HPSCI Seeks “Continuous Evaluation” of Security-Cleared Employees
Recent unauthorized disclosures of classified information might have been prevented if U.S. intelligence agencies “continuously evaluated the backgrounds of employees and contractors,” according to the House Permanent Select Committee on Intelligence (HPSCI).
In its new report on the FY 2014 intelligence authorization bill, the Committee would require intelligence agencies to “continuously determine whether their employees and contractors are eligible for access to classified information” by using all available transactional records and social media.
“Continuous evaluation allows the IC to take advantage of lawfully available government and public information to detect warning signals that the current system of five-year periodic reinvestigation misses,” the HPSCI report said.
“That information might include: foreign travel; reports of foreign contacts financial disclosure information; checks of criminal, commercial marketing, and credit databases; and other appropriate publicly available information.”
The recently developed concept of continuous evaluation (CE) “allows for a review at any time of an individual with eligibility or access to classified information or in a sensitive position to ensure that that individual continues to meet the requirements for eligibility,” said Brian Prioletti of the ODNI National Counterintelligence Executive at a November 13 hearing of the House Homeland Security Committee.
“As envisioned in the reformed security clearance process, [continuous evaluation] includes automated record checks of commercial databases, government databases, and other information lawfully available,” Mr. Prioletti said. “Manual checks are inefficient and resource-intensive. The C.E. initiative currently under development will enable us to more reliably determine an individual’s eligibility to hold a security clearance or a sensitive position on an ongoing basis.”
“There are a number of ongoing pilot studies to assess the feasibility of selected automated record checks and the utility of publicly available electronic information to include social media sites in the personnel security process,” he added.
“While we fully recognize the value of publicly available electronic information and its relevancy from an adjudicative perspective, there are resource, privacy, and civil liberty concerns that must be addressed as we incorporate such checks into our security processes,” Mr. Prioletti acknowledged.
Up Next: Continuous Monitoring
“Continuous evaluation” itself is just an interim stage, said Gregory Marshall, chief security officer at the Department of Homeland Security. It is a stepping stone to the desired end state of “continuous monitoring,” which involves more extensive collection directed at the individual subject. [Update: This is a non-standard use of the term “continuous monitoring,” which normally refers to monitoring of information systems, not persons.]
“This administration’s recent information-sharing and safeguarding initiative, also known as Insider Threat, seeks to complement background investigations and continuous evaluation with continuous monitoring,” Mr. Marshall said. “This program will incorporate and analyze data in near-real time from a much broader set of sources. Its focus is the protection of classified information but its applicability to suitability and contractor fitness is evident.”
Indeed, the “applicability” of this approach to all sorts of concerns is evident. If leaks of national security information are deemed to be a counterintelligence threat, why wouldn’t the full arsenal of surveillance tools, including the NSA’s PRISM, be employed against them?
An NSA memorandum reported in the Huffington Post today noted that “vulnerabilities of character” revealed through intelligence gathering can be effectively used to discredit individual “radicalizers.” In one particularly horrifying case, it was found that a suspect “publishes articles without checking facts.” (“Top-Secret Document Reveals NSA Spied On Porn Habits As Part Of Plan To Discredit ‘Radicalizers’,” by Glenn Greenwald, Ryan Gallagher, and Ryan Grim, November 26).
The Director of National Intelligence recently ordered a review to see whether the number of persons who hold security clearances — nearly 5 million persons — could be reduced. (“Obama Administration Looks to Scrub Security Clearance List” by Josh Gerstein, Politico, November 21).
That objective could be inadvertently advanced by efforts to ratchet up personnel security procedures. Facing continuous evaluation and the prospect of continuous monitoring, some individuals might decide to opt out of the security clearance system voluntarily.
At a time when universities are already facing intense pressure to re-envision their role in the S&T ecosystem, we encourage NSF to ensure that the ambitious research acceleration remains compatible with their expertise.
FAS CEO Daniel Correa recently spoke with Adam Marblestone and Sam Rodriques, former FAS fellows who developed the idea for FROs and advocated for their use in a 2020 policy memo.
In a year when management issues like human capital, IT modernization, and improper payments have received greater attention from the public, examining this PMA tells us a lot about where the Administration’s policy is going to be focused through its last three years.
Congress must enact a Digital Public Infrastructure Act, a recognition that the government’s most fundamental responsibility in the digital era is to provide a solid, trustworthy foundation upon which people, businesses, and communities can build.