‘Insider Threat’ Program: Hundred Thousand Pentagon Personnel Under Total Surveillance

At least a hundred thousand military, civilian, and contractor personnel at the Defense Department have been subjected to a “continuous evaluation” or total surveillance of their electronic activities and communications. The surveillance is part of the department’s “Insider Threat” program and raises concerns about the extent to which whistleblower communications are being intercepted.

According to a 2015 report to Congress obtained by Steven Aftergood of Secrecy News, “Multiple pilots and concept demonstrations using ‘push’ and ‘pull’ capabilities to conduct continuous evaluation” have been used to monitor personnel with access to classified information.

“Pull” capabilities refers to an Automated Continuing System (ACES), which conducts “point-in-time records checks” and “pulls” data from “trusted data sources.” “Push” capabilities refers to an ACES Next Generation system, which automatically pushes relevant updated information to the system without additional requests for data.

The total surveillance of personnel with access to classified information makes it possible to conduct “insider threat analyses” of “law enforcement, personnel security, human resources, counterintelligence, physical security, network behavior monitoring, and cybersecurity activities,” according to the report to Congress.

There is only one small mention of the issue of privacy and civil liberties in the report. It relates to the issue of having experts who will help the “senior agency official” in charge of “insider threat detection and prevention.” One of the experts is to advise on “privacy and civil liberties” concerns related to information technology, data analysis, and systems engineering. Beyond that, it does not appear the Defense Department believes total surveillance of personnel raises any constitutional questions.

As Director of National Intelligence James Clapper has previously described, the system of “continuous evaluation” is designed to monitor “electronic behavior on the job as well as off the job.” Clapper expected the “Insider Threat” program would have six or seven data streams by September 2016, which would be relied upon to detect potential threats.

An Office of Acquisitions posting on the government website for contractors indicated the systems would create “staff profiles.” In other words, data would be used to maintain dossiers on suspicious employees who have security clearances. Their behaviors could trigger special monitoring, even if they have not taken information with the intent to disclose information.

Senators Chuck Grassley and Ron Wyden wrote a letter to Clapper on June 18, 2014, where they argued there should be “constitutional, statutory, and prudential limits” to any monitoring of personnel.

“Any monitoring of employees’ ‘electronic behavior on the job as well as off the job’ needs to include safeguards to prevent the chilling of legitimate whistleblower communications and protect the confidentiality of any legally privileged information,” the senators maintained. “Procedural safeguards to prevent the targeting of whistleblowers for extra scrutiny as well as minimization requirements to avoid collecting protected communications are some examples of the sorts of safeguards that should be developed.”

“If captured inadvertently, protected disclosures certainly should never be routed back to an official involved in any alleged wrongdoing reported by the whistleblower,” the senators added. Both senators also shared their worries that whistleblower communications to Congress members would be intercepted and members of Congress with security clearances might be subject to surveillance.

According to the 2015 report to Congress, there are no mentioned plans for protecting whistleblower communications by following certain procedures if they would happen to be intercepted.

The Office of the Director for National Intelligence (ODNI) oversees the National Insider Threat Task Force. An official from the Task Force recently conducted a presentation, where National Security Agency whistleblower Thomas Drake, who revealed fraud, waste, and abuse, was listed along with Nidal Hasan, Aaron Alexis, and Robert Hanssen. Hasan and Alexis murdered people and Hanssen was a Soviet spy.

As Kenneth Lipp reported, Patricia Larsen of ODNI referred to Pentagon Papers whistleblower Daniel Ellsberg as a criminal. She said Drake and Edward Snowden had been “self-radicalized” while the others in the “rogues gallery” were recruited by foreign governments. Each one of them had “strong egotistical streaks,” which led them to do harm to the country.

This is how military and security agencies view “insider threats” and why it should be troubling to whistleblower advocates that a center in the Defense Department is continuously analyzing the activities of at least one hundred thousand personnel.

Twenty-two organizations, including whistleblower advocacy groups, recently sent a letter to the inspector general for the “intelligence community.”

“We are concerned about the Office of the Director of National Intelligence’s (ODNI) characterization of whistleblowers as insider threats, despite clear policy from the White House that those individuals should not be considered or targeted as such,” the organizations declared.

The organizations noted that Larsen had used an “overly broad definition of insider threats,” which included “any employees and contractors who damage an entity’s reputation, be it government or business, by exposing inside information should be considered insider threats, as they ‘would be in the business world.’”

“This kind of wanton misuse of the term ‘threat’ demonstrates that this program fails to distinguish between those who want to fix problems from those who wish to do harm to our national security,” the organizations further stated.

Despite concerns from whistleblower advocates and U.S. senators, like Grassley and Wyden, who have served on oversight committees, the House of Representatives passed a bill in November to expand the “Insider Threat” program to include total surveillance of credit, criminal, and social media activities of Department of Homeland Security personnel.

The expansion of an “Insider Threat” program in government agencies has ballooned in the aftermath of Chelsea Manning’s disclosures to WikiLeaks and Snowden’s disclosures to journalists.

In 2013, McClatchy Newspapers reported on materials from the “Insider Threat” program, which equate “leaks” with “espionage,” encourage snitching, and instruct employees to be on the lookout for individuals suffering from “narcissism” or “antisocial personality disorder.”

McClatchy also reported in 2013 that thousands of Americans had their personal data passed on to U.S. agencies like the Central Intelligence Agency (CIA), Internal Revenue Service (IRS) and NSA as part of an effort to uncover “untrustworthy federal workers.” A truly McCarthy-esque list “unprecedented” in nature was disseminated widely with ease when there was no good reason for the government to be sharing this data at all.