State/OIG Finds @StateDept Revoked Security Clearance in Retaliation For Whistleblowing

 

Via State/OIG

OIG did not substantiate any allegations of whistleblower retaliation related to Department contractors or grantees. However, OIG did substantiate an allegation of a security clearance revocation in retaliation for whistleblowing activity under PPD-19. As required by the Foreign Affairs Manual, OIG reported its findings to the Under Secretary for Management. The report recommended that the whistleblower’s security clearance be reinstated.

#

Presidential Policy Directive-19 (PPD-19) PDF

The brief note from State/OIG’s semi-annual report includes little details about a security clearance revocation, not suspension. According to 12 FAM 233.4, suspension is an independent administrative procedure that does not represent a final determination and does not trigger the procedures outlined in 12 FAM 234, which includes revocation.  With revocation, the Department may determine that immediate suspension without pay from employment under 5 U.S.C. 7532 is deemed advisable.

After State/OIG’s referral to “M”, the Under Secretary for Management will reportedly transmit the IG materials to the Security Appeals Panel, “if one is convened in the matter, and to other Department officials as appropriate” according to the Foreign Affairs Manual.

Note that the State Department does not have a Senate-confirmed “M” as of this writing. We want to know if the security clearance is not reinstated per OIG recommendation.

State/OIG’s semi-annual report also does not include information on consequences for the individual/individuals who perpetrated the revocation of this whistleblower’s security clearance in retaliation for whistleblowing activity.

#

.

Advertisements

OPM’s Security Clearance Backlog Now At 500,000+ Govt-Wide

Posted: 4:14 am ET
[twitter-follow screen_name=’Diplopundit’ ]

 

The State Department recently sent an agency-wide message from the Under Secretary for Management which provide timelines for job applicants and employees who are in the process of applying or renewing their security clearances. The Bureau of Diplomatic Security adjudicates security clearances and renewals for all State Department employees but we understand that contractors are mostly processed by the Office of Personnel Management (OPM).  The message notes that OPM currently has a backlog of more than 500,000 clearances government-wide.

In terms of length of adjudication, apparently 60% of the Department’s initial Top Secret investigations are completed within six months while 66% of its initial Secret investigations are completed in four months. When compared government-wide, the Department adjudicates security clearances much faster than the government-wide average. So that’s good, except, of course, if you’re the one waiting for it, six months is a loooong time. We don’t know what is the average wait time for the remaining 40% awaiting their TS clearance or the 34% awaiting for their Secret clearance?

But the OPM backlog of more than 500,000 clearances government-wide? Not so good.  With a new administration transitioning in next year, waiting for a security clearance may just be like Beetlejuice waiting at the DMV without an appointment.

Via reactiongifs.com

Via reactiongifs.com

In related news, OPM is also in the news because the House Oversight and Reform Committee released its report yesterday on The OPM Data Breach: How the Government Jeopardized Our National Security for More than a Generation (read PDF or read below).  The report details the  exfiltration by two hacking teams of the security background data on 21.56 million individuals, the personnel files of 4.2 million former and current US government employees and the fingerprints for 5.6 million of them.

You will not be surprised to hear that OPM/OIG has warned since at least 2005 that the information maintained by OPM was vulnerable to hackers. US-CERT had also warned the department of a malware  operating on its servers in 2012, and again in 2014, CERT warned that a hacker had managed to get information out of the OPM servers. The report notes that the damage could have been mitigated if the security of the sensitive data in OPM’s critical IT systems had been prioritized and secured.

Read the report here:

 

#

More Email Fallout and Security Clearance: @StateDept Says, “We’ll do it by the FAM.”

Posted: 4:22 am ET
[twitter-follow screen_name=’Diplopundit’ ]

The State Department has reportedly resumed its internal review related to the Clinton emails.  The spox refused to confirm “what specific materials” the State Department will consider or “what individuals may or may not be evaluated for possible employment or security clearance-related actions.” Note that this internal review is conducted by Diplomatic Security; perhaps due to public interest the results of the review may be released to the public, but that is not a given.

Via DPB dated July 15, 2016

We have additional information to provide about our internal review process. I will not be speaking about any specific case, nor will I be engaging in hypotheticals. As is standard, to protect the integrity of our work we cannot discuss the details of an ongoing review. Just as the FBI did not comment on its investigation, while it is ongoing we will not comment on our review.

That means I cannot confirm for you what specific materials we will consider or what individuals may or may not be evaluated for possible employment or security clearance-related actions. Our policy – so yes, it is —

QUESTION: What can you tell us?

MS TRUDEAU: It is moving. Yes, well, let’s go and I’ll give you exactly what we can.

Our policy is to assess each case on its own merits while taking into account all relative – relevant facts and circumstances. Furthermore, the department cannot comment on the status of any particular individual’s security clearance. Our goal is to complete this process thoroughly and expeditiously, but we will not put arbitrary deadlines on our work.

