Trying to prevent more WikiLeaks embarrassments, the Obama administration is telling federal agencies to take aggressive new steps to prevent leaks of classified documents, including instituting “insider threat” programs to ferret out disgruntled employees who might be inclined to leak classified documents, NBC News has learned.
As part of these programs, agency officials are being asked to figure out ways to “detect behavioral changes” among employees who might have access to classified documents.
A highly detailed 11-page memo prepared by U.S. intelligence officials and distributed by Jacob J. Lew, director of the White House Office of Management and Budget, suggests that agencies use psychiatrists and sociologists to measure the “relative happiness” of workers or their “despondence and grumpiness” as a way to assess their trustworthiness. The memo was sent this week to senior officials at all agencies that use classified material.
The memo also suggests that agencies take new steps to identify any contacts between federal workers and members of the news media. “Are all employees required to report their contacts with the media?” the memo asks senior officials about the policies at their agencies.
The memo is the latest step in a high-priority administration initiative begun in the wake of the WikiLeaks debacle. It has taken on potentially even more significance in recent days with the disclosure this week that Rep. Darrell Issa, R-Calif., the new chairman of the House Oversight and Government Reform Committee, plans to investigate what policies the White House is implementing to prevent future leaks.
But in its efforts to root out the next Bradley Manning (the Army private accused of leaking classified documents to WikiLeaks), the administration may be misfiring, according to one national security expert.
“This is paranoia, not security,” said Steven Aftergood, a national security specialist for the Federation of American Scientists, who obtained a copy of the memo.
What the administration is doing, he added, is taking programs commonly used at the CIA and other intelligence agencies to root out potential spies and expanding them to numerous other agencies — such as the State Department, the Energy Department, NASA, Homeland Security and Justice — where they are unlikely to work.
'It's triply absurd'
For example, the idea of requiring workers to report any contacts with members of the news media, as though all such contacts are suspicious, is “absurd” at the CIA, where it has long been standard policy, said Aftergood.
“It’s triply absurd at most other agencies,” he added.
Representatives of the OMB and the Director of National Intelligence Office didn’t immediately respond to requests for comment.
In late November, the OMB instructed senior federal officials throughout the government to set up special “assessment teams” to review how their agencies were safeguarding classified information. Robert Bryant, the chief counterintelligence official at the Director of National Intelligence Office, and William J. Bosanko of the Director of Information Security Oversight Office, which monitors the handling of classified information for the National Archives, prepared the memo outlining questions that agency officials should answer about their practices before reporting their progress to the OMB by Jan. 28.
The memo doesn’t directly mandate the actions federal agencies should take in fulfilling their requirement to safeguard classified information. But it appears designed to prod them to take strong measures.
“Strong counterintelligence and safeguarding postures are necessary to protect classified national security information,” the memo states. Citing the OMB directive, it then spells out “questions your department or agency assessment team should utilize, as an initial step to assess the current state of your information systems security.”
“Do you have an insider threat program or the foundation for such a program?’ the memo asks. It also seeks information about whether the agencies are using polygraphs and have instituted efforts to identify “unusually high occurrences of foreign travel, contacts or foreign preference” by employees.
Monitoring of former employees?
Perhaps the most impractical question, according to Aftergood, relates to what steps the agencies are taking to monitor whether federal workers have visited the WikiLeaks website before they started their jobs or after they retired.
“Do you capture evidence of pre-employment and/or post-employment activities or participation in online media data mining sites like WikiLeaks or Open Leaks?” the memo asks.
Aftergood said he was baffled as to how the administration expects to monitor what websites employees visit from their home computers after they have retired.
“It may be that this is what the administration needs to do to deflect congressional anger” over WikiLeaks, he said. “But some of it doesn’t make any sense.”