OPM Shouldn’t be Responsible for Sensitive Employee Information, Lawmakers Say
Following multiple data breaches, a bipartisan duo of lawmakers have raised concerns with the Office of Personnel Management (OPM) continuing to house the government’s sensitive security clearance information.
Reps. Steve Russell (R-OK) and Ted Lieu (D-CA), two members of the House Oversight and Government Reform National Security Subcommittee, both of whom are former active duty military officers, laid out their concerns in an October 7 letter to Dave Mader, acting deputy director for management at the Office of Management and Budget (OMB).
“We strongly believe that security clearance data – which has been described as “crown jewels” of our national intelligence – should not be protected by OPM, which is neither an intelligence agency nor a defense organization,” Russell and Lieu wrote to Mader, who serves as Chair of the President’s Suitability and Security Clearance Performance Accountability Council (PAC).
The PAC is currently in the midst of a 90-day review, examining information security and other issues related to the security and suitability determination process.
While the lawmakers expressed “renewed faith in OPM’s efforts to overhaul its systems under the leadership of Acting Director Beth Cobert,” they “continue to believe that it is inappropriate in the 21st century for extremely sensitive data of American national security personnel to be housed in an agency without a national security focus.”
“Simply put, OPM was not designed to house and protect this sensitive data,” Russell and Lieu wrote.
The Federal Law Enforcement Officers Association (FLEOA) commended the lawmakers for “recognizing the limited protective capabilities of OPM, and the need to safeguard our background clearance information in a more secure cyber configuration,” and called improvements taken to-date by OPM “inadequate.”
The lawmakers urged Mader, as Chair of the PAC, to comprehensively assess the security clearance system and information security of that system. The lawmakers inform Mader that they “have drafted, and are prepared to offer, legislative authority” to store and protect security clearance data.
The lawmakers also urged the PAC to “look at ways to reduce the large number of personnel that are granted security clearances” in the first place, and to reevaluate the types of background and security clearance information the government needs to store to begin with, writing that “monitoring for unusual bank or travel activity can often tell us more information about a person than their neighbors and addresses for the past 10 years.”
“The antiquated SF-86 should be modernized for 21st century threats,” Russell and Lieu also suggested.
Posted in Featured News