Former Secretary Clinton talks about her state.gov private emails

Posted: 01:11 am  EDT

 

Excerpt from the transcript of Hillary Clinton’s remarks on the email controversy swirling about via Time’s @ZekeJMiller:

There are four things I want the public to know.

First, when I got to work as secretary of state, I opted for convenience to use my personal email account, which was allowed by the State Department, because I thought it would be easier to carry just one device for my work and for my personal emails instead of two.

Looking back, it would’ve been better if I’d simply used a second email account and carried a second phone, but at the time, this didn’t seem like an issue.

Second, the vast majority of my work emails went to government employees at their government addresses, which meant they were captured and preserved immediately on the system at the State Department.

Third, after I left office, the State Department asked former secretaries of state for our assistance in providing copies of work- related emails from our personal accounts. I responded right away and provided all my emails that could possibly be work-related, which totalled roughly 55,000 printed pages, even though I knew that the State Department already had the vast majority of them. We went through a thorough process to identify all of my work- related emails and deliver them to the State Department. At the end, I chose not to keep my private personal emails — emails about planning Chelsea’s wedding or my mother’s funeral arrangements, condolence notes to friends as well as yoga routines, family vacations, the other things you typically find in inboxes.

No one wants their personal emails made public, and I think most people understand that and respect that privacy.

Fourth, I took the unprecedented step of asking that the State Department make all my work-related emails public for everyone to see.

I am very proud of the work that I and my colleagues and our public servants at the department did during my four years as secretary of state, and I look forward to people being able to see that for themselves.

Again, looking back, it would’ve been better for me to use two separate phones and two email accounts. I thought using one device would be simpler, and obviously, it hasn’t worked out that way.

 

The Clinton folks have also released a Q&A on her email use:

 

.

.

So if we tell over 70,000 employees that they should secure their email accounts and “avoid conducting official Department business from your personal email accounts,” then we go off and use our own private non-government email, what leadership message are we sending out to the troops?  Follow what I say not what I do?

.

The secretary of state is the highest classifying authority at the State Department. Since she did not have a state.gov account, does this mean, she never sent/receive any classified material via email in the entirety of her tenure at the State Department? If so, was there a specific person who routinely checked classified email and cable traffic intended for the secretary of state?

.

The podium heads insist that there is no restriction in use of private emails. Never mind that this is exclusive use of private emails. If a junior diplomat or IT specialist sets-up his/her own email server to conduct government business at the home backyard shed in Northern Virginia, do you think Diplomatic Security would not be after him or her? Would he/she even gets tenured by the Tenuring Board despite systems management practices contrary to published guidelines?  If the answer is “yes,” we’d really like to know how this works. For ordinary people.

And then there’s this — if there were a hundred people at State that the then secretary of state regularly sent emails to, was there not a single one who said, “wait a minute’ this might not be such a great idea?

.

Bottomline despite this brouhaha? Her personal email server will remain private. She has full control over what the public get to see. End of story. Or maybe not.

.

Oops, what’s this? Oh, dear.

#

 

Daily Press Briefing Needs IT and FOIA Specialists on HRC Emails, Plus HAK Files Go to Court

Posted: 1:25 am EDT

Clip via PostTV

Argghhhh! Whaaat?

Email System

The State Department has multiple automated information systems. All employees, including locally employed staff and contractors (apparently with the exception of Secretary Clinton and who knows how many others), have state.gov email addresses for use in their unclassified workstations.  But not everyone has classified access and in some places, you have to go to a controlled location just to read your classified email.  Here is a quick description from publicly available documents:

    • OpenNet is the Department’s internal network (intranet), which provides access to Department-specific Web pages, email, and other resources.
    • ClassNet is the Department’s worldwide national security information computer network and may carry information classified at or below the Secret level.
    • SMART-SBU or just “SMART” replaces existing Department of State unclassified email and cable systems with a Microsoft Outlook-based system.
    • SMART-C is the Classified State Messaging and Archive Retrieval Toolset

 

No one “scans” emails for classified material?

The real question seems to be — well, if all her email communication was conducted through a private email  server —  how can we be sure that no classified and sensitive information were transmitted using her private email account?  We can’t, how can we?

However, for ordinary employees with badges and logins, an Information System Security Officer (ISSO) has “read access to the employee’s mailbox to ensure that no messages contain classification levels higher than that allowed on the authorized information system” (see 12 FAM 640-pdf). Which seems to indicate that ISSOs as a matter of course, “scan” State Department electronic mailboxes and files to ensure that there are no material there beyond “Sensitive But Unclassified” in the unclass system, for example.


Moving on to fumigation

Anyways — remember the WikiLeaks fallout? At that time, federal employees and contractors who believe they may have inadvertently accessed or downloaded classified or sensitive information on computers that access the web via non-classified government systems, or without prior authorization, were told to contact their information security offices for assistance.

If the unthinkable does happen, their unclassified computers required the equivalent of um… let’s say, digital “fumigation.” But who does that for private email servers?

The office that handles FOIA requests is the Office of Information Programs and Services (A/GIS/IPS/RL) under the Bureau of Administration. The Department also has its own chief information officer. Can we please have the State Department’s IT and FOIA experts talk about this from the podium?  Please, please, please, pretty please, this is getting more painful to watch every day.

