Classified information is material that a government body claims is sensitive information that requires protection of confidentiality, integrity, or availability. Access is restricted by law or regulation to particular groups of people, and mishandling can incur criminal penalties and loss of respect. A formal security clearance is often required to handle classified documents or access classified data. The clearance process usually requires a satisfactory background investigation. Documents and other information assets are typically marked with one of several (hierarchical) levels of sensitivity - e.g. restricted, confidential, secret and top secret. The choice of level is often based on an impact assessment; governments often have their own set of rules which include the levels, rules on determining the level for an information asset, and rules on how to protect information classified at each level. This often includes security clearances for personnel handling the information. Although "Classified information" refers to the formal categorization and marking of material by level of sensitivity, it has also developed a sense synonymous with "censored" in US English. A distinction is often made between formal security classification and privacy markings such as "commercial in confidence". Classifications can be used with additional keywords that give more detailed instructions on how data should be used or protected.
Some corporations and non-government organizations also assign sensitive information to multiple levels of protection, either from a desire to protect trade secrets, or because of laws and regulations governing various matters such as personal privacy, sealed legal proceedings and the timing of financial information releases.
- 1 Government classification
- 2 Typical classification levels
- 3 International
- 4 By country
- 4.1 Australia
- 4.2 Brazil
- 4.3 Canada
- 4.4 People's Republic of China
- 4.5 France
- 4.6 Hong Kong
- 4.7 New Zealand
- 4.8 Romania
- 4.9 Russian Federation
- 4.10 Sweden
- 4.11 United Kingdom
- 4.12 United States
- 4.13 Table of equivalent classification markings in various countries
- 5 Corporate classification
- 6 Traffic Light Protocol
- 7 See also
- 8 References
- 9 External links
The purpose of classification is to protect information. Higher classifications protect information that might endanger national security. Classification formalises what constitutes a "state secret" and accords different levels of protection based on the expected damage the information might cause in the wrong hands.
However, classified information is frequently "leaked" to reporters by officials for political purposes. Several U.S. presidents have leaked sensitive information to get their point across to the public.
Typical classification levels
Although the classification systems vary from country to country, most have levels corresponding to the following British definitions (from the highest level to lowest)
Top secret (TS)
The highest level except of classification of material on a national level. The information is further compartmented so that specific access using a code word after top secret is a legal way to hide collective and important information**. Such material would cause "exceptionally grave damage" to national security if made publicly available.
The Washington Post reports in its "Top secret America" investigation that per 2010 "An estimated 854,000 people ... hold top-secret security clearances" in the US.
Such material would cause "serious damage" to national security if it were publicly available.
In the USA, operational "Secret" information can be marked with an additional "LIMDIS", to limit readership.
Such material would cause "damage" or be "prejudicial" to national security if publicly available.
Such material would cause "undesirable effects" if publicly available. Some countries do not have such a classification; in public sectors, such as commercial industries, such level are also called and known as "Private Information".
Such material forms the generality of government business, public service delivery and commercial activity. This includes a diverse range of information, of varying sensitivities, and with differing consequences resulting from compromise or loss. OFFICIAL information must be secured against a threat model that is broadly similar to that faced by a large private company.
The OFFICIAL classification replaces the Confidential and Restricted classifications after April 2014 in the UK.
Technically not a classification level; but this is a feature of some classification schemes, used for government documents that do not merit a particular classification. This is because the information is low-impact, and therefore does not require any special protection, such as vetting of personnel.
Depending on the level of classification there are different rules controlling the level of clearance needed to view such information, and how it must be stored, transmitted, and destroyed. Additionally, access is restricted on a "need to know" basis. Simply possessing a clearance does not automatically authorize the individual to view all material classified at that level or below that level. The individual must present a legitimate "need to know" in addition to the proper level of clearance.
In addition to the general risk-based classification levels above, there may be additional compartmented constraints on access, such as (in the U.S.) Special Intelligence (SI), which protects intelligence sources and methods, No Foreign dissemination (NOFORN), which restricts dissemination to U.S. nationals, and Originator Controlled dissemination (ORCON), which ensures that the originator can track possessors of the information. Information in these compartments is usually marked with specific keywords in addition to the classification level.
Exceptionally Controlled Information (ECI) is a level above top-secret, which restricts information to very few people.
Government information about nuclear weapons such as nuclear warheads often has an additional marking to show it contains such information.
