Slashdot Mirror
9th Circuit Says Feds' Security Checks At JPL Go Too Far
coondoggie writes with an excerpt from Network World which explains that the Ninth Circuit Court of Appeals "this week ruled against the federal government and in favor of employees at NASA's Jet Propulsion Laboratory in their case which centers around background investigations known as Homeland Security Presidential Directive #12 (Nelson et al. vs NASA). The finding reaffirms the JPL employees claims' that
the checks threaten their constitutional rights. The stink stems from HSPD #12 which is in part aimed at gathering information to develop a common identification standard that ensures that people are who they say they are, so government facilities and sensitive information stored in networks remains protected."
At issue in particular: an employee's not agreeing to "an open ended background investigation, conducted by unknown investigators, in order to receive an identification badge that was compliant with HSPD#12" was grounds for dismissal.
This was settled a long time ago. It's government business on government property. You have the right to go work somewhere else.
I'd go on a Vegan diet but the delivery time from Vega is too long. --brownkitty
Whistle-blowers get protection from retaliation, but you know anyone who complained about this policy probably doesn't have friends in high places. Anyone who complains can expect their career to stagnate or progress slower than it would have if they had said nothing.
Such is the way with large employers.
Homeland Security Presidential Directive #12:
You do not talk about Homeland Security Presidential Directives.
...or something like that.
My other car is a 1984 Nark Avenger.
I understand many components of rocket engines are manufactures by private companies. Are they subject to these security standards?
Yeah. Would you choose a neurosurgeon who pokes around people's brains in his spare time? I wouldn't.
From TFA, these in-depth background investigations were being conducted for personnel in non-sensitive jobs. I'd understand the checks for jobs which require clearance, but in this case they are wasting resources background checking everyone who works there, for the sake of uniformity. It's a bit over the top.
$_ = "wftedskaebjgdpjgidbsmnjgcdwatb"; tr/a-z/oh, turtleneck Phrase Jar!/; print
The plaintiffs are scientists, engineers and administrative workers at JPL, which is operated jointly by the California Institute of Technology and the National Aeronautics and Space Administration. Like the vast majority of JPL employees, they do not have or need security clearances, and have been identified by the government as holding âoenon-sensitiveâ positions.
I had to read further and deeper through the links to find this comment. So these people not needing security clearance were subjected to the expansive and open ended review permitted by the HSPD #12.
There was a briefing where I work about the plan. If you failed the background check, you had no way of learning the reasons. Though you could technically appeal, what would have been the good of that had you not known why. What if it had been simply that you donated money to a certain person, or that your spouse was from a certain country, or a mistaken identity? The other problem was that it took so long to do the checks. Since the program had not started they had no idea, but it was thought that the new process would likely add 6 months to the already tedious process in place. To give you an idea I have had two background checks here. Once it took 4 months the other time 2 since I had already passed an earlier one. Soon we learned about the likely challenge from NASA employees and we waited it out. It has taken years to get this far and thankfully it looks like this overstepping is going to end. The other thing is that the dept I work for and the job I do has me doing absolutely nothing secret or anything of the sort that might need this level of background check. Every employee was going to need it.
The final point I want to add is that during the briefing it became clear that not only was this a terrible new big brother style of infringement but that there were companies that were going to make a fortune doing this. As an example we were going to have to get a new set of IDs and all the doors and computers would have readers in order to use them.
That means that it's not really about the people being harassed and forced to undergo invasive searches (See 4th Amendment) finding another job. No. It's about their job being just fine, and the Federal government having to be reasonable with its searches and seizures. (Again, 4th Am.)
That's how it is in our country. If you don't like it, watch the door doesn't hit you in the ass on your way out, and remember to wipe your feet on the "good riddance to those who don't respect civil liberties" doormat.
E
As I recall, the 9th Circuit has more of its decisions overturned than any other court.
"The average reporter we talk to is 27 years old......They literally know nothing." - Ben Rhodes
At one of hte protests I went to, one guy stood up to speak and basically said he was glad he had a top secret clearance because it meant he didn't have to have his privacy invaded like this. That's saying something.
Disclaimer: I was an intern at JPL two summers ago when this was starting to be a problem.
93rd rule of Slashdot: No matter how obvious my sarcasm is, my comment will be taken seriously by someone.
I work at NASA, and am actually tangentially involved in this.
Needless to say, I should not comment any more than if you want to have a good background to discuss this, look at NIST Special Publication 800-63 and FIPS 201 then decide if NASA did what they say. If so, bitch at NIST, not NASA.
The report in the linked article from networkworld is not accurate. Quote from the article "The stink stems from HSPD #12 which is in part aimed at gathering information to develop a common identification standard that ensures that people are who they say they are, so government facilities and sensitive information stored in networks remains protected."
/. but no wonder that the government always screws up!!
