recommended reading

The Government Already Has the Technology to Monitor Cleared Employees

Edward Snowden talks during a simulcast conversation during the SXSW Interactive Festival on Monday, March 10, 2014.

Edward Snowden talks during a simulcast conversation during the SXSW Interactive Festival on Monday, March 10, 2014. // Jack Plunkett/Invision/AP

The government for years has continuously, electronically surveilled the behavior of personnel in sensitive security positions and does not need a whole new system to catch the next leaker, a former top technology executive in the intelligence community said. His comments came as debate heats up about building new technology to catch rogue federal employees.

"It’s not new technology -- it’s a matter of making more it more encompassing, making it more scalable, making it faster” at searching for signs of changes in behavior, said Dale Meyerrose, the first chief information officer of the intelligence community, under the Director of National Intelligence, during an interview. "A lot of it is the same infrastructure, the same sensors, the same networking technology. You just put in the software code new rules [detailing which databases to scour], new processes, new applications."

On Monday, the Associated Press reported that intelligence officials plan to use “a sweeping electronic system to continually monitor workers with secret clearances,” such as former intelligence contractor Edward Snowden, who leaked domestic surveillance secrets.

Assessing psychological changes is not the goal of the tools, observers noted.

Mental health records are not as easy to lasso together, for structural and legal reasons, said Nicole A. Smith, an associate at Tully Rinckey PLLC and a former national security background investigator. 

Some cleared personnel are required to sign a waiver releasing mental and physical medical records. But, even with a waiver, the ability to continuously, electronically scan mental health records would be limited because of the way records are organized within a doctor's office. 

"You’re not talking about getting inside someone’s brain," Meyerrose echoed. "It's all about behavior -- from that behavior, you red flag it and say we need to watch this person a lot more closely:  Are they going to this drug site because they plan on dealing illegal drugs, or are they going to this drug site so that they can learn more about drugs, so that they can deal with their teenage kid who's got a drug problem?" 

Meyerrose left the White House at the end of the George W. Bush administration and now serves as a lecturer at Carnegie Mellon University and a federal consultant. 

When you see odd Web habits, "that's where you put the red flag on it, and you look for other indicators . . . to see whether or not to be worried about that behavior," said Meyerrose, who also served as CIO of three major U.S. Air Force Commands.  Officials would not use a single indicator to persecute the next potential Snowden or Navy Yard shooter Aaron Alexis, who killed a dozen people. 

Watching cleared workers communicate in their free time is fair game. 

"I used to conduct that all the time during exercises," in the military, Meyerrose said.  “You know -- 'Loose lips sink ships,' those kinds of opsec. That’s been a part of the government culture since 1947,” with the enactment of the National Security Act mandating a major reorganization of the U.S. foreign policy and military establishments. 

The AP reported that the employee-surveillance "system could also link to outside databases to flag questionable behavior," and "investigators will analyze the information along with data separately collected from social media and, when necessary, polygraph tests."

Background investigators, however, say there are challenges in confirming the identity of individuals posting messages online.

"To me, if you're linking into social media, my first concern would be that whatever you're pulling is actually your applicant and not someone else," Smith said. "I think you still run a risk of verifying that that is your applicant's Facebook page."

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

    Download
  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    Download
  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

    Download
  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

    Download
  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

    Download
  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security

    Download

When you download a report, your information may be shared with the underwriters of that document.