SECRECY NEWS
from the FAS Project on Government Secrecy
Volume 2014, Issue No. 52
August 13, 2014

Secrecy News Blog: http://fas.org/blogs/secrecy/

INSIDER THREAT PROGRAM ADVANCES, SLOWLY

Nearly two years after President Obama issued a National Insider Threat Policy "to strengthen the protection and safeguarding of classified information" against espionage or unauthorized disclosure, the effort is still at an early stage of development.

Only last week, the U.S. Air Force finally issued a directive to implement the 2012 Obama policy. (Air Force Instruction 16-1402, Insider Threat Program Management). And even now it speaks prospectively of what the program "will" do rather than what it has done or is doing.

The new Air Force Instruction follows similar guidance issued last year by the Army and the Navy.

The Air Force Insider Threat Program includes several intended focus areas, including continuous evaluation of personnel, auditing of government computer networks, and procedures for reporting anomalous behavior.

"Procedures must be in place that support continuous evaluation of personnel to assess their reliability and trustworthiness," the AF Instruction says.

Such continuous evaluation procedures may eventually sweep broadly over many domains of public and private information, but they are not yet in place.

"There are a number of ongoing pilot studies to assess the feasibility of select automated records checks and the utility of publicly available electronic information, to include social media sites, in the personnel security process," said Brian Prioletti of the Office of the Director of National Intelligence in testimony before the House Homeland Security Committee last November.

The Air Force directive also encourages reporting of unusual behavior by potential insider threats.

"Insider threat actors typically exhibit concerning behavior," the directive says. But this is not self-evidently true in all cases, and the directive does not provide examples of "concerning behavior."

A Department of Defense training module recently identified expressions of "unhappiness with U.S. foreign policy" as a potential threat indicator, the Huffington Post reported last week. ("Pentagon Training Still Says Dissent Is A Threat 'Indicator'" by Matt Sledge, August 4.) If so, that criterion would not narrow the field very much.

The "CORRECT Act" (HR5240) that was introduced last month by Rep. Bennie Thompson and Sen. Ron Wyden would require any insider threat program to meet certain standards of fairness and employee protection, and "to preserve the rights and confidentiality of whistleblowers."

That message may have been partially internalized already. The terms "civil liberties" and "whistleblowers" are each mentioned four times in the eight-page Air Force Instruction.


EBOLA-STRICKEN AMERICANS RETURNING FROM ABROAD, AND MORE FROM CRS

New products from the Congressional Research Service that Congress has withheld from online public distribution include the following.

Safe at Home? Letting Ebola-Stricken Americans Return, CRS Insights, August 5, 2014:

2014 Quadrennial Homeland Security Review: Evolution of Strategic Review, CRS Insights, August 6, 2014:

Reducing the Budget Deficit: Overview of Policy Issues, August 7, 2014:

Juvenile Victims of Domestic Sex Trafficking: Juvenile Justice Issues, August 5, 2014:

U.S.-EU Cooperation on Ukraine and Russia, CRS Insights, August 7, 2014:

******************************

Secrecy News is written by Steven Aftergood and published by the Federation of American Scientists.

The Secrecy News blog is at:
      http://fas.org/blogs/secrecy/

To SUBSCRIBE to Secrecy News, go to:
     http://fas.org/sgp/news/secrecy/subscribe.html

To UNSUBSCRIBE, go to:
      http://fas.org/sgp/news/secrecy/unsubscribe.html

OR email your request to saftergood@fas.org

Secrecy News is archived at:
      http://www.fas.org/sgp/news/secrecy/index.html

SUPPORT the FAS Project on Government Secrecy with a donation here:
      https://fas.org/join/