Pentagon IG: Joint Strike Fighter Classified Information "May Have Been Compromised" Due to Lax Contractor Oversight by Pentagon Agency
"The advanced aviation and weapons technology for the JSF [Joint Strike Fighter] program may have been compromised by unauthorized access at facilities and in computers at BAE Systems, and incomplete contractor oversight may have increased the risk of unintended or deliberate release of information to foreign competitors," states a previously unreleased March 2008 Pentagon watchdog report obtained by the Project On Government Oversight through the Freedom of Information Act (page 12). DOD IG Report: http://pogoarchives.org/m/ns/dod-ig-report-20080306.pdf
The Defense Department Inspector General (DoD IG) report examines the Defense Security Service's (DSS) lack of oversight of foreign-owned BAE Systems' work on the Joint Strike Fighter, the world's most expensive fighter program that utilizes highly classified U.S. technology. The DoD IG found that DSS was deferential to BAE by refusing the U.S. government access to information as required by a security agreement. This access is necessary to determine the security of U.S. government classified information. In addition, DSS often did not analyze BAE reports that had been made available to them.
"How can the Pentagon security agency allow BAE, its contractor, to deny access to these security records? This is government information and BAE is stiff-arming the Pentagon. Systemic problems at DSS mean we cannot be sure if contractors are protecting classified information as well as they should," stated Nick Schwellenbach, POGO, National Security Investigator.
According to the report's summary (pages 14-15):
DSS did not properly monitor BAE Systems' submission of its security reports and appropriately evaluate BAE Systems security. DSS was unable to verify whether BAE Systems submitted the required security audit reports for 2001 through 2003.
BAE Systems stated that all information contained in the internal audits was privileged and not available to the Government, despite the requirement in the SSA [Special Security Agreement] that the contractor submits those reports to DoD for review and appropriate action. DSS did not challenge BAE Systems' claim that the internal audits are privileged and not subject to Government review. Rather than treating contractors' audit reports as useful tools to complement the industrial security assessments, DSS classifies all contractor reports as "routine correspondence" and destroys them after two years. DSS also authorizes the contractor to destroy any of its reports older than two years.
DSS has the authority and responsibility to enforce compliance with the National Industrial Security Program. DSS should use its oversight authority to make the contractor comply with security requirements. DSS cannot fulfill its responsibilities to "review and take appropriate action" over contractors if it does not receive those reports or analyze the reports it does receive. DSS needs to obtain and review copies of all independent annual audit reports, internal audit reports, and Government Security Committee annual reports from the contractor and use that information to monitor the contractor's compliance with the SSA.
DSS's systemic problems have been cited in two reports in 2004 and 2005 by the Government Accountability Office on the systemic inability of DSS to oversee contractors. In testimony before the House Armed Services Committee on April 16, 2008, on DSS and the National Industrial Security Program, DSS Director Kathleen Watson admitted that when she began as director two years ago, DSS was "broken across the board."
# # #
For additional information:
2004 GAO Report, "Industrial Security: DOD Cannot Provide Adequate Assurances That Its Oversight Ensures the Protection of Classified Information," link: http://www.gao.gov/docdblite/details.php?rptno=GAO-04-332
2005 GAO Report, "Industrial Security: DOD Cannot Ensure Its Oversight of Contractors under Foreign Influence Is Sufficient," link: http://www.gao.gov/docdblite/details.php?rptno=GAO-05-681
April 16, 2008, House Armed Services Committee Hearing, "National Industrial Security Program: Addressing the Implications of Globalization and Foreign Ownership for the Defense Industrial Base," webcast link: http://armedservices.edgeboss.net/wmedia/armedservices/fc041608.wvx
Founded in 1981, the Project On Government Oversight (POGO) is a nonpartisan independent watchdog that champions good government reforms. POGO’s investigations into corruption, misconduct, and conflicts of interest achieve a more effective, accountable, open, and ethical federal government.