Spying Case Against Robin Raphel Fizzles; AG Lynch’s “Houston, We Have a Problem” Moment

Posted: 2:05 am EDT


We blogged about the Robin Raphel case in September (see The Murky Robin Raphel Case 10 Months On, Remains Murky … Why?.

In November 2014, we also blogged this: Robin Raphel, Presumption of Innocence and Tin Can Phones for Pak Officials.

On October 10, the NYTimes reported that officials apparently now say that the spying investigation has all but fizzled. This leaves the Justice Department to decide whether to prosecute Ms. Raphel for the far less serious charge of keeping classified information in her home.

The fallout from the investigation has in the meantime seriously damaged Ms. Raphel’s reputation, built over decades in some of the world’s most volatile countries.

If the Justice Department declines to file spying charges, as several officials said they expected, it will be the latest example of American law enforcement agencies bringing an espionage investigation into the public eye, only to see it dissipate under further scrutiny. Last month, the Justice Department dropped charges against a Temple University physicist who had been accused of sharing sensitive information with China. In May, prosecutors dropped all charges against a government hydrologist who had been under investigation for espionage.
Some American investigators remain suspicious of Ms. Raphel and are loath to abandon the case entirely. Even if the government cannot mount a case for outright spying, they are pushing for a felony charge related to the classified information in her home.







In the case of Xiaoxing Xi, the Temple university professor and head of the school’s physics department, federal authorities handling the case were said to have misunderstood key parts of the science behind the professor’s work.  Mr. Xi’s lawyer said, “We found what appeared to be some fundamental mistakes and misunderstandings about the science and technology involved here.” The federal officials handling the Xi case did not know the science but went ahead and indicted him anyway.

Are we going to hear soon that the federal officials handling the Raphel case also made some fundamental mistakes and misunderstanding of the diplomatic tradecraft?  At least two of these officials leaked the probe to the news media even if no charges were filed against Ambassador Raphel.

This  was not a harmless leak. She lost her security clearance, and her job at the State Department without ever being charged of any crime. And in the court of social media, just the news that she is reportedly the subject of a spying investigation is enough to get her attacked and pilloried for treason. Perhaps, the most disturbing part in the report is that the authorities appear to have no case against her for spying, so now they’re considering slapping her with a felony charge under the Espionage Act.

Now, why would they do that?

Perhaps to save face and never having to admit that federal authorities made a mistake or lack an understanding of international statecraft? They could say —  see, we got something out of a year’s worth of investigation, so it was not completely useless.

Or perhaps because American investigators still viewed Ambassador Raphel’s relationships with deep suspicion?

Because, obviously, “deep suspicion” is now the bar for an espionage charge?

We should note that the hydrologist, Sherry Chen was cleared of spying charges but was notified in September that she will be fired by the National Weather Service for many of the same reasons the USG originally prosecuted her. Xiaoxing Xi of Temple University had been charged with “four counts of wire fraud in the case involving the development of a pocket heater for magnesium diboride thin films.” The USG asked to dismiss the case without prejudice, meaning it could be revived, according to philly.com.

Unlike the Chen and Xi cases, Raphel was never charged and was not afforded the right to defend herself in the court of law.  What we have in one case may have been a misunderstanding, a second case, may well have been a mistake, but a third case is certainly, a trend.

This is AG Loretta Lynch’s  “Houston, we have a problem” moment.


State Dept: “In the process of updating” its new rules for speaking and writing. Again.

Posted: 1:23  am EDT


In December 2012, we were informed by inside the building sources that the State Department was rewriting its 3 FAM 4170 rules on official clearance for speaking, writing, and teaching. (see State Dept to Rewrite Media Engagement Rules for Employees in Wake of Van Buren Affair).

On July 27, 2015, two months short of Year 3 since Peter Van Buren retired, the State Department without much fanfare released its new 3 FAM 4170 rules in 19 pages. (see State Dept Releases New 3 FAM 4170 aka: The “Stop The Next Peter Van Buren” Regulation).

The new 3 FAM 4171.b says (see pdf):

 Former Department of State employees (including former interns and externs) must seek guidance from A/GIS/IPS for applicable review process information. Former USAID employees (including former interns and externs) must consult the Bureau for Legislative and Public Affairs for applicable review process information.

On September 3, we asked the State Department for guidance on pre-publication requirement for former/retired employees under the new 3 FAM 4170.

Last Friday, after a second inquiry, we finally got a response from a State Department spokesman as follows:

 The Department is in the process of updating the Foreign Affairs Manual (FAM) guidance relating to the pre-publication obligations of former employees.  Former employees’ obligations will vary based upon the non-disclosure agreements they may have signed. For example, they may have obligations under the Classified Information Non-Disclosure Agreement (SF-312) or the SCI (Sensitive Compartmented Information) Non-Disclosure Agreement (Form 4414).