 

 

In related news — when you see reports that US embassies have been cited multiple times by State/OIG for use of  “personal email folders,” we suggest you take a deep breath.  That’s not/not the same as the use of personal private emails like Yahoo or Gmail. What those OIG reports are probably referring to are the personal storage folders, also known as  .pst files in Microsoft Outlook on the employees’ hard disk drives. Why would you want to save your emails in the personal folders of your computer?

Because a .pst file is kept on your computer, it is not subject to mailbox size limits on the mail server. By moving items to a .pst file on your computer, you can free up storage space in the mailbox on your mail server.

 

Just because you have classification authority, must you?

Below is an excerpt from the State Department Classification Guide | January 2005, Edition 1 (pdf via the Federation of American Scientists)

High Level Correspondence. This includes letters, diplomatic notes or memoranda or other reports of telephone or face-to-face conversations involving foreign chiefs of state or government, cabinet-level officials or comparable level figures, e.g., leaders of opposition parties. It should be presumed that this type of information should be classified at least CONFIDENTIAL, though the actual level of classification will depend upon the sensitivity of the contained information and classification normally assigned by the U.S. to this category of information. Information from senior officials shall normally be assigned a classification duration of at least ten years. Some subjects, such as cooperation on matters affecting third countries, or negotiation of secret agreements, would merit original classification for up to 25 years.

One thing to remember here, and it’s an important one — the secretary of state is the highest classification authority at the State Department.

CFR 2005 Title 22 Volume I Section 9-10:

(a) In the Department of State authority for original classification of information as ‘‘Top Secret’’ may be exercised only by the Secretary of State and those officials delegated this authority in writing, by position or by name, by the Secretary or the DAS/ CDC, as the senior official, on the basis of their frequent need to exercise such authority.

But why would the USG’s classification guide or classification authority even apply to an email server that apparently is not owned nor physically possessed or maintained by the State Department?


No one is coming out of this smelling like roses

The 67th secretary of state exclusively used private email during her entire tenure at the State Department. She left the State Department on February 1, 2013.  The official word is that in October 2014 — to improve record-keeping or something — the State Department “reached out to all of the former secretaries of state to ask them to provide any records they had,” Secretary Clinton reportedly sent back “55,000 pages of documents to the State Department very shortly” after the letter was sent to her. “She was the only former Secretary of State who sent documents back in to this request,” said Ms. Harf.  This storyline is not even walking quite straight anymore according to the NYT’s follow-up report of March 5.

What appears clear is that the USG cannot possibly know the answer to the endless questions surrounding these emails since it does not have possession of the private email server used in the conduct of official business. But somebody must know how this set-up came to be in 2009.  What originated this, what security, if any  were put in placed?

As if we don’t have enough  disturbing news … have you seen this?

 

But 56th took his files with him!

In related news,  the National Security Archive  filed suit against the State Department this week under the Freedom of Information Act to force the release of the last 700 transcripts of former Secretary of State Henry Kissinger’s telephone calls (telcons). The Archive’s appeal of State’s withholding dates back to 2007.

.

 

The 56th secretary of state had reportedly removed the telcons, along with his memcons and office files, from the State Department when he left office at the end of 1976. According to the FOIA-released declassification guide for the State Department “information that still requires protection beyond 25 years should be classified for only as long as considered necessary to protect the national security.”

But … but …it’s been almost 40 years, heeeellloo!

Where are we again? Oh, utterly distressed by this whole thing.

 

 

Related post:

Don’t read WL from your workstation, if read elsewhere make sure you wash your eyes or you go blind….

 

Related items:

It could be very long time before Hillary Clinton’s State Department e-mails see the light of day (WaPo)

12 FAM 640  DOMESTIC AND OVERSEAS AUTOMATED INFORMATION SYSTEMS CONNECTIVITY (pdf)

Leaked Guccifer emails did say “confidential” but the purported sender of those emails was no longer in USG service and presumably, no longer had any classification authority.

 

Not Going Benghazimazi But Let’s Revisit the ARB’s “Full & Unfettered Access” to State Dept Documents

Posted: 7:42 pm EST

 

Last fall, Ray Maxwell alleged that there was a Foggy Bottom operation to “separate” damaging State Department documents before they were turned over to the Accountability Review Board investigating security lapses surrounding the Sept. 11, 2012, terrorist attacks on the U.S. mission in Benghazi, Libya. (see Former State Dept DAS Raymond Maxwell Alleges Benghazi Document Scrub Pre-ARB Investigation).

At that time, the State Department deputy spox, Marie Harf  called the allegations “a crazy conspiracy theory about people squirreling away things in some basement office and keeping them secret.” She also said this:

QUESTION: Did people involved in preparing the documents for the ARB separate documents into stuff that was just whatever and then things that they thought were – made people on the seventh floor, including the Secretary, look bad?

MS. HARF: Not to my knowledge, Matt, at all. The ARB had full and unfettered access and direct access to State Department employees and documents. The ARB’s co-chairs, Ambassador Pickering and Admiral Mullen, have both repeated several times that they had unfettered access to all the information they needed. So the ARB had complete authority to reach out independently and directly to people. Employees had complete authority to reach out directly to the ARB. And they’ve said themselves they had unfettered access, so I have no idea what prompted this somewhat interesting accounting of what someone thinks they may have seen or is now saying they saw.

But the ARB has been clear, the ARB’s co-chairs have been clear that they had unfettered access, and I am saying that they did have full and direct access to State Department employees and documents.

Read more: State Dept on Former DAS Raymond Maxwell’s Allegations: Crazy. Conspiracy Theory. What Else?

