Contents

• Introduction
• Background
• IAAs for FY2014 and FY2015: Selected Legislative Provisions
• IAA for FY2014 (P.L. 113-126)
• Intelligence Advanced Research Projects Activity (IARPA)
• Functional Managers
• Financial Auditability
• Foreign Counterintelligence Program (FCIP) Merged Into General Defense Intelligence Program (GDIP)
• Enhanced Oversight over Legal Opinions
• Enhanced Role in Appointments
• Insider Threats
• Security Clearance Reciprocity
• Whistleblower Protections
• Contractor Responsibility Watch List
• The IAA for FY2015 (P.L. 113-293)
• National Intelligence Strategy (NIS)
• Data on U.S. Persons
• Whistle Blower Protections and Security Clearances
• The Homeland Security Intelligence Program
• Regional Issues
• Contractor Level Assessments
• Memoranda of Understanding May Improve Intelligence Sharing
• Counterterrorism Strategy
• FIX-ITT (Financial Exchange and Intelligence Integration)

Summary

Two Intelligence Authorization Acts (IAAs) were passed in 2014. The IAA for Fiscal Year (FY) 2014 (P.L. 113-126) was passed in July and an IAA for FY2015 (P.L. 113-293) was passed in December. This report examines selected provisions in the legislation and provides an intelligence community framework in the Appendix.

---

Intelligence Authorization Legislation for FY2014 and FY2015: Provisions, Status, Intelligence Community Framework

Introduction

Permanent, continuing, day-to-day oversight of the U.S. intelligence community (IC) by the two congressional intelligence committees will soon mark its 40th anniversary.¹ The IC's missions, responsibilities, capabilities, size, and management have experienced dramatic changes over the past four decades.² The congressional oversight committees have played a significant role in shaping these changes and continue to do so, particularly through their annual intelligence authorization bills.

In recent years the IC has initiated a transformation from the agency-centric practices of the past to an "intelligence enterprise"³ established on a collaborative foundation of shared services, mission-centric operations, and integrated mission management to confront its ever growing list of challenges. The recently released National Intelligence Strategy 2014 lays out the strategic environment and identifies the scale of what James Clapper, the Director of National Intelligence (DNI), terms the "pervasive and emerging threats":

While key nation states such as China, Russia, North Korea and Iran will continue to challenge U.S. interests, global power is also becoming more diffuse. New alignments and informal networks, outside of traditional power blocs and national governments, will increasingly have significant impact in global affairs. Competition for scarce resources such as food, water and energy is growing in importance as an intelligence issue as that competition exacerbates instability, and the constant advancements and globalization of technology will bring both benefits and challenges.⁴

The challenge for this and future Congresses is to help shape intelligence priorities while a more integrated IC adjusts to new budget realities. Congress has an important role in the oversight of the agencies responsible for dealing with this altered intelligence environment, and the annual authorization process represents one of the most important opportunities to exercise this role. Intelligence authorization legislation does not guarantee effective interagency intelligence efforts, but proponents of the oversight process maintain that authorization acts are the best lever that Congress has to address the interagency effort.

Background

The "congressional intelligence committees," as defined in 50 U.S.C. §401a (6), consist of the Senate Select Committee on Intelligence (SSCI) and the House Permanent Select Committee on Intelligence (HPSCI). The intelligence committees were created in the 1970s to conduct continuous and "vigilant legislative oversight" over the IC to assure (1) "that the appropriate departments and agencies of the United States provide informed and timely intelligence necessary for the executive and legislative branches to make sound decisions affecting the security and vital interests of the Nation," and (2) "that such activities are in conformity with the Constitution and laws of the United States."⁵ They operate behind closed doors, for the most part, overseeing the most secret aspects of the U.S. government. The two intelligence committees are the repositories of most intelligence shared with Congress. Their secure office and hearing room spaces are guarded around the clock by Capitol Hill police.⁶

One of the few windows into the activities of the two intelligence committees is their authorization legislation and accompanying committee reports.⁷ They produce (but do not always pass) annual legislation that guides the activities of all 17 U.S. intelligence components—providing authorization for critical national security functions. All authorization bills are important resource documents in terms of both money and manpower, and the intelligence bills are particularly important in this regard. (See the Appendix for an IC framework that includes a list of IC components.)

Separate and distinct from one another, the authorization and appropriations processes determine budget authority for agencies and programs. The authorization committees establish the necessity, legitimacy, and intent of agencies and programs. In doing so, authorization is an oversight function, communicating general guidance, leadership, and priorities and providing legislation and direction to agencies.

Appropriations committees determine funding levels for policies and programs previously authorized. For the most part, the appropriations process provides specific details within the general guidance and limitations given by authorizations. Cutting funds, adding funds, or attaching provisions to funding are powerful ways to influence policy decisions. The funding associated with intelligence is significant. For FY2014 alone, the aggregate amount (base and supplemental) appropriated to the national and military intelligence programs totaled $67.9 billion.⁸

The complexity and range of activities the intelligence authorizing committees oversee covers a wide range. According to a recent House Intelligence Committee report, current legislation:

provides authorization for critical national security functions, including: CIA personnel and their activities worldwide; tactical intelligence support to combat units in Afghanistan; NSA's [National Security Agency's] electronic surveillance and cyber defense; global monitoring of foreign militaries, weapons tests, and arms control treaties, including use of satellites and radars; real-time analysis and reporting on political and economic events, such as current events in the Middle East and Eastern Europe; and research and technology to maintain the country's technological edge.⁹

The authorizing legislation passed by the intelligence committees has particular power with the IC agencies because the respective rules that established the intelligence committees provided that, "no funds would be expended by national intelligence agencies unless such funds shall have been previously authorized by a bill or joint resolution passed by the Senate [and House] during the same or preceding fiscal year to carry out such activity for such fiscal year."¹⁰ In 1985, Section 504 of the National Security Act was tightened to require that appropriated funds available to an intelligence agency could be obligated or expended for an intelligence or intelligence-related activity only if "those funds were specifically authorized by the Congress for use for such activities."¹¹ If and when intelligence authorization bills fail to pass, the IC relies on language in appropriation bills that both authorizes and appropriates funds, until such time as an authorization bill is passed.¹²

In terms of process, each year the House and Senate intelligence committees produce their respective versions of the Intelligence Authorization Act (IAA). Each committee produces an unclassified bill, an unclassified report, and a classified "Schedule of Authorizations" (included within the "Classified Annex," or simply "the Annex") that provide detailed guidance to the nation's intelligence agencies. The Annex contains the schedule of authorization budget numbers as well as committee guidance and requirements that directly pertain to the classified material and cannot be disclosed publicly.¹³ Committee reports state that the Schedule of Authorizations "is incorporated by reference in the Act and has the legal status of public law."¹⁴ Both intelligence committees make the Annex available for review by Members of their respective chambers, subject to appropriate disclosure restrictions.¹⁵ Following passage of these bills,¹⁶ a conference committee is usually convened to resolve the various differences between the House and Senate versions.

Despite the requirement for both an authorization and matching appropriation, in the years following the 9/11 attacks the intelligence committees have sometimes found it difficult to reconcile philosophical differences over important issues.¹⁷ In some years, IAAs failed to pass one or both chambers before the beginning of the fiscal years they represented, were never passed by one or both chambers, or were vetoed by the President. Table 1 illustrates this difficulty. The table summarizes the legislation associated with the annual intelligence authorization bill over the past 15 years. IAAs for nine fiscal years (2000-2005, 2012-2013, and 2015) were signed by the President three months into the respective fiscal year. Three intelligence bills were never sent to the President for signature (2006, 2007, and 2009) and two were vetoed (2001 and 2008). The IAA for FY2010 was passed in October 2010, a week after FY2010 was over. The IAAs for FY2011 and FY2014 were passed just a few months prior to the end of their respective fiscal years.

According to media and academic accounts, and statements by Members¹⁸ in committee reports, the reputations of the intelligence committees suffered during the six-year period when no intelligence bills were passed.¹⁹ The absence of an authorization bill in a particular fiscal year does not mean that ongoing programs cease to be authorized. Authorization bills may enact far-reaching provisions that are essentially timeless—reporting requirements that recur each year until repealed or suspended by another authorization bill. In this case, however, no intelligence legislation was signed into law for six years (December 2004 to October 2010, see Table 1).

During the years when there were no authorization bills, the appropriation committees had the de facto ability to both authorize and appropriate. In addition, other authorizing committees with intelligence-related oversight responsibilities began reestablishing their prerogatives in regard to IC activities that fell into their areas of jurisdiction.²⁰ Beginning in 2009, intelligence committee leaders in both parties dedicated themselves to getting intelligence authorization bills passed on an annual basis. The combined efforts of SSCI Chairwoman Feinstein and HPSCI Chairman Rogers have been particularly effective, as were the efforts of HPSCI Chairman Reyes.²¹ Table 1 illustrates the fact that there has been an intelligence bill every year since FY2010, although in several cases there have been considerable lag times between the beginning of the fiscal year and bill passage. They have been successful in getting IAAs passed in both chambers and signed by the President for every fiscal year since 2010. The IAA for FY2015 was signed into law on December 19, 2014.

Later in this report, Table 2 provides an overview of the intelligence authorization legislation considered in the 113^th Congress, with accompanying reports and the dates of major actions. Table 3 provides a summary of selected provisions from the IAA for FY2015 with comparable provisions in the original H.R. 4681 and S. 2741.

IAAs for FY2014 and FY2015: Selected Legislative Provisions

The Intelligence Authorization Act (IAA) for Fiscal Year (FY) 2014 (P.L. 113-126) was signed into law on July 7, 2014. An IAA for FY2015 (P.L. 113-293) was signed into law on December 19, 2014.

Understanding what has happened when in terms of actions for the IAAs for FY2014 and FY2015 is difficult because of sequencing issues and bill titles. Table 2 provides an overview of the intelligence authorization legislation considered in the 113^th Congress, with accompanying reports and the dates of major actions. The following timeline may also be helpful:

• October 1, 2013: Fiscal Year 2014 began.
• November 12, 2013: The SSCI reported an IAA for FY2014 (S. 1681) out of committee to the Senate, accompanied a day later by S.Rept. 113-120.
• November 25, 2013: The HPSCI reported an IAA for FY2014 (H.R. 3381) out of committee to the House, accompanied by H.Rept. 113-277.
• May 15, 2014: The HPSCI introduced an IAA for FY2015 (H.R. 4661).
• May 20, 2014: The HPSCI introduced an IAA for both FY2014 and FY2015 (H.R. 4681).
• May 27, 2014: The HPSCI reported an IAA for FY2014 and FY2015 (H.R. 4681) to the House, accompanied later by H.Rept. 113-463.
• May 30, 2014: The IAA for FY2014 and FY2015 (H.R. 4681) was passed by the House and sent to the Senate for consideration.
• June 11 2014: Instead of considering H.R. 4681, the Senate passed the IAA for FY2014 (S. 1681) and sent it to the House.
• June 24, 2014: The House passed the IAA for FY2014 (S. 1681)
• July 7, 2014: The IAA for FY2014 (S. 1681) became P.L. 113-126.
• July 31, 2014: The SSCI reported an IAA for 2015 (S. 2741) to the Senate, accompanied by S.Rept. 113-233. It was placed on the Senate Calendar.
• October 1, 2014: Fiscal Year 2015 began.
• December 9, 2014: SSCI discharged H.R. 4681 by Unanimous Consent. The amended version represented the results of an informal HPSCI SSCI compromise and included provisions from the original H.R. 4681 and S. 2741. The Senate amended version of H.R. 4681 passed in the Senate as the "IAA for FY2015."
• December 10, 2014: House agreed to the Senate amended H.R. 4681.
• December 12, 2014: Presented to the President for his signature.
• December 19, 2014: Signed, became P.L. 113-293.

