recommended reading

DHS defends social media monitoring program

The Homeland Security Department monitors social media sites, blogs and online comment threads to gather "situational awareness" about threats and emergencies, but it doesn't pull identifying information about average citizens out of those comments unless it's a "life or death situation," officials told a House panel Thursday.

The hearing of the Homeland Security Subcommittee on Counterterrorism and Intelligence follows news that an agency contractor mined Facebook, Twitter and the comments sections of online news articles in 2009 to gauge Standish, Mich., residents' thoughts about a short-lived proposal to move Guantanamo Bay prisoners to an area prison.

The contract with General Dynamics was uncovered after the Electronic Privacy Information Center, an online privacy advocacy group, filed a Freedom of Information Act request and subsequent lawsuit.

That 2009 report came during an early, investigatory phase of the social media program and was never distributed to agency divisions, DHS Chief Privacy Officer Mary Ellen Callahan told lawmakers Thursday.

Current analysis produced by the National Operations Center, where the social media monitoring program is housed, "focus[es] on what's being reported, not who's reporting it," Callahan said. Those reports never identify people's names or other personally identifying information unless the analysts believe someone's life might be in danger or if the person being referred to is a public official, she said. When then-Rep. Gabrielle Giffords, D-Ariz., was shot in Tucson in January 2011, for instance, reports identified the congresswoman by name, Callahan said.

The social media program is subject to internal audits and Callahan's office reviews the program for compliance with privacy policies every six months, she said. DHS is finalizing a new departmentwide directive on social media and privacy, she added, which will replace numerous policies at various divisions and agencies.

Subcommittee members told Callahan and Richard Chávez, coordination and planning director for the National Operations Center, they worried the social media program is treading too fine a line with citizen's Fourth Amendment rights against unreasonable searches.

"In my view collecting, analyzing and disseminating private citizens' comments could have a chilling effect on individual privacy rights and people's freedom of speech and dissent against their government," subcommittee chairman Rep. Patrick Meehan, R-Pa., said.

"My guess is that the average American has no problem with other private individuals reading their voluntary online writings and postings in open forums," Meehan said. "But they may feel a bit of unease knowing the federal government may be doing the same."

The controversial contract with General Dynamics also includes monitoring social media for positive and negative comments about DHS agencies. Callahan said that was aimed at improving agencies "operational awareness," not rooting out government critics.

"It's to understand whether the department is candidly meeting its standards," she said. "If there's a long line at TSA, we don't care who's in that long line. But if someone tweets and says there's a long line we then convey that information to TSA."

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.


When you download a report, your information may be shared with the underwriters of that document.