[Note: This series explores the ramifications of the new Insider Threat Program, an initiative ordered by President Barack Obama to identify and stop future leaks and security violations within the federal government, and specifically the intelligence community. Mandated in 2011, the program demands that federal employees report overtly suspicious behavior by co-workers, such as frequent travel overseas or unreported foreign contacts, but it also requires employees to ‘profile’ their co-workers with behavior analysis techniques they are relatively untrained in. The Insider Threat Program does not help prevent leaks; in fact, it diminishes
esprit d ’corps, encourages ‘witch hunts,’ and ultimately results in the exact type of decreased loyalty that can lead to susceptibility to foreign services and anti-government groups. This series is an adapted form of a thesis that Kit wrote for her Counterintelligence degree.]
Part 1 is here. Part 2 is here. Part 3 is here.
Post-ITP Implementation
Even though spokespersons for the program and the Obama administration claim that ITP is a highly effective program with safeguards against civil rights violations and frivolous or vengeful reporting, the evidence shows otherwise. The Food and Drug Administration (FDA) recently “justified the monitoring of the personal email of its doctors and scientists,” committing a gross violation of the 4th Amendment.[1] There is also a serious concern about how the program will handle whistleblowers attempting to bring abuse to the attention of superiors. One Pentagon official stated that “all of the whistleblower laws are about retaliation. That doesn’t mean you can’t profile them before they’re retaliated against.”[2] While there is a standardized process for reporting actual breaches of privacy, or illegal activities within the intelligence community, several whistleblowers have gone on record as saying that they attempted to bring up their concerns and were silenced through administrative action or simply ignored.
In order to answer the question of whether ITP prevents leaks such as that found in the Bradley Manning case, it is not necessary to look further than the case of Edward Snowden, a contractor with secure access who recently left the US and fled to Hong Kong with four laptops full of classified information on the NSA’s clandestine monitoring program, called PRISM. Snowden leaked information to both the Guardian and the Washington Post, and was able to do it even with the ITP protocols in place. The total amount of information Snowden may possess still remains unknown; the actual damage done by his leaks is also undetermined at this point.
It is important to note that one of the traditional ‘red flags’ for espionage is when an employee has very low job satisfaction, or feels as though he is not validated and/or listened to as an employee. Low morale, self-image, and a feeling of being unappreciated can actually lead an employee to be more susceptible to a Foreign Service (FISS) attack. Enemy agents are very skilled at seeking out those in need of validation and feeding that need. If an employee feels that he is not being listened to—especially in cases where they are attempting to blow the whistle on actual illegal conduct—they are simply that much more vulnerable to someone else who will listen to them. Over time, relationships can be cultivated that the employee may not even realize are dangerous, or the employee may see the necessity of blowing the whistle as being more important than their not giving information to a foreign service.
Domestic Extensions
Obama’s ITP specifically targets government employees, but the larger net of the intelligence community’s electronic surveillance programs lands on millions of American citizens, outlining a much greater problem than just the ITP itself. In June 2013, the Guardian, a newspaper based in the United Kingdom, obtained a top secret order that showed the Federal Bureau of Investigation (FBI) demanding—on behalf of the National Security Agency (NSA)—that phone company Verizon turn over three months’ worth of metadata on all phone calls. What made the order so disturbing was that the FBI specifically only included all calls originating in the United States.[3] In addition, it has recently been made public that the NSA conducts ‘three-hop analysis,’ allowing “the government to mine the records of 2.5 million Americans when investigating one suspected terrorist.”[4] The overall result of that is a very high probability that most Americans have been spied on by their own intelligence agencies—much like Stalin’s Soviet Russia.
The NSA’s surveillance activities are very significant because Executive Order 12333 expressly forbids “acquiring information concerning the domestic activities of United States persons.”[5] In addition, this violates the 4th Amendment of the Constitution, which states that “The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated” except in cases of a probable cause warrant.[6] In short, Executive Order 12333 and the 4th Amendment expressly forbid the use of counterintelligence against American citizens without probable cause, and currently the NSA is in violation of law and the Constitutional rights of millions of Americans.
Conclusions
The ultimate test of any program such as Insider Threat is two-fold: is it Constitutional, and does it work? In this case, the answer to both of these questions is an unequivocal “no.” It is understood that those who volunteer to work in the intelligence field, or who are entrusted with classified information need to be screened, and in order to do that they give up certain privacy rights that other citizens enjoy. The level of intrusion that is present in ITP, however, is a recipe for disaster. The penalization of employees who are not overzealous in reporting their co-workers for any real or imagined infraction, combined with techniques they are not fully trained on and inconsistent standards between agencies, can and will continue to result in innocent people being caught up in the web of an unnecessary counterintelligence investigation. In addition, the environment that ITP cultivates leads to overall added vulnerability for the US, as employees who may have been loyal for many years are now treated as though they are threats by co-workers. Meanwhile, the Pollards and Ames will continue to go undetected, and leaks on the scale of Manning and Snowden will continue to occur.
The events and studies outlined in this paper should have been the catalyst—over and over—for major change in the way that the government handles investigations, especially those dealing with espionage and counterintelligence. Unfortunately, the Insider Threat Program is just one more misstep in the administration’s handling of national security affairs.
[3] Andy Greenberg, “NSA’s Verizon Spying Order Specifically Targeted Americans, Not Foreigners,” Forbes, June 05, 2013, http://www.forbes.com/sites/andygreenberg/2013/06/05/nsas-verizon-spying-order-specifically-targeted-americans-not-foreigners/.
[4] Pete Yost, “Congress Expresses Anger over NSA Surveillance Program,” BostonGlobe.com, July 18, 2013, http://www.bostonglobe.com/news/nation/2013/07/17/nsa-spying-under-fire-you-got-problem/Ev73I1XwPYtvD2WFZ6idGK/story.html.
[5] “Executive Orders,” Executive Orders, December 14, 1981, http://www.archives.gov/federal-register/codification/executive-order/12333.html.
[6] “Fourth Amendment.” Cornell University Law. Accessed July 23, 2013. http://www.law.cornell.edu/constitution/fourth_amendment.
Recent Comments