21 June 2013

Insider Threat Program: Leaks to Media=Espionage

http://www.mcclatchydc.com/2013/06/20/194513/obamas-crackdown-
views-leaks-as.html#.UcQy89jhddA

Posted on Thursday, June 20, 2013

Obama’s crackdown views leaks as aiding enemies of U.S.

By Marisa Taylor and Jonathan S. Landay | McClatchy Washington Bureau

WASHINGTON — Even before a former U.S. intelligence contractor exposed the secret collection of Americans’ phone records, the Obama administration was pressing a government-wide crackdown on security threats that requires federal employees to keep closer tabs on their co-workers and exhorts managers to punish those who fail to report their suspicions.

President Barack Obama’s unprecedented initiative, known as the Insider Threat Program, is sweeping in its reach. It has received scant public attention even though it extends beyond the U.S. national security bureaucracies to most federal departments and agencies nationwide, including the Peace Corps, the Social Security Administration and the Education and Agriculture departments. It emphasizes leaks of classified material, but catchall definitions of “insider threat” give agencies latitude to pursue and penalize a range of other conduct.

Government documents reviewed by McClatchy illustrate how some agencies are using that latitude to pursue unauthorized disclosures of any information, not just classified material. They also show how millions of federal employees and contractors must watch for “high-risk persons or behaviors” among co-workers and could face penalties, including criminal charges, for failing to report them. Leaks to the media are equated with espionage.

“Hammer this fact home . . . leaking is tantamount to aiding the enemies of the United States,” says a June 1, 2012, Defense Department strategy for the program that was obtained by McClatchy.

The Obama administration is expected to hasten the program’s implementation as the government grapples with the fallout from the leaks of top secret documents by Edward Snowden, the former National Security Agency contractor who revealed the agency’s secret telephone data collection program. The case is only the latest in a series of what the government condemns as betrayals by “trusted insiders” who have harmed national security.

“Leaks related to national security can put people at risk,” Obama said on May 16 in defending criminal investigations into leaks. “They can put men and women in uniform that I’ve sent into the battlefield at risk. They can put some of our intelligence officers, who are in various, dangerous situations that are easily compromised, at risk. . . . So I make no apologies, and I don’t think the American people would expect me as commander in chief not to be concerned about information that might compromise their missions or might get them killed.”

As part of the initiative, Obama ordered greater protection for whistleblowers who use the proper internal channels to report official waste, fraud and abuse, but that’s hardly comforting to some national security experts and current and former U.S. officials. They worry that the Insider Threat Program won’t just discourage whistleblowing but will have other grave consequences for the public’s right to know and national security.

The program could make it easier for the government to stifle the flow of unclassified and potentially vital information to the public, while creating toxic work environments poisoned by unfounded suspicions and spurious investigations of loyal Americans, according to these current and former officials and experts. Some non-intelligence agencies already are urging employees to watch their co-workers for “indicators” that include stress, divorce and financial problems.

“It was just a matter of time before the Department of Agriculture or the FDA (Food and Drug Administration) started implementing, ‘Hey, let’s get people to snitch on their friends.’ The only thing they haven’t done here is reward it,” said Kel McClanahan, a Washington lawyer who specializes in national security law. “I’m waiting for the time when you turn in a friend and you get a $50 reward.”

The Defense Department anti-leak strategy obtained by McClatchy spells out a zero-tolerance policy. Security managers, it says, “must” reprimand or revoke the security clearances – a career-killing penalty – of workers who commit a single severe infraction or multiple lesser breaches “as an unavoidable negative personnel action.”

Employees must turn themselves and others in for failing to report breaches. “Penalize clearly identifiable failures to report security infractions and violations, including any lack of self-reporting,” the strategic plan says.

The Obama administration already was pursuing an unprecedented number of leak prosecutions, and some in Congress – long one of the most prolific spillers of secrets – favor tightening restrictions on reporters’ access to federal agencies, making many U.S. officials reluctant to even disclose unclassified matters to the public.

The policy, which partly relies on behavior profiles, also could discourage creative thinking and fuel conformist “group think” of the kind that was blamed for the CIA’s erroneous assessment that Iraq was hiding weapons of mass destruction, a judgment that underpinned the 2003 U.S. invasion.

