Journalists aren’t usually invited to online chats about US war plans. This seemed obvious until yesterday, when Atlantic editor Jeffrey Goldberg published his article about being a lurker in an online chat with US Secretaries of State, Defense, and Treasury, plus the VP and the Director of National Intelligence. The plans led to a US attack against Houthi rebels in Yemen on March 15, 2025.
[Update 7 April 2025: the acting Inspector General (IG) of the DOD has started an inquiry into the incident and whether or not any DOD policies or regulations were violated. The current presidential administration fired Inspectors General all across the federal government; I’m impressed that the DOD’s bureaucratic momentum automatically installed an acting IG. As described in a recently released letter, the IG’s inquiry was prompted by questions from Congress.]
This incident poses two questions:
- Did anyone break the law?
- If so, whom?
There are three kinds of people involved in this incident:
- Senior federal officials (“principals”) who have broad authority over sensitive national defense information
- Less-senior officials who are authorized to use sensitive national defense information
- A journalist with no particular authorization to use sensitive national defense information
Defense Information and Espionage
When cabinet officials talk about war plans, their words are “national defense information” whether the words are classified information or not. These days, most national defense information is classified and marked as Confidential, Secret, or Top Secret. Classified information lives in controlled environments protected by alarms, guards, thick walls, combination locks, and military grade encryption.
All national defense information, classified or not, falls under the Espionage Act (18 US Code, Chapter 37, paragraph 793). “Section a” of the act prohibits obtaining national defense information “with the intent or reason to believe” it will be used “to the injury of the United States, or to the advantage of any foreign nation”. “Section f” applies to federal officials entrusted with such information: those who “through gross negligence permits the same to be removed from its proper place of custody or delivered to anyone in violation of his trust” are likewise guilty of espionage.
The chat took place using Signal, a highly respected message encryption app available on smartphones. Signal is about as close as most civilians will get to military grade security. All messages use end to end encryption in which messages are only decrypted by the sending and receiving smartphones. No one else should be able to read the messages whether they travel by cell phone or Internet or both.
While Signal is a respected app for civilians, it isn’t approved for handling classified information. The federal government has spent billions of dollars to protect classified information. The procedures evolved during the Cold War, when a leak about our nuclear weapons might have really led to the nation’s destruction. Officials are supposed to use classified or “high side” equipment and systems for conversations on sensitive defense topics, like a planned attack.
Did the Journalist Break the Law?
The journalist’s article emphasizes his suspicions about the chat. While he “hoped” he was talking to genuine officials, he also suspected the chat was an elaborate hoax intended to embarrass both him and the Atlantic magazine. In an interview he placed the likelihood of it being a hoax as high as 70% before the bombs were falling in Yemen.
The article treads carefully in what it actually says. When the principals nominated their representatives for the Houthi working group, they were all identified by name and title, except one. The journalist said that the group representative for the Director of National Intelligence was an active intelligence officer. It would have been a crime to name an active intelligence officer (see another post).
The article did not appear until a few days after the Yemen attack; it would have been a crime to share attack details before the attack occurred. Even after the attack, the journalist was careful not to provide too many details about the attack plans. The structure and form of such plans may be sensitive themselves.
The journalist was not a government official or outside consultant with a security clearance. Therefore, Section f of the Espionage Act does not apply.
I don’t know enough about the law to know if an aggressive prosecutor could turn this into an indictment or trial, but a conviction seems very unlikely.
Did Principals Break the Law?
While principals have taken part in similar security breaches, I know of no case where one was prosecuted. The nearest example comes from the Clinton presidency when the Director of Central Intelligence John Deutch used household computing equipment to handle intelligence data. Deutch agreed to plead to a misdemeanor for mishandling government secrets, but was pardoned by President Clinton before the case was filed.
Principals play a fundamental role in identifying sensitive national defense information. They all serve as “classification authorities” who can classify or declassify information under their control.
Did Less-Senior Officials Break the Law?
The problem is less clear for less-senior officials. Here is an oft-repeated Washington saying:
I disclose,
You leak,
He, she, it commits a criminal act of espionage.
In other words, some people are authorized to release sensitive information, some can do it and get away with it, while others do it at their peril.
The journalist was invited to the chat by the President’s National Security Advisor, Michael Waltz. While Waltz chairs the “Principals Committee” made up of cabinet officials, he is not himself a true cabinet officer. He was appointed by the President and did not require Senate confirmation.
Towards the end of his article, the journalist theorizes about which group chat participants may have violated the Espionage Act. Waltz may be in the worst position, since he initiated the group chat and invited the journalist, presumably by accident.
By initiating the group chat on Signal, Waltz arguably violated “Section f” of the Espionage Act. He allowed national defense information to be “to be removed from its proper place of custody or delivered to anyone in violation of his trust” (quoting the Espionage Act).
Assuming Waltz didn’t intent to invite the journalist to the chat, the chat participants had no “intent or reason to believe” they were sharing national defense information with an unauthorized person. But this doesn’t get them off the hook. The government officials used an unauthorized app to share sensitive national defense information, which removes the information “from its proper place of custody … in violation of his trust” (quoting the Espionage Act).
I’m willing to believe that the new administration’s national security team didn’t really understand military and intelligence security procedures. Few of them had real experience in the defense and intelligence communities. These people had at most two months to learn their jobs. It took me two years to appreciate the subtleties of the security measures used to protect defense and intelligence secrets.
Cryptosmith 
Responses
[…] *** This is a Security Bloggers Network syndicated blog from Cryptosmith authored by Rick. Read the original post at: https://cryptosmith.com/2025/03/25/war-plan-chat-includes-journalist/ […]
LikeLike
[…] *** This is a Security Bloggers Network syndicated blog from Cryptosmith authored by Rick. Read the original post at: https://cryptosmith.com/2025/03/25/war-plan-chat-includes-journalist/ […]
LikeLike