There is a significant amount of information about our process available to the public online. You’ll like this: For instance, I would point you to our Foreign Affairs Manual, specifically 12 FAM 500 and 230 sections. I’ll do my best to outline this process from the podium, but I cannot speak to every provision in the FAM. I also cannot speak to how the process will be applied to account for any specific circumstances.

In summary – and I still have a lot more to go, so stay with me – Diplomatic Security is responsible for evaluating security incidents and then reviewing them as appropriate for potential security clearance-related actions. Diplomatic Security is also responsible for referring certain incidents to our Bureau of Human Resources for potential employment actions. No matter the individual or conduct involved, the department conducts the review process in a professional, impartial, and fair manner that takes into account all relevant circumstances.

Multiple components within Diplomatic Security are involved in the process, supervised and overseen by the assistant secretary for Diplomatic Security. One component of Diplomatic Security conducts an initial assessment of security incidents and, when appropriate, issues security infractions or security violations. Security clearance reviews are conducted by a different DS component. As with Director Comey at the FBI and Attorney General Lynch at DOJ, it’s standard for our chief law enforcement officer, the assistant secretary for Diplomatic Security, to be involved with high-profile or complex matters, which is certainly the case here.

Assistant Secretary Greg Starr is the person in Diplomatic Security who is ultimately responsible for affirming or rejecting recommendations to revoke an individual’s security clearance. A decision to revoke a security clearance may be appealed to the Security Appeals Panel. Similarly, our human resource process can include multiple components, but ultimately Director General Arnold Chacon is responsible for taking disciplinary actions on an employee. That’s our process.

I know there’s questions about potential outcomes of the process. The short answer is that outcomes for any individual depend on their specific circumstances taking into account all of the relevant facts. This is what our review will determine. Current employees can face a range of employment discipline including reprimand, suspension, and termination. People with security clearances, including former employees, could have those clearances suspended and/or revoked.

We also maintain a security file on all personnel involved in security incidents. For individuals who no longer have a security clearance, the incident information is kept in their security file so it can be considered if they apply for a security clearance in the future. When evaluating whether a person remains eligible for access to classified information, the department follows the whole person approach based on the government-wide adjudication guidelines. Our Foreign Affairs Manual states that, quote, “Each case will be judged on its own merits,” end quote, based on specific, quote, “facts and circumstances,” end quote. Under the guidelines we can look at the severity of an incident, whether the person is a repeat offender, whether the individual is amenable to training or reform, and whether the incident was a technical violation or resulted in actual harm to national security.

As we have said, now that the FBI and DOJ have concluded their investigation, the department intends to conduct a review of Secretary Clinton’s emails according to our well established Security Incident Program. We’re preparing to conduct our review.

QUESTION: Okay.

MS TRUDEAU: So there’s a lot. Thank you for your patience.

QUESTION: Well, I’ve got to digest quite a few.

MS TRUDEAU: Yeah.

QUESTION: But be with me on this, because I’m trying to get my head around it.

MS TRUDEAU: Yeah.

QUESTION: So the question here is: Has the FBI handed over – and how many emails has the FBI handed over to be reviewed?

MS TRUDEAU: At this stage, we have not received any from the FBI.

QUESTION: Have they indicated to you when that’s going to be?

MS TRUDEAU: I have no timeline on that, but we have not received them.

QUESTION: And then on DS, are they the – do they have the final word? Would – does Greg Starr have the – Assistant Secretary Greg Starr have the final word on this? Or can Secretary Kerry or even the President overturn those decisions or have the final say?

MS TRUDEAU: So I said there is – as I mentioned, there is a significant amount of information about our process online. So for this particularly, look at section 230 and 500 of 12-FAM. The 500 section outlines the Security Incident Program, which is handled by the Program Applications Division of Diplomatic Security. The 230 section outlines the security clearance, which is administered by the Office of Personnel Security and Suitability, also within DS. Both components operate under the oversight and supervision of the assistant secretary for Diplomatic Security.

QUESTION: So when it comes to Diplomatic Security, is that withdrawn – as you’re investigating it, is that withdrawn at the end or is it withdrawn at the beginning? Is it frozen? How does that work?

MS TRUDEAU: So the process you’re talking about – and forgive me for the FAM references, but it’s really detailed and really specific. So if people are looking for the details on this, refer to 12-FAM 233.4. I’m going to refer you there. As a general matter, the suspension of a security clearance is available if Diplomatic Security determines it’s appropriate while they carry out their review. However, if you read the FAM, you’ll see it’s not an automatic process; whether or not to suspend a person’s clearance depends on the circumstances. It’s a judgment of the trained professionals in DS.

QUESTION: And then how unusual is it that Diplomatic Security – or how unusual is it that this process – that you use this process?

MS TRUDEAU: So I’m not – it’s – I’m not going to talk sort of precedent, but I would say that there is offices within Diplomatic Security, and this is their mandate. All of us within the department – and we’ve spoken about this; Secretary Kerry has spoken about this – have the obligation to safeguard and correctly handle information.

