“Eyes Only” Security Marking

Occasionally in the news (and more often in spy fiction) people toss around super-secret documents marked “Eyes Only.” The United Kingdom and Canada use “Eyes Only” to indicate specific countries with whom a particular document may be shared. “UK Eyes Only,” for example, means that the document is only distributed within the UK and not to other countries. The marking may also have a list of countries, often the “five eyes.” The US has traditionally used other markings like REL TO (release to) or NOFORN (no foreign dissemination) for this purpose.

Classified document markings are treated seriously, and government agencies have published explicit definitions of them. I can’t find a recent definition for “Eyes Only” as used in the United States. The only definition I’ve found dates from 1974:

c. Eyes Ony Messages.-A privacy communication from one named individual to another individual. Delivery of this type of message is restricted to the named addressee or to those personnel (contacts) the addressee has authorized to receive such messages. No further dissemination is permitted unless so directed by addressee or authorized member of his staff.

Defense Intelligence Agency, Special Operations Branch Office Procedure No. 35-2, January 13, 1974 (quoted from a Senate hearing transcript from later that year).

I’ve also seen discussions where “Eyes Only” was interpreted to mean “don’t make copies of this.” This isn’t consistent with the Eyes Only procedure described above. The published procedure describes no such restrictions on handling such messages. Moreover, the Senate hearing (noted above) included testimony by a communications clerk describing how all messages are typed up on multipart forms. On numerous occasions the clerk retained a copy of “Eyes Only” messages directed to the President or to Henry Kissinger and forwarded them to the Chairman of the Joint Chiefs of Staff. He testified that he was ordered to do so.

Note that the Defense Intelligence Agency had procedures for handling “Eyes Only” traffic. There was no evidence presented that the White House also had such procedures. Without documented procedures, “Eyes Only” is an optimistic statement, not a security marking.

In a more recent example, a 2017 Washington Post article describes how President Obama received an “Eyes Only” document from the CIA describing Russian election interference. The document was hand-delivered by courier and addressed exclusively to the President and three senior aides. CIA director John Brennan considered the information so sensitive that it was omitted from the President’s Daily Brief (already a classified document). All discussions on the topic were restricted to the White House Situation Room to guard against leaks.

DevOps Unbound Podcast

A final example comes from the legal profession. Judges often issue secrecy orders when a legal dispute involves proprietary or otherwise sensitive information. Some secrecy orders require information be treated as “Attorneys’ Eyes Only.” Those cases allow the opposing side’s attorney to see proprietary information, but does not allow their client to see the information.

*** This is a Security Bloggers Network syndicated blog from Cryptosmith authored by cryptosmith. Read the original post at:

Integrated Security Data PulseMeter

Step 1 of 7

What percentage of your organization’s security data is integrated into a SIEM or data repository you manage? (Select one)(Required)