Did you hear about the RSO who wanted to know about all your Facebook contacts?

RSO, as in Regional Security Officer.  Apparently at one overseas post, the RSO has asked employees to inform the Security Office of all their Facebook contacts. Did you see that covered in the use of social media under 5 FAM 790?

If I were a paranoid RSO, I’d be thinking that Internet Russian spy sensation, Ana Chapman may have “friended” you guys in Facebook and you forgot about her. Check your Facebook contacts, pronto! 
Seriously, let’s see what the new policy of using social media say about this?

5 FAM 792.5 Counterintelligence Awareness
(CT:IM-110; 06-10-2010)

All Department personnel or other U.S. Government representatives accessing Department social media sites in any capacity must be alert to the potential targeting of users for intelligence-gathering purposes. Department personnel must remain aware of their responsibilities as outlined in 12 FAM 260. Personnel must pay particular attention to the contact reporting requirements explained in 12 FAM 262.1

See — did that say anywhere that you must report all your social media contacts?

Let’s err on the side of caution and check out what 12 FAM 262.1 actually says on contact reporting requirements…

12 FAM 262.1 Policy
(CT:DS-154; 04-12-2010)

a. The Department’s regulations have long required employees to report contacts with nationals of certain countries, due to both intelligence and terrorism concerns. Presidential Decision Directive/NSC-12 issued specific instructions and mandated that all U.S. Government agencies implement similar programs. The following procedures meet the President’s requirement that those who serve in America’s most sensitive jobs work with security offices to guard against illegal or unauthorized access to classified or otherwise sensitive information.

b. All employees and contractors must report:

(1) Unofficial contact with a national from a country with critical
HUMINT threat posts listed on the Department’s Security
Environment Threat List (SETL) if the employee and/or critical
threat foreign national suggest, agree to, or actually have a second
meeting after an initial encounter. (The SETL is available on the
classified network via links on the Department’s Web site);

(2) Contact and/or association with a person or organization who the
employee knows or suspects advocate the unlawful overthrow of
the U.S. Government;

(3) Contact and/or association with a person whom the employee
knows or suspects is a member or supporter of foreign terrorist
organizations (FTOs), as designated by the Secretary of State (see
the list of FTOs);

(4) Unofficial contact with a person who the employee knows or
suspects is a member of a foreign intelligence agency, regardless of

(5) Illegal or unauthorized access that is sought to classified or
otherwise sensitive information; or

(6) When the employee is concerned that he or she may be the target
of actual or attempted exploitation by a foreign entity.

c. This policy is not intended to limit or impair professional or personal
contacts. Its purpose is to protect the security of the United States and
its employees while ensuring the privacy of employees and their freedom
of association. Further, this policy seeks to ensure that security risks to
persons or to the U.S. Government are identified at the earliest possible
opportunity and deterred, and that protective steps are taken to avoid
compromise of U.S. employees and national security interests.
Employees are considered partners in the management of this regulation.

d. The term “contact” means all manner of personal or impersonal
communication and includes, but is not limited to, written, telephonic,
electronic mail, text messaging, chat room discussion or other social
media, facsimile, wire, and/or amateur radio.

I’m not making this up, dude! This is publicly available material  for anyone.

On closer reading – this also makes it abundantly clear that the regs have not thought out that part about the virtual nature of social media. For example, part of the new regs says: 

All employees and contractors must report …
(1) Unofficial contact with a national from a country with critical HUMINT threat posts listed on the Department’s Security Environment Threat List (SETL) if the employee and/or critical threat foreign national suggest, agree to, or actually have a second meeting after an initial encounter.

Does online encounter in blogs, Facebook, Flickr, YouTube, Twitter, etceeetera — count as initial encounter? Does online encounter counts as a meeting for purposes of “second meeting” described in this section? Given the networked nature of social media, if you are in a “critical HUMINT threat posts” does that indeed means reporting all the names in your Facebook account or your spouse’s Facebook account? Or your kids’, or grandma’s?   

Oh, how tricky is that? 

On second thought, let’s say for a moment that the RSO who wanted to know about all your Facebook contacts is on the right side of the regs — post’s 100 employees have approximately 100 Facebook contacts each, not counting other social media accounts. That’s 1,000 10,000 names that the RSO shall have collected at the end of the day (sorry, misplaced my brain cells last night, thanks Chris)!). So ….

