal team does not create an attorney–client relationship, or any of the duties that come with such a relationship, such as confidentiality. For more information on this disclaimer, see here. Translate this header box!

One issue that sometimes comes up is the posting of classified documents and other related materials on WMF project sites. At times, these sorts of documents may provide relevant information regarding a matter of public concern. However, they also present some risks. Specifically, as a hosting venue, WMF does not edit, contribute to, or monitor the content on WMF project sites. For this reason and as noted in the Terms of Use, editors are legally responsible for the edits and contributions they make on Wikimedia project sites, including those made to English Wikipedia. Therefore, you should be careful when dealing with classified information, as there are times where the publication of classified or even potentially classified information could lead to liability, including criminal liability. This posting is intended to help provide some general information and WMF Legal’s perspective about uploading classified or secret documents and information to the Wikimedia projects. However, any analysis will depend on the facts of the particular case or disclosure, which can vary and result in different legal conclusions.

Following the conclusion of World War I, Congress enacted the Espionage Act of 1917 (codified in 18 U.S.C. §§ 793-798) to mitigate the delivery of classified information to those not authorized to receive it. Traditionally, the Act has been used to prosecute government employees who provide classified information to individuals outside the government. See Harold Edgar and Benno C. Schmidt, Jr., The Espionage Statutes and Publication of Defense Information, 73 Colum. L.Rev. 929, 940 (1973) (discussing the development of the Espionage Act of 1917). However, recent case law suggests that other non-governmental entities, including the media, are not entirely immune from liability. See generally, Christopher J. Markham, “Punishing the Publishing of Classified Materials: the Espionage Act and Wikileaks”, 23 B.U.Pub.Int.L.J. 1, 5-6 (Winter, 2014) (no publicly available resource at this time); see also New York Times Co. v. U.S., 403 U.S. 713, 717 (1971) (citations omitted)(discussing the First Amendment, classified documents, and how the media should be permitted newsworthy information “without censorship, injunctions, or prior restraints”). Similarly, the Intelligence Identities Protection Act of 1982 (IIPA) criminalizes the disclosure of information relating to the identity of covert federal agents. An individual will be liable under the IIPA where: (1) they have unauthorized access to classified information; (2) they actively participate in the discovery or exposure of covert agents; and (3) with the intent to harm U.S. intelligence. Jennifer K. Elsea, Intelligence Identities Protection Act, Congressional Research Services, at 3 (2013). WMF editors need to be careful when publishing classified information because it can come from many different sources.

Merely publishing or disseminating classified information is usually not enough to trigger criminal liability under United States law. Rather, courts have found that there must be two additional requirements in order for the publication to become a crime: (1) knowledge that the information will cause harm to the interests of the United States and (2) malicious intent when the information is published. See U.S. v. Rosen, 445 F.Supp.2d 602 (E.D.Va. 2006) (citations omitted). Therefore, the ability to publish leaked classified information may often depend on whether the individual posting the document knew that the information would cause harm and published the information without good cause. Liability may also depend on whether the leaked information came from a widely public source and serves an educational purpose.

Courts have defined classified documents as tangible or intangible information relating to national defense of the United States (NDI for short). See e.g., Gorin v. U.S., 312 U.S. 19, 26 (1941); U.S. v. Morison, 844 F.2d 1057, 1065 (4th Cir. 1988); and Rosen, 445 F.Supp.2d at 623 - 624. Such information includes, but is not limited to, photographs, writings, sketches, maps, and notes. See 18 U.S.C. § 793(d). Given its breadth, courts have attempted to limit the scope of NDI by “requiring the government to prove (i) that the information is closely held by the government and (ii) that the information is the type of information that, if disclosed, [would threaten the security] of the United States.” Morison, 844 F. 2d 602 at 617. The publication of NDI is also considered harmful if its disclosure would be useful to an enemy of the United States. Id. at 621- 622. Finally, the classification status of the documents will depend on who is entitled to receive the information. Id. at 624.

In practice, this means that one should think carefully about a classified document to determine if it’s safe to post. Who was it written for? Has it been published elsewhere, and if so, by whom? Has the government acknowledged or accepted it? Has the government gone after anyone that has posted it? Does it concern something related to national defense/intelligence or is it on a different topic?

In order for the government to assert a claim challenging the unauthorized disclosure of NDI, they would have to show that the disclosure was made with intent to harm or threaten the security of the United States. The intent requirement helps eliminate “‘any genuine risk of holding a person ‘criminally responsible for conduct which he could not reasonably understand to be proscribed.’” Id. at 625 (citing United States v. Hsu, 364 F.3d 192, 197 (4th Cir.2004)). Accordingly, it is the government’s burden to prove beyond a reasonable doubt “that the defendants knew the information was NDI, i.e., that the information was closely held by the United States and that disclosure of this information might potentially harm the United States, and that the persons to whom the defendants communicated the information were not entitled under the classification regulations to receive the information.” Rosen, 445 F. Supp. 2d at 625. The government must also prove that the publisher “communicated the information they . . . received from their government sources with ‘a bad purpose either to disobey or to disregard the law.’” Id. (citing Morison, 844 F.2d at 1071). Therefore, an individual acts with “malicious intent” in situations where they intentionally publish or disclose classified government information and do so in bad faith. Id. at 627.

If one looks at the harm factors above and it really seems like publishing a document could compromise an operation or otherwise put someone in danger, doing it anyway could be seen as malicious intent.