A close friend is one of the Caltech (technically, he is a contractor at JPL) employees who sued the Federal government. Caltech manages the JPL labs for the federal government. After 9/11, the Bush administration passed this directive to subject federal employees and contractors, working on sensitive and non-sensitive matters to the same invasive background checks. These background checks do not have a set standard or criteria for evaluation, are not disclosed and can affect your employment (read termination). This means that if someone who knows you, when interviewed, says he/she thinks you did pot, that's it, you can be terminated.
To subject federal employees and contractors who are working on confidential/sensitive projects is one thing although still not fair but it is completely unfair to subject employees or contractors working on non-sensitive projects to such arbitrary background checks.
As they say, devil lies in the details. The presidential directive itself does not require background checks. What is requires is that all employees and contracts, irrespective of the nature of work, have to be issued a standard identification card for entering federal facilities. Sounds fair, right? The rub is that to be issued this card, you must pass the background check. So by mandating a standard identification card, the government has mandated all employees and contractors be subjected to background checks. And this is what this group of 30 or so JPL/Caltech scientists are protesting.
On top of all this, these background checks are labour intensive because they require federal agents to interview people who know you and collect personal information about you. Another friend who worked for PG&E waited 3 months to enter the facility he was supposed to work at because the feds could not finish his background check soon enough. Imagine if thousands of other employees or contractors are subjected to this new directive? The quality of these checks is directly proportional to the number of federal agents who do this work and we all know that the number of experienced federal agents is not going to quadruple overnight. So the end result is going to be dilution in the quality of these checks which then defeats the intent and purpose of these checks.
Phew!! My longest post on
http://www.latimes.com/news/printedition/opinion/la-oe-rutten6-2009jun06,0,7067783.column
http://www.latimes.com/news/printedition/opinion/la-oe-rutten6-2009jun06,0,7067783.column
... sodomy ... incest ... abusive language ... unlawful assembly." It also said homosexuality could be a security issue under some circumstances."
"As The Times noted in January of last year, the government demanded that the scientists fill out questionnaires on their personal lives and waive the privacy of their financial, medical and psychiatric records. The government also wanted permission to gather information about them by interviewing third parties. At one point, JPL's internal website posted an "issue characterization chart" -- since taken down -- that indicated the snoops would be looking for a "pattern of irresponsibility as reflected in credit history
Sorry, but if you work for ANYTHING that even remotely reaches a sensitive/classified nature, which JPL obviously does, you need it to get on the property, much less clock in, much less pick up your spouse (which I do, quite happily, every workday.) If you don't like it, I'm sure CalTech is hiring (oh wait, they're bankrupt. Again.)
Is this the same 9th circuit that said the government can pass a resolution condemning a specific religious group by name and insult its members, without violating the 1st amendment? I think it is.
You are happily working at your established job and some presidential directive comes down that establishes that you need a background check to get your smart card needed to access the network and do your job. Current employees are now offered the "choice" of submitting to a background check or lose their jobs.
As I pointed out when this was posted on the NASAwatch website, the actual presidential directive, HSPD-12, is a directive that says government identification cards (including NASA IDs) should have pictures and be difficult to forge. Nothing more. The presidential directive does not say anything about requiring an invasive background check including checking medical, financial, and other personal background information along with a blank authorization to check any records at all. Nothing.
The whole thing about background checks was a stealth policy change that was slid into the new ID regulations by the OPM. It has nothing to do with HSPD-12, and most particularly it was not authorized by presidential directive.
http://www.geoffreylandis.com
OK, mod me offtopic if you'd like, but how is this a YRO story? The JPL campus is not an online affair. Privacy, yes, security, certainly, but it has nothing to do with online (other'n the fact that someone let it into Slashdot!) I mean, you don't see NASA letting us Internet denizens do anything about their program, aside from letting us vote for the name of an ISS module (and then turning our choice down), do you?
I know an IT worker who had to fill out a questionnaire for a law-enforcement agency ("cops" basically). One of the questions asked if they'd ever had sex with animals. I swear it's true. Personnel administrators sometimes go too far.
Table-ized A.I.
Good. Now can we return back to having site-specific badges that are appropriate for the level of work being done at different federal facilities? Or we can use this new common ID that creates a single point of failure in the creation of badges, makes it easier to wander unescorted in facilities that you don't have access to, and adds significant cost and delay in getting people badged. Either way.
15+ years ago I had a Top Secret/SSBI clearance. As part of the background investigation, I was required to give references that had known me for at least 15 years. Since my first security interview I had always told the truth: "yeah, I tried pot a few times in high school, but I never bought it or sold it and I never used it after that." I also told them that all of my family and friends knew about it and I didn't care who else knew. I told that same story at every interview, and I never had a problem getting any clearance. In the days before glasnost, when the KGB were the primary bad guys, we were always briefed that the biggest threat was an employee being compromised because of something that could be used against them - financial debts, drug use, criminal background, relatives in hostile foreign countries - anything that could be used as leverage to make you vulnerable to espionage. The idea with drug use wasn't that you were some drug crazed idiot - it was that you might be ashamed of the drug use, or might need money - and that made you vulnerable. I guess since I said everyone already knew about my minor BS, and I didn't care who else knew, it wasn't a problem. I think lying about it and then having it turn up during the investigation would have been much, much worse.