The State Department spokesman Alec Gerlach also denied the allegations (see State Department Denies Raymond Maxwell’s Document Scrub Allegations. Peeeeriod!!!!).

“That allegation is totally without merit. It doesn’t remotely reflect the way the ARB actually obtained information,” he said in an email. He explained that an “all-points bulletin”-type request went out department-wide instructing “full and prompt cooperation” for anyone contacted by the ARB, and urging anyone with “relevant information” to contact the board. 

“So individuals with information were reaching out proactively to the Board. And, the ARB was also directly engaged with individuals and the Department’s bureaus and offices to request information and pull on whichever threads it chose to. The range of sources that the ARB’s investigation drew on would have made it impossible for anyone outside of the ARB to control its access to information,” Gerlach said. He further noted that the leaders of the ARB have claimed they had unfettered access to information and people. 

In both cases, these government officials emphasized one thing: that the Pickering-Mullen Accountability Review Board “had full and unfettered access and direct access to State Department employees and documents.”

In the September 2013 congressional hearing, the Benghazi ARB co-chair also told Congress, “We had unfettered access to State Department personnel and documents. There were no limitations.” 

Shouldn’t we now consider the absent clintonemail.com server as one such limitation?

In light of reports that Secretary Clinton exclusively used a personal email account to conduct government business as secretary of state, and that her private emails were never reportedly actual residents of Foggy Bottom, would these current and former government officials now revisit their statements on the ARB’s “unfettered” access to documents?

 * * *

 

Snapshot: State Department, Foreign Ops and Programs = 1% of Total Federal Budget

– Domani Spero

 

Via CRS:

Congress annually appropriates funds for the security of diplomatic personnel and facilities within the Department of State, Foreign Operations and Related Programs appropriation, which is about 1% of the total federal budget. Security funding amounts to about 9% of that appropriation.

via CRS

via CRS

Congress has not enacted a stand-alone State Department appropriation prior to the start of the fiscal year since 1995 and has not passed a stand-alone Foreign Relations Authorization law since 2002.6 Both could have been legislative vehicles for debate regarding Administration of Foreign Affairs, including diplomatic/embassy security funding and priorities. Instead, Congress has provided ongoing security funding within Continuing Resolutions (CRs) that have delayed by several months the full-year appropriation eventually provided. Funding within a CR is usually based on the previous year’s funding levels. Furthermore, if spending was not in the previous year’s appropriation (as was the case with Benghazi in 2012), it would not be funded by a CR. Only after the final appropriation is passed by Congress and signed into law by the President would State Department officials know what level of funding they can allocate on a daily/weekly/monthly basis over the 275 worldwide diplomatic posts (or 1600 work facilities)7 and over the remainder of the fiscal year.

Read in full here (pdf).

International affairs is important but apparently not important enough to merit the right interest in Congress in the last two decades when it comes to appropriating funds. There’s enough blame to go around going back to 1995, spanning three administrations, all the way back to the 104th Congress and every congressional session thereafter.

Remember that the next time you see an elected representative shed tears on teevee or blow fire from his ass about somebody or another not doing enough for the diplomats our country send overseas.

* * *

 

 

 

 

State Dept’s Critical National Security Database Crashes, Melts Global Travelers’ Patience

– Domani Spero

 

The first announcement about the troubled Consular Consolidated Database (CCD) went out on Wednesday, July 23:

The Department of State Bureau of Consular Affairs is currently experiencing technical problems with our passport/visa system.  This issue is worldwide and is not specific to any particular country, citizenship document, or visa category.  We apologize to applicants who are experiencing delays or are unable to obtain a passport, Consular Report of Birth Abroad, or visa at this time. We are working urgently to correct the problem and expect our system to be fully operational again soon.

The AP reported on July 23 that unspecified glitches have resulted in performance issues since Saturday, which would be July 19.

On July 25, CA announced:” Our visa and passport processing systems are now operational, however they are working at limited capacity. We are still working to correct the problem and expect to be fully operational soon.”

A State Department official speaking on background told us the same day that this issue was not/not caused by  hackers. We were told that the CCD crashed shortly after maintenance was performed and that the root cause of the problem is not yet known.

On July 27, CA released an update:

As of July 27, the Department of State has made continued progress on restoring our system to full functionality. As we restore our ability to print visas, we are prioritizing immigrant cases, including adoptions visas. System engineers are performing maintenance to address the problems we encountered. As system performance improves, we will continue to process visas at U.S. Embassies and Consulates worldwide. We are committed to resolving the problem as soon as possible. Additional updates will be posted to travel.state.gov as more information becomes available.

On July 29, CA posted this on FB:

The Department of State Bureau of Consular Affairs continues to make progress restoring our nonimmigrant visa system to full functionality. Over the weekend, the Department of State implemented system changes aimed at optimizing performance and addressing the challenges we have faced. We are now testing our system capacity to ensure stability. Processing of immigrant visas cases, including adoptions, remains a high priority. Some Embassies and Consulates may temporarily limit or reschedule nonimmigrant visa interview appointments until more system resources become available to process these new applications. We sincerely regret the inconvenience to travelers, and are committed to resolving the problem as soon as possible. Additional updates will be posted to travel.state.gov as more information becomes available.