IAA for FY2014 (P.L. 113-126)

Intelligence Advanced Research Projects Activity (IARPA)

Provisions in Section 104 authorize additional appropriations and positions for advanced research and development to remain available through September 2015. The advanced research and development activity refers, in part, to the Intelligence Advanced Research Projects Activity (IARPA), the research and development arm of the Office of the Director of National Intelligence (ODNI). IARPA is the IC's version of the DOD's Defense Research Projects Agency (DARPA). Both IARPA and DARPA invest in high-risk, high-payoff research programs to tackle some of the most difficult challenges of the agencies and disciplines in the defense establishment.²² According to its Director, IARPA sees itself as "an agency that makes sure no important thing remains undone because it doesn't fit somebody's mission."²³

According to the Senate report accompanying the legislation, the committee continues to strongly support the mission of the IARPA. It recommends that "IARPA's mission should remain a priority, even during the fiscal environment when research and development investment can come under pressure. Its mission and work should be integral to the IC R&D [Research and Development] strategic plan."²⁴ The report goes on to say, "Therefore, the Committee strongly supports full preservation of the budget request for IARPA in FY2014 and encourages robust investment by the IC in IARPA in FY2015."²⁵

Functional Managers

Section 305 codifies the existing requirement in E.O.12333 for the DNI to designate "functional managers" for signals intelligence (SIGINT), human intelligence (HUMINT), geospatial intelligence (GEOINT), and other intelligence disciplines.²⁶ At present, the functional managers for SIGINT, HUMINT, GEOINT, and Measurement and Signals Intelligence (MASINT) are the Director of the NSA, the Director of the CIA, the Director of the NGA, and the Director of the Defense Intelligence Agency (DIA), respectively.

Duties of functional managers as described in E.O. 12333 may include:

• developing and implementing strategic guidance, policies, and procedures for activities related to a specific intelligence discipline or set of intelligence activities;
• setting training and tradecraft standards;
• ensuring coordination within and across intelligence disciplines and IC elements and with related non-intelligence activities; and
• advising on the management of resources; policies and procedures; collection capabilities and gaps; processing and dissemination of intelligence; technical architectures; and other issues or activities determined by the Director.²⁷

Functional managers integrate and coordinate two "pots" of intelligence money—"national" and "military."²⁸ (Table A-2 in the Appendix contains funding sources and illustrates the fact that the Directors of DIA, NGA, NRO, and NSA manage several types of intelligence money.)

In the original SSCI version of the legislation, Section 305 gave responsibility for designating functional managers (that is, the directors of the CIA, NSA, NGA, and DIA) to the President. In the IAA for FY2014 as enacted, the functional managers are designated by the DNI, consistent with E.O. 12333.

The reporting requirements in Section 306 call on each functional manager to identify those programs, projects, and activities that comprise the intelligence discipline for which they are responsible and to report on resource issues and other matters relevant to the state of the function. The provision requires nine elements in the functional manager report:

• 1. An identification of the capabilities, programs, and activities of such intelligence function, regardless of the element of the intelligence community that carried out such capabilities, programs, and activities.
• 2. A description of the investment and allocation of resources for such intelligence function, including an analysis of the allocation of resources within the context of the National Intelligence Strategy, priorities for recipients of resources, and areas of risk.
• 3. A description and assessment of the performance of such intelligence function.
• 4. An identification of any issues related to the application of technical interoperability standards in the capabilities, programs, and activities of such intelligence function.
• 5. An identification of the operational overlap or need for de-confliction, if any, within such intelligence function.
• 6. A description of any efforts to integrate such intelligence function with other intelligence disciplines as part of an integrated intelligence enterprise.
• 7. A description of any efforts to establish consistency in tradecraft and training within such intelligence function.
• 8. A description and assessment of developments in technology that bear on the future of such intelligence function.
• 9. Such other matters relating to such intelligence function as the Director may specify for purposes of this section.

Financial Auditability

Section 309 directs the DNI and the Directors of the, CIA, DIA, NSA, National Reconnaissance Office (NRO), and NGA to undergo full financial audits beginning with FY2014 financial statements. Some background is useful on this provision because there is a very long history of presidential and congressional oversight efforts to force the IC into compliance with federal financial accounting standards. IAAs and committee reports have contained a multitude of provisions along these lines since at least FY2002. The Senate report accompanying the IAA for FY2002 called for the financial statements of the NRO, NSA, CIA, DIA, and what is now the NGA to be audited by a statutory Inspector General (IG) or independent public accounting firm by March 1, 2005.²⁹ In the Senate report accompanying its IAA for FY2010, the SSCI noted the following IC response:

The bottom line is that more than ten years after the President called for action, and more than four years after the Committee anticipated receiving auditable statements, the five agencies are still unable either to produce auditable financial statements or receive favorable audit opinions on those that are auditable. The current projection for doing so is at least four years away.³⁰

The Senate report goes on to urge the IC to get its accounts auditable and to establish an IC-wide business enterprise architecture (BEA) and a consolidated financial statement for the National Intelligence Program:

Accordingly, the April 2007 plan has now been superseded by the imperative to construct a BEA, which makes the 2012 auditability timeline difficult or impossible to achieve for most agencies. Nonetheless, the Committee strongly supports this BEA work, which, if successful, will provide a stronger foundation for sustainable, financial auditability. Indeed, the Committee has repeatedly called for a BEA over the last four years. Section 322 of this bill is designed to empower the DNI's fledgling BTO to produce this business systems architecture.

Finally, the Committee believes that both the Congress and the DNI would benefit from the creation of a consolidated National Intelligence Program financial statement. Such a statement would provide valuable macro-level data and, once established, offer insight into financial trends within the Intelligence Community.³¹

Foreign Counterintelligence Program (FCIP) Merged Into General Defense Intelligence Program (GDIP)

Section 314 directs the DNI to merge the Foreign Counterintelligence Program (FCIP) into the (GDIP). The Director of DIA is program manager for both programs. The FCIP designation was an accounting tool to track money used solely for counterintelligence purposes. The GDIP and other IC budget programs are included in the Appendix.

Enhanced Oversight over Legal Opinions

Section 321 of the IAA for FY2014 focuses on the opinions of the Office of Legal Counsel (OLC) in the Department of Justice (DOJ) concerning intelligence activities. The provision is designed to increase the committees' ability to understand and question the legal reasoning behind OLC opinions relevant to the committees' oversight functions.³² This section requires the Attorney General to provide a listing of every opinion of the OLC that has been provided to an element of the IC, whether classified or unclassified. Provisions were made for information associated with covert action "findings"³³ and information subject to "executive privilege." The Senate report explains these provisions in the following manner:

While the Committee generally is kept apprised of the legal basis for U.S. intelligence activities, as required by Sections 502 and 503 of the National Security Act of 1947, neither the Department nor the IC routinely advises the Committee of the existence of OLC opinions that are relevant to the Committee's oversight functions. This presents an impediment to the Committee's oversight function, as the Committee cannot request access to legal analysis when it is not made aware that such analysis exists. Section 321 would ensure that the Committee is aware of the existence of relevant OLC opinions so that it can obtain access to the legal analysis set forth in these opinions through a process of accommodation with the Executive branch.³⁴

Enhanced Role in Appointments

Title IV of the IAA for FY2014 (P.L. 113-126) changes the appointment process for four key individuals, the Directors of NSA and NRO and the Inspectors General (IGs) of these two agencies, making all four presidential appointments with the advice and consent of the Senate.³⁵ With this change to the appointment process, the Senate Intelligence Committee may take a more active part in the selection of these four key individuals than it has in the past, in conjunction with the Senate Armed Services Committee.³⁶ See section below on "Implementing the Appointment Provisions."

Agency Directors

Until the IAA for FY2014, the President appointed the Director of the NSA based on a recommendation from the Secretary of Defense and the concurrence of the DNI.³⁷ Section 401 amends the National Security Agency Act of 1959 (P.L. 86-36) to provide that the Director of the NSA shall be appointed by the President by and with the advice and consent of the Senate, "in light of NSA's critical role in the national intelligence mission, particularly with respect to activities that may raise privacy concerns."³⁸

Enhanced congressional oversight of the NSA and its Director took on a new urgency in 2013. Beginning in June of that year, NSA contractor Edward Snowden released of thousands of classified National Security Agency (NSA) documents detailing the agency's vast data collection programs. The revelations prompted demands for greater privacy protections primarily within the context of intelligence counterterrorism and law enforcement activities.³⁹ Many wondered if provisions passed after the terrorist attacks in the United States on September 11, 2001 (9/11) had tipped the balance too far toward security at the expense of civil liberties.⁴⁰

Section 411 amends the National Security Act of 1947 (P.L. 80-253) to provide that the Director of the NRO shall be appointed by the President by and with the advice and consent of the Senate because of concerns associated with the acquisition of complex, expensive programs. According to the Senate Report:

The Director of the NRO is responsible for a number of highly technical programs that involve the obligation and expenditure of significant sums of appropriated funds. By requiring Presidential appointment and Senate confirmation of the NRO Director, Congress will be better able to fulfill its responsibility for providing oversight of these important programs.⁴¹

The NRO acquisition process was the subject of a HPSCI investigation throughout the 18-months preceding the IAA for FY2014. In July 2014, the HPSCI released a report titled Performance Audit of Intelligence Major Systems Acquisition, with a number of recommendations. For example, according to a HPSCI white paper on its classified report, recommendation 3 suggested that the "NRO should justify to the ODNI and Congress how it chooses the pace of its satellite acquisitions."⁴²

Inspectors General

The Inspector General Act of 1978 (P.L. 95-452) established a government-wide system of IGs, some appointed by the President with the advice and consent of the Senate and others administratively appointed by the heads of their respective federal entities.⁴³ IGs are authorized to ''conduct and supervise audits and investigations relating to the programs and operations'' of the government and ''to promote economy, efficiency, and effectiveness in the administration of, and ... to prevent and detect fraud and abuse in, such programs and operations."⁴⁴ They also perform an important reporting function by ''keeping the head of the establishment and the Congress fully and currently informed about problems and deficiencies relating to the administration of ... programs and operations and the necessity for and progress of corrective action."⁴⁵

Traditionally, the issue of IGs in the IC has focused on how independent from an agency director they can and should be. Concerns have been raised over whether an overzealous IG might pose a threat to agency operations.⁴⁶ For example, while the CIA has had an IG since 1952, it was only in 1989 that Congress enacted legislation mandating an "independent" IG at CIA, appointed by the President with the advice and consent of the Senate. Before that, CIA IGs were appointed by the Director of the Central Intelligence Agency.⁴⁷

The IAA for FY2010 called for a completely independent ODNI IG appointed by the President, with the advice and consent of the Senate, to report directly to the DNI. To enhance the IG's independence within the ODNI, the IG may be removed only by the President, who must communicate the reasons for the removal to the congressional intelligence committees.⁴⁸

By 2014, almost all the IGs in the IC were appointed by the President with the consent of the Senate, to include the IGs at the CIA, and the Departments of Defense, Energy, Homeland Security, Justice, State, and the Treasury. Sections 402 and 412 of the IAA for FY2014 amend the Inspector General Act of 1978 to include the NSA IG and NRO IG in this list.