“The real danger is that you get a bland common denominator working in the government,” warned Ilana Greenstein, a former CIA case officer who says she quit the agency after being falsely accused of being a security risk. “You don’t get people speaking up when there’s wrongdoing. You don’t get people who look at things in a different way and who are willing to stand up for things. What you get are people who toe the party line, and that’s really dangerous for national security.”

Obama launched the Insider Threat Program in October 2011 after Army Pfc. Bradley Manning downloaded hundreds of thousands of documents from a classified computer network and sent them to WikiLeaks, the anti-government secrecy group. It also followed the 2009 killing of 13 people at Fort Hood, Texas, by Army Maj. Nidal Hasan, an attack that federal authorities failed to prevent even though they were monitoring his emails to an al Qaida-linked Islamic cleric.

An internal review launched after Manning’s leaks found “wide disparities” in the abilities of U.S. intelligence agencies to detect security risks and determined that all needed improved defenses.

Obama’s executive order formalizes broad practices that the intelligence agencies have followed for years to detect security threats and extends them to agencies that aren’t involved in national security policy but can access classified networks. Across the government, new policies are being developed.

There are, however, signs of problems with the program. Even though it severely restricts the use of removable storage devices on classified networks, Snowden, the former NSA contractor who revealed the agency’s telephone data collection operations, used a thumb drive to acquire the documents he leaked to two newspapers.

“Nothing that’s been done in the past two years stopped Snowden, and so that fact alone casts a shadow over this whole endeavor,” said Steven Aftergood, director of the non-profit Federation of American Scientists’ Project on Government Secrecy. “Whatever they’ve done is apparently inadequate.”

U.S. history is replete with cases in which federal agencies missed signs that trusted officials and military officers were stealing secrets. The CIA, for example, failed for some time to uncover Aldrich Ames, a senior officer who was one of the most prolific Soviet spies in U.S. history, despite polygraphs, drunkenness, and sudden and unexplained wealth.

Stopping a spy or a leaker has become even more difficult as the government continues to accumulate information in vast computer databases and has increased the number of people granted access to classified material to nearly 5 million.

Administration officials say the program could help ensure that agencies catch a wide array of threats, especially if employees are properly trained in recognizing behavior that identifies potential security risks.

“If this is done correctly, an organization can get to a person who is having personal issues or problems that if not addressed by a variety of social means may lead that individual to violence, theft or espionage before it even gets to that point,” said a senior Pentagon official, who requested anonymity because he wasn’t authorized to discuss the issue publicly.

Manning, for instance, reportedly was reprimanded for posting YouTube messages describing the interior of a classified intelligence facility where he worked. He also exhibited behavior that could have forewarned his superiors that he posed a security risk, officials said.

Jonathan Pollard, a former U.S. Navy intelligence analyst sentenced in 1987 to life in prison for spying for Israel, wasn’t investigated even though he’d failed polygraph tests and lied to his supervisors. He was caught only after a co-worker saw him leave a top-secret facility with classified documents.

“If the folks who are watching within an organization for that insider threat – the lawyers, security officials and psychologists – can figure out that an individual is having money problems or decreased work performance and that person may be starting to come into the window of being an insider threat, superiors can then approach them and try to remove that stress before they become a threat to the organization,” the Pentagon official said.

The program, however, gives agencies such wide latitude in crafting their responses to insider threats that someone deemed a risk in one agency could be characterized as harmless in another. Even inside an agency, one manager’s disgruntled employee might become another’s threat to national security.

Obama in November approved “minimum standards” giving departments and agencies considerable leeway in developing their insider threat programs, leading to a potential hodgepodge of interpretations. He instructed them to not only root out leakers but people who might be prone to “violent acts against the government or the nation” and “potential espionage.”

The Pentagon established its own sweeping definition of an insider threat as an employee with a clearance who “wittingly or unwittingly” harms “national security interests” through “unauthorized disclosure, data modification, espionage, terrorism, or kinetic actions resulting in loss or degradation of resources or capabilities.”

“An argument can be made that the rape of military personnel represents an insider threat. Nobody has a model of what this insider threat stuff is supposed to look like,” said the senior Pentagon official, explaining that inside the Defense Department “there are a lot of chiefs with their own agendas but no leadership.”

