No FEAR Act CP

***Credit to: Riley, Jack, and Andrew. BHL2015

The No FEAR Act was passed by congress in response to the EPA having an awful
record in preventing sexual harassment and racial harassment. It is currently not
enforced. Enforcement solves the ITP aff. The WPA(Whistleblower Protection Act)
does not apply to most of the intelligence community. Whistleblowers shatter the
groupthink culture. ***

No FEAR Act CP

1NC Shell
CP: The United States Federal government should:
1. Strengthen enforcement and protections for Federal
employees under the Notification and Federal Employee
Antidiscrimination and Retaliation Act of 2002.
2. Extend the Whistleblower Protection act to all intelligence
contractors, subcontractors, and grantees.
The Counterplan does not link to PTX. More than 50 lobbying
groups have endorsed it and Democrats are on board.
CP Solves: Whistleblowers and protecting them should be
prioritized. Creates a more open government
McCaskill 15 Claire Mccaskill is a Democratic Senator from Missouri who has
been in office since 2006. McCaskill previously served as State Auditor of Missouri,
and before that as Jackson County Prosecutor from 1993-1998. McCaskill has a B.A.
and J.D. from University of Missouri and Columbia Law School, respectively. The
report internally quotes McCaskill and was released by her office. 2015. (Marking
Sunshine Week, McCaskill Introduces Whistleblower-Protection Package Office of
Claire McCaskill, March, 19. Available via LexisNexis. Accessed 07-21-2015.)
Whistleblowers are the taxpayers best friend , said McCaskill, a senior member of
the Homeland Security and Governmental Affairs Committee . These folks play a
critical role in keeping our government accountable to its citizens by exposing
waste, fraud and abuseand weve got to surround them with the robust legal
protections that enable them to come forward to report wrongdoing.
McCaskill is reintroducing a bill that was first introduced in the wake of the VA
scandal last year, which included claims of whistleblower retaliation. The bill
mandates the firing of any VA employee found to have retaliated against a
whistleblower. Currently, a finding of retaliation against a whistleblower is
punishable by a range of procedures, including fines and reprimand.
McCaskills bill to protect whistleblowers in the intelligence community extends
whistleblower protections to intelligence contractors, who are often doing similar
jobs to federal employees. Last year, the same bill was endorsed by nearly 50 good
government groups.
McCaskill is also introducing legislation to extend current whistleblower protections
to grantees, subgrantees and subcontractors. Current protections apply only to
contractors, but not to employees of grant recipients, even though the federal
government plans to distribute $245 billion in grant funding in fiscal year 2015. The
bill would also prohibit contractors from getting reimbursed for legal fees accrued in
their defense against retaliation claims by whistleblowers.

The Counterplan solves: the problem is enforcement of the No

FEAR Act itself
Fears 04 Darryl Fears is reporting on environmental issues for The Washington
Post newspaper. Darryl Fears covers affordable housing and poverty for The
Washington Post. He previously worked on the national desk, covering race,
diversity, immigration, politics and criminal justice policy, and helped launch the
"Being a Black Man" series. Before arriving at The Post, Fears worked for the Los
Angeles Times, Atlanta Journal Constitution and Detroit Free Press. He is a graduate
of Howard University. 2004. Report Is Bleak For Whistle-Blowers The Washington
Post. March 11. Available via LexisNexis. Accessed on 07-21-2015.
A watchdog group issued a report card yesterday that gave failing grades to several
federal agencies for allegedly allowing repeated verbal abuse, retaliation and
harassment of employees by superiors who were the targets of discrimination
complaints.
The No Fear Institute, a Washington-based organization that was formed to monitor
treatment of workers after President Bush signed the No Fear Act of 2002, said
the law has had little effect on the federal workplace because the
administration has not enforced it.
"Tens of thousands of people are discriminated agai nst on the basis of race, sex and
because they are whistle-blowers," said Marsha Coleman-Adebayo, who chairs the
institute. She said agencies are too slow to process complaints, investigate them
and discipline managers who discriminate.
"We demand that agencies punish and fire managers who break the law," she said.
The institute based its report on data the agencies posted on their Web sites. But an
Office of Personnel Management lawyer said the law did not go into effect until last
October and does not require agencies to supply data until April 2005. The OPM is
charged with collecting data from agencies to help enforce the law, formally titled
the Notification and Federal Employee Antidiscrimination and Retaliation Act of
2002.
"It did not create any new employee rights or protections," said Mark A. Robbins,
OPM general counsel. "All the No Fear Act did was force the agency to reimburse
their budgets for judgments based on discrimination and whistle-blower
complaints."
Under other regulations, federal agencies are required to file information about how
complaints are processed to the Equal Employment Opportunity Commission, but
they often do not.
"I share their frustrations," Robbins said of employees. "Clearly, there's a problem
that Congress is trying to fix. Some of these agencies aren't complying the way they
should. Congress tried to hit the agencies where it hurts, in their budgets. Only time
will tell whether the law helps. I'm confident that it will work."

Prevents Groupthink
Whistleblowers are key to prevent terror attacks by breaking
the echo chamber
Benkler 14 Yochai Benkler, Benkler is the Jack N. and Lillian R. Berkman
Professor of Entrepreneurial Legal Studies, Harvard Law School, Faculty Co-Director,
Berkman Center for Internet and Society, Harvard University. 2014. (A Public
Accountability Defense for National Security Leakers and Whistleblowers, Harvard
Law & Policy Review, Available via LexisNexis. Accessed on 07-22-2015.)
Secrecy insulates self-reinforcing internal organizational dynamics from external
correction. In countering this tendency, not all leaks are of the same fabric . "War story"type leaks that make an administration look good or are aimed to shape public opinion in favor of an alreadyadopted strategy or to manipulate support for one agency over another, trial balloons, and so forth, are legion. n23
While these offer the public color and texture from inside the government and are valuable to the press, they do not

Some leaks, however, provide

a critical mechanism for piercing the national security system's [*285] echochamber, countering self-reinforcing information cascades, groupthink, and
cognitive biases that necessarily pervade any closed communications system. It is
this type of leak, which exposes and challenges core systemic behaviors , that has
increased in this past decade, as it did in the early 1970s. These leaks are primarily driven by
conscience, and demand accountability for systemic error, incompetence, or
malfeasance. Their critical checking function derives from the fact that conscience is uncorrelated with welloffer a productive counterweight to internal systemic failures and errors.

behaved organizational processes. Like an electric fuse, accountability leaks, as we might call them, blow when the
internal dynamics of the system reach the breaking point of an individual with knowledge, but without authority.

They are therefore hard to predict, and function like surprise inspections that keep a
system honest. n24 By doing so, these leaks serve both democracy and security.
This failsafe view of whistleblowing is hardly unique to national security. American
law in general embraces whistleblowing as a critical mechanism to address the
kinds of destructive organizational dynamics that lead to error, incompetence, and
abuse. In healthcare, financial, food and drug, or consumer product industries; in state and federal agencies,
throughout the organizational ecosystem, whistleblowers are protected from retaliation and often provided with
financial incentives to expose wrongs they have seen and subject the organizations in which they work to public or

Whistleblowing is seen as a central pillar to address government

corruption and failure throughout the world. n26 Unless one believes that the national security
official scrutiny. n25

establishment has a magical exemption from the dynamics that lead all other large scale organizations to error,

whistleblowing must be available as a critical arrow in the quiver of any

democracy that seeks to contain the tragic consequences that follow when national
security organizations make significant errors or engage in illegality or systemic
abuse.
then

Only strengthening Whistleblower Protections and enabling

whistleblowing can challenge Groupthink culture.
Pacella 14 Jennife M. Pacella, Assistant Professor of Law, City University of New
York, Baruch College, Zicklin School of Business. 2014. (INSIDE OR OUT? THE
DODD-FRANK WHISTLEBLOWER PROGRAM'S ANTIRETALIATION PROTECTIONS FOR

INTERNAL REPORTING Temple Law Review, Summer 2014. Available via LexisNexis.
Accessed 07-21-2015.)
Corporate and securities law scholar, James Fanto, suggests that negative reactions
toward whistleblowers occur because the whistleblower threatens "groupthink," a
phenomenon in which members of a group become uniform in their perspectives ,
acknowledging only the seeming positive aspects of group behavior and disciplining
any member who challenges such uniformity. n232 "The whistleblower calls into
question the totality of the decisions, and the worldview, of the group ; the
whistleblower becomes the embodiment of the truth about the organization that the
group cannot accept without admitting the massive impropriety at the heart of its
[*755] existence." n233 In this way, the whistleblower brings to light a truth that
his or her superiors would prefer to avoid, resulting in a collective sense of
resistance toward the whistleblower.
t. In 2009, the Ethics Resource Center (ERC) conducted a survey of whistlebloweremployees who experienced retaliation for their actions , noting that past research
"has identified fear of retaliation as the leading indicator of misconduct in the
workplace." n234 The ERC survey studied employees who observed some form of
misconduct, reported their observations to someone within the company , and felt
that they were punished as a result of reporting. n235 The survey reveals that, in
2009, fifteen percent of all those who observed and reported misconduct felt that
they were retaliated agains n236 This rate is higher for organizations with 100 to
499 employees and for union employees, each at twenty-one percent. n237 One
scholar notes that this figure is misleading, as the actual percentage of those who
have experienced retaliation varies depending on the type of misconduct reported
and the position of power of the person who reports, and that the risk of retaliation
for reporting major misconduct is actually much higher. n238 The ERC survey
revealed that of the various types of retaliation , the majority of respondents
experienced the following with the most frequency: exclusion by supervisors or
management from work decisions and activities (sixty-two percent); the cold
shoulder by coworkers (sixty percent); and verbal abuse by management or
supervisors (fifty-five percent). n239

Only strengthening legislation can solve the culture. The

Counterplan solves better than the aff.
Pacella 14 Jennife M. Pacella, Assistant Professor of Law, City University of New
York, Baruch College, Zicklin School of Business. 2014. (INSIDE OR OUT? THE
DODD-FRANK WHISTLEBLOWER PROGRAM'S ANTIRETALIATION PROTECTIONS FOR
INTERNAL REPORTING Temple Law Review, Summer 2014. Available via LexisNexis.
Accessed 07-21-2015.)
Further research has revealed that the two most common explanations for why
employees do not report internally are fear of retaliation and feelings of futility if
they choose to report, with fear of retaliation supported by a very real risk that
internal whistleblowers will be penalized for disclosing misconduct. n240 The threat
of reprisal itself is a major deterrent to blowing the whistle, causing potential
whistleblowers to carefully weigh the possible costs and benefits of reporting

wrongful acts. n241 A potential whistleblower's disincentive to report often exists

whether or not the actual reprisal is carried out - "perceptions of the likelihood of
retribution are just as important [in deciding whether to blow the whistle] as the
reality, if not more so." n242 [*756] Such perceptions, which may include fears of
being viewed as a troublemaker or liar, or punitive action such as threats, demotion,
or termination from employment, have been found to depend on contextual factors
that are largely based on the institution itself, making it less likely that an employee
will report wrongdoing if the institution has a history of retaliating against past
whistleblowers. n243
These disincentives for internal whistleblowers are extremely detrimental to
bringing potential violations of the securities laws to the forefront, as those from the
inside are the most valuable source of information. As one whistleblower scholar has
articulated, "whistleblowing is the single most effective way to detect fraud," n244
because the government relies heavily on private individuals to detect misconduct
through reporting. n245 Whistleblowers, as actual insiders, have "better and earlier
access to information about the most serious instances of corporate fraud." n246
Over forty percent of fraud detection results from whistleblower tips. n247 Tips from
whistleblowers have been found to be thirteen times more effective than external
audits in bringing possible violations to the forefront. n248 A study in which
statistics of employee-whistleblowers were examined revealed that, in eighty-two
percent of cases, the whistleblower experienced retaliation, such as
termination, quitting under duress, or had significantly altered
responsibilities. n249 This study also revealed that many employeewhistleblowers reported that they were forced to move to another industry or even
another town to avoid harassment. n250 In fact, given these repercussions, it is
surprising that internal whistleblowers decide to report at all.