QUESTION: So would this also include former employees? It includes former employees, right?

MS TRUDEAU: As I’ve said.

QUESTION: As you said. Does it include employees that are not part of the State Department but might also be involved in this – in the emails?

MS TRUDEAU: Okay, I’m not going to speak, as I mentioned, to the specifics of any individual, any case. I just want to outline this broadly, bring you guys up to date on it, and give you the references, because it is such a technical and granular matter.

QUESTION: Yeah. But I mean, as you know, Secretary Kerry – Secretary Clinton has been involved in this, and a lot of people are wondering how this could affect her. So would you be able to make some kind of outcome whether it includes her or whether it includes somebody in a lower position? Is everybody going to be looked at equally?

MS TRUDEAU: Again, I just can’t speak to the specifics on who will be reviewed, what incidents will be reviewed. But I will say the review is taking place.

QUESTION: And you can’t tell us when this review is going to start?

MS TRUDEAU: No. No, they – the idea of projecting a timeline on this – we’ll say they’re committed to a fair, impartial, and absolutely rigorous process.

QUESTION: And when you say – just one more question.

MS TRUDEAU: Sure.

QUESTION: When the FBI says that it’s looking at thousands of withheld emails, that it’s going to give State thousands, you don’t know if it’s going to be thousands or if it’s going to be hundreds? You have no idea?

MS TRUDEAU: I couldn’t speak to the FBI documents.
[…]
QUESTION: Is Pat Kennedy going to be involved in any of this?

MS TRUDEAU: Okay, so thanks for the question.

QUESTION: I know there’s been some questions about that.

MS TRUDEAU: Yeah. So first, as we’ve said many times, Under Secretary Kennedy did not approve nor was he aware of the extent to which Secretary Clinton was using personal emails. No matter the individual or the conduct involved, the department will conduct and does conduct the security clearance process review in a professional, impartial, and fair manner that takes into account all relevant circumstances.

According to our Foreign Affairs Manual, the Under Secretary for Management Pat Kennedy becomes involved in a security clearance revocation in the event of an appeal. He is a member of a three-person panel that’s at the very end of our process. I’m not going to speculate that it’ll even get that far.

QUESTION: And you said Secretary Kerry is not going to be involved?

MS TRUDEAU: So Secretary Kerry will be informed of the details, the results of the review, after its completion. Again, I’m not going to speculate on outcomes or hypotheticals. As we’ve said many times from this podium, he wants this review done by the book, and the book requires Diplomatic Security lead and conduct this review.

QUESTION: And then just one more small one.

MS TRUDEAU: Sure.

QUESTION: Will the – so FAM is pretty clear that supervisors (inaudible) be held responsible for their subordinates’ actions. How are you going to deal with this? Is this —

MS TRUDEAU: That is – that’s something I think I’m not going to speculate on that. I’m not going – I can’t speak to the details of that. I can’t speak to the review. And honestly, I’m not going to get into hypotheticals on the review.

QUESTION: Yeah. And then are you going to deal it as one big infraction, or are you going to look at several —

MS TRUDEAU: Again —

QUESTION: You don’t know?

MS TRUDEAU: I can’t speak to how they’ll do it – specific incident, individuals. It’s just the review is happening.

QUESTION: Will they —

MS TRUDEAU: We’ll do it by the FAM.

#

New Directive: Social Media Info Collection For Security Clearance Background Investigations

Posted: 1:37 am ET
[twitter-follow screen_name=’Diplopundit’ ]

 

On May 12, 2016, the Director of National Intelligence (DNI) authorized the use of social media by official investigators who are conducting background investigations for security clearances.

The directive addresses the collection and use of publicly available social media information during the conduct of personnel security background investigations and adjudications for determining initial or continued eligibility for access to classified national security information or eligibility to hold a sensitive position and the retention of such information. This affects prospective hires and all employees who are subjects of periodic investigations.

The policy says that agencies “may choose to collect publicly available social media information in the personnel security hackground investigation process, which pertains to the covered individual’s associations, behavior and conduct, as long as the information pertains to the adjudicative guidelines for making determinations of initial or continued eligibility for access to classified information or eligibility to hold a sensitive position.”

  • Authorized investigative agencies may collect, usc, and retain publicly available social media information as part of a covered individual’s background investigation and, if collected, shall incorporate the relevant results in the investigative record. The period of coverage for publicly available electronic information will be consistent with the scope of the investigation.
  • Authorized adjudicative agencies may use and retain publicly available social media information when determining initial or continued eligibility of a covered individual for access to classified information or eligibility to hold a sensitive position.
  • Collection of publicly available social media information shall only be conducted after obtaining the signed Authorization for Release of information form of the Standard Form 86, Questionnaire for National Security Positions, which includes notice of the collection of such information.
  • Only publicly available social media information pertaining to the covered individual under investigation shall intentionally be collected. Absent a national security concern, or criminal reporting requirement, information pertaining to individuals other than the covered individual will not be investigated or pursued. Information inadvertently collected relating to other individuals will not be retained unless that information is relevant to a security determination or the covered individual.