According to the Senate Report, the NSA IG provision was designed with independence and privacy concerns in mind: "[to] ensure the NSA Inspector General operates independently of the Director of the Agency in overseeing the activities of the NSA, particularly with respect to activities that may raise privacy concerns."⁴⁹

The Senate Report explains the NRO IG provision in terms of independence and identifying fraud, waste and abuse:

The Inspector General of the NRO performs a critical role in overseeing complex, high-dollar value programs conducted by the NRO. In the past, the NRO Inspector General has been successful in identifying significant instances of fraud, waste, and abuse within the NRO. By requiring Presidential appointment and Senate confirmation of the NRO Inspector General, this provision will ensure the NRO Inspector General continues to operate with appropriate independence from the NRO Director in overseeing the activities of the NRO.⁵⁰

Implementing the Appointment Provisions

S.Res. 470⁵¹ was passed by the Senate on July 7, 2014 (in conjunction with the IAA for FY2014), to amend the committee's charter legislation⁵² and implement these new appointment provisions. The procedures in the Senate resolution point out the SSCI's shared jurisdiction with other IC oversight committees:

1) Assistant Attorney General for National Security: referred to the Judiciary Committee and, if and when reported, to the SSCI. This person heads the National Security Branch, a Federal Bureau of Investigation (FBI) component of the IC.

2) NSA Director, NSA/IG, NRO Director and NRO/IG:

a) If military and on active duty—referred to the SASC and, if and when reported, to the SSCI.

b) If civilian—referred to the SSCI and, if and when reported, to the SASC.

Notice that in each case, only the primary committee with jurisdiction has the right of refusal. The nomination proceeds forward, via the mechanism of sequential referral, only if the primary committee reports it out of committee. If the secondary committee fails to report the nomination after a specified time, the nomination is automatically discharged and placed on the Senate's Executive Calendar. In its report, the SSCI notes that it believes Senate confirmation of these four positions will improve oversight and accountability and, ultimately, the effectiveness of the agencies in question.

Insider Threats

Title V of P.L. 113-126 contains a number of provisions designed to improve security. Several address the "insider threat problem" and speak to recommendations made by a presidential group established to review intelligence and communications technologies. The insider threat problem refers to efforts by individuals who work within the IC to purposefully leak classified data and sabotage networks. The problem assumed critical proportions in 2013, when Edward Snowden, a contractor working inside NSA, released thousands of classified documents to the British newspaper The Guardian. The Snowden leaks came on the heels of Army Private Manning's 2010 release of thousands of classified documents to WikiLeaks.

In a short period of time, stealing secrets has gone from the laborious task of copying papers taken surreptitiously from filing cabinets to the current age in which files can be electronically copied onto thumb drives. Manning was said to have disguised his efforts by downloading secrets onto compact discs made to look like pop music recordings.⁵³

A presidential group headed by Richard Clarke issued a final report known by many as "The President's Review Group."⁵⁴ Section 501, for example, reflects the President's Review Group's recommendation (#38) to establish a personnel continuous monitoring program for those with classified information access. The HPSCI report language says ''the IC might have caught Snowden sooner if it had continuously evaluated the backgrounds of employees and contractors and if IC elements had more effectively shared potentially derogatory information about employees and contractors with each other."⁵⁵ According to the HPSCI, continuous evaluation "allows the IC to take advantage of lawfully available and public information to detect warning signals that the current system of 5 year periodic investigation misses."⁵⁶

The insider threat problem is discussed in some detail in the SSCI Report. It notes that "initiatives have been underway for years to deal with such contingencies, most recently the President's National Insider Threat Policy, signed in November 2012. However, the Committee is concerned that this policy has not been fully implemented across the IC. The Committee supports substantially enhancing and expediting efforts to deter the insider threat."⁵⁷

Intelligence Community Information Technology Enterprise (IC ITE)

In relation to protections against insider threats, the Senate report makes reference to the IC's information technology (IT) modernization effort—the IC Information Technology Enterprise (IC ITE, pronounced "eyesight")—and says that it "must provide the infrastructure to detect insider threats earlier and more effectively. Robust counterintelligence data and analytic tools to monitor, analyze and audit personnel behavior will be critical to this endeavor."⁵⁸ By way of explanation, the goal of IC ITE is a secure and trusted IT environment. IC ITE services focus on providing a common IC desktop, secure online collaboration tools, and secure common cloud architectures. If all goes as planned, IC ITE will help the IC to pool IT resources, cut costs, increase data storage capabilities, increase mission agility and efficiency, and increase the ability to protect all levels of data.⁵⁹

Security Clearance Reciprocity

In terms of the clearance process, provisions address the time and money associated with the security investigation and adjudication process, and reciprocity of clearances between agencies. Security clearance reciprocity refers to ongoing efforts to have "all security clearance background investigations and determinations completed by an authorized investigative agency or authorized adjudication agency ... accepted by all agencies."⁶⁰ Reports by the Government Accountability Office (GAO) and ODNI offer analysis which suggests that agencies may be reluctant to accept the background investigations or security clearance determinations made by other agencies.⁶¹

The Senate report accompanying S. 1681 provides background information to clarify some of the provisions associated with reciprocity—citing several problems associated with "out-of-scope" determinations.⁶² Out-of-scope refers to the fact that an individual's background investigation for one IC agency may not adhere to the requirements of another IC agency for a variety of possible reasons. For example, an out-of-scope determination may depend on factors associated with the depth and breadth of the background investigation or the lack of a particular type of polygraph examination. It may also be based on timing issues such as the time elapsed since the individual's initial investigation (or periodic update), a gap in his or her agency employment, or date of his or her last polygraph examination. If agency requirements do not match on any or all criteria, there may be an out-of-scope determination made by security personnel that overrides the reciprocity requirement.⁶³

The Senate report points out that some agencies are inconsistent when it comes to applying out-of-scope determinations—waiving inconsistencies for its own employees but not for employees of other agencies. It also points out what may be inefficiencies and unnecessary costs associated with the adjudication process.

The Committee understands that some agencies have denied security clearance reciprocity for some IC personnel where an eligibility determination is out-of-scope, even when the agency employs personnel whose eligibility determinations also are out of scope. In addition, the Committee understands that some agencies have delayed employment of personnel who have been determined to be eligible for access to classified information while the agency adjudicates their suitability for employment. The Committee believes that both of these practices inappropriately impede the movement of cleared personnel between agencies, often at significant cost to the government.⁶⁴

Section 501 requires the DNI, subject to the direction of the President, to ensure that the background of each employee or officer and contractor of the IC is monitored continuously to determine their eligibility for access to classified information; and secondly, to require IC elements to share potentially derogatory security information concerning any employee that may impact the eligibility of such individuals for a security clearance.

Section 504 requires the DNI to report to Congress each year, through 2017, on the reciprocal treatment of security clearances, including (1) the periods of time required by authorized adjudicative agencies for accepting background investigations and determinations completed by an authorized investigative entity or adjudicative agency; and (2) the total number of cases in which a background investigation or determination completed by an authorized investigative entity or adjudicative agency is, or is not, accepted by another agency.

Whistleblower Protections

Intelligence whistleblowers are generally IC employees or contractors who want to focus attention on possible agency wrongdoings. Such individuals can face retaliation from their employers for their disclosures, and the fear of such retaliation may deter whistleblowing. The IC Whistleblower Protection Act (ICWPA) of 1998 provides a process by which employees, or contractor employees, of the DIA, NGA, NRO, and the NSA can report matters of "urgent concern" to the intelligence committees of Congress.⁶⁵ The act was augmented by Presidential Policy Directive 19, signed by President Obama in 2012, which required IC agencies to provide employees with protections from retaliation.

This issue is a particular concern for the IC because it does not want individuals leaking classified information under the guise of "whistleblowing." On the other hand, whistleblowing is an important element of the oversight function, in that it helps overseers to identify "urgent concerns," defined as follows:⁶⁶

• A serious or flagrant problem, abuse, violation of law or Executive Order, or deficiency relating to the funding, administration, or operations of an intelligence activity involving classified information, but does not include differences of opinion concerning public policy matters;
• A false statement to Congress, or a willful withholding from Congress, on an issue of material fact relating to the funding, administration, or operation of an intelligence activity; and/or
• An action, including a personnel action described in Section 2302(a)(2)(A) of Title 5, constituting reprisal or threat of reprisal prohibited under Section 7(c) of the Inspector General Act of 1978, as amended, in response to an employee reporting an urgent concern.

When NSA contractor Edward Snowden was asked why he did not go to the government first, he cited the severe retaliation that previous IC whistleblowers experienced when they worked through institutional channels without specific rights.⁶⁷

Title VI of P.L. 113-126 provides additional protections for IC whistleblowers against reprisals. Section 602 includes due process protections, including the right (1) to an independent and impartial fact-finder; (2) for notice and the opportunity to be heard, including the opportunity to present relevant evidence, including witness testimony; (3) to be represented by counsel; (4) to receive a decision based on the record developed; and (5) to receive a decision within 180 days, unless the employee and the agency agree to an extension, or the impartial fact-finder determines in writing that a greater time period is needed in the interest of fairness or national security. An employee is permitted to appeal the agency's decision within 60 days of receiving it. Detailed procedures for each stage of the process are included in the bill. Some whistleblower advocates would like to see additional protections available to IC contractors as well.⁶⁸

Section 604 states that the legislation affords no protections for certain terminations of employment, if, for example, the Director or agency head determines the termination to be in the interest of the United States, determines that the procedures prescribed in other provisions of law that authorize the termination of the employee's employment cannot be invoked in a manner consistent with national security, and notifies Congress within five days of the termination. Additional information on Title VI provisions is available in CRS Report R43765, Intelligence Whistleblower Protections: In Brief, by [author name scrubbed].

Contractor Responsibility Watch List

There are several additional provisions in the SSCI Report that refer to activities not specifically mentioned in the unclassified bill but nonetheless include directive language.⁶⁹ For example, the SSCI Report includes a management-focused provision designed to enhance the procurement process with a "Contractor Responsibility Watch List."⁷⁰ The committee wants the IC to have a better sense of whether prospective vendors are debarred, suspended, or listed on the federal government's System for Awards Management (SAM), a Web-based system maintained by the General Services Administration (GSA). The report cites the following concerns.⁷¹

[T]he IC does not have an IC-wide mechanism for identifying and tracking exploitative, unscrupulous, suspended or debarred contractors to ensure the Community deals only with vendors who are responsible in fulfilling their legal and contractual obligations. It is through the sharing of such information that the IC can make informed decisions, ensure the Community conducts business only with responsible contractors, prevent suspended and debarred contractors from initiating or repeating business throughout the IC, and avoid misuse or loss of potentially billions of dollars of taxpayer money.