If employees have signed a non-disclosure/secrecy agreement with another agency, then they may also have pre-publication review obligations with those agencies as well. This obligation is separate from any requirement for pre-publication review that an employee may have with the State Department but the Department can provide the coordination with those other agencies, if requested.

SF-312 Classified Information Nondisclosure Agreement via GSA.gov specifically contains the following paragraphs:

3. I have been advised that the unauthorized disclosure, unauthorized retention, or negligent handling of classified information by me could cause damage or irreparable injury to the United States or could be used to advantage by a foreign nation. I hereby agree that I will never divulge classified information to anyone unless: (a) I have officially verified that the recipient has been properly authorized by the United States Government to receive it; or (b) I have been given prior written notice of authorization from the United States Government Department or Agency (hereinafter Department or Agency) responsible for the classification of information or last granting me a security clearance that such disclosure is permitted. I understand that if I am uncertain about the classification status of information, I am required to confirm from an authorized official that the information is unclassified before I may disclose it, except to a person as provided in (a) or (b), above. I further understand that I am obligated to comply with laws and regulations that prohibit the unauthorized disclosure of classified information.

5. I hereby assign to the United States Government all royalties, remunerations, and emoluments that have resulted, will result or may result from any disclosure, publication, or revelation of classified information not consistent with the terms of this Agreement.

8. Unless and until I am released in writing by an authorized representative of the United States Government, I understand that all conditions and obligations imposed upon me by this Agreement apply during the time I am granted access to classified information, and at all times thereafter.

Sensitive Compartmented Information Non-Disclosure Agreement Form 4414 via NCSC (pdf) contains the following:

4. (U) In consideration of being granted access to SCI and of being assigned or retained in a position of special confidence and trust requiring access to SCI, I hereby agree to submit for security review by the Department or Agency that last authorized my access to such information or material, any writing or other preparation in any form, including a work of fiction, that contains or purports to contain any SCI or description of activities that produce or relate to SCI or that I have reason to believe are derived from SCI, that I contemplate disclosing to any person not authorized to have access to SCI or that I have prepared for public disclosure. I understand and agree that my obligation to submit such preparations for review applies during the course of my access to SCI and thereafter, and I agree to make any required submissions prior to discussing the preparation with, or showing it to, anyone who is not authorized to have access to SCI. I further agree that I will not disclose the contents of such preparation with, or show it to, anyone who is not authorized to have access to SCI until I have received written authorization from the Department or Agency that last authorized my access to SCI that such disclosure is permitted.

5. (U) I understand that the purpose of the review described in paragraph 4 is to give the United States a reasonable opportunity to determine whether the preparation submitted pursuant to paragraph 4 sets forth any SCI. I further understand that the Department or Agency to which I have made a submission will act upon it, coordinating within the Intelligence Community when appropriate, and make a response to me within a reasonable time, not to exceed 30 working days from date of receipt.

9. (U) Unless and until I am released in writing by an authorized representative of the Department or Agency that last provided me with access to SCI, I understand that all conditions and obligations imposed on me by this Agreement apply during the time I am granted access to SCI, and at all times thereafter.

Whoa! Is there a way out?

The State Department has  several student paid/unpaid internship programs.  The program’s eligibility requirement includes the ability to receive either a Secret or Top Secret clearance (pdf). So, does a student who receives a one-year internship at State be in the hook for life when it comes to obtaining clearance for speaking, writing, teaching and all media engagement as it is written under 3 FAM 4170? Are the interns/externs aware of their obligations under these rules before they sign up for these internships?

Where can interns/externs obtain a release in writing from a State Department representative?  We originally sent our inquiry to A/GIS/IPS cited as the contact office, but could not even get a response from there. There is no easily available email box to send the request either for a clearance or to request a release.

NOTE: For current employees, the reviewing office is the Bureau of Public Affairs (paclearances[at]state.gov). It looks like State/PA also has The PA Clearances Database accessible online. You need to sign up to register for an account to allow the online submission of clearance requests to the Bureau of Public Affairs. The site says “Using this site will expedite your clearance request.”

For former and retired State Department employees, how far back is the USG going to reach back? For life?

On December 29, 2009, President Obama issued Executive Order 13526 which prescribes a uniform system for classifying, safeguarding, and declassifying national security information.  “No information may remain classified indefinitely,” the order says.  The default declassification date, is 10 years. After 25 years, declassification review is automatic, with nine narrow exceptions that allow information to continue to be classified. Classifications beyond 75 years require special permission.