A2 Whistleblowers undermine National security

Empirically false. Whistleblowers are key to effective National
security
Benkler 14 Yochai Benkler, Benkler is the Jack N. and Lillian R. Berkman
Professor of Entrepreneurial Legal Studies, Harvard Law School, Faculty Co-Director,
Berkman Center for Internet and Society, Harvard University. 2014. (A Public
Accountability Defense for National Security Leakers and Whistleblowers, Harvard
Law & Policy Review, Available via LexisNexis. Accessed on 07-22-2015.)
Even if we understand that the national security establishment can make mistakes,
there remains the argument that secrecy is vital to security; that the price of
transparency is too high. The argument gains force from the fact that understanding
how security is enhanced by secrecy is intuitively trivial. A military unit is on its way
to execute an attack on an enemy, and someone tips off the enemy who escapes or
ambushes the troops. This is classic "transports on the way" secrecy that could
be subject to prior restraint under the Pentagon Papers case. n62 Only one case of
leaking to the press has ever involved a risk of this type : the case of Morton
Seligman, who leaked decoded Japanese naval dispatches in the midst of World War
II, and whose publication after Midway could have disclosed that the United States
had broken Japanese naval codes. n63 This is the threat most legitimately
interjected against leaks, but in all but that one World War II case, it has been pat
hyperbole in criticisms of press leaks. Private Manning's disclosures to
Wikileaks, for example, were denounced as likely to cause deaths, a claim that the
Pentagon was not willing to repeat when asked for a formal assessment by the
Senate Armed Services Committee. n64 Claims of secrecy of this sort normally
assert power in the relationship between the national security system and the
public opinion system.

No Fear Act solves Terror

Solves terror
Herrara 8Elizabeth Angela Herrera , August 2008 A Thesis Presented to the
Faculty of the Graduate School of Cornell University In Partial Fulfillment of the
Requirements for the Degree of Master of Public Administration ("STRIKING A
BALANCE: WHISTLEBLOWING PROTECTIONS IN THE INTELLIGENCE COMMUNITY,",
august 2008 Available Online
athttp://ecommons.cornell.edu/bitstream/handle/1813/11249/Herrera
%20Thesis.pdf;jsessionid=63F2A59C9EFD13F3B6F8D50A55C60592?sequence=1,
Accessed 7-22-2015)
In the span of the two years it took Congress to succeed in finalizing the No FEAR
Act and having it signed into law, the United States experienced the worst terrorist
attack in its history on September 11, 2001. After the attack, several whistleblowers
came forward about botched investigations, poor security in airports, and several
other claims alleging that the federal government could have prevented the
attack.19 These disclosures prompted the formation of the National Commission on
Terrorist Attacks Upon the United States (also known as the 9-11 Commission), an
independent, bipartisan commission created by congressional legislation and the
signature of President George W. Bush in late 2002.20 Whistleblowers from various
intelligence agencies received little protection from reprisal under the law and the
enforcement of the No FEAR Act was sidelined while the federal government worked
on protecting the U.S. from further attacks.21

No FEAR Solvency card (orig)

The original No FEAR Act solves for Federal workplace
Harassment
Coleman-Adebayo 02 Dr. Marsha Coleman-Adebayo, received her BA
degree from Barnard College/Columbia University and her doctorate degree from
the Massachusetts Institute of Technology (MIT). She is the author of No FEAR: A
Whistleblower's Triumph over Corruption and Retaliation at the EPA. Dr. ColemanAdebayo was a Senior Policy Analyst in the Office of the Administrator at the US
Environmental Protection Agency. She has held various academic positions as
Adjunct Professor at the Georgetown University _ School of Foreign Studies and
Visiting Scholar in the Department of African-American Studies at George Mason
University. On August 18, 2000, Dr. Coleman-Adebayo won an historic lawsuit
against the EPA on the basis of race, sex, color discrimination, and a hostile work
environment. She subsequently testified before Congress on two occasions. As a
result, the Notification of Federal Employees Anti-discrimination and Retaliation Act
[No FEAR] was introduced by Congressman F. James Sensenbrenner (R-WI),
Congresswoman Sheila Jackson Lee ( D-TX) and Senator John Warner (R- VA). Along
with the No FEAR Coalition, she ushered the No FEAR Bill through Congress.
President George W. Bush signed the No FEAR Act into law. Thousands of federal
workers and their families have directly benefited from this law. She serves as a
producer on the dramatic film: No FEAR!
WASHINGTON On May 15, President Bush signed the first civil rights law of the
21st century. The No Fear Act (for Notification and Federal Anti-Discrimination and
Retaliation) will change the way the government operates. Managers in federal
agencies found guilty of discrimination will no longer find it easy to avoid
responsibility for their actions, and their agencies will have to pay for the
consequences of their conduct.
The new law will make it less likely that the kind of workplace discrimination and
harassment I endured at the Environmental Protection Agency -- and over which I
successfully sued -- will go unnoticed and unpunished. As I testified before the
House Science Committee while advocating for this law, federal employees should
not have to work in a culture of fear and intimidation. The threat of reprisal,
including loss of their jobs, prevents them from reporting abuses. Intolerance may
prevent them from performing at their most effective level.
My troubles were most intense when I served as the E.P.A. liaison for the
environment on the Gore-Mbeki Commission, a Clinton administration foreign policy
program with South Africa. After I reported that an American company was
poisoning its African workers and their families with toxic waste, I was relieved of
my responsibilities on the commission, my efforts to conduct an investigation were
stifled and I was made a target of personal abuse. Racial epithets were hurled at me
by senior officials; I was denied a promotion, supposedly because I made the choice
to become pregnant; and I received threatening phone calls at home.

When I filed a discrimination complaint with the E.P.A.'s civil rights office, my
situation grew worse. I sued, and in August 2000 a federal jury found the E.P.A.
guilty of discrimination and creating a hostile work environment. It awarded me
$600,000 in damages. It was my case that moved Congress to take up the No Fear
bill.
Thousands of federal employees are working under the daily stress of
discrimination. In 2000, female and nonwhite federal employees made nearly
25,000 complaints against the federal government. Settlements and judgments cost
the federal government tens of millions a year, but total expenditures have been
hard to calculate and there has been little Congressional oversight. There is no
accountability because most judgments were paid from a general government
judgment fund without penalty to the agency at fault.
The No Fear Act will force federal agencies to pay all settlements and judgments for
discrimination from their own budgets. It contains reporting requirements that will
help determine whether a pattern of misconduct exists within an agency and
whether that agency is taking action to address it. It requires that employees and
managers be notified of their rights and responsibilities. And it strengthens
protections for whistleblowers, who are often forced to choose between remaining
silent about a dangerous or illegal situation and risking their careers by telling the
truth.
The House and the Senate unanimously passed the No Fear Act. It was sponsored in
the House by F. James Sensenbrenner, the conservative chairman of the House
Judiciary Committee, and Sheila Jackson Lee, a liberal Democrat. In the Senate, John
Warner took the lead on the bill. This bipartisan support shows that both political
parties recognize the need to root out discrimination in the federal government and
that they can come together to protect the rights of minorities and women.
The No Fear Act will serve society by making it possible for federal employees to
raise red flags when they see misconduct. The government should be a leader in
protecting employee rights, and the new law will push it in that direction.

No Fear Act Solves

The No FEAR Act can solve the case: it is the strongest
legislation to prevent discrimination and allow for
whistleblowing
Pell 05 Lisa Pell, Editor-in-Chief, Cardozo Journal of Conflict Resolution. B.A.,
Brandeis University, 2001; J.D., Benjamin N. Cardozo School of Law, Yeshiva
University, 2005. (IS ALTERNATIVE DISPUTE RESOLUTION REALLY AN ALTERNATIVE
FOR FEDERAL EMPLOYEES?: POSSIBLE SUGGESTIONS FOR ENCOURAGING FEDERAL
EMPLOYEES TO PARTICIPATE IN ADR PROGRAMS Yeshiva University Cardazo Journal
of Conflict Resolution. Spring, 2005. Available via LexisNexis. Accessed 07-21-2015.)
In 2002, Congress passed the Notification and Federal Employee Anti-Discrimination
and Retaliation Act, Pub. L. No. 107-174, 116 Stat. 566 (2002), in order to hold the
federal government accountable for violations of anti-discrimination and
whistleblower laws. One of the goals of the No FEAR Act was to protect
whistleblowers from retaliation by their employers, particularly in recent times
where corporations have come under fire for illegal practices. Additionally, No
FEAR's relationship to the federal government is one of accountability. For this
reason, the No FEAR Act is an essential aspect of the DOT's ADR program.
Accountability regarding anti-discrimination is a method for creating an environment
where there is less discrimination and fewer complaints . The hope of the No FEAR
Act is to streamline the discrimination complaint process. The Department of Civil
Rights hopes to use the No FEAR Act to improve the monitoring, accountability and
enforcement of a fair and efficient complaint process, by having the No FEAR Act
implemented in a "timely and high quality fashion." See Office of the Secretary,
Departmental Office of Civil Rights, State of Equal Employment Opportunity
Discrimination Complaints Report, at 14 (2002) [hereinafter Discrimination
Complaints Report].

The No FEAR Act as legislation solves, it is about enforcement

Roth 11 Debra L. Roth is a partner at the law firm Shaw Bransford & Roth, a
federal employment law firm in Washington, D.C. She is general counsel to the
Senior Executives Association and the Federal Managers Association, host of the
FEDtalk program on Federal News Radio, and a regular contributor to Federal
News Radios Federal Drive morning show. ("Managers should be wary of running
afoul of No Fear Act", Ask The Lawyer, Available at:
http://askthelawyer.federaltimes.com/2011/10/31/managers-should-be-wary-ofrunning-afoul-of-no-fear-act/, Accessed 7-26-2015)
Managers should be aware of and wary of the No FEAR Act the Notification and
Federal Employee Antidiscrimination and Retaliation Act and its requirements.
Numerous provisions of the law are potential land mines for managers. For example,
the law requires agencies to report to Congress annually about violations of antidiscrimination and whistle-blower reprisal laws, including such information as the
number of offending managers who were disciplined, the nature of the discipline

and the agencys policy about taking discipline against managers who are found to
have discriminated or retaliated against their subordinates .
This alone makes the threat to federal managers very real, but the rate of actual
disciplinary action because of discrimination or reprisal seems low. This
causes managers to relax a little too much and to not take seriously the threat
of discipline because of the No FEAR Act. The cultural change that was
supposed to have occurred because of No FEAR has simply not occurred.
This creates frustration and statements of outrage from civil rights groups who
believe that managers regularly discriminate, but are almost never held
accountable. The result of this pressure means that agencies will begin to take
findings of discrimination in EEO cases seriously and may look for a manager to be a
scapegoat.

Enforcement Key
The current No FEAR Act is bogged down in red tape; inhibits
effectiveness
Hall 2 Hall, Debbie, Owner of the Village Enterprise and former federal
employee, Banner Software. MA from Stanford University Graduate School of
Business. 2002 ("Whistle-blower fears `No Fear' Act will be lost in red tape. ,"Insight
on the News, 15 Oct. 2002, Available Online at
http://go.galegroup.com.proxy2.cl.msu.edu/ps/i.do?
p=AONE&u=msu_main&id=GALE|
A93457379&v=2.1&it=r&userGroup=msu_main&authCount=1,
Accessed 7-22-2015)
I am writing in reference to your article "Bush Must Keep Pledge to Whistle-Blowers"
[the last word, Oct. 1-14]. Currently, I am having an experience very similar to
Coleen Rowley of the FBI and I too am facing career-ending reprisal from senior
federal management after reporting fraud. I can basically quote Rowley's story word
for word; however, my headline would read: Will the Real Federal Government
Please Stand Up?
It's sad to say that the federal government does not want, support or appreciate
employees who expose fraud, waste and corruption. Furthermore, with little to no
support by agencies, it seems that the "No Fear" Act may in fact turn out
to be another system of bureaucratic red tape.
Didn't you see how swift the president was in pouncing on the fraud of corporate
America? Where is that same system of punishment for the federal government?
I am very disappointed in the ethical responsibility shown by the federal
government across the board. I work for an agency that services customers
worldwide; therefore, we are entrusted with millions of dollars. The input of funds by
taxpayers and output of mostly contracted services by our agency equates to gross
mismanagement, fraud and abuse of power . The unqualified contractors in our
office are paid salaries that would make Donald Trump blush! And Congress thinks
we are saving money by replacing federal workers with this bombardment of
contractors.
I have written our senior management and my congressional leaders on several
occasions concerning the problems in my office, but to no avail--and the reprisal has
always worsened.
I do not know how we are going to make it as a nation if this type of protected fraud
continues.

The Current No FEAR Act has loopholes for enforcement that

hinders effectivity.
Young 7 Joseph Young is a staff writer at the Washington Informer, and online
and print newspaper. 2007 ("Whistleblower Protection Law Sought for Federal
Workers," No Publication, January 4th, Available via LexisNexis Accessed 7-22-2015)

They call themselves the No FEAR 7 - Marsha Coleman-Adebayo, Matthew F. Fogg,

Blair Hayes, Janet Howard, Dennis E. Young, Joyce E. Megginson and Zena D.
Crenshaw - all federal workers who blew the whistle on various federal government
agencies for discrimination against minority workers.
The No FEAR 7 held a press conference last week at the Cannon House Office
Building, announcing the Notification and Federal Employee Antidiscrimination and
Retaliation Act (No Fear), which will be introduced in the 110th Congress next year
by Rep. John Conyers (D-Mich.), who will chair the House Judiciary Committee when
the Democrats take control of the chambers in January.
At the Capitol Hill press conference, Rep. Albert R. Wynn (D-Md.) said the No Fear
Act of 2002 has loopholes, and it has not been effective in ending discrimination
within the federal workplace. "It has not worked as well as we had hoped," said
Wynn. "The bill needs more teeth."

