The IT Law Wiki


A Special Access Program (SAP) is

[a] program established for a specific class of classified information that imposes safeguarding and access requirements that exceed those normally required for information at the same classification level.[1]
any program imposing need-to-know or access controls beyond those normally required for access to Confidential, Secret, or Top secret information. Such a program includes, but is not limited to, special clearance of investigative requirements, special designation of officials authorized to determine need-to-know, or special lists of persons determined to have a need-to-know.[2]


Army Regulation 380–381, "Special Access Programs"[3] provides the following examples of SAPs: (1) a specific technology with potential for weaponization that gives the United States a significant technical lead or tactical advantage over potential adversaries; (2) sensitive technology that is especially vulnerable to foreign intelligence exploitation without special protection; (3) an emerging technology, proposed operation, or intelligence activity risking the compromise of other SAPs; (4) exposure of sensitive activities that could jeopardize the lives of U.S. citizens; (5) a capability that is so unique or sensitive that it requires protection beyond normal procedures; (6) an extremely sensitive activity requiring special protection from disclosure to prevent significant damage to national security or the reputation or interests of the United States; (7) methods used to acquire foreign technology or equipment; and (8) sensitive support to DOD and non-DOD agencies.