Social Media in Security Clearance Investigations

Members of Congress are urging the executive branch to update and expand the security clearance process by examining the social media presence of individuals who are being considered for a security clearance for access to classified information, which is now being done only on a limited and uneven basis.

“I put more effort into understanding who my interns are” than the security clearance process does in granting clearances, said Senate Intelligence Committee chairman Sen. Richard Burr at a hearing yesterday. “You go to the areas that you learn the most about them — social media is right at the top of the list.”

“I can’t envision anyone coming into the office that you haven’t thoroughly checked out everything that they’ve said online,” Sen. Burr said.

On Tuesday, the House of Representatives passed a bill to promote the use of social media in security clearance investigations.

“It may be hard to believe, but the Federal Government often fails to conduct a simple internet search on individuals before they are trusted with a security clearance,” said Rep. Ron DeSantis (R-FL).

“Publicly available social media is one of the best ways to understand an individual’s interests and intentions, but our investigatory process still focuses on interviewing the applicant’s family, friends, and neighbors,” he said.

In fact, then-Director of National Intelligence James R. Clapper issued a directive in 2016 authorizing — but not requiring — the use of social media in security clearance background investigations. See Security Executive Agent Directive 5 on Collection, Use, and Retention of Publicly Available Social Media Information in Personnel Security Background Investigations and Adjudications, May 12, 2016.

But the practice has apparently been adopted unevenly and on a limited basis.

“For example, the Army initiated a pilot program that found that while checking social media is a valuable tool, it can be costly and may raise some legal issues,” said Rep. Gerry Connolly (D-VA).

The bill passed by the House this week would require the OMB to report on current use of social media in background investigations, legal impediments to such use, the results of any pilot programs, and options for widespread implementation.

The bill “is a much needed first step in modernizing federal security clearance background investigations,” said a House Committee report on the bill. “In recent years, there have been several cases in which federal contractor employees with security clearances leaked classified information after previously sharing suspicious posts on publicly available social media sites.”

Selective Declassification and the Nunes Memo

If Republicans on the House Intelligence Committee want to publicly release a classified memo that they prepared on alleged misconduct in the FBI, what could be wrong with that?

Quite a lot, actually. Even if the risks of disclosing classified information in this case are small (a point that is disputed), the selective disclosure of isolated claims is bound to produce a distorted view of events. The suppression of dissenting views held by Democratic members of the Committee only aggravates the distortion.

“Deliberately misleading by selectively declassifying is an established technique, and it is one that is both shady and dangerous,” said Sen. Sheldon Whitehouse (D-RI) on the Senate floor on Tuesday.

“This business of selectively cherry-picking things out of classified information to spread a false narrative has a very unpleasant echo for me because this is what the Bush administration was up to when it was trying to defend the torture program. They selectively declassified, for instance, that Abu Zubaydah had been the subject of what they called their enhanced interrogation techniques program and that he had produced important, actionable intelligence. What they did not declassify was that all the actionable intelligence he gave them had been provided before they started on the torture techniques.”

Sen. Whitehouse said that the practice resembled Soviet and Russian information warfare activities that were used “to poison the factual environment.”

“You start with the selective release of classified material that the public can’t get behind because the rest is classified, the false narrative that the ranking member has pointed out that that creates, the partisan and peculiar process for getting there, the ignoring of warnings from their own national security officials about how bad this is, the convenient whipping up of all of this in far-right media at the same time, the amplification of that actually by Russian bots and other sources, and the fact that this is all pointed, not coincidentally, at the agency and officials who are engaged in investigating the Trump White House and the Trump campaign, it is so appallingly obvious what the game is that is being played here.”

Meanwhile, Sen. Whitehouse said, Congress has taken no action to protect against foreign interference in U.S. elections.

“We are warned that a hostile foreign power is going to attack our 2018 election. Where is the legislation to defend against that? Where is the markup of the legislation? Where is the effort to do what needs to be done to defend our democracy? Here we are just a few months out from the election. We are 9 months out. Do I have the math right? It is 9 months between here and there. Nothing.”

Yesterday, the FBI put out a brief statement noting that “we have grave concerns about material omissions of fact that fundamentally impact the memo’s accuracy.”

But as far as is known, no similar concerns have been expressed by intelligence community leaders.

“It is stunning to me,” Sen. Whitehouse said, “that we have heard nothing–at least I have heard nothing– […] from our Director of National Intelligence, DNI Coats, and I have heard nothing from CIA Director Pompeo for–how long it has been?”

Yesterday, coincidentally, the Office of the Director of National Intelligence announced that DNI Coats had directed the declassification of classified intelligence records concerning the Tet Offensive launched by North Vietnamese forces in January 1968.

