Shows & Panels
Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- American Readiness: Renewable Power and Efficiency Technologies
- Ask the CIO
- Building the Hybrid Cloud
- Connected Government: How to Build and Procure Network Services for the Future
- Continuing Diagnostics and Mitigation: Discussion of Progress and Next Steps
- Federal Executive Forum
- Federal News Radio's National Cyber Security Awareness Month Special Panel Discussion
- Federal Tech Talk
- The Future of Government Data Centers
- The Future of IT: How CIOs Can Enable the Service-Oriented Enterprise
- Government Perspectives on Mobility and the Cloud
- The Intersection: Where Technology Meets Transformation
- Maximizing ROI Through Data Center Consolidation
- Mitigating Insider Threats in Virtual & Cloud Environments
- Modern Mission Critical Series
- The New Generation of Database
- Reimagining the Next Generation of Government
- Targeting Advanced Threats: Proven Methods from Detection through Remediation
- Transformative Technology: Desktop Virtualization in Government
- The Truth About IT Opex and Software Defined Networking
- Air Traffic Management Transformation Report
- Cloud First Report
- General Dynamics IT Enterprise Center
- Gov Cloud Minute
- Government in Technology Series
- Homeland Security Cybersecurity Market Report
- National Cybersecurity Awareness Month
- Technology Insights
- The Cyber Security Report
- The Next Generation Cyber Security Experts
Shows & Panels
DHS defends social media monitoring program
Friday - 2/17/2012, 5:12am EST
Congress is looking into the Department of Homeland Security's emerging programs to keep tabs on the Twittersphere and other forms of social media. Online privacy advocates say the activity falls outside Homeland Security's legal authorities. DHS officials beg to differ, and say they're about to institute additional new privacy safeguards.
Most of the information about DHS' formerly-obscure social media monitoring program came into public view within the past month as the result of a Freedom of Information Act request by the Electronic Privacy Information Center (EPIC), which wanted more details about a program it saw as a potential violation of First Amendment rights.
DHS ignored the request and denied an administrative appeal, EPIC officials said, so EPIC sued the department in federal court.
In response to the suit, DHS turned over hundreds of pages of contract language for its agreement with General Dynamics, which runs the social media program for DHS. The privacy group believes the contract shows an intention on the part of Homeland Security to monitor online activity for dissent and criticism of the government and to chill free speech by members of the press.
Lawsuit exposes DHS plan
EPIC's claims and documents its lawsuit eventually dredged up got the attention of Congress. The House Homeland Security subcommittee on counterterrorism Thursday examined whether the monitoring program fell within the law.
The answer from DHS was an unqualified yes.
"It's consistent with DHS policy, it's consistent with the Privacy Act and it's consistent with the First Amendment," said Mary Ellen Callahan, Homeland Security's chief privacy officer.
Mary Ellen Callahan, chief privacy officer, Department of Homeland Security (DHS photo)
DHS officials say the social media monitoring is an expansion of a program they already were conducting to monitor traditional news media, and that it clearly falls within its statutory mission under the Homeland Security Act to maintain situational awareness about what's happening in the country with respect to homeland security.
Callahan said one big reason the program is legal is that it doesn't target individuals, and with some exceptions, it doesn't collect personally identifiable information.
For example, Callahan said, DHS might use keyword searches to scan Twitter and Facebook to obtain more details about breaking news events it needs to stay up to speed on, or even to find people complaining about the length of TSA security lines. But not because it particularly cares who's complaining.
"The purpose is for our own operational purposes," she said. "It's for our own operational standards. We don't care who's standing in line, but if indeed there is a long line at TSA, we don't care who's in the long line. If someone tweets and says there's a long line, we want to convey that to TSA. It's part of the operation awareness that the National Operations Center does."
That center uses some of the information it gleans from social media to compile daily reports that it provides to other law enforcement agencies down to the local level, but again, officials say, only for situational awareness purposes, without naming individuals.
Lawmakers express doubt
But members of Congress weren't entirely persuaded by that argument. They're concerned, among other things, that government monitoring of ordinary citizens' online activities could chill free speech, regardless of how passive that monitoring is, and regardless of the purpose.
"I fully understand that if an individual willingly and publicly uses Facebook, Twitter or the comments section of a newspaper website, they, in effect, forfeit their right to any expectation of privacy," said Rep. Patrick Meehan (R-Pa.), the subcommittee's chairman. "However, other private individuals reading public Facebook status updates or Twitter feeds is different than the Department of Homeland Security reading them, analyzing them and possibly disseminating them for other purposes."
While Callahan said DHS forbids its operations center from collecting personally identifiable information, let alone disseminating it, there are some exceptions to that rule: seven of them, to be exact. They include, among others, individuals in potential life or death situations, senior public officials or spokespeople making public statements, and members of the news media.
Rep. Patrick Meehan (R-Pa.) (AP photo)
Callahan said DHS only would record the names or social media account identities of members of reporters or news anchors when doing so would enhance the credibility or relevance of a particular social media posting.
Rep. Jackie Speier (D-Calif.) was troubled nonetheless. She said the practice appeared to violate the Privacy Act.
"It's irrelevant. You don't need it. You should suspend that part of the contract," she said.
DHS' apparent onetime plans to use social media monitoring to gauge public reaction to government policy proposals is another source of friction. Callahan said her office determined that part of the plan fell outside the scope of what DHS had authorized its National Operations Center to do, and it was never implemented. She said the proposal was caught and stopped by one of several privacy safeguards DHS has in place.
"We have been doing required privacy compliance reviews that we then publish on the website. We do those reviews every six months," she said. "We are finalizing a management directive that ensures that everyone complies with privacy protections across the board, and in there we're requiting audits every three months as well as specific investigations by my office. We take this issue very seriously."
Callahan acknowledged only one misstep by DHS during the hearing: ignoring the original Freedom of Information Act request by EPIC and forcing the group to go to court.
"That was unacceptable," she said. "It did not meet my standards in terms of the timeliness of the response. I have taken action to find out why it was delayed."
EPIC submitted its own statement at the committee's invitation. In it, they made three recommendations to Congress:
- Order DHS not to monitor social media just for the purpose of finding negative comments about the agency or the federal government;
- Order DHS to stop the monitoring program entirely until more safeguards are put in place;
- Require that other agencies with similar monitoring programs report them in detail to Congress.
"I, for one, wholeheartedly agree with their recommendations," Speier said. "I'm deeply troubled by this."