It looks like the Chinese have my security clearance, background investigation, and personnel files from my time as director of the U.S. Office of Personnel Management back in the old days under President Ronald Reagan. To add insult to injury, it was my own agency that was blamed for the hacking of the 4 million records — or maybe 18 million, no one knows.
The Washington Post called the theft a “serious external threat” that “could easily be leveraged to blackmail or pressure federal workers, including those who handle classified information and might also compromise foreign nationals whose names are on those security forms.” The Wall Street Journal called it a “cyber 9/11.”
The furor on Capitol Hill exceeded even the hearings during my days when a Democratic House exploded in anger against Reagan’s heresy of cutting the domestic bureaucracy. Present Director Elizabeth Archuleta should know she was not the first to have had a House committee chairman demand an OPM head resign. She had a tougher time as fellow Democrat Stephen Lynch joined in accusing her of “obfuscation,” of “dancing around” straight answers to the panel’s questions.
One clear and correct statement from Archuleta was that OPM was committed to “continued progress on IT modernization.” Indeed, Information Technology modernization is loved by all, beginning well before Archuleta’s tenure, with Congress in the lead. The whole idea comes from the same public administration experts who have designed and run the national government since Woodrow Wilson and Franklin Roosevelt built our 20th century bureaucratic welfare state.
The most recent phase of innovation followed the invention of computers and the fact that the national government had its records on paper, many required by law. A classic 1993 William & Mary Journal public administration article by Sandra Davidson Scott called for computerization of and full public access to all government files.
In a short span of time, a computer researcher can accomplish searches which would have taken days, months, or even years using Gutenberg-era methods . . . It makes no sense in the computer age for a law to mandate the more expensive paper copies of records, just as it would have made no sense in the Gutenberg era for a law to mandate that only more expensive, hand-written copies of government records be produced. Such laws could only make sense if their purpose were to restrict access to information.
The idea of restricting access to government information was so 15th century. Scott’s 20th century reasoning was taken up by Congress in the 1996 IT Management Reform Act implementing a centralized control process to reduce costs, improve effectiveness, and integrate agency information flows.
Even after 9/11 the 2002 IT Act mentioned security only as part of the mission to make the government “more transparent and accountable” in a manner consistent with “protection of personal privacy, national security, records retention, access for persons with disabilities, and other relevant laws,” partially extending it to the private sector. By 2008, GAO estimated there were 34 regulations that applied to private records too.
The Department of Homeland Security was put in charge of protecting government IT records through its Einstein project which unfortunately has failed to stop raids of government records in several government agencies, including the CIA, Senate, IMF and now OPM (that we know about).
When one notes that 90 percent of attempts to breach its airport security systems with guns and explosives are successful, one should not be too surprised. In just the past month, an Army laboratory in Utah shipped at least one live sample of deadly anthrax to a Maryland lab and eight others possibly alive as far as South Korea. At least it was not the North. The FBI conceded errors in DNA analysis since 1999 affecting thousands of convictions.
OPM staffers defended themselves by noting that even with the latest encryption methods its files probably would have been penetrated. Private experts such as Melanie Dougherty Thomas agree. The whole problem comes from government experts who think large, open systems can be made impenetrable. They cannot for any long period of time. Flexibility, decentralization, and difficulty of penetration are essential. There should even be some records too sensitive for electronic storage. One hopes the nuclear arsenal penetration information is not. Neither should background investigation details or security clearances. Gutenberg still has his uses in the modern world.
Interestingly, the government has returned to paper until it “fixes” its IT. This should be made permanent for sensitive files. A uniform IT law makes things worse, draining the last ounce of entrepreneurial energy from overwhelmed bureaucrats trying to standardize unique situations and fearful of asking for old-fashioned exceptions.
Gutenberg’s technology paved the way to modern centralization but IT has inadvertently shown its limits, now requiring decentralization and de-standardization to meet the challenges of the 21st century world.
Donald Devine is senior scholar at the Fund for American Studies, the author of "America’s Way Back: Reclaiming Freedom, Tradition and Constitution," and was Ronald Reagan’s director of the U.S. Office of Personnel Management during his first term. For more of his reports, Go Here Now.
© 2022 Newsmax. All rights reserved.