Who will have time to comb through the names or process such info into understandable boxes of data. The RSO, presumably. And while he/she is doing that, who will be doing his/her non-social media police duties?

Somebody might want to ask Diplomatic Security for clarification since they wrote this policy (it looks like — in April this year).  But really, somebody over there who actually uses the various social media and not just looks through them ought to get a red pen and go through the regs once more. 

That said — it may not be Ana Chapman, and this RSO may not have a real good reason for asking about those contacts last month but this week, he’ll have an excellent argument. On June 22, Computer World reports how a fake femme fatale shows the risks of social networks.

Hundreds of people in the information security, military and intelligence fields recently found themselves with egg on their faces after sharing personal information with a fictitious Navy cyberthreat analyst named “Robin Sage,” whose profile on prominent social networking sites was created by a security researcher to illustrate the risks of social networking.  

Image from ComputerWorld

Researcher Thomas Ryan who conducted the experiment said that he used a few photos to portray the fictional Sage on Facebook, LinkedIn and Twitter as an attractive, somewhat flirty cybergeek, with degrees from MIT and a prestigious prep school in New Hampshire. He also said, “I wanted to see how much intel you could gather from a person just by lurking on a social networking site. I [also] wanted to see who was most susceptible to clicking. I wanted to see how fast this thing would propagate. One of the things I found was that MIT and St. Paul’s [prep school] were very cliquey. If they don’t remember seeing you, they are not going to click. You had less of a chance of penetrating those groups than the actual intel and security communities.”

Read the whole thing here.    

Thomas Ryan will speak at the BlackHat Security Conference in Las Vegas (more eggs on the face next week) where he will point out that though his “28 day experiment, it became evident that the propagation of a false identity via social networking websites is rampant and viral. Much of the information revealed to Robin Sage violated OPSEC procedures.”


Related items:

Related articles by Zemanta

Three for Three: Ambassador Kristie Kenney to Bangkok

Armed Forces of the Philippines (AFP) Chief of...Image via Wikipedia

On July 15, President Obama announced his intent to nominate Kristie A. Kenney to be Ambassador to the Kingdom of Thailand. The WH released the following brief bio:

Kristie A. Kenney is a career member of the Senior Foreign Service.  She most recently served as the U.S. Ambassador to the Republic of the Philippines.  Prior to that, she served as the U.S. Ambassador to the Republic of Ecuador.  Her Washington, D.C assignments have included serving as the Executive Secretary of the Department of State, Director of the State Department Operations Center, and as a member of the National Security Council staff under President Clinton. She also served in Argentina, Switzerland and Jamaica.  

She received a Master’s Degree from Tulane University and a B.A. from Clemson University.

* * *

We have previously posted (see links below) about Ambassador Kenney here during her stint as ambassador to the Philippines. Ambassador Kenney is also the other half of a tandem FS couple, her husband is the current ambassador to Colombia. Three for three now. If confirmed, this would be Ambassador Kenney’s third ambassadorial post, after Ecuador and the Philippines. Her  husband, Bill Brownfield currently of Bogota was previously ambassador to Chile and Venezuela. On May 7, President Obama announced his intent to nominate Peter Michael McKinley to be Ambassador to the Republic of Colombia but he has yet to be confirmed by the Senate.

Related posts:

Related item:
President Obama Announces More Key Administration Posts, 7/15/10

Officially In: Jo Ellen Powell to Nouakchott

On July 15, President Obama announced his intent to nominate Jo Ellen Powell to be Ambassador to the Islamic Republic of Mauritania.  The WH released the following brief bio:

Jo Ellen Powell is a career member of the Foreign Service, class of Minister-Counselor. She most recently served as Consul General in Frankfurt, Germany. Prior to that Ms. Powell was the Executive Director of the Bureau of Western Hemisphere Affairs, Director of the Office of Employee Relations, and Management Counselor at the U.S. Embassy in Canberra, Australia. Other overseas assignments include France, Italy, Lebanon, and Jordan. In Washington, Ms. Powell served in the Executive Secretariat and the European Bureau Executive Office.  She received her B.A. from Centre College in Kentucky.

If confirmed, she would succeed career diplomat, Mark Boulware who was appointed chief of mission of US Embassy in Mauritania in 2007.

