Much has been made recently of new “social media monitoring” programs being implemented as part of the security clearance background investigation process. The frenzy reached a crescendo in mid-2016 when RFP’s (Requests for Proposals) were issued by the intelligence community for private contractors who could run the process. Criteria included in the RFP’s were the ability to conduct “deep web” and even “dark web” searches.

Nonetheless, little has been made public about specifically what websites are being monitored, how information is being flagged, and who won the contracts – until now.

For the first time, our office recently encountered an intelligence community case in which social media monitoring was actually utilized. The report of investigation identifies the work as having been performed by a small, West Coast-based vendor who I will not name at the request of the involved agency. Included are multiple pages of “hits” – in this case, evidence of the applicant’s attendance at several engineering industry conferences – and even screen shots of the relevant web-pages containing the applicant’s name as an organizer. The applicant’s attendance at these California conferences was flagged as a potential Guideline B (foreign influence) issue because the applicant “may have had contact with foreign nationals.”

Innocent Activity on the Internet or Potential Red Flag

Setting aside the ridiculously speculative nature of that allegation – which, fortunately, the federal agency in this case recognized – the report reinforced one of the chief concerns I have expressed about social media monitoring all along: context. The best example I can offer is a case from earlier this year in which our client, a federal employee, was accused of sending his colleague a threatening text message. As it turns out, the pair had recently had a falling out and our client was attempting to patch-up the relationship by sending a quote from a movie the two used to enjoy in an effort to remind his old friend of better times. Just like that scenario, much innocent activity on the internet can be easily twisted into something nefarious without context.

Perhaps even more concerning, the report identified a series of categories, along with examples, of websites being searched as standard practice – many of which have absolutely nothing to do with social media. Here is a verbatim breakdown:

Social networks (examples include myspace, Facebook, and LinkedIn)

Micro-blogging websites (examples include twitter and StumbleUpon)

Blogging and Forums websites (examples include WordPress, tumblr, and LIVEJOURNAL)

Pictures and Video-Sharing websites (examples include YouTube, flickr, and Flikster)

Music websites (examples include Pandora,, and iLike)

Online Commerce websites (examples include eBay,, and Epinions)

Dating Network websites (examples include, eHarmony, and

Geo Social Network websites (examples include foursquare, urbanspoon, and tripadvisor)

News and Media websites (example include the LA Times, CNN, and New York Times)

I will be the first to admit that I was shocked not only by the breadth of websites being searched, but the extent to which the intelligence community is going to fit non-issues into the neat boxes of adjudicative guidelines. If someone’s attendance at a U.S.-based industry conference is relevant under Guideline B because it “may” have exposed them to foreign nationals, then does the fact that someone listens to heavy metal music on Pandora make them an anarchist who “may” want to overthrow the government? Or does the fact that someone posts reviews of Chinese food restaurants on Urbanspoon make it more likely that they “may” be a spy of the People’s Republic? I would be laughing – except that this is really happening.

If you give the intelligence community a cookie…

To be clear, the fact that I am a defense attorney does not diminish the extent to which I value strong national security. But patriotism notwithstanding, I cannot fathom how some of this information is relevant to a security determination. Instead, I am reminded of the old “If You Give a Mouse a Cookie” story. Policymakers gave the IC social media, and the IC took the entire internet.

Only time will tell whether or not this experiment has the intended effect of rooting out spies, saboteurs, and other true security threats. In the meantime, I fear that the natural byproduct of such aggressive electronic scrutiny will be a severe chilling effect on First Amendment conduct for those who work or aspire to work in national security.


This article is intended as general information only and should not be construed as legal advice. Consult an attorney regarding your specific situation. 

Related News

Sean M. Bigley retired from the practice of law in 2023, after a decade representing clients in the security clearance process. He was previously an investigator for the Defense Counterintelligence and Security Agency (then-U.S. Office of Personnel Management) and served from 2020-2024 as a presidentially-appointed member of the National Security Education Board. For security clearance assistance, readers may wish to consider Attorney John Berry, who is available to advise and represent clients in all phases of the security clearance process, including pre-application counseling, denials, revocations, and appeals. Mr. Berry can be found at