Government & Classified Information

Understanding why classified information and CUI must never enter commercial LLM systems

Classified national security information and Controlled Unclassified Information (CUI) must NEVER be transmitted to commercial LLM services, regardless of the vendor's security certifications. Even FedRAMP High authorization does not permit processing classified information. Understanding these restrictions is critical for government contractors, cleared personnel, and agencies handling sensitive government data.

⚠️ Severe Consequences

Unauthorized disclosure of classified information can result in: loss of security clearance, criminal prosecution (Espionage Act, 18 U.S.C. §§ 793-798), imprisonment up to life, facility clearance revocation, and contract termination. For CUI violations: civil penalties, suspension/debarment from government contracts, and mandatory incident reporting.

1

U.S. Classification Levels

Executive Order 13526 establishes three classification levels for national security information:

TOP SECRET

HIGHEST LEVEL

"Exceptionally grave damage" to national security if disclosed.

Examples: Intelligence sources/methods, war plans, weapons of mass destruction designs, most sensitive diplomatic communications

SECRET

"Serious damage" to national security if disclosed.

Examples: Operational plans, cryptographic information, significant intelligence reports, advanced military technology

CONFIDENTIAL

"Damage" to national security if disclosed.

Examples: Some military operational information, law enforcement investigative techniques, certain diplomatic cables

❌ NEVER Send to Commercial LLMs

Classified information at ANY level (Confidential, Secret, Top Secret) cannot be processed on commercial LLM systems, period. Even:

  • With FedRAMP High authorization (insufficient for classified)
  • With vendor assurances of "military-grade encryption" (irrelevant)
  • If you anonymize/paraphrase it (still classified derivative)
  • For "just research purposes" (unauthorized disclosure is unauthorized disclosure)
2

Controlled Unclassified Information (CUI)

CUI is unclassified information that requires safeguarding or dissemination controls per law, regulation, or government policy. The CUI Program (32 CFR Part 2002) standardizes how executive branch agencies handle CUI.

CUI Categories (120+ total)

Common CUI categories include:

  • Controlled Technical Information (CTI)
  • Export Controlled Information
  • For Official Use Only (FOUO)
  • Law Enforcement Sensitive (LES)
  • Sensitive Security Information (SSI)
  • Critical Infrastructure Security Information
  • Privacy Information (PII under specific laws)
  • Proprietary Business Information
  • Procurement Sensitive Information
  • Tax Information (IRS-provided)
  • Legal Privileges/Attorney Work Product
  • Health Information (under specific contexts)

⚠️ CUI Marking Requirements

CUI must be marked with banner markings at top and bottom of documents:

CUI

or

CUI//SP-PRVCY//SP-CTI

(with specific category markings)

If you see CUI markings on a document, it has handling requirements and likely cannot go to commercial LLMs without specific authorization.

3

Requirements for Government Contractors

Government contractors handling classified information or CUI must comply with strict requirements:

NISPOM (National Industrial Security Program Operating Manual)

Governs how contractors safeguard classified information. Key requirements:

  • Facility Clearance: Company must have appropriate facility security clearance
  • Cleared Personnel: Only employees with appropriate clearance and need-to-know can access
  • Approved Systems: Classified data must be processed only on accredited systems (SIPRNET, JWICS, standalone systems)
  • Air Gap: Classified systems physically separated from unclassified networks
  • Incident Reporting: All security incidents must be reported to government security officer

Commercial internet-connected LLM services do NOT meet NISPOM requirements for processing classified information.

DFARS 7012 (CUI Safeguarding for Defense Contractors)

Defense contractors must implement NIST SP 800-171 controls for CUI. Requirements:

  • 110 security controls across 14 families (Access Control, Audit & Accountability, etc.)
  • Covered Defense Information (CDI) must be protected on contractor systems
  • Cyber incident reporting within 72 hours if CUI affected
  • Flow-down requirements to subcontractors

CMMC (Cybersecurity Maturity Model Certification)

Starting 2025, defense contractors must achieve CMMC certification. Three levels:

  • CMMC Level 1: Basic cyber hygiene (FAR 52.204-21 controls)
  • CMMC Level 2: NIST SP 800-171 implementation (110 controls) - required for CUI
  • CMMC Level 3: Advanced/persistent threats (subset of NIST SP 800-172)

Commercial LLM vendors typically do NOT have CMMC certification, and cannot be used for processing CUI unless specifically authorized.

4

Authorized Alternatives for Classified/CUI Work

If you need AI/LLM capabilities for classified or CUI work, these are the ONLY authorized approaches:

✅ 1. Government-Operated LLMs on Classified Networks

Some agencies are deploying LLMs on isolated classified networks (SIPRNET, JWICS):

  • Hosted entirely within classified environment (air-gapped from internet)
  • Models trained only on publicly available or declassified data
  • No data leaves the classified network
  • Must be authorized by agency Chief Information Officer and security officer

✅ 2. On-Premises Models in Accredited Facilities

Contractors with facility clearances can run open-source models on accredited systems:

  • Deploy open-source LLMs (Llama, Mistral) on premises
  • System must be accredited for the appropriate classification level
  • Must meet NISPOM/NIST SP 800-171 requirements
  • No internet connectivity; all processing local

✅ 3. IL5/IL6 Cloud Environments (Secret/Top Secret)

For classified work, use DoD Impact Level 5/6 cloud:

  • AWS Secret Region: For SECRET data; isolated from commercial AWS
  • Azure Government Secret: SECRET-level Azure regions
  • C2S (AWS Commercial Cloud Services): For IC (Intelligence Community) at SECRET
  • LLM capabilities may be available but must be specifically authorized

✅ 4. De-Classify or Downgrade Information First

If possible, work with unclassified versions of information:

  • Request declassification review from Original Classification Authority (OCA)
  • Create unclassified summaries or abstracts (reviewed and approved)
  • Use publicly available information that addresses similar topics
  • Work with non-CUI data when possible (directory info, public research, etc.)
5

Safe LLM Use Cases for Government Work

Commercial LLMs CAN be used for unclassified, non-CUI government work with FedRAMP authorization:

✅ Public-Facing Communications

Draft press releases, public FAQs, social media posts, website content intended for public disclosure.

✅ Policy Research (Public Sources)

Analyze publicly available laws, regulations, Congressional testimony, and academic research.

✅ Training Materials Development

Create training modules, orientation guides, and educational content using only unclassified information.

✅ Open Source Research

Summarize publicly available news, academic papers, and industry reports on technology trends.

Best Practices for Government Personnel

DO

  • Verify FedRAMP authorization before using any LLM service for government work
  • Check for CUI markings on documents before processing with any external service
  • Report any suspected unauthorized disclosure immediately to your security officer
  • Use government-approved systems for classified work (SIPRNET, JWICS, accredited standalone)
  • Maintain separation between classified and unclassified work environments

DON'T

  • Send classified information to any commercial LLM service, ever, regardless of security claims
  • Paraphrase or summarize classified information thinking it becomes unclassified (derivatives are classified)
  • Use consumer LLMs (ChatGPT, Claude.ai) for CUI or government work without FedRAMP authorization
  • Assume encryption alone makes it safe to send CUI to commercial services
  • Mix classified and unclassified work on the same device or network

Need Help with Government AI Compliance?

We can help your agency or contractor organization safely implement LLMs while maintaining compliance with classification, CUI, NISPOM, and CMMC requirements.

Schedule a Consultation