– Domani Spero
Via Burn Bag:
“Can someone please explain to me how you get to spend your entire overseas career in non-differential postings?
* * *
– Domani Spero
Via Burn Bag:
* * *
❊ If you want to help keep us around, see Help Diplopundit Continue the Chase—Crowdfunding for 2014 via RocketHub ❊
– Domani Spero
State Magazine now includes an ‘Ethics Answers’ box where hypothetical ethical scenarios Department employees might face are presented. The January issue includes the following (pdf):
Q: I was recently assigned to a new post. My new supervisor frequently has me do personal things for her, like typing her son’s college application or picking up her dry-cleaning. I feel I shouldn’t be asked to do these things. Am I right?
A: Yes. Ethics regulations prohibit a supervisor (or any Executive Branch employee) from encouraging, directing, coercing or requesting a subordinate to perform these types of personal services during work hours or personal time. By asking you to perform these tasks, your boss has taken advantage of her official position to gain personal services she would otherwise need to perform herself or pay someone else to do. Under ethics rules, this is a “misuse of position”—using official time, authority, title, information or resources for private gain, either one’s own or another’s. Other examples of misuse of position include using one’s official position to obtain a travel upgrade, asking the visa office to give priority to a friend’s visa application or using your official title to fundraise for your child’s school.
For help with real ethical questions, email firstname.lastname@example.org.
Why can’t the ethics attorney use real cases without mentioning names and posts?
Let’s try this.
The ambassador’s OMS at an EUR post was routinely asked to take the dog and kids for walks while the boss worked after hours.
Or, during the embassy’s Christmas bazaar, the ambassador’s OMS and an official residence employee were tasked with selling bags and crafts owned by the ambassador’s wife.
Is that too hard? You may play the ethics crossword puzzles here, have fun, learn the regs. Pardon me, and then what? After you know that you’re right, what then? An excellent question that we hope “Ethics Answers” would answer one day.
* * *
– By Domani Spero
On September 30, President Obama proclaimed October 2013 as National Cybersecurity Awareness Month. In light of that proclamation, we’re highlighting a grievance case by a Foreign Service officer who downloaded and installed the Mozilla Firefox browser which potentially cost him a promotion. The State Department proposed to issue him a Letter of Reprimand. The officer filed a grievance challenging the issuance of a Letter of Reprimand. For relief, he asks that the decision to impose discipline be rescinded and the discipline letter be removed from his Official Personnel File (OPF). In addition, he requests that the 2011 Selection Board’s decision to promote him be given immediate effect, and that he be reimbursed for attorney’s fees. The Department denied his grievance on March 13, 2012. He appealed that decision to the Foreign Service Grievance Board on May 14, 2012. On December 2012, the Board found that grievant’s argument was without merit and sustained the proposed discipline.
This case is available publicly (pdf) from the newly relaunched fsgb.gov. (BTW, the site is now searchable, yay!) As far as we are aware, the State Department still only allows two browsers for official use — Internet Explorer and more recently during Secretary Clinton’s tenure, Google Chrome was approved for department-wide use. According to the browser stats maintained by w3schools.com, Internet Explorer’s downward use continues to hover around 12% in 2013, while Chrome continues to climb above 50 percent. Firefox’s usage remains at around the 27% mark.
Now some details on this case extracted from the record of proceeding:
Grievant, an FS-03 Officer, installed a software application, Mozilla Firefox Browser, on his workstation in August 2010. Grievant admitted that he installed the software because he was concerned that his savings accounts may have been the subject of identity theft and he wanted to check his credit union account on-line with what he thought was a safer web browser. The Mozilla software was found to be an executable application so that by downloading it grievant violated the Department’s Cyber Security Policy, and such action could have led to disruption of the Department’s cyber infrastructure. Grievant argued that he was unaware that the Mozilla Browser was an executable file when he installed it, and therefore, did not have the intent to violate the policy. The Board found that grievant’s argument was without merit and sustained the proposed discipline.
Anyone with questions about executable files should check the list here and best consult post’s information systems security officer (ISSO).
Also it might not be bad to get acquainted with 12 FAM 590 CYBER SECURITY INCIDENT PROGRAM if you haven’t already.
