MY PROBLEMS WITH HSPD-12

OR WHY HOMELAND SECURITY ISN'T



Updates to this page:
30 March, 2007 - from an original letter by Kent and Julie McCullough, rewritten and personalized with permission:

I recently learned about Homeland Security Presidential Directive-12 (HSPD-12), and Goddard Space Flight Center’s planned implementation of this Directive.  All employees (contractors as well as civil servants) will be required to submit to an extensive background check and investigation called the National Agency Check with Inquiries (NACI), using OPM’s Electronic Questionnaires for Investigations Processing (e-QIP) to collect the information. (See www.opm.gov and search on “e-QIP” for the form, instructions, and FAQ.) After completing the e-QIP and NACI processing, employees will be issued new “Blue NASA One” ID Badges and “Smart Cards” which will control physical access to buildings and offices as well as computer access at Goddard.

I understand that this Directive applies to all federal government agencies.  I am very unhappy and concerned about three aspects of HSPD-12, in the following order of priority:
I have worked for NASA contractors for more than 15 years, changing companies a couple of times when the contract on which I worked changed from one contractor to another.  I have worked as an on-site technician and engineer at Goddard Space Flight Center in Greenbelt, Maryland, assisting scientists and engineers with characterizing instruments and calibration sources for space-borne, airborne, and ground instruments.  It was a conscious choice on my part to work within Goddard’s non-secret, public domain environment, instead of going to work for a defense contractor where I reluctantly would have had to obtain a security clearance and consequently would not have been allowed to freely discuss my work.  Nothing about my work is sensitive or secret, and that’s the way I hope to keep it.

I have examined the e-QIP form.  The questions include all the standard questions one would expect on a job application (name, social security information, address and telephone numbers, education–all degrees earned, and work history), but that is just the beginning.  Employees are required to go back seven years and list all residences, all education, and month, year and purpose of trip for each foreign country visited for any reason, within that time period.  Not only must employees give their marital status (to the level of specificity of whether one is separated versus legally separated); they must also provide all of the following information: date and place of marriage, spouse’s social security number, spouse’s place and date of birth, and spouse’s citizenship.  They must also provide name, birthdate, citizenship information, and address for each parent, step-parent, foster parent, and child.  Separate references must be provided to confirm both residence information and education information, plus 3 other people’s names and contact information must be given as general references.

While many of these questions seem overly intrusive (for example, Homeland Security knowing that I was married in a tree is irrelevant and useless information to my non-secret job of counting photons), my biggest concern is with the very end of the form.  In order to complete the process–before the form can be submitted–the employee must print out 3 signature forms: Certification That My Answers are true, Authorization for Release of Information, and Authorization for Release of Medical Information.  Instructions state that these three forms, plus a Credit Check Release Form, must be printed and taken with you to your “Badging Appointment.”  While I have no problem with the Certification That My Answers are true, taken together the other two documents give the government a blank check to explore anything about me that it wishes.  The documents fail to provide any explanation of why this information is needed, or to identify who will have access to it and for what purpose(s).  I am extremely reluctant to sign these forms, but if I do not comply, I will lose access to my worksite and therefore will lose my job.  Of course I see a need for security clearances to work for the FBI or the Secret Service, but to study the visible spectrum of light at Goddard?  Give me a break.

I have been informed that it will cost $100 to process each application – nearly a million dollars just for Goddard’s 9,000 contractors and civil servants!  That does not, of course, include employees’ time to complete these forms (in theory, 90 minutes, but in reality there is a 90% rejection rate for first time e-QIP submittals!) and go through the rest of the new badging process.  Where is the money for this Directive coming from?  From individual agencies, like NASA?  What programs are being cut in order to implement this massive and unnecessary screening? Another example of waste: the NACI process will require fingerprinting of each employee, even though NASA already fingerprinted each employee just a few years ago.

Every Goddard employee and contractor already had to go through the National Agency Check (NAC) process that included fingerprinting and a criminal background check, as well as completing a 2-page form that provided contact information and data about education and work history.  Most of the additional information required for the NACI seems beyond the scope of what is reasonable, unless someone is applying for a security clearance.  Employees who jump through the hoops in the onerous HSPD-12 process will not get clearances (which often command an additional $10,000 to $20,000 a year in salary); their only “benefit” is that they get to keep their jobs.

