2016]
445
CONTINUOUS EVALUATION: WELCOMING
GOVERNMENT EMPLOYEES TO THE WORLD OF MASS
SURVEILLANCE
Kyle Ebersole*
INTRODUCTION
Everyone has considered, in a moment of introspection, exactly what
she might give up to get that perfect job. For some it might be saying goodbye to a higher salary to land the position they truly love. Others might give
up time with family to move up the corporate ladder. More prosaically,
many people think nothing of giving up a fingerprint or credit history to
convince a potential employer of their trustworthiness. For everyone fortunate enough to have employment options, however, there must be some
limit to what they are willing to give up. The pay cut eventually becomes
too steep, the commute too long, or the inquiry too intrusive. While any
number of jobs call for a criminal background check or a drug test, few
careers demand the intrusive level of investigation as those in government.
Iris scans, polygraphs, finance and travel checks, and background investigations, having apparently been found insufficient, the government now proposes the continual monitoring of employees to eliminate the insider threat.
After the massive and high profile leaks of intelligence information
credited to Chelsea (Bradley) Manning and Edward Snowden and the Navy
Yard shooting by a government contractor that followed, the government
decided to look more closely at the trustworthiness of its own employees.1
In particular, the government identified as potential “insider threats” those
employees holding positions of public trust who were already cleared to
handle national security information. To further examine the intentions and
motivations of this workforce, which is already subject to background investigations and checks, the government has proposed a system of continu-
*
George Mason University School of Law, J.D. Candidate, May 2017; Associate Editor,
GEORGE MASON LAW REVIEW, 2015-2016. Thank you to my fellow editors and members for your work
preparing this Comment for publication.
1 Joe Davidson, Report Says Lack of Review Over Security Clearances Can Lead to Too Many
Clearances, WASH. POST (Nov. 19, 2013), https://www.washingtonpost.com/politics/federal_
government/report-says-lack-of-review-over-security-clearances-can-lead-to-too-manyclearances/2013/11/19/7f8b107a-515c-11e3-9e2c-e1d01116fd98_story.html [hereinafter Davidson, Too
Many Clearances].
446
GEO. MASON L. REV.
[VOL. 23:2
ous evaluation, which could continually check an expanding network of
databases and sites to monitor the behavior of its employees at all times.2
Public employees have little to rely on to counter this increasing government wariness over their loyalty and suitability. Though courts have
gradually extended protections against unreasonable negative employment
actions, the government, like any employer, retains broad discretion—even
more so when dealing with matters that fall under the wide umbrella of
national security. As the Supreme Court explained over thirty years ago,
“[T]he unchallenged dogma was that a public employee had no right to
object to conditions placed upon the terms of employment—including those
which restricted the exercise of constitutional rights.”3 The Court moved
away from that dogma in the second half of the 20th century, providing
employees with modest protections in a series of cases.4 The majority of
these protections have involved employees’ First Amendment rights.5 Given both the expressive nature of an employee’s online presence and the
privacy interests inherent in an employee’s aggregated personal and commercial interactions, the time is approaching to take the next step in extending protections to government employees.
This Comment argues that advances in technology and their proposed
use to monitor cleared federal government employees for warning signs of
disloyal behavior would go so far to reduce an employee’s privacy that the
government should proactively accept certain limitations and safeguards
prior to implementation. Part I of this Comment provides a brief summary
of the history of federal civilian employment and the security clearance
process, followed by overviews of federal employment law, particularly
regarding cleared employees, and privacy law. Part II details the genesis
and development of continuous monitoring or evaluation proposals and
some plausible versions of this still developmental technology. Part III argues that, even given the great deference to the government in protecting
national security information, the balance of interests favors privacy protections for cleared employees. Finally, Part IV suggests ways to tailor the
program to rebalance the interests in favor of the government by building
certain protections for employees into the system.
2 OFFICE OF MGMT. & BUDGET, EXEC. OFFICE OF THE PRESIDENT, SUITABILITY AND SECURITY
PROCESSES REVIEW 8 (2014), http://www.whitehouse.gov/sites/default/files/omb/reports/suitabilityand-security-process-review-report.pdf.
3 Connick v. Myers, 461 U.S. 138, 143 (1983).
4 See, e.g., Pickering v. Bd. of Educ., 391 U.S. 563 (1968) (freedom of expression); Keyishian v.
Bd. of Regents, 385 U.S. 589 (1967) (organizational membership); Wieman v. Updegraff, 344 U.S. 183
(1952) (loyalty oaths).
5 Paul M. Secunda, The (Neglected) Importance of Being Lawrence: The Constitutionalization of
Public Employee Rights to Decisional Non-Interference in Private Affairs, 40 U.C. DAVIS L. REV. 85,
88, 105 (2006).
2016]
I.
CONTINUOUS EVALUATION
447
ASSASSINATION, LOYALTY OATHS, AND “MOSAIC THEORY”: A BRIEF
HISTORY OF FEDERAL GOVERNMENT EMPLOYMENT, SECURITY
CLEARANCES, AND PRIVACY LAW
The government has always wanted to keep some information secret,
of course.6 While there have always been secrets, there have not always
been federal government employees, and so the government has had a need
over the country’s history to develop methods to decide which secrets it
could entrust to which employees.7 It is more debatable that private citizens
have always been able to keep information private, but nonetheless, the
right to privacy has also matured. This Section provides a brief history of
how federal government employment has evolved, the process by which the
government authorizes employees to access classified information, and the
current state of federal employment and privacy law. Finally, these tangentially related topics are tied together to provide a framework for understanding proposals that would subject certain government employees to continuous monitoring.
A.
The First Public Employees and Their Secrets
The history of public employees, particularly the civil service, is typically broken up into several periods.8 The first, the patronage system, lasted
until 1883.9 The creation of the civil service at that time ushered in a new
era in federal government employment.10 A series of post-World War II
reforms extended rights of appeal for employment decisions throughout the
government.11
6
For instance, the intelligence community credits George Washington as the nation’s first intelligence director. See A Look Back . . . George Washington: America’s First Military Intelligence Director, CENT. INTELLIGENCE AGENCY (July 12, 2007, 7:31 AM), https://www.cia.gov/newsinformation/featured-story-archive/2007-featured-story-archive/george-washington.html.
7 This is not without good reason, however, because trusted employees began to betray their
employer’s confidence before the nascent government was even formed. In an interesting bit of legal
trivia, infamous traitor Benedict Arnold communicated with the British using a cipher based on words
found in Blackstone’s Commentaries on the Laws of England. Jennifer Wilcox, Revolutionary Secrets:
The Secret Communications of the American Revolution, NAT’L SECURITY AGENCY, https://
www.nsa.gov/about/cryptologic_heritage/center_crypt_history/publications/prewwii.shtml (download
file from “Pre-WWII” table) (last visited Jan. 15, 2016).
8 Douglas A. Brook & Cynthia L. King, Civil Service Reform as National Security: The Homeland Security Act of 2002, 67 PUB. ADMIN. REV. 399, 400 (2007).
9 Ari Hoogenboom, The Pendleton Act and the Civil Service, 64 AM. HIST. REV. 301, 301-02
(1959).
10 See Edward H. Passman & Bryan J. Schwartz, In the Name of Security, Insecurity: The Trend to
Diminish Federal Employees’ Rights, 21 LAB. LAW. 57, 59 (2005) (discussing the creation of the civil
service).
11 Id. at 60-62.
448
GEO. MASON L. REV.
[VOL. 23:2
For roughly the first century of American history, public positions
were filled by appointment, with politicians rewarding supporters with employment.12 Keeping these positions meant supporting one’s patron. As a
result, employee turnover was high, and loyalty was to an individual politician, not the agency or government.13 The corrupt and untrustworthy nature
of such a system was apparent to commentators of the time, but reform required a catalyst.14 That catalyst was the assassination of President James
Garfield in 1881.15 Garfield’s assassin, Charles Guiteau—besides likely
being insane—was frustrated with his inability to land a patronage position
with the government.16 Shortly afterwards, Congress passed the Pendleton
Act, which required selection for some positions to be merit based.17 While
support within the government for reform that robbed politicians of their
ability to reward supporters waxed and waned, by the turn of the century,
public employment was well on the way to being professionalized.18 Without the bounds of personal loyalty, however, government leaders would
search for other ways to ensure that their employees were devoted to the
government.19
In the decades following, Presidents McKinley and Taft would both
sign civil service legislation providing that terminations could only be made
for cause and with reasons provided in writing.20 Further reforms under
other presidents would enable employees to answer those reasons.21 An
appeals process was instituted for veterans, and then for all employees.22
Executive orders created review boards, and later reforms established new
versions.23 Reforms introduced standards for evidence, allowed union negotiations, and established time limits for hearings.24 In fits and starts, administrations have continually reformed federal-employment rights, particularly
in the realm of process.
While reforms occasionally started with only limited segments of federal employees, such as the original 1883 classified service, the reforms
12
Hoogenboom, supra note 9, at 301-02.
Id. at 302-03.
14 See id. at 301.
15 Id. at 303.
16 CANDICE MILLARD, DESTINY OF THE REPUBLIC: A TALE OF MADNESS, MEDICINE, AND THE
MURDER OF A PRESIDENT 114, 236 (2011).
17 Civil Service Reform (Pendleton) Act, ch. 27, 22 Stat. 403 (1883) (codified as amended in
scattered sections of 5 U.S.C.); Hoogenboom, supra note 9, at 303.
18 Hoogenboom, supra note 9, at 315, 318.
19 Some of the measures that Presidents took are described below in Part I.B.1.
20 Passman & Schwartz, supra note 10, at 60.
21 Id. at 60-62.
22 Id. at 60.
23 Id. at 60-62.
24 Id. at 62-63.
13
2016]
CONTINUOUS EVALUATION
449
would eventually spread throughout the government.25 For example, the
ability to appeal an adverse action, originally given only to veterans in
1944, was extended to nonveteran employees in 1962.26 Most reform initiatives are of general applicability; however, the current continuous evaluation proposals are limited to employees with security clearances. The next
Section will define clearances and provide a picture of the segment of the
federal workforce with security clearances.
B.
Security Clearances: How to Gain and Lose Them
Though the government has always had a need to keep certain information confidential, it has not always had formal mechanisms in place to
categorize and track either the information or the people who would have
access to it. In fact, the first formal system of arranging information into
certain classification levels dates only to the World War I era.27 Since then,
a number of measures have been used to determine which employees were
trustworthy enough to have access to classified information and positions of
public trust.
1.
