What the Capitol Siege Means for the Future of Security Clearances


(The Hill)

Security fencing surrounds the U.S. Capitol days after supporters of President Donald Trump stormed the building, in Washington, January 11, 2021, photo by Erin Scott/Reuters

Security fencing surrounds the U.S. Capitol days after supporters of then-President Donald Trump stormed the building, in Washington, January 11, 2021

Photo by Erin Scott/Reuters

by David Stebbins and Sina Beaghley

February 2, 2021

As law enforcement authorities continue the process of trying to identify the thousands of U.S. citizens who stormed the U.S. Capitol Building on Jan. 6, longer-term questions remain, such as how the federal government can protect itself against radical and violent extremists attempting to gain national security clearances.

The violent assault on the Capitol—intended to disrupt the certification of the 2020 presidential Electoral College results—resulted in violence, loss of life, and destruction of federal property. Multiple members of known extremist groups—including the Oath Keepers, Proud Boys, and QAnon—were part of this attack. The FBI has already made more than 100 arrests across several states connected to the assault on the Capitol, with more expected in the coming weeks as the FBI parses additional information gathered from images and videos taken inside of the building.

But those who stormed the Capitol on that day were not just known members of radical and violent fringe groups. They included municipal employees, police officers, current and former members of the military, and school employees. Some of these individuals may well have had or currently have a national security clearance and thus trusted access to classified information, such as active-duty military personnel and reservists.

Investigations of the incident are ongoing, and federal departments and agencies that work with and protect classified information may not yet know whether any current employees participated in this act. Even National Guard members deployed to serve as an extra layer of security at the inauguration were vetted by the FBI to ensure no infiltration by potential insider threats; 12 National Guard members were removed due to security concerns. One Army reservist with a current security clearance and access to a naval munitions depot in New Jersey was also arrested in connection with the assault on the Capitol.

Further, some participants in the violent events of Jan. 6 might seek to apply for the first time for a position of public trust or national security clearance in the future. Prosecution and conviction of guilty individuals—and sharing of this time-sensitive law enforcement information—will be critical in informing background investigators and federal government security officers of this derogatory material for current and would-be security clearance holders.

If those who stormed the Capitol are not identified and prosecuted, then they won't have a criminal record that could be detected as part of a background check.

Share on Twitter

But if these individuals are never identified and criminally prosecuted for their participation, then they won't have a criminal record that could be detected as part of a background investigation. So, in order for the U.S. government to identify the risks such individuals could pose to national security in the application process, information related to personal associations on the Questionnaire for National Security Positions Standard Form 86 (SF-86) (PDF) are likely to prove important moving forward.

Section 29 of the SF-86 “Association Record” contains a set of questions focused on “criminal acts that involve violence or are dangerous to human life and appear to be intended to intimidate or coerce a civilian population to influence the policy of a government by intimidation or coercion or to affect the conduct of a government by mass destruction, assassination or kidnapping.”

Some questions in that section seek to uncover information about whether an applicant has ever been a member of a terrorist organization, engaged in acts of terrorism, or advocated for acts of terrorism “designed to overthrow the U.S. Government by force.” Other questions focus on personal affiliations with any type of politically motivated organization (including a personal awareness of specific group intent or advocating for group activities). Security clearance applicants are asked to provide the name of the organization, descriptions of the nature of and reasons for their involvement with the organization, all contributions made to the organization, and dates of their involvement. Importantly, individuals who are interviewed in the course of a security clearance investigation about an applicant's trustworthiness are also asked to address a question about the applicant's association with violent terrorist or extremist groups.

Those who have been through the clearance process in the past may have pro-forma answered “no” and neglected to take section 29 all too seriously. After all, who would ever self-list their involvement in a terrorist organization, or check “yes” to having knowingly participated in events intended to overthrow the government when trying to obtain a national security clearance? The events of Jan. 6 highlight the continued and perhaps increasing relevance of these questions, especially for background investigators who may also routinely see “no” answers to those questions. Recently, Rep. Stephanie Murphy introduced legislation aimed at preventing members of QAnon from obtaining or maintaining access to classified information.

It is possible and maybe even likely that not all of the responsible parties who participated in the breach on the U.S. Capitol Building will be identified in the coming months—especially given the challenges with using facial recognition technologies to identify participants wearing masks as a result of the COVID-19 pandemic.

Federal government security officers responsible for personnel vetting and insider threat detection may need to pay even closer attention to the answers to the questions of “associations” now to assess the trustworthiness of current cleared employees and contractors who are continuously vetted as well as prospective clearance holders. By doing so, they will ensure that U.S. national security is not compromised by those who aligned with radical extremist groups and violently stormed the Capitol on Jan. 6 to undermine the democratic electoral certification process.

David Stebbins is a senior policy analyst and Sina Beaghley is the associate director for the Cyber and Intelligence Policy Center at the nonprofit, nonpartisan RAND Corporation.

This commentary originally appeared on The Hill on February 2, 2021. Commentary gives RAND researchers a platform to convey insights based on their professional expertise and often on their peer-reviewed research and analysis.