samedi 22 mars 2008

For whom did the contract employees who accessed the passport files work?

Three of the contract employees who accessed the passport files of the three presidential candidates worked for Stanley, Inc. and the fourth for a company called The Analysis Corporation.

Who are these companies?

Interestingly, the first sentence in the MSN fact sheet for Stanley Inc. is "Stanley isn't afraid of big government."

Indeed.

Stanley, Inc.'s current customer base:

Department of Commerce
Department of Energy
Department of Health & Human Services
Department of Homeland Security
Department of Justice
Department of State
Department of Transportation
Department of Treasury
Environmental Protection Agency
Library of Congress
National Aeronautics and Space Administration
Smithsonian Institution
U.S. Coast Guard

...and the following agencies of the Department of Defense:

Defense Information Systems Agency
Defense Intelligence Agency
Intelligence Community
Joint Strike Fighter Program Office
Naval Air Systems Command
Naval Sea Systems Command
Office of the Secretary of Defense
Space and Naval Warfare Systems Command
U.S. Air Force Materiel Command
U.S. Army Forces Command
U.S. Army Materiel Command
U.S. Army Reserve Command
U.S. Marine Corps
U.S. Transportation Command
U.S. Patent & Trademark Office

It's probably purely coincidental as well that in 2007, Stanley opened a passport processing center in Bill Clinton's former home town Hot Springs, Arkansas and will open another one in Tucson in John McCain's home state of Arizona this spring.

Stanley's official statement about the passport file breaches distances the company from the breaches of passport files for Hillary Clinton and John McCain.

[/tinfoil off]

Stanley, Inc. is headed by one Phil O. Nolan. This diarist over at Le Grand Orange dug up Nolan's political contributions. There are an awful lot of donations to Republican Congressman Tom Davis.

Let's just take a quick look at Tom Davis, shall we?

According to Congresspedia, Davis is linked to one David Safavian, former chief of staff of the United States General Services Administration and convicted criminal in l'affaire Jack Abramoff. The link is through Safavian's wife Jennifer, who is the chief investigative counsel to the House Committee on Government Reform, which Davis chairs. The committee, handles procurement issues.

Davis announced his retirement in January.

The Analysis Corporation is described on the company web site:


For the past 16 years, The Analysis Corporation (TAC) has provided invaluable service to the U.S. Government's national security effort. Increasingly, and especially since 9/11, TAC has made its most important contribution in the counterterrorism (CT) realm, supporting national watchlisting activities as well as other CT intelligence and analytic efforts. Led by the former head of the National Counterterrorism Center (NCTC) and staffed by other former senior officials from the Intelligence Community, TAC is at the forefront of the fight to safeguard U.S. national interests.


TAC's client list:

The U.S. Intelligence Community
Defense Intelligence Agency
Department of Homeland Security
Department of Homeland Security, National Targeting Center
Department of State, Bureau of Consular Affairs
Department of State, INR
Federal Bureau of Investigation
National Security Agency
Terrorist Screening Center

Hey, I'm just citing stuff from the company's public web site. Sometimes the tinfoil just writes itself.

TAC too is distancing itself from the passport scandal, essentially saying "We had no idea."

TAC's CEO, John O. Brennan, is quite the interesting fellow as well, with an extensive background in intelligence:

Career Highlights : Interim director, National Counterterrorism Center; director, Terrorist Threat Integration Center; deputy executive director, CIA; chief of staff to director of central intelligence, CIA; chief of station, Middle East, CIA; executive assistant to the deputy director of central intelligence, CIA; deputy director, office of Near Eastern and South Asian analysis, CIA; daily intelligence briefer at the White House, CIA; deputy division chief, Office of Near Eastern and South Asian analysis, CIA; chief of analysis, DCI's counterterrorism center, CIA; Middle East specialist and terrorism analyst, directorate of intelligence, CIA; political officer, U.S. Embassy in Jeddah, Saudi Arabia, Department of State; and career trainee, directorate of operations, CIA.