The directive says that covered individuals “shall not be requested or required” to provide passwords, log into a private account; or take any action that would disclose non-publicly available social media information. Agencies are also precluded from creating accounts or using existing accounts on social media for the purpose of connecting (e.g., “friend”, “follow”) to a covered individual or enlist the assistance of a third party in order to bypass privacy controls and/or access otherwise non-publicly available social media information.

Read more below or see Collection, Use, and Retention of Publicly Available Social Media Information in Personnel Security Background Investigations and AdjudicationsSecurity Executive Agent Directive 5, May 12, 2016.

Via FAS/Secrecy News:

 

#

@StateDept may soon get the ‘security clearance suspension without pay’ hammer, it’s a baaad idea

Posted: 1:02 am PT
[twitter-follow screen_name=’Diplopundit’ ]

 

In addition to some 40 reports a year mandated by the 2016 authorization bill, it also includes a troubling provision for suspension without pay (SWOP) whenever the security clearance of a Foreign Service member is suspended. Not just for suspension for national security reasons anymore. If this bill is signed into law, won’t the State Department be able to put any employee on suspension without pay, at any time, for any reason?

We blogged about this last year:

The most widely reported FSO with a suspended clearance in recent memory is Peter Van Buren whose TS clearance was suspended for about a year. Under this proposed bill, PVB would not have been assigned to a telework position or paid for the duration of his fight with the State Department. Which means he and others like him would have to quit and find a paying job or starve unless he/she has a savings account that can sustain the investigation for a year or years.

Any FS employee who might dissent or engage in whistleblowing activity, any perceived troublemaker for that matter, can be put on SWOP, and that would be it.  An FSO who experienced first hand the suspension of a security clearance put this in very stark terms:

In practical terms they can remove the employee instantly, without telling anyone why until much later, by which time the employee will have resigned unless they can afford to go for months or years without a salary. And once the employee has resigned, the case is closed, the former employee loses their clearance because they resigned, and with it any right to know the reasons for the suspension. If the employee quits, the Department does not have to justify itself to anyone, and if the Department doesn’t have to pay them, 99.9 percent will quit.

The bill provides for a “reasonable time to respond orally and in writing to the proposed suspension” — members of the Foreign Service assigned to duty in the United States will get 15 days after receiving notice of the proposed suspension; members of the Foreign Service assigned to duty outside the United States will 30 days after receiving notice of the proposed suspension. It also provides for what appears to be a very limited review by the Foreign Service Grievance Board (FSGB).

via reactiongifs.com

via reactiongifs.com

An insider told us that basically any dissenter can be taken off the payroll almost at will, just by putting a national security spin on their dissent – which apparently can be quite easy to do.

Word has it that this has been on the State Department’s wish list since at least the Rice tenure as secretary of state. So now, it’s here and if it’s passed, it will add a new layer of chill to an already risk averse organization.

It is important to note that the investigation to a security clearance suspension can go on for years. A lawyer who has represented FS employees on security clearance cases, J. Michael Hannon writes on FSJ:

Under State Department regulations and established law, the Bureau of Diplomatic Security has the sole authority to determine whether your security clearance should be suspended on the basis of “all facts available upon receipt of the initial derogatory information.” The standard to be applied is to determine whether it is “in the interests of national security” to continue your security status or to suspend it.

The regulations further provide that DS investigations must be “reported in a timely manner” and issues requiring temporary suspension of clearance must be resolved “as quickly as possible (normally within 90 days).” The department is, however, permitted to continue suspension of an individual’s clearance “until the relevant issues have been fully resolved.” If that seems open-ended, it is.

Employees are already afforded just “minimal due process” (typically a notice and an opportunity to respond) in these security clearance investigations.  Apparently, there are “no rules of evidence that pertain to a DS investigation or restrain its conclusions.”  So when investigations can go on for a year, or two, or even several years as in some cases, which employee can sustain on an indefinite no work and no pay arrangement? An employee overseas given 30 days to respond, some with no housing or families in the DC area, will have to deal with the suspension, and relocation of self and family members at the same time.  Posts will have to deal with staffing gaps.

If the organization wants to get rid of an employee — for whatever reason — what’s the incentive to resolve the suspension quickly when given enough time, most employees will be forced to quit under these circumstances?

Not only that, we can already imagine several scenarios where hostile security services can undermine our diplomatic service by a well-placed rumor or allegation here and there while availing of this prospective hammer.

S.1635 Department of State Operations Authorization and Embassy Security Act, Fiscal Year 2016 passed the Senate by unanimous consent on April 28, 2016. (See Whoa! Senate Passes @StateDept Operations Authorization and Embassy Security Act, FY2016).  The House needs to pass it as well, and we haven’t been able to find the House bill.  However, on April 29, the Senate did send a message to the House requesting its concurrence to the FY16 authorization bill.  The bill is currently held at the desk for floor action; it doesn’t look like the House will be back in session until May 10.