My investigation was in the 90's - before 9/11 and before Homeland Security. Officially, my employment was not dependent on my clearance - but everyone knew that the reality was that the position required a clearance, so without the clearance, there would not be an available job for me and I would be let go. It happened to a couple of guys who for whatever reason could not get cleared.
All ancient history now...
You should know that JPL employees are actually employees of Cal Tech. JPL is what is known as a Federally Funded Research and Development Center. And many of the employees there are not drones who like to roll over for government abuse, even if their paychecks ultimately come from that direction.
http://www.rootstrikers.org/
Maybe he was an old timer who was grandfathered in before the government got serious about screening people in sensitive positions but rest assured the procedures for vetting someone for secret or top secret clearance are pretty invasive and this was the case before HomeSec existed.
I am becoming gerund, destroyer of verbs.
> Homeland Security Presidential Directive
Homeland, much like Fatherland, gives me proud images of charging in Panzer Tanks across the Ukrainian plains to stick it to the undermenschen. Long live Das Homelanden! Mein Liebe!
When I got my clearance back in the dark ages (1985 or so) they were extremely interested in the organizations I belonged to. They weren't happy when all I had to tell them about was the Auto Club and, decades previous, the Book of the Month Club. It was only after I confessed to being a Campfire Girl that they removed the thumbscrews and granted my clearance. At one point the current JPL Overseer (not Bruce Murray) let it be known that those who required clearances for their jobs would be seriously limiting their careers if they refused to apply.
Then shag the bastards there are only nine of them.
thats the way most jobs are dude, they dont care if you are good, just that you 'fit'
having plastic surgery
having HIV
being a registered republican or democrat depending on the area
watching pornography
getting spanked by your girlfriend/boyfriend
having a colostomy bag
being a muslim
being atheist
being jewish
having a black grandfather
having a white grandfather
etc etc etc
its all fucking bullshit. ok? its all fucking bullshit.
Offtopic? When this is what passes for a thread view, this comment is on topic for every conversation!
How dare you be so modest!! You conceited bastard!!
At one of the protests I went to, one guy stood up to speak and basically said he was glad he had a top secret clearance because it meant he didn't have to have his privacy invaded like this. That's saying something.
It seems strange, but as you get to the higher level clearances, like TS and SCI, as done for the 3-letter agencies, the process becomes quite intrusive, but is reasonably rational and run by competent people. Also, at the higher levels, the security clearance process is entirely independent of the employer. At the higher security levels, where there are real field background checks, employee background information is closely held - it could be used by enemies to find vulnerable employees.
The problem with JPL is that they were doing a by-the-numbers process on a huge number of people using arbitrary criteria, but with the level of intrusiveness of a real clearance investigation. And they were running the process out of their own human resources department.
It's really simple:
1.) You have to disclose all your potentially embarrassing misdeeds of the past.
2.) The government stores this information on a poorly guarded unecrypted hard drive.
3.) The government then "accidentally" loses this unencrypted hard drive.
4.) What you thought was a confidential disclosure is now in the public domain.
Result: Blackmail opportunity eliminated (possibly job change opportunity too). Profit!!
The UK utilizes this method quite often, most recently with its air force pilots, see here: Data Breach Exposes RAF Staff To Blackmail
I worked at JPL for a few years (pre 9/11). It was a congenial environment. I got my badge with no hassles; I certainly sympathize with the present plight of my former colleagues and wish them good luck, and may they win if the case goes to the US Supreme Court.
I certainly hope the Obama administration will scale back Bush-era excesses. They have harmed us much more than terrorism ever could.
Incidentally, back then I was tickled to find out that the code we were writing for NASA spacecrafts was in the public domain -- anybody could request a copy. May I assume it is no longer so?! :)
JPL actually isn't a NASA (federal government owned) installation. It's CalTech operating for-profit as a contractor to NASA. The only actual government jobs at "JPL" are the contract administrators and some management types.
Is it just my observation, or are there way too many stupid people in the world?
MOD PARENT UP
...steal a card and you're in?
I followed the link (http://www.nextgov.com/the_basics/tb_20080610_8037.php) to find out more about HSPD-12.
If I read it correctly, the whole security card thing is a sham--they mention fingerprints, and then when you read about the fingerprints, they compare the fingerprint information stored in the card to fingerprint information stored in a database.
They don't check the fingerprints of the person carrying the card. So, somebody wants to get into the facility, they simply steal a card, and no problem.
Does somebody know more about this than is in the article--is it really that silly of a system? And, if so, as a US citizen, I'd like to sue the government, the employees responsible for procuring the system, and the system supplier for wasting tax dollars on such a system. I wonder if I could do that?
Sorry, posting as an AC for what I think are obvious reasons.
The term "directives" gave me a chill of terror down my spine. In "Atlas Shrugged" ludicrous anti-capitalism restrictions were enacted, ones that would never make it through congress. How? Because they weren't laws, they were "directives", basically laws that could be enacted *without* democratic process.
Let's hope this ruling get the directive off the books.