The government’s charge:
The Department charged the grievant with violating the directives and procedures for Cyber Security contained in 12 FAM 592.2b 8. The charge is based on grievant’s action in downloading the Mozilla Browser on his workstation on August 9, 2010. A revised cyber security program was implemented in 2007 throughout the Department. The Department asserts that grievant’s failure to comply with the cyber security policy could have resulted in damage or risk to the Department’s cyber infrastructure. The Mozilla Browser could compromise the integrity of the system and introduce a virus or malicious code.
Grievant was informed on December 22, 2010 by the Bureau of Diplomatic Security that the installation of the Mozilla Browser by him was a violation of the regulation. Grievant was further advised that the violation determination would be forwarded to the Bureau of Human Resources. Grievant was advised of his right to appeal the finding of a violation by the Bureau of Security, but chose not to do so. He did submit a Statement of Understanding acknowledging receipt of the December 22, 2010 letter and the Department’s security policies.
The Department dismisses grievant’s argument that his action in downloading the Mozilla browser required “mens rea” or a ”deliberate” act on his part to download an application that he knew was not authorized for installation. In his view, the Department has failed to prove that he made such a deliberate decision. He asserts that he did not actually know that the software was not authorized, and that his actions were inadvertent. He explains that he was ignorant that the software was an executable application that was not authorized. He states that he “lacked the knowledge of the difference between a search engine website and web browsing software.” He contends that the Department’s decision to not charge him with the downloading of the Shockwave program demonstrates that his action was not deliberate.
The FSO’s defense and argument:
Grievant has admitted that he installed Mozilla to assist himself with issues concerning his personal savings accounts. He could have used his personal computer to deal with the “spoofing” problems he was having with the possible identity theft matters. Finally, grievant should have reported the “spoofing” problems to the ISSO and checked with that office to determine if he could download Mozilla.
Grievant asserts that the proposed Letter of Reprimand should be rescinded because he lacked the intent necessary to violate the regulation. In 2009 – 2010, grievant was the victim of identity theft. He lost several thousand dollars to the thief, had to cancel his credit cards on two occasions, and was informed that his medical records were among those stolen from an Office of Medical Services database. On August 9, 2010, he received on his agency email four “spoofing” messages purporting to be from his credit union and his retirement fund.
Grievant was concerned that his savings accounts might have been stolen and his Department computer may have been compromised. He installed the Mozilla Firefox browser on his workstation instead of other browsers, such as Google, because he thought that Mozilla was a safer web browser. He was quickly informed by ISSO that Mozilla was not allowed to be downloaded on the Department’s system since it was an executable file. Grievant explained his concerns about his savings accounts and the reason that he downloaded the browser. He stated on several occasions that he did not know Mozilla was an executable file in violation of the regulation, and believed it to be a secure web-based browser. Grievant apologized and accepted responsibility for what he believed was an “inadvertent download of an executable file”.
Grievant argues that he should not be disciplined for downloading the Mozilla browser. In his view, the Department must show that it was his conscious object to download an executable file on to the Department’s network. He admits that his action was prohibited by the FAM, and that he exposed the Department to serious risk by downloading the browser on his workstation. However, he argues that the FAM requires specific intent to violate the regulation, which he did not have when the downloading took place. Grievant argues only deliberate acts, not negligent ones, are punishable under the regulation. He believes it is unjust to punish “a deliberate act that was believed would cause only a permissible result.” His action was negligent and he acted out of ignorance believing Mozilla to be a web based application rather than an executable file. In essence, he states that he believed that he was doing nothing more than accessing a website and that he lacked the knowledge required to make his action of downloading a deliberate violation of the regulation.
Grievant is remorseful and admits that he is fully responsible for his action. He did not know that he was downloading an executable file, and lacking that knowledge he did not have the mental state required by the regulation. Among other things, grievant asks that the decision to impose discipline be rescinded and the Letter of Reprimand be removed from his OPF. In addition, he asks that the Department give immediate effect to the 2011 Selection Board’s decision to promote him.