Related item:

President Obama Announces More Key Administration Posts, 7/15/10

US Embassy Baghdad: 777,888 Hours or $36 Million of Overtime

Gen. Ray Odierno, commander of Multinational F...Image via Wikipedia

State’s OIG released last Friday an audit of Embassy Baghdad’s Internal Controls for Overtime Pay. Here is the lowdown on overtime according to the report:

Overtime for American personnel is defined as those hours in excess of the 40-hour work week. American personnel eligible for overtime include uncommissioned Foreign Service Officers, Foreign Service specialists, and General Schedule personnel. Senior Executive Service, Senior Foreign Service, and commissioned Foreign Service Officers are not eligible for overtime. Three general categories of American personnel are eligible for overtime:

1. Temporary Duty (TDY) employees. These employees are short-term, lessthan 6 months, and long-term, more than 6 months but less than 1 year.

2. Permanent Change of Station (PSC) employees. These permanent postemployees have assignment orders for a 1- or 2-year tour.

3. Section 3161 hires. These are employees who are hired under a specialauthority (5 U.S.C. 3161). The employees are assigned to the Iraq TechnicalAdvisory Office in Washington, but most are sent TDY to Iraq. The employees’ U.S. Government appointments terminate when their Section 3161 appointments end.


OIG reviewed overtime for 2008 and 2009 and found that American employees in Embassy Baghdad submitted 777,888 hours of overtime, totaling about $36 million, for those 2 years. During 2008, an average of 287 (50 percent) of 570 Americans claimed overtime during each pay period, with a total cost for that year of $18,207,654. In 2009, an average of 352 (51 percent) of 695 Americans claimed overtime during each pay period, with a total cost for that year of $17,745,039. 


Although OIG found that the average number of claimants increased for 2009, the number of overtime hours actually decreased, from 400,875 to 377,013 hours. Since the time of OIG’s audit, Embassy Baghdad has initiated a program to monitor the number of overtime hours worked and to send quarterly reports to supervisors for an explanation of excessive amounts. While the Embassy’s program assesses indications of potential abuse of overtime hours, it does not address compliance with supervisory authorization for overtime, supervisory approval of timesheets, or the provision of complete and accurate information to Charleston (SC) Global Financial Services Center for payment.


Embassy Baghdad did not have adequate internal controls to support the overtime payments because supervisors did not authorize overtime in advance of overtime performed; did not certify timesheets after the work was performed; did not certify overtime for payment in the proper period; and did not require T&A documentation to support overtime payments, such as leave and approved absences. For example, employees and supervisors did not always sign timesheets, and employees used different types of timesheets that often lacked key information, such as lines for supervisor or employee signatures and dates of certification


Embassy Baghdad’s internal controls for authorizing and approving overtime were weak, and Charleston needed to improve its quality controls for processing overtime payments. Based on its review of overtime payroll records, OIG found noncompliance with policies and regulations for authorizing, reconciling, and documenting T&A reports. Specifically, Embassy Baghdad officials

  • Did not enforce regulations requiring supervisors to approve T&A reports based on actual hours worked and authorize overtime hours in advance of work.
  • Did not require employees to attest to the accuracy of the hours and leave charges shown on their T&A reports.
  • Allowed employees, not their supervisors, to transmit their time sheets directly to Charleston.

Until these deficiencies are addressed, Embassy Baghdad will have no assurance that payroll expenses for overtime and related T&A information is reliable, increasing the risk for fraud and abuse. OIG notes that disciplinary penalties exist at the post for noncompliance with such T&A requirements as signatures and overtime justifications, although OIG was unable to determine whether the post initiated any disciplinary actions. (Time and attendance requirements for American personnel at Embassy Baghdad are summarized in Appendix B.)


OIG’s July 2009 inspection report on Embassy Baghdad indicated that supervision over overtime claimed by Section 3161 contract employees was inadequate. To determine whether Section 3161 employees had a predominant amount of overtime, OIG analyzed overtime by the three general categories of American personnel eligible for overtime. OIG found that during 2008 and 2009, 44 percent of the personnel were Section 3161 hires, 37 percent were Permanent Change of Station employees, and 19 percent were Temporary Duty employees. While Section 3161 employees received the greatest share of overtime, OIG determined that the amount of overtime was not excessive when compared with that of other types of employees.

Active links added above. Read the whole thing here.

