[Rushtalk] Insider Threat Program

Carl Spitzer winblows at lavabit.com
Sun Jul 7 19:39:17 MDT 2013


The Insider Threat Program is sweeping in its reach. It has received
scant public attention even though it extends beyond the U.S. national
security bureaucracies to most federal departments and agencies
nationwide, including the Peace Corps, the Social Security
Administration and the Education and Agriculture departments. It
emphasizes leaks of classified material, but catchall definitions of
“insider threat” give agencies latitude to pursue and penalize a range
bbThis McClatchy piece (written by some of the same people who got the
Iraq war run-up story so right while everyone else got it wrong) is as
chilling to me as anything we’ve heard over the past few weeks about the
NSA spying. In fact, it may be worse:

 Even before a former U.S. intelligence contractor exposed the secret
collection of Americans’ phone records, the Obama administration was
pressing a government-wide crackdown on security threats that requires
federal employees to keep closer tabs on their co-workers and exhorts
managers to punish those who fail to report their suspicions.

        President Barack Obama’s unprecedented initiative, known as the
        Insider Threat Program, is sweeping in its reach. It has
        received scant public attention even though it extends beyond
        the U.S. national security bureaucracies to most federal
        departments and agencies nationwide, including the Peace Corps,
        the Social Security Administration and the Education and
        Agriculture departments. It emphasizes leaks of classified
        material, but catchall definitions of “insider threat” give
        agencies latitude to pursue and penalize a range of other
        Government documents reviewed by McClatchy illustrate how some
        agencies are using that latitude to pursue unauthorized
        disclosures of any information, not just classified material.
        They also show how millions of federal employees and contractors
        must watch for “high-risk persons or behaviors” among co-workers
        and could face penalties, including criminal charges, for
        failing to report them. Leaks to the media are equated with
        “Hammer this fact home . . . leaking is tantamount to aiding the
        enemies of the United States,” says a June 1, 2012, Defense
        Department strategy for the program that was obtained by

When the free free press, explicitly protected in the bill of rights
becomes equivalent to an “enemy of the United States” something very,
very bad is happening.

The administration says it’s doing this to protect national security and
that it is willing to protect those who blow the whistle on waste, fraud
and abuse. But that is not how the effect of this sort of program is
going to be felt. After all, it’s being implemented across the federal
government, not just in national security:

        The program could make it easier for the government to stifle
        the flow of unclassified and potentially vital information to
        the public, while creating toxic work environments poisoned by
        unfounded suspicions and spurious investigations of loyal
        Americans, according to these current and former officials and
        experts. Some non-intelligence agencies already are urging
        employees to watch their co-workers for “indicators” that
        include stress, divorce and financial problems.
        “It was just a matter of time before the Department of
        Agriculture or the FDA (Food and Drug Administration) started
        implementing, ‘Hey, let’s get people to snitch on their
        friends.’ The only thing they haven’t done here is reward it,”
        said Kel McClanahan, a Washington lawyer who specializes in
        national security law. “I’m waiting for the time when you turn
        in a friend and you get a $50 reward.”
        The Defense Department anti-leak strategy obtained by McClatchy
        spells out a zero-tolerance policy. Security managers, it says,
        “must” reprimand or revoke the security clearances – a
        career-killing penalty – of workers who commit a single severe
        infraction or multiple lesser breaches “as an unavoidable
        negative personnel action.”
        Employees must turn themselves and others in for failing to
        report breaches. “Penalize clearly identifiable failures to
        report security infractions and violations, including any lack
        of self-reporting,” the strategic plan says.
        The Obama administration already was pursuing an unprecedented
        number of leak prosecutions, and some in Congress – long one of
        the most prolific spillers of secrets – favor tightening
        restrictions on reporters’ access to federal agencies, making
        many U.S. officials reluctant to even disclose unclassified
        matters to the public.
        The policy, which partly relies on behavior profiles, also could
        discourage creative thinking and fuel conformist “group think”
        of the kind that was blamed for the CIA’s erroneous assessment
        that Iraq was hiding weapons of mass destruction, a judgment
        that underpinned the 2003 U.S. invasion.

I don’t know about you, but that does not sound like freedom. In fact,
it sounds like something else entirely to me.

This government paranoia and informant culture is about as corrosive to
the idea of freedom as it gets. The workplace is already rife with petty
jealousies, and singular ambition— it’s a human organization after all.
Adding in this sort of incentive structure is pretty much setting up a
system for intimidation and abuse.

And, as with all informant systems, especially ones that “profile” for
certain behaviors deemed to be a threat to the state, only the most
conformist will thrive. It’s a recipe for disaster if one is looking for
any kind of dynamic, creative thinking. Clearly, that is the last these
creepy bureaucrats want.