The FSGB was not persuaded:
Grievant intended to install Mozilla on his workstation. He engaged in a deliberate act. The fact that he was ignorant that it was an executable file in violation of the regulation does not obviate or lessen his culpability. As the Department points out, his action could have resulted in damage or significant risk to the Department’s cyber infrastructure, which could have caused major disruptions and loss of sensitive information. His admitted ignorance or lack of knowledge about Mozilla being an executable file does not excuse his action or his culpability for that action.
This is grievant’s first incident of any kind that caused him to be disciplined. As noted, his record is one of success and accomplishment. Grievant believes that discipline in this case is unjust. However, the proposed Letter of Reprimand is consistent with the penalties imposed in prior cases, and is reasonable under the facts of this case.
One related item, the agency’s cybersecurity was most recently in the news with a BuzzFeed exclusive report that the State Department Lacks Basic Cybersecurity. The report alleges that “the State Department cable and messaging system, built and maintained — like the troubled ObamaCare system — mainly by large IT contractors, has routinely failed to meet basic security standards.” It further alleges that “There is hackable backdoor access to servers and the potential for spillage of classified information in the unclassified enclave.” BuzzFeed says that it has internal docs although those do not appear to be posted online at this time. Read more here.
* * *
On April 26, 2013, U.S. Rep. Ed Royce (R-CA), Chairman of the House Foreign Affairs Committee (HFAC), introduced legislation to increase the independence and transparency of future Accountability Review Boards (ARB), the temporary investigative bodies that are convened to review security-related incidents that result in “serious injury, loss of life, or significant destruction of property at, or related to, a United States Government mission abroad, and in any case of a serious breach of security involving intelligence activities of a foreign government directed at a United States Government mission abroad.”
According to Mr. Royce’s website the “Accountability Review Board Reform Act of 2013” (H.R. 1768) will increase the independence of future ARBs from the State Department, limiting the Secretary of State’s role.
Here is part of Mr. Royce’s reasoning: “When then-Secretary of State Clinton testified about the Benghazi attack in January, she repeatedly referred to the ARB findings, calling it an ‘independent’ investigative body. But the fact is, Secretary Clinton convened the ARB and hand-picked four of its five members. This ARB failed to assess the roles of so-called “seventh floor” State Department officials in the decisions that led to the Benghazi mission’s severely compromised security posture, despite strong evidence suggesting these senior officials were involved. This legislation will ensure that future ARBs are, in fact, independent of State Department leadership.”
The text of the proposed legislation has not been posted yet. But according to Mr. Royce’s website, The Accountability Review Board Reform Act addresses the following:
According to data in congress.gov, H.R.1768 was introduced by Rep Royce, Edward R. [CA-39] on 4/26/2013. It currently has 16 cosponsors and has been referred to the House Committee on Foreign Affairs.
We’ll post comments after we’ve seen the full text of H.R. 1768.
State’s OIG recently posted online its review of the three divisions in Diplomatic Security’s Directorate of Domestic Operations: 1) the Special Investigations Division (SID), 2) the Criminal Investigations (CR) Division, and 3) the Computer Investigations and Forensics (CIF) Division.
Here are the key findings:
If you ever wonder why “it depends” is a common enough mantra over there, take a look:
The absence of a comprehensive, up-to-date manual increases the potential for errors, particularly for new agents who are forced to rely on on-the-job training. Inspectors discovered uncertainty among SID agents about which warnings to provide subjects prior to their interviews in investigations, though the wrong choice of warning can ruin a potential criminal prosecution. Inspectors were told that SID supervisors have sometimes pursued investigations excessively against other DS agents and that some supervisors have chosen to open cases on every allegation, including for those types of workplace issues that Department managers should ordinarily attempt to handle via other means. The likelihood of such problems increases when clear guidelines are lacking and individual preferences prevail.
Now, it’s not like this is a newly established office where folks are working from scratch. This office has been around forever investigating criminal and admin misconduct. It is utterly absurd that it does not have an up-to-date manual. The OIG report mercifully did not say which version of the manual this office is operating under; save folks the embarrassment of having to explain if the manual dates back to Jesse Helms days.
