For those in this thread that are confused what the tech companies could be looking for with these cleared people, let me give you an example. I used to work for a company that ran DNS services for public utilities i.e. "critical infrastructure". Every week we would get a classified list of "bad" domains (usually domains that malware would phone home to) from a 3 letter agency and we would notify the utilities if we saw any DNS requests for those domains from any of their computers. Only cleared personnel were allowed to see the list or touch any of the computers that saw the list in any way.
A tech company that wanted to work with a 3 letter agency to see such a list in order to protect their own infrastructure would need cleared personnel and a SCIF (the windowless air-gapped rooms that cleared people work from) to even talk to the agency about a list.
A tech company that wanted to work with a 3 letter agency to see such a list in order to protect their own infrastructure would need cleared personnel and a SCIF (the windowless air-gapped rooms that cleared people work from) to even talk to the agency about a list.