Contractor Protections solve

The Workers protection act does not protect contractors. We
need more Snowdens.
Papandrea 14 Mary-Rose Papandrea, Papandrea came to the University of
North Carolina School of Law in 2015 from Boston College Law School. Her teaching
and research interests include constitutional law, media law, torts, civil procedure,
and national security and civil liberties. After graduating from Yale College and the
University of Chicago Law School, Professor Papandrea clerked for U.S. Supreme
Court Justice David H. Souter as well as Hon. Douglas H. Ginsburg of the D.C. Circuit
and Hon. John G. Koeltl of the U.S. District Court for the Southern District of New
York. 2014. 9LEAKER TRAITOR WHISTLEBLOWER SPY: NATIONAL SECURITY LEAKS
AND THE FIRST AMENDMENT Boston University Law Review. March, 2014. Available
via LexisNexis. Accessed on 07-22-2015)
The paucity of protections for national security employees stands in great contrast
to the safeguards afforded to other government employees. The Federal
Whistleblower Protection Act (WPA) protects a government employee who discloses
information that he "reasonably believes" demonstrates a violation of any law, rule,
or regulation, an instance of gross mismanagement, a gross waste of funds, an
abuse of authority, or a substantial and specific danger to public health or safety, so
long as he is not prohibited by law or required by executive order to keep the
information secret. n257 Other federal laws in certain situations protect
whistleblowers who act on a "reasonable belief" of wrongdoing n258; still others
protect those who report "potential" n259 or "alleged" n260 violations of federal
law. n261 The reason for protecting these good faith beliefs is to encourage
disclosures. n262
The WPA offers virtually no protection to national security employees and
contractors. n263 First, the WPA makes no mention of contractors at all and
[*492] appears on its face to apply only to government employees. n264 Second,
government employees in national security agencies are generally
excluded from the WPA's coverage. n265 Third, federal employees covered
under the WPA will find themselves without protection under the WPA if they
disclose classified information that is marked as an executive order and regarding
defense or foreign affairs to anyone except the Inspector General (IG) or Special
Counsel. n266

Protecting private contractors is essential: status quo

regulations fail.
Boyne 14 Shawn Marie Boyne. Professor of Law, Indiana University Robert H.
McKinney School of Law-Indianapolis. 2014 (LABOR LAW: Whistleblowing Indiana
University Law Review. Available via LexisNexis. Accessed on 07-21-2015.)
In recent decades the shortcomings of the extent of whistleblower protection under
the FCA have become clearer. In particular, the FCA's provisions did not give

plaintiffs a cause of action for several common forms of retaliation. The largest
loopholes included: coverage for individuals who were planning to file a qui tam action,
individuals who attempted to blow the whistle without filing an action , employees who
refused to participate in the fraudulent practices, retaliation [*435] against the
whistleblower's family members and colleagues, and retaliation against contractors and
agents employed by the defendant who did not fall under a strict construction of the
word "employee." n46 In 2009, Congress attempted to close those loopholes in the
Fraud Enforcement and Recovery Act (FERA), which is discussed below. In an effort to fight any
potential liability, employers still found ways to fight qui tam suits. One of the chief
impediments to an FCA suit was the act's "Public Disclosure Bar." In cases in which some of the information
contained in the suit was based on information available to the public, employers moved courts to dismiss suits by
alleging that the suits did not further the public interest. The U.S. Supreme Court attempted to weigh in on this
issue in Graham County Soil and Water Conservation District v. U.S. ex rel. Wilson, 559 U.S. 280 (2010), when the
Court held that relators could not proceed with an action when that action relied in part on information available
from publicly available state and local administrative reports, audits, and investigations. However, that portion of
the decision was moot before it was announced as, one week prior to the Court's decision, the President signed into
law the Patient Protection and Affordable Care Act. This new legislation precluded courts from dismissing future
cases under this section of the FCA. Until 2010, the relator had to prove that he or she was the "original source" of
the information and that the information provided by the whistleblower was not available from public sources to
prevent courts from dismissing claims because they claimed to lack subject matter jurisdiction. n47

No FEAR Act CP Answers

No FEAR Act cant Solve

Alt casuse: espionage Act used to justify persecution of
whistleblowers
Kines 13 Candice M. Kines, JD, West Virginia University College of Law, Class of
2014; BA, Christopher Newport University, 2010. 2013. ( DEFINING THE RIGHTS OF
JOURNALISTS AND WHISTLEBLOWERS TO DISCLOSE NATIONAL SECURITY INFORMATION
West Virginia Law Review, num. 735, Winter. Available via LexisNexis. Accessed on 07-262015.)

The Espionage Act of 1917 n2 - a law originally created to fight acts of espionage n3
and treason n4 - is increasingly being used to prosecute whistleblowers who, in an
effort to raise public awareness, disclose to the media questionable government
activity. n5 Consequently, the government has used the Espionage Act to deter
whistleblowers from disclosing any information involving national security. n6
However, not all national security disclosures have the purpose or effect of harming
our country. In fact, placing substantial restrictions on the disclosure of this kind of
governmental information may be even more harmful. Although secrecy is
important in preserving the nation's security, public disclosure of certain
information or conduct is necessary for a healthy democracy because it adheres to
fundamental notions of democracy and significantly increases government
accountability. n7 In contrast, nondisclosure of government information creates
greater opportunity for the government to engage in activities that are illegal,
immoral, and publicly unpopular. n8 Additionally, by substantially restricting
disclosure, [*737] the government can conceal such conduct in order to avoid
public criticism. n9 Thus, public disclosure of certain government information is also
necessary to prevent governmental abuse.
The increased prosecutions of whistleblowers not only demonstrates the
government's complete disregard for the benefits of certain disclosures, but also its
failure to recognize the fact that whistleblowers are not the only participants of
disclosure. In fact, by nationally publishing disclosed information , the media plays
an even greater role than whistleblowers in the distribution of classified government
information. Without national or world-wide publication - whether through
newspapers, online, television, or radio - such information would pose little to no
threat because the likelihood of unwanted readers acquiring the information would
be slim. Despite this fact, the government prosecutes only whistleblowers but allows
journalists to widely distribute without fear of consequence the same information
that the government is attempting to protect, namely, information that it believes to
be harmful to national security. n10

The Counterplan does not bolster legislation to protect

whistleblowers from prosecution
Kines 13 Candice M. Kines, JD, West Virginia University College of Law, Class of
2014; BA, Christopher Newport University, 2010. 2013. ( DEFINING THE RIGHTS OF
JOURNALISTS AND WHISTLEBLOWERS TO DISCLOSE NATIONAL SECURITY INFORMATION

West Virginia Law Review, num. 735, Winter. Available via LexisNexis. Accessed on 07-262015.)

As stated above, there are no current laws - including the First Amendment - that
provide protection to whistleblowers for disclosing governmental information.
Instead, the laws currently recognized only enable greater prosecution of
whistleblowers and they do so regardless of the [*758] circumstances surrounding
the disclosure (e.g., regardless of the type, purpose, or effect of the disclosure).
n167 Part III of this Note analyzes these laws. The first section discusses the
adequacy of the reporter's privilege. While the purpose of the privilege is to
preserve the confidentiality of reporters' sources n168 - many of which are
whistleblowers - it rarely accomplishes this goal. The second section discusses the
Espionage Act, which is increasingly being used to prosecute whistleblowers. n169
The Act allows for the prosecution of any individual who discloses classified
information to a journalist; however, the Act does not provide for the prosecution of
a journalist who chooses to publish that material for the world to see. n170 Thus,
the reporter's privilege and the Espionage Act provide no protection for
whistleblowers, but instead only create an avenue for their prosecution.
By failing to provide protection to whistleblowers, these laws also fail to recognize
the benefits that disclosure has to offer, particularly the generation of thoughtful
public debate and the encouragement of government accountability. Furthermore,
by providing an unlimited ability for journalists to publish classified government
information, these laws cannot truly protect the nation's security. Therefore,
because neither the benefits of disclosure - thoughtful public debate and
government accountability - nor the benefits of nondisclosure - protection of
national security - are satisfied here, these laws fail to promote the overall public
good. n171

Obama Administration doesnt care. Prosecution of

whistleblowers ensures circumvention
Kines 13 Candice M. Kines, JD, West Virginia University College of Law, Class of
2014; BA, Christopher Newport University, 2010. 2013. ( DEFINING THE RIGHTS OF
JOURNALISTS AND WHISTLEBLOWERS TO DISCLOSE NATIONAL SECURITY INFORMATION
West Virginia Law Review, num. 735, Winter. Available via LexisNexis. Accessed on 07-262015.)

Due to the inability of the reporter's privilege to effectively protect whistleblowers,

as demonstrated by Sterling's case, the current Administration has more than
doubled the number of whistleblowers previously prosecuted under the
Espionage Act. n51 Further, while the government's interest in prosecuting
whistleblowers is to prevent disclosure of information that could be harmful to the
United States, no legislative method is currently in place to deter the media from
widely publishing that same harmful information. Therefore, absent any regulation
of information published by the media, prosecuting whistleblowers for disclosing

national security information cannot adequately serve the government's interest of

preventing harmful disclosure.
Nevertheless, the Obama Administration has been increasingly persistent in
prosecuting whistleblowers and attempting to force journalists to [*744] testify
against them. n52 This aggressive and "unprecedented crackdown over leaks" has
been termed Obama's "war on whistleblowers" n53 or more commonly, the "war on
leaks." n54 The Obama Administration's reaction to recent disclosures of national
security information highlights the disparity that exists between journalists and their
sources regarding the ability to disclose information. n55

WhistleBlower Protection Fails

Whistle blower laws decrease the amount of whistle blowing
taking place
Martin 03 Brian Martin (born 1947) teaches in the interdisciplinary area of
Science, technology, and society at the University of Wollongong in Australia, where
he became a professor in 2007.[1] He was president of Whistleblowers Australia
from 1996 to 1999 and remains their International Director. 2003. (Illusions of
Whistleblower Protection UTS Law Review, No. 5. Available via LexisNexis. Accessed
on 07-26-2015.)
Thoms (1992: 83), using a Weberian analysis, argues that "Whistleblower legislation
strives to control the agenda of whistleblowers and to contain their disclosures to
channels which are under the purview of the state. Under regimes of authorized
whistleblowing, the potential for criticism and review of the operations of the state
by the public it is said to serve are virtually non-existent." The cynical explanation of
whistleblower laws is that they are intended to encourage employees to speak out,
revealing their identity and, rather than protecting them, instead making them
easier targets for attack. This explanation is espoused by a few disillusioned
whistleblowers. These explanations are actually compatible. Promoters of
whistleblower laws may be quite sincere but the laws in effect can serve to give the
illusion of protection. They may also lead employees to believe, mistakenly, that
they are protected and thus to become easier targets than if the laws did not exist.

Whistle Blower protection laws will fail lots o. warrants why

Martin 03 Brian Martin (born 1947) teaches in the interdisciplinary area of
Science, technology, and society at the University of Wollongong in Australia, where
he became a professor in 2007.[1] He was president of Whistleblowers Australia
from 1996 to 1999 and remains their International Director. 2003. (Illusions of
Whistleblower Protection UTS Law Review, No. 5. Available via LexisNexis. Accessed
on 07-26-2015.)
A fundamental problem with whistleblower laws is that they usually come into play
only after disclosures have been made and reprisals have begun. As in the example
at the beginning of this article, many employees make disclosures in good faith, not
thinking of themselves as whistleblowers. As a result, they seldom have gathered
sufficient evidence about the alleged problem to withstand a concerted cover-up.
Not anticipating any adverse reaction, they may not be in a position to document
reprisals. As a result, invoking whistleblower laws is seldom a practical proposition.
Another problem is that there are many subtle ways for employers to undermine
employees without providing clear-cut evidence of reprisals. Rumours and ostracism
are two of the most common responses encountered by whistleblowers but are
virtually impossible to document. Petty harassment is also potent. It might mean
such minor things as unavailability of a company car, awkward rosters, slowness in
processing claims, or requests for excessive documentation. Ostracism itself can
cause the equivalent of petty harassment, as a worker is denied access to everyday
information needed to do the job efficiently. At a more serious scale are job

reassignments that reduce or increase work demands, either setting up the

employee for failure or making the job tedious; in both cases it is often easy to
camouflage the changes as necessary due to changes in the work environment or to
a more general organisational restructuring. Ironically, it can be more difficult for an
employee to deal with subtle undermining than with a more obvious attack such as
demotion or dismissal. Subtle harassment can lead some employees to blame
themselves whereas blatant attacks are more readily understood as reprisals.
Another problem with whistleblower laws is that they typically pit a lone employee
against a powerful organisation. The organisation can pay for expensive legal
advice and has little to lose by making the case as protracted as possible.
Individuals in the organisation have little at stake; indeed, many of them may have
moved on in the years it takes for a case to run its course. On the other side, the
whistleblower is often alone in pursuing the case, sometimes without any income
and seldom with dedicated backing from an organisation. Whistleblower laws put
the focus on whistleblowers and what is done to them. An unfortunate feature of
this focus is a relative neglect of the original issue about which the employee spoke
out. Whistleblower laws do not and perhaps cannot require an investigation into an
employee's allegations. During the drawn-out process of assessing whether
reprisals have occurred, the original issue is not addressed. For a dismissed
whistleblower, "success" usually comes in the form of a settlement, not a
reinstatement; success in terms of organisational reform is not part of the
agenda of whistleblower laws. These shortcomings of whistleblower laws
are so systemic that it is worth asking why anyone would bother with
them at all. Three types of explanations can be labelled sincere, symbolic and
cynical. Undoubtedly most of those who promote whistleblower laws are completely
sincere. This includes many whistleblower activists whose sincerity cannot be
doubted, given that they themselves are victims of reprisals. But sincerity of intent
is no guarantee of effectiveness in execution. The flaws in the vehicle whistleblower legislation - are seen as unfortunate weaknesses, due to poor
drafting, inadequate resources or ineffectual implementation. A different
explanation is that whistleblower laws are a form of symbolic politics (Edelman,
1964), serving to give the appearance of political action without any substantive
change in institutional dynamics. Symbolic politics is deployed when popular
pressure becomes strong. A law gives the appearance of government concern even
though it may not lead to any change in behaviour. For example, governments can
placate concerns about crime by passing laws even though there is little evidence
that longer prison sentences form a deterrent to violent crime or that more than a
tiny proportion of corporate crime is ever prosecuted.

Whistle blower Protection Act offers no protection, and the

plan will be circumvented by executive branch.
DW 14 Deutsche Wells, is an German and American international news
organization that runs but US and international news with collaboration in Europa,
the US, Latin America, and Beijing. 2014. ("US whistleblower laws offer no
protection", DW, January 28th. Available at: http://www.dw.com/en/us-whistleblowerlaws-offer-no-protection/a-17391500, accessed 7-26-2015)

Some eight months before Edward bySnowden leaked classified NSA programs to
the press, US President Barack Obama issued an order extending whistleblower
protections to employees of America's intelligence agencies. The White House often
cites this fact when addressing the three felony charges against Snowden, in total
carrying a maximum sentence of 30 years in prison. Two of those charges fall under
the 1917 US Espionage Act.
In his January speech on NSA reform, President Obama said that he did not want to
"dwell on Mr. Snowden's actions or his motivations." But five months earlier, the US
commander-in-chief had already made clear that he did not view the 30-year-old as
a whistleblower or patriot, saying that Snowden had failed to use official, non-public
"proper channels" to express his concerns about NSA surveillance.
But Snowden has said that Obama's extension of whistleblower protections to the
intelligence community, under Presidential Policy Directive 19 (PPD-19), does not
cover government contractors. Before his disclosures, Snowden was an employee of
the company Booz Allen Hamilton, which contracted with the National Security
Agency.
"If I had revealed what I knew about these unconstitutional but classified programs
to Congress, I could have been charged with a felony," Snowden said in a live,
online question and answer session last Thursday.
'Death by a thousand cuts'
For years, would-be whistleblowers in the US intelligence community had no legal
protections to shield them from retaliatory measures by their superiors. The
Whistleblower Protection Act of 1989 covered most of the federal
government with the glaring exception of the intelligence agencies.
In an effort to close this legal gap, Congress passed the Intelligence Community
Whistleblower Protection Act (ICWPA) a decade later. The law covers employees and
contractors at the Central Intelligence Agency (CIA), the National Security Agency
(NSA), the Defense Intelligence Agency (DIA), the National Imagery and Mapping
Agency (NIMA) as well as the National Reconnaissance Office (NRO).
But according to Thomas Drake, the act failed to adequately protect whistleblowers
from retaliation. A former senior executive at the NSA, Drake blew the whistle on a
failed surveillance program called Trailblazer. He used what the government calls
"proper channels" to express his concerns about the program's exorbitant cost and
its lack of privacy protections, reaching out to his immediate supervisor, the office
of the inspector general, and the congressional intelligence committees.
"I was reprised against severely within the proper channels," Drake told DW. "I was
identified as a troublemaker."
Thomas Drake at NSA demonstration
Drake used "proper channels," but still faced retaliation

Drake called the NSA's response to his whistleblowing activities "death by a

thousand cuts administratively and bureaucratically," saying that the agency found
ways to change his job and cut his responsibilities. Ultimately, the NSA re-organized
the section he worked in, leaving him with nothing but a "paper title." Drake
resigned from the agency in 2008.
"There's nothing within the act that actually protects you. I don't have cause of
action - I can't go to the courts for redress," he said, adding that his only recourse
was to file evidence with the Defense Department inspector general's reprisal unit.
According to Drake, the unit agreed that he had suffered from reprisal, but the case
still has not completely resolved itself.
Drake only went public, contacting the Baltimore Sun newspaper, when he felt that
the proper channels had failed. The federal government indicted him under the US
Espionage Act for supposedly taking classified documents illegally, an allegation
that unraveled before the trial. In the end, the government dropped the charges in
exchange for Drake agreeing to plead guilty to one misdemeanor count of misusing
a NSA computer. He was sentenced to a year of probation and 240 hours of
community service.
Murky legal framework
Although the ICWPA covered both employees and contractors, US whistleblower
laws have been changed through legislative and presidential action since the Drake
case. In 2012, Congress passed and President Obama signed the Whistleblower
Protection Enhancement Act. But the law excluded the intelligence agencies from
coverage.
Although Obama had issued his directive that same year extending whistleblower
protections to the entire intelligence community, PPD-19 only covers intelligence
agency employees. Contractors, such as Edward Snowden, are not explicitly
protected by the directive. Even for legal experts, it's unclear how exactly all of
these different regulations interact with one another, and whether or not
contractors such as Edward Snowden are covered by the whistleblower laws.
"No one knows exactly how those pieces are supposed to fit together," William C.
Banks, an expert on national security law at Syracuse University College of Law, told
DW. "But I think the trump card is the criminal law. Regardless of whether the
contractor or a regular employee of a US agency is blowing the whistle, if he or
she is at the same time violating a criminal law of the United States, the
whistleblower protection is worthless."

And, defendors dont even use the whistleblower protection

laws.
DW 14 Deutsche Wells, is an German and American international news
organization that runs but US and international news with collaboration in Europa,
the US, Latin America, and Beijing. 2014. ("US whistleblower laws offer no

protection", DW, January 28th. Available at: http://www.dw.com/en/us-whistleblowerlaws-offer-no-protection/a-17391500, accessed 7-26-2015)

Mark Zaid, an attorney in Washington, D.C., represents intelligence community

whistleblowers. Zaid doesn't make use of the whistleblower protection laws when
representing his clients, calling the provisions "inadequate." Obama's presidential
directive, for example, is largely discretionary and doesn't actually guarantee
whistleblowers protection. It only provides a process by which their claims of
suffering from retribution can be addressed.
Nevertheless, Zaid said that Edward Snowden had a legal obligation to use the
proper channels, even if the protection laws were insufficient.
Edward Snowden Filmstill WikiLeaks
It's murky, at best, whether or not a contractor like Snowden was covered by the
whistleblower laws
"He has a legal obligation to do so, and I think he has moral obligation to do so, to
at least try to work through the system, as futile as it might be, before taking the
last resort, which is to provide the information to third parties without
authorization," Zaid told DW.
But according to NSA whistleblower Thomas Drake, the whistleblower system has
been corrupted from within, which discourages people from coming forward.
"The reporting chains themselves largely serve to protect the institution from those
that would expose it, even from those within," Drake said.
"Especially when they see what happens to people like me, they will choose to
remain silent, they will ultimately censor themselves and not report the wrongdoing,
although they're in the best position to do so."
DW R

Accumulo CP
***The aff says data collection leads to overloads (HUMINT). The Counterplan says if
we hire enough analysts for Accumulo which is a data program by the NSA
developed and modeled off of Google, then we can solve for data collection
overload. NB: Terror.***

Accumulo CP

1NC Shell
Counterplan: The United States federal government should
substantially increase funding for data analysts associated
with the Accumulo data storage program
The Counterplan solves the entirety of the [ insert tech
advantage] without linking to the SST link in terror.
Accumulo is best to prevent terror.
Henschen 13 Doug Henschen, 6-11-2013 ("Defending NSA Prism's Big Data
Tools," InformationWeek, 6-11-2013, Available Online at
http://www.informationweek.com/big-data/big-data-analytics/defending-nsa-prismsbig-data-tools/d/d-id/1110318?, Accessed 7-20-2015)
The more you know about NSA's Accumulo system and graph analysis, the less
likely you are to suspect Prism is a privacy-invading fishing expedition.
It's understandable that democracy-loving citizens everywhere are outraged by the
idea that the U.S. Government has back-door access to digital details surrounding
email messages, phone conversations, video chats, social networks and more on
the servers of mainstream service providers including Microsoft, Google, Yahoo,
Facebook, YouTube, Skype and Apple.
But the more you know about the technologies being used by the National Security
Agency (NSA), the agency behind the controversial Prism program revealed last
week by whistleblower Edward Snowden, the less likely you are to view the project
as a ham-fisted effort that's "trading a cherished American value for an unproven
theory," as one opinion piece contrasted personal privacy with big data analysis.
The centerpiece of the NSA's data-processing capability is Accumulo, a highly
distributed, massively parallel processing key/value store capable of analyzing
structured and unstructured data. Accumolo is based on Google's BigTable data
model, but NSA came up with a cell-level security feature that makes it possible to
set access controls on individual bits of data. Without that capability, valuable
information might remain out of reach to intelligence analysts who would
otherwise have to wait for sanitized data sets scrubbed of personally identifiable
information.
As InformationWeek reported last September, the NSA has shared Accumulo with
the Apache Foundation, and the technology has since been commercialized by Sqrrl,
a startup launched by six former NSA employees joined with former White House
cybersecurity strategy director (and now Sqrrl CE0) Ely Khan.
"The reason NSA built Accumulo and didn't go with another open source project, like
HBase or Cassandra, is that they needed a platform where they could tag every
single piece of data with a security label that dictates how people can access that
data and who can access that data," said Khan in an interview with
InformationWeek.

Having left government employment in 2010, Kahn says he has no knowledge of the
Prism program and what information the NSA might be collecting, but he notes that
Accumulo makes it possible to interrogate certain details while blocking access to
personally identifiable information . This capability is likely among the things James
R. Clapper, the U.S. director of National Intelligence, was referring to in a statement
on the Prism disclosure that mentioned "numerous safeguards that protect privacy
and civil liberties."
Are They Catching Bad Guys?
So the NSA can investigate data with limits, but what good is partial information?
One of Accumulo's strengths is finding connections among seemingly unrelated
information. "By bringing data sets together, [Accumulo] allowed us to see things in
the data that we didn't necessarily see from looking at the data from one point or
another," Dave Hurry, head of NSA's computer science research section, told
InformationWeek last fall. Accumulo gives NSA the ability "to take data and to
stretch it in new ways so that you can find out how to associate it with another
piece of data and find those threats."
The power of this capability is finding patterns in seemingly innocuous public
network data -- which is how one might describe the data accessed through the
Prism program -- yet those patterns might somehow correlate with, say, a database
of known terrorists or data on known cyber warfare initiatives.
Sqrrl has supplemented the Accumulo technology with analytical tools including SQL
interfaces, statistical analytics interfaces, text search and graph search engines,
and there's little doubt the NSA has done the same, according to Kahn. Graph
search, in particular, is a powerful tool for investigation, as the NSA itself revealed
last month when it shared at a Carnegie Mellon technical conference an in-depth
presentation on the 4.4-trillion-node graph database it's running on top of
Accumulo.
Nodes are essentially bits of information -- phone numbers, numbers called,
locations -- and the relationships between those nodes are edges. NSA's graph
uncovered 70.4 trillion edges among those 4.4 trillion nodes. That's truly an ocean
of information, but just as Facebook's graph database can help you track down a
long-lost high school classmate within seconds, security-oriented graph databases
can quickly spot threats.
Kahn says a Sqrrl partner company that does graph analysis of internal network
activity for security purposes recently identified suspicious activity using a graph
algorithm. "Five days later, they got a knock on the door from the FBI letting them
know that data was being exfiltrated from their network, likely by a foreign entity,"
Kahn reports.
As we've reported, graph database technology dates back to the 1950s, but only
recently has it advanced to truly big data scale, with Facebook exposing its Graph
Search capabilities in January and NSA sharing details of its graph search
capabilities last month.

Where prior intelligence techniques have largely been based on knowing patterns
and then alerting authorities when those patterns are detected, security and
intelligence analysts now rely on big data to provide more powerful capabilities than
analytics alone.
"Graph analysis is just one really good technique for finding unknown patterns in
data," Kahn explains.
Do You Trust The Government?
In the end, assurances from Clapper, a former White House employee like Khan or
even President Barak Obama may do little to assuage the concerns of privacy
hawks, critics inside government or large swaths of American citizens. But those
who known the technology used by the NSA know that Prism is not a simplistic,
"collect first, ask questions later" expedition, and it's not based on an "unproven
theory."
It's likely no coincidence that suppliers of data to Prism such as Google have also
been able to uncover espionage directed by foreign governments. In fact, a
bipartisan Commission on the Theft of American Intellectual Property last month
recommended increasing the budget of the FBI and Department of Justice to
investigate trade theft, amending U.S. counter-espionage laws, and encouraging
U.S. businesses to take the information security threat more seriously.
One government insider informs InformationWeek that he knows with certainty that
"semantic and visual analytics tools have prevented multiple acts of terrorism." That
insight predates recent advances in graph analysis that are undoubtedly giving the
U.S. Government even more powerful tools. Privacy concerns and the desire for
checks on government access to private information must be considered, but we
can't naively turn a blind eye to very real threats by not making the most of
advanced big data intelligence tools now at our disposal .

The Counterplan solves, the problem is status quo analysts

have been cut.
Lee 13 Timothy B. Lee, Timothy B. Lee is an adjunct scholar at the Cato
Institute, is a senior editor at Vox, where he covers technology. He has previously
written for the Washington Post, Ars Technica, and Forbes "NSA wants to dump most
people with Snowdens old job. Heres how they might do it.", Washington Post,
https://www.washingtonpost.com/blogs/the-switch/wp/2013/08/09/nsa-wants-todump-most-people-with-snowdens-old-job-heres-how-they-might-do-it/, Accessed 720-2015
Accumulo is the name for an NSA database that was hacked together after the
agency's engineers took notice of a similar Google product. What's special about
Accumulo is that with any given set of data, the NSA can tag individual cells with
different access rules. That means two people with different levels of security
clearance can both look at the same sheet and only see what they're supposed to
see.

The NSA made Accumulo an open-source project in hopes that other agencies would
adopt the tool. But the Senate objected, accusing the NSA of violating a rule that
requires federal agencies to buy commercial solutions off the shelf when available.
The version of the defense authorization bill that would have codified the Senate's
resistance never became law, however.
One possibility is that Accumulo could serve as the back-end database from which
analysts, who are using ICITE, grab the data they need. But that would probably
depend on whether other agencies would be allowed to use Accumulo as well . A call
to the NSA Friday was not immediately returned.
Allan Friedman, a cybersecurity expert at the Brookings Institution, said cutting
down on the number of technology silos in intelligence would naturally reduce the
need for human sysadmins. Silos need to talk to one another, which means you
need to hire a human to "get into the guts of the system" to make sure it happens.
But with one universal system, everything is standardized.
"You make it so that even the sysadmins have to interact with it in a fashion that
has authorization controls, access controls, audit logs," Friedman said. "You put all
your eggs in one basket and you watch the hell out of that basket."
Despite the theoretical security advantages inherent to cloud-based systems,
however, not everyone in the intelligence community is convinced the NSA can pull
off such a maneuver. One former intelligence officer pointed out that the
government has a mixed record on enterprise-level IT initiatives, and that nobody
has figured out how to defend a cloud-based intelligence database in the real world.

More Analysts Key

Analysts are key to improving the data processing capabilities
of Accumulo
Pappalardo 13 Joe Pappalardo is a contributing editor at Popular Mechanics
and author of the nonfiction book Sunflowers: The Secret History. He is currently
writing a book about spaceports.
The NSA has been a big promoter of software that can manage vast databases. One
of these programs is called Accumulo, and while there is no direct evidence that it is
being used in the effort to monitor global communications, it was designed precisely
for tagging billions of pieces of unorganized, disparate data. The secretive agency's
custom tool, which is based on Google programming, is actually open-source. This
year a company called Sqrrl commercialized it and hopes the healthcare and
finance industries will use it to manage their own big-data sets.
The NSA, home to the federal government's codemakers and code-breakers, is
authorized to snoop on foreign communications. The agency also collects a vast
amount of datatrillions of pieces of communication generated by people across
the globe. The NSA does not chase the crooks, terrorists, and spies it identifies; it
sifts information on behalf of other government players such as the Pentagon, CIA,
and FBI. Here are the basic steps: To start, one of 11 judges on a secret Foreign
Intelligence Surveillance (FISA) Court accepts an application from a government
agency to authorize a search of data collected by the NSA. Once authorizedand
most applications aredata-mining requests first go to the FBI's Electronic
Communications Surveillance Unit (ECSU), according to PowerPoint slides taken by
Snowden. This is a legal safeguardFBI agents review the request to ensure no U.S.
citizens are targets. The ECSU passes appropriate requests to the FBI Data Intercept
Technology Unit, which obtains the information from Internet company servers and
then passes it to the NSA to be examined with data-mining programs. (Many
communications companies have denied they open their servers to the NSA; federal
officials claim they cooperate. As of press time, it's not clear who is correct.) The
NSA then passes relevant information to the government agency that requested it.
The NSA controversy began when Snowden revealed that the U.S. government was
collecting the phone-metadata records of every Verizon customerincluding
millions of Americans. At the request of the FBI, FISA Court judge Roger Vinson
issued an order compelling the company to hand over its phone records. The
content of the calls was not collected, but national security officials call it "an early
warning system" for detecting terror plots (see "Connecting the Dots: PhoneMetadata Tracking").
On the heels of the metadata-mining leak, Snowden exposed another NSA
surveillance effort, called US-984XN. Every collection platform or source of raw
intelligence is given a name, called a Signals Intelligence Activity Designator
(SIGAD), and a code name. SIGAD US-984XN is better known by its code name:
PRISM. PRISM involves the collection of digital photos, stored data, file transfers,
emails, chats, videos, and video conferencing from nine Internet companies. U.S.

officials say this tactic helped snare Khalid Ouazzani, a naturalized U.S. citizen who
the FBI claimed was plotting to blow up the New York Stock Exchange. Ouazzani was
in contact with a known extremist in Yemen, which brought him to the attention of
the NSA. It identified Ouazzani as a possible conspirator and gave the information to
the FBI, which "went up on the electronic surveillance and identified his
coconspirators," according to congressional testimony by FBI deputy director Sean
Joyce. (Details of how the agency identified the others has not been disclosed.) The
NYSE plot fizzled long before the FBI intervened, but Ouazzani and two others
pleaded guilty of laundering money to support al-Qaida. They were never charged
with anything related to the bomb plot.
The slides disclosed by Snowden indicate the NSA also operates real-time
surveillance tools. NSA analysts can receive "real-time notification of an email event
such as a login or sent message" and "real-time notification of a chat login," the
slides say. That's pretty straightforward use, but whether real-time information can
stop unprecedented attacks is subject to debate. Alerting a credit-card holder of
sketchy purchases in real time is easy; building a reliable model of an impending
attack in real time is infinitely harder.
In late July Snowden released a 32-page, top-secret PowerPoint presentation that
describes software that can search hundreds of databases for leads. Snowden
claims this program enables low-level analysts to access communications without
oversight, circumventing the checks and balances of the FISA court. The NSA and
White House vehemently deny this, and the documents don't indicate any misuse.
The slides do describe a powerful tool that NSA analysts can use to find hidden links
inside troves of information. "My target speaks German but is in Pakistanhow can I
find him?" one slide reads. Another asks: "My target uses Google Maps to scope
target locationscan I use this information to determine his email address?" This
program enables analysts to submit one query to search 700 servers around the
world at once, combing disparate sources to find the answers to these questions.
Bomb-sniffing dogs sometimes bark at explosives that are not there. This kind of
mistake is called a false positive. In data mining, the equivalent is a computer
program sniffing around a data set and coming up with the wrong conclusion. This is
when having a massive data set may be a liability. When a program examines
trillions of connections between potential targets, even a very small false-positive
rate equals tens of thousands of dead-end leads that agents must chase downnot
to mention the unneeded incursions into innocent people's lives.

Accumulo just need analysts in order to solve

OGwynn 14 B. David O'Gwynn is a member of the technical staff in the Cyber
Systems and Operations Group. Since joining Lincoln Laboratory in 2011, his
research activities have included cloud computing and storage, big data analytics
and visualization, user-interface design, and the intersection of these areas with the
national challenge of cyber security and defense. He received his bachelor's degree
in mathematics from Belhaven University, his master's degree in computational
engineering from Mississippi State University, and his doctorate in computer and
information sciences from the University of Alabama at Birmingham. 2014.

(Evaluating Accumulo Performance for a scalable Cyber Data Processing Pipeline

MIT Lincoln Laboratory, Vol. Xiv. Available via LexisNexis. Accessed 07-20-2015)
An increasingly common class of big data systems collect, organize, and analyze
data sets in order to gain insights or solve problems in a variety of domains.
Interesting data sets are continuously growing, and they must be captured and
stored in a scalable manner. A big data pipeline is a distributed system that
manages the collection, parsing, enrichment, storage, and retrieval of one or more
data sources. The fundamental challenge of a big data pipeline is keeping up with
data rates while supporting necessary queries for analytics. To solve this problem,
many big data systems use NoSQL distributed databases, such as Apache Accumulo
[1], which is designed to scale to thousands of servers and petabytes of data, while
retaining the ability to efficiently retrieve entries. Accumulo differs from a traditional
relational database management system (RDBMS) due to its flexible schema,
relaxed transaction constraints, range-partitioned distribution model, and lack of
Structured Query Language (SQL) support [2]. This design trades consistency and
query performance for capacity and ingest performance. Compared to other tabular
datastores, Accumulo offers proven scalability and unique security features making
it attractive for certain applications [3]. This paper considers the Lincoln Laboratory
Cyber Situational Awareness (LLCySA) system as a big data pipeline case This work
is sponsored by the Assistant Secretary of Defense for Research and Engineering
under Air Force contract FA8721-05-C-0002. Opinions, interpretations, conclusions,
and recommendations are those of the author and are not necessarily endorsed by
the United States Government. study [4]. Situational awareness in the cyber domain
addresses the problem of providing network operators and analysts a complete
picture of activity on their networks in order to detect advanced threats and to
protect data from loss or leak. The LLCySA system is a platform for operators and
analytics developers that focuses on big data capability and cluster computing. This
approach poses several challenges involving the sheer amount of data, the
computational requirements of processing the data, and the interactivity of the
system. There is currently considerable related work in big data pipeline
implementation and evaluation, as well as related work in the field of cyber
situational awareness. Accumulo has been demonstrated to scale to large cluster
sizes [5] and to achieve over 100 million inserts per second [6]. Query processing is
a noted problem in NoSQL databases, with research focusing on query planning [7]
and providing SQL support [8]. In the area of pipeline frameworks, open source
projects for distributed stream processing have emerged, such as Apache Storm,
which can serve the use case of continuous message processing and database
inserts [9]. This paper builds on foundational work in the area of data models for
schemaless databases [10]. Additionally, other network monitoring systems have
investigated approaches using NoSQL databases [11].

