The Devil Is In The Details: DHS Monitoring Keywords & Social Media

DHS updated its privacy policy due to the personally identifiable information that can be collected. The list of keywords and sites monitored by NOC and DHS was not mentioned, but here is the previous list of terms and sites.

In the ongoing program to maintain "situational awareness," DHS gave notice that it planned to establish a new DHS system of records called "Department of Homeland Security Office of Operations Coordination and Planning-004 Publicly Available Social Media Monitoring and Situational Awareness Initiative System of Records."

The Office of Operations Coordination and Planning (OPS) and National Operations Center (NOC) assisted DHS with a System of Records Notice (SORN) because of the Personally Identifiable Information (PII) that can be collected. Records collected via social media are stored either electronically or on paper and locked away. Most information that is captured is stored as "free text and any word, phrase, or number is searchable."

Although it does list out some specific examples of who it will collect PII on, such as foreign and U.S. officials or spokespersons, and news anchors or reporters, it also states that OPS can "establish user names and passwords to form profiles and follow relevant government, media, and subject matter experts on social media sites in order to use search tools under established criteria and search terms for monitoring that supports providing situational awareness and establishing a common operating picture."

Other examples mentioned are extreme life-or-death situations when OPS will share PII, "such as name and location of a person calling for help buried under rubble, or hiding in a hotel room when the hotel is under attack by terrorists."

Those seems like bizarre examples, but in light of what has happened in Japan, if I were buried under rubble, I most assuredly would want someone to find me. The question might be, would this information come to them because the buried person somehow managed to tweet for help?

This attempt to be transparent in regard to privacy seems a bit vague, listing out things OPS will "generally" not do. It also does not include a list of NOC terms like the June 2010 privacy impact assessment did; it was called "Publicly Available Social Media Monitoring and Situational Awareness Initiative."

It's very hard to actually get hold of a list of "hot keywords" that might trigger scrutiny in email or chat, but the document from this summer listed out the sites that are monitored. Scroll to pages 12-16 to see what websites NOC monitors. There have surely been keywords and sites added to this list; I'm guessing Anonymous might be one? Scroll to pages 17-21 for the list keyword terms that NOC uses when monitoring social media sites. It includes not so obvious agencies like Red Cross, and obvious ones like Fusion Center, plus an alphabet soup of 25 agencies (DHS, FEMA, TSA, NOC, ICE, CIA, DEA, FBI, ATF, FAA, and many more). It's not that cut and dried, since there are all kinds of combos when writing it out versus using abbreviations.

Privacy Pia Ops Publicly Available Social Media

Think about a bad weather day, how many people might mention snow or storm? Have you ever tweeted having the flu? Do you hashtag your tweets with #security? Lucky you, that's a NOC term. So is cyber security, Trojan, malware, hackers, body scanner and social media. The government agencies monitoring social media probably have massive headaches in light of all the keywords like tsunami, earthquake, and nuclear being used on Twitter and in the news dealing with the horrifying disaster in Japan.

The list of monitored keywords total around 395, but that number must surely be higher to include "all spellings" such as indicated for "Al Qaeda." Besides the agencies listed above, there are 52 terms under the heading Domestic Security, 34 terms under HAZMAT & Nuclear, 48 keywords under Health Concern + H1N1, 35 terms under Infrastructure Security, 63 keywords under Southwest Border Violence, 54 keywords under the header of Terrorism, 41 terms under Weather/Disaster/Emergency, 25 keywords under the header Cyber Security, and Other lists only "Breaking News."

Like this? Check out these other posts:

Follow me on Twitter @PrivacyFanatic

Copyright © 2011 IDG Communications, Inc.

Get the best of CSO ... delivered. Sign up for our FREE email newsletters!