Printer Friendly

I know what you did last shift: a new study examines why employees don't report security concerns about coworkers and what management can do.

While most U.S. government employees are careful in guarding the nation's secrets, some who have failed to do so have done great harm to national security. Dealing with this risk is the primary goal of the federal government's personnel security program. To help manage this risk, government security experts recently conducted research that produced information on how the risk may be reduced through better reporting by coworkers who observe risky behavior by an individual with a security clearance.

[ILLUSTRATION OMITTED]

This analysis was reported in Improving Supervisor and Coworker Reporting of Information of Security Concern. The study was conducted by the Defense Personnel Security Research Center (PERSEREC) and has led to the center's development of a new reporting tool, Counterintelligence Reporting Essentials (CORE).

The study consisted of four interrelated steps. The first was to review policies and research related to supervisor and coworker reporting of security-relevant behavior; the second was to conduct an extensive literature review to learn about the willingness of people in general to report on colleagues; the third was to interview 45 security managers and management personnel at 20 DOD and non-DOD federal agencies to determine the frequency of reporting and to gather recommendations for improving reporting policy and its implementation; and the final step was to conduct six focus groups, three with supervisors and three with coworkers, at two military installations and one intelligence community agency. Participants in the focus groups described their reporting responsibilities, discussed their feelings about reporting, and offered recommendations to improve relevant policies and operations.

The study focused on the reporting of security-relevant behaviors. These behaviors fall into three categories: national security and counterintelligence issues, security rules, and behavioral problems. The first behaviors occur relatively rarely, involve evidence of contact with a foreign intelligence agency, and are clearly of security concern. The second involve violations of procedures that govern the protection of national secrets; these are serious but they may not always be criminal, given that they are sometimes caused by ignorance or carelessness. Last are suitability and reliability problems, such as excessive drinking or severe financial problems, that are rarely reported by coworkers or supervisors because they are so personal.

The following discussion of why people will or will not report on their colleagues is drawn from this PERSEREC study.

Failure to report. The study found many reasons why people are unwilling to report their colleagues. The major reason is that employees do not want to violate deeply entrenched cultural prohibitions against informing on colleagues and friends. Most Americans are brought up not to snitch or tattle. Also, before reporting, most employees in the workplace want to see a substantial connection between the behavior and national security. It is never quite clear to them, for example, why someone having a drinking problem is a security risk at work. In contrast, the study participants said that reporting security violations such as a colleague taking home classified material would not be a problem.

Participants felt that it would certainly be a breach of normal social rules to inform on colleagues' personal habits, such as gambling, drinking, or sexual promiscuity, actions that on the surface appear to them only loosely related to national security. These suitability and reliability problems, which a study participant called "the more private things," are almost never reported.

But the PERSEREC study found that social taboos about snitching and invading the privacy of coworkers were not the only barriers to reporting. Supervisors and coworkers also said they feared that if they reported people to security, they would lose control of the situation--that the security system would step in and end any hope of a manager being able to help the person directly.

They did not always believe that the security system would be reasonable or that the person who was the subject of the report would be treated fairly. They believed that serious job-related repercussions for that person would likely result.

One supervisor said, "When things go to security, they are pretty much out of our hands. As supervisors we can see the entire picture; a person may be just going through a bad time." But that may not be taken into consideration if a security report is made, employees indicated.

Another participant said, "Perhaps security does nothing about the report; perhaps security comes down like a ton of bricks on the reported person who then loses his job." Yet another interviewee remarked, "Reporting is a big step and it weighs very heavily. It's a black mark on people's records. You had better be sure that the person has really done something illegal before reporting him."

Although anecdotes abound, there has been a dearth of research covering the entire system to determine the degree to which such beliefs are valid. Of course, the government would prefer to hear about the supervisor's suspicions about the person, because even if the person's behavior is not actually illegal it may still be a potential problem or it may be a clue to a pattern of behavior. However, as this study shows, supervisors want to wait until they have substantial evidence of truly serious behavior.

Another reason interviewees gave for not reporting is a fear of repercussions to themselves. Making an accusation against someone can often have unfortunate consequences. While in theory the report should be confidential, the situation sometimes leaks out and then the reporter may well be ostracized for being a whistleblower or a troublemaker. "I want to be sure that I am certain before I report something serious. Somehow people find out that you have reported, and it comes back on you," said one person.

Reporting. The PERSEREC study suggested that there are several conditions under which the rate of reporting might change. For example, reporting may vary as a function of benefits and costs to the person disclosing the information or to the person whose behavior is being disclosed and perceived repercussions of the behavior and its continuation. The clarity of the information may also be a factor that influences a person's decision to report. The most important condition for reporting security-relevant behavior in a classified setting is that reporting will vary as a function of the severity of the behavior.

Study participants said that they would be very willing to report serious counterintelligence related problems or serious security violations. Reporting such crimes or security infractions would be their responsibility, they said, in order to protect the nation's security. Under this condition, patriotic duty would override any personal abhorrence towards informing on a colleague.

One study participant said, "When it is really important, there is no one in this room who wouldn't report to security. If we thought there was a threat, we would report it."

However, study participants emphasized that employees want to know what is really important to report--precisely. Policies, directives, and regulations are often vague. Employees want to be told in explicit terms what to report. One supervisor in the study said, "We need clearer rules about what should be reported up the chain." Another said, "Why can't these reporting requirements be made clearer to employees? We should be told, 'Here are the rules.'" Knowing exactly which serious and severe behaviors to report should make people more likely to report.