When a government agency or group shares information between an agency or group of other country’s government they will generally employ a special classification scheme that both parties have previously agreed to honour.
For example the marking ATOMAL, is applied to U.S. RESTRICTED DATA or FORMERLY RESTRICTED DATA and United Kingdom ATOMIC information that has been released to NATO. ATOMAL information is marked COSMIC TOP SECRET ATOMAL (CTSA), NATO SECRET ATOMAL (NSAT), or NATO CONFIDENTIAL ATOMAL (NCA).
In cases where a country wishes to share classified information bilaterally (or multilaterally) with a country that has a sharing agreement, the information is with the countries it can be shared with. Those countries would have to maintain the classification of the document at the level originally classified (TOP-SECRET, SECRET, etc.) with the appropriate caveat (USNZ, AUSGE, CANUK, etc.).
For example, sensitive information shared amongst NATO allies has four levels of security classification; from most to least classified:
- COSMIC TOP SECRET (CTS),
- NATO SECRET (NS),
- NATO CONFIDENTIAL (NC), and
- NATO RESTRICTED (NR).
A special case exists with regard to NATO UNCLASSIFIED (NU) information. Documents with this marking are NATO property (copyright) and must not be made public without NATO permission. In general documents with this classification aren't cleared for internet-transmission either, unless clearly marked with RELEASABLE FOR INTERNET TRANSMISSION. Documents that can be made public, however, should be clearly marked with NON SENSITIVE INFORMATION RELEASABLE TO THE PUBLIC.
- European Commission, has 5 levels, EU TOP SECRET, EU SECRET, EU CONFIDENTIAL, EU RESTRICTED, and EU COUNCIL / COMMISSION. (Note that usually the French term is used)
- OCCAR, a European defence organisation, has three levels of classification: OCCAR SECRET, OCCAR CONFIDENTIAL, OCCAR RESTRICTED.
Most countries employ some sort of classification system for certain government information. For example, in Canada, information that the U.S. would classify SBU (Sensitive but Unclassified) is called "protected" and further subcategorised into levels A, B, and C.
On 19 July 2011, the National Security (NS) classification marking scheme and the Non-National Security (NNS) classification marking scheme in Australia was unified into one structure.
The Australian Government Security Classification system now comprises TOP SECRET, SECRET, CONFIDENTIAL and PROTECTED. A new dissemination limiting markers (DLMs) scheme was also introduced for information where disclosure may be limited or prohibited by legislation, or where it may otherwise require special handling. The DLM marking scheme comprises For Official Use Only (FOUO), Sensitive, Sensitive: Personal, Sensitive: Legal, and Sensitive: Cabinet.
Documents marked Sensitive Cabinet, relating to discussions in Federal Cabinet, are treated as PROTECTED at minimum due to its higher sensitivity.
In Brazil, a top secret (Ultra-secreto) government-issued document may be classified for a period of 25 years, which may be extended up to another 25 years. Thus, no document remains classified for more than 50 years. This is mandated by the 2011 Information Access Law (Lei de Acesso à Informação), a change from the previous rule, under which documents could have their classification time length renewed indefinitely, effectively shuttering state secrets from the public. The 2011 law applies retroactively to existing documents.
Background and hierarchy
There are 2 main type of sensitive information designation used by the Government of Canada: Classified and Designated. The access and protection of both types of information is governed by the Security of Information Act, effective December 24, 2001, replacing the Official Secrets Act 1981. To access the information, a person must have the appropriate level of clearance and a need to know.
In addition, the caveat "For Canadian Eyes Only" may be used to restrict Classified or Designated information to only Canadian citizens with the appropriate level of clearance and need to know.
Special operational information
SOI is not a classification of data per se. It is defined under the Security of Information Act, and unauthorised release of such information constitutes a higher breach of trust, with penalty of life imprisonment.
- military operations in respect of a potential, imminent or present armed conflict
- the identity of confidential source of information, intelligence or assistance to the Government of Canada
- tools used for information gathering or intelligence
- the object of a covert investigation, or a covert collection of information or intelligence
- the identity of any person who is under covert surveillance
- encryption and cryptographic systems
- information or intelligence to, or received from, a foreign entity or terrorist group
Classified information can be designated Top Secret, Secret or Confidential. These classifications are only used on matters of national interest.