From Loyalty to Security
One early measure, the Hatch Act of 1939,28 was primarily intended to
depoliticize federal employees, but included a clause that limited employees’ membership in organizations that advocated the overthrow of the government.29 The World War II period saw several regulations reinforcing the
necessity of loyalty to the government and even allowed the FBI to investigate employees thought to belong to subversive organizations.30 After the
end of the war, President Truman issued Executive Order 9835,31 which
instituted procedures to investigate employees and applicants of selected
agencies and to report the results of those investigations to agency “loyalty
boards.”32 Truman would also issue an executive order instituting the classi25
Id. at 57, 59.
Passman & Schwartz, supra note 10, at 57, 60.
27 Charles Pollack, Article, A Delicate Balance: Federal Employees, Security Clearances, and the
Role of the Federal Circuit, 23 FED. CIR. B.J. 133, 136 (2013).
28 Hatch Political Activity Act, Ch. 410, 53 Stat. 1147 (1939).
29 William J. Schrenk, Jr., Comment, Constitutional Law—The President’s Loyalty Order—
Standards, Procedure, and Constitutional Aspects, 46 MICH. L. REV. 942, 942-43 (1948).
30 See, e.g., Exec. Order 8781, 6 Fed. Reg. 2895 (June 12, 1941) (requiring fingerprinting);
Schrenk, Comment, supra note 29, at 943-45 (discussing the FBI’s investigations of those believed to be
subversive).
31 Schrenk, Comment, supra note 29, at 943.
32 Id. at 944-45.
26
450
GEO. MASON L. REV.
[VOL. 23:2
fication regime introduced by the military in World War I to the rest of the
government, as well as securing the place of the classification levels,33 described in Part I.B.2 of this Comment.
President Eisenhower replaced this loyalty system with a new program
intended to emphasize “security” over “loyalty.”34 This program was supposed to determine an employee’s “reliability, trustworthiness, good conduct and character, and loyalty to the United States.”35 Employees not meeting those standards could request a hearing on the matter, but they had limited insight into the information being held against them.36 This transition
from loyalty to security appears to have been motivated, in part at least, to
avoid the contention over loyalty oaths and other reactions to the communist scare of the previous decades.37 And during the following decades,
presidents would continually tweak the system of employee investigations,
reviews, and classification. Several more executive orders, presidential directives, security agency reorganizations, and even the occasional statute
would implement improvements to the personnel security program.38 Today, the Office of Personnel Management (“OPM”) oversees the investigation of federal employees requiring security clearances.39 The President has
standardized the requirements for investigation, reciprocity among government agencies, and the systems that track all of this.40
33
Exec. Order 10290, 16 Fed. Reg. 9795 (Sep. 24, 1951) (prescribing standards for classification).
Exec. Order 10450, 18 Fed. Reg. 2489 (Apr. 27, 1953); see also William Henderson, A Brief
History of the U.S. Personnel Security Program, CLEARANCE JOBS (Jun. 29, 2009), https://
news.clearancejobs.com/2009/06/29/a-brief-history-of-the-u-s-personnel-security-program/.
35 Henderson, supra note 34.
36 In is not apparent that these were merely pro forma hearings however. For example, Robert
Oppenheimer, “father of the atomic bomb,” had his security clearance revoked in 1953 after such a
hearing due to prior associations with members of the communist party. See Terry Fehner, Unlocking
the Mysteries of the J. Robert Oppenheimer Transcript, ENERGY.GOV (Oct. 3, 2014), http://
energy.gov/articles/unlocking-mysteries-j-robert-oppenheimer-transcript. The declassified transcripts of
that hearing run to 19 volumes. See J. Robert Oppenheimer Personnel Hearings Transcripts, U.S. DEP’T
OF ENERGY, https://www.osti.gov/opennet/hearing.jsp (last visited Jan. 15, 2016).
37 One law review article published in the Yale Law Journal questioning the requirements of
“loyalty” occasioned a reply from J. Edgar Hoover, the director of the FBI. See Thomas I. Emerson &
David M. Helfield, Reply by the Authors, 58 YALE L.J. 412, 412-13 (1949) (observing Hoover’s statement that some of the conclusions in the previous article written by Emerson and Helfield were comparable to those expressed “on the pages of the Daily Worker, the publication of the Communist Party”).
38 See generally Henderson, supra note 34.
39 Id.
40 Id.
34
2016]
2.
CONTINUOUS EVALUATION
451
What are Secrets and Who Gets to Keep Them?
A security clearance is simply the eligibility to have access to classified information.41 Classified information is information that, if improperly
disclosed, would cause some level of damage to the United States.42 Clearances and access to classified information are administered under Executive
Order 12968.43 Different levels of classification require different security
clearances. While there are an array of levels, caveats, compartments, and
programs, a handful of classifications cover the most common types of
classified information. Most classified information is deemed Confidential,
Secret, or Top Secret, depending on whether its disclosure would cause
damage, serious damage, or exceptionally grave damage to national security.44 Of course, these are general baseline definitions, which may not tell us
much about the actual information being protected, but they do serve as
nominal benchmarks for the level of protection the information requires.45
Additionally, much classified information is “compartmentalized,” meaning
that access to it is further limited.46
Having a security clearance means that one is eligible to handle information protected at a certain level, has a need to know that information, and
has completed the administrative requirements to be given that access. This
eligibility comprises three parts: the background investigation, “need-toknow,” and an agreement not to disclose.47 The stringency of the background investigation varies with the level of access sought.48
Three varieties of clearances are commonly encountered: Secret, Top
Secret, and Top Secret / Sensitive Compartmented Information (“TS/SCI”).
As the names suggest, these clearances correspond to the types of classified
information.49 A Secret clearance requires a check of criminal and other
databases, a signed agreement, and a position that requires access to Confi41 SHELDON I. COHEN, SECURITY CLEARANCES AND THE PROTECTION OF NATIONAL SECURITY
INFORMATION: LAW AND PROCEDURES 2 (2000).
42 KEVIN R. KOSAR, CONG. RESEARCH SERV., R41528, CLASSIFIED INFORMATION POLICY AND
EXECUTIVE ORDER 13526, at 2 (2010); see also 18 U.S.C. § 798(b) (2012).
43 Exec. Order 12968, 60 Fed. Reg. 40,245, 40,248 (Aug. 2, 1995).
44 COHEN, supra note 41, at 72.
45 Material that includes personal, protected information, or law enforcement information is not
included in this definition and is handled separately, usually as For Official Use Only or Law Enforcement Sensitive, to protect data such as social security numbers, personal phone numbers, or other similar
information from disclosure.
46 COHEN, supra note 41, at 72.
47 Id. at 2, 6.
48 This summary reflects a typical clearance process that, like anything else, may vary in actual
application.
49 Dennis J. Sysko, Understanding National Security Clearance Law, in RECENT TRENDS IN
NATIONAL SECURITY LAW: LEADING LAWYERS ON BALANCING U.S. NATIONAL SECURITY CONCERNS
AND THE RIGHTS OF CITIZENS 41 (2014), Westlaw, 2014 WL 2315050, at *6.
452
GEO. MASON L. REV.
[VOL. 23:2
dential and Secret information.50 A Top Secret clearance requires a more
thorough investigation, the Single-Scope Background Investigation
(“SSBI”), the agreement, and a position requiring access to Top Secret information.51 Finally, a TS/SCI clearance requires the SSBI, the agreement,
and a position requiring access to Top Secret information and “information
concerning intelligence, particularly the ‘sources and methods’ of gathering
intelligence.”52 Additionally, information at this level is “compartmentalized,” with individuals being given access to only certain portions to which
they have been “read-on.” These compartments generally correspond to
some method of collection, and some are more commonly granted than
others.53 The requirements for access are the same, with access granted on
the requirements of the position or organization to which the clearance
holder belongs.
Altogether, there are approximately five million Americans eligible for
access to classified information.54 About three and a half million of those
are at Secret level or lower, and not quite one and a half million are at the
Top Secret level.55 Significantly fewer actually have access at any given
time, depending on the requirements of their job.56
Prior to receiving a clearance, a candidate undergoes a background investigation. The SSBI, which those seeking a Top Secret or TS/SCI clearance must undergo, requires the candidate to submit information on their
family, employment, education, residence, foreign contacts, references, and
other topics for the past ten years.57 A candidate will sign releases for credit
and, in some cases, medical information at the same time, and fingerprints
are also taken.58 After submitting this information, an investigator will query various databases, interview references, and otherwise attempt to verify
the information.59 If anything negative is noted, the investigator may reengage the applicant to explain the discrepancy and will then make a recommendation on whether the clearance should be granted or not.60 An adjudicator then looks at any conditions that may raise concerns under a set of
50
COHEN, supra note 41, at 14.
Id. at 6, 14-15.
52 Id.
53 See id. at 6, 9.
54 OFFICE OF THE DIR. OF NAT’L INTELLIGENCE, 2012 REPORT ON SECURITY CLEARANCE
DETERMINATIONS 3 tbl.1 (2013) [hereinafter DNI, 2012 REPORT].
55 Id.
56 Id. at 4 tbl.2.
57 See COHEN, supra note 41, at 14-15.
58 Id.
59 Id. at 19-20.
60 Id. at 49.
51
2016]
CONTINUOUS EVALUATION
453
guidelines.61 These guidelines, of which there are thirteen, focus on areas of
concern and their mitigation.62
Any question of an employee’s behavior in one of the thirteen areas,
which cannot be mitigated, is to be resolved in the interests of national security. This process is repeated every five years for as long as the clearance
holder requires access.63 Though not necessarily part of the clearance process, most clearance holders will submit additional biometric information to
the government as part of their job responsibilities. For example, many will
give DNA samples, particularly those in the military or those going overseas. Many others will provide an iris scan for building access.64 As a further check, a number of agencies responsible for granting access to employees will require polygraph examinations.65 In a similar context, publicsafety agencies are requiring applicants to provide their social media passwords, so that officials can check Facebook or other accounts.66 All together, the government checks the financial and medical records; histories of
employment, education, and residency; names of friends and family; responses to personal interviews; and increasingly accesses the candid musings of social media and collects fingerprint, DNA, and other biometric data
on several million people.67
3.
Violations by Cleared Individuals
Despite the government’s checks, it occasionally grants a clearance to
someone who decides to betray that trust.68 A result of the nature of the
cases where a cleared individual has betrayed the country is the influence it
has had on the investigation of employees for security clearances. Histori61
Id. at 26-28.