Solutions. PERSEREC has acted on these study findings and developed a brochure, the aforementioned Counterintelligence Reporting Essentials (CORE). The brochure lists specific obvious behaviors that must be reported to security without a second thought. These items fall under three categories: recruitment, information collection, and information transmittal. A fourth category--suspicious behaviors--is important but requires coworkers to make a judgment before reporting the behavior. All these items are included in an Enclosure to draft DOD Instruction 5240.6 Counterintelligence Awareness, Briefing, and Reporting Programs.

The CORE brochure will be distributed widely among the counter-intelligence and security communities. It can be distributed to supervisors and coworkers and might be used by security professionals in initial and refresher briefings as well as counterintelligence briefings. This focus on direct counterintelligence and security-related behavior will help cleared personnel in the field better understand what to report, and it should increase their commitment to reporting such crucial matters.

Coworker reporting will always remain a challenge for both government and private-sector organizations. However, by placing greater emphasis on behaviors that are clearly linked to security risk; personnel security programs may be able to improve relevant reporting, reduce unnecessary reporting, and do it in ways that are clear and not overbearing for employees and managers.

RELATED ARTICLE: Two Cases: A Success and a Failure

Two real-life examples illustrate the importance of the issue of coworker reporting in the classified arena. These case studies place the subject in a context directly related to espionage and its consequences.

Espionage cases are statistically rare, but spies have been caught as a result of supervisor and coworker reporting. A famous case described widely in the media was that of Jonathan Pollard, a naval intelligence analyst arrested for espionage on behalf of Israel, whose arrest was the result of a supervisor's suspicion, followed by a coworker's report. Pollard's supervisor began to develop doubts about him, not only when he was caught lying about his dealings with another government agency but also when he was repeatedly late in completing work assignments. He was also requesting so many Top Secret documents that it was becoming a burden on the clerk who had to log them in. For these and other reasons, the supervisor perceived Pollard as an undesirable employee and resolved to get rid of him. He did not suspect a security problem, however, until a coworker reported seeing Pollard take a package of Top Secret material out of the building late on a Friday afternoon. Investigations confirmed that Pollard was regularly removing and compromising large quantities of highly classified documents.

In another case, the colleagues of Navy spy Jerry Whitworth observed him monitoring and copying sensitive communications without authorization, saw classified papers in his personal locker, and knew he took classified materials home. However, they assumed he was doing it only to keep his work current. Coworkers may not have known about his 42 bank accounts; his 44 credit accounts; the large cash payments he made on loans, cars, and computers; and other suspicious signs.

In 1983 alone, Whitworth spent $130,000 when his salary was $23,000. However, his colleagues did see Whitworth and his wife turn up at the dock to meet the USS Enterprise in a rented Rolls Royce, a luxury they themselves could never afford.

None of these coworkers reported Whitworth's activities before his arrest as part of the John Walker spy ring. Their failure to inform security personnel about Whitworth's security violations and lavish spending habits allowed the Walker ring to continue for several years, causing significant damage to national security.

Pollard and Whitworth both exhibited egregious and observable behavior in their flagrant breaking of security rules. The Pollard case illustrates how alert supervisors and coworkers can make a difference when they report suspicious behavior. The Whitworth case shows the tragic results of colleagues not reporting that behavior.

Suzanne Wood recently retired from PERSEREC and is now a consultant to Northrop Grumman. She has conducted research on supervisor and coworker reporting, the use of employee assistance programs by cleared employees in the Department of Defense, and illegal technology transfer. In 1992, she also wrote a comprehensive study of American espionage. PERSEREC, a Department of Defense research organization, is part of the Defense Human Resources Activity (DHRA). PERSEREC researchers report to both the Office of the Deputy Under Secretary of Defense (Personnel and Readiness) and the Office of the Deputy Under Secretary of Defense (Intelligence). The center's mission is to improve the effectiveness, efficiency and fairness of Department of Defense personnel security systems.

@ The documents mentioned in this article. Improving Supervisor and Coworker Reporting of Information of Security Concern and Reporting of Counterintelligence Reporting Essentials, are both available at Security Management Online.
COPYRIGHT 2004 American Society for Industrial Security
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2004 Gale, Cengage Learning. All rights reserved.

Article Details
Printer friendly Cite/link Email Feedback
Title Annotation:Legal Issues
Author:Wood, Suzanne
Publication:Security Management
Geographic Code:1USA
Date:Apr 1, 2004
Words:1985
Previous Article:Had your fill of spam? Unwanted commercial e-mail--spam--has become more than just a nuisance. Here's how two organizations have solved their spam...
Next Article:You bagged the shoplifter, now what? A policy of catching shoplifters and pushing for prosecutions may not be the best use of company resources.
Topics:


Related Articles
Experts Testify on Fair Credit Reporting Act.
Survivors of downsizing: helpful and hindering experiences.
Tackling staff turnover: a novel approach; This innovative program helps entry-level employees surmount life's roadblocks to stay on the job.
Don't walk away from personnel investigations: ignoring allegations of misconduct is simply not an option.
The retaliation land mine: retaliation accounts for a consistent 13 percent to 17 percent of all charges brought before Alaska's Human Rights...
Carry on the conversation: helping employees make sense of what happens at work.
Turning around the uninitiated, untrained or unmotivated.
Where have all the guards gone? When absenteeism became a problem at a contract security firm in northern Mexico, the author conducted a study to...

Terms of use | Privacy policy | Copyright © 2022 Farlex, Inc. | Feedback | For webmasters |