- Top Secret: This applies when compromise might reasonably cause exceptionally grave injury to the national interest. The possible impact must be great, immediate and irreparable.
- Secret: This applies when compromise might reasonably cause serious injury to the national interest.
- Confidential: When disclosure might reasonably cause injury to the national interest.
Designated information is not classified. Designated information pertains to any sensitive information that does not relate to national security and cannot be disclosed under the access and privacy legislation because of the possible injury to particular public or private interests.
- Protected C (Extremely Sensitive designated information): is used to protect extremely sensitive information, which if compromised, could reasonably be expected to cause extremely grave injury outside the national interest. Examples could include bankruptcy, identities of informants in criminal investigations, etc.
- Protected B (Particularly Sensitive designated information): is used to protect information that could cause severe injury or damage to the people or group involved if it was released. Examples include medical records, annual personnel performance reviews, etc.
- Protected A (Low-Sensitive designated information): is applied to low sensitivity information that should not be disclosed to the public without authorisation and could reasonably be expected to cause injury or embarrassment outside the national interest. Example of Protected A information could include employee number, pay deposit banking information, etc.
People's Republic of China
The Criminal Law of the People's Republic of China (which is not operative in the Special Administrative Regions of Hong Kong and Macao) makes it a crime to release a state secret. Regulation and enforcement is carried out by the National Administration for the Protection of State Secrets.
Under the 1989 "Law on Guarding State Secrets," state secrets are defined as those that concern:
- Major policy decisions on state affairs;
- The building of national defence and in the activities of the armed forces;
- Diplomatic activities and in activities related to foreign countries and those to be maintained as commitments to foreign countries;
- National economic and social development;
- Science and technology;
- Activities for preserving state security and the investigation of criminal offences; and
- Any other matters classified as "state secrets" by the national State Secrets Bureau.
Secrets can be classified into one of three categories:
- Top secret (绝密): Defined as "vital state secrets whose disclosure would cause extremely serious harm to state security and national interests";
- Highly secret (机密): Defined as "important state secrets whose disclosure would cause serious harm to state security and national interests"; and
- Secret (秘密): Defined as "ordinary state secrets whose disclosure would cause harm to state security and national interests".
In France, classified information is defined by article 413-9 of the Penal Code. The three levels of military classification are
- Très Secret Défense (Very Secret Defence): Information deemed extremely harmful to national defence, and relative to governmental priorities in national defence. No service or organisation can elaborate, process, stock, transfer, display or destroy information or protected supports classified at this level without authorisation from the Prime Minister or the national secretary for National Defence. Partial or exhaustive reproduction is strictly forbidden.
- Secret Défense (Secret Defence): Information deemed very harmful to national defence. Such information cannot be reproduced without authorisation from the emitting authority, except in exceptional emergencies.
- Confidentiel Défense (Confidential Defence): Information deemed potentially harmful to national defence, or that could lead to uncovering an information classified at a higher level of security.
Less sensitive information is "protected". The levels are
- Confidentiel personnels Officiers ("Confidential officers")
- Confidentiel personnels Sous-Officiers ("Confidential non-commissioned officers")
- Diffusion restreinte ("restricted information")
- Diffusion restreinte administrateur ("administrative restricted information")
- Non Protégé (unprotected)
A further caveat, "spécial France" (reserved France) restricts the document to French citizens (in its entirety or by extracts). This is not a classification level.
Declassification of documents can be done by the Commission consultative du secret de la défense nationale (CCSDN), an independent authority. Transfer of classified information is done with double envelopes, the outer layer being plastified and numbered, and the inner in strong paper. Reception of the document involves examination of the physical integrity of the container and registration of the document. In foreign countries, the document must be transferred through specialised military mail or diplomatic bag. Transport is done by an authorised convoyer or habilitated person for mail under 20 kg. The letter must bear a seal mentioning "PAR VALISE ACCOMPAGNEE-SACOCHE". Once a year, ministers have an inventory of classified information and supports by competent authorities.
Once their usage period is expired, documents are transferred to archives, where they are either destroyed (by incineration, crushing or electrical overtension), or stored.
In case of unauthorized release of classified information, competent authorities are the Ministry of Interior, the Haut fonctionnaire de défense et de sécurité ("high civil servant for defence and security") of the relevant ministry, and the General secretary for National Defence. Violation of such secrets is an offence punishable with 7 years of imprisonment and a 100 000 Euro fine; if the offence is committed by imprudence or negligence, the penalties are 3 years of imprisonment and a 45 000 Euro fine.