The thirteen are: Allegiance to the United States, Foreign Influence, Foreign Preference, Sexual
Behavior, Personal Conduct, Financial Considerations, Alcohol Consumption, Drug Involvement,
Psychological Conditions, Criminal Conduct, Handling Protected Information, Outside Activities, and
Use of Information Technology Systems. See OFFICE OF THE DIR. OF NAT’L INTELLIGENCE,
INTELLIGENCE COMMUNITY POLICY GUIDANCE NO. 704.2: PERSONNEL SECURITY ADJUDICATING
GUIDELINES FOR DETERMINING ELIGIBILITY FOR ACCESS TO SENSITIVE COMPARTMENTED
INFORMATION AND OTHER CONTROLLED ACCESS PROGRAM INFORMATION, at A-2 (2008),
http://www.ncix.gov/publications/policy/docs/ICPG_704-2_Adjudicative%20Guidelines.pdf.
63 COHEN, supra note 41, at 19.
64 Jason Miller, DoD to Use Iris Scans, Fingerprints for Building Security, FED. NEWS RADIO
(Apr. 9, 2012), http://www.federalnewsradio.com/?nid=396&sid=2817314&pid=0&page=1.
65 COHEN, supra note 41, at 15.
66 For an example of what agencies are beginning to examine, see Melody Gutierrez, Police
Agencies Want Access to Applicants’ Social-Media Passwords, S.F. CHRON. (Sept. 2, 2014),
http://www.sfgate.com/news/article/Law-enforcement-employers-still-view-private-5722229.php.
67 See COHEN, supra note 41, at 10, 15; Gutierrez, supra note 66; Miller, supra note 64.
68 While the history of counterintelligence and espionage cases is itself fascinating, it is also
beyond the scope of this Comment.
62
454
GEO. MASON L. REV.
[VOL. 23:2
cally, most individuals who intentionally disclosed classified information,
and were later prosecuted for this, did so on behalf of a foreign nation.69
Counterintelligence officials boiled down the motivations of those they
were able to identify as spies or leakers to four factors: Money, Ideology,
Coercion, and Ego (“MICE”).70
The four motivating factors provided investigators with areas of inquiry in an attempt to limit the hiring of people who might be vulnerable to
one of these factors.71 For example, if the government wishes to ensure that
its employees are not vulnerable to coercion, then it avoids hiring people
susceptible to blackmail, perhaps because they have personal issues that
they do not want disclosed, or because they have close family members
who are under the thumb of an adversarial regime. Recently, however, two
of the largest disclosures of classified information appear to have been perpetrated by individuals with no outside inducement.72 Rather, they were
motivated by purely personal opinions on the propriety of government intelligence activities.73 Distinguishing themselves from both prior spies and
earlier leakers who went to journalists, these individuals provided thousands of classified documents to online sites.74 The size, scope, and motivations of these unauthorized disclosures have forced the government to reconsider its clearance and investigatory processes in an attempt to prevent
further loss of classified material.75
In short, the government designates some material for protection from
public disclosure.76 Such information is known as classified material and
generally falls into one of three categories: Confidential, Secret, or Top
Secret.77 To be eligible for access to such information, an individual must
possess a security clearance.78 The regulation of classified information and
access to it is largely an executive function, occasionally subjected to statu-
69 KATHERINE L. HERBIG, U.S. DEP’T OF DEF. TECHNICAL REP. NO. 08-05, CHANGES IN
ESPIONAGE BY AMERICANS: 1947-2007, at 28-29 (2008).
70 Scott Shane, A Spy’s Motivation: For Love of Another Country, N.Y. TIMES (Apr. 20, 2008),
http://www.nytimes.com/2008/04/20/weekinreview/20shane.html.
71 See HERBIG, supra note 69, at 70.
72 See discussion infra Part II.A.1.
73 Noam
Scheiber, Why’d He Do It?, NEW REPUBLIC (June 10, 2013),
http://www.newrepublic.com/article/113425/edward-snowden-nsa-spying-leak-motive.
74 Mark Bowden, What Snowden and Manning Don’t Understand About Secrecy, ATLANTIC
(Aug. 23, 2013), http://www.theatlantic.com/politics/archive/2013/08/what-snowden-and-manningdont-understand-about-secrecy/278973/.
75 See Cory Bennett, After Snowden, Will the Security Clearance Process Finally Change?,
FEDSCOOP (June 21, 2013), http://fedscoop.com/after-snowden-will-the-security-clearance-processfinally-change.
76 Exec. Order 13526, 75 Fed. Reg. 707 (Dec. 29, 2009).
77 Id. at 707-08.
78 See COHEN, supra note 41, at 8.
2016]
CONTINUOUS EVALUATION
455
tory supplement, but granted great deference by the courts.79 Clearance determinations and proceedings must allow for due process, but otherwise are
governed by executive determinations of national security needs.80 The current requirements for access to classified information include extensive
background checks, biometric identification, and, frequently, polygraph
examination.81 Several million individuals potentially have access to some
level of classified information.82 Despite these checks, not everyone granted
a clearance is trustworthy, and unauthorized disclosures of classified information occur.83 The comparatively recent technological developments that
allow massive amounts of information to be shared in a single leak have
spurred efforts to tighten security.84
C.
Federal Employment Law for the Modern Age
The first federal executive agencies, created by the First Congress, included the Departments of War, Treasury, and Foreign Affairs.85 Since that
time, the executive branch’s size and scope has increased immeasurably.86
Not only have the number of federal employees grown since then, but so
have their rights and responsibilities.87 This Section outlines the evolving
recognition that federal employment is not entirely at will, but instead carries with it at least a few protections against arbitrary or capricious actions
by the government as employer.
1.
Starting from Scratch
Public employment used to be considered a privilege, which meant it
could be revoked or conditioned as the employer saw fit. The most famous
expression of this philosophy is probably that of Justice Holmes, who,
while sitting on the Massachusetts Supreme Court, wrote, “The petitioner
79
See, e.g., Ctr. for Nat’l Sec. Studies v. U.S. Dep’t of Justice, 331 F.3d 918, 926-27 (D.C. Cir.
2003).
80
COHEN, supra note 41, at 7-8.
Id. at 8-10, 14-15; Miller, supra note 64.
82 DNI, 2012 REPORT, supra note 54, at 3 tbl.1, 4 tbl.2.
83 See discussion infra Part II.A.1.
84 See discussion infra Part II.A.2.
85 Act of July 27, 1789, ch. 4, 1 Stat. 28 (creating Department of Foreign Affairs); Act of Aug. 7,
1789, ch. 7, 1 Stat. 49 (creating Department of War); Act of Sept. 2, 1789, ch. 12, 1 Stat. 65 (creating
Department of the Treasury).
86 See generally Martin S. Flaherty, The Most Dangerous Branch, 105 YALE L.J. 1725, 1816-21
(1996).
87 The Development of the Bureaucracy, USHISTORY.ORG, http://www.ushistory.org/gov/8a.asp
(last visited Jan. 17, 2016).
81
456
GEO. MASON L. REV.
[VOL. 23:2
may have a constitutional right to talk politics, but he has no constitutional
right to be a policeman.”88 Both pithy and true, Holmes’s attitude toward a
public job persisted for decades. Modern opinion has eased this unsympathetic view, recognizing that while there might not be a right to a particular
job, this does not mean there cannot be rights related to a job.89
The modern era brought an expansion of protection for public employees, particularly in the realm of speech and other constitutional rights.90
Courts sought to balance the role of the government as sovereign with that
of employer, giving the government the chance to manage its workforce
while still shielding employees’ basic rights.91 The leading case standing for
this proposition is Pickering v. Board of Education,92 in which the Supreme
Court made clear that the value to the public regarding freedom of speech
could outweigh a government agency’s interest in punishing an employee
for that speech.93
2.
Foundational Cases for Cleared Federal Employee Rights
Even before Pickering, however, the Court had already recognized the
need to provide safeguards for cleared government employees.94 In Greene
v. McElroy,95 the Court decided that, without “explicit authorization” to the
contrary, a cleared contract employee could not lose his job unless the proceeding that purported to strip his clearance allowed for confrontation.96
Having established that the government’s process in adjudicating security
clearances need conform to basic due process and a general principle that
government employees do not surrender all constitutional protections simply because they work for the government, the courts have surprisingly gone
little further. In Department of the Navy v. Egan,97 the Supreme Court held
that the actual decision to revoke or deny a clearance is not judicially reviewable.98 However, around the same time, the Court also provided a possible exception, suggesting in Webster v. Doe99 that clearances revoked in
violation of a constitutional right might be reviewable.100 Taken together,
88
89
90
91
92
93
94
95
96
97
98
99
100
McAuliffe v. Mayor of New Bedford, 29 N.E. 517, 517 (Mass. 1892).
See discussion infra Part I.C.2.
Pickering v. Bd. of Educ., 391 U.S. 563, 574 (1968).
Id. at 568.
391 U.S. 563 (1968).
Id. at 573.
Greene v. McElroy, 360 U.S. 474, 508 (1959).
360 U.S. 474 (1959).
Id. at 508.
484 U.S. 518 (1988).
Id. at 529-30.
486 U.S. 592 (1988).
Id. at 596, 603-05.
2016]
CONTINUOUS EVALUATION
457
Greene, Egan, and Webster suggest that the government must follow some
appropriate process to strip an employee of their clearance; however, the
decision reached via that process is not reviewable unless it is in violation
of some constitutional right.101
D.
Privacy: Informational, Decisional, and Other
In American legal scholarship, the right to privacy begins with Justice
Louis Brandeis, who in a 1928 dissent argued that the Framers had “conferred, as against the Government, the right to be let alone—the most comprehensive of rights and the right most valued by civilized man.” 102 As
may be obvious from the fact that this formulation is found in a dissent, a
right to privacy was not recognized until much later.103 Specifically, the
1965 case Griswold v. Connecticut,104 identified privacy as an independent
constitutional right for the first time.105 Along with many other changes, the
1960s saw the recognition and growth of privacy as a constitutional concept.106 Justice Harlan’s classic “reasonable expectation” formulation from
Katz v. United States107 also came from this era, which holds that people
subjectively believe that certain information is private due to context.108
Privacy in this context is usually associated with Fourth Amendment cases—notably Katz.109 Since then, courts have also discovered varieties of
privacy such as decisional or informational privacy in cases like Whalen v.
Roe.110 The Court in Whalen, albeit in dicta, described the privacy interests
an individual has “in avoiding disclosure of personal matters” and in having
“independence” in decisionmaking.111 Unlike the explicit freedom from
unwarranted government surveillance that is found in the Fourth Amendment, these other types of privacy are implicit and founded in the Fourteenth Amendment.112
101
See supra notes 94-100 and accompanying text.
Olmstead v. United States, 277 U.S. 438, 478 (1928) (Brandeis, J., dissenting).
103 Secunda, supra note 5, at 109.
104 381 U.S. 479 (1965).