The IAA for FY2015 (P.L. 113-293)

In the normal legislative process, after one house passes a bill and the other then passes it with amendments, the House and Senate need to resolve the differences between their positions and agree to exactly the same language. A formal conference committee may not be necessary if the two chambers can reach an agreement through informal negotiations—as was the case with the IAA for FY2015.⁷² The IAA for FY2015 was the product of extensive inter-chamber negotiation. Several provisions in the original H.R. 4681 no longer appear in the amended version of H.R. 4681 passed in December.⁷³ For example, Title IV, proposing a General Counsel to the NSA IG, is no longer included. Other provisions, such as Section 305 on "functional managers," were incorporated into the IAA for FY2014 passed in July 2014.

In the absence of a conference committee, there was no formal conference committee report to accompany the amended version of H.R. 4681. Instead, a short "Joint Explanatory Statement" was read into the Congressional Record on December 9, 2014.⁷⁴ In a number of cases, the formal HPSCI and SSCI committee reports (H.Rept. 113-463 and S.Rept. 113-233) accompanying the committee's originally proposed legislation offer fuller descriptions of the provisions in the amended H.R. 4681 than those contained in the joint statement. Unfortunately, section numbers for similar provisions vary across these reports, and determining what is new or different in the IAA for 2015 can be difficult.

Table 3 lists selected provisions in the IAA for FY2015 (P.L. 113-293) and provides corresponding provisions in the original House and Senate versions, if present. For example, Section 309 of the IAA for FY2015, on data retention, is Section 306 in S. 2741. Section 307 on management and oversight of financial intelligence, is Section 304 in S. 2741. Section 303 requiring a National Intelligence Strategy is new, but reads much like the provision for a Quadrennial Intelligence Strategic Review in S. 2741. Section 310 is new but is simply a technical correction to existing statutory language (see "Whistle Blower Protections and Security Clearances" section below). Section 323 requiring an annual report on violations of law or EO has corresponding provisions in both the original H.R. 4681 (Section 321) and S. 2741 (Section 313).

National Intelligence Strategy (NIS)

Section 303 of the IAA for FY2015 requires the DNI to develop a NIS every four years beginning in 2017.⁷⁵ In part, this requirement codifies an existing practice in that the ODNI has been producing a NIS since 2005, but it also adds specific requirements.

Section 303 requires each strategy, in a manner consistent with other relevant U.S. agencies' strategic plans and national-level plans, to do a number of things such as the following: (1) address national and military intelligence, including counterintelligence; (2) identify current and future major national security missions of the intelligence community, including factors that may affect performance during the following 10-year period; (3) assess threats from foreign intelligence and security services, as well as insider threats; (4) outline organizational roles and missions; and (5) identify sources of strategic, institutional, programmatic, fiscal, and technological risk.

The 2005 NIS was produced largely in reaction to provisions included in the Intelligence Reform and Terrorism Prevention Act of 2004 (P.L. 108-458), referred to as the Intelligence Reform Act or IRTPA.⁷⁶ The IRTPA did not specifically mandate one overarching NIS, but did require strategic plans for many intelligence-related activities such as counterterrorism and partnerships with foreign countries. The 2005 NIS implemented while Ambassador John Negroponte was DNI was updated in 2009 under DNI Dennis Blair and again in 2014 by DNI James Clapper.⁷⁷

In addition to the NIS, Section 303 also requires a report on the NIS from the DNI no later than 45 days after the completion of such strategy. The suggested contents of the DNI report are not enumerated. Its intent appears to be to complement the NIS by providing additional information that clarifies the relationship between the NIS and other IC strategy and policy documents.

Data on U.S. Persons

Section 309 prescribes how long data on U.S. persons can be retained if it is acquired incidentally (that is, inadvertently obtained) as part of investigations of foreign persons—and therefore, obtained without a court order and without consent.

Privacy advocates raised objections to Section 309 shortly before bill passage in the House arguing the provision expands the government's authority to collect the communications of U.S. persons.⁷⁸ The intelligence committees defended the provisions, countering that Section 309 does the opposite—it "protects privacy rights.… Although the executive branch already follows procedures along these lines, Section 309 would enshrine the requirement in law."⁷⁹

Section 309 requires all IC elements to adopt Attorney General-approved procedures to prohibit retention for a period in excess of five years of nonpublic telephone or electronic communications to or from a U.S. person that are acquired without a court order and without the consent of a person who is a party to the communication (including communications in electronic storage), with some national security-related exceptions.⁸⁰

The section also requires the head of an IC element approving retention in excess of five years to certify to Congress (1) the reasons extended retention is necessary to protect U.S. national security, (2) the duration of the retention, the particular information to be retained, (3) the measures being taken to protect the privacy interests of U.S. persons or persons located inside the United States.

Whistle Blower Protections and Security Clearances

Section 310 is a technical provision that adds to the Whistle Blower protections discussed earlier in this report as part of the IAA for FY2014. It amends legislation⁸¹ pertaining to policies and procedures associated with security clearance actions taken against individuals alleging reprisal for having made a protected disclosure.

If a determination is made to suspend or revoke a security clearance (or access to classified information), this provision allows employees to retain their government employment status while the challenge is pending. The provision extends protections, to the extent practicable, to individuals alleging reprisal for having made a protected disclosure (provided the individual does not disclose classified information or other information contrary to law) to appeal any action affecting an employee's access to classified information.

The Homeland Security Intelligence Program

Section 324 requires the Department of Homeland Security (DHS) Under Secretary for Intelligence and Analysis (USDHS/I&A) to provide the congressional intelligence committees with a report on each intelligence activity of each intelligence component of the Department that includes, among other things, the amount of funding requested, the number of full-time employees, and the number of full-time contractor employees. In addition, Section 324 requires the Secretary of Homeland Security to submit to the congressional intelligence committees a report that examines the feasibility and advisability of consolidating the planning, programming, and resourcing of such activities within the Homeland Security Intelligence Program (HSIP).

According to the Joint Explanatory Statement accompanying the IAA for FY2015

The HSIP [Homeland Security Intelligence Program] budget was established to fund those intelligence activities that principally support missions of the DHS separately from those of the NIP [National Intelligence Program]. To date, however, this mechanism has only been used to supplement the budget for the office of Intelligence and Analysis. It has not been used to fund the activities of the non-IC components in the DHS that conduct intelligence-related activities. As a result, there is no comprehensive reporting to Congress regarding the overall resources and personnel required in support of the Department's intelligence activities.⁸²

This section is significant from an oversight perspective because it addresses shared jurisdiction between the Intelligence and Homeland Security Committees. By way of explanation, DHS/I&A is an element of the IC and is funded with National Intelligence Program (NIP) dollars.⁸³ However, DHS has other intelligence activities that are funded entirely with DHS money. Theoretically, those activities support the DHS mission, as opposed to an IC-wide mission (intelligence for the use of Customs only, for example). This DHS-only intelligence money is called the Homeland Security Intelligence Program (HSIP). Because it is not part of the NIP, it does not belong to the DNI; it belongs instead to the Secretary of Homeland Security. The Department of Homeland Security is overseen by the Homeland Security Committees. This is a case of shared jurisdiction over intelligence-related activities. For more on IC budget programs, see the IC budget section in the Appendix.

Regional Issues

Section 312 illustrates the way in which certain issues such as cybersecurity and cybercrime transcend traditional boundaries between law enforcement and intelligence, and between congressional committees—in this case intelligence and judiciary. Its provisions express the sense of Congress that the President, working with the government of Ukraine should:

• initiate U.S.-Ukraine bilateral talks on cybersecurity threat and cybercrime cooperation, with additional multilateral talks that include other law enforcement partners such as Europol and Interpol;
• work to obtain a commitment from Ukraine to end cybercrime directed at persons outside Ukraine and to work with the United States and other allies to deter and convict known cybercriminals;
• establish a capacity-building program with Ukraine, which could include joint intelligence efforts, U.S. law enforcement agents being sent to Ukraine to aid investigations, and agreements to connect U.S. and Ukrainian law enforcement agencies through communications networks and hotlines; and
• establish and maintain a scorecard with metrics to measure Ukraine's responses to U.S. requests for intelligence or law enforcement assistance.

Two sections refer to diplomatic facilities in the Russian Federation. Section 313 is directed at the Department of State and requires the Secretary to ensure that every supervisory position at a U.S. diplomatic facility in the Russian Federation is occupied by a U.S. citizen who is subject to and has passed a thorough background check. It also directs the Secretary to submit to Congress a plan to further reduce the reliance on locally employed staff in such facilities. Section 314 requires restricted access space to be included in each U.S. diplomatic facility that is constructed in, or undergoes a construction upgrade in, the Russian Federation, any country that shares a land border with the Russian Federation, or any country that is a former member of the Soviet Union.⁸⁴

Section 325 directs the DNI to report to the congressional intelligence committees, the Senate Foreign Relations Committee and the House Foreign Affairs Committee, regarding political prison camps in North Korea. It requires such report to describe U.S. actions to support implementation of the recommendations of the U.N. Commission of Inquiry on Human Rights in the Democratic People's Republic of Korea, including the eventual establishment of a tribunal to hold individuals accountable for abuses. It also requires as much information as possible on topics such as prisoner populations, treatment and living conditions.

Contractor Level Assessments

Improved planning for, and management of contractors has been a recurring theme in IC legislation, particularly since September 11, 2001. The IAA for FY2015 is no exception. Section 327 amends the National Security Act to require annual personnel level assessments for the IC that include a separate estimate of the number of intelligence collectors and analysts contracted by each element of the IC and a description of the functions performed by such contractors.

The request echoes a similar requirement for information made five years ago—in Section 339 of the IAA for FY2010 (P.L. 111-259). Section 339 required the DNI to submit a single report (by February 2011) describing a number of contractor related issues across the IC to include hiring, training and retention; clearances; conversion of contractors to U.S. government employees; accountability mechanisms; number of contracts; and costs. Section 339 requirements included contractors associated with intelligence collection, analysis, and covert actions (including rendition, detention and interrogation activities).