The Security Bureau is responsible for developing policies in regards to the protection and handling of confidential government information. In general, the system used in Hong Kong is very similar to the UK system, developed from the Colonial Hong Kong era.
Four classifications exists in Hong Kong, from highest to lowest in sensitivity:
- Top Secret (高度機密)
- Secret (機密)
- Confidential (保密)
- Temporary Confidential (臨時保密)
- Restricted (限閱文件/內部文件)
- Restricted (staff) (限閱文件(人事))
- Restricted (tender) (限閱文件 (投標))
- Restricted (administration) (限閱文件 (行政))
Restricted documents are not classified per se, but only those who have a need to know will have access to such information, in accordance with the Personal Data (Privacy) Ordinance.
New Zealand uses the Restricted classification, which is lower than Confidential. People may be given access to Restricted information on the strength of an authorisation by their Head of Department, without being subjected to the background vetting associated with Confidential, Secret and Top Secret clearances. New Zealand's security classifications and the national-harm requirements associated with their use are roughly similar to those of the United States.
In addition to national security classifications there are two additional security classifications, In Confidence and Sensitive, which are used to protect information of a policy and privacy nature. There are also a number of information markings used within ministries and departments of the government, to indicate, for example, that information should not be released outside the originating ministry.
Because of strict privacy requirements around personal information, personnel files are controlled in all parts of the public and private sectors. Information relating to the security vetting of an individual is usually classified at the In Confidence level.
In Romania, classified information is referred to as "state secrets" (secrete de stat) and is defined by the Penal Code as "documents and data that manifestly appear to have this status or have been declared or qualified as such by decision of Government". There are three levels of classification—Secret, Top Secret, and Top Secret of Particular Importance. The levels are set by the Romanian Intelligence Service and must be aligned with NATO regulations—in case of conflicting regulations, the latter are applied with priority. Dissemination of classified information to foreign agents or powers is punishable by up to life imprisonment, if such dissemination threatens Romania's national security.
In the Russian Federation, a state secret (Государственная тайна) is information protected by the state on its military, foreign policy, economic, intelligence, counterintelligence, operational and investigative and other activities, dissemination of which could harm state security.
The Swedish classification has been updated due to increased NATO/PfP cooperation. All classified defence documents will now have both a Swedish classification (Kvalificerat hemlig or Hemlig), and an English classification (Top Secret, Secret, Confidential, or Restricted).. The term skyddad identitet, "protected identity", is used in the case of protection of a threatened person, basically implying "secret identity", accessible only to certain members of the police force and explicitly authorised officials.
Until 2013, the United Kingdom used five levels of classification—from lowest to highest, they were: PROTECT, RESTRICTED, CONFIDENTIAL, SECRET and TOP SECRET (formerly MOST SECRET). The Cabinet Office provides guidance on how to protect information, including the security clearances required for personnel. Staff may be required to sign to confirm their understanding and acceptance of the Official Secrets Acts 1911 to 1989, although the Act applies regardless of signature. PROTECT is not in itself a security protective marking level (such as RESTRICTED or greater), but is used to indicate information which should not be disclosed because, for instance, the document contains tax, national insurance, or other personal information.
Government documents without a classification may be marked as UNCLASSIFIED or NOT PROTECTIVELY MARKED.
This system is being replaced by the Government Security Classifications Policy, which has a simpler model: TOP SECRET, SECRET, and OFFICIAL from April 2014.</ref name=UK_Classifications>
The U.S. classification system is currently established under Executive Order 13292 and has three levels of classification—Confidential, Secret, and Top Secret. The U.S. had a Restricted level during World War II but no longer does. U.S. regulations state that information received from other countries at the Restricted level should be handled as Confidential. A variety of markings are used for material that is not classified, but whose distribution is limited administratively or by other laws, e.g., For Official Use Only (FOUO), or Sensitive but Unclassified (SBU). The Atomic Energy Act of 1954 provides for the protection of information related to the design of nuclear weapons. The term "Restricted Data" is used to denote certain nuclear technology. Information about the storage, use or handling of nuclear material or weapons is marked "Formerly Restricted Data". These designations are used in addition to level markings (Confidential, Secret and Top Secret). Information protected by the Atomic Energy Act is protected by law and information classified under the Executive Order is protected by Executive privilege.
