Under ICD 701, Senior Officials of the Intelligence Community (SOICs) are to promptly notify the Director of National Intelligence (DNI) and, if appropriate, law enforcement authorities of any actual or suspected unauthorized disclosure of classified information, including any media leak, that is likely to cause damage to national security interests, unless the disclosure is the subject of a counterespionage or counterintelligence investigation. Disclosures to be reported include:
- Unauthorized disclosure to an international organization, foreign power, agent of a foreign power, or terrorist organization;
- National intelligence activities or information that may be at risk of appearing in the public media, either foreign or domestic, without official authorization;
- Loss or compromise of classified information that poses a risk to human life;
- Loss or compromise of classified information that is indicative of a systemic compromise;
- Loss or compromise of classified information storage media or equipment;
- Discovery of clandestine surveillance and listening devices;
- Loss or compromise of classified information revealing U.S. or a foreign intelligence partner's intelligence operations or locations, or impairing foreign relations;
- Such other disclosures of classified information that could adversely affect activities related to US national security; and
- Loss or compromise of classified information revealing intelligence sources or methods, US intelligence requirements, capabilities and relationships with the US Government.
Upon determining that a compromise meeting the above reporting criteria has or may have occurred, the SOIC is required promptly to report it to the DNI, through the Special Security Center (SSC), and to any other element with responsibility for the material at issue. The SOIC is then required to provide updated reports as appropriate (or as directed). This process occurs in tandem with any required reporting to law enforcement authorities.
The required formal notification to the DNI is to include a complete statement of the facts, the scope of the unauthorized disclosure, sources and methods that may be at risk, the potential effect of the disclosure on national security, and corrective or mitigating actions. SOICs are further required to identify all factors that contributed to the compromise of classified information and take corrective action or make recommendations to the DNI.