Given the default declassification at 10 years, can retired and former employees get an automatic release from these obligation at 10 years after they leave their jobs at the State Department?

For employees who are no longer attached in any capacity to the State Department, and haven’t been for 20 years, and have no interest in pursuing consulting or WAE appointments at the agency, ought they not be able to obtain a release from their obligations under these nondisclosure provisions?

Perhaps it’s time for State to put together its own Publication Review Board (PRB)? The CIA has one, and this article by John Hollister Hedley, the Chairman of the PRB on former CIA employees seeking to become published authors is instructive:

The courts have held that this signed agreement is a lifetime enforceable contract.(3) The courts also have noted that the secrecy agreement is a prior restraint of First Amendment freedom. But they ruled it a legitimate restraint, provided it is limited to the deletion of classified information and so long as a review of a proposed publication is conducted and a response given to its author within 30 days.(4)
The important thing is for us to be reasonable and professional about what we protect. It does not take a genius to know what information requires a hard look: for example, in an age of terrorism and for privacy act considerations, we have to protect identities not already in the public domain. Also taboo–because they impact adversely our ability to conduct our business, most of it necessarily in secret–are cover arrangements, liaison relationships, covert facilities, and unique collection and analytic capabilities. These constitute the sources and methods that truly need protection. For the most part, they can easily be avoided without keeping an author from telling a story or restricting an author’s opinion on a variety of intelligence subjects.

In prepublication reviews, we have to show we know the difference between what truly is sensitive and what is not. We do not earn respect just by saying “no,” but neither do we earn respect just by giving away information. Our unique role is to judge whether a denial of disclosure would stand up in court, whether we could make a compelling case in a court of law that specific damage to US national security would result. We can have it both ways: we can protect that which needs to be protected, while being forthcoming about intelligence activities in a way that can help educate, inform, enlighten, and even entertain the general public. That is the cost of doing business in this free society we help to preserve; trying to have it both ways is a challenge that comes with the territory.

The article is focused on pre-publication review of manuscripts but notes that the submissions ranges “from 1,000-page book manuscripts to one-page letters to the editor. There are speeches, journal articles, theses and op-eds, book reviews, and movie scripts. There are scholarly treatises, works of fiction, and, recently, a cookbook featuring a collection of recipes acquired and served by Agency officers and spouses around the world. Perhaps the most novel review (no pun intended) involved an interactive CD-ROM video spy game co-authored by former Director of Central Intelligence (DCI) William Colby and KGB Gen. Oleg Kalugin.”

We should note that the State Department’s pre-publication review has three purposes per 3 FAM 4170:

(1) The personal capacity public communications review requirement is intended to serve three purposes: to determine whether the communication would disclose classified or other protected information without authorization; to allow the Department to prepare to handle any potential ramifications for its mission or employees that could result from the proposed public communication; or, in rare cases, to identify public communications that are highly likely to result in serious adverse consequences to the mission or efficiency of the Department, such that the Secretary or Deputy Secretary must be afforded the opportunity to decide whether it is necessary to prohibit the communication (see 3 FAM 4176.4).

The CIA’s PRB on the other hand says that  the sole purpose of its prepublication review is “to assist authors in avoiding inadvertent disclosure of classified information which, if disclosed, would be damaging to national security–just that and nothing more.”


Related items:

SF312-13 | Classified Information Nondisclosure Agreement

FORM_4414_Rev_12_2013 | Sensitive Compartmented Information Non-Disclosure Agreement

What Information Is Collected on OPM’s Background Investigation Forms?

Posted: 2:44  am EDT

CRS Insight

The information collected will depend on the applicant’s position and the type of background investigation required. OPM uses three standard forms for background investigations: SF-85, SF-85P, or SF-86 form. The forms are typically submitted electronically using OPM’s Electronic Questionnaires for Investigations Processing (e-QIP) system. OPM had suspended use of e-QIP “for security enhancements,” but re-enabled the system on July 23, 2015.

Data Collected for Non-Sensitive Positions

The eight-page SF-85 is required for applicants to non-sensitive positions (e.g., positions that do not require a security clearance) who require physical access to government facilities and who are in positions with a “low risk” to cause damage to the federal government or national security. The responsibilities of these positions are limited and there is little opportunity to use such positions for personal gain. For this reason, the information collected is relatively limited in scope and includes

  • full name, aliases, and SSN;
  • citizenship information;
  • employment information and addresses for the past five years; and
  • information on use or possession of illegal drugs (including marijuana) in the previous year.