Table of equivalent classification markings in various countries
|Albania||Teper Sekret||Sekret||Konfidencial||I Kufizuar|
|Argentina||Estrictamente Secreto y Confidencial||Secreto||Confidencial||Reservado|
|Australia||Top Secret||Secret||Confidential||For Official Use Only|
|Belgium||Zeer Geheim / Très Secret||Geheim / Secret||Vertrouwelijk / Confidentiel||Beperkte Verspreiding / Diffusion restreinte|
or Muy Secreto
|Bosnia and Herzegovina||Strogo povjerljivo||Tajno||Konfidencialno||Restriktivno|
|Bulgaria||Строго секретно||Секретно||Поверително||За служебно ползване|
|Cambodia||Sam Ngat Bamphot||Sam Ngat Roeung||Art Kambang||Ham Kom Psay|
|Canada||Top Secret/Très secret||Secret/Secret||Confidential/Confidentiel||Protected A, B or C / Protégé A, B ou C|
|China, People's Republic of||Juémì (绝密)||Jīmì (机密)||Mìmì (秘密)||Nèibù (内部)|
|Colombia||Ultrasecreto||Secreto||Confidencial||Reserva del sumario|
|Costa Rica||Alto Secreto||Secreto||Confidencial|
|Czech Republic||Přísně tajné||Tajné||Důvěrné||Vyhrazené|
|Denmark||Yderst Hemmeligt||Hemmeligt||Fortroligt||Til Tjenestebrug
|El Salvador||Ultra Secreto||Secreto||Confidencial||Reservado|
|Ethiopia||Yemiaz Birtou Mistir||Mistir||Kilkil|
|European Union (EU)||TRES SECRET UE / EU TOP SECRET||SECRET UE / EU SECRET||CONFIDENTIEL UE / EU CONFIDENTIAL||RESTREINT UE / EU RESTRICTED|
|European Union (Western) (WEU)||FOCAL TOP SECRET||WEU SECRET||WEU CONFIDENTIAL||WEU RESTRICTED|
|Euratom||EURA TOP SECRET||EURA SECRET||EURA CONFIDENTIAL||EURA RESTRICTED|
|Finland||Erittäin salainen (TLL I)||Salainen (TLL II)||Luottamuksellinen (TLL III)||Viranomaiskäyttö (TLL IV)|
|France||Très secret défense||Secret défense||Confidentiel défense||Diffusion restreinte|
|Germany||Streng Geheim||Geheim||VS-Vertraulich||VS-Nur für den Dienstgebrauch|
|Hong Kong||Top Secret, 高度機密||Secret, 機密||Confidential, 保密||Restricted, 內部文件/限閱文件|
|Hungary||Szigorúan Titkos||Titkos||Bizalmas||Korlátozott Terjesztésű|
|India (Hindi)||परम गुप्त (Param Gupt)||गुप्त (Gupt)||गोपनीय (Gopniya)||प्रतिबंधित/सीमित (Pratibandhit/seemit)|
|India (English)||Top Secret||Secret||Confidential||Restricted|
|Indonesia||Sangat Rahasia||Rahasia||Rahasia Dinas||Terbatas|
|Iran||Tabagheh-bandi-shodeh طبقه بندی شده||Mahramaneh محرمانه||Sar-be-moher سـَر به مـُهر||Sarbaste سَربسته|
|Ireland (Irish language)||An-sicreideach||Sicreideach||Runda||Srianta|
|Japan||Kimitsu, 機密||Gokuhi, 極秘||Hi, 秘||Toriatsukaichuui, 取り扱い注意|
|Korea, South||I(Il)-geup Bimil, 1급비밀||II(I)-geup Bimil, 2급비밀||III(Sam)-geup Bimil, 3급비밀||Daeoebi, 대외비|
|Laos||Lup Sood Gnod||Kuam Lup||Kuam Lap||Chum Kut Kon Arn|
|Latvia||Sevišķi slepeni||Slepeni||Konfidenciāli||Dienesta vajadzībām|
|Lithuania||Visiškai Slaptai||Slaptai||Konfidencialiai||Riboto Naudojimo|
|Netherlands||STG. Zeer Geheim||STG. Geheim||STG. Confidentieel||Departementaal Vertrouwelijk|
|New Zealand||Top Secret||Secret||Confidential||Restricted|
|Pakistan (Urdu)||Intahai Khufia||Khufia||Sigh-e-Raz||Barai Mahdud Taqsim|
|Pakistan (English)||Top Secret||Secret||Confidential||Restricted|
|Philippines (English)||Top Secret
Mahigpit na Lihim
|Romania||Strict Secret de Importanţă Deosebită||Strict Secret||Secret||Secret de serviciu|
(вариант: Совершенно Секретно (Sovershenno Sekretno))
(вариант: Секретно (Sekretno))
(вариант: Не подлежит оглашению
(Конфиденциально) (Ne podlezhit oglasheniyu (Konfidentsial'no))
|Для Служебного Пользования (ДСП)