Accumulo analysts solve the CP it can handle the data

processed. Just a matter of sorting.
Priestley 13 Theo Prestley is a Technology Evangelist, Speaker, Forbes
Contributor, and writer for Wired Magazine. Priestly graduated from Napier
University. 2013. "Big Data and Analytics: The Hero or the Villain ?", Wired Magazine
Online, June 9, Available at http://insights.wired.com/profiles/blogs/big-data-andanalytics-the-hero-or-the-villain, Accessed 7-20-2015
The NSA-built Accumulo, which is a database design based on Google Big Table.
Written in Java, the NSA contributed Accumulo to the Apache Foundation and in
2012 it was promoted from incubation to a top level project. Right now the agency
is harvesting petabytes of data in Accumulo, a staggering amount that grows daily.
But the cleverest part of all of this is in the analytics, Accumulo was built and
extended the Big Table concept to analyze trillions of points in data in order to
create intelligence that can detect the connections between those points and the
strength of those connections.
If you thought you had it sussed with something like LinkedIn using INmaps (my
network is too large to generate one funnily enough) or Facebook Social Graph,
think again because through Accumulo the NSA can find out who you are, where
you are, who you know and why you know them. It's graph analysis on steroids and
it's a hot topic right now for making sense of large datasets, primarily by
understanding how tightly different data points are related or how similar to each
other they are.
If you put this in perspective in terms of the amount of data needed to make this
happen, Yahoo a few years back was operating an approximate 42,000-node
Hadoop environment, consisting of hundreds of petabytes, and users on Facebook
are generating more than 500 terabytes of data every day. So the Agency has some
infrastructure in place. Just what is that infrastructure built on? I'm sure there are
vendors out there keeping a very tight lip. But rest assured, if they are that
advanced they'll have already considered or even built a cloud infrastructure,
potentially hybrid, to stay ahead.
But behind all the noise and crowd baiting from the Washington Post the exposure
raises more questions about the power of big data and analytics and just how large
and powerful it gets. If you think about all the hype generated about consumer
privacy and enterprises collating and analyzing information for a more targeted and
personal experience, customer segmentation and demographics, location-based
and real-time marketing what the NSA exposure has taught us is that there really is
no privacy in the 21st century and we should just get used to it. Our data is
anonymized unless it's being used specifically for our purpose and benefit but the
fact is we are happily generating it for them to use in any case.

Read more: http://insights.wired.com/profiles/blogs/big-data-and-analytics-the-heroor-the-villain#ixzz3gSomMBXS

Follow us: @Wiredinsights on Twitter | InnovationInsights on Facebook
Accumulo CP
The draft noted that the Pentagon wanted to use the National Security Agency's
open-source Accumulo - a software platform based on Google's BigTable that allows
organizations to store massive amounts of data.
But congressional reaction to the proposed use of Accumulo was not warm.
Legislators made it clear they would prefer the Defense Department use cheaper
commercial programs rather than one developed by a government entity. The final
version of the authorization act, signed by President Obama in early January,
prescribed that the Pentagon perform an analysis of the alternatives.
Now, the Defense Department is weighing its options. To deploy Accumulo, top
officials must make a case to Congress that the software platform is the best
available option and provide written justification every quarter through September
2018.
Despite these apparent obstacles, the Pentagon seems to be opting for Accumulo.
Public comments made by Defense Information Systems Agency officials indicate
work on Accumulo is moving forward.
This development leaves competition for additional advanced analytics and
visualization tools wide open - as long as these are compatible with Accumulo.
Indeed, the Defense Department's interest in Accumulo is only one component of its
anticipated big data investments.
Deltek's report on the outlook for federal big data initiatives predicts that defense
big data spending will grow from an estimated $1.9 billion in fiscal 2012 to $2.8
billion in fiscal 2017 at a compound annual growth rate of 8.3 percent.
The military, in particular, appears interested in spending on technology that can
optimize its network backbone, which provides the critical pipes and bandwidth
required by big data.
DISA also noted last year that it wants high-performance optical networking
technologies to allow its network to push data at speeds of 100 gigabytes per
second or higher. Building this network is a critical strategic investment for the
Pentagon and presents a real business opportunity, even in an era of increased
spending cuts.
Alex Rossino is a principal research analyst at Herndon-based Deltek, which
conducts research on the government contracting market and can be found at

Analysts are about to get a lot more data

Konkel 14 Frank Konkel is the editorial events editor for Government Executive
Media Group and a technology journalist for its publications. He writes about
emerging technologies, privacy, cybersecurity, policy and other issues at the
intersection of government and technology. Frank also runs Nextgovs Emerging
Tech blog., 11-14-2014 ("NSA Turns to the Cloud to Help Manage Data Deluge ,"
Nextgov, 11-14-2014, Available Online at http://www.nextgov.com/cloudcomputing/2014/11/nsa-turns-cloud-help-manage-data-deluge/99104/, Accessed 721-2015)
Four years ago, the National Security Agency realized it had a data problem.
In the aftermath of the Sept. 11, 2001, terrorist attacks, armed with new authorities
that allowed the intelligence agency to collect an assortment of global
communications and Internet metadata, NSA ramped up its operations. These
expanded surveillance effortsmany of which were disclosed publicly in leaks by
former NSA contractor Edward Snowdenproduced a massive volume of data that
began to flood the agencys disparate databases.
By the mid-2000s, NSA was adding racks of servers to quell the voracious appetite
of multiple programs, a costly effort that further burdened intelligence analysts who
had to access dozens or more databases and perform individual queries against
each of them. Analysts could spend 30 minutes or longer each morning just opening
the databases they needed to query, a senior NSA official told Government
Executive.
What we were doing was, the senior official says. We had a volume issuemore
than a volume issue, our analysts are swamped going in and out of repositories.
The Best Bet
NSA officials picked up on Google research in 2007 that ultimately paved the way
for the intelligence agencys formal adoption of cloud computing in 2010part of a
broad effort within the intelligence community to more effectively share data and
services. In a similar move, the CIA last year signed a contract with Amazon Web
Services for a cloud to be used by all 17 intelligence agencies.
As private sector companies were beginning to turn to the cloud for cheaper,
scalable on-demand computing, NSA came to consider the approach as its best bet
to manage its deluge of data. In 2010, NSA decided to pursue cloud as its
repository of choicea common space where all analysts could look across the
agencys entire river of collected information.
The common space is hugely important for usand the ability to discover, says
the NSA official. We wanted to make all data discoverable. Thats the approach we
took.
NSA makes the data discoverable through metatagging. Each piece of intelligence
information in the NSA cloud is marked with telling details, such as when it entered
the system, who put it there and who has the ability to access it.

Security and compliance are both essential for NSA, especially following Snowdens
leaks of classified information in 2013. In designing its cloud, the agency made sure
to account for both. Not only are the actions of analysts and administrators
monitored, they have access only to information they are credentialed to see. Lonny
Anderson, NSAs chief technology officer, summed up the agencys approach to
security this way in a September speech in Washington: Tag the data, tag the
people.
From a compliance perspective, NSAs cloud relieves analysts from having to know
when surveillance laws are modified because those updates can be incorporated
centrally, much the way security updates are rolled out. This means analysts dont
have to make their own judgments about what they are allowed to seethe data
before them is data they are legally allowed to access.
As we made the decision to go all in [with] cloud in 2010, we made the equally
overt decision to build compliance in, the senior NSA official says. What we dont
want is for an analyst to have to think, Am I authorized to see this data?
Converging Clouds
For now, NSAs private cloud is actually two parallel clouds. The first is an internal
cloud accessible to its employees. The second, called GovCloud, is available to the
intelligence community through the Joint Worldwide Intelligence Communications
System. With GovCloud, NSA works as a cloud service provider to other IC agencies,
allowing them to order services such as computing and analysis.
The goal, according to senior NSA officials, is to merge these parallel clouds by the
end of 2015, thereby eliminating the burden of maintaining separate systems as
well as the agencys reliance on disparate databases. NSA plans to begin closing
legacy repositories within the next few months, migrating information from purposebuilt repositories to a single pool as its cloud reaches full operation.
The transition has been far from seamless, with NSA experiencing some outages.
Migrating data to the cloud also has proved difficult, particularly the merging of
duplicative data sets.
But the agencys culture may be the biggest hurdle. NSA has organized a series of
initiatives designed to acclimate analysts to life in the cloud. One of them, called ICAFfor Cloud Analytics
Fusion Environmentputs analysts and developers together to brainstorm. Another,
Future Architecture Transition (FAT) Tuesdays, brings groups of 150 to 200 analysts
together regularly and forces them to work in the cloud and refrain from using
legacy repositories.
Were learning in public and trying to do this while we support missions all over the
globe, the senior official says. Weve had some bumps, but I think weve worked
through those. Our strength in GovCloud is that we have a common space for all
data sets. Were close to ready for prime time.

Together, the NSA GovClouda combination of open-source software stacked on

commodity hardwareand the CIAs Amazon-built C2S cloud represent a joint
storefront for intelligence community data. Over time, the interoperable clouds will
share data and handle an increasing variety of requests from IC agencies.
NSA is likely a few years from completing its transition to the cloud, but its $1.5
billion data center in Bluffdale, Utah, illustrates the scope of the effort. It is
essentially a 1 million-square-foot repository for signals intelligence designed
explicitly to collect digital data.
In 2012, Utah Gov. Gary Herbert declared the Utah Data Center would be the first to
house a yottabyte of datathe equivalent of 1 billion petabytes, or more than 1
billion times all digitized content in the Library of Congress. While NSA has not
disclosed the actual storage capacity of the Utah Data Center, it has declared on its
website that its capacity will be alottabytes.
Whatever the capacity really is, it will give NSA analysts around the globe a lot of
information to sift through when the cloud transition is complete.

Analysts are needed for big data

Navint 12 Navint is a different kind of management consulting firm, excelling
in large scale business process change. With offices in New York, Chicago, Boston,
Pittsburgh, Philadelphia and Rochester, Navints consultants specialize in managing
the alignment of people, processes and technology when organizations face
operational restructuring and IT transformation. A unique blend of experience and
innovative thinking allows Navint consultants to address clients' business challenges
in imaginative ways., may("Why is BIG Data Important?," Available Online at
http://www.navint.com/images/Big.Data.pdf, Accessed 7-21-2015)
The Need for IT, Data Analyst, and Management Resources It is estimated that
there is a need for approximately 140,000 to 190,000 more workers with deep
analytical expertise and 1.5 million more data-literate managers, either retrained
or hired. Therefore, it is likely that any firm that undertakes a big data initiative will
need to either retrain existing people, or engage new people in order for their
initiative to be successful.

Solves the tech advantage

Tech not sufficient
Springman 15 Jack Springman is a consultant specializing in growth
strategies and the author of Elusive Growth: Why Prevailing Practices in Strategy,
Marketing, and Management Education Are the Problem, Not the Solution , 7-182015 ("Six steps to insight advantage in a Big Data world," ITProPortal, 7-18-2015,
Available Online at http://www.itproportal.com/2015/07/18/six-steps-to-insightadvantage-in-a-big-data-world/, Accessed 7-21-2015)
Investment in Big Data technologies is necessary for developing an insight
advantage, but not sufficient
Analysts research suggests that large organisations will be making significant
investment in Big Data solutions over the next 2-3 years. Given the reams of data
generated by the ever increasing number of digital devices online and mobile
browsing behaviour, social media commentary, smartphone location data and
sensor streams the ability to ingest and digest huge quantities of data and
transform it into organisational energy is a prerequisite.
But IT is only one element of capability, the others being processes, metrics,
organisation design, culture and competencies. A holistic approach to capability
development is required and focusing on technology without investing in other
components almost guarantees failure.

