The calculated risk taken by the United States and the UK in connection with the 2022 fullscale invasion of Ukraine represents a watershed moment in intelligence sharing doctrine. By publicly revealing detailed intelligence about Russian military preparations, these nations demonstrated an innovative approach to using intelligence for deterrence purposes. However, this evolution from ”need-to-know” to ”need-to-share” paradigms introduces complex challenges that extend far beyond traditional security considerations.
The Information Overload Paradox
The shift toward broader intelligence sharing occurs alongside an unprecedented explosion in information volume. Intelligence professionals now face what researchers term ”analysis paralysis,” where the sheer quantity of available data impedes effective decision-making. Studies indicate that knowledge workers spend 2.5 hours daily searching for information they need to perform their jobs, with constant interruptions occurring every three minutes. This information overload reportedly leads to a 27.1% increase in negative work-related emotions and significantly impairs cognitive processing capabilities.
In the intelligence context, this creates a fundamental tension: while sharing more broadly may improve collective security understanding, it can simultaneously overwhelm analysts with data they cannot effectively process. As one study notes, ”more information doesn’t necessarily lead to better decision-making and may actually obscure critical intelligence”. This challenge is particularly acute when time-sensitive decisions are required, such as during the early stages of military conflicts or terrorist threats.
The Expanding Security Landscape: From State Threats to Criminal Networks
As the definition of security widens to encompass organized crime and terrorism, intelligence sharing faces increasingly complex challenges. The crime-terror nexus has evolved far beyond simple financial relationships, encompassing ”access to specialized skill-sets and operational tactics that could help an illicit group reach their political or financial objectives more efficiently”. This expansion brings intelligence agencies into contact with vulnerable sources operating within local communities—individuals whose safety depends entirely on maintaining their anonymity.
Research demonstrates that terrorists increasingly benefit from organized crime through ”trafficking in arms, persons, drugs, cultural property, as well as money laundering and other financial crimes”. This convergence requires intelligence sharing between agencies that traditionally operated in separate domains: counter-terrorism units, organized crime departments, and local law enforcement. However, each domain carries different risk profiles for source protection.
The Vulnerability of Human Sources in Criminal Networks
The protection of sources becomes exponentially more difficult when intelligence operations target organized crime and terrorism networks embedded in local communities. Unlike stateto-state intelligence, which primarily involves professional intelligence officers operating under diplomatic cover, counter-crime intelligence relies heavily on civilians who maintain their regular lives while providing information. These sources face direct physical threats to themselves and their families if exposed.
Swedish research on organized crime vulnerability reveals how criminal networks exploit transparency mechanisms traditionally designed to prevent corruption. When intelligence about criminal operations is shared too broadly, it can inadvertently expose the methods through which information was obtained, potentially identifying sources even when their names are redacted. The Swedish government’s 2023 national strategy against organized crime acknowledges this challenge, emphasizing the need for agencies to ”have more possibilities to exchange information” while simultaneously strengthening protections against criminal infiltration.
GDPR and the Intelligence Sharing Dilemma
The General Data Protection Regulation creates additional complexity for intelligence sharing, particularly when operations involve organized crime and terrorism. While GDPR permits law enforcement authorities to share personal data when ”necessary and proportionate”, the regulation’s emphasis on individual privacy rights can conflict with operational security requirements. The UK ICO provides additional guidance on sharing personal data with law enforcement authorities.
The challenge becomes acute when intelligence involves what researchers term ”threat actor personal data”—information about individuals committing fraud or other crimes. Sharing such data broadly for intelligence purposes may require notifying the subjects of data collection, an action that would ”substantially undermine the value and purpose of sharing threat intelligence” and compromise ongoing investigations.
Legal scholars note that GDPR’s transparency requirements could theoretically require law enforcement to inform criminals that their data has been collected and explain how it is processed—a requirement that would ”undermine legitimate interests of fraud prevention, network and system security, and identifying criminal activities”. While exemptions exist under Article 14(5) when notification would ”render impossible or seriously impair” legitimate interests, applying these exemptions requires careful case-by-case analysis that can delay urgent intelligence sharing.
The Swedish Perspective: Balancing Expansion and Protection
The observation about ”nytt vin i gamla läglar” (new wine in old bottles) captures the central paradox of modern intelligence sharing. The traditional principle that ”the more threatening the situation, the more important it is to respect secrecy” (the classic Swedish concept of ”en svensk tiger”) exists in tension with the equally important need for optimal information sharing and cooperation to address hybrid and transnational threats.
However, the key insight lies in recognizing that the concept of ”need” itself has expanded rather than been abandoned. As threat landscapes broaden to encompass cyber warfare, disinformation campaigns, and crime-terror nexuses, the circle of those who ”need to know” has necessarily widened. This expansion is calibrated to match the breadth and complexity of modern threats.
The distinction between intelligence sharing between relevant actors and the need for public legitimacy represents different strategic objectives. Operational intelligence sharing serves immediate security needs, while public communication serves democratic accountability and societal resilience. Sweden’s establishment of the Psychological Defence Agency exemplifies this understanding—building societal resilience against disinformation while explicitly avoiding domestic surveillance.
Managing the Dual Challenge: Information Overload and Source Protection
The convergence of information overload and source protection challenges requires sophisticated management strategies:
Technological Solutions: Artificial intelligence and machine learning show promise for managing information overload by ”processing data, determining diagnoses, recommending treatments, and predicting outcomes”. However, AI implementation in intelligence analysis carries its own risks, particularly when systems process sensitive source information that could be exposed through data breaches or system compromises.
Compartmentalization with Flexibility: Rather than abandoning ”need-to-know” principles entirely, modern intelligence sharing requires dynamic compartmentalization that can rapidly expand or contract based on threat assessment and operational requirements. This approach maintains source protection while enabling broader sharing when circumstances warrant.
Risk-Calibrated Sharing Protocols: Different types of intelligence require different sharing protocols. Information about state-level threats may permit broader sharing than intelligence about local criminal networks where source exposure risks are higher. Swedish research emphasizes that ”early action is very important” in preventing criminal infiltration, requiring rapid information sharing while maintaining strict source protection.
Conclusion
The evolution from ”need-to-know” to ”need-to-share” reflects legitimate adaptation to modern threat environments, but this transformation must account for the dual challenges of information overload and vulnerable source protection. The calculated risks taken by the US and UK regarding Ukraine demonstrate the potential benefits of innovative intelligence use, but extending these approaches to organized crime and terrorism requires careful consideration of source vulnerability and information processing capabilities.
The Swedish insight about expanding the definition of ”need” rather than abandoning it entirely provides a framework for managing this evolution. As threats become more complex and transnational, the circle of those who need to know must expand, but this expansion must be calibrated and protected through sophisticated information management systems that can handle volume while protecting the most vulnerable sources of intelligence.
Success in this evolution requires distinguishing between operational intelligence sharing–which serves immediate security needs and must prioritize source protection—and broader societal communication strategies that serve democratic legitimacy and resilience building. Both are necessary, but they serve different purposes and require different approaches to information management and sharing protocols.