(Dlya Sluzhebnogo Pol'zovaniya)
|Saudi Arabia||Saudi Top Secret||Saudi Very Secret||Saudi Secret||Saudi Restricted|
|Serbia||Latin: Državna tajna
Cyrillic: Државна тајна
|Latin: Strogo poverljivo
Cyrillic: Строго поверљиво
|Slovak Republic||Prísne tajné||Tajné||Dôverné||Vyhradené|
|Sweden||Kvalificerat Hemlig (KH); Hemlig/Top Secret (H/TS)||Hemlig (H); Hemlig/Secret H/S)||Hemlig/Confidential (H/C)||Hemlig/Restricted (H/R)|
|Switzerland||GEHEIM / SECRET||VERTRAULICH / CONFIDENTIEL||INTERN / INTERNE|
|Taiwan (Republic of China)||"Absolutely" Secret (絕對機密)||"Extremely" Secret (極機密)||Secret (機密)||no direct equivalent|
|Tanzania (Swahili)||SIRI KUU||SIRI||STIRI||IMEZUILIWA|
|Thailand||Lap thi sut (ลับที่สุด)||Lap mak (ลับมาก)||Lap (ลับ)||Pok pit (ปกปิด)|
|Turkey||Çok Gizli||Gizli||Özel||Hizmete Özel|
|South Africa (English)||Top Secret||Secret||Confidential||Restricted|
|South Africa (Afrikaans)||Uiters Geheim||Geheim||Vertroulik||Beperk|
|Ukraine||Особливої важливості||Цілком таємно||Таємно||Для службового користування|
|United Kingdom||TOP SECRET||SECRET||OFFICIAL (formerly CONFIDENTIAL)||OFFICIAL (formerly RESTRICTED)|
|United States||Top Secret||Secret||Confidential||For Official Use Only|
|Vietnam||Tuyệt Mật||Tối Mật||Mật||Phổ Biến Hạn Chế|
Original source: NISPOM Appendix B ¹ In addition, Finland uses label Salassa pidettävä, "to be kept secret" for information that is not classified but must not be revealed on some other basis than national security. (E.g. privacy, trade secrets etc.)
Private corporations often require written confidentiality agreements and conduct background checks on candidates for sensitive positions. In the U.S. the Employee Polygraph Protection Act prohibits private employers from requiring lie detector tests, but there are a few exceptions. Policies dictating methods for marking and safeguarding company-sensitive information (e.g. "IBM Confidential") are common and some companies have more than one level. Such information is protected under trade secret laws. New product development teams are often sequestered and forbidden to share information about their efforts with un-cleared fellow employees, the original Apple Macintosh project being a famous example. Other activities, such as mergers and financial report preparation generally involve similar restrictions. However, corporate security generally lacks the elaborate hierarchical clearance and sensitivity structures and the harsh criminal sanctions that give government classification systems their particular tone.
Traffic Light Protocol
The Traffic Light Protocol was developed by the G8 countries to enable the sharing of sensitive information between government agencies and corporations. This protocol has now been accepted as a model for trusted information exchange by over 30 other countries. The protocol provides for four "information sharing levels" for the handling of sensitive information.
- Economic Espionage Act of 1996 (U.S.)
- Espionage Act of 1917 (U.S.)
- Freedom of information legislation
- Government Security Classifications Policy (UK)
- Illegal number
- Official Secrets Act (UK, India, Ireland, Malaysia, New Zealand)
- Security of Information Act (Canada)
- State Secrets Privilege (US)
- Wassenaar Arrangement
- "United States Cryptologic History: Attack on a Sigint Collector, the U.S.S. Liberty". Nsa.gov. Retrieved 2012-11-14.
