Background InvestigationsCybersecurity

Cyber Vetting for Security Clearances

The Electronic Freedom Foundation (EFF) recently obtained information under the Freedom of Information Act regarding a June 2009 report of a study sponsored by the Office of the Director of National Intelligence (ODNI) on the use of Cyber Vetting for security clearance purposes. The study involved 349 test cases of intelligence agency applicants who consented to participating in the study and found “adverse information” on 28% of the cases. Adverse information was defined as:

Deliberate and overly descriptive posting of personal and/or work related information on public forums. This includes information about the subject’s specific work assignment, including listing descriptive information about colleagues and/or work site. Adverse classifications were also applied when references were found indicating illegal drug use or pictures appearing to show the subject engaged in illegal drug use.”

ODNI indicated that this was not a detailed study and that it would not be used to suggest modifications to existing investigative standards. “It is simply an initial approach to increase our knowledge and awareness of what types of information are posted in these sites so that educated decisions can be made regarding any future research. . . . If the results of the survey are suggestive and justify further work, the [ODNI] Special Security Center will commence design of a formal research project which will include thorough legal vetting.”

The study recommended the use of internet research, including media, blog, social networking, and professional networking sites as an adjunct to standard security clearance investigations.

Shortly after the statement of work for this study was issue in June 2008, ODNI decided more comprehensive studies were needed. In late summer 2008 ODNI issued RFPs for 2 additional studies with a total price of about $800,000.  EFF is pursuing other documents related to the governments use of the internet for investigative purposes and may possibly obtain a copy of the two later studies.

ODNI has stated that:

From the perspective of personnel security, cyber-behavior represents an emerging area of behavior that should be considered as an important part of the adjudication process for granting security clearances for personnel working in national security positions. To address these challenges, adjudication policies must be modernized to incorporate a better understanding of the type and frequency of personnel IT activities. This necessitates identifying which specific cyber-behaviors are normative, acceptable, or favorable as well as identifying those that may be associated with risky or problematic cyber behavior within the workplace.

Comment Archive

  1. Avatar

    Never thought I’d see the day, but I’m actually in agreement with ODNI here. If you can’t show a modicum of discretion on the Internet, you shouldn’t have a clearance.

  2. Avatar

    Seems a little over reaching to me. Next, I will be standing at watercoolers and in hallways across America and listening to conversations for acceptable speech and conversation patterns. With all this, the Dept of Defense has just opened free access for Facebook usage? Let’s make it easy and hire the guy from the TV show “Lie to me” and save all the trouble of searching 🙂

  3. Avatar

    A bit reactive and not very pro-active. A better approach would be to provide training on the smart uses of Social Media. With today’s youth texting and tweeting their every move, it will be as difficult to find a Millinia who is social media security conscious as it is to find a Baby Boomer who hasn’t smoked pot at least once.

  4. Avatar

    Think Big Picture,

    Very astute observation–love the analogy (So true).

  5. Avatar

    I’m a bit concerned about the transparency of any adjudication process that uses this type of “Internet behavioral analysis” to vet people. Sure, Facebook photos of you passed out and drooling vodka can indicate a propensity toward irresponsible behavior. But what about a history that shows visits to gambling sites? Russian MP3 download sites? Movie torrents? Porn sites? Pro-gay-marriage sites? Glenn Beck or Rachel Maddow? Other Net locations that endorse some type of controversial opinion, regardless of content? Suppose you belong to a church or political party that the clearance investigator doesn’t like?

    I recall a small news item right after Obama got elected; it said that all potential staffers would have to provide their logins and passwords to ALL social media sites used by them, presumably so they could be checked out beforehand to prevent any embarrassing revelations later on. I never heard anything more about it and have no idea whether it was followed through, but it seemed to me like both an outrageous imposition and a prudent precaution.

