On Wednesday morning, a group of Republican Members of Congress led by Rep. Matt Gaetz “stormed” the Sensitive Compartmented Information Facility (SCIF) where the House Intelligence, Oversight and Reform, and Foreign Affairs Committees were conducting a scheduled deposition of Laura Cooper, the deputy assistant secretary of defense for Russia, Ukraine and Eurasia, as part of the impeachment inquiry. In doing so, many of them took their electronic devices, such as cell phones, into the SCIF. That is a fundamental breach of security and forces the Intelligence Committee to conduct a sweep of the SCIF to ensure that it has not been compromised. As of this writing, many members of Congress are still in the SCIF, although some or all of their devices appear to have been removed.
Because this is a fast-developing story, I will present the necessary information in a Q&A format for ease of reading.
What is a SCIF?
A SCIF is a secure facility – generally a room, but sometimes as large as an entire building – where classified information, including the highly classified level called Sensitive Compartmented Information (SCI), can be stored and accessed. Unescorted entry into a SCIF is restricted to only those people who have been approved by the executive branch – generally the CIA or Office of the Director of National Intelligence for Congressional staff – for access to SCI, as well as those few individuals who do not require security clearances to access such information, such as Members of Congress.
SCIFs are specially designed to prevent electronic transmissions from entering or leaving. In the obvious sense, this means that a cell phone inside a SCIF will generally have no signal, but it also means that personal electronic devices are generally prohibited without specific permission to prevent any less direct transmission vectors, such as those described below.
Why are electronic devices prohibited?
Simply put, a cell phone or similar device (including even smart watches or hearing aids with bluetooth capability) can be hacked in such a way that it can collect or transmit signals to other devices within the SCIF, installing malware or collecting stray wireless transmissions, which can then be transmitted to the outside world once the device leaves the SCIF. Similarly, any device which can take a picture or record audio or video is prohibited, since it could be used – sometimes without the owner’s knowledge – to record information inside the SCIF. This is one of the reasons why any electronic device which has ever been left unattended outside the United States “shall not be reintroduced into a SCIF,” according to technical specifications established by the National Counterintelligence and Security Center.
How are the members of Congress sending tweets and messages from the SCIF?
Several members have tweeted updates, which appear on their face to be sent from within the SCIF. However, since the initial tweets, several of them have tweeted apparent clarifications claiming that the tweets were actually “being transmitted to staff for publication.” It is unclear how these messages are being sent to their staffs, although at least one member, Rep. Alex Mooney, has claimed that he is using a secure phone inside the SCIF. Even assuming that all the members are using the secure phone, it remains unclear how their staffers are receiving the calls, since secure phones can only call secure phones, and those are not common in Congress. Moreover, in the case of Rep. Mooney, even his use would be a security breach, since he apparently would have recorded and broadcast a phone call from a secure phone, which would include stray noises around him in the SCIF that might yield useful information to a sophisticated intelligence agency.
Additionally, it is unclear whether all of the electronic devices have been removed, and some journalists have reported that some members are refusing to relinquish them.
Can the members of Congress be penalized for this action?
As an initial matter, while there are criminal statutes that would otherwise come into play here, it is not useful to discuss them here because, under the Speech or Debate Clause of the U.S. Constitution, a member of Congress cannot be criminally prosecuted for an action he or she takes as part of the individual’s legislative work.
However, a member of Congress can definitely be censured by the House for violating a House Rule. In this case, the Parliamentarian has already determined that this action was a violation of the rules governing depositions.
Additionally, while it is unclear whether the House Security Policy Manual, which governs how SCIFs are operated, or similar documents constitute “rules” for which a violation can be penalized, it is a close-enough question that the Office of Congressional Ethics should investigate the matter. That office should pay close attention to claims like those made by House Minority Leader Kevin McCarthy that these members did not know any better, particularly in the case of lawmakers with an intelligence or military background or those who otherwise should be aware of security protocols because those standards would have been imparted to them by the security officer at the front desk before they entered the SCIF. At the very least, pleading ignorance rings hollow for any members who, after being told by the security officer and the Sergeant at Arms that they must surrender all electronic devices, still refused to do so.