The FBI Wants To Know About Your IT Skills

AHuxley writes "The FBI, via the Office of Management and Budget, would like to find out more about your information technology expertise if you are part of InfraGard. Terms like 'practical utility' have been included in a 60-day emergency notice of information collection via the Paperwork Reduction Act of 1995. Is your boss or cubicle colleague part of InfraGard? It's a private, non-profit organization run as a public-private partnership with the Federal Bureau of Investigation. Are they passing info back about you or your company?"

Why is this necessarily a bad thing?

[mc1138]

While I'm against snooping without cause, something of this in a collaborative model isn't necessarily a bad thing, though it does open up for potential abuse. There are lots of times when I call up buddies ask them what sort of IT issues they're having with security, spam, etc, and this just seems to formalize it a bit, and get the circle of trust a little bigger. Companies too often seek to distrust the authorities for crimes because it will make their companies look weak. As such criminal will get away with things solely because no one reports them. This doesn't look like a secret "Stone Cutter" type group, just a way to get to know some local colleagues and keep more ears to more ground looking for potential threats.

Re:First post!

[FooAtWFU]

It seems aimed at big "IT Infrastructure" companies like ISPs, search engines and mail providers: a way to be in touch with these people in the event of "cyberterrorism" and systematic DOS/takeover attempts. It seems like a much better idea than waiting for something to happen and then have no idea who you're supposed to get in touch with about it. Knowing who to call in an emergency shouldn't have to be half the battle.

An end run around warrants?

[Anonymous Coward]

So, if the FBI wants to ask for certain records they have to get a warrant.

But, if a member of InfraGard decides to provide the FBI with records without the FBI asking then it's a private citizen reporting "suspicious behaviour"

Or, would a member of InfraGard be considered an officer of the government, making any records they had access to inadmissable?

I'm guessing it's pretty clear that I'm not a lawyer.

Am I missing something?

[Callandor]

From the information provided, which is very little, it appears that the FBI is requesting information from people who have voluntarily joined an organization of IT professionals not just sponsored by but directly affiliated with the FBI. Why is this getting everyone's hackles up? It does not say that the information will be required of all members, nor does it say that members will be required to inform on their coworkers or companies. The ACM asks you about your IT skills, too. How is this different?

Re:So?

[Svartalf]

Shame you had to post anon there, but I understand. And I'd have to concur- that was the read I got on this whole thing once I saw the request text on Cryptome.

Because of all the BS that went on prior to today within the Government, people are unfortunately hypersensitive of this sort of thing. What's sad about that, though, is that there ARE things to be up in arms about, even now, with stuff that the Government is doing (and in some cases, isn't...) in regards to "security" that goes unnoticed because we're worrying about things that don't need the concern and the other stuff slips by.

Re:missing tags

[Savage650]

Bigbrother, snoop, and even Stasi perhaps but KGB, Gestapo? No, as tempting as it may be, the FBI is not rounding up all IT people and sending them to the showers....

For now, they are just recruiting "volunteers" to watch for "suspicious behaviour" and report "unreliable elements".

Just the most obvious problems (as mentioned in other posts)

• how long until "not volunteering" is deemed "suspicious behaviour"?
• how long until people wronly accuse others for financial gain or just for fun?
• how long until you'll have to prove your "reliability" by filling your snitching quota?

Another thing to keep in mind: The so-called "War on Terror" can be used to outlaw anything and anyone.

Soon after a high-profile Cyber-Attack all knowledge of critical infrastructure(tm) will become classified. Too bad for those lacking the official clearance for things they already know. The state will have to place such persons in "protective custody" camps to keep the terrorists from expoliting their knowledge. Unfortunately, even a short time spent in a such a camp will disqualify you from ever getting back to your former life: While they could'nt prove any previous contacts to "unreliable elements", now they know where you have met them. Finally, once the "unrecovereable elements" are confined to the camps it wont be long until some politician wants the money wasted on their upkeep be spent on his constituency instead. That is where the "showers" come in ..

Re:First post!

[Punctuated_Equilibri]

This is a test of your biases. How would you feel if the Democratic Party was trying to create a support organization of volunteering IT professionals? The Republican party? moveon.org?

If you think the US does not need some organization that does the job of DHS, then you are an idiot. If you accept that the job needs to be done, then you also have to accept the people that you've got, you can't just fire them all and build a new DHS by hiring, say, fine arts majors. At that point you can have a discussion of how to organize and what limits to impose.

That said, seems to me like InfraGard opens up the process a bit. Instead of only DHS employees and a tightly knit web of contractors and suppliers knowing what is coming up, smaller companies and individuals with a clearance, or who can get one, could potentially get more access to some of this information, and provide feedback. That concept sounds okay to me, if it works.

Re:So?

[littlewink]

Did they also give you permission to shoot to kill [projectcensored.org] when martial law is declared?