105 See id. at 484-85. Griswold recognized the independent right of privacy, as opposed to it being
a component of another protection, such as freedom from unreasonable search. William A. Creech, The
Privacy of Government Employees, 31 LAW & CONTEMP. PROBS. 413, 424-25 (1966).
106 Secunda, supra note 5, at 110-11.
107 389 U.S. 347 (1967).
108 Id. at 361 (Harlan, J., concurring).
109 See, e.g., Kyllo v. United States, 533 U.S. 27, 32-33 (2001) (citing Florida v. Riley, 488 U.S.
445 (1989); California v. Ciraolo, 476 U.S. 207, 211 (1986); Smith v. Maryland, 442 U.S. 735, 743-44
(1979)) (referencing the Katz test and its application to each of these Fourth Amendment cases).
110 429 U.S. 589 (1977).
111 Id. at 599-600.
112 Id. at 598-99 nn.23-24.
102
458
GEO. MASON L. REV.
1.
[VOL. 23:2
Privacy for Public Employees
Assuming, as the Supreme Court has been willing to do, that informational privacy rights exist, they have not been accorded much weight in the
case of public employees.113 In NASA v. Nelson,114 government contract employees challenged the use of background investigations, in part on the
grounds that they were unreasonably intrusive.115 Before ruling against the
respondent employees, the Court looked at the context of the challenge.116
As in other employee challenges, the Court noted that the government was
acting as an employer, and not as a sovereign, and thus had a “much freer
hand.”117 With this in mind, the Court scrutinized the reasonableness of the
background investigation.118 Looking at the challenged portions about drug
use, comparing it to private-sector practices, and the interest that the government was trying to protect in having “reliable, law-abiding persons”
working in the space program, the Court decided that the background investigation was reasonable.119 Importantly, the Court also held that the government did not have to use “the least restrictive means of furthering its
interests.”120 Not all Justices were willing to even assume that the Constitution protects informational privacy, with Justice Scalia concurring in the
judgment and stating outright that a “federal constitutional right to ‘informational privacy’ does not exist.”121 The extension of privacy protections to
public employees may lag behind the pace by which they are extended in
society generally.
2.
Privacy for the Digital Age: Mosaic Theory
Mosaic theory is the term coined for the proposition that by stitching
together individual steps, the government might have performed a search
for Fourth Amendment purposes, even though no individual step reached
the threshold of a search.122 It is also used as an analogy for the pieces of
data that are collected, with each data point a tile, which by itself reveals
113
114
115
116
117
118
119
120
121
122
(2012).
NASA v. Nelson, 562 U.S. 134, 148 (2011).
562 U.S. 134 (2011).
Id. at 142-43.
Id. at 148, 159.
Id. at 148.
Id. at 150.
Id. at 150-52.
Nelson, 562 U.S. at 153.
Id. at 160 (Scalia, J., concurring).
Orin S. Kerr, The Mosaic Theory of the Fourth Amendment, 111 MICH. L. REV. 311, 313
2016]
CONTINUOUS EVALUATION
459
little, but together reveals the entire picture.123 Interestingly, in the field of
classified information, the government itself recognizes a form of mosaic
theory, in that individual pieces of otherwise unclassified information can,
when put together, become classified due to what the pieces collectively
reveal.124 In United States v. Maynard,125 where the mosaic theory’s judicial
lineage originates, the D.C. Circuit referred to this data aggregation theory.126 At its core, mosaic theory represents the principle that technology has
the potential to infringe on privacy in two ways, which when combined rise
to the level of a search. First, the average individual is sufficiently connected that they are continually producing a stream of information, produced by
their digital devices in the form of location reports, online behavior, downloads, and communications; and this stream of information is recorded and
stored by a number of private, commercial, or public services.127 Second,
computational power is sufficient to sort through this information, often in
real time, and deduce otherwise obscure connections to derive meaning.128
This meaning can include things like identity, location, and relationships, and becomes not only a comprehensive, retroactive look at an individual’s life, but—with sufficient information—can also be predictive.129
Judges see at least two implications arising from this use of technology to
discern and predict behavior. First, one bar to surveillance has always been
the cost associated with the labor previously needed to track and monitor an
individual for any amount of time.130 By automating this process with relatively inexpensive equipment, the cost is so far reduced as to remove a significant impediment to unnecessary surveillance.131 Second, while individuals using digital devices may be theoretically aware that they are providing
data to some unknown service or organization, they still, as a rule, have an
expectation that their personal information is not being shared or used for
unrelated purposes.132
More briefly put, mosaic theory states that technology enables the collection and storage of massive amounts of data that is qualitatively different
from similar information that is collected manually.133 This is thought to be
123 Steven M. Bellovin et al., When Enough Is Enough: Location Tracking, Mosaic Theory, and
Machine Learning, 8 N.Y.U. J.L. & LIBERTY 556, 563 (2014).
124 2 U.S. DEP’T OF DEF., MANUAL NO. 5200.01, DOD INFORMATION SECURITY PROGRAM:
MARKING OF CLASSIFIED INFORMATION 39-40 (2012) (amended by Change 2, Mar. 19, 2013),
http://www.dtic.mil/whs/directives/corres/pdf/520001_vol2.pdf.
125 615 F.3d 544 (D.C. Cir. 2010), aff’d sub nom. United States v. Jones 132 S. Ct. 945 (2012).
126 Id. at 562; see also Bellovin et al., supra note 123, at 571 n.44.
127 See Bellovin et al., supra note 123, at 596, 617.
128 Id. at 590-91.
129 Id. at 591.
130 Id. at 603.
131 Id. at 574, 602.
132 Id. at 572-74, 617.
133 Bellovin et al., supra note 123, at 563-64, 575.
460
GEO. MASON L. REV.
[VOL. 23:2
particularly true when technology enables the collection of information that
would be infeasible for manual collection or so labor intensive as to justify
more scrutiny.134
This Part reviewed a wide range of issues including the origins of the
civil service, the development of national security clearances, the extension
and limitations of privacy rights to federal employees, and some privacy
theories and their relationship to modern technology. Each of these issues
has some bearing on the manner in which the federal government oversees
and monitors its employees. Federal employment has evolved away from
patronage and towards professionalization.135 The creation of a professional
workforce coincides with the creation of procedural safeguards that balance
the rights of employees and the needs of their employer.136
Government employees have expectations that employment actions
taken against them by their employer will conform to due process standards.137 Generally speaking, these employees can also expect that the government will afford them constitutional protections similar to that of the
general public, but subject to balancing against the unique needs of their
employer.138 Employees working in the national security branches of government have similar expectations, though decisions regarding their clearances, tantamount to their employability, may be less reviewable. However,
clearances revoked in violation of constitutional rights are more likely to be
reviewed.139 The right to privacy, though of a recent vintage, is a constitutional right, and as such, public employees, including cleared employees,
should be able to work knowing that their privacy is respected. But respecting employee privacy can be a challenge for the government employer.
II.
CONTINUOUS EVALUATION: IN SEARCH OF A WAY TO MITIGATE
LEAKS BEYOND STICKING A THUMB IN THE DYKE
The insider threat that the government seeks to stop via continuous
evaluation (“CE”) is real.140 If historical examples are too removed to be
convincing, then recent events highlight the ongoing nature of unauthorized
134
Id. at 575, 602-04.
See Hoogenboom, supra note 9, at 301-03.
136 See Pollack, Article, supra note 27, at 138-40.
137 See e.g., Greene v. McElroy, 360 U.S. 474, 496 (1959) (observing that it is a “relatively immutable [principle] in our jurisprudence” that the government must provide evidence that a harmful action
it takes against another is lawful).
138 See, e.g., Pickering v. Bd. of Educ., 391 U.S. 563, 568 (1968) (employing a balancing test to
determine if governmental action against an employee was constitutional).
139 See, e.g., Webster v. Doe, 486 U.S. 592, 603-04 (1988).
140 For examples of government insiders leaking classified information, see Mary-Rose Papandrea,
Leaker Traitor Whistleblower Spy: National Security Leaks and the First Amendment, 94 B.U. L. REV.
449, 457 (2014) (Bradley Manning); Davidson, Too Many Clearances, supra note 1 (Edward Snowden).
135
2016]
CONTINUOUS EVALUATION
461
disclosures by cleared government personnel.141 Over the past several years,
government employees have allegedly released tens of thousands of classified documents, covering multiple topics, agencies, and issues.142 CE is a
direct response to a realized problem that the government no longer has
faith in the personnel it should be able to trust the most.143 Despite the reality of the problem and the government’s good faith effort to solve it, its proposed solution has the potential to create consequences that might be worse
than the problems it addresses.
A.
Electronic Leaks
In 2010, Army Private First Class Bradley Manning disclosed several
hundred thousand classified documents.144 Since then, a steady stream of
revelations has made its way into the newspapers.145 Instead of the traditional slow-and-steady leak of information over a long period of time, seen
in cases of state-sponsored espionage, these disclosures came in the form of
massive, one-time disclosures facilitated by digital storage and electronic
transmission.146
1.
Manning and Snowden . . . and More?
As noted above, the recent trend of disclosure of large amounts of
classified information starts with Manning, who leaked several hundred
thousand classified documents to the website Wikileaks.147 These documents included information about the war in Afghanistan and State Department diplomatic cables.148 The next set of mass disclosures came from
Edward Snowden, who released information taken during his employment
as a contractor with the National Security Agency (“NSA”).149 This batch of
documents concerned sensitive NSA surveillance programs. 150 Further dis141
See, e.g., Papandrea, supra note 140, at 457.
See, e.g., id.
143 See discussion infra Parts II.A-II.B.2.
144 Manning, serving a 35-year sentence for the leaks, has since changed her name to Chelsea. See
Bowden, supra note 74.
145 See. e.g., Glenn Kessler, WikiLeaks’s Unveiling of Secret State Department Cables Exposes
U.S. Diplomacy, WASH. POST (Nov. 29, 2010), http://www.washingtonpost.com/wpdyn/content/article/2010/11/28/AR2010112802395_pf.html (noting that “WikiLeaks” exposed more
than 250,000 confidential U.S. diplomatic communications and that, at that time in 2010, Bradley Manning was the suspected source of the leak).
146 Papandrea, supra note 140, at 457.
147 Id. at 480.
148 Id.
149 Id. at 459 n.43.
150 Id. at 481.
142
462
GEO. MASON L. REV.