This is the direct result of a culture of secrecy that seems to be
pervading the federal government under president Obama.  He is not the
first president to expand the national security state , nor is he
responsible for the bipartisan consensus on national security or the
ongoing influence of the Military Industrial Complex.This, however, is
different. And he should be individually held to account for this

        Administration officials say the program could help ensure that
        agencies catch a wide array of threats, especially if employees
        are properly trained in recognizing behavior that identifies
        potential security risks.
        “If this is done correctly, an organization can get to a person
        who is having personal issues or problems that if not addressed
        by a variety of social means may lead that individual to
        violence, theft or espionage before it even gets to that point,”
        said a senior Pentagon official, who requested anonymity because
        he wasn’t authorized to discuss the issue publicly.
        “If the folks who are watching within an organization for that
        insider threat – the lawyers, security officials and
        psychologists – can figure out that an individual is having
        money problems or decreased work performance and that person may
        be starting to come into the window of being an insider threat,
        superiors can then approach them and try to remove that stress
        before they become a threat to the organization,” the Pentagon
        official said.
        The program, however, gives agencies such wide latitude in
        crafting their responses to insider threats that someone deemed
        a risk in one agency could be characterized as harmless in
        another. Even inside an agency, one manager’s disgruntled
        employee might become another’s threat to national security.
        Obama in November approved “minimum standards” giving
        departments and agencies considerable leeway in developing their
        insider threat programs, leading to a potential hodgepodge of
        interpretations. He instructed them to not only root out leakers
        but people who might be prone to “violent acts against the
        government or the nation” and “potential espionage.”
        The Pentagon established its own sweeping definition of an
        insider threat as an employee with a clearance who “wittingly or
        unwittingly” harms “national security interests” through
        “unauthorized disclosure, data modification, espionage,
        terrorism, or kinetic actions resulting in loss or degradation
        of resources or capabilities.”
        “An argument can be made that the rape of military personnel
        represents an insider threat. Nobody has a model of what this
        insider threat stuff is supposed to look like,” said the senior
        Pentagon official, explaining that inside the Defense Department
        “there are a lot of chiefs with their own agendas but no
        The Department of Education, meanwhile, informs employees that
        co-workers going through “certain life experiences . . . might
        turn a trusted user into an insider threat.” Those experiences,
        the department says in a computer training manual, include
        “stress, divorce, financial problems” or “frustrations with
        co-workers or the organization.”
        An online tutorial titled “Treason 101” teaches Department of
        Agriculture and National Oceanic and Atmospheric Administration
        employees to recognize the psychological profile of spies.
        A Defense Security Service online pamphlet lists a wide range of
        “reportable” suspicious behaviors, including working outside of
        normal duty hours. While conceding that not every behavior
        “represents a spy in our midst,” the pamphlet adds that “every
        situation needs to be examined to determine whether our nation’s
        secrets are at risk.”
        The Defense Department, traditionally a leading source of media
        leaks, is still setting up its program, but it has taken
        numerous steps. They include creating a unit that reviews news
        reports every day for leaks of classified defense information
        and implementing new training courses to teach employees how to
        recognize security risks, including “high-risk” and “disruptive”
        behaviors among co-workers, according to Defense Department
        documents reviewed by McClatchy.
        “It’s about people’s profiles, their approach to work, how they
        interact with management. Are they cheery? Are they looking at
        Salon.com or The Onion during their lunch break? This is about
        ‘The Stepford Wives,’” said a second senior Pentagon official,
        referring to online publications and a 1975 movie about
        robotically docile housewives. The official said he wanted to
        remain anonymous to avoid being punished for criticizing the
        The emphasis on certain behaviors reminded Greenstein of her
        employee orientation with the CIA, when she was told to be
        suspicious of unhappy co-workers.
        “If someone was having a bad day, the message was watch out for
        them,” she said.
        Some federal agencies also are using the effort to protect a
        broader range of information. The Army orders its personnel to
        report unauthorized disclosures of unclassified information,
        including details concerning military facilities, activities and
        The Peace Corps, which is in the midst of implementing its
        program, “takes very seriously the obligation to protect
        sensitive information,” said an email from a Peace Corps
        official who insisted on anonymity but gave no reason for doing
        Granting wide discretion is dangerous, some experts and
        officials warned, when federal agencies are already prone to
        overreach in their efforts to control information flow.
        The Bush administration allegedly tried to silence two former
        government climate change experts from speaking publicly on the
        dangers of global warming. More recently, the FDA justified the
        monitoring of the personal email of its scientists and doctors
        as a way to detect leaks of unclassified information.

Maybe this is just another way of reducing the federal workforce. Nobody
normal should want to work there.

When the Department of Education is searching for “insider threats”
something’s gone very wrong.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://kalos.csdco.com/pipermail/rushtalk/attachments/20130707/126f1aba/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: bb.jpg
Type: image/jpeg
Size: 23581 bytes
Desc: not available
Url : http://kalos.csdco.com/pipermail/rushtalk/attachments/20130707/126f1aba/attachment-0001.jpg 

More information about the Rushtalk mailing list