 

The CA Bureau’s Facebook page has been inundated with comments. There were complaints that at one post the visas were printing fine and then they were not. There were complains from people waiting for visas for adopted kids, for fiancees, for family members, for family waiting at the border, for students anxious to get to their schools, people worried about time running out for diversity visas, applicants with flights already booked, and many more.  One FB commenter writes, “I feel that the problem most people have is not that the system broke, but the lack of clear, meaningful information so people can make appropriate plans.

Other than what the CA Bureau chose to tell us, we cannot pry any substantial detail from official sources.  We, however, understand from sources familiar with the system but not authorized to speak for the bureau that the CCD has been having problems for sometime but it got worse in the last couple weeks.   If you’re familiar with the highs and lows of visa operation, this will not be altogether surprising.  Whatever problems already existed in the system prior to this “glitch” could have easily been exacerbated in July, which is the middle of the peak travel season worldwide. A source working in one of our consular posts confirmed to us that the system is back running, but not at the normal level and that the backlogs are building up. Another source told us that Beijing already had a 15k NIV backlog over the weekend.  We haven’t yet heard what are the backlogs like in mega visa-issuing posts like Brazil, Mexico and India.

We understand that everyone is currently doing all they can to get the process moving, but that some cases are getting through the system, while some are not. No one seems to know why this is happening. These machine readable visas are tied to the system and there are no manual back-ups for processing these cases (more of that below).

 

So who owns CCD?

The Consular Systems and Technology (CA/CST) manages the CCD.  We have previously blogged about its troubled past:

CST is currently headed by a new Director, Greg D Ambrose who reports to the CA Bureau’s Assistant Secretary.  It looks like despite the 2011 OIG recommendation, the CST deputy position remains vacant. We should also note that the  Asst Secretary for Consular Affairs Janice Jacobs retired this past April.  No replacement has been nominated to-date and Michele T. Bond has been Acting Assistant Secretary since Ms. Jacobs’ departure.

Last September, Mr. Ambrose was with FedScoopTV and talked about Consular One, the future of consular IT.

 

CST Just Got a New Data Engineering Contract

In Many 2014, ActioNet, Inc., headquartered in Vienna, Virginia,announced a 5-year task order for data engineering, supporting CST.

ActioNet, Inc. announced today the award of a five (5)-year task order entitled Data Engineering (DE) in support of Department of State (DOS). This task order will provide data engineering and database infrastructure support services necessary for planning, analysis, design, and implementation services for the Bureau of Consular Affairs.  These service also include contract and program management support to ensure that innovation, efficiency, and cost control practices are built into the program. […] The Office of Consular Systems and Technology (CST) within the Bureau develops, deploys and maintains the unclassified and classified IT infrastructures that help execute these missions. The Bureau currently manages over 800 servers worldwide, in order to comply with the fast paced changes inherent to data processing and telecommunications, CST requires that contractor services provide for rapid provisioning of highly experienced and trained individuals with the IT (information technology) backgrounds and the security clearances required of CA’s environment of workstation-based local and wide-area network infrastructures.

Due to limited information available, we don’t know if the new Consular One and/or the new DE contract are related to ongoing issues or if there are hardware issues, given the multiple legacy systems, but we do know that CST has both an impressive and troubled history. Let’s take a look.


Records Growing by the Day

The 2010 Consular Consolidated Database (CCD) Privacy Impact Assessment (PIA) describes (pdf) the CCD as “one of the largest Oracle based data warehouses in the world that holds current and archived data from the Consular Affairs (CA) domestic and post databases around the world.”  According to the PIA, in December 2009, the CCD contained over 100 million visa cases and 75 million photographs, utilizing billions of rows of data, and has a current growth rate of approximately 35 thousand visa cases every day. The 2011 OIG report says that in 2010, the CCD contained over 137 million American and foreign case records and over 130 million photographs and is growing at approximately 40,000 visa and passport cases every day.

That was almost four years ago.


A Critical Operational and National Security Database with No Back-Up System?

According to publicly available information, the CCD’s chief functions are 1) to support data delivery to approved applications via industry-standard Web Service queries, 2) provide users with easy-to-use data entry interfaces to CCD, and 3) allow emergency recovery of post databases.  The CCD also serves as a gateway to IDENT and IAFIS fingerprint checking databases, the Department of State Facial Recognition system, and the NameCheck system. It  provides access to passport data in Travel Document Issuance System (TDIS), Passport Lookout Tracking System (PLOTS), and Passport Information Electronic Records System (PIERS).  The OIG says that the CCD serves 11,000 users in the Department and more than 19,000 users in other agencies, primarily the Department of Homeland Security (DHS) and various law enforcement elements, and is accessed more than 120 million times every month.

Given that the CCD is considered “a critical operational and national security database,” there is surprisingly no redundancies or any back-up system.


Resurrect the Standard Register protectograph aka: `Burroughs visas’?

No one is actually suggesting that but when the CCD system is down, there is no manual way to issue a visa. No post can  handprint visas  because security measures prevent consular officers from printing a visa unless it is approved through the database system. Here is a quick history of the handprinted ‘Burroughs visas’ and the machine readable visas via the GPO:

November 18, 1988, mandated the development of a machine-readable travel and identity document to improve border entry and departure control using an automated data-capture system. As a result, the Department developed the Machine Readable Visa, a durable, long-lasting adhesive foil made out of Teslin.

