Defense policy law takes aim at the politics of security details

Mark Satter, CQ-Roll Call on Dec 24, 2025

By clicking submit, I authorize Arcamax and its affiliates to: (1) use, sell, and share my information for marketing purposes, including cross-context behavioral advertising, as described in our Privacy Policy , (2) add to information that I provide with other information like interests inferred from web page views, or data lawfully obtained from data brokers, such as past purchase or location data, or publicly available data, (3) contact me or enable others to contact me by email or other means with offers for different types of goods and services, and (4) retain my information while I am engaging with marketing messages that I receive and for a reasonable amount of time thereafter. I understand I can opt out at any time through an email that I receive, or by clicking here

WASHINGTON — A provision tucked into the fiscal 2026 National Defense Authorization Act restricts the Pentagon’s ability to quickly revoke protections for former officials who face security threats — an attempt by lawmakers to curb retaliatory moves like those carried out by President Donald Trump at the beginning of his second term.

The language still allows the defense secretary to make decisions about which former officials do or do not need security details after leaving their government jobs, but puts in place new timelines, assessments and notification requirements before security can be pulled.

The little-noticed provision comes after Trump, soon after taking office in January, revoked the security details of former government officials who had once worked for him but later became critics, including former national security adviser John Bolton, former Defense Secretary Mark Esper and former Joint Chiefs Chairman Gen. Mark Milley.

In the cases of at least Bolton and Esper, both men had previously been granted security details, paid for by the government, due to ongoing security threats from Iran. Esper led the Pentagon during the 2020 U.S. assassination of Iranian Gen. Qassem Soleimani and was believed to be a potential target for reprisals.

In August 2022, the Department of Justice charged an Iranian national and member of Iran’s Islamic Revolutionary Guard Corps named Shahram Poursafi in an alleged plot to murder Bolton. Then-President Joe Biden approved a security detail for Bolton.

The security details, at least some of which were provided by the Secret Service, were pulled with seemingly no warning after Trump returned to the White House in January 2025, leaving the former officials who had held some of the highest positions in the federal government to fend for themselves.

The provision in the NDAA, signed into law by Trump on Dec. 18, was a direct response to the reprisals.

“It was certainly motivated by a lack of information and responsiveness from the Defense Department on the decisions that were being made, and a need — on a bipartisan and bicameral basis — to clean that up,” said a source with direct knowledge of the provision’s origin.

Under existing legislation, the Defense secretary could review and extend protections for high-ranking former officials every six months at his or her discretion, and up to $15 million per fiscal year was available to reimburse former Defense officials who have had to use personal funds to cover security costs arising from their work in the Pentagon.

But the new law curbs the Defense secretary’s ability to act unilaterally, and requires that any decision to end protections for former officials must be justified in writing and backed by a threat assessment from an appropriate law enforcement, security or intelligence agency. It also requires the Pentagon chief to submit those determinations to the congressional defense committees within 15 days of them being made.

Should a security detail be pulled, the individual receiving that protection must be notified at least 90 days in advance.

And if a former official is denied reimbursement for a security detail, the Defense Department must explain why.