Data Collected for “Positions of Public Trust”

The 11-page SF-85P is required for applicants in “Positions of Public Trust,” (i.e., positions that do not involve access to classified information, but that demand a “significant degree of public trust” due to the level of policymaking or other responsibilities). These positions may involve a “significant risk for causing damage [to the federal government] or realizing personal gain.” In addition to the information listed above, the SF-85P requires

  • identifying information (e.g., height, weight, eye and hair color);
  • military service information;
  • employment information and addresses for the past seven years; schools, if any, attended during the past seven years;
  • name, address, and telephone number of three personal references and immediate family members;
  • criminal arrests and/or convictions for the past seven years (excluding incidents prior to the applicant’s 16th birthday or traffic fines under $150);
  • financial information, including bankruptcies during the past seven years and any delinquent financial obligations;
  • foreign travel during the past seven years; and
  • information on use or possession of illegal drugs (including marijuana) in the previous year and any illegal purchase, sale, or transport of drugs in the previous seven years.

Data Collected for Security Clearances and Other National Security Positions

The 127-page SF-86 form is required for applicants to national security sensitive positions, which includes (but is not limited to) positions that require a security clearance. In addition to the information listed above, the SF-86 requires

  • employment information and home addresses for the past 10 years;
  • schools attended for the past 10 years, including a reference at each school attended;
  • personal information (including SSN) for current spouse or cohabitant;
  • foreign contacts, travels, and/or activities;
  • associations with individuals or groups dedicated to terrorism or the violent overthrow of the U.S. government;
  • details on applicant’s “psychological and emotional health,” including, with certain exceptions, details on treatments during the past seven years;
  • additional information on criminal activities, including convictions or charges involving firearms or explosives;
  • alcohol use in the past seven years that has negatively impacted the applicant’s work, personal relationships, finances, or resulted in “intervention by law enforcement/public safety personnel”;
  • use, possession, or other involvement with illegal drugs (including marijuana) in the past seven years or at any time while holding a clearance;
  • details on the applicant’s financial condition and civil court actions; and improper use of information technology systems.

What Other Records Are Contained in OPM’s Personnel Security Background Investigation Files?

OPM’s systems also include information gathered by investigators during the background investigation process, such as summaries of interviews with the applicant’s family members, co-workers, friends, and neighbors. Additionally, investigators may run credit checks, pull civil and criminal court records, and run checks of state and federal agency records to verify information that the applicant provided on the application.

According to OPM’s most recent Privacy Act Notice, personnel investigation records may also include information provided by other agencies, such as:

  • Internal Revenue Service income tax returns;
  • prior security clearance investigative records; and
  • clearance adjudicative records, including polygraph results, if applicable.

It is unclear from OPM’s news release if these types of investigative records were compromised in the breach.


Daniel Rosen, State Dept Official Pleads Guilty to Stalking and Voyeurism Charges

Posted: 1:31 am EDT


In February 2015, we wrote about the arrest of a State/CT employee for alleged solicitation of a minor (see  State Dept’s Counterterrorism Official Arrested For Allegedly Soliciting Minor Online.

On March 16, WaPo reported that the same employee was arrested in the District and charged with taking videos of women through the windows of their homes.  According to the same report, Daniel Rosen’s security clearance had been revoked.  Before it was taken down, he indicated on his LinkedIn profile that he was the Director of Counterterrorism Plans, Programs and Policy at the State Department for over six years. As of February 25, the State Department telephone directly lists the Bureau of Counterterrorism’s Director for the Office of Programs and Policy located at 2509 as “vacant.”

On July 29, WUSA has the following update:

Daniel Rosen, 45, pleaded guilty to 11 charges of stalking and voyeurism on Wednesday in the Superior Court of the District of Columbia for incidents that happened between 2012 and 2014. According to law enforcement, he used his cell phone to record women in various stages of undress by aiming his cellular phone through their apartment windows in the areas of Mount Pleasant, the U Street Corridor, and Adams Morgan in Northwest D.C.
His attorney Bernard Grimm says Rosen is undergoing therapy and showed police the locations after they discovered the videos.

“Beyond shame, talk about a fall from grace here’s a guy who used to work at the State Department has a master’s degree and his life just spiraled out of control,” he said.

Rosen faces up to 11 years or a $11,000 fine when he is sentenced on October 9. Each of the counts of voyeurism and stalking carries a maximum penalty of one year and potential fines. He will be released and under home confinement, which will be very restricted, until his sentencing date.

WaPo citing an assistant U.S. attorney reports that Rosen’s filming stretched over a nearly three-year period, from early 2012 to late 2014, and that “he returned to some women’s homes as many as five times to film videos that, in some cases, lasted minutes.”

His case on soliciting a minor,  a separate charge,  continues in September.





What if Congress grants the State Dept the Suspension Without Pay (SWOP) hammer?