[VOL. 23:2
closures, made after Snowden fled the country, have led to speculation that
other insiders are still leaking classified information.151 While the person
making the additional disclosures remains unidentified, the documents,
largely classified Secret, concern terrorism watch lists and biometric databases.152
While not involving a disclosure of classified information, one more
incident involving cleared government personnel prompted further interest
in CE.153 In 2013, a cleared government contractor brought a gun to the
Washington Navy Yard and killed twelve people.154 The killer, though previously arrested for “malicious mischief” involving a firearm, had been
granted and had retained a security clearance.155 The clearance process did
not disclose the weapons charge or his other behavior.156 The investigations
that followed focused in part on the gaps in the investigation and the warning signs missed, which if caught might have prevented the shooting.157
2.
The Insider Threat Task Force and Executive Order 13587
After the leak attributed to Manning, the president issued Executive
Order 13587, which, among other things, created the Insider Threat Task
Force (“ITTF”).158 This task force was formed to help “counter the threat of
those insiders who may use their authorized access to compromise classified information.”159 The ITTF identified the “continued evaluation” of personnel information as one of its objective standards.160 Evaluation is to include not only the standard background investigation information, but also
“anomalous user behavior data.”161 This standard was given added impetus
when the following year the government indicted Snowden for the unau-
151
Evan Perez, New Leaker Disclosing U.S. Secrets, Government Concludes, CNN (Aug. 6, 2014)
http://www.cnn.com/2014/08/05/politics/u-s-new-leaker/index.html.
152 Id.
153 DC Navy Yard Shooting: Fixing the Security Clearance Process: Hearing Before the H. Comm.
on Oversight and Gov’t Reform, 113th Cong. 34 (2014) (statement of Susan Ordakowski, Vice President, Keypoint Government Solutions).
154 Id. at 2 (statement of Rep. Darrell Issa, Chairman, Comm. of Oversight and Gov’t Reform).
155 Id. at 21 (statement of Patrick McFarland, Inspector Gen., Office of Personnel Management).
156 Id. at 21.
157 Id. at 21-22.
158 Exec. Order No. 13587, 76 Fed. Reg. 63,811, 63,813 (Oct. 7, 2011).
159 NAT’L COUNTERINTELLIGENCE & SEC. CTR., OFFICE OF THE DIR. OF NAT’L INTELLIGENCE,
NATIONAL INSIDER THREAT POLICY ¶ A, at 1 (2012) [hereinafter NCSC, THREAT POLICY], http://ncix.
gov/nittf/docs/National_Insider_Threat_Policy.pdf.
160 Id. ¶ C, at 2.
161 Id.
2016]
CONTINUOUS EVALUATION
463
thorized disclosure of many more classified documents.162 A presidentially
directed review of employee suitability and clearance procedures by the
Office of Management and Budget (“OMB”) recommended “accelerat[ing]
the implementation of a standardized program of Continuous Evaluation.”163 While the original ITTF program focused on monitoring behavior
on agency networks, the OMB report spoke more broadly of expanded data
collection to be reported in near real time.164 This program would augment
the standard investigation process by providing relevant information or
changes in employee circumstances between reinvestigations.165
B.
What the Government Proposes and Plausible Implementations
Once it became obvious that the government had misplaced its trust in
some of its employees, officials began to wonder how they could prevent
future disclosures.166 Two parallel approaches became evident. First, it
would be necessary to limit any given employee’s access to information,
while still providing them the information needed to do their jobs.167 Second, given that the alleged leakers were cleared employees, the government
would need a system to increase its confidence in employee loyalty.168 This
second element, increased confidence in the clearance process, led to the
exploration of continuous evaluation systems.169
162
See Nicole Blake Johnson, Insider Threat Programs Get Off to Slow Start, FED. TIMES (Sept.
22, 2013), http://archive.federaltimes.com/article/20130922/IT03/309220004/Insider-threat-programsget-off-slow-start.
163 OFFICE OF MGMT. & BUDGET, EXEC. OFFICE OF THE PRESIDENT, SUITABILITY AND SECURITY
PROCESSES REVIEW 9 (2014) [hereinafter OMB, SUITABILITY & SECURITY PROCESSES REVIEW],
http://www.whitehouse.gov/sites/default/files/omb/reports/suitability-and-security-process-reviewreport.pdf.
164 Compare NCSC, THREAT POLICY, supra note 159, ¶ H, at 3 (focusing on “monitor[ing] user
activity on all classified networks”), with OMB, SUITABILITY & SECURITY PROCESSES REVIEW, supra
note 163, at 9 (describing a “different way of conducting investigations” with notification “in near-real
time”).
165 NAT’L COUNTERINTELLIGENCE & SEC. CTR., OFFICE OF THE DIR. OF NAT’L INTELLIGENCE,
CONTINUOUS EVALUATION
FACT
SHEET
[hereinafter
NCSC, CE
FACT
SHEET],
http://ncix.gov/SEA/docs/CE_Fact_Sheet.pdf.
166 PRESIDENT’S REVIEW GRP. ON INTELLIGENCE & COMMC’NS TECHS., LIBERTY AND SECURITY
IN A CHANGING WORLD 23 (2013), http://www.whitehouse.gov/sites/default/files/docs/2013-1212_rg_final_report.pdf.
167 Id.
168 See id. at 234.
169 Id.
464
GEO. MASON L. REV.
1.
[VOL. 23:2
Current Proposals and Possible Implementations
Any CE system is still several years from implementation. Current
plans call for an initial operating capability for evaluating a select portion of
the cleared workforce by 2016 and the ability to check one million employees by 2017.170 These timelines extend only to the ability to monitor government networks, with the final stage remaining aspirational at this
point.171
There is no currently operational CE system of cleared public employees, so a description of such a system’s capabilities is inherently speculative. Because a CE system is actively being contemplated, however, certain
requirements have been discussed and its scope designed. As an automated
approach to security, CE will likely be designed in a spiral fashion, with its
initial capabilities quite modest and applicable to a limited population of
employees.172 This spiral development makes the program interesting from
a privacy point of view because its initial phases will likely be uncontroversial.173 By design, the program would then incrementally expand until eventually the program could have grown into a substantially more intrusive
system.174 This is not to say that there is some nefarious intent by the developers to creep slowly into a privacy-destroying surveillance capability, but
rather that in the course of standard IT development methodology, the system would start small and expand as technology and techniques prove
themselves.175
The first phase of CE is likely to comprise two basic objectives. First
would be the better integration of already existing security systems. Despite
years of work and the creation of the Office of the Director of National Intelligence, there remain serious disconnects between the various agencies,
including between their security programs.176 Unifying these systems so that
information can be shared between agencies as employees move from one
170
SUITABILITY & SECURITY CLEARANCE PERFORMANCE ACCOUNTABILITY COUNCIL, CROSS
AGENCY PRIORITY GOAL, QUARTERLY PROGRESS UPDATE (FY 4TH QUARTER): INSIDER THREAT AND
SECURITY CLEARANCE REFORM 16 (2015) [hereinafter SUITABILITY & SECURITY CLEARANCE PAC,
CAP
GOAL],
http://www.performance.gov/downloadpdf?file=Insider%20Threat%20and%20Security%20Clearance%
20Reform%20FY15_Q4.pdf.
171 NCSC, CE FACT SHEET, supra note 165 (noting March 2017 as the latest planned date for a CE
implementation).
172 OMB, SUITABILITY & SECURITY PROCESSES REVIEW, supra note 163, at 8.
173 See SUITABILITY & SECURITY CLEARANCE PAC, CAP GOAL, supra note 170, at 16.
174 See id.
175 See Barry W. Boehm, A Spiral Model of Software Development and Enhancement, COMPUTER,
May 1988, at 61, 69.
176 INSPECTOR GEN., U.S. DEP’T OF DEF., REP. NO. DODIG-2014-060, AN ASSESSMENT OF
CONTRACTOR PERSONNEL SECURITY CLEARANCE PROCESSES IN THE FOUR DEFENSE INTELLIGENCE
AGENCIES 27 (2014).
2016]
CONTINUOUS EVALUATION
465
agency to another would be an uncontroversial first step.177 Similarly, there
remain serious weaknesses in the ability of investigators to check local law
enforcement databases.178 While criminal background checks are mandated
for all clearance levels, it is not easy for investigators to poll the myriad
state and local law enforcement agencies that hold such information.179 The
2013 shooting at the Washington Navy Yard, where the shooter was a contract employee with a security clearance, highlighted this weakness.180 The
shooter’s clearance investigation did not reveal that he had a prior weapon’s
violation, but it is not clear that—even if it had—it would have been sufficient to deny his clearance anyway.181 Better integration with other government agencies is likely to be another initial step in any CE program.
After integrating and expanding current checks into a more seamless
system, a CE program will likely begin monitoring employee behavior
while on government networks, especially classified networks.182 Philosophically, the government struggles to balance two competing desires: (1)
sharing information so its employees can “connect the dots” and (2) restricting information to protect classified information.183 Online behavioral
monitoring would likely seek to balance these two desires by checking to
see what types of classified information employees are accessing and if that
information matches what the employees are working on.184 Network monitoring would be facilitated in government systems since employees already
have a system of user IDs, tokens, and PKIs (public key infrastructures) that
check their clearance levels.185 Because government systems are already
subject to monitoring for a variety of reasons, they are likely to have the
infrastructure needed to accomplish this step with relatively little modification.186
177
See U.S. OFFICE OF PERS. MGMT., FEDERAL INVESTIGATIONS NOTICE NO. 12-04, at 1 (2012).
See OMB, SUITABILITY & SECURITY PROCESSES REVIEW, supra note 163, at 5-6.
179 Id.
180 Davidson, Too Many Clearances, supra note 1.
181 JOHN M. RICHARDSON, DEP’T OF THE NAVY, REPORT OF THE INVESTIGATION INTO THE FATAL
SHOOTING INCIDENT AT THE WASHINGTON NAVY YARD ON SEPTEMBER 16, 2013 AND ASSOCIATED
SECURITY, PERSONNEL, AND CONTRACTING POLICIES AND PRACTICES 61 (2013),
http://www.defense.gov/Portals/1/Documents/pubs/Navy-Investigation-into-the-WNY-Shooting_finalreport.pdf.
182 SUITABILITY & SECURITY CLEARANCE PAC, CAP GOAL, supra note 170, at 15.
183 Bowman H. Miller, Commentary, The Death of Secrecy: Need to Know . . . with Whom to
Share, STUD. INTELLIGENCE, Sept. 2011, at 2, https://www.cia.gov/library/center-for-the-study-ofintelligence/csi-publications/csi-studies/studies/vol.-55-no.-3/pdfs/Miller-Commentary-WikiLeaks-7Oct-2011.pdf.
