FBI Insider Threat Program Documents Show How Little It Takes To Be Branded A Threat To The Agency
from the see-something-say-something-but-for-cubicles dept
Jason Leopold has obtained the FBI's training slides for its "insider threat" program. This would be the same program the FBI refused to discuss in detail with the Senate, walking out of the briefing when asked how the program would avoid sweeping up legitimate whistleblowers.
The federal government acts as though it's receptive to whistleblowing, but then undermines that sentiment with pretty much everything else it does. These insider threat programs have only become more severe after the Snowden leaks, asking federal government employees to treat normal, everyday behavior as inherently suspicious.
The Defense Department's insider threat program declared such innocuous things as visiting foreign countries and being in debt as warning signs. Worse, anything less than full support for US government policies was considered threatening behavior.
The FBI's presentation [PDF] isn't much better. FBI employees are encouraged to say something if they see something… and there are a lot of observable "somethings" on the list.
According to the training material, potential insider threats include federal employees who brag about what they know, work odd hours, travel overseas without a good reason, or ask their co-workers about classified information without a "need to know." Workers who consume alcohol, use drugs or have “psychological conditions” may also be insider threats, as are those facing disciplinary action or job termination.
[...]
Another slide says leaks occur because leakers are “disgruntled” and are motivated by “ego,” “financial gain,” and “divided loyalty.”
Some of these factors can be indicative of someone considering engaging in espionage. Unfortunately, a lot of these may also apply to whistleblowers. The FBI presentation spends a great deal of time comparing its lists of insider threat traits to those the government has successfully prosecuted but spends zero time discussing whistleblowers and their traits/motivations.
Considering the FBI's leaky status, especially in recent months, the document feels inconsistent at best. It feels like a good way for FBI employees to get rid of coworkers they don't like and a great way to foster an atmosphere of corrosive suspicion in FBI offices.
FBI employees will distrust each other, FBI officials will distrust nosy politicians… and, in a surprising revelation by Leopold, politicians will have even less reason to trust the FBI. As was noted earlier in this post, the FBI chose to walk out of a briefing rather than answer Sen. Chuck Grassley's question about whistleblower protections under the FBI's "insider threat" program. Thanks to the efforts of a media company (BuzzFeed) and a private citizen (Leopold), Grassley now has a copy of documents the Senator asked for months ago.
Grassley asked the FBI to send him its insider threat training material. He received a couple of videos and a brochure. But a spokesperson for Grassley told BuzzFeed News that the senator did not receive the training slides until BuzzFeed News sent a copy.
The documents released here don't answer Grassley's questions either. But recent history shows us the FBI is not a whistleblower-friendly agency. It seems to have no problem with very selective leaking, but isn't nearly as kind to those who use the official channels to report wrongdoing. An insider threat program like this doesn't help. Giving agents and employees sketchy reasons to distrust each other will only serve to deter whistleblowers before they even have a chance to experience the agency's unofficial retaliation program.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: fbi, insider threat
Reader Comments
Subscribe: RSS
View by: Time | Thread
Official channels?
Whistleblowing by definition does not work via official channels (or we'd be talking about interagency communication rather than whistleblowing).
If there are any official channels for whistleblowers in place, they are like door bells for sewer rats. Their purpose is to alert the housekeepers to the presence of vermin, not to facilitate the latters' objectives.
There will be no cheese handed out.
[ link to this | view in chronology ]
Re: Official channels?
Well, that's not strictly true.
If your co-workers are breaking the rules and you report on that to your boss, that's technically "blowing the whistle on" the rule-breaking - drawing attention to it so that people will realize that it's going on.
Similarly, if your boss is breaking the rules and your report on it to his boss, that's "blowing the whistle on" the rule-breaking again. This is probably technically going outside of official channels - but if your organization has established specific channels for reporting wrongdoing, and you report wrongdoing to those channels, the fact that they're official doesn't make it any less whistleblowing.
The problem comes in when the people you're required to report to, under the official channels, either are or are under the control/command of the people engaged in or authorizing the wrongdoing. At that point, the official channels are somewhere in the range from worthless to actually dangerous.
[ link to this | view in chronology ]
But... whistleblowers are threats... No?
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:Or they themselves might just be the problem
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
Threat is an over-used justification that doesn't mean what most people think it means.
The fact that someone may be a threat to you doesn't justify self defense if they are a threat to you because you are a criminal and they want to report your crimes.
[ link to this | view in chronology ]
Comey
[ link to this | view in chronology ]
Re: Comey
[ link to this | view in chronology ]
Given the FBI's propensity to create criminals..