Accumula improves the tech industry

Marko 13 Kurt Marko, 7-18-2013 ("The NSA And Big Data: What IT Can Learn,"
InformationWeek, 7-18-2013, Available Online at
http://www.informationweek.com/big-data/big-data-analytics/the-nsa-and-big-datawhat-it-can-learn/d/d-id/1110818?, Accessed 7-20-2015)
Whatever your civil liberties stance, the technologies underpinning the National
Security Agency's data collection and analysis programs, such as PRISM, spell
opportunity for companies looking to connect a different set of dots -- identifying
potential customers, spotting fraud or cybercrime in its early stages, or improving
products and services.
The pillars of the NSA's architecture are big data systems, particularly a distributed
data store called Accumulo, machine learning and natural language processing
software, and scale-out cloud hardware (we delve into all three in much more depth
in our full report).
>> Big data software: The NSA needed to store, process and analyze incredible
amounts of both structured and unstructured data. It liked Google's BigTable

architecture but saw it lacked some necessary features, which the agency added.
But BigTable provides only the data store; you still need to process, analyze and
draw correlations across large, distributed data sets. For that, the NSA rolled the
Hadoop open source code into Accumulo -- essentially a big data storage and
application platform in a box, with some interesting new wrinkles. Ely Kahn, a cofounder of Sqrrl, a startup he and some former NSA developers launched to
commercialize Accumulo, says the NSA had two main requirements in a big data
system that weren't met by existing technology: better security via extremely
granular access control and massive scalability. The NSA's major contribution to the
architecture is stronger security, which in Accumulo means new attributes for
individual data elements. Accumulo is also very scalable. Kahn says people using
HBase, a popular column-oriented NoSQL database that runs on top of HDFS, find it
difficult to scale past a few hundred storage nodes. In contrast, Accumulo instances
with thousands of nodes have been in production for years.
>> Machine learning and natural language processing: Another important piece of
the NSA's technology arsenal is machine learning -- building adaptive, self-tuning
systems that automatically evaluate incoming data to improve performance, update
search queries, interpret ambiguous phrases or identify objects in digital images.
Much like Google improves search results by recording metadata about past
searches, clicked links and Gmail document text, the NSA's systems can apply
context to textual analysis to determine whether the phrase "this plot will destroy
him" refers to an assassination scheme or a critic's opinion that a lousy novel will
ruin the author's reputation.
For example, one open NSA project, KODA, can automatically create summaries of
large sets of textual data using only the text itself. Current search engines and
content management systems typically use dictionaries or standard text samples to
search and categorize data; however, that approach breaks down when applied to
large volumes of information. KODA measures the similarity between passages of
text and selects sentences to summarize, and it performs well on large data sets in
many languages regardless of formatting.
>> Hardware and networks: Just as the NSA re-created the big data analysis
features of a Google and Facebook in software, so too is it replicating their data
storage and processing capabilities in hardware, notably a new cloud-scale data
center under construction in Utah. It's a massive Tier 3 facility comprising 100,000
square feet of raised floor space in four data halls. Similarly state-of-the-art facilities
are readily available to enterprises through a rich and competitive market for
colocation space.
Lessons For Businesses
The NSA advances the state-of-the-big-data-art in a few ways. Kahn says Sqrrl sees
three primary customer segments for its NSA-inspired offerings: current Hadoop
users, healthcare companies and very security-conscious orgs; we discuss these use
cases in our full report. Within those segments, here are some applications where
NSA tech holds promise:

>> Real time versus batch analytics: Accumulo's server-side programming features
let many analysis tasks operate continuously, thus providing real-time access to
analytics features, something not possible with Hadoop-based systems because of
Hadoop's batch orientation. A quick word about Accumulo: Though it could displace
Hadoop/HDFS while improving scalability, real-time performance and security, there
are downsides. First, it's not widely used outside of government. Unless you use
Sqrrl (which is a very new company), you have to manually install from the open
source repository, so there's significant expertise and care and feeding required.
And unlike Hadoop/MapReduce and HDFS/ HBase, no public cloud services yet offer
Accumulo instances, though Amazon offers a tutorial. For applications, new features
like security labels and iterators require Accumulo-savvy developers -- a very small,
and expensive, group. And finally, don't underestimate the incentive for incumbents
like Microsoft and Oracle to squash the technology.
>> Data mining and graph analysis: Perhaps the primary application of the NSA
PRISM program is exposing social connections and communication paths among
millions of separate data points. In fact, the NSA used graph analysis earlier this
year to showcase Accumulo's speed and scalability, describing a system running a
standard graph benchmark with 4.4 trillion nodes and 70 trillion edges. In
comparison, Facebook's Graph Search currently scales to hundreds of billions of
nodes and trillions of edges. For enterprises, the advantages to doing data mining
and graph analysis in a system like Accumulo are twofold. It provides speed
because the server-side processing can pre-cache certain common operations, and
security is much more granular, down to the query level.
>> Predictive analytics: Companies want to use vast quantities of data from
multiple sources -- sales transactions, customer loyalty cards, economic data,
Twitter comments, even the weather -- to model and predict events such as product
demand or customer interest in promotion. In such predictive uses, the more data
and the faster the processing, the better. Thus, the scalability and granular access
control of the NSA's technology make it a promising platform, previously mentioned
caveats aside. Kahn also sees interest in predictive analytics for security, since
traditional SIEM and security forensics software can't handle the volume, diversity
and complexity of data needed to identify new threats and incidents before they do
damage.
Finally, there's the Internet of things. Accumulo's scalability and real-time filtering
and categorizing features make it a promising data repository for telemetry using
millions of physical objects, with applications allowing interactive data mining
across varied object and customer types. We expect early IoT adopters, which likely
can afford to hire the needed expertise, will find Accumulo an excellent repository
and application platform.

Bulk collection does solve

Empirics prove only bulk data collection prevents terrorism
Derrick Harris 15 Derrick Harris, 1-16-2015 ("Report: No real substitute for NSAs
bulk data collection," No Publication, January 16 th, Available Online at
https://gigaom.com/2015/01/16/report-no-real-substitute-for-nsas-bulk-datacollection/, Accessed 7-20-2015)
A new report from the National Research Council concludes that untargeted, or bulk,
data collection remains probably the best method for fulfilling the National Security
Agencys mission. However, the reports authors note, there are measures that can
be taken to make that practice more transparent and less susceptible to agency
abuse.
The 80-plus-page report, which was written in response to a presidential directive to
investigate alternatives to bulk data collection by the intelligence community, lays
out various possible methods of targeting data collection to specific individuals,
groups or behavior patterns ranging from machine learning to real-time analysis
but seems to come down on the side of the status quo. The only way to
investigate newly identified suspects or new information is to have a large database
that might already include relevant data, the report explained.
The report does offer suggestions for improving public trust in the process, primarily
focused on improving the sanctity of the bulk datastore and how that data is
accessed. It suggests a combination of automated and manual procedures for
regulating who can access what data, what types of queries can be run in what
situations, and auditing all database-query activity.
The NSA already has numerous controls in place to address these concerns but, the
report notes, it can be difficult to convince skeptics of their effectiveness because of
the secrecy of the agencys operations. Indeed, Ive has reported on some of those
controls before, including limitations on what types of queries and collection are
allowed, and the cell-level security of the NSAs home-grown Accumulo database
system.
In addition to improving on existing protocols, the report suggests that new avenues
of research for automating the data privacy of U.S. citizens might include advanced
encryption techniques, and how to enable lawyers or other non-technical personnel
to program policies that govern data usage. In May, we covered some Microsoft
research into the latter possibility.
One alternative to bulk collection that the report suggests is to rely on businesses to
store customer data and supply it as needed. This way the NSA isnt technically
collecting or storing data, which could mitigate citizen fears over mass government
surveillance. Of course, the report notes, those companies might have strong
incentives not to comply with the governments something weve already seen
from certain companies following accusations that they were in cahoots with the
NSA.
signint2National Research Council

However, the report does acknowledge some fundamental flaws with any attempts
to improve NSA protocol. A particularly troubling one is the varying terminology
different analysts, agencies and the FISC court use to describe the same things a
situation that led to NSA analysts accessing domestic telephone metadata for
several years in some instances. Another tricky consideration is how to regulate
data usage once it has been disseminated to other agencies and ported onto
commercial operating systems and data-analysis software, and mixed with other
data sources.

Accumulo CP Answers

Accumulo Cant Solve

Accumulo cant solve due to architectural and security issues

Gupta 15 Dr. S. R. Gupta, assistant Professor, Computer Science & Engineering,

PRMIT 2015. ( A REVIEW ON HADOOP SECURITY AND RECOMMENDATIONS,
itjer.com May 2015, Available at: http://www.ijtre.com/manuscript/2015020913.pd
Accessed on 07-26-2015f)
Distributed nodes: Moving computation is cheaper than moving data is the key to
big data. Data is processed anywhere resources are available, enabling massively
parallel computation. This creates complicated environments with plenty of attack
surface, and it is difficult to verify security consistency across a highly distributed
cluster of possibly heterogeneous platforms. Sharded data:Data within big data
clusters is fluid, with multiple copies moving to and from different nodes to ensure
redundancy and resiliency. A shard is a slice of data horizontally segmented
shared across multiple servers. This automated movement to multiple locations
makes it very difficult to know precisely where data is located at any moment in
time, or how many copies are available. This runs counter to the traditional
centralized data security model, where a single copy of data is wrapped in various
protections until it is used for processing. Big data is replicated in many places and
moves as needed. The containerized data security model is missing as are many
other relational database facilities.

( ) Accumulos not responsive to our human intel internal link.

Even if NSA can process a large quantity of data, the qualitys
low unless HUMINTs involved.
( ) Accumulo fails Boston Marathon proves it doesnt find the
needle.
Konkel 13
Frank Konkel is the editorial events editor for Government Executive Media Group and a technology
journalist for its publications. He writes about emerging technologies, privacy, cybersecurity, policy
and other issues at the intersection of government and technology. He began writing about technology
at Federal Computer Week. Frank is a graduate of Michigan State University. NSA shows how big 'big
data' can be - FCW - Federal Computer Week is a magazine covering technology - Jun 13, 2013 http://fcw.com/articles/2013/06/13/nsa-big-data.aspx?m=1
As reported by Information Week, the NSA relies heavily on Accumulo, "a highly distributed, massively parallel
processing key/value store capable of analyzing structured and unstructured data" to process much of its data. NSA's modified

Accumulo, based on Google's BigTable data model, reportedly makes it possible for the
agency to analyze data for patterns while protecting personally identifiable information names, Social Security
version of

numbers and the like. Before news of Prism broke, NSA officials revealed a graph search it operates on top of Accumulo at a
Carnegie Melon tech conference. The graph is based on 4.4 trillion data points, which could represent phone numbers, IP addresses,
locations, or calls made and to whom; connecting those points creates a graph with more than 70 trillion edges. For a human being,
that kind of visualization is impossible, but for a vast, high-end computer system with the right big data tools and mathematical
algorithms, some signals can be pulled out. Rep. Mike Rogers (R-Mich.), chairman of the House Intelligence Committee, publicly
stated that the government's collection of phone records thwarted a terrorist plot inside the United States "within the last few
years," and other media reports have cited anonymous intelligence insiders claiming several plots have been foiled.

Needles

in endless haystacks of data are not easy to find, and the NSA's current big
data analytics methodology is far from a flawless system, as evidenced by the April 15
Boston Marathon bombings that killed three people and injured more than 200. The bombings were
carried out by Chechen brothers Dzhokhar and Tamerlan Tsarnaev, the latter of
whom was previously interviewed by the Federal Bureau of Investigation after the Russian
Federal Security Service notified the agency in 2011 that he was a follower of radical Islam. The brothers had made
threats on Twitter prior to their attack as well, meaning several data points of
suspicious behavior existed, yet no one detected a pattern in time to prevent them from
setting off bombs in a public place filled with people. "We're still in the genesis of big data, we haven't even scratched the surface
yet," said big data expert Ari Zoldan, CEO of New-York-based Quantum Networks. " In

many ways, the

technology hasn't evolved yet, it's still a new industry."

Accumulo doesnt solve privacy it cant keep info secure on

its own
Pontius 14
Brandon H. Pontius. The author holds a B.S. from Louisiana State University and an M.B.A., Louisiana
State University. The author wrote this piece in partial fulfillment of a MASTER OF SCIENCE IN
COMPUTER SCIENCE from the NAVAL POSTGRADUATE SCHOOL. The thesis advisor that reviewed this
piece is Mark Gondree, PhD. Gondree is a security researcher associated with the Computer Science
Dept at the Naval Postgraduate School INFORMATION SECURITY CONSIDERATIONS FOR
APPLICATIONS USING APACHE ACCUMULO - September 2014 http://calhoun.nps.edu/bitstream/handle/10945/43980/14Sep_Pontius_Brandon.pdf?sequence=1

databases are gaining popularity due to their ability to store and process large
heterogeneous data sets more efficiently than relational databases. Apache Accumulo is a NoSQL
database that introduced a unique information security featurecell-level access control. We study
Accumulo to examine its cell-level access control policy enforcement mechanism. We survey existing Accumulo
applications, focusing on Koverse as a case study to model the interaction between Accumulo and a client application. We
conclude with a discussion of potential security concerns for Accumulo applications. We argue that Accumulos cell-level
access control can assist developers in creating a stronger information security policy, but Accumulo cannot provide
securityparticularly enforcement of information flow policieson its own. Furthermore,
NoSQL

popular patterns for interaction between Accumulo and its clients require diligence on the part of developers, which may otherwise
lead to unexpected behavior that undermines system policy. We highlight some undesirable but
reasonable confusions stemming from the semantic gap between cell-level and table-level policies, and between policies for endusers and Accumulo clients.

