• Bookstore
  • Profile
  • Cart
  • Search

The Insider Threat Program: Determined to Avoid Accountability

Tom Devine Posted by Tom Devine.

Tom Devine is legal director of the Government Accountability Project, where he has worked to assist thousands of whistleblowers to come forward and has been involved in the all of the campaigns to pass or defend major whistleblower laws over the last two decades.

Foreword In the aftermath of classified disclosures to Wikileaks, the Obama administration created an Insider Threat Program tasked with identifying the “malicious insiders.


In the aftermath of classified disclosures to Wikileaks, the Obama administration created an Insider Threat Program tasked with identifying the “malicious insiders.” In practice, however, we have found that the Insider Threat Program is really a threat to insiders who commit the truth – whistleblowers.

According to the Office of the Director of National Intelligence, “An insider threat arises when a person with authorized access to U.S. Government resources… uses that access to harm the security of the United States. Malicious insiders can inflict incalculable damage. They enable the enemy to plant boots behind our lines and can compromise our nation's most important endeavors.”

The initial creation of the Insider Threat Program included an explicit exemption for whistleblowers covered under the Whistleblower Protection Act (WPA) and Intelligence Community WPA. However, in the years since the program’s inception, government agencies and congressional officials have used insider threats and whistleblowers as interchangeable identities, causing an irreversible chilling effect amongst public servants who are considering reporting waste, fraud, abuse and other misconduct. Further, the whistleblower exception has vanished from official training materials and guidance on how agencies should implement the Insider Threat program.

The following blog series by Matt Fuller will examine: Executive Order 13587, which established the Insider Threat Program; associated training materials and their implications; outside contracts, including Insider Threat Defense; congressional oversight of the program; a new DOD Analytic Center created to prevent insider threats; and other relevant issues.

Stay tuned,

Tom Devine
GAP Legal Director

The Insider Threat Program: Determined to Avoid Accountability

In the wake of Edward Snowden’s disclosures to the press about the NSA’s warrantless wiretapping program, the Intelligence Community (IC) and the Insider Threat Program faced significantly more scrutiny. In April of 2014, Senator Chuck Grassley (R-IA) held an oversight hearing on the program and the Government Accountability Office (GAO) conducted an audit to examine implementation of the program across the intelligence community agencies. The government remains undeterred, however, as demonstrated by a recent proposed rule on the Insider Threat Program that is silent on whistleblower protections.

While the majority of the GAO’s report is classified, in June 2015 an unclassified version was released to the public. Akin to the training materials discussed in the previous article, the report only pays lip service to whistleblower protections through a reference in the appendices. Instead it focuses on the effectiveness and degree of coverage in the collection of employee data: “…to detect anomalies in network activity, an organization must first create a baseline of normal network activity,” and “…three of the six DOD components we reviewed told us that they are hoping to obtain or improve analytic tools that allow the component to identify anomalous behavior that could indicate insider-threat activities.” The focus on surveillance creates a greater chilling effect for potential whistleblowers, as it demonstrates that their protection is an afterthought, and that their activities are already being monitored or will be in the near future.

This callous disregard for the rights of whistleblowers is further demonstrated by the FBIs attempts to evade oversight during the April 2014 hearing. The hearing faced strong resistance from the FBI in the form of refusing to provide training materials as well as hand waving away a question about how the insider Threat Program would ensure that whistleblowers are not targeted, accidentally or otherwise.

In a speech on the anniversary of the Whistleblower Protection Act in the Senate Committee on the Judiciary, Senator Grassley further detailed the FBI’s disregard for whistleblower protections during a staff briefing

Staff for both Chairman Leahy and I attended, and the FBI brought the head of their Insider Threat Program. Yet the FBI didn’t bring the Insider Threat training materials as we had requested. However, the head of the Insider Threat Program told the staff that there was no need to worry about whistleblower communications. He said whistleblowers had to register in order to be protected, and the Insider Threat Program would know to just avoid those people.  

This notion that whistleblowers be required to self-report flies in the face of all best practices regarding whistleblower protection and opens the door for retaliation, giving those who would retaliate a list of employees to, at best monitor, or at worst criminalize. To the extent that the rule of law is relevant, it also is flat wrong. There is nothing in any of America’s 58 whistleblower laws that states, infers or even hints whistleblowers must “register” themselves to secure anti-retaliation rights. The law recognizes that confidentiality often is the best, and sometimes only, protection against retaliation. That is why section 7 of the Inspector General Act forbids the exposure of a confidential whistleblower’s identity unless it is “unavoidable,” and why similar provisions are in all other whistleblower laws.

 When Sen. Grassley attempted to question the FBI further on the issue he stated, “…about ten minutes into the briefing, the FBI abruptly walked out. FBI officials simply refused to discuss any whistleblower implications in its Insider Threat Program and left the room. These are clearly not the actions of an agency that is genuinely open to whistleblowers or whistleblower protection.”

The Insider Threat Program is single-mindedly pursuing a course that seeks to deter, detect and punish whistleblowing, even within designated channels. This strategy ignores the numbers of workers who are not attempting to sell state secrets, but are instead seeking to draw attention to corruption or wrongdoing within the agency. Constant employee surveillance will only create an atmosphere of fear and suspicion and prevent speaking up, or even speaking to a coworker or to Congressional Intelligence Committees.

In the previous articles in the series, I have pointed to a bill currently in the Senate Committee on Homeland Security and Governmental Affairs that seeks to establish an Insider Threat Program for the Department of Homeland Security (DHS). In a victory for whistleblower rights, an amendment has been passed that incorporates the protections for whistleblowers as outlined in the Intelligence Community Whistleblower Protection Act of 1998. At the same time, the DHS has sought to expand its system of records for the Insider Threat Program through a proposed rule. Consistent with government trainings, the proposal makes no mention of the whistleblower protections that are required by Executive Order to be part of the program. GAP and the Project On Government Oversight have submitted public comments advocating that DHS fulfills its legal requirement to protect whistleblowers, rather than targeting them.

Matt Fuller