FBI Insider Threat Program Documents Show How Little It Takes To Be Branded A Threat To The Agency

from the see-something-say-something-but-for-cubicles dept

Jason Leopold has obtained the FBI’s training slides for its “insider threat” program. This would be the same program the FBI refused to discuss in detail with the Senate, walking out of the briefing when asked how the program would avoid sweeping up legitimate whistleblowers.

The federal government acts as though it’s receptive to whistleblowing, but then undermines that sentiment with pretty much everything else it does. These insider threat programs have only become more severe after the Snowden leaks, asking federal government employees to treat normal, everyday behavior as inherently suspicious.

The Defense Department’s insider threat program declared such innocuous things as visiting foreign countries and being in debt as warning signs. Worse, anything less than full support for US government policies was considered threatening behavior.

The FBI’s presentation [PDF] isn’t much better. FBI employees are encouraged to say something if they see something… and there are a lot of observable “somethings” on the list.

According to the training material, potential insider threats include federal employees who brag about what they know, work odd hours, travel overseas without a good reason, or ask their co-workers about classified information without a “need to know.” Workers who consume alcohol, use drugs or have “psychological conditions” may also be insider threats, as are those facing disciplinary action or job termination.

[…]

Another slide says leaks occur because leakers are “disgruntled” and are motivated by “ego,” “financial gain,” and “divided loyalty.”

Some of these factors can be indicative of someone considering engaging in espionage. Unfortunately, a lot of these may also apply to whistleblowers. The FBI presentation spends a great deal of time comparing its lists of insider threat traits to those the government has successfully prosecuted but spends zero time discussing whistleblowers and their traits/motivations.

Considering the FBI’s leaky status, especially in recent months, the document feels inconsistent at best. It feels like a good way for FBI employees to get rid of coworkers they don’t like and a great way to foster an atmosphere of corrosive suspicion in FBI offices.

FBI employees will distrust each other, FBI officials will distrust nosy politicians… and, in a surprising revelation by Leopold, politicians will have even less reason to trust the FBI. As was noted earlier in this post, the FBI chose to walk out of a briefing rather than answer Sen. Chuck Grassley’s question about whistleblower protections under the FBI’s “insider threat” program. Thanks to the efforts of a media company (BuzzFeed) and a private citizen (Leopold), Grassley now has a copy of documents the Senator asked for months ago.

Grassley asked the FBI to send him its insider threat training material. He received a couple of videos and a brochure. But a spokesperson for Grassley told BuzzFeed News that the senator did not receive the training slides until BuzzFeed News sent a copy.

The documents released here don’t answer Grassley’s questions either. But recent history shows us the FBI is not a whistleblower-friendly agency. It seems to have no problem with very selective leaking, but isn’t nearly as kind to those who use the official channels to report wrongdoing. An insider threat program like this doesn’t help. Giving agents and employees sketchy reasons to distrust each other will only serve to deter whistleblowers before they even have a chance to experience the agency’s unofficial retaliation program.

Filed Under: ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “FBI Insider Threat Program Documents Show How Little It Takes To Be Branded A Threat To The Agency”

Subscribe: RSS Leave a comment
26 Comments
David says:

Official channels?

It seems to have no problem with very selective leaking, but isn’t nearly as kind to those who use the official channels to report wrongdoing.

Whistleblowing by definition does not work via official channels (or we’d be talking about interagency communication rather than whistleblowing).

If there are any official channels for whistleblowers in place, they are like door bells for sewer rats. Their purpose is to alert the housekeepers to the presence of vermin, not to facilitate the latters’ objectives.

There will be no cheese handed out.

The Wanderer (profile) says:

Re: Official channels?

Well, that’s not strictly true.

If your co-workers are breaking the rules and you report on that to your boss, that’s technically "blowing the whistle on" the rule-breaking – drawing attention to it so that people will realize that it’s going on.

Similarly, if your boss is breaking the rules and your report on it to his boss, that’s "blowing the whistle on" the rule-breaking again. This is probably technically going outside of official channels – but if your organization has established specific channels for reporting wrongdoing, and you report wrongdoing to those channels, the fact that they’re official doesn’t make it any less whistleblowing.

The problem comes in when the people you’re required to report to, under the official channels, either are or are under the control/command of the people engaged in or authorizing the wrongdoing. At that point, the official channels are somewhere in the range from worthless to actually dangerous.

Bergman (profile) says:

Re: Re:

To a criminal, police are threats. To a criminal, anyone dialing 911 is a threat. If a kid sneaks out of the house at night his parents are a threat.

Threat is an over-used justification that doesn’t mean what most people think it means.

The fact that someone may be a threat to you doesn’t justify self defense if they are a threat to you because you are a criminal and they want to report your crimes.

ThaumaTechnician (profile) says:

Given the FBI's propensity to create criminals..

See here: http://www.igpub.com/the-terror-factory/
…then wouldn’t their attempts at classifying everything as suspicious behaviour (y’know, like did the deputy in ELVIS ELVIS RAMIREZ-TAMAYO V. THE STATE OF TEXAS – "because drug traffickers have been seen breathing, then breathing is an indicia of drug trafficking"), simply be that they’re just trying to make their jobs easier by having other people do their work?

Why attribute malice to something when laziness explains it?

Anonymous Coward says:

Department of Defense on debt

Just want to point out that the DoD’s policy on debt is what they term ‘unsecured debt’ of 10,000USD or more. That refers to debt that has gone to collections or is delinquent more than 90 days or so. It doesn’t refer to just having some credit card debt you are paying slowly or a mortgage that you are current on. And you can continue to work for the DoD, you just can’t get a security clearance which is not required for all jobs.