Posted: 1:44  pm EDT


According to the Foreign Affairs Manual, the Act of August 26, 1950 (64 Stat. 476), codified at 5 U.S.C. 7532, “confers upon the Secretary of State the authority, in the Secretary’s absolute discretion, to suspend without pay any civilian officer or employee of the Department (including the Foreign Service of the United States) when deemed necessary in the interest of the national security (see 12 FAM 235.2).”

So when the Senate Foreign Relations Committee passed the Fiscal Year 2016 Department of State Operations Authorization and Embassy Security Act which contains a similar language on security clearance suspension without work and no pay for Foreign Service employees, we were wondering what’s up with that (see S.1635: DOS Operations Authorization and Embassy Security Act, Fiscal Year 2016 – Security Clearance).

Section 610 (2)(c)(1) of S.1635 says that in order to promote the efficiency of the Service, the Secretary may suspend a member of the Service without pay when—

(A) the member’s security clearance is suspended; or

(B) there is reasonable cause to believe that the member has committed a crime for which a sentence of imprisonment may be imposed.

The new language indicates suspension without pay (SWOP) whenever the security clearance is suspended for whatever reason. Not just for national security reasons anymore, folks.

The most widely reported FSO with a suspended clearance in recent memory is Peter Van Buren whose TS clearance was suspended for about a year. Under this proposed bill, PVB would not have been assigned to a telework position or paid for the duration of his fight with the State Department. Which means he and others like him would have to quit and find a paying job or starve unless he/she has a savings account that can sustain the investigation for a year or years.

Any FS employee who might dissent or engage in whistleblowing activity, any perceived troublemaker for that matter, can be put on SWOP, and that would be it.  An FSO who experienced first hand the suspension of a security clearance put this in very stark terms:

In practical terms they can remove the employee instantly, without telling anyone why until much later, by which time the employee will have resigned unless they can afford to go for months or years without a salary. And once the employee has resigned, the case is closed, the former employee loses their clearance because they resigned, and with it any right to know the reasons for the suspension. If the employee quits, the Department does not have to justify itself to anyone, and if the Department doesn’t have to pay them, 99.9 percent will quit.

We want to look at the numbers of suspension and revocation, unfortunately, this is something that is not publicly available from Diplomatic Security.  A source speaking on background put the numbers very low at less than 30 suspensions a year and of those probably less than 5 are revocations. Another source long familiar with this issue guesstimate the number as closer to 70-80 suspension per year, and the number of revocations probably at15-20 per year. We are unable to verify these numbers independently.  The higher numbers may be due to greater hiring, as well as to the use of “Scattered Castles,” a computer database that lists all prior security clearance determinations by other agencies which may prompt a suspension and re-investigation of the clearance.  But even if we take the higher numbers of 80 suspensions, that is still a small number compared to the total FS workforce.

A source not authorized to speak on this subject told us that the bulk of security clearance suspensions and revocations involve personal behavior issues ranging from alleged sexual misconduct to alcohol abuse, to failure to report on time a relationship that should be reported. Very few security clearance cases involve a matter that is criminal, so very few result in prosecution.

The question then becomes why? Why would Congress want this? And just as important, why does the State Department support this?

The long history of this section of the bill reportedly dates back to Condoleezza Rice’s term at the State Department. It was allegedly intended to create parity between Foreign Service (FS) and Civil Service (CS) employees.

State can indeed put CS employees on SWOP as soon as clearance is suspended, but the rules also gives CS employees appeal rights to the Merit Systems Protection Board (MSPB). We understand that MSPB records and procedures are public and that it is specifically granted authority to review security clearance cases. The FS employees do not have the same protection with the Foreign Service Grievance Board. The final review adjudicative body, the Security Appeals Panel, not part of FSGB, allegedly does not even keep records of its deliberative process or set precedent for future cases. Currently, the rules on the FAM says: “If the individual is represented by counsel or other representative, the representative does not have a right to have access to or to review any material. However, to the extent authorized by the individual and the Department, the representative may review material that the individual has access to pursuant to subsection (b) above if he or she is properly cleared.”

The numbers of suspension/revocation are low but Congress doesn’t have to talk about the numbers. The members can talk about getting rid of bad apples in the government, which is always popular. In doing so, Congress can look tough on security, tough on the State Department and tough on keeping tabs on government money.

This is not a good idea. If only a quarter of all suspensions end in revocation, isn’t the USG throwing money and lives away? In addition to our concern that this could be use by the State Department to shut-up dissenters or potential whistleblowers, we also have the following concerns:

  • Costs in hiring/training

The USG has a lengthy hiring process for FS employees and typically trains them before sending them to posts overseas. The cost of that investment does not come cheap. Members of the FS also go through language training and spends most of their careers in overseas assignments.The length of time to replace/train/deploy an FS employee is significantly longer than the time to replace a CS employee.

  • FS family logistics

FS members overseas with suspended clearance are normally sent home to a desk job that does not require a clearance or their expertise. Not all FS members have houses to come home to in the WashDC area. They’ll have to pull kids out of schools, and move their entire household. What happens to them in DC if the employee is without work and without pay under this proposal? A suspension in this case would technically be a firing as the FS employee will be forced to find an alternate job that pays. So what happens when the case is resolved without a revocation, will the employee be able to come back? Since the investigation ends when the employee leaves, there is no win here for the employee.

  • Prime targets of hostile intel service

FS employees spends most of their career overseas. By virtue of their positions, they are prime targets of any hostile intel service. They can be subject of a security investigation though no fault of their own.  This is even more concerning with the OPM hack purportedly conducted by a foreign government.  If true that a foreign government now has the personal details of over 20 million security clearance holders, including those in the State Department who used OPM’s e-Qip system, how does one even protect oneself from the potential misuse of that information that can lead to a clearance suspension?

What can you do?

As we have posted earlier, the State Authorization bill was offered as an amendment when the NDAA was debated in the Senate in June but it was not voted on when the NDAA passed on June 18 (That would be H.R. 1735 which passed 215 (71-25)  We understand that both chambers are now starting the process to bring the bill to conference in order to resolve differences.  The State Authorization bill, we are told, will not be part of those discussions.  In order for this to move forward, it will either need to be brought to the floor as a stand alone vote or Corker/Cardin could try again to attach it to another piece of legislation. Given that this is the first authorization bill passed by the SFRC in 5 years, and made it through the committee with bi-partisan support, we suspect that this might not be the end of this bill.

We’re hoping that employees’ fundamental rights and due process do not become casualties particularly in gaining concessions from Congress on the overseas comparability pay (CP) fight. That would be a terrible bargain.  Educate your elected representative on the consequences of this section of the bill. See that AFSA is tracking this matter and talking to Congress.



OPM to Charge Agencies for Credit Monitoring Offered to Federal Employees

Posted: 2:32 am EDT


The latest update from “M” on the OPM breach dated July 15, notes that “The State Department never transferred personnel records to the OPM facility. However, if you had other U.S. Government service prior to joining State, you may have had records that were involved.” On the background information breach, it says that “State Department employees’ SF-85 and SF-86 forms (depending on the appointment) were in the OPM system and thus were impacted. However, other background investigation material was not.”

If you have additional questions email DG DIRECT [DGDIRECT@STATE.GOV] or OPM’s new email: cybersecurity@opm.gov

AFSA’s latest update to its membership is dated July 10 and available to read here.

Some developments on the fallout from the data breach:














S.1635: DOS Operations Authorization and Embassy Security Act, Fiscal Year 2016 – Security Clearance

Posted: 6:17 pm EDT
Updated: 11:31 am PDT

Update: A source on the Hill alerted us that the State Authorization bill was offered as an amendment when the NDAA was debated in the Senate last month but it was not voted on and the NDAA passed on June 18 (That would be H.R. 1735 which passed 215 (71-25)  We understand that both chambers are now starting the process to bring the bill to conference in order to resolve differences.  The State Authorization bill, we are told, will not be part of those discussions.  In order for this to move forward, it will either need to be brought to the floor as a stand alone vote or Corker/Cardin could try again to attach it to another piece of legislation. Given that this is the first authorization bill passed by the SFRC in 5 years, and made it through the committee with bi-partisan support, we suspect that the this is not the end of this bill. We hope to write a follow-up post on the security clearance component of this legislation.
— DS

On June 9, 2015, U.S. Senators Bob Corker (R-Tenn.) and Ben Cardin (D-Md.), the chairman and ranking member of the Senate Foreign Relations Committee, applauded the unanimous committee passage of the Fiscal Year 2016 Department of State Operations Authorization and Embassy Security Act. The SFRC statement says that it has been five years since the Senate Foreign Relations Committee passed a State Department Authorization bill and 13 years since one was enacted into law.

“Our committee has a responsibility to ensure limited federal resources for the State Department are used in a cost-effective manner to advance U.S. interests,” said Corker. “This effort takes a modest but important step toward reestablishing oversight of the State Department through an annual authorization, which hasn’t been enacted into law since 2002. In addition to prioritizing security upgrades for U.S. personnel at high threat posts, the legislation lays the groundwork to streamline State Department operations and make them more effective.”