    I suppose a genuine clearance investigator could shed more light on it, but to those of us who use clearances instead of granting them, the whole process seems a bit spooky and opaque. I’d want to know exactly who would see what in my Net history, and what kind of criteria they’d use to make which kind of judgments. And I’d also want to know what kind of aptitude and training and oversight the investigator has, just to make sure that some Bible-banging prig isn’t making decisions about my fitness to handle classified information based on his own prejudices.

    The Bradley Manning / Wikileaks case is a glaring example of the kind of caution we need to use when handling digitized information, simply because the technology is so cheap and so advanced that one bad apple can do a tremendous amount of damage with nothing more than a $5 thumb drive. At the same time, I’m not sure how much intrusion into my personal life I’m willing to tolerate in order to make some total stranger feel good about me. I guess we’ll just have to strike an uneasy balance as we go along.

  6. Avatar

    Think Big Picture,

    Social Media awareness is provided in the DoD. I believe that we are getting the message out to all the younger troops about the dangers and responsible use of Social Media. When you say it would be difficult to find a person who is social media security conscious, I would have to disagree with you.

  7. Avatar


    Why are you so worried about investigator bias? Our job is not to editorialize your background but to report what we find.

    Honestly, if you have nothing to hide, in your real life or your cyber activities, then you have nothing to worry about.

    Of course, to me, it sounds like you have something to worry about.

  8. Avatar

    OPSEC Guru

    I believe the troops hear the message, but I would bet not many heed the warning. I would venture to say, I can easily find info on OPS….troop movements….etc on facebook alone. As a 20 year vet, I have always been well trained on these things, yet I simply had to sit by a DSN Phone and listen and hear this type of info. I think short of revealing secrets or visiting sites dedicated to actions against this country or its’ citizens, the govt really has no need to pry into the lives of its’ citizens in this manner as a matter of access.

  9. Avatar


    I understand your point of view. Be assured, the Investigators will not be the one’s doing this. I have no idea how this process would take place. I would only assume that it would be included in the release you sign. I would not even submit myself to this as I see no real reason or benefit. If this happens I predict a firestorm brewing with both applicants and orgs like the ACLU.

  10. Avatar

    Fed Investigator,

    No disrespect, but the judgmental worries John had were displayed in your response to him. He has legitimate concerns. I have nothing to hide, but I will not submit to these type of intrusions in my own life. If we keeping heading down these slippery slopes, we will be no different than many countries, we, at one time thought were oppressive. If this goes forward you can bet we will keep adding things to this process and, before you know it, no privacy will exist at all.

  11. Avatar


    Is a Security Clearance a right or a privilege?

  12. Avatar

    Fed Inv

    Really? I don’t think just a clearance is the issue here–it’s holding onto some privacy in our lives. Now, if you left your job and went to a private company not dealing in the cleared world and they asked for your profile info, would you comply, or would you gladly give it up? If your answer is: I have nothing to hide than I feel you are missing the point here.

  13. Avatar

    Fed Inv

    Really? I don’t think just a clearance is the issue here–it’s holding onto some privacy in our lives. Now, if you left your job and went to a private company not dealing in the cleared world and they asked for your profile info, would you comply, or would you gladly give it up? If your answer is: I have nothing to hide than I feel you are missing the point here.

  14. Avatar


    You mention the Wikileaks incident. I blame this more on the lack of security in that environment than anything else. If you haven’t noticed, everyone is too quick to blame the clearance process. A simple check entering and exiting the facility could have prevented this. Most times, getting a clearance is easy–and keeping the bad guys from stealing the info on a thumb drive is fairly easy when procedures are applied.

  15. Avatar

    I’m hoping someone might be able to answer a question and at the same time provide an opinion. I have a tentative job offer with a contracting firm performing background investigation checks. It is a full-time position but the starting salary is somewhat low however; they will sponsor an SSBI for the position. I currently have a secret clearance. I asked if I would be upgraded to a TS and they stated no because it would not be sponsored by DOD but it would be sponsored by OPM. My question is, with my current clearance I make a good deal of money OCONUS however, I think it would be in my best interests to upgrade to an SSBI and work back home and in case the job doesn’t work out I would have something more substantial to fall back-on.

