WASHINGTON — A government watchdog testified Thursday there may have been problems with a security clearance background check conducted on the 29-year-old federal contractor who disclosed previously secret National Security Agency programs for collecting phone records and Internet data — just as news media disclosed more information about those programs.
Appearing at a Senate hearing, Patrick McFarland, the U.S. Office of Personnel Management's inspector general, said USIS, the company that conducted the background investigation of former NSA systems analyst Edward Snowden, is now under investigation itself.
McFarland declined to say what triggered the inquiry of USIS or whether the probe is related to Snowden. But when asked by Sen. Jon Tester, D-Mont., if there were any concerns about the USIS background check on Snowden, McFarland answered: "Yes, we do believe that there may be some problems."
Meanwhile, new details emerged about the scope of two recently disclosed NSA programs — one that gathers U.S. phone records and another that is designed to track the use of U.S.-based Internet servers by foreigners with possible links to terrorism.
Two new documents published Thursday by The Guardian newspaper — one labeled "top secret" and the other "secret" — said NSA can keep copies of intercepted communications from or about U.S. citizens indefinitely if the material contains significant intelligence or evidence of crimes.
McFarland declined after the Senate hearing to describe to reporters the type of investigation his office is conducting. Sen. Claire McCaskill, D-Mo., said she was told the inquiry is a criminal investigation related "to USIS' systemic failure to adequately conduct investigations under its contract."
"We are limited in what we can say about this investigation because it is an ongoing criminal matter," said McCaskill, chairwoman of the Senate subcommittee on financial and contracting oversight. "But it is a reminder that background investigations can have real consequences for our national security."
McCaskill's panel conducted the hearing jointly with Tester's subcommittee on efficiency and effectiveness of federal programs.
USIS, based in Falls Church, Va., said in a statement that it has never been informed that it is under criminal investigation. USIS received a subpoena from the inspector general's office in January 2012 for records, the statement said. "USIS complied with that subpoena and has cooperated fully with the government's civil investigative efforts," according to the company.
USIS declined to comment on whether it conducted a background investigation of Snowden. The company said it performs thousands of background investigations each year for OPM and other government agencies. "These investigations are confidential and USIS does not comment on them," the USIS statement said.
The background check USIS performed on Snowden was done in 2011 and was part of periodic reinvestigations that are required for employees who hold security clearances, according to McFarland and Michelle Schmitz, the assistant inspector general for investigations at OPM.
Schmitz said the investigation of USIS commenced later in 2011.
Booz Allen Hamilton, the company where Snowden was working at the time of the disclosures, fired him for violations of the firm's code of ethics and firm policy. The company said he had been a Booz Allen employee for less than three months.
Snowden worked previously at the CIA and probably obtained his security clearance there. But like others who leave the government to join private contractors, he was able to keep his clearance after he left and began working for outside firms.
Of the 4.9 million people with clearance to access "confidential and secret" government information, 1.1 million, or 21 percent, work for outside contractors, according to a January report from the Office of the Director of National Intelligence. Of the 1.4 million who have the higher "top secret" access, 483,000, or 34 percent, work for contractors.
OPM's Federal Investigative Services division performs almost all the background investigations for federal agencies and nearly 75 percent of the investigators who perform background checks are contractors, according to information on the agency's website.
At the hearing, McFarland called for much closer oversight of the investigators who conduct background checks. He said that 18 background investigators and record searchers have been criminally convicted since 2006 for fabricating information in background reports.
McFarland's office is actively working on 11 fabrication cases and another 36 cases involving background investigators are pending, according to data he provided to the subcommittees.
Of the 18 investigators who were criminally convicted, 11 were federal employees and seven were contractors. Of the 47 active and pending cases, six involve federal employees and 41 involve contractors, according to McFarland.
The new documents revealed by The Guardian were signed by Attorney General Eric Holder. They include point-by-point directions on how an NSA employee must work to determine that a person being targeted has not entered the United States. If NSA finds the target has entered the U.S., it will stop gathering phone and Internet data immediately, the documents say.
If supervisors determine that information on a U.S. person or a target who entered the U.S. was intentionally targeted, that information is destroyed, according to the documents.
But if a foreign target has conversations with an American or a U.S.-based person whom NSA supervisors determine is related to terrorism, or contains significant intelligence or evidence of crimes, that call or email or text message can be kept indefinitely. Encrypted communications also can be kept indefinitely, according the documents.
Administration officials had said the U.S. phone records NSA gathered could only be kept for five years. A fact sheet those officials provided to reporters mentioned no exceptions.
The documents outline fairly broad authority when the NSA monitors a foreigner's communications. For instance, if the monitored foreigner has been criminally indicted in the U.S. and is speaking to legal counsel, NSA has to cease monitoring the call. The agency, however, can log the call and mine it later so long as conversation protected by attorney-client privilege is not used in legal proceedings against the foreigner.
The NSA had no comment when asked about the newly revealed documents.