The dramatic growth in IC contracting activities following the September 11, 2001, attacks on the United States has primarily been associated with the need for "surge" capacity. According to Ronald Sanders, Associate DNI when he wrote the following in 2007,

[O]ur agencies simply did not have enough people to do the job. In the months after Sept. 11, 2001, contract personnel emerged as our "reserves," allowing us to surge to meet unprecedented mission demands. Why not just hire more civilians? We have, but it takes years to train and develop intelligence analysts and case officers. In the interim, contract personnel have filled the gap, in many cases with decades of priceless experience.⁸⁵

Congressional overseers have long recognized that contractors provide a wide range of services for the IC (just as they do for the military) from transportation, construction, and support services, to intelligence collection, analysis and private security. Contractors provide a surge capability, quickly delivering critical support capabilities tailored to specific intelligence needs. Because contractors can be hired when a particular need arises and released when their services are no longer needed, contractors can be less expensive in the long run than maintaining a permanent in-house capability.⁸⁶

Unfortunately, critics argue that contractors can also compromise the credibility and effectiveness of the IC and undermine operations.⁸⁷ Concerns over government reliance on contractors often focus on cost, accountability, and workforce issues.⁸⁸ Most recently, the SSCI Study of the CIA's Detention and Interrogation Program has renewed debate over which activities performed by contractors are "inherently governmental."⁸⁹ According to the SSCI Study's Finding 13, "The psychologists carried out inherently governmental functions, such as acting as liaison between the CIA and foreign intelligence services, assessing the effectiveness of the interrogation program, and participating in the interrogation of detainees held in foreign government custody."⁹⁰

Memoranda of Understanding May Improve Intelligence Sharing

Section 328 requires the USDHS/I&A to provide appropriate congressional committees with an assessment of the usefulness of memoranda of understanding signed between federal, state, local, tribal, and territorial agencies to improve intelligence-sharing within and separate from the Joint Terrorism Task Force (JTTF). JTTFs are operated by the Federal Bureau of Investigation (FBI) and are based in 104 cities nationwide. Although they have been in existence since 1980,⁹¹ 71 have been created since 9/11. Their primary purpose is to co-locate counterterrorism-related resources to enhance coordination and collaboration. According to the FBI, they consist of "small cells of highly trained, locally based, passionately committed investigators, analysts, linguists, SWAT experts, and other specialists from dozens of U.S. law enforcement and intelligence agencies."⁹² The FBI describes a JTTF's duties as follows: "chase down leads, gather evidence, make arrests, provide security for special events, conduct training, collect and share intelligence, and respond to threats and incidents at a moment's notice."⁹³

Section 328 was prompted by April 2013 bombing of the Boston Marathon.⁹⁴ A 2014 Report collectively issued by four IGs (the IGs for the DNI, CIA, DOJ, and DHS) found that the FBI, CIA, DHS, and National Counterterrorism Center (NCTC) generally shared information and followed procedures appropriately, but improvements could be made. The report recommended (1) the FBI and DHS clarify JTTF alert procedures, and (2) the FBI consider establishing a procedure for sharing threat information with state and local partners more proactively and uniformly.⁹⁵ According to the intelligence committees' Joint Explanatory Statement, Section 328 "should help identify any obstacles to intelligence sharing between agencies, particularly any obstacles that might have impeded intelligence sharing in the wake of the April 2013 bombing of the Boston Marathon, and find improvements to existing intelligence sharing relationships."⁹⁶

Counterterrorism Strategy

Section 330 directs the DNI to submit an unclassified comprehensive report⁹⁷ on the U.S. counterterrorism (CT) strategy to disrupt, dismantle, and defeat al-Qaeda and its affiliated or associated groups to the appropriate committees in Congress. The committee envisions an interagency approach, coordinated by the DNI, including the views of the Secretaries of State, Treasury, and Defense, the Attorney General, and the head of any other appropriate department or agency of the United States Government. Required elements of the report include an assessment of the strengthening or weakening of the groups in question from January 1, 2010, to the present.

The CT report required by Section 330 should complement a report required in the FY2008 Supplemental Appropriations Act (P.L. 110-252, §9304) that required a comprehensive global strategy to defeat al Qaeda and its affiliates—jointly submitted by the Secretaries of Defense, State, and Homeland Security, in coordination with the Chairman of the Joint Chiefs of Staff and the DNI. The strategy submitted to Congress in 2008 was classified.⁹⁸

FIX-ITT (Financial Exchange and Intelligence Integration)

The SSCI report accompanying the FY2015 legislation directs the DNI to provide performance assessments for a new initiative called "FIX-ITT" (Financial Exchange and Intelligence Integration). The committee "applauds" improvements made by the National Intelligence Manager for Threat Finance and Transnational Organized Crime in response to language in the FY2014 legislation.⁹⁹ FIX-ITT is an ODNI integrating effort to bring all financial intelligence-related activities spread across various IC agencies together to better understand, map, and disrupt terrorist organizations, narco-trafficking networks, proliferation networks, organized crime, and other threats.¹⁰⁰

Intelligence Community: In Brief

The congressional intelligence committees oversee the activities of the 17 components that currently comprise the U.S. Intelligence Community (IC). This confederation of agencies is led and managed on a daily basis by the Director of National Intelligence (DNI), with the assistance of the leadership team within the Office of the DNI (ODNI) to include the Director of Defense Intelligence (DDI).¹⁰¹ The core mission of ODNI is to lead the IC in intelligence integration—synchronizing collection, analysis, and counterintelligence so that they are fused—effectively operating as one team.¹⁰²

The task of leading the IC is particularly challenging because the IC is spread across six separate Cabinet departments and one independent agency within the executive branch. In fact, most intelligence offices/agencies have a dual mission: (1) support to national-level intelligence related activities managed by the DNI and (2) support to operational-level intelligence related activities managed by their parent department.

An overview of the IC components, leadership structure, and the overarching budget aggregations known as the National Intelligence Program (NIP) and the Military Intelligence Program (MIP) provides some of the basic terminology necessary to understanding intelligence legislation.

Components

The IC, as defined in 50 U.S. Code §401a (4), consists of the following components:

• The Office of the Director of National Intelligence.
• The Central Intelligence Agency.
• The National Security Agency.
• The Defense Intelligence Agency.
• The National Geospatial-Intelligence Agency.
• The National Reconnaissance Office.
• Other offices within the Department of Defense for the collection of specialized national intelligence through reconnaissance programs.
• The intelligence elements of the Army, the Navy, the Air Force, the Marine Corps, the Federal Bureau of Investigation, and the Department of Energy.
• The Bureau of Intelligence and Research of the Department of State.
• The Office of Intelligence and Analysis of the Department of the Treasury.
• The elements of the Department of Homeland Security concerned with the analysis of intelligence information, including the Office of Intelligence of the Coast Guard.
• Such other elements of any other department or agency as may be designated by the President, or designated jointly by the Director of National Intelligence and the head of the department or agency concerned, as an element of the IC.

Leadership Structure: the DNI and USD(I)

The Director of National Intelligence

The Intelligence Reform and Terrorism Prevention Act of 2004 (P.L. 108-458), referred to as the Intelligence Reform Act or IRTPA, is widely considered to be the most significant legislation affecting the IC since the National Security Act of 1947. Most notably, the IRTPA established the position of DNI with more extensive authorities to coordinate the nation's intelligence effort than those formerly possessed by Directors of Central Intelligence (DCI).¹⁰³ The 9/11 Commission concluded that a central lesson that Congress and the executive branch drew from the 9/11 attacks was that there had been inadequate interagency coordination partially as a result of separate statutory missions and administrative barriers.¹⁰⁴ A number of reform measures were passed—a great many of which were designed to more closely and effectively coordinate the acquisition and dissemination of available intelligence. In terms of enhancing DNI's authorities over other IC leaders, the IRTPA focused particularly on personnel, tasking, acquisition, and budget.

The IRTPA divided the DCI's three major responsibilities between two new positions—the Director of the CIA (DCIA) and DNI—making the new DNI both community manager and principal advisor to the President (and leaving leadership of the CIA to its director). The DNI speaks for U.S. intelligence agencies, he briefs the President, has authority to develop the budget for the national intelligence effort and manage appropriations made by Congress, and, to some extent, can transfer personnel and funds from one agency to another. The ODNI, a staff of some 1,600 officials along with additional contract personnel, works to carry out the DNI's responsibilities. The President appoints the DNI with the advice and consent of the Senate.

The Office of the DNI

The ODNI carries out what it calls its "core" integration responsibilities with the help of several statutory components within the ODNI to include the National Counterterrorism Center (NCTC), the National Counterproliferation Center (NCPC), the National Counterintelligence Executive (NCIX), and the National Intelligence Council (NIC). Figure A-1 illustrates the composition of the ODNI to include its core activities, "enabler," and "oversight" offices. Enabler offices focus on IC-wide concerns such as acquisition, budget, human capital, policy and strategy, and systems and resource analysis. Oversight offices such as the General Counsel, Inspector General, and the Civil Liberties and Privacy Protection Office focus on IC-wide activities such as compliance with U.S. law, investigating allegations of fraud, waste, and abuse, and other issues.¹⁰⁵

Figure A-1. Office of the Director of National Intelligence

Source: "Organization," at http://www.dni.gov.

The Under Secretary of Defense (Intelligence)/Director of Defense Intelligence

For reasons similar to those associated with the creation of the DNI, but by means of a different statute,¹⁰⁶ the position of Under Secretary of Defense (Intelligence) (USD(I)) was established in 2003. The law divided the duties associated with the former Assistant Secretary of Defense for Command, Control, Communications and Intelligence, or ASD/C3I, into two positions—one position responsible for managing the intelligence portfolio, and one position responsible for supervising information systems across the DOD. The statute and DOD directives¹⁰⁷ gave the USD(I) significant authorities for the direction and control of intelligence agencies within the DOD.

In May 2007, the Secretary of Defense and DNI formally agreed in a Memorandum of Agreement (MOA) that the position would be "dual-hatted"—the incumbent acting as both the USD(I) within the Office of the Secretary of Defense (OSD) and Director of Defense Intelligence (DDI) within the ODNI in order to improve the integration of national and military intelligence.¹⁰⁸ According to the MOA, when acting as DDI, the incumbent reports directly to the DNI and serves as his principal advisor regarding defense intelligence matters. James Clapper, DDI at the time, said that the creation of the DDI position was a way to better "strengthen the relationship between the DNI and the DOD … (and) to facilitate staff interaction and promote synchronization."¹⁰⁹ The MOA did not alter the statutory responsibilities or authorities of either the Secretary of Defense or the DNI.

The Intelligence Budget

Many authorities and responsibilities associated with the DNI and USD(I) make reference to the national and military intelligence programs—known commonly as "the NIP and MIP." The terms NIP and MIP are fairly new, the former created by the IRTPA of 2004 Section 1074, and the latter created by DOD Directive in 2005.¹¹⁰ Prior to the IRTPA, the NIP was known as the National Foreign Intelligence Program (NFIP). The MIP represents the merger of two programs formerly known as the Tactical Intelligence and Related Activities (TIARA) Program and the Joint Military Intelligence Program (JMIP).¹¹¹

The DNI is most closely associated with the NIP and the USD(I) (in his role as DDI) is most closely associated with the MIP. Together, they oversee a number of interagency activities designed to facilitate the "seamless integration" of NIP and MIP intelligence efforts. Mutually beneficial programs, for example, may receive both NIP and MIP resources.¹¹² The NIP is associated with national-level intelligence. Some NIP programs fall within the DOD, some do not. Dr. Mark Lowenthal, former HPSCI Staff Director, describes the NIP as "programs that either transcend the bounds of any one agency or are nondefense in nature."¹¹³ 50 U.S.C. Section 401a (6) defines the term "National Intelligence Program" as

[A]ll programs, projects, and activities of the IC, as well as any other programs of the IC designated jointly by the Director of National Intelligence and the head of a United States department or agency or by the President. Such term does not include programs, projects, or activities of the military departments to acquire intelligence solely for the planning and conduct of tactical military operations by United States Armed Forces.