184 See SUITABILITY & SECURITY CLEARANCE PAC, CAP GOAL, supra note 170, at 15.
185 HILDEGARD FERRAIOLO, ET AL., NAT’L INST. OF STANDARDS & TECH., SPECIAL PUB. 800-157,
GUIDELINES FOR DERIVED PERSONAL IDENTITY VERIFICATION (PIV) CREDENTIALS, at iii (2014),
http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-157.pdf.
186 See id. at 2.
178
466
GEO. MASON L. REV.
[VOL. 23:2
The challenge here is likely to be more in the development of the necessary business rules that define what the sphere of acceptable content for
an employee to access is likely to be. Is it appropriate for a Middle East
analyst to access information on Russia, for instance? Does that depend on
whether she is researching connections between Chechen fighters and Syrian rebels? Can Air Force analysts access information from the National
Ground Intelligence Center? Defining the scope of “need-to-know” for any
particular employee relative to any particular piece of information is likely
to be much more difficult than the actual technology needed to implement
the system.187
Alternately, and perhaps more likely, a CE system itself would not actually decide whether it is proper for an employee to access any given data,
but would rather track the type of behavior (e.g., searches, webpage visits,
topics of interest) and then report either typical online behavior, or deviation from that typical behavior to an oversight office. It would then be up to
security personnel to determine if this deviation was suspicious enough to
warrant further investigation.
The next step in the rollout of a CE system would be both the most difficult and most controversial. This would see CE implemented not only on
government networks, but also on other publically available networks.188 It
is at this step where the system would check social media and other websites. Two main technological hurdles exist for this stage of implementation. First is how to connect a particular employee with her online presence.189 On government networks, this is simplified because the government
itself has issued and controls the employee’s login ID and credentials.190
Once outside of government networks, however, tying together a host of
various user personas with an actual employee becomes more difficult.191
One possible solution might be to simply require employees to provide the
government with their user IDs. Another way would be through the use of
identity resolution algorithms that tie together identities by matching certain
data fields together.
187
See Miller, supra note 183, at 2.
The Insider Threat to Homeland Security: Examining Our Nation’s Security Clearance Processes, Hearing Before the Subcomm. on Counterterrorism & Intelligence of the H. Comm. on Homeland Sec., 113th Cong. 14 (2013) (statement of Gregory Marshall, Chief Security Officer, Dep’t of
Homeland Security).
189 Ashwini Rao, et al., What Do They Know About Me? Contents and Concerns of Online Behavioral Profiles 1 (July 30, 2014) (unpublished conference technical report) (repository at Carnegie Mellon
University), https://www.cylab.cmu.edu/files/pdfs/tech_reports/CMUCyLab14011.pdf.
190 See FERRAIOLO, ET AL., supra note 185, at 1 (explaining generally how the government controls
employee login credentials); OMB, SUITABILITY & SECURITY PROCESSES REVIEW, supra note 163, at 3
(indicating that only 60 percent of government employees are eligible for access to classified information).
191 See OMB, SUITABILITY & SECURITY PROCESSES REVIEW, supra note 163, at 9.
188
2016]
CONTINUOUS EVALUATION
467
But, whether through policy or technology, a CE system will need
some way to identify personnel once they are outside of the government’s
own networks.192 The second challenge will be to sift through the enormous
amount of online data to find information of relevance.193 Presumably, a CE
system would be looking for indicators that match one of the criteria used
to determine suitability for a clearance. These criteria, mentioned in Part
I.B.2, cover a wide array of conduct. An automated system might identify
searching online for a loan as criteria for reevaluation under Guideline F –
Financial Considerations. An investigator will need to ask at what point
online contacts with foreign nationals become substantial enough that
Guideline A – Foreign Influence is implicated. These types of issues mean
that any CE system must be sophisticated enough to sift through immense
amounts of online transactions to identify with some level of precision what
behaviors are significant enough to require investigator follow-up.
Though not obviously mentioned in any CE document, it is also plausible to envision that monitoring could include location information, now
available through any number of online or mobile applications.194 One of
the pieces of evidence in Greene, the case of a government contractor who
lost his clearance due to alleged communist sympathies, was the fact that he
had visited the Soviet Embassy.195 Similar location information provided in
real time to investigators could tell significant amounts about an employee’s preferences.
2.
Consent and Built-In Civil Liberty Protections
It is already evident that any CE program will have some impact on an
employee’s informational privacy, and in its most advanced form is likely
to have significant impact, as will be discussed later in Part III.C. In order
to justify such intrusive monitoring, the government can rely on two independent reasons—consent and inherent executive authority.196
192
Id. at 15.
See, e.g., Number of Monthly Active Facebook Users Worldwide as of 3rd Quarter 2015 (in
Millions), STATISTA, http://www.statista.com/statistics/264810/number-of-monthly-active-facebookusers-worldwide/ (last visited Jan. 19, 2016) (indicating that Facebook had 1.55 billion active users in
the third quarter of 2015).
194 Both Apple and Google rely on this location data to allow users to locate their missing
smartphones. See Cammy Harbison, How to Use Google’s ‘Find My Phone’ Feature to Locate Your
Lost Android Smartphone or Tablet, IDIGITALTIMES (Apr. 16, 2015 4:37 PM), http://www.idigitaltimes.
com/how-use-googles-find-my-phone-feature-locate-your-lost-android-smartphone-or-tablet-433526;
Find My iPhone, iPad, and Mac, APPLE, http://www.apple.com/icloud/find-my-iphone.html (last visited
Jan. 19, 2016).
195 Greene v. McElroy, 360 U.S. 474, 478-79 (1958).
196 See, e.g., Youngstown Sheet & Tube Co. v. Sawyer, 343 U.S. 579, 637 (1952) (Jackson, J.,
concurring) (recognizing that the president has, in some cases, inherent authority).
193
468
GEO. MASON L. REV.
[VOL. 23:2
First, the government requires that employees consent to monitoring
when using government IT equipment and networks.197 All systems display
notifications on login that authorities may monitor network activity, and
agencies provide similar notifications during periodic, required training. 198
Additionally, the government requires applicants to consent to share some
medical and financial information as part of the clearance investigation
process.199
Second, the executive branch of the government has great flexibility in
determining the criteria for access to national security information.200 Any
standard it can articulate as a requirement for access to national security
information is not only likely to be vindicated, but is also practically unreviewable.201 The few exceptions would be in the unlikely case that the government required an unconstitutional standard, such as a religious test, in
order to receive a clearance.202
C.
What Could Go Wrong with an All-Seeing Eye?
With its ability to set standards for access to classified information and
the ability to require employees to consent to monitoring, the government
197
(2013),
pdf.
198
U.S. DEP’T OF DEF., ETHICS COUNSELOR’S DESKBOOK: USE OF GOVERNMENT RESOURCES 8
http://www.dod.mil/dodgc/defense_ethics/resource_library/deskbook/government_resources.
One such notification reads, in part:
The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations
and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence
(CI) investigations.
....
Communications using, or data stored on, this IS are not private, are subject to routine
monitoring, interception, and search, and may be disclosed or used for any USG-authorized
purpose.
Memorandum from the Chief Info. Officer, U.S. Dep’t of Def., to All Levels of Def. Dep’t Leadership
Regarding the Standard Consent Banner & User Agreement 3 (May 9, 2008), http://dodcio.defense.gov/
Portals/0/Documents/DoDBanner-9May2008-ocr.pdf.
199 See, e.g., 5 C.F.R. § 731.101(a) (2015) (indicating that the OPM base suitability determinations
for employees on “age, health, character, knowledge, and ability”); see also U.S. OFFICE OF PERS.
MGMT., SF 85 P-S, SUPPLEMENTAL QUESTIONNAIRE FOR SELECTED POSITIONS (requiring applicants to
indicate if they have ever consulted with any mental health professionals in the previous seven years).
200 See Harold Edgar & Benno C. Schmidt, Jr., Curtiss-Wright Comes Home: Executive Power and
National Security Secrecy, 21 HARV. C.R.-C.L. L. REV. 349, 351 (1986) (remarking on the increase in
the power of the President in national-security secrecy and the role the Supreme Court and Congress
have played).
201 See, e.g., United States v. Marchetti, 466 F.2d 1309, 1317 (4th Cir. 1972) (“If . . . the need for
secrecy [in operations related to foreign affairs] requires a system of classification of documents and
information, the process of classification is part of the executive function beyond the scope of judicial
review.”).
202 See U.S. CONST. art. VI (prohibiting religious tests as qualifications for public office).
2016]
CONTINUOUS EVALUATION
469
faces few legal hurdles in its implementation of a CE program. In fact,
Congress introduced at least two bills in the 113th Congress concerning CE,
one explicitly recommending such a program and the other calling for report on the state of CE programs and the steps taken to ensure any programs
include employee protections.203 Policy and technological challenges are
likely to be significantly harder to overcome from a practical point of
view.204 To the extent that CE eventually extends to accessing social media
and other publicly accessible online content, it may have more legal difficulty in using automated tools to scrape information from these sites due to
their use policies.205 Presumably, the government would need to either reach
some agreement with the companies operating such sites or else find some
statutory authority. This, however, has little to do with the actual employee.
Nonetheless, the scope of CE does present one particularly controversial
legal issue—namely, the extent to which a fully developed CE program
infringes on an employee’s right to privacy.206
One of the common threads through the privacy discussion above regards a citizen’s privacy expectations as against a sovereign.207 There is no
particular reason to believe that the same concerns must attach to the government as employer. However, three factors suggest that the governmentemployer should balance its employees’ privacy interests similarly to how
the government-sovereign balances those of its citizens. First, the government claims that it intends to safeguard privacy and civil liberties and to
establish standards for handling personal information.208 Second, the government is proposing a system that, when fully implemented, will provide
round-the-clock monitoring of millions of individuals for years at a time, in
order to discover exceedingly low-probability events.209 Lastly, while the
government will obtain waivers from the employees it wishes to monitor,
this technology will initially be applied to individuals who have held a
clearance for years and may at this point have few meaningful options
should they wish not to be monitored—making consent largely a fiction.210
203 Enhanced Security Clearance Act of 2013, S. 1618, 113th Cong. (2013); Clearance and OverClassification Reform and Reduction Act, S. 2683, 113th Cong. (2014).
204 See supra note 193 and accompanying text (discussing the technological challenges based on
the large number of users of social media).
205 For example, Linkedin prohibits the use of “manual or automated software, devices, scripts
robots, other means or processes to access, ‘scrape,’ ‘crawl’ or ‘spider’ the Services or any related data
or information.” See User Agreement, LINKEDIN, § 8.2, http://www.linkedin.com/legal/user-agreement
(last visited Jan. 22, 2016).
206 See, e.g., Griswold v. Connecticut 381 U.S. 479, 484 (1965) (recognizing that the First
Amendment guarantees citizens a right to privacy).