It does not make sense to investigate and rebadge 9,000 Goddard folks like myself who do not handle sensitive information, and countless other people in other NASA Centers and other Executive Agencies.  NASA is a civilian-run government agency with open public access to most of its data and publications. A few Goddard employees do handle sensitive information, but they have already been investigated and cleared.  They have Red Badges instead of the Black Badge that I have.  This entire HSPD-12 effort falls under “government waste” as well as unnecessary and unwarranted invasion of privacy.

I do not have any recourse but to sign these release forms, and there is no feedback or appeals process should I fail to be approved for a badge.  The signature form titled Authorization for Release of Credit Reports has the audacity to proclaim, "My consent to the release of this information is entirely voluntary..." There is nothing voluntary about it; if I sign these forms it will be under duress, because if I don't sign I effectively lose the right to work for any government agency. This is intimidation and coercion.

It is difficult and in some areas impossible to find out specifically what kind of information am I releasing, who will have access, and how my privacy and identity will be protected. The e-Qip form is web-based and claims to be very secure. When the IT folks at our HSPD-12 meeting heard this, they burst out in laughter. Nothing of this magnitude on the web is secure. I have no idea who I am handing my personal information to.

Goddard is pushing this directive through very quickly.  My company is requiring all of its on-site employees to submit information by the end of April.

With the launch of HSPD-12, Homeland Security is actually taking away my security, and making my homeland a very ugly place.

- John Cooper

3 April 2007 - some links removed

I was asked (very courteously) to remove some of the links I had here, and I complied. I should mention that all the links I put on this page were easily accessible from my home, using Google. I did not put up any links with malicious intent, and I only looked up publicly available websites. I don't want to get anyone in trouble. I do, however, reserve the right to speak my mind.
8 April 2007 - new, ever so slightly less stringent, policy

Upper management told us on April 3rd and 4th that individuals going through the re-badging process do not need to sign two of the four forms—the Medical and Credit History release forms—during the visit to Security for rebadging.  If one chooses not to sign those two release forms, the badge will still be issued and a background investigation will still be conducted.  If, as a result of the investigation, further information is deemed necessary GSFC Security will come back to the individual and request that these forms be signed.  Even if the individual signs the releases at that time, it is possible that issuance of the SmartCard will be delayed since there was a delay in the investigation process. 
10 April 2007 - letter from Chief Engineer for Flight Dynamics at JPL to Congressman Dreier

Posted with permission. Dennis Byrnes makes some very good observations that I missed, including:
Here is the letter in full. I have bolded sections that I found particularly important. Thank you Dennis!
23 April 2007 - judge rules in favor of employee— legal precedent?

Other agencies are putting their contractors and employees through similar security checks, fingerprinting, and "voluntary" medical/financial record releases. Check out the Discussion section on the Employee Clearance website. An employee from the Bureau of Land Management was fired from her non-sensitive, non-secret job for not completing the security check. She appealed and won! NASA appears to have no appeals process.
I tried for two weeks to find a way to stay employed without having to turn over such invasive information because I believed that my right to privacy was being invaded. I asked for an appeal process, for a job that didn't require an NAC. I was fired in early November as a security threat.

I was also denied my unemployment benefits with the reasoning that I was "wantonly negligent of the employer's interests" and therefore my actions equaled "misconduct" on the job. This even though that within the past year I had been promoted and had an excellent work history.

I appealed the decision and finally 2 months after I was fired, I won the appeal. It was a very strong decision by the Administrative Law Judge who said he could find nothing in Homeland Security Presidential Directive 12 that actually specified the turning over of the information requested of me.
(Note - I am unsure, after reading this report again, whether the judge ruled in favor of the employee so that she got her job back, or just to to the extent that she was deemed able to collect unemployment compensation.)
11 May 2007 - internal memo from JPL

A copy of an internal JPL memo showed up in Space Ref and was linked to from NASA Watch. It's an excellent report detailing legal and privacy issues for JPL employees (and other agencies' employees, too).
Additional links

ARC received notice about HSPD-12 in April — A seemingly innocuous memo to employees at Ames Research Center touches on upcoming HSPD-12 implementations.

JPL's HSPD-12 web site — "working diligently to ensure the changes are efficiently implemented and communicated to those who are directly affected."

AP news story — "NASA contractors raise concerns about looming security checks"

Open society caving in — "In the words of Rep. Rush Holt, D-NJ.: 'The United States is absolutely dependent on having the best possible people in civil service. By fostering an environment of extreme distrust and disregard for privacy, the implementation of HSPD-12 is costing us valuable human resources and, worse, runs contrary to the values and laws we have long held as a nation.'"

Please copy, print, email, and link to this page at your whim.
Wednesday, 26-Sep-2007 19:45:52 EDTThis page last modified on