Both defense and nondefense NIP funds are determined and controlled by the DNI, from budget development through execution. The NIP is often perceived as more complicated than the MIP because it is an aggregation of 14 programs that span the entire IC. NIP programs are capabilities based. Cryptology, for example, is a capability that spans several IC components. Each program within the NIP is headed by a Program Manager. These Program Managers exercise daily direct control over their NIP resources. The DNI acts as an intermediary in the budget process, between these managers, on the one side, and the President and Congress on the other.¹¹⁴

In contrast, "the MIP" is only those defense dollars associated with the operational and tactical-level activities of the military services. It all "belongs" to the Secretary of Defense.¹¹⁵ It refers to service specific and DOD wide intelligence assets that are seen as "organic" to military units (e.g., deployable SIGINT personnel and equipment or tactical reconnaissance aircraft).¹¹⁶ According to the MIP charter directive¹¹⁷

The MIP consists of programs, projects, or activities that support the Secretary of Defense's intelligence, counterintelligence, and related intelligence responsibilities. This includes those intelligence and counterintelligence programs, projects, or activities that provide capabilities to meet warfighters' operational and tactical requirements more effectively. The term excludes capabilities associated with a weapons system whose primary mission is not intelligence.

The MIP label is a tool that allows the USD(I) to collectively manage all the dispersed funds associated with military intelligence support to the DOD "warfighters." As its Program Executive, the USD(I) as DDI

[L]eads all Department of Defense actions involving the MIP, including issuing guidance, coordinating its development and execution, and chairing groups to address programmatic issues; and monitors the broader Battle Space Awareness Portfolio to achieve balance and synergies from its panoply of intelligence, surveillance and reconnaissance, command and control complementary capabilities.¹¹⁸

MIP Component Managers are "the individual(s) assigned by either this Directive, the Secretary of a Military Department, or the Commander, USSOCOM ... responsible for managing MIP resources within his or her respective MIP Component in accordance with USD(I) guidance and policy."¹¹⁹ The MIP components include the Office of the Secretary of Defense, Military Departments, U.S. Special Operations Command (USSOCOM), DIA, NGA, NRO, and the NSA/CSS.¹²⁰

Table A-1 identifies four defense NIP programs: the Consolidated Cryptologic Program (CCP); General Defense Intelligence Program (GDIP); National Geospatial-Intelligence Program (NGP); and the National Reconnaissance Program (NRP). Intelligence authorization legislation passed in July 2014 merged the Foreign Counterintelligence Program (FCIP) into the GDIP program.¹²¹

Table A-1 identifies eight nondefense NIP programs: the Central Intelligence Agency Program (CIAP); the CIA's Retirement and Disability System¹²² (CIARDS); the Office of the DNI¹²³ (CMA); and the intelligence entities within the departments of Energy, Homeland Security, Justice, State, and the Treasury.

Table A-1 identifies 10 MIP programs: the DIA MIP, NGA MIP, NRO MIP, NSA/CSS MIP, OSD MIP, USSOCOM MIP and service-specific MIP (Air Force MIP, Army MIP, Navy MIP, and Marine Corps MIP). Of the nine Combatant Commands (COCOMs) only USSOCOM has its own budget.¹²⁴ The other COCOMs submit their budget requests through the military departments.

Table A-2 illustrates that six IC components have both MIP and NIP funding sources. The directors of DIA, NGA, NRO, and NSA are "dual-hatted" as Program Managers for their NIP funds and Component Managers for their MIP funds. Exactly what goes into what budgetary pot is not precise. Those decisions are guided by what is known as the NIP MIP "Rules of the Road."¹²⁵

