“Nobody’s reading anybody’s e-mail here,” said Rob Carey, the Defense Department’s principal deputy chief information officer. “The FDA case would not happen here. We have rules in place. There has to be probable cause. It appears that there was monitoring going on that shouldn’t have been.”
‘See their true habits’
More from PostPolitics
THE FIX | Mitt Romney says he paid 13 percent in taxes for the past 10 years. But is the case closed?
VP pick Paul Ryan mentioned Medicare for the first time on the stump on Wednesday.
THE FIX | Joe Biden’s Virginia trip has, in many ways, just affirmed — or reaffirmed — what we already know about him.
Federal workers see a banner whenever they log into their computers telling them that they have “no reasonable expectation” of privacy. Their personal e-mail accounts can be monitored when they are accessed through a government computer. So can their government smartphones, iPads or other devices when they rely on federal networks.
Experts say that even personal devices are monitored when they are used to access government communications, although there is debate over whether personal e-mails can legally be caught in the net.
“The general policy right now is if a personal device accesses any agency information, it adopts the profile of a government-issued device,” said Tom Clare, senior director of product marketing for San Diego-based Websense, which sells web-filtering software to dozens of federal agencies, including the Department of Health and Human Services. “They’re going to monitor everything.”
Agencies are not required to inform employees when their communications are being closely watched.
“We have customers that don’t want to let their employees know because they want to see their true habits,” said Nick Catalini, SpectorSoft’s senior marketing manager. He declined to disclose the company’s government customers.
“Think of it as someone stood behind you and put a video camera behind you while you’re working,” Catalini said. “It comes back down to: What does the agency want to record?”
Under federal rules, it is up to each agency to set policies on what can be monitored. But that flexibility has a downside, industry officials and privacy advocates say. Monitoring software can overcollect, and officials have discretion as to what they review and why.
“There’s always the ability for a human being to come in after the fact and look through communications,” said Seth David Schoen of the Electronic Frontier Foundation, a digital advocacy group. “And there will be a trove of communications there for them to look through retrospectively.”
Officials said they are simply employing automated techniques to detect suspicious activity and are not trying to snoop.
“We are looking for what we call indicators of compromise,” said Joy Miller, deputy assistant secretary for security at the Department of Health and Human Services, the FDA’s parent agency. “We’re monitoring a system, not everybody in that environment.”
Miller declined to comment on the FDA surveillance because it is the subject of a lawsuit.
But Stephen M. Kohn, an attorney for the scientists, said that even innocuous intentions can compromise the privacy of employees who are whistleblowers.
“How do you distinguish between a constitutionally protected contact with the press and an illegal leak?” Kohn asked. “You can’t. What you have right now is the ability to find every single Deep Throat in the government.”
‘Serious infringement’
Privacy advocates and lawmakers are taking a closer look at how federal agencies use monitoring software and why.
In June, after the TSA issued a solicitation for an “insider-threat software package,” two House Democrats appealed to Administrator John Pistole to scrap the idea, saying whistleblowers would be targeted.
The solicitation specified that employees “must not have the ability to detect this technology” and “must not have the ability to kill the process or service.”
“It is difficult to see how this serious infringement of constitutionally protected rights would provide a concomitant increase in the nation’s security,” wrote Reps. Sheila Jackson Lee (D-Tex.) and Bennie Thompson (D-Miss.), members of a panel that oversees the aviation security agency.
A TSA official said the software would not be used to target whistleblowers. “It’s about protecting the sensitive nature of the transportation security mission,” spokesman David Castelveter said.
The Maritime Commission, an independent agency that regulates international ocean transportation for U.S. exporters and importers, is under investigation by a House committee over alleged spying on the personal e-mail communications of several employees with grievances against managers.
According to Rep. Darrell Issa (R-Calif.), chairman of the House Committee on Oversight and Government Reform, the commission used SpectorSoft software.
The agency declined to comment.
Julie Tate contributed to this report.
The Post Most: PoliticsMost-viewed stories, videos and galleries int he past two hours
Campaign 2012 tools
*Poll results from Post-ABC polls among registered voters unless otherwise noted. Complete results available in the Post poll archive.
Loading...
Comments