The Dangers of the Insider Threat Program, Part 1
The Dangers of the Insider Threat Program, Part 1
[Note: This series explores the ramifications of the new Insider Threat Program, an initiative ordered by President Barack Obama to identify and stop future leaks and security violations within the federal government, and specifically the intelligence community. Mandated in 2011, the program demands that federal employees report overtly suspicious behavior by co-workers, such as frequent travel overseas or unreported foreign contacts, but it also requires employees to ‘profile’ their co-workers with behavior analysis techniques they are relatively untrained in. This series offers context and background on the program, as well as giving examples of both frivolous investigations and failed leak identification, and explaining the ramifications for the counterintelligence corps and federal employees at large. The Insider Threat Program does not help prevent leaks; in fact, it diminishes esprit d ’corps, encourages ‘witch hunts,’ and ultimately results in the exact type of decreased loyalty that can lead to susceptibility to foreign services and anti-government groups. This series is an adapted form of a thesis that Kit wrote for her Counterintelligence degree.]
In June 2013, at the same time that Edward Snowden was leaking classified information to Wikileaks, information about another government program was made public: the Insider Threat Program. An article by Marisa Taylor and Jonathan Landay, published by McClatchy News, threw the blanket of secrecy off a program that has reach far beyond just the intelligence world, into almost every facet of government employment. The Insider Threat Program, or ITP, “requires federal employees to keep closer tabs on their co-workers and exhorts managers to punish those who fail to report their suspicions.” ITP shows the darker side of counterintelligence, as it not only encourages but demands that individuals target each other, creating the underpinnings of a repressive police state like that found in Stalin’s Soviet Russia. The use of ITP in the federal government—and its results—underline the consequences of what happens when counterintelligence is applied against citizens, and without regard for the rule of law.
President Obama’s ITP program is not the first time that a government has resorted to spying on itself. Josef Stalin also instituted programs that targeted government employees and Communist party officials, seeking to weed out those who he felt were disloyal to him and to the Party. The Народный комиссариат внутренних дел (People’s Commissariat for Internal Affairs), or NKVD, was Stalin’s agency tasked with controlling all law enforcement, fire departments, internal military forces, and prison guards. Created from the remnants from other agencies in 1934, the NKVD was the main instrument of Stalin’s dictatorship. Agents were everywhere; they targeted anyone thought to oppose Stalin and his regime. Planted in factories, boardrooms, and political offices, the NKVD agents reported on citizen and official activities, as well as even family activities. Anything that was not ‘in line’ with the party and total devotion to the Stalin government was considered a security threat and a treasonous act, punishable by horrifying consequences.
In addition to civilians, religious leaders and proponents of other schools of political thought, Stalin turned his attention specifically to government employees. No one was safe; military leaders, party officials, government employees, and many others were followed, spied on, and ultimately imprisoned in the Gulag or summarily executed after a series of mock trials. These ‘purges,’ as they were called, continued until 1939, and the outbreak of World War II. Robert Conquest, in his definitive work on the Stalin Purges, writes that “[f]rom the Politburo members down, no one was to be exempt from [the NKVD’s] attentions. They themselves were to remain under the careful control of the supreme political authority, Stalin.” Conquest put the estimates of total dead at 3 million, with 9 million more in prison or forced labor camps as of 1938. While the purges are generally considered to have mostly ended by 1939, it was not until Stalin’s death in 1953 that Nikita Khruschev ended them once and for all.
The Insider Threat Program did not suddenly appear out of nowhere, nor was it conjured in a vacuum; it was a direct result of the Bradley Manning case. In 2010, Private First Class Bradley Manning, an Army intelligence analyst, downloaded over 700,000 classified documents from secure government systems—some of which he hacked into. The documents included not only intelligence reports, but video and even diplomatic cables between personnel at embassies and consulates and their superiors in Washington. The sheer volume of documents released to anti-government group Wikileaks represented the largest intelligence breach in American history, and included the “names of informants and others who had cooperated with U.S. military forces in Afghanistan, endangering their lives.” The charge of aiding the enemy in a time of war—the most serious charge Manning is facing—is a capital offense. While the Army did not have plans to seek the death penalty for Manning, the question looming even larger was how to stop insider leaks before they happen.
Army Regulation 381-12, titled “Threat Awareness and Reporting Program,” was revised in October 2010, in an effort to prevent further security leaks within the Army. Formerly known as “Subversion and Espionage Directed against the US Army,” the manual made several sweeping changes to the process of reporting suspected security leaks. The new regulation mandated that “threat-awareness training and reporting requirements be included in courses of instruction at the US Army Training and Doctrine Command schools and centers… [and] unit command inspection programs.” While 381-12 is an Army regulation, it is applicable to not only all Army active, Guard, and Reserve personnel, but all Department of Defense (DOD) contractors, Department of the Army civilians, and even any foreign nationals employed by the Army.
The revised regulation also outlined “behaviors that may be exhibited” by someone who is either actively leaking information, or considering doing so. A table included in the regulation lists common sense behaviors often viewed as being suspicious, such as frequent trips abroad or contacts with foreign nationals that are not reported to superiors. The regulation did not, however, apply to regular federal employees. Obama changed all of that with the Insider Threat Program.
In Part 2, we’ll look at the parameters for the Insider Threat Program and how they lead to some very dangerous—and even illegal—situations.
 Marisa Taylor and Jonathan Landay, “Obama’s Crackdown Views Leaks as Aiding Enemies of U.S.,” McClatchy, June 20, 2013, http://www.mcclatchydc.com/2013/06/20/194513/obamas-crackdown-views-leaks-as.html.
 “WW II: Behind Closed Doors,” PBS, accessed July 22, 2013, http://www.pbs.org/behindcloseddoors/in-depth/stalins-spies.html.
 Robert Conquest, The Great Terror: A Reassessment (New York: Oxford University Press, 1990), 34.
 Jim Miklaszewski and Courtney Kube, “Manning Faces New Charges, Possible Death Penalty,” Msnbc.com, March 3, 2011, http://www.nbcnews.com/id/41876046/ns/us_news-security/.
 United States, Department of the Army, Military Intelligence, AR 381-12 Threat Awareness and Reporting Program, October 4, 2010, http://www.apd.army.mil/pdffiles/r381_12.pdf.
 Ibid., i.