Author Contact Information

Footnotes

1.	The Senate and House intelligence committees were established in 1976 and 1977, respectively.
2.	The Intelligence Community is a federation of 17 separate executive branch agencies that work separately and together to conduct the activities necessary to produce the intelligence required for the conduct of foreign relations and the protection of the national security of the United States. For a list of the components, see the Appendix.
3.	A term in vogue since 2010—associated with, and frequently used by, DNI James Clapper in reference to the IC. See Tom Shorrock, "Clapper: Managing the Intelligence Enterprise," Foreign Policy In Focus, (June 18, 2010), at http://fpif.org/clapper_managing_the_intelligence_enterprise/. See also Office of the Director of National Intelligence, National Intelligence Strategy 2014, p. 16, at http://www.dni.gov/files/documents/2014_NIS_Publication.pdf.
4.	Office of the Director of National Intelligence, "DNI Unveils 2014 National Intelligence Strategy," ODNI News Release No. 40-14, September 18, 2014, at http://www.dni.gov/files/documents/2014_NIS_Publication.pdf.
5.	S.Res. 400 §A.
6.	These secure spaces are known as Secure Compartmented Information Facilities (SCIFs).
7.	Other windows into committee operations include occasional open hearings such as the annual threat briefing by the Director of National Intelligence, reports of committee investigations, and so on. See committee websites: http://intelligence.house.gov and http://www.intelligence.senate.gov/.
8.	For FY2014, the aggregate amount (base and supplemental) appropriated to the national and military intelligence programs totaled $67.9 billion. (NIP $50.5 billion, MIP $17.4B billion) See Office of the DNI, "DNI Releases Budget Figure for FY2014 National Intelligence Program," News Release No. 43-14, October 30, 2014, at http://www.dni.gov/index.php/newsroom/press-releases/. See also Department of Defense, "DOD Releases Military Intelligence Program (MIP) Appropriated Top Line Budget for Fiscal Year (FY) 2014," Release No: NR-550-14, October 30, 2014, at http://www.defense.gov/releases/. See also CRS Report R42061, Intelligence Spending and Appropriations: Issues for Congress, by [author name scrubbed] and [author name scrubbed].
9.	U.S. Congress, House Permanent Select Committee, Intelligence Authorization Act for Fiscal Years 2014 and 2015, report to accompany H.R. 4681, 113th Congress, 2d sess., H.Rept. 113-463, (Washington DC: GPO, 2014), p. 17.
10.	S.Res. 400, §12; H.Res. 658, §11(I). (Both resolutions provided an exception for continuing appropriations bills or resolutions.) The extra power is because most agencies in the executive branch spend appropriated money free of the restrictions imposed by Section 504. There is no statutory reason to prohibit them from spending appropriated funds—especially if authorizing committees failed to pass authorization bills. See CRS Report R42098, Authorization of Appropriations: Procedural and Legal Issues, by [author name scrubbed] and [author name scrubbed]. The IC is careful to spend money only if it both authorized and appropriated. See Dan Elkins, Managing Intelligence Resources, 4th Edition, (Dewey, AZ: DWE Press, 2014), p. 7-8.
11.	50 U.S.C. §414(a)(1). The requirement for "specific authorization" was added to the National Security Act by the Intelligence Authorization Act for FY1986 (P.L. 99-169), §401(a). The report accompanying the House version of H.R. 2419 (which became P.L. 99-169) stated that "Specifically authorized is defined to mean that the activity and the amounts to be spent for that activity have been identified in a formal budget request to the Congress and that Congress has either authorized those funds to be appropriated and they have been appropriated, or, whether or not the funds have been requested, the Congress has specifically authorized a particular activity, and authorized and appropriated funds for that activity." U.S. Congress, House Permanent Select Committee on Intelligence, Intelligence Authorization Act for Fiscal Year 1986, Report to accompany H.R. 2419, 99th Congress, 1st sess., H.Rept. 99-106, Part 1, (Washington DC: GPO, May 15, 1985), p. 8. A concern existed at the time that funds had been used by the Reagan Administration for intelligence activities in Central America without appropriate congressional support or even awareness.
12.	See, for example, language in P.L. 110-116: "SEC. 8084. Funds appropriated by this Act, or made available by the transfer of funds in this Act, for intelligence activities are deemed to be specifically authorized by the Congress for purposes of section 504 of the National Security Act of 1947 (50 U.S.C. §414) during fiscal year 2008 until the enactment of the Intelligence Authorization Act for fiscal year 2008."
13.	H.Rept. 113-463, p. 18.
14.	See for example, U.S. Congress, Senate Select Committee on Intelligence, Intelligence Authorization Act for Fiscal Year 2015, report to accompany S. 2741, 113th Congress, 2nd sess., S.Rept. 113-233, (Washington DC: GPO, July 31, 2014), pp. 1-2: "Other than for limited unclassified appropriations, primarily the Intelligence Community Management Account, the classified nature of United States intelligence activities precludes any further disclosure, including by the Committee, of the details of its budgetary recommendations. Accordingly, the Committee has prepared a classified annex to this report that contains a classified Schedule of Authorizations. The classified Schedule of Authorizations is incorporated by reference in the Act and has the legal status of public law. The classified annex is made available to the Committees on Appropriations of the Senate and the House of Representatives and to the President. It is also available for review by any Member of the Senate subject to the provisions of Senate Resolution 400 of the 94th Congress (1976)."
15.	See remarks by Rep. Michael Rogers, Congressional Record, vol. 159 (November 21, 2013), p. H7335.
16.	Per S.Res. 400 §3(b)(1), and by convention, the Senate's version of the IAA is sequentially referred to the Senate Armed Services Committee before it is voted on in the Senate.
17.	For details, see CRS Report R40240, Intelligence Authorization Legislation: Status and Challenges, by [author name scrubbed].
18.	U.S. Congress, House Permanent Select Committee on Intelligence, Intelligence Authorization Act for Fiscal Year 2014, report to accompany H.R. 3381, 113th Congress, 1st sess., H.Rept. 113-277, (Washington DC: GPO, November 25, 2013), "Committee Statement and Views," on p. 8, "For too many years, intelligence authorization negotiations were the victim of partisan infighting and turf battles."
19.	See for example, Jennifer Sims and Burton Gerber, Transforming U.S. Intelligence, (Washington DC: Georgetown University Press, 200C). p. 245.
20.	Other committees with jurisdictional claims to legislative engagement with the IC include the House and Senate Armed Services, Appropriations, Judiciary, Homeland Security, Foreign Affairs/Foreign Relations, and Government Reform/Operations committees.
21.	Senator Feinstein assumed chairmanship of the SSCI in January 2009 and Representative Rogers assumed HPSCI chairmanship in 2011. For an example of their bipartisan/bicameral approach to intelligence oversight, see "Leaders of Senate and House Intelligence Committees Praise Passage of 29th Intelligence Authorization Bill," SSCI Press Release, December 14th, 2011, at http://www.intelligence.senate.gov/press/record.cfm?id=335622. In 2010 Reyes shepherded into law the first intelligence reauthorization bill in six years. See Pam Benson, "Bill Gives More in Congress Access to Secret Intellignce," CNN, September 30, 2010, at http://www.cnn.com/2010/POLITICS/09/30/congress.secret.intelligence.bill/index.html
22.	For more on IARPA, go to http://www.iarpa.gov.
23.	Peter Highnam, IARPA Director, "Opening Remarks," IARPA Day, College Park Marriott & Conference Center, Hyattsville, Maryland, October 30th, 2014.
24.	S.Rept. 113-120, p. 18.
25.	Ibid., p. 21.
26.	E.O. 12333, "U.S. Intelligence Activities," 46 Federal Register 59941, (As amended by Executive Orders 13284 (2003), 13355 (2004) and 13470 (2008)), §1.3(b)(12)
27.	Ibid.
28.	For more on IC budget categories, see Appendix.
29.	S.Rept. 107-63.
30.	U.S. Congress, Senate Select Committee on Intelligence, Intelligence Authorization Act for Fiscal Year 2010, Report to accompany S. 1494, 111th Cong., 1st sess., July 21, 2009, S.Rept. 111-55, pp. 57-58.
31.	Ibid. Provisions in the IAA for FY2010 amend 50 U.S. Code to include §3100 "Intelligence Community business system transformation."
32.	Intelligence Committee concerns about OLC legal reasoning stem, in part, from opinions related to the CIA Detention and Interrogation Program, particularly the legal reasoning justifying the use of waterboarding as an Enhanced Interrogation Technique. See, for example, John D. Rockefeller, "Release of Declassified Narrative Describing the Department of Justice Office of Legal Counsel's Opinions on the CIA Detention and Interrogation Program," April 22, 2009, at http://www.intelligence.senate.gov/pdfs/olcopinion.pdf.
33.	"Finding" is a term that refers the requirement that a president put in writing when he or she determines that a covert action is "important to national security." The requirement goes back to December 1974, when Congress passed the "Hughes-Ryan Amendment" to the Foreign Assistance Act of 1961, formalizing the regulation of covert actions, primarily in reaction to President Nixon's covert bombings in Cambodia. The Hughes-Ryan Amendment required that any covert action be supported by a Presidential finding that the action was "important to the national security" and that the President report "in a timely fashion, a description and scope of such [actions] to the appropriate committees of the Congress—House and Senate Foreign Relations, House and Senate Armed Services and House and Senate Appropriations." (This grew to eight committees after the House and Senate intelligence committees were established.) See P.L. 93-559, §659 "Limitation on Intelligence Activities," December 30, 1974, enacting 22 U.S.C. §2422. See also William E. Conner, "Congressional Reform of Covert Action Oversight Following the Iran-Contra Affair," Defense Intelligence Journal 2 (1993), pp. 35, 41
34.	S.Rept. 113-120, p. 7.
35.	See also the Senate version of the IAA for FY2010 §432.
36.	For a complete list of the positions over which the SSCI has exercised jurisdiction, see CRS Report RL30959, Presidential Appointee Positions Requiring Senate Confirmation and Committees Handling Nominations, by [author name scrubbed] and [author name scrubbed].
37.	E.O. 12333 (as amended) §1.3(d), at http://www.ncsc.gov/publications/policy/docs/EO_12333.pdf. (d) Appointments to certain positions. (1) The relevant department or bureau head shall provide recommendations and obtain the concurrence of the Director for the selection of: the Director of the National Security Agency, the Director of the National Reconnaissance Office, the Director of the National Geospatial-Intelligence Agency, the Under Secretary of Homeland Security for Intelligence and Analysis, the Assistant Secretary of State for Intelligence and Research, the Director of the Office of Intelligence and Counterintelligence of the Department of Energy, the Assistant Secretary for Intelligence and Analysis of the Department of the Treasury, and the Executive Assistant Director for the National Security Branch of the Federal Bureau of Investigation. If the Director does not concur in the recommendation, the department head may not fill the vacancy or make the recommendation to the President, as the case may be. If the department head and the Director do not reach an agreement on the selection or recommendation, the Director and the department head concerned may advise the President directly of the Director's intention to withhold concurrence. (2) The relevant department head shall consult with the Director before appointing an individual to fill a vacancy or recommending to the President an individual be nominated to fill a vacancy in any of the following positions: the Under Secretary of Defense for Intelligence; the Director of the Defense Intelligence Agency; uniformed heads of the intelligence elements of the Army, the Navy, the Air Force, and the Marine Corps above the rank of Major General or Rear Admiral; the Assistant Commandant of the Coast Guard for Intelligence; and the Assistant Attorney General for National Security. relevant department or bureau head shall provide recommendations and obtain the concurrence of the DNI" for the selection of most of the IC agency directors with certain DOD exceptions
38.	S.Rept. 113-120, p. 9.
39.	For more on the Snowden leaks, see Dustin Volz, "Everything We Learned from Edward Snowden in 2013," National Journal, December 31, 2013, at http://www.nationaljournal.com/s/64142/everything-we-learned-from-edward-snowden-2013.
40.	Congress passed the Foreign Intelligence Surveillance Act (FISA) in 1978 to provide a statutory framework regulating when government agencies may gather foreign intelligence through electronic surveillance or physical searches. A number of laws passed after 9/11 amended FISA to enable the government to obtain information in a greater number of circumstances. (Major revisions are associated with P.L. 107-56, P.L. 108-458, and P.L. 110-261.) Most recently, the USA FREEDOM Act (P.L. 114-23) was signed into law on June 2, 2015. The principal focus of the legislation was to address the bulk collection of telephone metadata by the NSA. (See CRS Legal Sidebar WSLG1278, USA FREEDOM Act Reinstates Expired USA PATRIOT Act Provisions but Limits Bulk Collection, by [author name scrubbed].)
41.	S.Rept. 113-120, p. 10.
42.	"House Intelligence Committee Announces Bipartisan Report to Improve the Purchase Process of Intelligence Satellites," press release, July 31, 2014, with link to HPSCI white paper, "Questioning NRO's Costly Assumptions about the Industrial Base," undated, at http://intelligence.house.gov/press-release/house-intelligence-committee-announces-bipartisan-report-improve-purchase-process. See also Mike Gruss, "House Report Calls for Slowdown in NRO Satellite Orders," July 31, 2014, at http://spacenews.com/41454house-report-calls-for-slowdown-in-nro-satellite-orders/.
43.	See §8G of the Inspector General Act of 1978, as amended, for those IGs who are administratively appointed, generally for reasons associated with protecting national security. See CRS Report R43722, Offices of Inspectors General and Law Enforcement Authority: In Brief, by [author name scrubbed].
44.	Ibid., §2(1-3).
45.	Ibid.
46.	See Britt Snider, "Creating a Statutory IG at the CIA," Studies in Intelligence, vol. 44, no 5, (August 3, 2011), p. 1, https://www.cia.gov/library/center-for-the-study-of-intelligence/kent-csi/vol44no5/html/v44i5a02p.htm.
47.	Ibid. See also 50 U.S.C. §403(q) and CIA Act of 1949 §17. The Director of the CIA was also the Director of Central Intelligence at this time. For more, see Appendix.
48.	P.L. 111-259, §405.
49.	S.Rept. 113-120, pp. 9-10.
50.	S.Rept. 113-120, p. 10.