Related item:
OIG Report No. AUD/CG-10-25, Embassy Baghdad Internal Controls for Overtime Pay – June 2010


Operation Coffee Country Update: Three Colombian Nationals Extradited to the United States to Face Alien Smuggling and Visa Fraud Charges

Coffee plantations, ColombiaImage by Colombian Travels via Flickr

In June 2009, we posted this item here: “Operation Coffee Country” Nets Three for Smuggling and Visa Fraud.

Late last week, DOJ announced the extradition of the three Colombian nationals to the Unite States where they each face a maximum sentence of 25 years and a maximum fine of $250,000 for each of the three charges: conspiracy to commit alien smuggling for profit,  alien smuggling for profit, and conspiracy to commit visa fraud.

Three Colombian nationals have been extradited from Colombia to the United States on charges of conspiracy to smuggle aliens for profit, alien smuggling for profit, and conspiracy to commit visa fraud in connection with their alleged roles in an extensive and sophisticated visa fraud scheme through which they fraudulently procured visas from the U.S. Embassy in Bogotá, Colombia. The extraditions were announced today by Assistant Attorney General Lanny A. Breuer of the Criminal Division; U.S. Attorney Ronald C. Machen Jr. of the District of Columbia; Eric J. Boswell, Assistant Secretary for Diplomatic Security and Director of the Office of Foreign Missions, U.S. State Department; and Director John Morton of U.S. Immigration and Customs Enforcement (ICE).

Heliber Toro Mejia, 52; Humberto Toro Mejia, 60; and Luz Elena Acuna Rios, 52; all of Bogotá, were charged in a three-count indictment returned by a federal grand jury in the District of Columbia on Feb. 4, 2009. The defendants were arrested on June 2, 2009, by Colombian authorities in Bogotá on provisional arrest warrants in response to a U.S. government request for their arrest. The defendants have been in custody in Colombia since their arrest and prior to their extradition to the United States. Humberto Toro Mejia was arraigned in U.S. District Court for the District of Columbia today and ordered detained by U.S. District Judge Ellen S. Huvelle. Heliber Toro Mejia and Luz Elena Acuna Rios were arraigned on July 14, 2010, and ordered detained by U.S. Magistrate Judge Alan Kay.

According to the indictment, the defendants were the leaders of an extensive and sophisticated visa fraud ring that profited by assisting otherwise inadmissible Colombian nationals in fraudulently procuring visas from the U.S. Embassy in Bogotá. To support the visa applications of alien applicants, the defendants and other conspirators allegedly created fictitious backgrounds for the aliens and fraudulent supporting documentation, including paperwork that appeared to be official Colombian government-issued documents such as tax filings and birth and marriage certificates. The indictment alleges that the conspirators coached the aliens on how to pass the visa interview at the U.S. Embassy in Bogotá by answering questions untruthfully. During the course of this conspiracy, which according to the indictment lasted between July 15, 2005, and March 20, 2007, more than 100 aliens are alleged to have fraudulently obtained or attempted to fraudulently obtain a U.S. visa. According to the indictment, many of those aliens who did obtain a fraudulently-procured visa used that visa to enter the United States.

If convicted, each defendant faces a maximum sentence of 10 years in prison for conspiracy to commit alien smuggling for profit, 10 years in prison for alien smuggling for profit, and five years in prison for conspiracy to commit visa fraud. Each defendant is also subject to a maximum fine of $250,000 for each charge.

The charges are the result of “Operation Coffee Country,” a coordinated international investigation by the Diplomatic Security Service – Regional Security Office in Bogotá and the ICE Attaché’s Office in Bogotá. The Diplomatic Security Service – Criminal Investigations Division and the ICE Special Agent in Charge for Homeland Security Investigations in Washington, D.C. provided substantial assistance.

The government of Colombia, including the Colombian Department of Administrative Security and Colombian prosecutors, provided significant assistance and support during the investigation, arrest and extradition of the defendants. The U.S. Department of Justice’s Office of International Affairs and the U.S. Embassy in Bogotá worked with their counterparts in Colombia to effect the extradition.

The case is being prosecuted by Trial Attorney James S. Yoon of the Criminal Division’s Human Rights and Special Prosecutions Section and Assistant U.S. Attorney Frederick W. Yette of the U.S. Attorney’s Office for the District of Columbia. Significant assistance from the Office of International Affairs was provided by Trial Attorney Nicolette Romano.

An indictment is merely a formal accusation. It is not proof of guilt, and a defendant is presumed innocent unless and until proven guilty.

The entire announcement is here