Read the bill via congress.gov, the congressional record in PDF or as TEXT here. Below is the text on the security clearance suspension provision:

SEC. 216. SECURITY CLEARANCE SUSPENSIONS.

(a) Suspension.—Section 610 of the Foreign Service Act of 1980 (22 U.S.C. 4010) is amended—

(1) by striking the section heading and inserting the following:

“SEC. 610. SEPARATION FOR CAUSE; SUSPENSION”; AND

(2) by adding at the end the following:

“(c) (1) In order to promote the efficiency of the Service, the Secretary may suspend a member of the Service without pay when—

“(A) the member’s security clearance is suspended; or

“(B) there is reasonable cause to believe that the member has committed a crime for which a sentence of imprisonment may be imposed.

“(2) Any member of the Foreign Service for whom a suspension is proposed under this subsection shall be entitled to—

“(A) written notice stating the specific reasons for the proposed suspension;

“(B) a reasonable time to respond orally and in writing to the proposed suspension;

“(C) representation by an attorney or other representative; and

“(D) a final written decision, including the specific reasons for such decision, as soon as practicable.

“(3) Any member suspended under this subsection may file a grievance in accordance with the procedures applicable to grievances under chapter 11.

“(4) If a grievance is filed under paragraph (3)—

“(A) the review by the Foreign Service Grievance Board shall be limited to a determination of whether the provisions of paragraphs (1) and (2) have been fulfilled; and

“(B) the Board may not exercise the authority provided under section 1106(8).

“(5) In this subsection:

“(A) The term ‘reasonable time’ means—

“(i) with respect to a member of the Foreign Service assigned to duty in the United States, 15 days after receiving notice of the proposed suspension; and

“(ii) with respect to a member of the Foreign Service assigned to duty outside the United States, 30 days after receiving notice of the proposed suspension.

“(B) The terms ‘suspend’ and ‘suspension’ mean placing a member of the Foreign Service in a temporary status without duties and pay.”.

(b) Clerical Amendment.—The table of contents in section 2 of such Act is amended by striking the item relating to section 610 and inserting the following:
“Sec. 610. Separation for cause; suspension.”.

 

Related item:

SECURITY CLEARANCES: KNOW YOUR RIGHTS (PDF)

Related posts:

 

 

Spying Case Against Robin Raphel Fizzles; AG Lynch’s “Houston, We Have a Problem” Moment

Posted: 2:05 am EDT
[twitter-follow screen_name=’Diplopundit’ ]

 

We blogged about the Robin Raphel case in September (see The Murky Robin Raphel Case 10 Months On, Remains Murky … Why?.

In November 2014, we also blogged this: Robin Raphel, Presumption of Innocence and Tin Can Phones for Pak Officials.

On October 10, the NYTimes reported that officials apparently now say that the spying investigation has all but fizzled. This leaves the Justice Department to decide whether to prosecute Ms. Raphel for the far less serious charge of keeping classified information in her home.

The fallout from the investigation has in the meantime seriously damaged Ms. Raphel’s reputation, built over decades in some of the world’s most volatile countries.

If the Justice Department declines to file spying charges, as several officials said they expected, it will be the latest example of American law enforcement agencies bringing an espionage investigation into the public eye, only to see it dissipate under further scrutiny. Last month, the Justice Department dropped charges against a Temple University physicist who had been accused of sharing sensitive information with China. In May, prosecutors dropped all charges against a government hydrologist who had been under investigation for espionage.
[…]
Some American investigators remain suspicious of Ms. Raphel and are loath to abandon the case entirely. Even if the government cannot mount a case for outright spying, they are pushing for a felony charge related to the classified information in her home.

.

.

.

.

.

.

In the case of Xiaoxing Xi, the Temple university professor and head of the school’s physics department, federal authorities handling the case were said to have misunderstood key parts of the science behind the professor’s work.  Mr. Xi’s lawyer said, “We found what appeared to be some fundamental mistakes and misunderstandings about the science and technology involved here.” The federal officials handling the Xi case did not know the science but went ahead and indicted him anyway.

Are we going to hear soon that the federal officials handling the Raphel case also made some fundamental mistakes and misunderstanding of the diplomatic tradecraft?  At least two of these officials leaked the probe to the news media even if no charges were filed against Ambassador Raphel.

This  was not a harmless leak. She lost her security clearance, and her job at the State Department without ever being charged of any crime. And in the court of social media, just the news that she is reportedly the subject of a spying investigation is enough to get her attacked and pilloried for treason. Perhaps, the most disturbing part in the report is that the authorities appear to have no case against her for spying, so now they’re considering slapping her with a felony charge under the Espionage Act.

Now, why would they do that?

Perhaps to save face and never having to admit that federal authorities made a mistake or lack an understanding of international statecraft? They could say —  see, we got something out of a year’s worth of investigation, so it was not completely useless.

