September 22, 2011:
For nearly a year, the U.S. Congress has been trying to find out how many Americans had security clearances. There were a number of delays as government bureaucrats scrambled to nail down the number. Finally, the count was completed. That turned out to be a “good news/bad news” situation. The good news was that there was now a number; 4.2 million clearances. The bad news was that there were 4.2 million clearances. Bad news because last year Congress was told that there were 2.4 million clearances (or maybe up to 3 million, because the 2.4 million did not include some intelligence agencies that were slow to deliver the needed information.) So now that Congress has the number they were looking for, the government security bureaucrats have been ordered to come up with an explanation of why much lower numbers have been provided over the last decade, with the warning that the real number “might be a little higher."
A year ago, many senior U.S. government officials became alarmed when they discovered that no one knew know how many people had security clearances. Now they have a number, and a growing list of excuses of why the number is unexpectedly high. It turns out that there were unforeseen problems in getting an accurate count. This was but one of many security clearance problems caused by the war on terror. Taking a look at some of the other problems makes one realize that an accurate count of the security clearances out there is the least of the problems in this area.
It all began after September 11, 2001, when there was suddenly a need for a lot more security clearances, mainly because a lot of new technical specialists were needed to hunt down Islamic terrorist, and protect the United States against additional attacks. This sudden, high demand for security clearances caused a meltdown in the clearance process and, as was discovered recently, in the records keeping.
But the problems were often more complex. For example, efforts to recruit needed computer security specialists quickly encountered two problems. First, there is a shortage of qualified people, and civilian firms could easily outbid the government. But even when you got people to hire, there was a second problem. The newly hired geeks needed a security clearance to work on most government computer problems. It takes time (months) to get a clearance, and many people failed the screening (they have a bad credit score, an old felony conviction, or creepy friends, etc.). One U.S. government study of how security clearances were granted, found that a quarter of those who got Top Secret clearances, had problems uncovered in their background checks. The most common problems were with criminal prosecutions, or even convictions, and contact with foreign organizations with terrorist or criminal ties. Then there are those with family members connected with criminal activities. Some government officials wanted those tainted clearances cancelled, but others pointed out that this was not really practical.
There has also been a growing need for more translators and, intelligence analysts (with knowledge of, or experience with, Middle Eastern and South Asian cultures), and computer experts in general. Many of the most expert translators, analysts and computer experts are immigrants. That alone provides plenty of potential heartburn for those approving clearances. Worse yet, many of the best computer security experts started out as hackers. Some got busted, which often triggered the move to the other side of the fence. The security clearance approvers were often under lots of pressure, frequently from people high in the government food chain, to bend the rules in the name of national security. One rule that does not get bent is the requirement that only U.S. citizens can get a clearance. That eliminates a large number of computer experts, many educated in the United States and working here.
There are other problems as well. Five years ago, after a reorganization of American intelligence agencies, and the creation of the post of Director of National Intelligence, it was quickly realized that all this effort had failed to eliminate a lot of friction between the various agencies. One of the more painful problems was with reciprocal recognition of security clearances between agencies. That is, if someone has a Top Secret clearance in the CIA, and moves over to work at the Department of Defense, that Top Secret clearance should be, well, a Top Secret clearance at the Department of Defense. But often, it isn't. For over a decade, the various intelligence agencies have been getting slower and slower in recognizing the validity of the clearance of the person coming in. It can take up to six months for such transfers to be approved. In the meantime, the transferred person cannot go near classified information. This wastes a lot of money, and delays essential projects.
There are several reasons for this need to double check security credentials, but the major one was the number of Soviet spies uncovered after the Soviet Union disintegrated in 1991. Some agencies were found to be more susceptible to Soviet penetration (basically because of sloppiness), and all of a sudden, a security clearance didn't mean the same thing everywhere. That's because, while all initial clearances are approved using basically the same background investigation techniques, as time goes on, the agency you work for is responsible for ensuring that you remain eligible for whatever clearance you have. The post-Cold War spy scandal (which uncovered people working for other countries as well, like China and Israel), made all agencies more aware of the need to keep an eye on their people, but particularly on new people who have been around for a while, but at some other agency.
All this is typical bureaucratic cover-your-ass behavior. Better to sit on something, than to take a chance, no matter how slight, of being embarrassed. While the media will never jump all over this sort of thing (too geeky and unexciting), people in the intel business (who are getting burned by the bureaucratic delays) got through to Congress, and heat was applied. That solved some of the problems, because advancement in the intel business is more a matter of avoiding failure, than in achieving success. Victories remain secret, but failures often become headlines.
There are a lot of security clearances out there, and, until recently, the most quoted number was 2.5 million. Most holders of these clearances are civilian employees or contractor personnel. It costs over $10,000, and at least three months to get someone a "Secret" level clearance. That is actually an improvement, because two years ago, it took over six months. It takes more time, and more money, to get a Top Secret clearance, needed for most critical computer security jobs.
So while members of Congress are worried about counting clearances, people inside the agencies that use most of them are still trying to get new ones on a timely basis, or being certain that older ones are still valid. But Congress insisted, and when all clearances (as best anyone could tell) were counted, yet another problem was discovered. Some things are best left alone, except when you cannot afford to.