Accumulo wont solve privacy security features fail

Pontius 14
Brandon H. Pontius. The author holds a B.S. from Louisiana State University and an M.B.A., Louisiana
State University. The author wrote this piece in partial fulfillment of a MASTER OF SCIENCE IN
COMPUTER SCIENCE from the NAVAL POSTGRADUATE SCHOOL. The thesis advisor that reviewed this
piece is Mark Gondree, PhD. Gondree is a security researcher associated with the Computer Science
Dept at the Naval Postgraduate School INFORMATION SECURITY CONSIDERATIONS FOR
APPLICATIONS USING APACHE ACCUMULO - September 2014 http://calhoun.nps.edu/bitstream/handle/10945/43980/14Sep_Pontius_Brandon.pdf?sequence=1

We commented on potential security threats facing developers that build applications

based on Accumulo. We used a hypothetical application to illustrate potential user management concerns. We
identified injection attacks that have been carried out against other NoSQL databases and may be relevant to some uses of
Accumulo. We commented on Accumulos inability to enforce information flow policies. These
examples serve to demonstrate that using Accumulo and its cell-level security feature is
not a full solution to access control problems unless Accumulo is paired with welldesigned enforcement mechanisms in the client application. We believe that the combination of our technical
discussion of Accumulos cell-level access control enforcement, illustration of Accumulo integration in a larger application, and
identification of potential security concerns may help future studies learn more about Accumulo information security and lead to
development of more secure Accumulo based applications.

Accumulo Bad
[xkeyscore is built on top of accumulo. The cp adds more
analysts so more insiders who threaten are getting and
sharing info]
Xkeyscore vulnerable to insider attack
Boire 15 Morgan Marquis-Boire, 7-1-2015 ("XKEYSCORE: NSA's Google for the
World's Private Communications," Intercept, 7-1-2015, Available Online at
https://firstlook.org/theintercept/2015/07/01/nsas-google-worlds-privatecommunications/, Accessed 7-20-2015)
The sheer quantity of communications that XKEYSCORE processes, filters and
queries is stunning. Around the world, when a person gets online to do anything
write an email, post to a social network, browse the web or play a video game
theres a decent chance that the Internet traffic her device sends and receives is
getting collected and processed by one of XKEYSCOREs hundreds of servers
scattered across the globe.
In order to make sense of such a massive and steady flow of information, analysts
working for the National Security Agency, as well as partner spy agencies, have
written thousands of snippets of code to detect different types of traffic and extract
useful information from each type, according to documents dating up to 2013. For
example, the system automatically detects if a given piece of traffic is an email. If it
is, the system tags if its from Yahoo or Gmail, if it contains an airline itinerary, if its
encrypted with PGP, or if the senders language is set to Arabic, along with myriad
other details.
This global Internet surveillance network is powered by a somewhat clunky piece of
software running on clusters of Linux servers. Analysts access XKEYSCOREs web
interface to search its wealth of private information, similar to how ordinary people
can search Google for public information.
Based on documents provided by NSA whistleblower Edward Snowden, The
Intercept is shedding light on the inner workings of XKEYSCORE, one of the most
extensive programs of mass surveillance in human history.
How XKEYSCORE works under the hood
It is tempting to assume that expensive, proprietary operating systems and
software must power XKEYSCORE, but it actually relies on an entirely open source
stack. In fact, according to an analysis of an XKEYSCORE manual for new systems
administrators from the end of 2012, the system may have design deficiencies that
could leave it vulnerable to attack by an intelligence agency insider.
XKEYSCORE is a piece of Linux software that is typically deployed on Red Hat
servers. It uses the Apache web server and stores collected data in MySQL
databases. File systems in a cluster are handled by the NFS distributed file system
and the autofs service, and scheduled tasks are handled by the cron scheduling
service. Systems administrators who maintain XKEYSCORE servers use SSH to

connect to them, and they use tools such as rsync and vim, as well as a
comprehensive command-line tool, to manage the software.
John Adams, former security lead and senior operations engineer for Twitter, says
that one of the most interesting things about XKEYSCOREs architecture is that
they were able to achieve so much success with such a poorly designed system.
Data ingest, day-to-day operations, and searching is all poorly designed. There are
many open source offerings that would function far better than this design with very
little work. Their operations team must be extremely unhappy.
Analysts connect to XKEYSCORE over HTTPS using standard web browsers such as
Firefox. Internet Explorer is not supported. Analysts can log into the system with
either a user ID and password or by using public key authentication.
As of 2009, XKEYSCORE servers were located at more than 100 field sites all over
the world. Each field site consists of a cluster of servers; the exact number differs
depending on how much information is being collected at that site. Sites with
relatively low traffic can get by with fewer servers, but sites that spy on larger
amounts of traffic require more servers to filter and parse it all. XKEYSCORE has
been engineered to scale in both processing power and storage by adding more
servers to a cluster. According to a 2009 document, some field sites receive over 20
terrabytes of data per day. This is the equivalent of 5.7 million songs, or over 13
thousand full-length films.
This map from a 2009 top-secret presentation does not show all of XKEYSCOREs
field sites.
When data is collected at an XKEYSCORE field site, it is processed locally and
ultimately stored in MySQL databases at that site. XKEYSCORE supports a federated
query system, which means that an analyst can conduct a single query from the
central XKEYSCORE website, and it will communicate over the Internet to all of the
field sites, running the query everywhere at once.
There might be security issues with the XKEYSCORE system itself as well. As hard as
software developers may try, its nearly impossible to write bug-free source code. To
compensate for this, developers often rely on multiple layers of security; if attackers
can get through one layer, they may still be thwarted by other layers. XKEYSCORE
appears to do a bad job of this.
When systems administrators log into XKEYSCORE servers to configure them, they
appear to use a shared account, under the name oper. Adams notes, That means
that changes made by an administrator cannot be logged. If one administrator
does something malicious on an XKEYSCORE server using the oper user, its
possible that the digital trail of what was done wouldnt lead back to the
administrator, since multiple operators use the account.
There appears to be another way an ill-intentioned systems administrator may be
able to cover their tracks. Analysts wishing to query XKEYSCORE sign in via a web
browser, and their searches are logged. This creates an audit trail, on which the
system relies to assure that users arent doing overly broad searches that would pull

up U.S. citizens web traffic. Systems administrators, however, are able to run
MySQL queries. The documents indicate that administrators have the ability to
directly query the MySQL databases, where the collected data is stored, apparently
bypassing the audit trail.
AppIDs, fingerprints and microplugins
Collecting massive amounts of raw data is not very useful unless it is collated and
organized in a way that can be searched. To deal with this problem, XKEYSCORE
extracts and tags metadata and content from the raw data so that analysts can
easily search it.
This is done by using dictionaries of rules called appIDs, fingerprints and
microplugins that are written in a custom programming language called GENESIS.
Each of these can be identified by a unique name that resembles a directory tree,
such as mail/webmail/gmail, chat/yahoo, or
botnet/blackenergybot/command/flood.
One document detailing XKEYSCORE appIDs and fingerprints lists several revealing
examples. Windows Update requests appear to fall under the
update_service/windows appID, and normal web requests fall under the http/get
appID. XKEYSCORE can automatically detect Airblue travel itineraries with the
travel/airblue fingerprint, and iPhone web browser traffic with the
browser/cellphone/iphone fingerprint.
PGP-encrypted messages are detected with the encryption/pgp/message
fingerprint, and messages encrypted with Mojahedeen Secrets 2 (a type of
encryption popular among supporters of al Qaeda) are detected with the
encryption/mojaheden2 fingerprint.
When new traffic flows into an XKEYSCORE cluster, the system tests the intercepted
data against each of these rules and stores whether the traffic matches the pattern.
A slideshow presentation from 2010 says that XKEYSCORE contains almost 10,000
appIDs and fingerprints.
AppIDs are used to identify the protocol of traffic being intercepted, while
fingerprints detect a specific type of content. Each intercepted stream of traffic gets
assigned up to one appID and any number of fingerprints. You can think of appIDs
as categories and fingerprints as tags.
If multiple appIDs match a single stream of traffic, the appID with the lowest level
is selected (appIDs with lower levels are more specific than appIDs with higher
levels). For example, when XKEYSCORE is assessing a file attachment from Yahoo
mail, all of the appIDs in the following slide will apply, however only
mail/webmail/yahoo/attachment will be associated with this stream of traffic.
To tie it all together, when an Arabic speaker logs into a Yahoo email address,
XKEYSCORE will store mail/yahoo/login as the associated appID. This stream of
traffic will match the mail/arabic fingerprint (denoting language settings), as well
as the mail/yahoo/ymbm fingerprint (which detects Yahoo browser cookies).

Sometimes the GENESIS programming language, which largely relies on Boolean

logic, regular expressions and a set of simple functions, isnt powerful enough to do
the complex pattern-matching required to detect certain types of traffic. In these
cases, as one slide puts it, Power users can drop in to C++ to express themselves.
AppIDs or fingerprints that are written in C++ are called microplugins.

[insert insider threat da impact cards]

Acccumulo illegal/PTX takeout

Accumulo is just not legal Senate Arms Committee proves. At
best it still links to politics. Senate committees hate it.
Metz 12 Cade Metz is a WIRED senior staff writer covering Google, Facebook,
artificial intelligence, bitcoin, data centers, computer chips, programming
languages, and other ways the world is changing. 2012 ("NSA Mimics Google, Pisses
Off Senate," WIRED, July 17th, Available Online at
http://www.wired.com/2012/07/nsa-accumulo-google-bigtable/, Accessed 7-26-2015)
IN 2008, A team of software coders inside the National Security Agency started
reverse-engineering the database that ran Google.
They closely followed the Google research paper describing BigTable the
sweeping database that underpinned many of Googles online services, running
across tens of thousands of computer servers but they also went a little further.
In rebuilding this massive database, they beefed up the security. After all, this was
the NSA.
Like Google, the agency needed a way of storing and retrieving massive amounts of
data across an army of servers, but it also needed extra tools for protecting all that
data from prying eyes. They added cell level software controls that could separate
various classifications of data, ensuring that each user could only access the
information they were authorized to access. It was a key part of the NSAs effort to
improve the security of its own networks.
But the NSA also saw the database as something that could improve security across
the federal government and beyond. Last September, the agency open sourced
its Google mimic, releasing the code as the Accumulo project. Its a common open
source story except that the Senate Armed Services Committee wants to put the
brakes on the project.
In a bill recently introduced on Capitol Hill, the committee questions whether
Accumulo runs afoul of a government policy that prevents federal agencies from
building their own software when they have access to commercial alternatives. The
bill could ban the Department of Defense from using the NSAs database and it
could force the NSA to meld the projects security tools with other open source
projects that mimic Googles BigTable.
The NSA, you see, is just one of many organizations that have open sourced code that seeks to mimic the Google
infrastructure. Like other commercial outfits, the agency not only wants to share the database with other
government organizations and companies, it aims to improve the platform by encouraging other developers to
contribute code. But when the governments involved, theres often a twist.
The U.S. government has a long history with open source software, but there are times when policy and politics
bump up against efforts to freely share software code just as they do in the corporate world. In recent years, the
most famous example is NASAs Nebula project, which overcame myriad bureaucratic hurdles before busting out of
the space agency in a big way, seeding the popular OpenStack platform.
That said, the Accumulo kerfuffle is a little different. In trying to determine whether Accumulo duplicates existing
projects, the bill floated by the Senate Armed Services committee uses such specific language, some believe it
could set a dangerous precedent for the use of other open source projects inside the federal government.

THE NSA AT INTERNET SCALE

Originally called Cloudbase by the NSA, Accumulo is already used inside the agency, according to a speech given
last fall by Gen. Keith Alexander, the director of the NSA. Basically, it allows the NSA to store enormous amounts of
data in a single software platform, rather than spread it across a wide range of disparate databases that must be
accessed separately.
Accumulo is whats commonly known as a NoSQL database. Unlike a traditional SQL relational database which
is designed to run on a single machine, storing data in neat rows and columns a NoSQL database is meant for
storing much larger amounts of data across a vast array of machines. These databases have become increasingly
important in the internet age, as more and more data streams into modern businesses and government
agencies.

With BigTable, Google was at the forefront of the NoSQL movement, and since the
company published its paper describing BigTable in 2006, several organizations
have built open source platforms mimicking its design. Before the NSA released
Accumulo, a search outfit called Powerset now owned by Microsoft built a
platform called HBase, while social networking giant Facebook fashioned a similar
platform dubbed Cassandra.
And this is what bothers the Senate Armed Services Committee.
The Senate Armed Services Committee oversees the U.S. military, including the
Department of Defense and the NSA, which is part of the DoD. With Senate bill 3254
National Defense Authorization Act for Fiscal Year 2013 the committee lays out
the U.S. military budget for the coming year, and at one point, the 600-page bill
targets Accumulo by name.
The bill bars the DoD from using the database unless the department can show that
the software is sufficiently different from other databases that mimic BigTable. But
at the same time, the bill orders the director of the NSA to work with outside
organizations to merge the Accumulo security tools with alternative databases,
specifically naming HBase and Cassandra.
The bill indicates that Accumulo may violate OMB Circular A-130, a government
policy that bars agencies from building software if its less expensive to use
commercial software thats already available. And according to one congressional
staffer who worked on the bill, this is indeed the case. He asked that his name not
be used in this story, as hes not authorized to speak with the press.