Before MRVs, nonimmigrant visas were issued using a device called a Standard Register protectograph, otherwise known as a Burroughs certifier machine. It produced what was colloquially known as a “Burroughs visa,” an indelible ink impression mechanically stamped directly onto a page in the alien’s passport. Over time, Burroughs machines were gradually replaced by MRV technology, which is now used exclusively by all nonimmigrant visa issuing posts throughout the world.

Burroughs visas contained a space in which a consular employee was required to write the name of the alien to whom the visa was being issued. An alien’s passport might also include family members, such as a spouse, or children, who also had to be listed on the visa. In March 1983, in order to expedite the issuance of nonimmigrant visas and to improve operational efficiency, the Department authorized the use of a “bearer(s)” stamp for certain countries so that consular officers would not have to spend time writing in the applicant’s name (and those of accompanying family members). MRVs, however, must be issued individually to qualified aliens. Consequently, the “bearer”annotation has become obsolete.

The problem with the old Burroughs machine, besides the obvious, was maybe — you run out of ink, the plates are ruined/broken or you need it oiled. We could not remember those breaking down. With the MRV technology, all posts are connected to a central database, and the new machines by themselves cannot issue visas.  Which brings us to the security of that system.

 

Management Alert on Information System Security Program

The State Department PIA says that “To appropriately safeguard the information, numerous management, operational, and technical security controls are in place in accordance with the Federal Information Security Management Act (FISMA) of 2002 and information assurance standards published by the National Institute of Standards and Technology (NIST).” Must be why in November 2013, the Office of the Inspector General issued a Management Alert  for significant and recurring weaknesses found in the State Department’s Information System Security Program over the past three fiscal years (FY 2011-2013).

In 2011, State/OIG also issued a report on CA’s CST division and has, what appears to be a lengthy discussion of the CCD, but almost all of it but a paragraph had been redacted:

Screen Shot 2014-07-30 at 8.40.37 AM

That OIG report also includes a discussion of the Systems Development Life Cycle Process and notes that decision control gates within CST’s SDLC process are weak. It cites a couple of examples where this manifested: 1) the development of the Consular report of Birth Abroad (CRBA) system. “The ownership of development and deployment shifted throughout the process, and the business unit’s requirements were not clearly communicated to the development team. As a result, CST designed and tested the CRBA for a printer that did not match the printer model identified and procured by the business unit;” 2)  the Crisis Task Force application, for which CST was tasked to enhance its Web-facing interaction. “The deployment of this application has been challenged by the lack of project ownership and decision controls, as well as by the incomplete requirements definition. The use of incorrect scripts that were provided by the CM group has further delayed the Crisis Task Force application’s deployment.”

 

If there’s somethin’ strange in your CCD, who ya gonna call? (Glitchbusters!)

The Consular Consolidated Database (CCD) is central to all consular operations. It is run by CST where according to the OIG, “the smooth functioning of every part of the office depends on its contractors.” And because it runs such an important element of U.S. national security systems, if all CST’s contractors, all 850 of them quit, this critical consular data delivery to the State Department and other Federal agencies would screech to a a halt.

To carry out its mandate, CST must provide uninterrupted support to 233 overseas posts, 21 passport agencies, 2 passport processing centers, and other domestic facilities, for a total of 30,000 end users across 16 Federal agencies and in nearly every country. CST faces 24/7/365 service requirements, as any disruption in automated support brings operations to an immediate halt, with very serious implications for travelers and the U.S. image.
[…]
CST is led by a director and is staffed by 68 full-time equivalent (FTE) employees (62 Civil Service and 6 Foreign Service). There are 12 positions (3 Foreign Service and 9 Civil Service) currently vacant. CA recently authorized CST 19 additional FTE positions. There are also more than 850 contractors operating under nearly 30 different contracts. In FY 2010, CST’s annual operating budget was approximately $266 million.

If CCD is compromised for a lengthy period such as the last couple of weeks, what is the back up plan to keep the operation going?  Obviously, none. It’s either down or running under limited or full capacity.  No one we know remember CCD problems persist this long.  Right now, we know from a reliable source that the system is not down, and some cases and going through but — what if the CCD is completely down for two weeks … four weeks … wouldn’t international travel come to a slow stop?

What if CCD goes down indefinitely whether by hardware or software glitch or through malicious penetration by foreign hackers, what happens then?

Currently, it appears nothing can be done but for folks to be patient and wait until the fixes are in.  We know they’re working hard at it but there’s got to be a better way.   Perhaps we can also agree that this has very serious national security implications on top of disgruntled travelers and a grave impact on the U.S. image overseas.

 

 Related items:

May 2011 |  Inspection of The Bureau of Consular Affairs, Office of Consular Systems and Technology (CST) Report Number ISP-I-11-51

-11/30/13   Audit of Department of State Information Security Program (FISMA) (AUD-IT-14-03)  [3610 Kb]  Posted January 29th, 2014

-01/13/14   Management Alert on OIG Findings of Significant, Recurring Weaknesses in Dept of State Info System Security Program (MA-A-0001)  [6298 Kb]  Posted on January 16, 2014

 

 Related articles

 

 

Video of the Week: Can we please borrow Australia’s Lt. Gen. David Morrison for a bit?

—By Domani Spero

The State Department spokesman said,  “We hold all employees to the highest standards.”  Her top boss also said, “all employees of this department are held to the highest standards, now and always.” Of course, they are held to the highest standards. They are all public servants representing the United States overseas, we hold them to the highest expectation. But what we want to hear from the Secretary of State is what is he going to do if these allegations of manipulation and interference of DSS investigations are proven true?

