Let us talk security and let us talk Penny Wong.
For those not up to speed, the link between these topics is that a separate complete screw up in document management has revealed that Senator Penny Wong, after shifting office following the 2013 election, just accidentally left 195 highly classified documents lying around when she moved out.
Oops.
That’s a tad embarrassing. Probably a bit distracted at the time making her stand against gay marriage. Still, that wacky crazy Penny and her wacky crazy gang of staffers, right?
No.
Let us briefly revise how security works and consider what would happen if someone in the private sector were to do such a thing.
First up, why would someone be granted a security clearance in the first place?
This is pretty simple. The ‘Defence Industry’ employees large amounts of civilians and some of them have a need to access classified information as part of their professional activities. Or, to word it more officially, the Need to Know. More on that later.
There is an application process, lots of paperwork, required sponsorship by an appropriate employer and a large amount of responsibility explained in clear terms. Grasp that, it is a responsibility, not a right.
Successful applicants will then be cleared up to a certain level, mostly based on how much their employer believes they will Need to Know. The levels relate to the classification levels of the data, and as the levels increase so do the conditions attached to when and where you can access, handle and store this data. Low level documents for example you may have with you in an office environment, but must be locked away the moment one leaves their desk. At higher levels one has to access the data alone in a secure environment with the door closed. It varies, we are not here to word for word repeat the document training manual, and the point is that you have a responsibility not to leave classified documents lying around.
Responsibility.
Important word. Goes well with Trust. More on that later.
What is actually in these documents can vary and the classification system can be a bit abstract. Top Secret documents for example are those whose release would cause “exceptionally grave damage to the national interest”. This could be a list of where the bodies are buried, or it could be simply a list of what Kevin Rudd liked to eat on RAAF flights, the point being that that file, document, memo or menu has been classified to a level and now must be accessed, stored and transferred according to the proceeds you, as someone granted a security clearance, have agreed to comply with.
Oh well, that wacky crazy Penny. I am sure she didn’t mean any harm and anyone allowed into her office was probably cleared anyway.
No.
Security is, as mentioned before, Need to Know.
Most people would have heard this from badly scripted Hollywood tripe, usually when some shady government agent, having dragged our brave heroes into a much more complex and dangerous problem than they had been previously briefed on, will shut down the entirely rational ‘What the fiddlesticks is going on here?’ question with the ‘Strictly speaking you don’t need to know’ cliche.
Two points here. First is that the correct response to the ‘Strictly speaking…’ cliche is ‘You’re a Dick’, and second ALL classified material is Need to Know. Being cleared to access classified material is not a license to collect secrets, it is a recognition that you are responsible and trustworthy enough to be exposed to such data. A clearance does not let you access what you want. It lets you access what you need. You might be the government’s top kill master with a top level clearance to match. You might not only know where the bodies are buried but also wrote the orders that created those bodies in the first place, but if you are not on sandwich duty you do not get to read Rudd’s secret lunch order.
This is the point. It doesn’t matter what was in the files. It doesn’t matter if every single person who could have possibly accessed them once they were lost was also cleared to top level. It doesn’t matter if no damage was done as a direct result of the lost data… although that certainly doesn’t hurt.
The point is that Penny Wong was trusted with the responsibility of handling and securing those documents and she failed utterly, 195 times, in doing so.
So imagine what would happen if a person or company within the private sector managed to fail in their responsibilities to such a level. Can you imagine them them being trusted in the future? Can you imagine their entire company being no longer asked to tender for projects? Can you imagine our superiors in Canberra trying to make political mileage by slurring the company involved and asking why they are still allowed to continue on work already begun?
Now imagine Penny Wong and the repercussions she professionally suffered since that little bout of forgetfulness.
Not saying Wong did so deliberately.
Not saying Wong snuggled up to a foreign power.
Not saying that ‘grave damage’ has occurred.
I am saying that Wong has proved, 195 times, that she is not responsible enough to be trusted with classified documents.
Penny Wong has failed and for that she cannot be allowed to remain a senator.
Photo by penrithsustainabilityunit