207 See discussion supra Part I.D.
208 NCSC, CE FACT SHEET, supra note 165.
209 See discussion supra Part II.B.1.
210 See discussion supra Part II.B.1-2.
470
GEO. MASON L. REV.
[VOL. 23:2
III. TECHNOLOGY PROGRESSES, BUT DO EMPLOYEE RIGHTS?
The first two Parts of this Comment traced the development of two
trends within the federal government concerning employees with access to
national security information. The first trend was the gradual extension of
various employment-related rights to government employees.211 The second
was the continuing need of the government to protect certain designated
information for national security reasons.212 Recent actions by government
employees with security clearances, ranging from unauthorized disclosure
of data to murder, have forced the government to reconsider the methods by
which it grants access to classified information, which may halt, if not reverse, the growth of protections for federal employees.213 Repeating the
essential points of the requirement for security and trend toward employee
rights, five straightforward propositions help illustrate the legal dilemma
inherent in CE proposals. First, government employees do not surrender all
constitutional rights upon accepting employment.214 Second, privacy is a
constitutional right.215 Third, a fully implemented CE system poses a serious
infringement on personal privacy as exemplified under the mosaic theory.216
Fourth, the government has a serious interest in monitoring employees with
access to its most sensitive secrets. Finally, the government is owed great
deference in making national security related decisions.217
When two compelling interests collide, the classic response is for
courts to apply a balancing test.218 A balancing test is little more than the
“measure[ment] of competing interests.”219 And, indeed, this is exactly what
courts have done in cases where the government asserts an interest in compelling employees to give up some portion of a right to speech or privacy
and employees have asserted that the right is too valuable to surrender.220
Any CE program like those contemplated above will eventually require a
court to decide if an employee’s interest in retaining some informational
privacy outweighs the government’s interest in investigating employees to
whom it plans to give clearances. In order to balance the competing interests of security and privacy in the context of government employment, it is
helpful to describe the factors that a court might weigh against each other
and for which party the factor provides the most support.
211
212
213
214
215
216
217
218
219
220
See discussion supra Part I.C.
See discussion supra Part I.B.2.
See discussion supra Part II.A.
See discussion supra Part I.C.
See discussion supra Part I.D.
See discussion supra Part I.D.2.
See discussion supra part II.B.2.
See, e.g., Pickering v. Bd. of Educ., 391 U.S. 563 (1968).
Balancing Test, BLACK’S LAW DICTIONARY (10th ed. 2014).
See, e.g., Pickering, 391 U.S. at 568.
2016]
A.
CONTINUOUS EVALUATION
471
Factors Weighing for the Government
The sixty-year history of the modern security-clearance system provides rich background from which to pull comparative factors. Four factors
weigh more heavily for a government agency defending the use of CE.
First, the government has a long and continuous practice of using background investigations to satisfy itself on the suitability of its employees.221
Second, the government has a robust process for adjudicating clearance
disputes that protect employees should CE turn up information of concern.222 Third, the federal government appears to be following the practices
of private and other government employers by investigating social media
and other publically available information for employment candidates.223
Fourth, the government obtains employee consent prior to monitoring.224
Finally, of course, the government also has its trump card—its exclusive
purview over national security matters.
Addressing the first two factors together, the scope and persistence of
the government’s clearance process is worthy of substantial deference. The
system by which the government grants and reviews clearances has been
developed by successive presidents, reviewed in multiple Supreme Court
decisions such as Greene and Nelson, and has been the subject of congressional hearing and legislation.225 As such, the process is deliberate and rational, and the product of the interplay among the various branches. The
federal government is not alone in conducting background checks of employees, and, in fact, it is state and local governments which are leading the
way into investigating social media and other nontraditional sources of information before hiring public safety employees.226 The fact that multiple
jurisdictions at various levels of government in addition to the federal government believe that it is necessary, or at least helpful, to expand the scope
of employee investigations bolsters the federal government’s position.
Government employees, and especially those with clearances, are already subject to limited forms of monitoring, to which they consent each
time they log into their work computers or when they are periodically reinvestigated.227 The average employee repeatedly consents to some forms of
221
See COHEN, supra note 41, at 5-7.
Id. at 8.
223 See Gutierrez, supra note 66 (providing an example of how a municipal governmental agency
investigates social media profiles of prospective candidates).
224 See Memorandum from the Chief Info. Officer, supra note 198, at 3.
225 NASA v. Nelson, 562 U.S. 134 (2011); Green v. McElroy, 360 U.S. 474 (1959).
226 See, e.g., Gutierrez, supra note 66 (noting how it is common for California municipal police
departments to ask for the social media passwords of prospective applicants).
227 See, e.g., Internet Use Policy, U.S. DEP’T COM. OFF. CHIEF TECH. OFFICER, http://ocio.os.doc.
gov/ITPolicyandPrograms/Policy___Standards/Dev01_002685 (last visited Jan. 22, 2016) (“Department
222
472
GEO. MASON L. REV.
[VOL. 23:2
monitoring throughout the course of employment and thus may provide the
presumption that government employees accept a lower expectation of privacy.228 Ultimately, the government, and particularly the executive branch,
decides what is in the interest of national security and the methods by
which it pursues that security.229 While subject to the requirements of the
Constitution, the executive branch has great leeway in making these determinations, and courts have traditionally been reluctant to review them.230
Taken together, these factors present a weighty argument in favor of
the government’s ability to monitor employees with access to classified
information. There are, however, several countervailing elements that
weigh in favor of restricting CE in favor of employee privacy.
B.
Factors Weighing for Public Employees
The factors tending to favor the employee are more disparate than
those weighing for the government, touching upon a wider array of concerns. Some deal with the technology in use, others with the impact on the
employee, and still others on the effect, or lack thereof, on the government.
Four factors favor a notional public employee who asserts that CE violates
her privacy rights. First, the systems will, initially at least, likely produce
large amounts of false positives, reducing the system’s utility.231 Second,
CE systems will likely be underinclusive, in that it will be difficult to associate all of any employee’s various accounts, systems, and personas, thus
robbing the system of its supposed advantage.232 Third, a large amount of
of Commerce personnel should be aware that their use of Government equipment may be monitored or
recorded.”).
228 See Stern v. FBI, 737 F.2d 84, 92 (D.C. Cir 1984) (noting that federal employees have “diminished” privacy interests in intragovernmental communications because of a countervailing “public
interest in knowing how public employees are performing their jobs”).
229 See, e.g., Harold Hongju Koh, Why the President (Almost) Always Wins in Foreign Affairs:
Lessons of the Iran-Contra Affair, 97 YALE. L.J. 1255, 1306 (1988) (“Through both action and inaction,
the federal courts have consistently upheld the President’s authority to dominate the foreign affairs
arena . . . .”).
230 Id.
231 It has not been uncommon for government surveillance efforts to generate “false positives” in
the past. See, e.g., Yudhijit Bhattacharjee, The Spy Who Was Innocent, NEW YORKER (Sept. 18 2015),
http://www.newyorker.com/news/news-desk/the-spy-who-was-innocent (recounting the story of the
arrest of the innocent Professor Xi Xiaoxing on spying charges and observing that “[a]s pressure mounts
on U.S. law enforcement to detect [post September 11] acts of aggression, it is inevitable that the number of false positives will climb as well”); see also Jonathan Camhi, Regulatory Screening: False Positives and Their Customer Experience Impact, INFO. WK. (Apr. 30, 2014 11:47 AM),
http://www.banktech.com/regulatory-screening-false-positives-and-their-customer-experienceimpact/d/d-id/1296982 (considering the impact that “false positives” from government-mandated efforts
have on the banking industry).
232 See supra notes 189-191 and accompanying text.
2016]
CONTINUOUS EVALUATION
473
the monitoring will be on private or commercial networks and involve personal or off-duty time. Social media sites, browsing habits, and communications with friends and family will be swept up for analysis by the government. Fourth, the amount of information gathered—to include associations, location, and behavioral information, online habits, and other information—will be so complete as to reduce her zone of privacy to zero, making this an issue less of degree and more of total elimination.
Two factors touch on the system’s effectiveness, which remains speculative at this point. Still, a system attempting to deduce human motivation
and behavior from online activity and databased information is likely to
suffer from a high false positive rate.233 A false positive, or Type I error,
occurs when a system incorrectly identifies an attribute.234 To illustrate, take
for example any individual who spends some amount of time online. That
person may receive emails from the infamous Nigerian prince, visit websites hosted in Europe, purchase a product shipped from Japan, and otherwise explore the world from the comfort of his home. A CE system will
need to winnow through these interactions and decide which constitute foreign affiliation or contacts. Or, put another way—it will need to decide
which of the foreigners contacting him is a foreign contact. This is a task
not unlike that which spam filters perform, and like spam filters, whose
performance has admittedly improved, much will be incorrectly identified.235
Just as a CE system may be overinclusive as regards undesirable behavior, it may also be underinclusive in actually taking into account all of
an employee’s online activity, which is likely to grow continuously as the
employee adds new accounts, usernames, and online identities which the
system will necessarily lag in collecting. These are largely technical challenges that could be overcome with enough experience, development, and
computing horsepower; however, a court would be justified in considering
the effectiveness of the system when balancing interests. A system that does
not provide the true benefit sought by the government should be afforded
less weight and the burdens of negative or incomplete reporting on the employee considered.
The next factor is that, at its furthest reach, CE would implicate the
employee’s off-duty time and behavior and many third parties with whom
the employee comes into contact.236 Expanding the government’s ability to
reach into areas of an employee’s life that have nothing to do with his em233
See generally Bhattacharjee, supra note 231.
See ROXY PECK & JAY L. DEVORE, STATISTICS: THE EXPLORATION & ANALYSIS OF DATA 463
(7th ed. 2012).
235 See Jonathan I. Ezor, Busting Blocks: Revisiting 47 U.S.C. § 230 to Address the Lack of Effective Legal Recourse for Wrongful Inclusion in Spam Filters, 17 RICH. J.L. & TECH. 7 (2011) (recognizing that spam filters still generate many “false positives”).
236 See supra notes 189-191 and accompanying text.
234
474
GEO. MASON L. REV.
[VOL. 23:2
ployment and that do not implicate a security consideration would be a
drastic expansion.237 A scan of an employee’s Facebook page for indications of excessive alcohol use, perhaps by counting the frequency of pictures of the employee holding a beer, implicating Guideline G – Alcohol
Consumption, may also discover posts where the employee espouses support for a political candidate, maybe the president’s opponent. Likewise, the
emails, posts, and activities, when they intersect with the employee, become
open to the government as well.238 Finally, monitoring online activity, particularly when coupled with the government’s already extensive background information on an employee, goes so far as to basically eliminate
privacy. Today’s data mining algorithms and techniques can already uncover associations, predict future location, and suggest behavior.239 In fact, that
is the very reason the government sees CE as a valuable tool.240 But doing
so creates a complete picture of an individual that invades every relationship, belief, and sanctuary to an extent that precludes privacy.
