System to continuously scan behavior of cleared workers
- By Brian Robinson
- Mar 11, 2014
News that broke at the beginning of this week that U.S. intelligence agencies are planning to establish a system for automated, continuous monitoring of the background and behavior of government workers with secret clearances. Insider threats, which the system is aimed at preventing, have been a persistent and stubborn problem.
According to the original article, agency officials are “planning a sweeping system of electronic monitoring that would tap into government, financial and other databases” to continually scan the behavior of employees with secret clearances. It could be in place at certain agencies by September this year and be operational across the whole of the government two years later.
The system is reportedly based on the Automated Continuing Evaluation Systems (ACES), a decade-long Department of Defense project intended also for use by the Department of Homeland Security. It automates the collection and analysis of information from a wide range of sources and was planned as an additional tool for the vetting process that would enable checks of cleared workers between the initial background investigation and formal, periodic reinvestigations.
Over time, “its potential for streamlining the expensive and time-consuming clearance process is becoming apparent,” the DOD stated on Defense Personnel and Security Research Center website. As far as insider threats are concerned, it also saw ACES as providing “earlier detection and intervention and an increased range of issues for determining vulnerabilities.”
It’s not a new idea. In a December 2008 report on Security and Suitability Process Reform, the Bush administration called for a “transformed” hiring and clearance process that would leverage modern tools and technology. Automated record checks were included as a part of that, and even then ACES was seen as a system that could be quickly scaled to meet the new federal clearance requirements.
Recent events have dramatically ramped up government urgency about insider threats. The 2010 Wikileaks’ dump of government documents and the 2013 revelations of Edward Snowden revealed holes in government security. In July 2013, bipartisan legislation to reform the security check process was introduced that required the Office of Personnel Management to develop an automated review system that would send up red flags about cleared government employees.
Exactly how the new continuous monitoring system will work is unclear. In February, Director of National Intelligence James Clapper told a congressional panel that a continuous evaluation system that would extend across government and draw on six or seven data streams was needed, but didn’t give many details or say what it would cost, other than it would “be costly.”
ACES, which is still not fully operational, has so far cost over $80 million.
The original story published earlier this week cited current and former government officials who said the system will use private credit agencies, law enforcement databases and threat lists and sift through the data to spot unusual behavior patterns.
This kind of extensive dragnet will undoubtedly throw up questions about the privacy of workers who will be investigated through the system, particularly given the Snowden-inspired stories of National Security Agency surveillance.
But the idea is gaining support. The Intelligence and National Security Alliance, a consortium of public and private national security interests, recently issued a report saying that such continuous monitoring and evaluation was needed to “ensure near real-time changes about a cleared person are captured and evaluated on a much more frequent and reliable basis.”
Brian Robinson is a freelance technology writer for GCN.