OMB

OMB’s New Security Memo Suggests WikiLeaks Is Media

A number of outlets are reporting on the OMB memo requiring agencies to review their security procedures in response to WikiLeaks.

Now, this memo is explicitly a response to WikiLeaks. It’s a follow-up on a memo sent in November that names WikiLeaks.

On November 28, 2010, departments and agencies that handle classified national security information were directed to establish assessment teams to review their implementation of safeguarding procedures. (Office of Management and Budget, Memorandum M-11-06, “WikiLeaks – Mishandling of Classified Information,” November 28, 2010.)

And one of the questions it directs agencies to ask names WikiLeaks (and, in a sign of the government’s nimbleness, OpenLeaks) specifically.

Do you capture evidence of pre-employment and/or post-employment activities or participation in on-line media data mining sites like WikiLeaks or Open Leaks?

But the delay–almost six months between Bradley Manning’s arrest and the November memo, and another month until this memo, sort of reminds me of the roughly eight month delay between the time Umar Farouk Abdulmutallab tried to set his underwear on fire and the the time a bunch of grannies started getting groped at TSA security checkpoints.

Why the delay?

And from a document usability standpoint, this list of questions designed to help agencies identify weaknesses is a piece of shit. Trust me. No matter how good a bureaucrat is, asking them to use nine pages of nested bullets to improve a process is not going to work. This is simply not a credible process improvement effort.

I also wonder why it took WikiLeaks to initiate this effort. Just as an example, Los Alamos National Labs has been losing both storage media, computers, and BlackBerries going back a decade. You’d think the vulnerability of one of our nuclear labs would alert the government to our overall vulnerability to the loss of data via computer medium. Yet losing data to–presumably–our enemies did not trigger this kind of no-nonsense vulnerability assessment, WikiLeaks did.

The Russians and the Chinese are probably bummed that WikiLeaks will make it a teeny bit harder for them to spy on us.

All that said, Steven Aftergood makes one curious observation about the memo: this unusable list of nested bullets suggests that agencies should monitor employees’ contacts with the media.

Among other troubling questions, agencies are asked:  “Are all employees required to report their contacts with the media?”  This question seems out of place since there is no existing government-wide security requirement to report “contacts with the media.”  Rather, this is a security policy that is unique to some intelligence agencies, and is not to be found in any other military or civilian agencies. Its presence here seems to reflect the new “evolutionary pressure” on the government to adopt the stricter security policies of intelligence.

“I am not aware of any such requirement” to report on media contacts, a senior government security official told Secrecy News.  But he noted that the DNI was designated as Security Executive Agent for personnel security matters in the 2008 executive order 13467.  As a result, “I suspect that an IC requirement crept in” to the OMB memo.

I agree with Aftergood: it is troubling that an intelligence community requirement now seems to be applied to the federal workforce as a whole.

But isn’t this, at the same time, rather telling?

If a memo instituting new security reviews, explicitly written in response to WikiLeaks, institutes a policy of reviewing contacts with the media, doesn’t that suggest they consider WikiLeaks to be media?

Truck-Sized Loophole for Theft

Howie’s right. The media ought to be paying more attention to Congressman Peter Welch’s call for an investigation into how a giant loophole got stuck into rules aiming to force companies to report contracting fraud.

House Democrats targeted a multibillion-dollar overseas contracting loophole Friday by vowing to investigate why — and how — it was slipped into plans to crack down on fraud in taxpayer-funded projects.

The inquiry will look at whether the exemption was added at the request of private firms, or their lobbyists, to escape having to report abuse in U.S. contracts performed abroad.

"Granting this safe harbor for overseas contractors flies in the face of reason," Rep. Peter Welch, D-Vt., wrote Friday asking the House Oversight and Government Reform Committee to investigate. The panel monitors government procurement policy.

"By taking this action, the Bush administration is sending an unambiguous message: If you are a U.S. government contractor in Iraq, Afghanistan or elsewhere overseas, you have a green light to defraud our government and waste taxpayer dollars," Welch wrote to Democratic leaders of the committee.

Basically, under voluntary reporting requirements, government contractors have been reporting less and less of the fraud that they’re committing. Go figure. So DOJ decided to make reporting of fraud mandatory. But someone–it looks like someone in Bush’s Office of Management and Budget (and Fraud Support, apparently)–snuck in a waiver of mandatory requirements for contractors working outside of the United States.

Continue reading

Emptywheel Twitterverse
emptywheel RT @timkaine: Read my @nytimes op-ed laying out why President Obama must get Congress’s authorization for the fight against ISIL http://t.c…
6hreplyretweetfavorite
emptywheel @p2wy You see how we could have a fun w/this? Don't think @repjustinamash would ever intro new tax but maybe some Dem would? @runtodaylight
6hreplyretweetfavorite
emptywheel @KevinBuist Aren't you assuming the video games we played when we were 12 were actually called that?
6hreplyretweetfavorite
emptywheel @samhusseini Imagine how quickly any NIE would leak this time! That said increasing #s know finally admit all our hammers not worth a damn
6hreplyretweetfavorite
emptywheel @michaelwhitney Was gonna ask how come your football team wasn't best in league w/that then remembered not to jinx Pats @jilliancyork
6hreplyretweetfavorite
emptywheel RT @carolrosenberg: There’s rigid military censorship now. US troops comb through free-press imagery, delete some that were routinely allow…
7hreplyretweetfavorite
emptywheel @chinahand Well, sure. But don't you think they'd miss Edinburgh as a kind of mecca of capitalism?
8hreplyretweetfavorite
emptywheel RT @BiometricsNerd: 93% of FBI NextGen Identification searches are automated, remaining require human-in-the-loop. Amy Hess FBI S&T Branch …
8hreplyretweetfavorite
JimWhiteGNV Having fantasies about that kayak the #Rays just gave Jeter being full of fire ants the first time he hops in...
8hreplyretweetfavorite
emptywheel @billmon1 Cruz just got to the Senate too late: remember when they were hunting AQ defense attys? @DanielLarison @Ali_Gharib
8hreplyretweetfavorite
emptywheel So after we impose 100% tax on Liz Cheney's inheritance and .1% net worth taxes on politico use of "homeland" THEN we can tax DOD contrators
9hreplyretweetfavorite
emptywheel Actually I think these are better taxes to pay for Get-Your-War-On: 1) Liz Cheney's inheritance. All of it 2) Pols using word "homeland"
9hreplyretweetfavorite
September 2014
S M T W T F S
« Aug    
 123456
78910111213
14151617181920
21222324252627
282930