On independence, credibility, external influences and pressures:
In all matters relating to investigative work, the investigative organization needs to be free, in fact and appearance, from impairments to independence in both organization and attitude. Such independence is essential so that an organization’s decisions about obtaining evidence, conducting interviews, and making recommendations will be impartial and viewed as such by knowledgeable third parties. The credibility of the Department’s investigative organizations and disciplinary system depends on that independence, yet the perception exists among knowledgeable parties that external influences have negatively affected some SID investigations.
SID is one of many offices that report up the normal chain to the principal deputy assistant secretary and director of the Diplomatic Security Service. Foreign Service special agents in SID, 80 percent of whom are junior in rank, ordinarily serve only one tour as an investigator. Subjects of their investigations may include more senior DS agents; other senior DS agents are sometimes hostile witnesses for interviews. The SID supervisors also are in the DS mainstream and subject to regular “up or out” assignment and promotion processes. During inspection interviews, nearly every SID special agent acknowledged being aware that one or more suspects, witnesses, or senior Department officials could one day serve on a promotion board or on a DS assignment panel that would decide the investigator’s career prospects. Although most investigators said that they had not experienced career pressure in any particular cases, some had indeed felt such pressure. Several special agents in SID observed that Civil Service agents with sufficient rank are less susceptible to such pressure, as their careers do not depend on DS assignment panels or Foreign Service promotion boards.
It turns out that the SID chief is an FS-01 position, which, according to the OIG report “leaves any chief who aspires to the Senior Foreign Service vulnerable to pressure from above.” Unnamed sources also suggested to the OIG team that “having three bureaucratic layers between the SID chief and the DS Assistant Secretary makes sensitive cases vulnerable to multiple types of interference and the leaking of information.”
The OIG recommends that the Office of the Deputy Secretary (presumably the incoming D/MR who succeeds Mr. Nides) should “restructure the investigative responsibilities currently assigned to the Special Investigations Division. The outcome should include safeguards to prevent any Department of State or Diplomatic Security official from improperly influencing the commencement, course, or outcome of any investigation.”
Let’s see if that happens.
Should have been interesting to know which cases were alleged to have been interfered with, wouldn’t it? That would have been a scream.
Apparently, according to the Dead Men Working blog, “CFSO and AFSA both told State’s OIG that DS investigations into allegations of mis-or-malfeasance by Foreign Service members were subject to outside influence and were occasionally unprofessional.”
They told the OIG seven years ago. Yay!
Back on January 13, 2012, we blogged about the demise of ACPD or the U.S. Advisory Commission on Public Diplomacy (see PD Commission KIA by Congress; Welcome Back, Matt Armstrong):
Last December, after 63 years of existence, the Commission was KIA by Congress. And the USG saved $135,065, the Commission’s operating budget for FY2011 (salaries excepted). Besides the Executive Director, the only permanent staff of the ACPD, the Commission was supported by a detailee from DOD and two interns. At the time of its closure, there was no Y-tour FSO working with the Commission. Apparently, the senator who blocked ACPD’s reauthorization admitted he did so not because of merit, or value, or mission, or demand, or even actual cost. The gesture was symbolic and that ACPD happened to cross the senator’s sights at the wrong time; would he have seen DOD’s $547 million for public affairs?
Patricia Kushlis of WhirledView writes: “An effective Public Diplomacy Advisory Commission is the single bipartisan governmental entity that reports to both the executive and legislative branches about what the US could and should do to improve the country’s image abroad. Given the fragmentation of US public diplomacy activities since USIA’s demise, this country is more than ever in need of an independent watch-dog body tasked with putting the jig-saw pieces together enough, at least, to see, report on and critique the most critical parts – now flung across a multitude of departments and agencies.”
So the Commission has been dead for about 15 months but now it’s been re-authorized, retroactively re-authorized on January 3, 2013.
As of to-date, there does not seem to be any hint that the Commission will re-start work within the next 30-60 days.
The ACPD is supported by the office of the Under Secretary of State for Public Diplomacy and Public Affairs also known as the “R” Bureau (we’re looking at you A/S Tara Sonenshine). With the exception of that tiny blurb about the ACPD re-authorization, there reportedly is word from the R/Front Office that no other changes on the ACPD website be done without the expressed approval from Ms. Sonenshine’s office. It does not look like Matt Armstrong, the executive director or the rest of the Commission staff has also been reinstated.