When he joined TAC in December 2005, he was interviewed by the Washington Post, from which the above information is taken. A quote from Brennan when asked how he got to where he is:

I am a big believer in delegating responsibility and authority within the organization. But I am also a firm believer that leaders of organizations need to understand the business that they oversee and are involved in the day-to-day business activities, not from a micromanagement standpoint but from an awareness and guidance standpoint. I also think it was useful for me to have, early on in my career, specialized expertise, and mine happened to be on the Middle East and terrorism, to include Arabic language capability. This specialization opened doors for me to establish my credentials within the intelligence business, and overtime I tried to broaden my experience to include having opportunities to manage and lead the work of others.

The greatest challenge in the intelligence business is that there really is a high premium placed on accuracy of information as well as the intellectual and analytic rigor in one's work. There are major national security interests that are at risk. And the role of intelligence is absolutely critical, which was evidenced in the decision to go to war in Iraq. And every person in the intelligence community understands the importance of their role and strives to provide as much insight as possible to policy makers about intelligence challenges as well as the opportunities for U.S. interests. Lives are at stake of American citizens as well as lives of individuals who are helping the United States here and abroad.


Gee, do you think that an Administration with a vested interest in making sure that its policies are not overturned by a new Administration might agree? Funny how Brennan doesn't talk about how the so-called intelligence before the Iraq war was just so much horsepuckey.

But Brennan is even more interesting than Nolan. He worked for the CIA for 23 years, and in 2003 was appointed by George Tenet to head up the Terrorist Threat Integration Center. He's clearly a Big Brother kind of guy, as evidenced by his testimony before the 9/11 commission.

But let's go back to his company, TAC. The company was acquired in 2003 by SFA, Inc., which is in turn owned by Global Strategies Group, whose bizarrely cryptic web site doesn't make clear exactly what it does at all, but which describes the company's services:

Our services include the delivery of national security initiatives in counter terrorism, counter narcotics and borders security, the protection of critical infrastructure, global supply chain assurance, humanitarian assistance, reconstruction and stabilisation, peace support operations, and a suite of business facilitation and enterprise risk management tools. All of our offerings are underpinned by unrivalled experience and leading edge technologies.


Alas, I don't have time right now to dig further, but there's certainly a web of private intelligence companies here, working in conjunction with Big Business in some of the most unstable areas of the world, and these companies are being given innumerable government contracts to privatize the most sensitive aspects of our government. More later as I can find it, so stay tuned for updates.

UPDATE: Perhaps this is what happens when you outsource IT functions to companies headed not by IT guys, but by military/intelligence guys:

Mr. McCormack said Mrs. Clinton’s file was breached last summer during an exercise in which the department was training new workers to deal with a backlog of passport applications created by changes in national security procedures. Another Congressional staff member said the trainee was employed by the State Department.

“Usually in these training circumstances, people are encouraged to enter a family member’s name, just for training purposes,” Mr. McCormack said. “This person chose Senator Clinton’s name. It was immediately recognized, they were immediately admonished. And it didn’t happen again.”


Is Mr. McCormack saying that when they're training new employees, they're giving them access to production data? Even if they're taking a copy of the production database and putting it on a test server, this is still sensitive data about individuals, some of them high-profile, that they're using for TRAINING NEW EMPLOYEES? And if a trainee immediately decides to look up information for Hillary Clinton, shouldn't that have set off a red flag as to what this new employee was likely to do?

Where I work, we deal with private health information, and we are subject to HIPAA rules. Data we deal with is only identified by an ID that really means nothing to us as IT people or even data managers. Our test data is entered when testing the case report form screens, and our training database is populated with dummy data entered specifically for that purpose. So no one who shouldn't have it is ever exposed to any kind of identifying patient data. It's just not that hard to develop a training database. That this agency is using actual, identifiable production data to train new employees is unprofessional and reprehensible.

Aucun commentaire:

Enregistrer un commentaire