Since we haven’t heard anything about that, we’re just going to borrow this guy talking about standing up for others, morale moral courage and legacy.

This is the Chief of Army, Lieutenant General David Morrison, AO, to the Australian Army following the announcement on Thursday, 13 June 2013 of civilian police and Defence investigations into allegations of unacceptable behaviour by Army members.

“If we are a great national institution – if we care about the legacy left to us by those who have served before us, if we care about the legacy we leave to those who, in turn, will protect and secure Australia – then it is up to us to make a difference.

Yeah, that.

(‘_’)

US Mission Iraq: Twelve Things You Might Not Know About the Largest Embassy in the World

— By Domani Spero

State/OIG recently released its inspection report of U.S. Embassy Baghdad and its constituent posts  in Erbil and Basrah.  Here are a few things that you may not know about our largest embassy in the world.

Photo by state.gov/ds

Photo by state.gov/ds

#1.  Staffing Numbers:  Planned Reduction at over 50%

“The embassy is taking steps to reduce the mission’s headcount from over 11,500 in January 2013 to 5,500 by January 2014.”  

We’ll have to revisit this early next year to gauge how successful is that effort.

#2.  Housing: Social Workers Mediate Roommate Conflicts

“Housing remains the single largest morale issue, and the embassy employs two social workers to mediate roommate conflicts associated with a housing shortage that requires, at least temporarily, housing as many as four employees in apartments designed for one person. […] The roommate policy will continue as sites close and more personnel consolidate on the embassy compound in the 619 apartments.”  

Apparently, only employees ranked FS-01 or GS-15 and above occupy private quarters.  And two social workers will not be enough if you have to mediate roommate conflicts every new rotation cycle of 12 months.

#3.  Estimated Cost of Protective Security Movement for FY2013: $49.8 Million

“Embassy employees traveling outside the international zone in Baghdad require protective security escorts. The security office’s protective security teams averaged 370 movements per month in the first 5 months of FY 2013 for a total of 1,846 movements. FY 2013’s total estimated cost for protective security movements is approximately $49.8 million.”

#4.   Third-Country Nationals: Hiring TCNs Cheaper But Not Cheap

“Third country nationals, originally recruited from embassies worldwide as temporary experts, comprise 24 percent of the non-U.S. direct-hire staff in Baghdad and fill most of the embassy’s senior non-U.S. positions. The embassy employs 56 third country national employees at a cost of about $10 million annually . […] Support costs for third country national contractors and direct-hire staff, such as lodging, meals, and rest and recuperation travel, average $68,000 per person per year in addition to salaries, which often exceed locally employed staff salaries because of supplemental benefits packages.”

Some problems with hiring TCNs: with TCNs rotating as temp. experts, there may not be enough interest in growing Iraqi FSNs into a cadre of local experts; with American supervisors rotating every 12 months, who trains the Iraqi FSNs for more responsible roles?  Problems with local recruitment:  Mission does not have a pipeline of applicants; security vetting process has an overall average rejection rate of 47%. Almost half the applicants cannot work for the mission due to counterintel issues.

#5.  Iraq’s Service Recognition Package: No Longer The Most Attractive

“Last year, the Department filled about 92 percent of Iraq positions with volunteers. The Department is in the process of reducing selected employee benefits to reflect improvements in security and living conditions….The Department expects in coming months to offer service recognition package benefits to other missions, such as Libya and Yemen, which could be more attractive than the package for Iraq.” 

#6.  Embassy’s Airline — Embassy Air at $128.2 million in 2013

“Based in Amman, Jordan, Embassy Air carried 19,306 passengers to destinations around Iraq during a recent 6- month period. Embassy Air is the mission’s most secure lifeline to the outside world and the only means of medical evacuation countrywide. The combined cost of Afghanistan-Iraq air operations stands at $128.2 million this year.”

#7.  Embassy Hospitals: How Many by 2014?

“The Department is rapidly reducing the scope of its contracted medical services, estimated at $85 million for FY 2013, as activities at OSC-I locations around the country close by the end of the year. The embassy operates 11 hospitals and clinics throughout the country under contract with Comprehensive Health Services Middle East. Operations include four diplomatic field hospitals geared to trauma and mass casualty stabilization and clinics that deliver primary care, evacuation stabilization, and laboratory services.”

#8.  Largest IVP in the World

US Mission Iraq “manages the largest International Visitor Leadership Program in the world with 149 participants in FY 2012.”

#9.  Arabic Speakers: Only Three Can Conduct Interviews Unassisted 

“Consular Management The section’s effectiveness is hampered by a dearth of Arabic-language speakers, limited cultural insight, and an insufficient number of useful local contacts, largely due to the limited role the five Iraqi employees play in the overall operation. Fewer than half the consular employees—both U.S. and non-U.S. direct hires—speak Arabic and only three of the Arabic- speaking officers can conduct the full range of interviews unassisted.”  

This shortage of expertise is not confined to language.  Elsewhere in the report, the inspectors note that many Washington-based employees have more historical knowledge than some employees working in Iraq today.

#10.  Diplomatic Compounds:  Larger Than Normal

“The embassy and Consulate General Basrah occupy more than 100 acres each, while the Baghdad Diplomatic Support Center site totals 350 acres. A typical new embassy compound sits on approximately 10 acres.”

So that’s ten times larger than normal. But then, no one ever said the U.S. Mission in Iraq was ever normal.

