“Every activity, in complete detail,” SpectorSoft’s Web site says about its best-selling product, Spector 360. The Florida-based company says it does not disclose information about its clients. Federal contracting data, however, show that SpectorSoft has multiple government contracts for its monitoring software.
Government workers have long known their bosses can look over their shoulder to monitor their computer activity. But now, prompted by the WikiLeaks scandal and concerns over unauthorized disclosures, the government is secretly capturing a far richer, more granular picture of their communications, in real time.
Federal workers’ personal computers are also increasingly seen as fair game, experts said.
Agencies outside the field of intelligence spent $5.6 billion in fiscal 2011 to safeguard their classified information with hardware, software, personnel and other methods, up from $4.7 billion in fiscal 2010, according to the Information Security Oversight Office. Although only a portion of the money — the amount is not specified — was spent on monitoring for insider threats, industry experts say virtually every arm of the government conducts some form of sophisticated electronic monitoring.
“It used to be, to get all of an agency’s records out you needed a truck,” said Jason Radgowsky, director of information security and privacy for District-based Tantus Technologies, which evaluates monitoring systems for the Federal Aviation Administration, the Export-Import Bank and the National Institutes of Health. “Now you can put everything on a little USB thumb drive.”
The stepped-up monitoring is raising red flags for privacy advocates, who have cited the potential for abuse. Among other concerns, they say they are alarmed that the government has monitored federal workers — including the FDA scientists, starting in 2010 — when they use Gmail, Yahoo or other personal e-mail accounts on government computers.
Although the FDA has said it acted out of concern that the scientists were improperly sharing trade secrets, the scientists have argued in a lawsuit that they were targeted because they were blowing the whistle on what they thought had been an unethical review process.
At least two other agencies, the Transportation Security Administration and the Federal Maritime Commission, are under congressional scrutiny for seeking and using employee monitoring software that critics say is intrusive.