An ODNI posting said that it is part of a “New Transparency Effort To Share Historical Information of Current Relevance.”

Any declassification of historical information is welcome. But for all of its historical gravity, the Tet Offensive could hardly have less “current relevance.”

What is an Act of War in Cyberspace?

What constitutes an act of war in the cyber domain?

It’s a question that officials have wrestled with for some time without being able to provide a clear-cut answer.

But in newly-published responses to questions from the Senate Armed Services Committee, the Pentagon ventured last year that “The determination of what constitutes an ‘act of war’ in or out of cyberspace, would be made on a case-by-case and fact-specific basis by the President.”

“Specifically,” wrote then-Undersecretary of Defense (Intelligence) Marcel Lettre, “cyber attacks that proximately result in a significant loss of life, injury, destruction of critical infrastructure, or serious economic impact should be closely assessed as to whether or not they would be considered an unlawful attack or an ‘act of war.'”

Notably absent from this description is election-tampering or information operations designed to disrupt the electoral process or manipulate public discourse.

Accordingly, Mr. Lettre declared last year that “As of this point, we have not assessed that any particular cyber activity [against] us has constituted an act of war.”

See Cybersecurity, Encryption and United States National Security Matters, Senate Armed Services Committee, September 13, 2016 (published September 2017), at p. 85.

See related comments from Joint Chiefs Chairman Gen. Joseph Dunford in U.S. National Security Challenges and Ongoing Military Operations, Senate Armed Services Committee, September 22, 2016 (published September 2017), at pp. 56-57.

In January 2017, outgoing Obama DHS Secretary Jeh Johnson for the first time designated the U.S. election system as critical infrastructure. “Given the vital role elections play in this country, it is clear that certain systems and assets of election infrastructure meet the definition of critical infrastructure, in fact and in law,” he wrote. It follows that an attack on the electoral process could now be considered an attack on critical infrastructure and, potentially, an act of war.

“Russia engaged in acts of war against America, not with bullets and bombs, but through a modern form of warfare, a cyberattack on our democracy,” opined Allan Lichtman, a history professor at American University, in a letter published in the latest issue of the New York Review of Books.

Not so fast, replied Noah Feldman and Jacob Weisberg: “The US is not now in a legal state of war with Russia despite that country’s attempts to affect the 2016 election.”

The current issue of the US Army’s Military Intelligence Professional Bulletin (Oct-Dec 2017) includes an article on Recommendations for Intelligence Staffs Concerning Russian New Generation Warfare by MAJ Charles K. Bartles (at pp. 10-17).

Senate Intelligence Authorization Report Filed

Do the security clearance procedures that are used for granting access to classified information actually serve their intended purpose?

To help answer that question, the Senate Intelligence Committee mandated a review of security clearance requirements, including “their collective utility in anticipating future insider threats.”

See the Committee’s new report on the Intelligence Authorization Act for Fiscal Year 2018, filed September 7, 2017.

The report summarizes the content of the pending intelligence authorization bill (S. 1761), which was filed last month, and adds Committee comments on various aspects of current intelligence policy.

So, for example, “The Committee remains concerned about the level of protection afforded to whistleblowers within the IC and the level of insight congressional committees have into their disclosures.”

The central point of contention in the bill is a provision (sec. 623) declaring a sense of Congress “that WikiLeaks and the senior leadership of WikiLeaks resemble a non-state hostile intelligence service often abetted by state actors and should be treated as such a service by the United States.”

The provision had originally stated that WikiLeaks and its leadership “constitute” a non-state hostile intelligence service. But this was amended to replace “constitute” with “resemble”. That move might have attenuated the provision’s significance except that it went on to say — whether WikiLeaks constitutes or merely resembles a non-state hostile intelligence service — that the U.S. should treat it as such.

A hostile state-based intelligence service would presumably be subject to intense surveillance by the US. A competent US counterintelligence agency might also seek to infiltrate the hostile service, to subvert its agenda, and even to take it over or disable it.

Whether such a response would also be elicited by “a non-state hostile intelligence service” is hard to say since the concept itself is new and undefined.

“The Committee’s bill offers no definition of ‘non-state hostile intelligence service’ to clarify what this term is and is not,” wrote Sen. Kamala Harris, who favored removal of this language, though she said WikiLeaks has “done considerable harm to this country.”

Sen. Ron Wyden, who likewise said that WikiLeaks had been “part of a direct attack on our democracy,” opposed the bill due to the WikiLeaks-related provision.