We should note that the ACPD reports to the President and the Secretary of State.
Quick background on the ACPD:
Since 1948, the United States Advisory Commission on Public Diplomacy (ACPD) had been charged with appraising U.S. Government activities intended to understand, inform, and influence foreign publics and to increase the understanding of and support for these same activities.
The ACPD accomplished this through reports and symposiums that provide honest appraisals and informed discourse on these efforts. The ACPD conducted studies, inquiries, and meetings, and disseminates white papers, reports, and other publications with the approval of the chairperson and in consultation with the Executive Director.
Considering that the ACPD is tasked with appraising our public diplomacy programs, a good chunk of those programs produced by the “R” Bureau (hello Buzkashi Boys), is it appropriate for Ms. Sonenshine’s office to have hiring authority over the Commission’s staff or have authority on when it can operationally re-start or re-do its website? Does it need permission, too, when it can convene a meeting? The current rules has the chairman of the commission having the authority to appoint the executive director and other additional personnel. It sounds like the “R” Bureau is looking to change that.
The United States Advisory Commission on Public Diplomacy (ACPD) is a bi-partisan entity. With taxpayer dollars leaking out everywhere in the name of public diplomacy, and not just from State, we need an independent commission that can appraise the effectivity of these programs. Furthermore, the law that created ACPD actually requires that the Commission conduct an assessment that considers the public diplomacy target impact, the achieved impact, and the cost of public diplomacy activities and international broadcasting. It is supposed to assess and rate whether public diplomacy programs were effective or not, whether appropriate goals were set or not, whether the programs were managed-well and were cost-efficient or if they do not have acceptable performance public diplomacy metrics for measuring results.
That’s a good enough reason to ensure that the ACPD is not staff by anyone from “R” or nominated by “R” who potentially can have a conflict of interest when it comes to bidding for future assignments within the State Department.
If this is all a misconception on our part, well, can you blame us if we’re reading the smoke signals? If you know why it’s been 60 days since ACPD had been reauthorized and it is still hobbled in the bureaucracy, our comment section is open.
We have blogged recently about the critical crime and violence in El Salvador (see State Dept Issues El Salvador Travel Warning: Critical Crime and Violence. We have also blogged about the carjacking of a US Embassy employee in Caracas. (see Letter From Caracas: Did You Hear About the American Diplomat Carjacked in Venezuela?) By the way, The Telegraph reported in December 2012 that “There are more murders in Venezuela than in the United States and the 27 countries of the European Union combined.” San Salvador (El Salvador) and Caracas (Venezuela) are both considered critical crime posts but are not designated danger pay post.
We’ve checked the State Department’s Allowances website and here is what it says about danger pay:
*The danger pay allowance is designed to provide additional compensation above basic compensation to all U.S. Government civilian employees, including Chiefs of Mission, for service at places in foreign areas where there exist conditions of civil insurrection, civil war, terrorism or wartime conditions which threaten physical harm or imminent danger to the health or well-being of an employee. These conditions do not include acts characterized chiefly as economic crime.
Note the last line of that explanation.
Danger pay factors used in determining the allowance include post evacuation/operating status, acts of violence, and post environmental conditions (see Danger Pay Factors (DS-578).
Under operating status, factors assessed include: the evacuation status (ordered or authorized), percentage of Eligible Family Members (EFMs) remaining at post during an authorized departure and whether or not post is on unaccompanied status or if limited family members are allowed at post.
Acts of violence includes killing, risk of death or severe injury, aggravated battery, kidnapping, sabotage, property damages, extortion, rioting, and hijacking.
Post environmental conditions includes terrorism conditions and civil war, civil insurrection and warfare conditions.
While “attempted hijacking of a privately owned vehicle” and “the hijacking of a privately owned vehicle has become a commonplace occurrence” are some of the factors to be considered under the Danger Pay Factors (DS-578), it is also appears that for purposes of danger pay designation, these incidents are not considered relevant if they are economically motivated and if committed for reasons not related to terrorism, civil insurrection, and/or war.