51.	U.S. Congress, Senate Select Committee on Intelligence, S.Res. 470 - A resolution amending Senate Resolution 400 (94th Congress) to clarify the responsibility of committees of the Senate in the provision of the advice and consent of the Senate to nominations to positions in the intelligence community, 113th Congress, 2nd sess. (Washington DC: GPO, July 7, 2014).
52.	S.Res. 400.
53.	Noah Bierman and Bryan Bender, "Leaks show U.S. intelligence vulnerability," The Boston Globe, June 11, 2013.
54.	Richard A. Clarke et al, Report and Recommendations of The President's Review Group on Intelligence and Communications Technologies, (The White House: December 12, 2013), at http://www.whitehouse.gov/sites/default/files/docs/2013-12-12_rg_final_report.pdf. See recommendations #37-#44. Clarke served on the National Security Council Staff from 1992-2003in a number of positions to include Special Assistant to the President for Global Affairs, Special Advisor to the President for Cyberspace, and National Coordinator for Security and Counter-terrorism.
55.	H.Rept. 113-463, p. 18.
56.	Ibid.
57.	S.Rept. 113-120, p. 17.
58.	Ibid.
59.	Chief Information Officer, Office of the DNI, "IC IT Enterprise Fact Sheet," p. 1, at http://www.dni.gov/files/documents/IC%20ITE%20Fact%20Sheet.pdf.
60.	Mandated in P.L. 108-458, §3001(d) the Intelligence Reform and Terrorism Prevention Act (IRTPA) of 2004.
61.	See, for example, U.S. Congress, House Permanent Select Committee on Intelligence, Security Clearance Reform—Upgrading the Gateway to the National Security Community, 110th Congress, 2nd sess., H.Rept. 110-916, Washington, DC: GPO, November 20, 2008); Testimony of Charles B. Sowell, Deputy Assistant Director for Special Security, Office of the Director of National Intelligence, for U.S. Congress, Senate Homeland Security and Government Affairs, Security Clearance Changes, hearings, 112th Congress, 2nd sess., June 21, 2012; and U.S. Government Accountability Office, Personnel Security Clearance, Progress Has Been Made to Improve Timeliness but Continued Oversight Is Needed to Sustain Momentum, GAO-11-65, November 2010, p. 27.
62.	S.Rept. 113-120, p. 11.
63.	CRS Report R43216, Security Clearance Process: Answers to Frequently Asked Questions, by [author name scrubbed] and [author name scrubbed]. See also CRS Report RL31988, Polygraph Use by the Department of Energy: Issues for Congress, by [author name scrubbed].
64.	S.Rept. 113-120, p. 11.
65.	See IC Inspector General website, at http://www.dni.gov/index.php/about-this-site/no-fear-act/whistleblower-protection-laws.
66.	"ICWPA Complaints," DOD IG website, at http://www.dodig.mil/programs/whistleblower/icwpa.html.
67.	Suzanna Andrews, et al., "The Snowden Saga: A Shadowland of Secrets and Light," Vanity Fair, (May 2014): pp. 4-5, at http://www.vanityfair.com/politics/2014/05/edward-snowden-politics-interview#.
68.	See for example, Charles S. Cook, "Intel Contractors' Whistleblower Rights are a work in Progress, Government Executive," August 30, 2013, at http://www.govexec.com/oversight/2013/08/intel-contractors-whistleblower-rights-are-work-progress/69026/.
69.	While not in the legislation, as report language accompanying the bill, the Committee will expect the IC to comply. Reports are written by staff and are directed to Members and staff outside the Committee to help everyone understand committee actions and intentions. Congressional intent is clear and though nonbinding, most executive branch officials agree that ignoring such provisions can be perilous.
70.	S.Rept. 113-120, p. 16.
71.	Ibid.
72.	See CRS Report 96-708, Conference Committee and Related Procedures: An Introduction, by [author name scrubbed].
73.	Some provisions may have been moved into the Classified Annex of the intelligence authorization legislation.
74.	"Joint Explanatory Statement to Accompany the Intelligence Authorization Act for Fiscal Year 2015," Senate Debate, Congressional Record, daily edition, vol. 160, part 149 (December 9, 2014), pp. S6464-S6465.
75.	This new provision resembles the requirement originally in S. 2741 for a Quadrennial Intelligence Strategic Review similar in content to the DOD's Quadrennial Defense Review (QDR). The DOD QDR is a long-term review of DOD strategy and priorities. For further details, see the DOD's QDR webpage at http://www.defense.gov/home/features/2014/0314_sdr/qdr.aspx.
76.	Office of the Director of National Intelligence, National Intelligence Strategy: Transformation through Integration and Innovation, October 2005, at http://www.dni.gov/files/documents/Newsroom/Reports%20and%20Pubs/NISOctober2005.pdf.
77.	Office of the Director of National Intelligence, National Intelligence Strategy, August 2009, http://www.dni.gov/files/documents/Newsroom/Reports%20and%20Pubs/2009_NIS.pdf; and National Intelligence Strategy 2014, at http://www.dni.gov/files/documents/2014_NIS_Publication.pdf.
78.	See, for example, Representative Justin Amash, "Block New Spying on U.S. Citizens: Vote 'No' on H.R. 4681," Dear Colleague, December 10, 2014, at https://www.facebook.com/repjustinamash/posts/812569822115759. See also Electronic Frontier Foundation, "EFF Statement on the 2015 Intelligence Authorization Bill," December 15, 2014, at https://www.eff.org/deeplinks/2014/12/eff-statement-2015-intelligence-authorization-bill.
79.	U.S. Congress, House Permanent Select Committee on Intelligence, "Fact Sheet," at http://intelligence.house.gov/press-release/fact-sheet-hr-4681-fiscal-year-2015-intelligence-authorization-act. For SSCI defense of Section 309 see Mario Trojillo, "Intel figures downplay spy provision," The Hill, December 15, 2014, at http://thehill.com/policy/technology/227164-intelligence-community-plays-down-worries-on-bill.
80.	Exceptions include communications that (1) suggest evidence of a crime, (2) are enciphered and appear to have a secret meaning, (3) have foreign intelligence or counterintelligence value, (4) involve only non-U.S. persons, and (5) suggest an imminent threat to human life.
81.	50 U.S.C. §3341(b)(7), Section 3001(b)(7) of the Intelligence Reform and Terrorism Prevention Act of 2004.
82.	"Joint Explanatory Statement to Accompany the Intelligence Authorization Act for Fiscal Year 2015," Senate Debate, Congressional Record, daily edition, vol. 160, part 149 (December 9, 2014), p. S6465.
83.	The USDHS/I&A is confirmed by the SSCI. See CRS Report RL30959, Presidential Appointee Positions Requiring Senate Confirmation and Committees Handling Nominations, by [author name scrubbed] and [author name scrubbed].
84.	This requirement can be waived (due to national security interests) by the Secretary of State if s/he requests a waiver in writing to appropriate congressional committees prior to exercising the waiver.
85.	See Ronald P. Sanders, "The Value of Private Spies," Letter to the Editor, Washington Post, July 18, 2007, at http://www.washingtonpost.com/wp-dyn/content/article/2007/07/17/AR2007071701679.html. Ron Sanders was then-Associate Director of National Intelligence.
86.	See CRS Report R43074, Department of Defense's Use of Contractors to Support Military Operations: Background, Analysis, and Issues for Congress, by [author name scrubbed].
87.	See Simon Chesterman, "We Can't Spy … If We Can't Buy!: The Privatization of Intelligence and the Limits of Outsourcing 'Inherently' Governmental Functions," European Journal of International Law, vol. 19, no. 5 (2008): 1055-1074, at http://ejil.oxfordjournals.org/content/19/5/1055.full.pdf+html.
88.	See for example, U.S. Congress, Senate, Committee on Homeland Security and Government Affairs, Testimony by Timothy J. DiNapoli, Director of Acquisition and Sourcing Management for the Government Accountability Office, "Additional Actions Needed to Improve Reporting on and Planning for the Use of Contract Personnel," February 13, 2014, p. 3, at http://www.gao.gov/assets/670/660945.pdf; Vinh Nguyen, "Current Trends in Intelligence Outsourcing Affect Work Force Stability," Signal OnLine, December 2007, at http://www.afcea.org/content/?q=node/1440; and Brian Fung, "U.S. intelligence agencies can't justify why they use so many contractors," Washington Post, February 14, 2014, at http://www.washingtonpost.com/blogs/the-switch/wp/2014/02/14/u-s-intelligence-agencies-cant-justify-why-they-use-so-many-contractors/.
89.	U.S. Congress, Senate Select Committee on Intelligence, "Findings and Conclusions," Committee Study of the Central Intelligence Agency's Detention and Interrogation Program, 113th Congress, 2nd sess., December 3, 2014, p. 11 of 19, at http://www.intelligence.senate.gov/study2014/sscistudy1.pdf. Office of Management and Budget Circular A-76 defines an inherently governmental activity is "an activity that is so intimately related to the public interest as to mandate performance by government personnel." See CRS Report R42325, Definitions of "Inherently Governmental Function" in Federal Procurement Law and Guidance, by [author name scrubbed].
90.	Ibid.
91.	The first was established in New York City according to the JTTF webpage at http://www.fbi.gov/about-us/investigate/terrorism/terrorism_jttfs.
92.	Ibid.
93.	Ibid.
94.	On April 15, 2013, two pressure cooker bombs placed near the finish line of the Boston Marathon detonated within seconds of each other, killing three and injuring more than two hundred people. Law enforcement officials identified brothers Tamerlan and Dzhokhar Tsarnaev as primary suspects in the bombings. The Boston JTTF conducted an assessment of Tamerlan Tsarnaev to determine whether he posed a threat to national security and closed the assessment three months later having found no link or "nexus" to terrorism.
95.	"Unclassified Summary of Information Handling and Sharing Prior to the April 15, 2013 Boston Marathon Bombings, Prepared by the Inspectors General of the: Intelligence Community, Central Intelligence Agency, Department of Justice, and the Department of Homeland Security," 10 April 2014, at http://www.dni.gov/index.php/newsroom/reports-and-publications/204-reports-publications-2014/1042-unclassified-summary-of-information-handling-and-sharing-prior-to-the-april-15,-2013-boston-marathon-bombings.
96.	"Joint Explanatory Statement to Accompany the Intelligence Authorization Act for Fiscal Year 2015," Senate Debate, Congressional Record, daily edition, vol. 160, part 149 (December 9, 2014), p. S6465.
97.	The report is due within 180 days of the bill's passage on December 19, 2014, and may include a classified annex.
98.	Section 330 was a floor amendment offered by Representative Lloyd "Ted" Poe. The report it requires focuses on the relationships between "core" al Qaeda fighters and al Qaeda affiliates, as well the relationship between al Qaeda and the Islamic State. See Remarks by Rep. Ted Poe, "Amendment No. 7 to the Intelligence Authorization Act for Fiscal Years 2014 and 2015," Congressional Record, daily edition, vol. 160 (May 30, 2014), pp. H5051-H5052.
99.	S.Rept. 113-120, p. 7.
100.	Ibid.
101.	The Under Secretary of Defense for Intelligence or USD(I)) is called the Director of Defense Intelligence (DDI) when he wears his ODNI "hat."
102.	Office of the Director of National Intelligence, U.S. National Intelligence: An Overview 2013, pp 1-2, at http://www.dni.gov.
103.	See Richard Best, "Leadership of the U.S. Intelligence Community: From DCI to DNI," International Journal of Intelligence and Counterintelligence, vol. 27, No. 2, (March, 2014): pp. 253-333, at http://www.tandfonline.com/.
104.	National Commission on Terrorist Attacks Upon the United States, Final Report, The 9/11 Commission Report (Washington D.C.: Government Printing Office, 2004), pp. 407-411; U.S. Congress, Senate Select Committee on Intelligence and House Permanent Select Committee on Intelligence, Joint Inquiry into Intelligence Community Activities Before and After the Terrorist Attacks of September 11, 2001, 107th Congress, 2nd sess., S.Rept. 107-351/H.Rept. 107-792, December 2002, pp. 33-117; U.S. Commission on the Intelligence Capabilities of the U.S. Regarding Weapons of Mass Destruction, Report to the President of the United States, March 31, 2005, pp. 311-350.
105.	"Organization," under "About," ODNI webpage, at http://www.dni.gov.
106.	National Defense Authorization Act for FY2003 (P.L. 107-314,§901).
107.	The primary directive is Department of Defense Directive 5132.01, "Under Secretary of Defense for Intelligence (USD(I))," November 23, 2005, pp. 2-7, posted on http://fas.org/irp/doddir/dod/d5143_01.pdf.
108.	Michael McConnell, DNI and Robert Gates, Secretary of Defense, "Memorandum of Agreement," May 2007, See DOD News Release No 637-07, May 24, 2007, "Under Secretary of Defense for Intelligence to be Dual-Hatted as Director of Defense Intelligence.," at http://www.defense.gov/Releases/Release.aspx?ReleaseID=10918.
109.	Ibid.
110.	Deputy Secretary of Defense Memorandum, "Establishment of the Military Intelligence Program," September 1, 2005. See also DOD Directive 5205.12, "Military Intelligence Program," November 14, 2008 (certified current through November 14, 2015), at http://www.dtic.mil/whs/directives/corres/pdf/520512_2008_certifiedcurrent.pdf. (DODD 5205.12).
111.	Elkins, p. 4-12.
112.	For information on specifics associated with NIP and MIP spending over time, see CRS Report R42061, Intelligence Spending and Appropriations: Issues for Congress, by [author name scrubbed] and [author name scrubbed].
113.	Mark Lowenthal, Intelligence: From Secrets to Policy, 5th Edition, (Washington DC: Sage CQ Press, 2012), p. 52.
114.	Elkins, p. 4-5.
115.	See Robert Mirabello, "Budget and Resource Management," Intelligencer: Journal of U.S. Intelligence Studies, vol. 20, No. 2, (Fall/Winter 2013), p. 68, at http://www.afio.com/publications/MIRABELLO%20Pages%20from%20INTEL_FALLWINTER2013_Vol20_No2.pdf
116.	Elkins, p. 4-11.
117.	DOD Directive 5205.12 (3) (a).
118.	Mirabello, p. 68.
119.	DOD Directive 5205.12 (3) (c).
120.	DOD Directive 5205.12 (3) (b).
121.	P.L. 113-126, §314.
122.	CIARDS is a small fund that provides pension benefits to a selected group of the CIA's workforce—particularly those whose identities must be protected. Section 202 of the IAA for FY2014 amends the Central Intelligence Agency Retirement Act to expand the definition of "qualifying service" for purposes of designating CIA employees to participate in a retirement system based on a period of service abroad that is hazardous to life or health, or that is determined to be specialized because of security requirements, to include the service of CIA employees on detail to another agency. Without this provision, such qualifying service had to be performed within the CIA. (The provision made such qualifying detail service applicable to retired or deceased CIA officers.)
123.	The CMA, also referred to as the Intelligence Community Management Account or ICMA, is an account name that refers back to the IC Community Management Staff (CMS). The CMS supported the Director of Central Intelligence in his role as community manager. When the position of DNI was established, much of the old CMS became the new ODNI.
124.	Elkins, p. 6-6. For more on COCOMs, see CRS Report R42077, The Unified Command Plan and Combatant Commands: Background and Issues for Congress, by [author name scrubbed].
125.	Michael Vickers, "Defense Intelligence Resources," PowerPoint Presentation to Armed Forces Communications and Electronics Association (AFCEA), March 13, 2014, Slide 37.