“My concern is that the use of the novel phrase ‘non-state hostile intelligence service’ may have legal, constitutional, and policy implications, particularly should it be applied to journalists inquiring about secrets,” Sen. Wyden wrote in minority views appended to the report. “The language in the bill suggesting that the U.S. government has some unstated course of action against ‘non-state hostile intelligence services’ is equally troubling.”

Special Ops, Counter-Propaganda, Overclassification

The House Armed Services Committee took a retrospective look at US special operations forces earlier this year, thirty years after the establishment of US Special Operations Command (SOCOM).

“SOCOM has a lot of missions it is responsible for, and has had several new ones added to it,” said Rep. Elise M. Stefanik (R-NY) at a hearing earlier this year. “Are there any of those missions that should go away or be reassigned?”

SOCOM Commander Gen. Raymond A. Thomas was ready with the answer: “There are no missions that should go away or be reassigned.”

See Three Decades Later: A Review and Assessment of our Special Operations Forces 30 Years After the Creation of U.S. Special Operations Command, House Armed Services Committee, May 2, 2017.

Some other notable congressional hearing volumes that have recently been published include:

Crafting an Information Warfare and Counter-propaganda Strategy for the Emerging Security Environment, House Armed Services Committee, March 15, 2017

Examining the Costs of Overclassification on Transparency and Security, House Oversight and Government Reform Committee, December 7, 2016

OLC Nominee: Every Member of Congress Can Do Oversight

The nominee to lead the Justice Department Office of Legal Counsel acknowledged that all members of Congress have the authority to conduct oversight of the executive branch, and that agencies have a responsibility to accommodate requests by members for information needed to perform their oversight function.

That might seem like a statement of the obvious. But the Office of Legal Counsel issued a controversial opinion earlier this year that took a much more limited view of congressional oversight power:

“The constitutional authority to conduct oversight — that is, the authority to make official inquiries into and to conduct investigations of executive branch programs and activities — may be exercised only by each house of Congress or, under existing delegations, by committees and subcommittees (or their chairmen),” the OLC opinion said. “Individual members of Congress, including ranking minority members, do not have the authority to conduct oversight in the absence of a specific delegation by a full house, committee, or subcommittee.”  See Authority of Individual Members of Congress to Conduct Oversight of the Executive Branch, Office of Legal Counsel, May 1, 2017.

Objecting to this narrow OLC conception of oversight, Sen. Chuck Grassley placed a hold on the nomination of Steven A. Engel to become the new Assistant Attorney General in charge of the OLC until Mr. Engel provided an acceptable response to Grassley’s concerns on the matter.

Yesterday, Senator Grassley withdrew his hold after Mr. Engel admitted, in written responses to questions from Grassley entered into the Congressional Record, that the OLC opinion was defective.

“Mr. Engel’s responses, both in writing and in person, indicate that he agrees each Member, whether or not a chairman of a committee, is a constitutional officer entitled to the respect and best efforts of the executive branch to respond to his or her requests for information to the extent permitted by law,” Sen. Grassley said.

“I am satisfied that Mr. Engel understands the obligation of all Members of Congress to seek executive branch information to carry out their constitutional responsibilities and the obligation of the executive branch to respect that function and seek comity between the branches. Therefore, I agree a vote should be scheduled on his nomination, and I wish him the very best in his new role,” he said.

See Removal of Nomination Objection, Congressional Record, July 19, 2017, pp. S4077-4079.

The Fifth Amendment in Congressional Investigations

Individuals have a broad right to refuse to testify before Congress by invoking the Fifth Amendment right against self-incrimination, the Congressional Research Service explained last week.

“Even a witness who denies any criminal wrongdoing can refuse to answer questions on the basis that he might be ‘ensnared by ambiguous circumstances’.”

On the other hand, the scope of the Fifth Amendment privilege applies more narrowly when it comes to a congressional demand that a witness produce documents. “The Supreme Court has made clear that the mere fact that the contents of a document may be incriminating does not mean that the document is protected from disclosure under the Fifth Amendment.”

See The Fifth Amendment in Congressional Investigations, CRS Legal Sidebar, May 26, 2017.

Other new and updated products from the Congressional Research Service include the following.

President’s FY2018 Budget Proposes Cuts in Public Health Service (PHS) Agency Funding, CRS Insight, May 24, 2017

President John F. Kennedy Assassination Records Collection: Toward Final Disclosure of Withheld Records in October 2017, CRS Insight, May 26, 2017

Trump Objects to Legislated Limits on Secrecy

In the new Consolidated Appropriations Act of 2017 (section 8009), Congress mandated that no new, highly classified special access programs may be created without 30 day advance notice to the congressional defense committees.