Or perhaps because American investigators still viewed Ambassador Raphel’s relationships with deep suspicion?

Because, obviously, “deep suspicion” is now the bar for an espionage charge?

We should note that the hydrologist, Sherry Chen was cleared of spying charges but was notified in September that she will be fired by the National Weather Service for many of the same reasons the USG originally prosecuted her. Xiaoxing Xi of Temple University had been charged with “four counts of wire fraud in the case involving the development of a pocket heater for magnesium diboride thin films.” The USG asked to dismiss the case without prejudice, meaning it could be revived, according to philly.com.

Unlike the Chen and Xi cases, Raphel was never charged and was not afforded the right to defend herself in the court of law.  What we have in one case may have been a misunderstanding, a second case, may well have been a mistake, but a third case is certainly, a trend.

This is AG Loretta Lynch’s  “Houston, we have a problem” moment.

#

What Information Is Collected on OPM’s Background Investigation Forms?

Posted: 2:44  am EDT
[twitter-follow screen_name=’Diplopundit’ ]


Via
CRS Insight

The information collected will depend on the applicant’s position and the type of background investigation required. OPM uses three standard forms for background investigations: SF-85, SF-85P, or SF-86 form. The forms are typically submitted electronically using OPM’s Electronic Questionnaires for Investigations Processing (e-QIP) system. OPM had suspended use of e-QIP “for security enhancements,” but re-enabled the system on July 23, 2015.

Data Collected for Non-Sensitive Positions

The eight-page SF-85 is required for applicants to non-sensitive positions (e.g., positions that do not require a security clearance) who require physical access to government facilities and who are in positions with a “low risk” to cause damage to the federal government or national security. The responsibilities of these positions are limited and there is little opportunity to use such positions for personal gain. For this reason, the information collected is relatively limited in scope and includes

  • full name, aliases, and SSN;
  • citizenship information;
  • employment information and addresses for the past five years; and
  • information on use or possession of illegal drugs (including marijuana) in the previous year.

Data Collected for “Positions of Public Trust”

The 11-page SF-85P is required for applicants in “Positions of Public Trust,” (i.e., positions that do not involve access to classified information, but that demand a “significant degree of public trust” due to the level of policymaking or other responsibilities). These positions may involve a “significant risk for causing damage [to the federal government] or realizing personal gain.” In addition to the information listed above, the SF-85P requires

  • identifying information (e.g., height, weight, eye and hair color);
  • military service information;
  • employment information and addresses for the past seven years; schools, if any, attended during the past seven years;
  • name, address, and telephone number of three personal references and immediate family members;
  • criminal arrests and/or convictions for the past seven years (excluding incidents prior to the applicant’s 16th birthday or traffic fines under $150);
  • financial information, including bankruptcies during the past seven years and any delinquent financial obligations;
  • foreign travel during the past seven years; and
  • information on use or possession of illegal drugs (including marijuana) in the previous year and any illegal purchase, sale, or transport of drugs in the previous seven years.

Data Collected for Security Clearances and Other National Security Positions

The 127-page SF-86 form is required for applicants to national security sensitive positions, which includes (but is not limited to) positions that require a security clearance. In addition to the information listed above, the SF-86 requires

  • employment information and home addresses for the past 10 years;
  • schools attended for the past 10 years, including a reference at each school attended;
  • personal information (including SSN) for current spouse or cohabitant;
  • foreign contacts, travels, and/or activities;
  • associations with individuals or groups dedicated to terrorism or the violent overthrow of the U.S. government;
  • details on applicant’s “psychological and emotional health,” including, with certain exceptions, details on treatments during the past seven years;
  • additional information on criminal activities, including convictions or charges involving firearms or explosives;
  • alcohol use in the past seven years that has negatively impacted the applicant’s work, personal relationships, finances, or resulted in “intervention by law enforcement/public safety personnel”;
  • use, possession, or other involvement with illegal drugs (including marijuana) in the past seven years or at any time while holding a clearance;
  • details on the applicant’s financial condition and civil court actions; and improper use of information technology systems.

What Other Records Are Contained in OPM’s Personnel Security Background Investigation Files?

OPM’s systems also include information gathered by investigators during the background investigation process, such as summaries of interviews with the applicant’s family members, co-workers, friends, and neighbors. Additionally, investigators may run credit checks, pull civil and criminal court records, and run checks of state and federal agency records to verify information that the applicant provided on the application.

According to OPM’s most recent Privacy Act Notice, personnel investigation records may also include information provided by other agencies, such as:

  • Internal Revenue Service income tax returns;
  • prior security clearance investigative records; and
  • clearance adjudicative records, including polygraph results, if applicable.

It is unclear from OPM’s news release if these types of investigative records were compromised in the breach.