This State Department Authorization bill has been offered as an amendment to the National Defense Authorization Act, which currently is on the Senate floor. It is quite lengthy so we will chop this down in bite sizes.

Below is the part related to the suspension of security clearance. If this bill passes,  it means placing a member of the Foreign Service in a temporary status without duties and without pay once a determination to suspend clearance has been made. Diplomats with suspended clearances are typically given desk jobs or telecommuting work that require little or none of their expertise; looks like this bill changes that. The bill does not say what happens (does he/she gets back pay?) if the suspension of clearance does not result in revocation and the employee is reinstated. Or if suspended employees with no work/no pay will be allowed to take temporary jobs while waiting for the resolution of their suspended clearances.

Section 216. Security clearance suspensions


Section 610 of the Foreign Service Act of 1980 (22 U.S.C. 4010) is amended—

(1)by striking the section heading and inserting the following:

610.Separation for cause; suspension

; and

(2)by adding at the end the following:


(1)In order to promote the efficiency of the Service, the Secretary may suspend a member of the Service without pay when—

(A)the member’s security clearance is suspended; or

(B)there is reasonable cause to believe that the member has committed a crime for which a sentence of imprisonment may be imposed.

(2)Any member of the Foreign Service for whom a suspension is proposed under this subsection shall be entitled to—

(A)written notice stating the specific reasons for the proposed suspension;

(B)a reasonable time to respond orally and in writing to the proposed suspension;

(C)representation by an attorney or other representative; and

(D)a final written decision, including the specific reasons for such decision, as soon as practicable.

(3)Any member suspended under this subsection may file a grievance in accordance with the procedures applicable to grievances under chapter 11.

(4)If a grievance is filed under paragraph (3)—

(A)the review by the Foreign Service Grievance Board shall be limited to a determination of whether the provisions of paragraphs (1) and (2) have been fulfilled; and

(B)the Board may not exercise the authority provided under section 1106(8).

(5)In this subsection:

(A)The term reasonable time means—

(i)with respect to a member of the Foreign Service assigned to duty in the United States, 15 days after receiving notice of the proposed suspension; and

(ii)with respect to a member of the Foreign Service assigned to duty outside the United States, 30 days after receiving notice of the proposed suspension.

(B)The terms suspend and suspension mean placing a member of the Foreign Service in a temporary status without duties and pay.

More here: Department of State Operations Authorization and Embassy Security Act, Fiscal Year 2016. This old article (pdf) on security clearance and knowing your rights might also be a useful to read.


The Phantom Memo: DNI-OPM Approved Interim Procedures During e-QIP System Suspension

Posted: 5:50 pm  PDT


The blog post title is not original but cribbed from @empiricalerror:

Click on the image below (Thanks C!) to read the memo signed by DNI’s James R. Clapper and OPM Katherine Archuleta (pdf).

One govie told us “there is no process for TS which is all I hire!”  Note that the memo says there are “no interim procedures authorized at this time for access to Top Secret, Top Secret SCI, or “Q” level information.”

There’s a sigh for you, too.


Click image to read the memo in pdf format (memo originally posted at govexec)

And when the e-QIP is restored, the wait will continue some more while the process runs its course. Will new hires even get to work  by late fall?

One bureau reportedly sent out a note saying, “we are requesting that all tentative job offer notices be temporarily postponed until further guidance is published.”  Apparently, “HR and DS are working together to iron out the details of an interim paper-based SF-86 process.”

Meanwhile, fedscoop reports that OPM wants to hire four IT senior project managers that will cost up to $675,000 to oversee a systems modernization.


#OPMBreach: Back to Paper SF-86s, No More Social Media at OPM, Scary Movie Chinese Edition

Posted: 2:15 pm EDT








Related Posts:


“M” Writes Update to State Department Employees Regarding OPM Breach

Posted: 1:36 pm EDT


It took 18 days before I got my OPM notification on the PII breach. Nothing still on the reported background investigation breach. OPM says it will notify those individuals whose BI information may have been compromised “as soon as practicable.”  That might not happen until the end of July! The hub who previously worked for State and another agency has yet to get a single notification from OPM. We have gone ahead and put a fraud alert for everyone in the family. What’s next? At the rate this is going, will we soon need fraud alerts for the pets in our household? They have names and passports, and could be targeted for kidnapping, you guys!!

And yes, I’ve watched the multiple OPM hearings now, and no, I could not generate confidence for the OPM people handling this, no matter how hard I try. Click here for the timeline of the various breaches via nextgov.com, some never disclosed to the public.