Were the loss of privacy any less absolute than that contemplated by
CE, then the balance of interests would likely favor the government. However, it is not hyperbole to say that the absolute nature of what the government proposes to investigate reduces the monitored employee’s privacy to a
nullity. Because it is not obvious that the government lacks other means to
achieve its desired confidence in employee suitability, and because the employee’s zone of privacy would be completely eliminated, the government
should not prevail.
237 See Aliah D. Wright, More States Ban Social Media Snooping, SOC’Y HUM. RESOURCE MGMT.
(Aug. 12, 2014), http://www.shrm.org/hrdisciplines/technology/articles/pages/social-media-snooping.
aspx (demonstrating the growing trend of states banning private employers from asking for access to
their employee’s social media posts).
238 See, e.g., Philip Bump, The NSA Admits It Analyzes More People’s Data Than Previously
Revealed, WIRE (July 17, 2013), http://www.thewire.com/politics/2013/07/nsa-admits-it-analyzes-morepeoples-data-previously-revealed/67287/ (noting how the NSA admitted that it collects and analyzes
data on people up to three connections away from terror suspects).
239 See generally Note, Data Mining, Dog Sniffs, and the Fourth Amendment, 128 HARV. L. REV.
691 (2014) [hereinafter Note, Data Mining] (explaining the data-mining process in detail and exploring
solutions to privacy concerns through a properly designed algorithmic search).
240 See Stephen Braun, U.S. Intelligence Officials to Monitor Federal Employees with Security
Clearances, PBS NEWSHOUR (Mar. 10, 2014, 9:46 AM), http://www.pbs.org/newshour/rundown/usintelligence-officials-monitor-federal-employees-security-clearances/ (quoting Director of National
Intelligence James Clapper as saying that “[w]hat we need is a system of continuous evaluation where
when someone is in the system and they’re cleared initially, then we have a way of monitoring their
behavior, both their electronic behavior on the job as well as off the job”).
2016]
CONTINUOUS EVALUATION
475
IV. REBALANCING CONTINUOUS EVALUATION TO PRESERVE THE
GOVERNMENT’S CAPABILITY
A balancing of interests between the government and an employee
concerning CE is likely, though not certain, to come out in favor of the employee.241 This threatens the utility of a program which certainly contains
some benefits for the government’s national security apparatus, and hence
for the public.
The challenge then becomes tailoring the program to preserve the capability while minimizing the intrusion into employee privacy. Five steps,
feasible from both policy and technological standpoints, should go a long
way in rebalancing the competing interests.242
First, rigorously and scientifically test the system to ensure that the
planned utility is actually being achieved. It is still speculative that online
behavior can accurately reveal or predict disloyal behavior.243 An unproven
system should be accorded less weight. Like all good tests, they should be
transparent and repeatable.244
Second, anonymize employee information until the system raises a
flag for investigators. In a system where algorithms and queries search for
activity, there is no need for any actual person to have access to detailed
personal information on employees, unless and until those algorithms actually reveal something requiring human review.245 While there can potentially be exceptions for testing or quality control, the default setting should be
anonymity.
Third, limit the population subject to continuous monitoring to the
bare minimum. Subjecting all cleared employees to continuous monitoring
is problematic for several reasons. One, it casts an overly broad net because
many cleared employees do not really have access to particularly sensitive
information.246 Additionally, government security services already have
241
See discussion supra Part III.B.
There are a number of different methods by which the information technology community
attempts to safeguard sensitive personal information based on various privacy philosophies, standards,
and theories. One such early standard from which many build are the Fair Information Practice Principles developed by the Department of Health, Education, and Welfare in 1973. See NAT’L INST. OF
STANDARDS & TECH., U.S. DEP’T OF COMMERCE, NATIONAL STRATEGY FOR TRUSTED IDENTITIES IN
CYBERSPACE app. A, at 45 & n.1 (2011), http://www.nist.gov/nstic/NSTIC-FIPPs.pdf.
243 Some have observed that anonymity causes Internet users to behave differently online. See, e.g.,
John Suler, The Online Disinhibition Effect, 7 CYBERPSYCHOLOGY & BEHAV. 321, 321 (2004).
244 President Obama has stated that “[t]ransparency promotes accountability and provides information for citizens about what their Government is doing.” Transparency and Open Government: Memorandum for the Heads of Executive Departments and Agencies, 74 Fed. Reg. 4685 (Jan. 21, 2009).
245 Note, Data Mining, supra note 239, at 709-10.
246 Figures from 2010, while unofficial, indicated that of 4,443,000 federal employees, 854,000
had Top-Secret security clearances, or roughly 20 percent. Data, Analysis & Documentation: Historical
Federal Workforce Tables, OPM.GOV, https://www.opm.gov/policy-data-oversight/data-analysis242
476
GEO. MASON L. REV.
[VOL. 23:2
difficulty properly accounting for the personnel security records they currently keep.247 Expanding the size of these databases can perversely lead to
less security, as services begin to rely on the idea that some automated program is keeping an eye on things, but incompatible interagency systems are
actually not able to use the information being developed.248 One way to
limit the employee population is to enroll only employees in the most sensitive positions in the program.
Fourth, place retention limits on any and all information collected.
Upon termination of employment or surrender of a security clearance, any
information should be immediately destroyed. Additionally, after some time
period, perhaps yearly, information on employees should be summarized
for comparison to future behavior, but the details of individual transactions
should be destroyed. This preserves the baseline needed to identify anomalies of interest to security personnel, but removes the detailed information
that constitutes the risk to employee privacy from the system.
Finally, receive meaningful consent to monitoring from employees.
The government may have the ability to force consent from a workforce
with few other options, but this could actually serve to decrease employee
loyalty as some employees become resentful and others try to hide the behaviors with which they think the government is concerned.249 Instead, the
government should consider making enrollment mandatory for newly hired
employees who have the opportunity at the beginning of their careers to
decide if they are comfortable with this level of monitoring. Many younger,
future employees, coming of age in a world where private companies routinely monitor online activity, may be more comfortable with this new par-
documentation/federal-employment-reports/historical-tables/total-government-employment-since-1962/
(last visited Jan. 22, 2016) (indicating that the total number of federal employees was 4.443 million in
2010); Dana Priest & William M. Arkin, A Hidden World, Growing Beyond Control, WASH. POST (July
19, 2010), http://projects.washingtonpost.com/top-secret-america/articles/a-hidden-world-growingbeyond-control/ (noting that 854,000 federal employees had Top-Secret clearance in 2010). However,
having a Top-Secret clearance does not give an employee access to all top-secret documents, and the
most highly sensitive information is likely accessible by only a handful of people. Brad Plumer, About
500,000 Private Contractors Have Access to Top-Secret Info, WASH. POST (June 11, 2013),
http://www.washingtonpost.com/news/wonkblog/wp/2013/06/11/about-500000-private-contractorshave-access-to-top-secret-information/.
247 See, e.g., Joe Davidson, New OPM Data Breach Numbers Leave Federal Employees Anguished, Outraged, WASH. POST (July 9, 2015), http://www.washingtonpost.com/blogs/federaleye/wp/2015/07/09/new-opm-data-breach-numbers-leave-federal-employees-anguished-outraged/
[hereinafter Davidson, New OPM Data Breach].
248 See, e.g., Amber Corrin, In the Intelligence Community, a Cosmic Shift, FCW (Nov. 28, 2011),
http://fcw.com/Articles/2011/11/28/HOME-PAGE-DOD-intelligence-community-cloud.aspx (highlighting the complexity of the IT infrastructure throughout the intelligence agencies).
249 See, e.g., Stephanie Goldberg, Young Job-Seekers Hiding Their Facebook Pages, CNN (Mar.
29, 2010, 2:51 PM), http://www.cnn.com/2010/TECH/03/29/facebook.job-seekers/.
2016]
CONTINUOUS EVALUATION
477
adigm than current employees.250 Given the timeline of CE systems and the
age of the federal government workforce,251 this would probably result in
only a modest delay to full implementation.
CONCLUSION
Two competing interests in the sphere of government employment—
namely, the security of classified information and the privacy of employees
holding security clearances—have converged through the advancement of
technology.252 Government agencies that are most concerned with security
propose subjecting their employees to a heightened level of monitoring that
would even exceed the current background investigation employees undergo.253 However, the government’s legitimate need to safeguard information,
its deliberate and considered adoption of security procedures, and its expertise and authority in the realm of national security need to be balanced
against the rights of its employees to retain some modicum of privacy and
the technological uncertainty that CE systems still embody.254 A CE system
incorporating data privacy standards into its design would better respect the
competing but valid needs of both government and government employee.
250 Bob Bryan, Millennials Are More Than Happy to Trade Privacy for Security, BUS. INSIDER
(June 24, 2015, 11:30 AM), http://www.businessinsider.com/millennials-willing-to-trade-privacy-forsafety-online-2015-6.
251 In 2013, the average age of a United States federal employee was 47.3, or almost six years older
than the median age of the overall labor force in the United States. Data, Analysis & Documentation:
Profile of Federal Civilian Non-Postal Employees, OPM.GOV (Sept. 30, 2013),
https://www.opm.gov/policy-data-oversight/data-analysis-documentation/federal-employmentreports/reports-publications/profile-of-federal-civilian-non-postal-employees/; Employment Projections:
Median Age of the Labor Force, by Gender, Race and Ethnicity, U.S. DEP’T LAB. BUREAU LAB. STAT.,
http://www.bls.gov/emp/ep_table_306.htm (last visited Jan. 23, 2016).
252 See discussion supra Part II.B.1.
253 See discussion supra Part III.
254 The government’s current inability to secure the data of its personnel should also be resolved
prior to the government collecting even more detailed and intrusive information about these employees.
In June 2015, the OPM announced that unidentified hackers, probably affiliated with the Chinese government according to press reports, compromised a government computer system and took the security
clearance investigation records of over 20 million government employees and contractors. This information likely contained background data, social security numbers, and—in over a million cases—even
fingerprints. See Press Release, U.S. Office of Pers. Mgmt., OPM Announces Steps to Protect Federal
Workers and Others from Cyber Threats (July 9, 2015), https://www.opm.gov/news/releases/
2015/07/opm-announces-steps-to-protect-federal-workers-and-others-from-cyber-threats/;
Davidson,
New OPM Data Breach, supra note 247.