- Burn Before Reading, Stansfield Turner, 2006
- Classified Information in Woodward’s “Obama’s Wars”, September 29, 2010, Jack Goldsmith, Lawfare, via stephenkim.org
- Defense Technical Information Center (April 1997). "DoD Guide to Marking Classified Documents". dtic.mil.
- Federation of American Scientists j (June 8, 2013). "Chapter 7. CLASSIFICATION LEVELS". fas.org.
- Washington Post: A hidden world, growing beyond control, Dana Priest, William Arkin
- Atomic Energy Commission's Declassification Review of Reports on Human Experiments and the Public Relations and Legal Liability Consequences, presented as evidence during the 1994 ACHRE hearings.
- Section 1.7 (1) and (2).
- United States Coast Guard. "E-PME Enlisted PROFESSIONAL MILITARY EDUCATION Reporting Unsecured and Securing Classified Material 4.G.03". uscg.mil.
- George Washington University. "ATTACHMENT 2 AR 320-5, CLASSIFICATION OFC. Army Regulations (1936)". gwu.edu.
- Government Security Classifications April 2014. HMG Cabinet Office. October 2013 Version 1.0.
- Ball, James (6 September 2013). "Explaining the latest NSA revelations – Q&A with internet privacy experts". The Guardian newspaper. Retrieved 7 September 2013.
- "306652_CM6554" (PDF). Archived from the original on 2005-05-25. Retrieved 2012-11-14.
- Information security management guidelines (PDF), Attorney-General’s Department, 18 July 2011, archived from the original on 4 May 2013
- Security of Information Act, Wayback machine archive
- "Industrial Security Services - Frequently Asked Questions". Public Works and Government Services Canada. Government of Canada. Retrieved 8 November 2012.
- Non-Insured Health Benefits Program Privacy Code
- Security Policy - Manager's Handbook[dead link]
- Confidences of the Queen's Privy Council for Canada
- Standing Committee of the National People's Congress, "Law on Guarding State Secrets" (中华人民共和国保守国家秘密法), promulgated 1988 and effective 1989.
- Translation per Human Rights in China, State Secrets: China's Legal Labyrinth, (2007).
- Article 413-9, Legifrance
- [dead link]
- LCQ3: Equal Opportunities Commission[dead link]
- "Penal Code of Romania, art. 150". Retrieved January 28, 2013.
- "Law no. 182/2002 on protection of classified information". Retrieved January 28, 2013.
- "Penal Code of Romania, art. 157". Retrieved January 28, 2013.
- "[ARCHIVED CONTENT] Understanding the Security Policy Framework & frequently asked questions". Cabinetoffice.gov.uk. Retrieved 2012-06-01.
- "wetten.nl - Wet- en regelgeving - Besluit voorschrift informatiebeveiliging rijksdienst – bijzondere informatie - BWBR0016435" (in (Dutch)). Wetten.overheid.nl. Retrieved 2013-07-04.
- [dead link]
- "Employment Background Checks: A Jobseeker's Guide | Privacy Rights Clearinghouse". Privacyrights.org. Retrieved 2011-12-12.
- "Development of Policies for Protection of Critical Information Infrastructures". Cecd.ord. Retrieved 2012-11-14.
- "'Re: OpenSSH security advisory: cbc.adv' - MARC". Marc.info. Retrieved 2011-12-12.
- US "NISPOM" manual, explaining rules on classified information among other things - full title is "National Industrial Security Program Operating Manual".
- Marking Classified National Security Information ISOO booklet PDF
- Defence Vetting Agency. Carries out national security checks in the UK.
- Los Alamos table of equivalent US and UK classifications
- The Black Vault - a database of more than a half million declassified pages on many different topics, all acquired through the FOIA
- The National Security Archive - a collection of declassified documents acquired through the FOIA
- Lerner, Brenda Wilmoth & K. Lee Lerner, eds. Terrorism: essential primary sources. Thomson Gale, 2006. ISBN 978-1-4144-0621-3 Library of Congress. Jefferson or Adams Bldg General or Area Studies Reading Rms LC Control Number: 2005024002.
- Peter Galison, Removing Knowledge in Critical Inquiry n°31 (Autumn 2004)
- Parlament of Serbia, Law on confidentiality of data. (Serbian)
- Parlament of Montenegro, Law on confidentiality of data. (Serbian)