Still waiting for the White House to do a Tina Fey:

you're all fired

via giphy.com

On June 25, the Under Secretary for Management, Patrick Kennedy sent a message to State Department employees regarding the OPM breach. There’s nothing new on this latest State update that we have not seen or heard previously except the detail from the National Counterintelligence and Security Center (NCSC) at http://www.ncsc.gov (pdf) on how to protect personal information from exploitation (a tad late for that, but anyways …) because Foreign Intelligence Services and/or cybercriminals could exploit the information and target you.

Wait, what did OPM say about families? “[W]e have no evidence to suggest that family members of employees were affected by the breach of personnel data.” 

Via the NCSC:

Screen Shot 2015-06-26

no kidding!

Screen Shot 2015-06-26

you don’t say!

Here is M’s message from June 25, 2015 to State employees. As far as we know, this is the first notification posted publicly online on this subject, which is  good as these incidents potentially affect not just current employees but prospective employees, former employees, retirees and family members.

Dear Colleagues,

I am writing to provide you an update on the recent cyber incidents at the U.S. Office of Personnel Management (OPM) which has just been received.

As we have recently shared, on June 4th, OPM announced an intrusion impacting personnel information of approximately four million current and former Federal employees. OPM is offering affected individuals credit monitoring services and identity theft insurance with CSID, a company that specializes in identity theft protection and fraud resolution. Additional information is available on the company’s website, https://www.csid.com/opm/ and by calling toll-free 844-777-2743 (international callers: call collect 512-327-0705). More information can also be found on OPM’s website: www.opm.gov.

Notifications to individuals affected by this incident began on June 8th on a rolling basis through June 19th. However, it may take several days beyond June 19 for a notification to arrive by email or mail. If you have any questions about whether you were among those affected by the incident announced on June 4, you may call the toll free number above.

On June 12th, OPM announced a separate cyber intrusion affecting systems that contain information related to background investigations of current, former, and prospective Federal Government employees from across all branches of government, as well as other individuals for whom a Federal background investigation was conducted, including contractors. This incident remains under investigation by OPM, the Department of Homeland Security (DHS), and the Federal Bureau of Investigation (FBI). The investigators are working to determine the exact number and list of potentially affected individuals. We understand that many of you are concerned about this intrusion. As this is an ongoing investigation, please know that OPM is working to notify potentially affected individuals as soon as possible. The Department is working extensively with our interagency colleagues to determine the specific impact on State Department employees.

It is an important reminder that OPM discovered this incident as a result of the agency’s concerted and aggressive efforts to strengthen its cybersecurity capabilities and protect the security and integrity of the information entrusted to the agency. In addition, OPM continues to work with the Office of Management and Budget (OMB), the Department of Homeland Security, the FBI, and other elements of the Federal Government to enhance the security of its systems and to detect and thwart evolving and persistent cyber threats. As a result of the work by the interagency incident response team, we have confidence in the integrity of the OPM systems and continue to use them in the performance of OPM’s mission. OPM continues to process background investigations and carry out other functions on its networks.

Additionally, OMB has instructed Federal agencies to immediately take a number of steps to further protect Federal information and assets and improve the resilience of Federal networks. We are working with OMB to ensure we are enforcing the latest standards and tools to protect the security and interests of the State Department workforce.

We will continue to update you as we learn more about the cyber incidents at OPM. OPM is the definitive source for information on the recent cyber incidents. Please visit OPM’s website for regular updates on both incidents and for answers to frequently asked questions: www.opm.gov/cybersecurity. We are also interested in your feedback and questions on the incident and our communications. You can reach out to us at DG DIRECT (DGDirect@state.gov) with these comments.

State Department employees who want to learn additional information about the measures they can take to ensure the safety of their personal information can find resources at the National Counterintelligence and Security Center (NCSC) at http://www.ncsc.gov. The following are also some key reminders of the seriousness of cyber threats and of the importance of vigilance in protecting our systems and data.

Steps for Monitoring Your Identity and Financial Information

  • Monitor financial account statements and immediately report any suspicious or unusual activity to financial institutions.
  • Request a free credit report at www.AnnualCreditReport.com or by calling 1-877-322-8228. Consumers are entitled by law to one free credit report per year from each of the three major credit bureaus – Equifax®, Experian®, and TransUnion® – for a total of three reports every year. Contact information for the credit bureaus can be found on the Federal Trade Commission (FTC) website, www.ftc.gov.
  • Review resources provided on the FTC identity theft website, www.Identitytheft.gov. The FTC maintains a variety of consumer publications providing comprehensive information on computer intrusions and identity theft.
  • You may place a fraud alert on your credit file to let creditors know to contact you before opening a new account in your name. Simply call TransUnion® at 1-800-680-7289 to place this alert. TransUnion® will then notify the other two credit bureaus on your behalf.

Read in full here.