In fact the danger pay description clearly notes that *“These conditions do not include acts characterized chiefly as economic crime.”
Okay. So kidnapping and carjacking incidents in Iraq or Afghanistan probably contribute to its danger post designation but kidnapping and carjacking in say Venezuela or El Salvador where they would be considered an economic crime, would not?
But then you get Haiti, designated as 5% danger pay post as of 12/2010; that was down from 20% earlier that year. The embassy there also recently went on an embassy-imposed curfew due to security conditions.
Let’s note for the record that there are no civil wars or insurrection in Haiti or Venezuela.
That leave us with terrorism.
The Crime and Security Report for Haiti says that “The USG rates Haiti as LOW in the threat category of indigenous terrorism. There have been no terrorist acts specifically targeting American interests or citizens in Haiti.”
The Crime and Security Report for Venezuela says “Colombia’s National Liberation Army (ELN) and the Revolutionary Armed Forces of Colombia (FARC) are designated by the Secretary of State as Foreign Terrorist Organizations. Both groups use Venezuela as a safe haven. The State Department has stated that the Lebanon-based terrorist organization Hezbollah is using Venezuela mainly for fundraising. However, Venezuelan media reports suggest Hezbollah is also active in training, money laundering, and arms trafficking.
So this is a tad perplexing, no? How is it that Haiti with crime and security problems (but no terrorism, civil insurrection, and/or war) gets a 5% danger pay designation and Venezuela with crime and security problems (but no civil insurrection, and/or war, and is a terrorist safe haven) gets zero. Since we are not privy to the documents submitted, we have no way of knowing exactly the reason for this.
But you can perhaps understand why folks in Caracas might be troubled by this treatment.
We can think of a few possible reasons for this dissimilar treatment, pardon the speculation since no one would talk about this on the record for this blog:
Front Office Leadership? Somebody has to submit the Danger Pay Factors before any designation can be done. US Embassy Haiti during and after the earthquake has a chief of mission. US Embassy Venezuela has been without an ambassador since July 2010 and is short staffed in key areas. According to the 2012 OIG report “Between July 2010 and October 2011, the two interim chargés [...] relied upon a series of acting DCMs, which contributed to inconsistency and confusion regarding internal direction within the mission and interactions with Washington.”
Skills and Collaboration? The person responsible for putting together the Danger Pay Factors is without a doubt the Management Office at post in collaboration with the Regional Security Office. So the Management Officer’s writing skills and excellent cooperation with the RSO who has to dig up the supporting stats and documentation is crucial in making a compelling case. The most recent OIG report on Venezuela says that “Management services are incoherent and customer service is poor.” Not only that, the inspectors reported that “weak management section leadership has exacerbated the situation.” So while Management Officers were not spotlighted in the recent recruitment video from the State Department, they are the most important component of an effective mission. Next to excellent Front Office leadership, of course. Our unscientific review indicates that the effectiveness and responsiveness of the management section has a direct correlation to the morale and performance of the mission.
Regional Bureau Attention? We do not know what kind of support US Embassy Venezuela get from the WHA bureau and its assistant secretary. But we can readily tell what kind of support has been extended to the US Embassy in Haiti, a post that even has its own Special Coordinator. We do think that special care and support is necessary when a mission does not have the leadership of a Senate-confirmed ambassador, when post has more than the usual staffing gaps, when post has a good number of entry level officers working in upstretched positions in a host country with 19.9 percent inflation rate. Particularly if post is also the receiving end of prolong official animosity towards the United States. When taken together, these can have a significant impact in the proper functioning of a mission. The question then becomes — If US Embassy Caracas is getting the appropriate care and support it needs given its many challenges, how is it that its morale is in the mud and we’re getting love notes from there?
Danger Pay Office Out to Lunch? Would you please knock over there and check it out. Please?
Because somebody’s gotta ask why.
One of our readers just sent a question asking, “Where do Mexican border posts that have danger pay fit? Civil insurrection? Isn’t drug/gang violence for economic gain/profit?”
And that’s why you’re looking at somebody just as confused. Is it possible that the folks out to lunch also went off the tracks on this? Something for the Secretary’s Sounding Board, anyone?