Special Access Programs (SAPs) in the U.S. Federal Government are security protocols that provide highly classified information with safeguards and access restrictions that exceed those for regular (collateral) classified information. SAPs can range from black projects to routine but especially-sensitive operations, such as COMSEC maintenance or Presidential transportation support. In addition to collateral controls, a SAP may impose more stringent investigative or adjudicative requirements, specialized nondisclosure agreements, special terminology or markings, exclusion from standard contract investigations (carve-outs), and centralized billet systems. Within the Department of Defense, SAP is better known as “SAR” by the mandatory Special Access Required (SAR) markings.
Types and categories
Two types of SAP exist—acknowledged and unacknowledged. The existence of an acknowledged SAP may be publicly disclosed, but the details of the program remain classified. An unacknowledged SAP (or USAP) is made known only to authorized persons, including members of the appropriate committees of the United States Congress. Waived SAPs are a subset of unacknowledged SAPs in the Department of Defense. These SAPs are exempt by statutory authority of the Secretary of Defense from most reporting requirements and, within the legislative branch, the only persons who are required to be informed of said SAPs are the chairpersons and ranking committee members of the Senate Appropriations Committee, Senate Armed Services Committee, House Appropriations Committee, and the House Armed Services Committee. Oftentimes, this notification is only oral.
There are three categories of SAPs within the Department of Defense:
- Acquisition SAPs (AQ-SAPs), which protect the “research, development, testing, modification, and evaluation or procurement” of new systems;
- Intelligence SAPs (IN-SAPs), which protect the “planning and execution of especially sensitive intelligence or CI units or operations”;
- Operations and Support SAPs (OS-SAPs), which protect the “planning, execution, and support” of sensitive military activities.
Only the Director of National Intelligence may create IN-SAPs. Sensitive Compartmented Information (SCI) control systems may be the most well-known intelligence SAPs. The treatment of SCI is singular among SAPs, and it seems there is some disagreement within the government as to whether or not SCI is a SAP. Defense Department sources usually state that it is, and at least one publication refers to a separate SCI-SAP category alongside the three listed above. The Intelligence Community, drawing on the DNI’s statutory responsibility to protect intelligence sources and methods, finds a legal basis for SCI separate from that of SAPs, and consequently consider SCI and SAPs separate instances of the more general controlled access program.
SAP documents require special marking to indicate their status. The words SPECIAL ACCESS REQUIRED, followed by the program nickname or codeword, are placed in the document’s banner line.
Abbreviations may be used for either element. Portion markings use SAR and the program’s abbreviation. For example, a secret SAP with the nickname MEDIAN BELL would be marked SECRET//SPECIAL ACCESS REQUIRED-MEDIAN BELL. Portions would be marked (S//SAR-MB).
Multiple SAPs are separated by slashes.
Compartments within SAPs may be denoted by a hyphen, and are listed alphanumerically. Subcompartments are separated by spaces, and are also listed alphanumerically. Markings do not show the hierarchy beyond the sub-compartment level. Sub-sub-compartments are listed in the same manner as sub-compartments. A more complex banner line with multiple SAPs and subcompartments might read TOP SECRET//SAR-MB/SC-RF 1532-RG A691 D722.
Older documents used different standard for marking. The banner line might read SECRET//MEDIAN BELL//SPECIAL ACCESS REQUIRED, and the portion marking would read (S//MB). Other variations move the special access warning to a second line, which would read MEDIAN BELL Special Control and Access Required (SCAR) Use Only or some other phrase directed by the program security instructions.
SAP access ergo policy on classified security categories de facto is understood informally as described as those who need to know have access, access is “on a need to know basis”. A SAP can only be initiated, modified, and terminated within their department or agency; the Secretary of State, Secretary of Defense, Secretary of Energy, Secretary of Homeland Security, the Attorney General, the Director of National Intelligence; their principal deputies (e.g. the Deputy Secretary of State in DoS and the Deputy Secretary of Defense in DoD); or others designated in writing by the President. These offices are better known as ‘classification authorities.’ They retain the right to declassify or revise classification levels.
The following national or international SAPs, unless otherwise noted, are identified in 32 CFR 154.17:
- Sensitive Compartmented Information (SCI), national intelligence information concerning sources and methods which is protected by control systems defined by the Director of National Intelligence. Note that SCI markings are separate from those of other SAPs.
- Single Integrated Operational Plan-Extremely Sensitive Information (SIOP-ESI, replaced by NC2-ESI), the national plan for nuclear war. Note that SIOP-ESI was listed among non-IC dissemination control markings on classified documents, not with other SAPs.
- Presidential support activities
- Nuclear Weapon Personnel Reliability Program
- Chemical Personnel Reliability Program
- Access to North Atlantic Treaty Organization classified information at the staff level
- DOD 5200.1-R, 1997, p. 86
- 10 USC 119
- “Commission on Protecting and Reducing Government Secrecy”.
- “Hearing before the Select Committee on Intelligence” (PDF).
- AR 380-381, 2004, p. 11
- 32 CFR 154.17 and NISPOM, 2006, p. 9-3-1
- AR 380-5, 2000, p. 11
- DCID 3/29, 1995
- Authorized Classification and Control Markings Register v1.2, p. 9
- Intelligence Community Authorized Classification and Control Markings Register and Manual, v5.1, p. 67-68
- For the aforementioned notional MEDIAN BELL program, and the RED FAN 1532 and RED GLUE A691 and D722 sub-compartments of the notional SPACKLE CEILING program. It is possible that A691 is a sub-sub-compartment of D722, or vice versa.
- AR 380-5, 2000, p. 221
- AR 380-381, 2004, p. 37
- F.A.S. – Intelligence and Security Doctrine published by the Federation of American Scientists [Retrieved 2015-12-13]
- Executive Order 13526
- United States Code, 2006, V. 4, Title 8, Aliens and Nationality, to Title 10, Armed Forces, Sections 101-1805 –(p.593) printed by U.S. Government Printing Office [Retrieved 2015-12-12]
- AR 380-67, 1988, p. 17
- 32 CFR 154.17, 2010
- AR 380-5, Department of the Army Information Security Program, 29 September 2000
- AR 380-67, Personnel Security Program, 9 September 1988
- AR 380-381, Special Access Programs (SAPs) and Sensitive Activities, 21 April 2004
- Authorized Classification and Control Markings Register Version 1.2, 12 May 2008
- DCID 3/29, Controlled Access Program Oversight Committee, 2 June 1995
- DOD 5220.22-M, National Industrial Security Program Operating Manual (NISPOM), 28 February, 2006
- DODD 5200.1-R, Information Security Program, January 1997
- EO 13526, Classified National Security Information, 29 December 2009
- Intelligence Community Authorized Classification and Control Markings Register and Manual v5.1, 30 March 2012[permanent dead link]
- News and discussion forum for historical Special Access Programs
- DOD 5205.11 Instructions – Management, Administration, and Oversight of DoD Special Access Programs, 6 February 2013
- DOD 5205.07 Directive – Special Access Program (SAP) Policy, 1 July 2010
- In search of the Pentagon’s billion dollar hidden budgets, Jane’s Information Group, 5 January 2000