But in signing the bill into law last Friday, President Trump said he would not be bound by that restriction.

“Although I expect to be able to provide the advance notice contemplated by section 8009 in most situations as a matter of comity, situations may arise in which I must act promptly while protecting certain extraordinarily sensitive national security information. In these situations, I will treat these sections in a manner consistent with my constitutional authorities, including as Commander in Chief,” he wrote in a May 5 signing statement.

More generally, Trump suggested that his power to classify national security information is altogether independent of Congress. “The President’s authority to classify and control access to information bearing on the national security flows from the Constitution and does not depend upon a legislative grant of authority,” he wrote.

This is a paraphrase of language in the 1988 US Supreme Court opinion in Department of the Navy v. Egan (The President’s “authority to classify and control access to information bearing on national security… flows primarily from this Constitutional investment of power in the President and exists quite apart from any explicit congressional grant.”)

But left unsaid in President Trump’s signing statement was that the Supreme Court has also held that Congress could modify existing classification procedures or create its own secrecy system.

Thus, in EPA v. Mink (1973), the Supreme Court stated: “Congress could certainly have provided that the Executive Branch adopt new [classification] procedures, or it could have established its own procedures — subject only to whatever limitations the Executive privilege may be held to impose upon such congressional ordering.”

And, as noted by Jennifer Elsea, Congress has in fact legislated a classification regime for nuclear weapons-related information in the Atomic Energy Act.

So the newly legislated notification requirements concerning special access programs appear to be well within the constitutional authority and power of Congress.

The Intelligence Authorization Act for FY 2017 was incorporated into the Consolidated Appropriations Act as “Division N” and enacted into law.

President Trump’s reservations about various provisions in the new appropriations act were presented in the first signing statement issued by the current Administration (h/t Charlie Savage).

Is “Cyberwar” War?

Are offensive cyber operations an act of war?

“I would say specifically to your question what defines an act of war [in the cyber domain]– that has not been defined. We are still working towards that definition across the interagency,” said Thomas Atkin of the Office of Secretary of Defense at a congressional hearing last year.

He elaborated in newly published responses to questions for the record:

“When determining whether a cyber incident constitutes an armed attack, the U.S. Government considers a number of factors including the nature and extent of injury or death to persons and the destruction of, or damage to, property. Besides effects, other factors may also be relevant to a determination, including the context of the event, the identity of the actor perpetrating the action, the target and its location, and the intent of the actor, among other factors.” See Military Cyber Operations, hearing of the House Armed Services Committee, June 22, 2016.

If cyberwar is in fact war, would civilians who support military cyber operations be lawful combatants? They might not be, Mr. Atkin said.

“During armed conflict, some civilians who support the U.S. armed forces may sit at the keyboard and participate, under the direction of a military commander, in cyberspace operations. The law of war does not prohibit civilians from directly participating in hostilities, such as offensive or defensive cyberspace operations, even when that activity would be a use of force or would involve direct participation in hostilities; however, in such cases, a civilian is not a ‘lawful combatant’ and does not enjoy the right of combatant immunity, is subject to direct attack for such time as he or she directly participates in hostilities, and if captured by enemy government forces may be prosecuted for acts prohibited under the captor’s domestic law.”

But any such danger to unlawful civilian cyber-combatants is probably not an imminent hazard, he added. “Most, if not the great majority, of our civilian cyber workforce involved in providing support to cyberspace operations during armed conflict will not be serving on the battlefield where they may be the object of attack or risk being detained by the enemy. Instead, most will be providing their support remotely from areas outside the area of hostilities, are not easily identifiable as an individual, and are likely serving in the United States.”

White House: Prepare for the Unpredictable

“The Nation must prepare to mitigate an unpredictable global security and national emergency environment,” the White House said in a report to Congress this month.

The report, transmitted by President Trump on April 3, provided principles for reform of the selective service process by which young Americans enter the military. The report was required by section 555 of the 2017 defense authorization act.

“The Nation must be ever mindful of the unpredictable global security environment that requires an effective and efficient means to provide manpower to the national security community, including military and non-military support in a national emergency,” the President’s report said.

How to prepare in practice for the unpredictable is not clear, except that it involves flexibility.

“Any system, process, or program used to identify, recruit, and employ additional skill sets should be effective in times of peace, war, and other levels of conflict or emergency response. Associated initiatives, systems, and processes must be seamless, robust, and able to expand and contract as needed,” the report said.

Congress established a new National Commission to consider changes to the selective service system, and to develop “the means by which to foster a greater attitude, ethos, and propensity for military services among United States youth.”