The Department of Education, meanwhile, informs employees that co-workers going through “certain life experiences . . . might turn a trusted user into an insider threat.” Those experiences, the department says in a computer training manual, include “stress, divorce, financial problems” or “frustrations with co-workers or the organization.”

An online tutorial titled “Treason 101” teaches Department of Agriculture and National Oceanic and Atmospheric Administration employees to recognize the psychological profile of spies.

A Defense Security Service online pamphlet lists a wide range of “reportable” suspicious behaviors, including working outside of normal duty hours. While conceding that not every behavior “represents a spy in our midst,” the pamphlet adds that “every situation needs to be examined to determine whether our nation’s secrets are at risk.”

The Defense Department, traditionally a leading source of media leaks, is still setting up its program, but it has taken numerous steps. They include creating a unit that reviews news reports every day for leaks of classified defense information and implementing new training courses to teach employees how to recognize security risks, including “high-risk” and “disruptive” behaviors among co-workers, according to Defense Department documents reviewed by McClatchy.

“It’s about people’s profiles, their approach to work, how they interact with management. Are they cheery? Are they looking at Salon.com or The Onion during their lunch break? This is about ‘The Stepford Wives,’” said a second senior Pentagon official, referring to online publications and a 1975 movie about robotically docile housewives. The official said he wanted to remain anonymous to avoid being punished for criticizing the program.

The emphasis on certain behaviors reminded Greenstein of her employee orientation with the CIA, when she was told to be suspicious of unhappy co-workers.

“If someone was having a bad day, the message was watch out for them,” she said.

Some federal agencies also are using the effort to protect a broader range of information. The Army orders its personnel to report unauthorized disclosures of unclassified information, including details concerning military facilities, activities and personnel.

The Peace Corps, which is in the midst of implementing its program, “takes very seriously the obligation to protect sensitive information,” said an email from a Peace Corps official who insisted on anonymity but gave no reason for doing so.

Granting wide discretion is dangerous, some experts and officials warned, when federal agencies are already prone to overreach in their efforts to control information flow.

The Bush administration allegedly tried to silence two former government climate change experts from speaking publicly on the dangers of global warming. More recently, the FDA justified the monitoring of the personal email of its scientists and doctors as a way to detect leaks of unclassified information.

But R. Scott Oswald, a Washington attorney of the Employment Law Group, called the Obama administration “a friend to whistleblowers,” saying it draws a distinction between legitimate whistleblowers who use internal systems to complain of wrongdoing vs. leakers, who illegally make classified information public.

There are numerous cases, however, of government workers who say they’ve been forced to go public because they’ve suffered retaliation after trying to complain about waste, fraud and abuse through internal channels or to Congress. Thomas Drake, a former senior NSA official, was indicted in 2010 under the Espionage Act after he disclosed millions of dollars in waste to a journalist. He’d tried for years to alert his superiors and Congress. The administration eventually dropped the charges against him.

The Pentagon, meanwhile, declined to answer how its insider threat program would accommodate a leak to the news media like the Pentagon Papers, a top-secret history of U.S. involvement in Vietnam that showed how successive administrations had misled the public and Congress on the war.

“The danger is that supervisors and managers will use the profiles for ‘Disgruntled Employees’ and ‘Insider Threats’ to go after legitimate whistleblowers,” said the second Pentagon official. “The executive order says you can’t offend the whistleblower laws. But all of the whistleblower laws are about retaliation. That doesn’t mean you can’t profile them before they’re retaliated against.”

Greenstein said she become the target of scrutiny from security officials after she began raising allegations of mismanagement in the CIA’s operations in Baghdad. But she never leaked her complaints, which included an allegation that her security chief deleted details about safety risks from cables. Instead, she relied on the agency’s internal process to make the allegations.

The CIA, however, tried to get the Justice Department to open a criminal case after Greenstein mentioned during a polygraph test that she was writing a book, which is permitted inside the agency as long as it goes through pre-publication review. The CIA then demanded to see her personal computers. When she got them back months later, all that she’d written had been deleted, Greenstein said.

“They clearly perceived me as an insider threat,” said Greenstein, who has since rewritten the book and has received CIA permission to publish portions of it. “By saying ‘I have a problem with this place and I want to make it better,’ I was instantly turned into a security threat,” she said. The CIA declined to comment.

Email: mtaylor[at]mcclatchydc.com, jlanday[at]mcclatchydc.com