#

S.1635: DOS Operations Authorization and Embassy Security Act, Fiscal Year 2016 – Security Clearance

Posted: 6:17 pm EDT
Updated: 11:31 am PDT
[twitter-follow screen_name=’Diplopundit’ ]

Update: A source on the Hill alerted us that the State Authorization bill was offered as an amendment when the NDAA was debated in the Senate last month but it was not voted on and the NDAA passed on June 18 (That would be H.R. 1735 which passed 215 (71-25)  We understand that both chambers are now starting the process to bring the bill to conference in order to resolve differences.  The State Authorization bill, we are told, will not be part of those discussions.  In order for this to move forward, it will either need to be brought to the floor as a stand alone vote or Corker/Cardin could try again to attach it to another piece of legislation. Given that this is the first authorization bill passed by the SFRC in 5 years, and made it through the committee with bi-partisan support, we suspect that the this is not the end of this bill. We hope to write a follow-up post on the security clearance component of this legislation.
— DS

On June 9, 2015, U.S. Senators Bob Corker (R-Tenn.) and Ben Cardin (D-Md.), the chairman and ranking member of the Senate Foreign Relations Committee, applauded the unanimous committee passage of the Fiscal Year 2016 Department of State Operations Authorization and Embassy Security Act. The SFRC statement says that it has been five years since the Senate Foreign Relations Committee passed a State Department Authorization bill and 13 years since one was enacted into law.

“Our committee has a responsibility to ensure limited federal resources for the State Department are used in a cost-effective manner to advance U.S. interests,” said Corker. “This effort takes a modest but important step toward reestablishing oversight of the State Department through an annual authorization, which hasn’t been enacted into law since 2002. In addition to prioritizing security upgrades for U.S. personnel at high threat posts, the legislation lays the groundwork to streamline State Department operations and make them more effective.”

This State Department Authorization bill has been offered as an amendment to the National Defense Authorization Act, which currently is on the Senate floor. It is quite lengthy so we will chop this down in bite sizes.

Below is the part related to the suspension of security clearance. If this bill passes,  it means placing a member of the Foreign Service in a temporary status without duties and without pay once a determination to suspend clearance has been made. Diplomats with suspended clearances are typically given desk jobs or telecommuting work that require little or none of their expertise; looks like this bill changes that. The bill does not say what happens (does he/she gets back pay?) if the suspension of clearance does not result in revocation and the employee is reinstated. Or if suspended employees with no work/no pay will be allowed to take temporary jobs while waiting for the resolution of their suspended clearances.

Section 216. Security clearance suspensions

(a)Suspension

Section 610 of the Foreign Service Act of 1980 (22 U.S.C. 4010) is amended—

(1)by striking the section heading and inserting the following:

610.Separation for cause; suspension

; and

(2)by adding at the end the following:

(c)

(1)In order to promote the efficiency of the Service, the Secretary may suspend a member of the Service without pay when—

(A)the member’s security clearance is suspended; or

(B)there is reasonable cause to believe that the member has committed a crime for which a sentence of imprisonment may be imposed.

(2)Any member of the Foreign Service for whom a suspension is proposed under this subsection shall be entitled to—

(A)written notice stating the specific reasons for the proposed suspension;

(B)a reasonable time to respond orally and in writing to the proposed suspension;

(C)representation by an attorney or other representative; and

(D)a final written decision, including the specific reasons for such decision, as soon as practicable.

(3)Any member suspended under this subsection may file a grievance in accordance with the procedures applicable to grievances under chapter 11.

(4)If a grievance is filed under paragraph (3)—

(A)the review by the Foreign Service Grievance Board shall be limited to a determination of whether the provisions of paragraphs (1) and (2) have been fulfilled; and

(B)the Board may not exercise the authority provided under section 1106(8).

(5)In this subsection:

(A)The term reasonable time means—

(i)with respect to a member of the Foreign Service assigned to duty in the United States, 15 days after receiving notice of the proposed suspension; and

(ii)with respect to a member of the Foreign Service assigned to duty outside the United States, 30 days after receiving notice of the proposed suspension.

(B)The terms suspend and suspension mean placing a member of the Foreign Service in a temporary status without duties and pay.

More here: Department of State Operations Authorization and Embassy Security Act, Fiscal Year 2016. This old article (pdf) on security clearance and knowing your rights might also be a useful to read.

#

#OPMBreach: Back to Paper SF-86s, No More Social Media at OPM, Scary Movie Chinese Edition

Posted: 2:15 pm EDT
[twitter-follow screen_name=’Diplopundit’ ]

.

.

.

.

.

.

 

Related Posts:

 

OPM Hack Compromises Federal Employee Records, Not Just PII But Security Clearance Info

Posted: 3:39 am EDT
[twitter-follow screen_name=’Diplopundit’ ]

 

On June 4, WaPo reported that hackers working for the Chinese state breached the computer system of the Office of Personnel Management in December, and that the agency will notify about 4 million current and former federal employees that their personal data may have been compromised.

We should note that OPM’s Federal Investigative Services (OPM-FIS) oversees approximately 90% of all background investigations.

Reuters reported on June 6 that most of the State Department employees had not been exposed to the breach because their data was not housed on the hacked OPM systems. Apparently, only those who had previously been employed by another federal agency may have been exposed, it said. Did you get the notice on the data breach?