#11. Bleeding Green Bucks: Over $270 Million Down the Drain

At “[t]he Erbil Diplomatic Support Center, the Department canceled ongoing construction in February 2013, after expenditures of approximately $85 million, with the decision to cease Department operations at the location by July 2013. In September 2012, with the reduction of the Police Development Program, the U.S. Government turned over the unfinished Baghdad Police Academy to the Government of Iraq after investing an estimated $108 million in construction. In addition, the Department contributed $48 million in Police Development Program funds to the construction of the Basrah consulate general, because the Police Development Program intended to be a tenant in that facility. During the inspection, in preparation for turnover to the Government of Iraq, mission operations drew down at Embassy Annex Prosperity, where a $32 million construction project was halted. The final phase of the Prosperity site closure requires construction of a new $11.5 million heavy vehicle maintenance facility on the embassy compound.”

So that’s over $270 million down the drain for lack of appropriate planning, and $11.5M more for new construction, which may or may not be needed in a year or two.

#12.  Iraq Tax With No End in Sight Will Strain Diplomatic Facilities Worldwide

“Funding levels from multiple sources in support of Mission Iraq operations have been so substantial that the mission has not been subject to normal fiscal constraints, nor has it evaluated process and program priorities rigorously. The Department allotted $3.23 billion for Mission Iraq operations in FY 2012. The mission also oversaw $1.33 billion in foreign assistance in that same time frame.  Inevitably, the contingency funding that is a remnant of Iraq’s status as a war zone, and enabled so much of the mission’s growth and security programs, will dwindle. Even with the Department’s increased focus on protecting personnel and facilities in the aftermath of the Benghazi attack, the mission is considering ways to reduce its operational and security budgets, although the sheer size and scope of the physical plant, both in Baghdad and at the consulates,will require significant funding for years to come.”

So the reduction of USG footprint in Iraq does not mean the end of the Iraq tax on staffing, but going forward, you may now add resource allocation demands.  The OIG inspectors believe that as US Mission Iraq operates in a “traditional diplomatic environment” its maintenance and repair costs will come out of the regular budget.  The Vatican-size embassy even with “rightsizing” at 5,500 staff will still be the largest embassy in the world. Security and movement protection will still remain expensive. And as contingency funds end, and as US Mission Iraq starts to get funding from State’s regular budget, it will “strain  support for diplomatic facilities worldwide.”

Oh, there is no mention in this report of the alleged “underground drug ring” operating near the U.S. Embassy in Baghdad; or a drug ring which allegedly supplied State Department security contractors with drugs.

This report only mentions “drug” in one instance: “The Department has approved continuing annual assistance for anti-corruption, the justice sector, drug demand reduction and police, with $23 million requested for FY 2014.” 

That’s expensive but not nearly as exciting news.  Now, let’s go invade another country so we can do this all over again.

(ú_ú)

-05/31/13   Inspection of Embassy Baghdad and Constituent Posts, Iraq (ISP-I-13-25A)  [617 Kb]  Posted online on June 3, 2013

Fundraiser to benefit the family of Sean “Vilerat” Smith

The fundraiser in youcaring.com is organized by Zack Parsons of Something Awful to benefit the family of Sean Smith who was killed in the Benghazi Attack. He left behind wife, Heather and two children, Samantha and Nathan.  Sean Smith was a moderator of Something Awful’s D&D forum under the username “Vilerat.”  The original target amount of of $100, 000 was quickly reached and currently stands at $110,953.85. The fundraiser has now updated its target amount to $150,000.00 ending on December 1, 2012.


Organizer : Zack Parsons
This Fundraiser ends on : 12/1/2012
Beneficiary : Heather Smith

Sean Smith was a veteran Foreign Service Officer of the US State Department. His life ended tragically on September 11, 2012 when the U.S. Consulate in Benghazi, Libya came under attack.

He was known to his many friends in EVE Online and the Something Awful forums as Vilerat. His intelligence, patience and good humor were the cornerstones of Sean’s life and those traits moved everyone he came in contact with. Sean was a devoted husband to his wife and he was a proud parent of two children.

To show our love for him and for his family we hope to raise money to help with their current expenses and his children’s college expenses.

Update: Because we are over halfway to our initial goal of $50,000 in less than 12 hours, we have doubled the goal to $100,000. Thank you so much for your donations. Every donation, large or small, will help Sean’s family.

Update 2: Sean’s wife, Heather, has posted her gratitude for the donations. She writes, “Thank you. Thank you so much. I do not know how to express my gratitude on behalf of my children.” She goes on to say, “I am so very touched at the love and support you all have shown us and I will read each and every post made in honor of Sean. Peace and love to all of you. Hold your family close and remember what is important.”

We have quickly passed our original goal and are more than three-quarters of the way to our second goal. Because of the speed of all the donations we are increasing our goal to $150,000. Thank you for all of your kind words and generosity.

