| ® | Raider of the Inner Sanctum | 75 To guard against this, the NSA has developed a well-organized system for stratifying its data so that obtaining critical secrets required a rogue employee to burrow into its heavily protected inner sanctum. As part of this system, the NSA divides its data into differ- ent tiers depending on the importance of the secrets to its operations. The first tier, Level 1, is mainly administrative material. This data would include FISA court orders and other directives its employees might need to check on to carry out their tasks. Level 2 contains data from which the secret sources have been removed. This tier, available to other intelligence services and policy makers, includes reports and analysis that can be shared. Level 3 contains documents that cannot be shared outside a small group of authorized individu- als, because they disclose the secret sources through which the NSA surreptitiously obtained the information. This third tier includes, for example, compiled lists of sources in China, Russia, Iran, and other adversary countries. It also discloses the exotic methods the NSA uses to get some of this data. Level 3 documents also include reports on specific NSA, CIA, and Pentagon operations unknown to © adversaries. These Level 3 documents are described by NSA execu- ® tives as “the Keys to the Kingdom,” because they could invalidate America’s entire intelligence enterprise if they fell into the hands of an adversary. And, as far as is known, prior to 2013, there had been no successful theft of any Level 3 documents. Because of their extreme sensitivity, Level 3 documents were not handled by most of the private firms providing independent contrac- tors. At Dell, Snowden had access mainly to Level 1 and Level 2 data (which he could, and did, download from shared sites on NSANet). These lower-level documents had whistle-blowing potential because they concerned NSA operations in the United States. They did not reveal, however, sources