It appears, however, that OPM has a requirement that all candidates being offered positions of employment at U.S. government agencies or departments, including at the State Department, are to complete their Questionnaires for National Security Positions (SF-86) on-line via the electronic Questionnaires for Investigations Processing (e-QIP). We don’t know what happens to those completed questionnaires after they are submitted to OPM; are they transferred to the State Department and deleted from OPM servers?

OPM released the following statement:

The U.S. Office of Personnel Management (OPM) has identified a cybersecurity incident potentially affecting personnel data for current and former federal employees, including personally identifiable information (PII).

Within the last year, the OPM has undertaken an aggressive effort to update its cybersecurity posture, adding numerous tools and capabilities to its networks.  As a result, in April 2015, OPM detected a cyber-intrusion affecting its information technology (IT) systems and data. The intrusion predated the adoption of the tougher security controls.

OPM has partnered with the U.S. Department of Homeland Security’s Computer Emergency Readiness Team (US-CERT) and the Federal Bureau of Investigation (FBI) to determine the full impact to Federal personnel. OPM continues to improve security for the sensitive information it manages and evaluates its IT security protocols on a continuous basis to protect sensitive data to the greatest extent possible. Since the intrusion, OPM has instituted additional network security precautions, including: restricting remote access for network administrators and restricting network administration functions remotely; a review of all connections to ensure that only legitimate business connections have access to the internet; and deploying anti-malware software across the environment to protect and prevent the deployment or execution of tools that could compromise the network.

As a result of the incident, OPM will send notifications to approximately 4 million individuals whose PII may have been compromised.  Since the investigation is on-going, additional PII exposures may come to light; in that case, OPM will conduct additional notifications as necessary.  In order to mitigate the risk of fraud and identity theft, OPM is offering credit report access, credit monitoring and identify theft insurance and recovery services to potentially affected individuals through CSID®, a company that specializes in these services.  This comprehensive, 18-month membership includes credit monitoring and $1 million in identity theft protection services at no cost to enrollees.

“Protecting our Federal employee data from malicious cyber incidents is of the highest priority at OPM,” said OPM Director Katherine Archuleta. “We take very seriously our responsibility to secure the information stored in our systems, and in coordination with our agency partners, our experienced team is constantly identifying opportunities to further protect the data with which we are entrusted.”

OPM has issued the following guidance to affected individuals:

•Monitor financial account statements and immediately report any suspicious or unusual activity to financial institutions.

•Request a free credit report at www.AnnualCreditReport.com or by calling 1-877-322-8228.  Consumers are entitled by law to one free credit report per year from each of the three major credit bureaus – Equifax®, Experian®, and TransUnion® – for a total of three reports every year.  Contact information for the credit bureaus can be found on the Federal Trade Commission (FTC) website, www.ftc.gov.

•Review resources provided on the FTC identity theft website, www.identitytheft.gov.  The FTC maintains a variety of consumer publications providing comprehensive information on computer intrusions and identity theft.

•You may place a fraud alert on your credit file to let creditors know to contact you before opening a new account in your name.  Simply call TransUnion® at 1-800-680-7289 to place this alert.  TransUnion® will then notify the other two credit bureaus on your behalf.

How to avoid being a victim:

•Be suspicious of unsolicited phone calls, visits, or email messages from individuals asking about employees or other internal information.  If an unknown individual claims to be from a legitimate organization, try to verify his or her identity directly with the company.

•Do not provide personal information or information about your organization, including its structure or networks, unless you are certain of a person’s authority to have the information.

•Do not reveal personal or financial information in email, and do not respond to email solicitations for this information. This includes following links sent in email.

•Do not send sensitive information over the Internet before checking a website’s security (for more information, see Protecting Your Privacy, http://www.us-cert.gov/ncas/tips/ST04-013).

•Pay attention to the URL of a website.  Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com vs. .net).

•If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly.  Do not use contact information provided on a website connected to the request; instead, check previous statements for contact information.  Information about known phishing attacks is also available online from groups such as the Anti-Phishing Working Group (http://www.antiphishing.org).

•Install and maintain anti-virus software, firewalls, and email filters to reduce some of this traffic (for more information, see Understanding Firewalls, http://www.us-cert.gov/ncas/tips/ST04-004; Understanding Anti-Virus Software, http://www.us-cert.gov/ncas/tips/ST04-005; and Reducing Spam, http://www.us-cert.gov/ncas/tips/ST04-007).

•Take advantage of any anti-phishing features offered by your email client and web browser.

•Employees should take steps to monitor their personally identifiable information and report any suspected instances of identity theft to the FBI’s Internet Crime Complaint Center at www.ic3.gov.

Potentially affected individuals can obtain additional information about the steps they can take to avoid identity theft from the following agencies. The FTC also encourages those who discover that their information has been misused to file a complaint with them.

More:
.

.

.

.

#