In the backdrop of two critical and highly publicized events involving individuals with security clearances (Edward Snowden, a former National Security Agency contractor who leaked government secrets and Aaron Alexis, the Washington Navy Yard shooter who shot and killed 12 people), the U.S government is looking forward to a robust security clearance program, as revealed in the testimony prepared by Brian Prioletti, an assistant director in the Office of the National Counterintelligence Executive for a Senate hearing. The government has envisioned a Continuous Evaluation (CE) tool in the reformed clearance process which includes automated record checks of government databases, commercial databases and other information lawfully available. The pilot studies conducted to examine the feasibility of automated record checks, the utility of electronic information publicly available, and participation of social media sites in personnel security process have found that retrieving, analyzing, and processing the data is likely to be resource intensive.
Bloomberg reports that Aaron Alexis obtained a secret-level clearance from the U.S. Navy in March 2008 and retained it even with three arrests and a history of mental illness. A 2007 background report said that Alexis was arrested for “deflating the tires,” whereas in the 2004 incident for which he was arrested he had shot out the tires of a car in Seattle. The seriousness of his crime was not known to the Navy.
The report of his 2004 arrest was not sought from the Seattle police as the city authorities regularly refer investigators to the state database of court records, which lacks specific information regarding the arrest and thus investigators missed those details about Alexis.
The case of Snowden is more serious that he had top-level security clearance.
Periodic reinvestigations involving background investigation and adjudication are conducted to assess the continuing eligibility of an individual. But, they are conducted once in every five years for top-level clearance and every ten years for secret-level clearance. This time interval leaves the U.S government uninformed regarding any individual behavior that poses a potential security risk. So, to establish a robust security clearance process, an effective measure to assess continuing eligibility on a more frequent basis is essential. The CE (continuous evaluation) tool envisioned by the government is expected to help in timely sharing of information across various agencies. With the availability of timely information, increased monitoring or security review of the individual would be possible. Government employees/contractors holding security clearances need to be subjected to random background checks, as proposed by some US senators. However, more research would be required to identify the most effective method to utilize publicly available electronic information and protect the privacy and civil liberties of individuals being tracked at the same time.
Though constant monitoring of social networking sites is useful for security investigations, it challenges the privacy rights of individuals. So, there is a chance that social media sites may introduce new measures to deal with the surveillance such as Google secure search (redirecting all searches to secured version), which in turn is likely to impact prevailing social media marketing strategies. Facebook has already announced that it was adding the encryption method of “perfect forward secrecy” like Google so that no person can decrypt past messages and traffic even if access is gained to a secret key. As regards business websites, this may affect their social media optimization efforts as it would become difficult to analyze the traffic to their Facebook page and take measures according to it.