U.S. Air Force cyber security technicians with the 355th Communications Squadron review work orders at Davis-Monthan Air Force Base Ariz., Sept. 26, 2018.

U.S. Air Force cyber security technicians with the 355th Communications Squadron review work orders at Davis-Monthan Air Force Base Ariz., Sept. 26, 2018. ap photo/airman 1st class frankie moore

Science & Tech

The US Military Is Creating the Future of Employee Monitoring

A new AI-enabled pilot project aims to sense “micro changes” in the behavior of people with top-secret clearances. If it works, it could be the future of corporate HR.

Patrick Tucker

|
Patrick Tucker
By Patrick Tucker
Science & Technology Editor, Defense One

The U.S. military has the hardest job in human resources: evaluating hundreds of thousands of people for their ability to protect the nation’s secrets. Central to that task is a question at the heart of all labor relations: how do you know when to extend trust or take it away?

The office of the Defense Security Service, or DSS, believes artificial intelligence and machine learning can help. Its new pilot project aims to sift and apply massive amounts of data on people who hold or are seeking security clearances. The goal is not just to detect employees who have betrayed their trust, but to predict which ones might — allowing problems to be resolved with calm conversation rather than punishment.

If the pilot proves successful, it could provide a model for the future of corporate HR. But the concept also affords employers an unprecedented window into the digital lives of their workers, broaching new questions about the relationship between employers, employees, and information in the age of big data and AI.

The pilot is based on an urgent need. Last June, the Defense Department took over the task of working through the security clearance backlog — more than 600,000 people. Some people — and the organizations that want to hire them — wait more than a year, according to a September report from the National Background Investigations Bureau. Those delays stem from an antiquated system that involves mailing questionnaires to former places of employment, sometimes including summer jobs held during an applicant’s adolescence, waiting (and hoping) for a response, and scanning the returned paper document into a mainframe database of the sort that existed before cloud computing.

Related: The Security Clearance Process Is About to Get Its Biggest Overhaul in 50 Years

Related: Security Clearance Delays Are Hurting the Pentagon’s Tech Workforce

Related: US Plans ‘Continuous Evaluation’ of New and Existing Security Clearances

In addition to being old-fashioned, that process sheds light on an individual only to the degree that past serves as prologue. As an indicator of future behavior, it’s deeply wanting, say officials.

This effort to create a new way to gauge potential employees’ risk is being led by Mark Nehmer, the technical director of research and development and technology transfer at DSS’ National Background Investigative Services.

This spring, DSS is launching what they describe as a “risk-based user activity pilot.” It involves collecting an individual’s digital footprint, or “cyber activity,” essentially what they are doing online, and then matching that with other data that the Defense Department has on the person. Since “online” has come to encompass all of life, the effect, they hope, will be a full snapshot the person.

“We anticipate early results in the fall,” a DSS official said in an email on Tuesday.

The Department of Defense already does some digital user activity monitoring. But the pilot seeks a lot more information than is currently the norm.

We are putting these into a construct so that we can detect minute changes in behavior across an entire pattern of life, so that we can detect stress.
Mark Nehmer, DSS’ National Background Investigative Services

“In the Department of Defense, user activity monitoring is typically constructed around an endpoint. So think of your laptop. It’s just monitoring activity on your laptop. It’s not looking at any other cyber data that’s available” — perhaps 20 percent of the available digital information on a person, Nehmer said at a November briefing put on by company, C3, a California-based technology company serving as a partner on the pilot.  

The pilot seeks a much fuller spectrum of digital information and then combines it with other data within the Defense Department and beyond, using machine learning algorithms to derive insights. “Once constructed fully, it will look at the bulk of the cyber data you generate,” said Nehmer. “It’s IP-based with a date time stamp on it. There’s no name associated with it; you actually have to go to a different set of logs to marry those two things up.” (The data is entirely from Defense Department owned equipment, not personal systems.)

The pilot will also bring in material that a person put on their Standard Form 86 — basically forms that people seeking a security clearance fill out, and other data not related to cyber activity. “Let’s not just look at what you’re doing on your individual computer because there’s all this other information that we have available to us that we’re not looking at just because it’s hard,” he says, meaning that the data is not in a format that’s easily digestible by machine learning programs. “There’s this other human behavior data that’s not indicated in the cyber world.”

That data will join data from what’s called continuous evaluation, a current effort to monitor life events related to clearance holders, such as getting married or divorced, entering into a lot of debt or getting a sudden windfall, tax returns, arrests, sudden foreign travel, etc. Over a million military personnel are currently enrolled in the existing continuous evaluation system.