Anonymous Coward says:

According to the training material, potential insider threats include federal employees who brag about what they know, work odd hours, travel overseas without a good reason, or ask their co-workers about classified information without a “need to know.” Workers who consume alcohol, use drugs or have “psychological conditions” may also be insider threats, as are those facing disciplinary action or job termination.

[…]

Another slide says leaks occur because leakers are “disgruntled” and are motivated by “ego,” “financial gain,” and “divided loyalty.”

Good, you have just described 160,213,000 people in the United States.

Sauce:

https://www.bls.gov/news.release/pdf/empsit.pdf

Now, is there ANYONE that isn’t a threat to the US?

Answer is: US, as in “us”, not “you”.

Anonymous Coward says:

Hope

There will continue to be a few, deeply ethical, fully-committed patriots, who risk the sacrifice of their public reputations and even lives to disclose the abuses of the FBI, et al., to warn the citizenry.

P.S. Never enough kudos for Mr. Snowden.

P.P.S. Shame on President Obama for failing to provide a pardon for Mr. Snowden.

SirWired says:

Those criteria look more-or-less legit to me...

“According to the training material, potential insider threats include federal employees who brag about what they know, work odd hours, travel overseas without a good reason, or ask their co-workers about classified information without a “need to know.” Workers who consume alcohol, use drugs or have “psychological conditions” may also be insider threats, as are those facing disciplinary action or job termination.”

Certainly we don’t want somebody that enjoys a glass of wine with dinner to be automatically under suspicion (I am pretty sure the information is referring to actual alchoholics), but really, these look like reasonable criteria. Working odd hours IS suspicious. Flying suddenly to a foreign country for a long weekend is not how most people take vacation. Every employee is told specifically to NOT brag about their access to information, and to NOT ask for information they don’t need. And I’m pretty sure most security professionals could tell you that disgruntled or soon-to-be-fired employees are inside threats; that’s Security 101… And, yes, many leakers do so for financial gain, and many do so for Ego.

I’m just not seeing what I’m supposed to be angry about here. It doesn’t say something like “raises concerns about illegality”, or “makes calls to media organizations”, or “too concerned about ethics.” Instead, I’m seeing a very standard list of criteria that are a starting point for basic counter-intelligence.

William Braunfeld (profile) says:

Re: Those criteria look more-or-less legit to me...

I don’t disagree with you, actually. I think the main concern should be more focused on them not having guidelines or programs to protect whistleblowers from retaliation; while these criteria seem somewhat reasonable (with the caveat that I believe everyone watching each other like hawks is bad for any business or organization), I think what TD’s more concerned about is that they’re unilateral, with no protections built in for whistleblowers (or normal employees who just happen to meet criteria on the list).
Another issue becomes, of course, who decides what is too much alcohol? Who decides what is a “good reason” to visit a foreign country? Who decides what constitutes “odd hours”? This is liable to result in a lot of false alarms because these sort of policies make people hyper-sensitive to any deviation from what they, personally, consider ‘the norm.’

Anonymous Coward says:

Re: Re: You misunderstand the purpose

The purpose of these guidelines isn’t “Travel funny, get fired”, “Work odd hours, off to Guantanamo”, “Buy nice car, go to interrogation”, “Have a bender, get arrested”, etc.

Yes, triggering a bunch of these guidelines might get you investigated, especially if they are trying to find the source of a leak. But odd travel and the like are not, in and of themselves, grounds for disciplinary action.

There’s no “protections” for whistleblowers needed, because whistleblowing status (or not) isn’t part of finding where a leak originated, it’s part of deciding if you are going to be punished for it, which is not what these guidelines are about.

William Braunfeld (profile) says:

Re: Re: Re: You misunderstand my response!

I did say I didn’t disagree :p However, the reason why most TDians find this so rank is because there aren’t any whistleblower protections, and there don’t like like there are ever gonna BE any. I’m not saying this particular program is where they should be investigated; I’m saying that this program looks even worse IN LIGHT OF the current circumstances vis-a-vis whistleblowing.
As for your comment about the purpose of these guidelines: those things may not be their “purpose,” but it’s a decent bet they’ll be abused in that manner.

SirWired (profile) says:

Re: Re: Re:2 "Abused" to do what though?

If one is a whistleblower, and is found out, your punishment (or not) won’t depend on how many of these guidelines you did or did not trigger. Okay, if you sold information for actual money, you are in extra-deep $hit. But “working long hours” isn’t something they can exactly include in their sentencing recommendation.

These guidelines exist to help them FIND leakers of all stripes (whether they are whistleblowers, spies, or people selling information for money), but they don’t have anything to do with the resulting consequences.

William Braunfeld (profile) says:

Re: Re: Re:3 "Abused" to do what though?

Abused to harass coworkers. Abused to punish employees “off the books” by harassing them, wasting their time, intimidating them. Abused to harass “undesirables” to try to drive them out and make them quit. In short: office politics.
You don’t have to be a whistleblower or a threat; you just have to have someone who doesn’t like you and is high up enough to make your life miserable.
And once again, I don’t think these guidelines, IF APPLIED PROPERLY, are bad or off base. I think most of us on TD are rigtfully pissed that this is what theyare focusingnon INSTEAD OF creating any sort of process or protections for actual whistleblowers. It shows where their priorities lie.

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »