Comment

How social media can help spot insider threats

Shutterstock image: social media brain.

In May, Director of National Intelligence James Clapper signed Security Executive Agent Directive 5 on the "Collection, Use and Retention of Publicly Available Social Media Information in Personnel Security Background Investigations and Adjudications." The directive was released the night before a House Oversight and Government Reform Committee hearing on the same topic.

It has been a long time coming and overall is a great step forward. However, it might not go far enough.

Under Section E (Policy), the directive states that "agencies may choose to collect publicly available social media information in the personnel security background investigation process." In my opinion, that could have been worded more strongly because the word "may" conveys something optional.

I realize that making a stronger policy statement would lead to questions about funding and tactics. However, reviewing social media is one of the best ways to evaluate individuals against the adjudicative guidelines for determining whether someone should have access to classified information. Those guidelines define what investigators should look for in a background investigation.

The first three guidelines cover:

  1. Allegiance to the United States
  2. Foreign influence
  3. Foreign preference

The new directive also states, "Only publicly available social media information pertaining to the covered individual under investigation shall be intentionally collected."

That statement leaves too many loopholes. Standard Form 86, the Questionnaire for National Security Positions, does not ask applicants to list the social media platforms they use and does not ask for their online identities. That makes it very difficult for investigators to ensure that they are looking at the correct person's online activity. Unless someone uses his or her name for a Twitter handle, public Instagram feed or YouTube channel, how can an investigator be sure?

Chances are if people are applying for security clearances and posting anti-U.S. sentiments online in their spare time, they are probably not doing it in a way that can easily tie back to themselves. Therefore, technology must improve so that investigators can associate disparate user names across multiple social media platforms with a single individual.

The security clearance directive seems to recognize the identity resolution challenge, and in Section E, paragraph 7, it states: "Authorized investigative agencies shall make reasonably exhaustive efforts to verify that any information collected that is discrepant or potentially disqualifying pertains to the covered individual."

It also goes on to say any information that would disqualify an applicant must be investigated, and ultimately, the covered individual must be given a chance to review the proceedings.

The latter part reminds me of the Fair Credit Reporting Act's requirements for issuing adverse-action notices and resolving consumer disputes. It would be difficult to bring social media disputes under similar reporting requirements, but the government seems to be heading in that direction.

However, FCRA's accuracy requirements for identity resolution would be hard to meet, and the consumer dispute process would become overwhelming if applied to social media activity and security clearances.

Further, in the social media world, it is not clear to whom FCRA's data-furnisher requirements would apply because in this context, the individual is furnishing his or her own data.

Every initiative must start somewhere, of course, and Security Executive Agent Directive 5 is a definite improvement over the previous status quo. If the government is serious about strengthening the clearance process, however, more must be done.

About the Author

Jeffrey Huth is vice president of product strategy for TransUnion’s government information solutions division.

Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.