See here: http://www.igpub.com/the-terror-factory/
...then wouldn't their attempts at classifying everything as suspicious behaviour (y'know, like did the deputy in ELVIS ELVIS RAMIREZ-TAMAYO V. THE STATE OF TEXAS - "because drug traffickers have been seen breathing, then breathing is an indicia of drug trafficking"), simply be that they're just trying to make their jobs easier by having other people do their work?
Why attribute malice to something when laziness explains it?
[ link to this | view in chronology ]
Re: Given the FBI's propensity to create criminals..
[ link to this | view in chronology ]
Department of Defense on debt
[ link to this | view in chronology ]
[...]
Another slide says leaks occur because leakers are “disgruntled” and are motivated by “ego,” “financial gain,” and “divided loyalty.”
Good, you have just described 160,213,000 people in the United States.
Sauce:
https://www.bls.gov/news.release/pdf/empsit.pdf
Now, is there ANYONE that isn't a threat to the US?
Answer is: US, as in "us", not "you".
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
Now, is there ANYONE that isn't a threat to the US?
Of course. The US population is about 321,400,000, so if 160,213,000 are a threat, then 161,187,000 are not. That's slightly more than half the population right there.
[ link to this | view in chronology ]
On today's episode of Techdirt Advertising Theatre...
http://imgur.com/a/A1BVy
(from the the-markdown-link-says-i-can-embed-images-but-they-don't-actually-show-up-when-i-hit-preview dept)
[ link to this | view in chronology ]
Hope
P.S. Never enough kudos for Mr. Snowden.
P.P.S. Shame on President Obama for failing to provide a pardon for Mr. Snowden.
[ link to this | view in chronology ]
Those criteria look more-or-less legit to me...
Certainly we don't want somebody that enjoys a glass of wine with dinner to be automatically under suspicion (I am pretty sure the information is referring to actual alchoholics), but really, these look like reasonable criteria. Working odd hours IS suspicious. Flying suddenly to a foreign country for a long weekend is not how most people take vacation. Every employee is told specifically to NOT brag about their access to information, and to NOT ask for information they don't need. And I'm pretty sure most security professionals could tell you that disgruntled or soon-to-be-fired employees are inside threats; that's Security 101... And, yes, many leakers do so for financial gain, and many do so for Ego.
I'm just not seeing what I'm supposed to be angry about here. It doesn't say something like "raises concerns about illegality", or "makes calls to media organizations", or "too concerned about ethics." Instead, I'm seeing a very standard list of criteria that are a starting point for basic counter-intelligence.
[ link to this | view in chronology ]
Re: Those criteria look more-or-less legit to me...
Another issue becomes, of course, who decides what is too much alcohol? Who decides what is a "good reason" to visit a foreign country? Who decides what constitutes "odd hours"? This is liable to result in a lot of false alarms because these sort of policies make people hyper-sensitive to any deviation from what they, personally, consider 'the norm.'
[ link to this | view in chronology ]
You misunderstand the purpose
Yes, triggering a bunch of these guidelines might get you investigated, especially if they are trying to find the source of a leak. But odd travel and the like are not, in and of themselves, grounds for disciplinary action.
There's no "protections" for whistleblowers needed, because whistleblowing status (or not) isn't part of finding where a leak originated, it's part of deciding if you are going to be punished for it, which is not what these guidelines are about.
[ link to this | view in chronology ]
You misunderstand my response!
As for your comment about the purpose of these guidelines: those things may not be their "purpose," but it's a decent bet they'll be abused in that manner.
[ link to this | view in chronology ]
"Abused" to do what though?
These guidelines exist to help them FIND leakers of all stripes (whether they are whistleblowers, spies, or people selling information for money), but they don't have anything to do with the resulting consequences.
[ link to this | view in chronology ]
Re: "Abused" to do what though?
You don't have to be a whistleblower or a threat; you just have to have someone who doesn't like you and is high up enough to make your life miserable.
And once again, I don't think these guidelines, IF APPLIED PROPERLY, are bad or off base. I think most of us on TD are rigtfully pissed that this is what theyare focusingnon INSTEAD OF creating any sort of process or protections for actual whistleblowers. It shows where their priorities lie.
[ link to this | view in chronology ]
He did it..
He did it,
They did it,
SOMEONE DID IT...
No, She did it..
Shut up..the DOG DID IT..
[ link to this | view in chronology ]
Re: He did it..
[ link to this | view in chronology ]
So suicide then?
[ link to this | view in chronology ]