Cyberculture and Personnel Security
Source: Defense Personnel Security Research Center
Report I — Orientation, Concerns, and Needs (PDF)
Computers and related technologies, such as smart phones and video games, are now a common part of everyday life. Many people spend a large portion of their waking hours using and socializing through these devices, forming what is known as a cyberculture. Personnel security investigative and adjudicative standards were developed before these products were widely available; however, cyberculture bears relevance to personnel security due both to the presence of existing security issues and potential effects on psychological outcomes and workplace performance. Although cyberculture has many beneficial effects, this project evaluates how participation can negatively affect personnel security and employee performance. This initial report provides context, outlines presently actionable findings and strategies, highlights some questions that cannot yet be answered, and draws on outside research to guide future research. Information from many sources was examined, including academic research journals, other federal organizations, news reports, and cyber environments, to understand cyber activities relevant to personnel security. Participation is widespread in U.S. society and popular among all age groups. Some cyber activities, such as foreign associations, can be reportable per existing investigative criteria, so procedures should be updated appropriately and promptly. Other topics require research before action is recommended. One concern is how online disinhibition, where people who become more willing to disclose personal information, deceive, or become hostile, affects personnel security. Increased willingness to disclose may amplify the counterintelligence concerns for individuals targeted by hostile parties. There are also many potential negative effects on impulse control, mental health, physical health, and workplace behavior. Future research is intended to further guide policy, workforce awareness, investigations, and adjudications.
This report presents the results from an ethnographic examination of a popular virtual social environment, Second Life, as the second part of a larger effort to study the impact of participation in cyber activities on personnel security and safety. Research has shown that cyber participation can spill over into individuals’ offline lives, which could be of security concern to the extent that their online behavior demonstrates poor judgment and/or undermines their reliability. Several immersive ethnographic methods were used in the present study, including participation observation, group discussions, and one-on-one interviews with 148 Second Life users who resembled the demographics of clearance holders. The reported findings include a description of behaviors of potential concern, a set of case studies that outline the behaviors of actual users, and a framework of user personas that attempts to distinguish between innocuous use of no apparent security concern from problematic use that may pose risks to national security. These findings contain implications for updating personnel security policy regarding cyber involvement.