The eventual goal, said Nehmer, is a system that can sense not just impending insider crime but also far more intimate states of being; pre-crime, if you will. “We can begin to add whether or not the activity that the individual is producing is increasing, decreasing, or staying within a fairly normative range. If it’s staying within a normative range then as long as there are no business rules that are broken, likely we don’t have a problem. If their activity dramatically increases there is likely stress. But there are a lot of ways to measure activity. If it significantly decreases, it’s likely that there is some external controlling factor on that.”

In other words, it’s a window not just into a person’s past but their present state of mind, or what Nehmer calls “micro changes” in behavior.

“We are putting these into a construct so that we can detect minute changes in behavior across an entire pattern of life, so that we can detect stress,” he said. “Fundamentally, we are there to look out for micro changes in behavior that might indicate that a person is interested, or disinterested, in continuing their affiliation with the Department of Defense, or discontinuing their affiliation with life,” he said, referring specifically to the epidemic of veteran suicides. “If we do our jobs right, we can help prevent suicides, data breaches, or things that people, when they’re under stress, things that they do,” he says.

We don’t want to lose our valuable employees. We want to help our valuable employees remain our valuable employees.
Mark Nehmer, DSS’ National Background Investigative Services

Of course, not everyone is happy with the idea of their employers detecting “micro-changes” in their behavior, especially if they believe that they might be punished for what those changes indicate. That goes for people who are exchanging their privacy for the immense privilege and power that comes with holding a secret or top-secret clearance. It's a tradeoff, but not an easy one.

Nehmer is acutely aware of this. He’s adamant that the objective isn’t to slap the cuffs on people; it’s to reveal changes in mood, outlook, or behavior before punishment becomes necessary, before the employee starts to hate where they work or what they’re doing.

As Nehmer describes it, the best outcome is a conversation between employee and manager well before there is a crime, when any workplace issue is in its earliest state; or “to detect changes in life pattern that might indicate that an individual is moving into a position where they may need some intervention. That intervention, if we are doing our jobs right, is most likely to just be a person talking to them, having a conversation,” he says. “We don’t want to lose our valuable employees. We want to help our valuable employees remain our valuable employees,” he says.

Reaching that goal will take a lot of data; and data collection within the Defense Department isn’t a straightforward process. “At least a couple of years ago, there were 15,000 major systems across the Department of Defense, each one configured differently, each one putting out different types of data. That’s just the systems. Then you have all of these different things related to personnel, and each one of them describes a single event in a different way,” said Nehmer.

It also requires data that’s not within the Defense Department as an institution but is available in other ways, through data sharing partnerships with other governmental and commercial entities. Nehmer didn’t want to say exactly which entities but it’s all data that the Department has legal access to as part of its screening and counter-intelligence activities. Still, getting those entities to share data for new pilot employee monitoring applications requires a lot of legal negotiation. If a data sharing partnership has to be renegotiated to allow for continuous evaluation or user activity monitoring, it can take nine months. And there are a lot of data-sharing partnerships to work through. Nehmer says that a lot of time is spent working with lawyers to keep the pilot in-line with the law and get the data it needs to be effective.

It’s still an open question as whether the pilot will create the sort of “snapshot” that DSS is looking to build. If it is, it will have set a new standard for using data to predict and manage employees.

When you are seeking a job with highly sensitive national secrets, you agree to give up a lot of information about yourself. So it’s not clear how well user activity monitoring will transport to private companies that don’t have a national security interest. But if it works, companies in the future may want to implement something similar, creating a new norm for employee monitoring.

The appeal of a system like the one Nehmer describes to outside companies depends, of course, on several factors: whether that snapshot actually results in improved performance, rather than just decreased risk; and, most importantly, whether employees perceive a reward in participating in such monitoring, how willing they are to be a part of it.

In some instances, where the result of the program really is less stress, better work, better relationships with managers, etc. a happier work life, then the rewards, perhaps, will justify the exposure in the mind of the employee or job applicant. In industries like tech, where firms compete hard for qualified applicants, it’s difficult to imagine talented workers signing up for a job where their data is always used against them. But equally competitive employees might be attracted to program where their data worked for them (so long as they understood how the system functioned.)

In other instances, where managers choose to use monitoring to increase costs for bad performance without offering rewards, future employee monitoring will probably feel truly Orwellian. And there are other concerns. It’s not clear how wide-scale adoption of user activity monitoring would effect, for instance, the ability of officials to communicate with the media on background, or engage in whistleblower activities, or other behavior that is morally and ethically justified but may have an immediate negative effect on the organization.

But none of those outcomes is the direct result of the technology so much as the discretion of future managers. Some bosses are good. Some are bad. In the future, each will be empowered to be more truly what they are.

But that, too, will be impossible to conceal.

NEXT STORY: UK Stands Fast, Won’t Ban Huawei 5G Gear Despite US Warnings

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.