The donations ranges from $1.00 to $1000 from anonymous donors, to Foreign Service members, the gaming community and strangers with no apparent connection to Sean. The notes are as simple as “RIP Vile Rat” to this one from Richard:

“Had quite a few unfortunate run-ins with Vilerat. Because of him I have never again undocked from a station without an insured ship and a back-up clone. Whether he was alone or backed up by his fellow Goons, he was fierce, intimidating, and almost always an adrenaline booster. He was the cause of my first lose of a ship… and a second later my first lose of a pod. In the skies of New Eden he was an inspiration to want to become a better pilot. In real life, we were worlds apart. Even so, looking at all these comments from friends and family I know that he is definitely a part of the “better man” group. Mrs. Smith, Sean was no doubt a loving father and husband and wish I could have known him. He was in fact a dear friend, and a strong leader, and to alot of us who attempted to hunt the Goons down or just happen to be at the wrong place at the wrong time, he was indeed a Vilerat. O7 Fly Safe Vilerat and forever R.I.P. Sean Smith. You will be loved and missed till the end of days.”

This one from somebody who is broke and gave $1.00:

“I’m utterly broke, but the current donation tally is ending in a 9 so I’ll round it up. I only played EVE a while and rarely shot blues, but Sean was a good guy. “

You have 49 days left if you want to help.  The online donation page is here.

 

 

 

US Mission Iraq/INL: Sexing-up Them “Engagement” Numbers in Iraq?

Here is part of the SIGIR report that talks about the number of meetings (on the Iraqi side) and engagements (on the US Embassy Iraq/INL side) during the first three month period of 2012.

In late December 2011, Principal Deputy Minister of Interior al-Asadi ordered the formation of a committee within the MOI to coordinate with INL and manage MOI’s involvement with the PDP [Police Development Program]. The committee reported that MOI officials held 80 meetings with INL advisors from January 1 to April 1, 2012. (INL reported that it held 517 engagements with MOI personnel during the same three-month period.) In addition, the MOI committee noted that it had rejected 55 meeting requests by INL during the first three months of 2012. The committee characterized 52 meetings with INL as “beneficial,” 21 as “semi-beneficial,” 1 as “non-beneficial,” and did not assess the other 6. The MOI committee also concluded.

Let’s just say that there are no weekends at US Mission Iraq.

517 engagements
÷  90 days
—————————
=  5.744444 engagements a day for a three-month duration

Given that no one can just pick up and go in Iraq, and that it is deemed unsafe to travel without any security details over there, how does five meetings/engagements a day from just one part of US Mission Iraq even works?

What are included in these 517 engagements — meetings via emails? Appointments by telephones? Pigeon posts?  Two cans and a string? What counts?

Unfortunately, the SIGIR report did not explain what the meaning of “engagement” really is from the INL perspective. Or how many resulted in face-to-face or face-to-screen-meetings.

Well, whatever it is, the 517 “engagements” did not seem to help much.

According to SIGIR, as of July 2012, the number of INL in-country advisors was reduced to 36: 18 in Baghdad and 18 in Erbil, down from the 85 advisors supporting the program in January 2012.

Of course, in the glass is full perspective, one could argue that without that 517 “engagements”, the number of in-country advisors could have been down from 85 advisors to 6 or zero. The fact that we’re left with 36 should be considered a programmatic success or something.

SIGIR’s analysis of DoS’s FY 2013 budget request, however, shows that the Police Development Program support costs would go up to 94% of program funding and the per advisor costs would double to about $4.2 million per year.

In short, 36 advisors will still cost US taxpayers $151.2 million a year.

Before you get mad, just remember that we already have a $204.8 million savings from the 49 advisors who were cut off from the program.

This monopoly game is addicting and so exciting! Can we please buy a new school in my district with that money?

Domani Spero

Paul Bremer Who? Writes About Libya, and What Success Looks Like …. As in Iraq

Bremer signs over limited sovereignty to Iraq'...Image via Wikipedia
L. Paul Bremer and members of the Iraqi Govern...Image via Wikipedia
Via WaPo:

The parallels are striking. For decades, both dictators had been labeled terrorists by U.S. administrations, Republican as well as Democratic. For decades, each man had brutally oppressed his own citizens, often using cynical methods to exacerbate tribal and sectarian divisions. Gaddafi was found in a sewer pipe; Hussein was captured in a spider hole. Sic semper tyrannis.

The capture or death of a dictator can help close a curtain on a long period of tyranny. But consolidating such a huge political change has not been easy in Iraq, and it won’t be easy in Libya, either. Iraq’s experience suggests that success will hinge on addressing three urgent issues during this transition….
[…]
But the dictator’s capture did not solve Iraq’s security problems. The positive impact of his incarceration was soon canceled out by a large Sunni uprising in Anbar province and a simultaneous Shiite attack on three provincial capitals in southern Iraq. At the time, the United States lacked both the appropriate strategy and adequate forces to respond effectively to these challenges, a situation that was eventually corrected by President George W. Bush’s courageous troop surge in 2007.

But, but … Iraq had an Army, right?  Nah! I think somebody dismantled that one. Except he said he did not, really.

Read in full here.  You have permission to excuse yourself if you need to use the vomitorium.

If you don’t remember Paul Bremer, that makes two of us. Such a bummer when you suffer from a short memory fuse on our debacle in Iraq.  Anyway, I had to Google this one. It turns out that Paul Bremer in full is Ambassador L. Paul Bremer III. He was appointed by George W. Bush as presidential envoy to Iraq from May 2003 to June 2004 and is the author of some book about spending a hopey year in Iraq.  He was a career diplomat, one of ours …. sigh ….

Readers of WaPo who remember this guy just fine were understandably a tad confused.  One predicted what’s up at WaPo — “Coming next week, advice on living a dignified life from Charlie Sheen.”  Another asked, “Paul Bremer? Really? He’s like the George Costanza of policy advisors.”

Oh, dear!