    In anyone’s opinion is this a “sane” thought process – taking a job for considerably less money but getting something back in return (other than money)? My current clearance expires in 2013, unless I get a PR done, but with contracts unstable, I’m thinking I would be more marketable with a Secret/SSBI. Does this sound logical? Thanks

  16. Avatar

    A good FSO worth his/her weight will regularly discuss best practices for online security with their cleared staff.

  17. Avatar

    Info request,

    While true your clearance will not be adjudicated to TS in a DoD environment, it can be easily ordered by an agency and sent in for adjudication as the SSBI will have been done. This is done with a simple RRU sent in by whatever FSO if you decide to move from the background company. I to am a contractor and if you work hard and do good work, the money will come. Our jobs are pretty recession proof for the most part. Of course it’s your decision, but to me, you make good sense. I think the OCUNUS business will begin to drawdown soon in some fields and that will only increase your competition to secure a good contract–just my .02

  18. Avatar


    I don’t feel any different about giving up my right to my social activity on the internet than to giving up my right to my credit report, criminal history, employment history, security files, rental records, coworkers, teachers, friends…

  19. Avatar

    Fed Inv,

    You make valid points, but what I’m saying, is, we are slowly giving up all privacy. Check recent decision by the courts: Border agents now have the right to search your laptops whether or not you did anything wrong. I just don’t like the path we are heading–the 4th Amendment is slowly being dismantled. I am a strict Constitutionalist and truth be told, I am a little worried. I’m not a conspiracy theorist, but when govt gets too big this is what happens.

  20. Avatar


    I understand where you’re coming from but I’m not sure I agree. I guess we’ll have to agree to disagree, which is what makes the good old USofA a great place to live.

  21. Avatar

    I am kind of in a dilemma. I currently have a security clearance and happily employed. However, I like to work for NSA and I am thinking of applying for it.

    However, I read somewhere in this blog that if you fail the polygragh test you will lose your current clearance as well(I am not comfortable with tests). Is this true? Should I even apply to NSA, since if I don’t pass the polygraph I might even lose my current job as well.

    Please help

  22. Avatar

    Fed Inv

    Yes sir or ma’am–great place to be.

  23. Avatar

    I have had a clearance for 8 years or so and work in the clearance business. I agree with Fed Inv – I don’t consider the things I post on the Internet to be any more private than the things I tell my friends. I think this discussion missed the distinction between what I choose to post – or allow my friends to post – on public websites and my browsing activity. This story didn’t say anything about ODNI spying on the subject of the investigation and seeing if they download mp3s or look at questionable sites.

    The search was for what is posted on the web regarding these people. I look forward to having this information available to investigators and adjudicators to ensure positions of National Security are held only by people with reasonable judgment and discretion. I think OPM should look into it for Public Trust positions as well.

  24. Avatar


    I couldn’t reply on the State and Local law blog…
    But I haven’t heard anything yet besides that a RRU was put in on around June 4th and now it’s been over three months…I talked to a lawyer, he said he’s going to try push the issue and see what the problem is…I’m getting impatient and tired of just sitting on the sidelines….

  25. Avatar


    I am not really sure how to use this service. However, I had read about the new SF86 that seems to be on the way to issuance. Does anyone know when that will start to be used? It looks like it was talked about in a post on this blog in 2009, but has still not made it into use.

    thank you.


  26. Avatar

    A new SF86 was approved by OMB in March 2010. OPM, the proponent agency, plans to begin implementation in December. The current version of the SF86 was approved in July 2008 and gradually implemented from about September 2008 to January 2009. I believe the delay from approval to implementation is because of the time it takes to create an electronic version of the SF86. The differences between the September 1995 version and the July 2008 version were minor compared to the differences between the July 2008 version and the March 2010 version. That may explain why it’s taking longer this time.