When Donald Trump took office, one of his first moves was to address the rampant mismanagement and corruption that had long plagued the Department of Veterans Affairs. In April 2017, he signed an executive order to establish a new office whose sole purpose was to help protect VA whistleblowers. But the Office of Accountability and Whistleblower Protection ended up doing the exact opposite: It has failed to protect the public servants who reported wrongdoing and, in some cases, even orchestrated covert campaigns of retaliation and intimidation against known whistleblowers within the VA.
But the VA’s latest attempt to intimidate whistleblowers isn’t so secretive: The agency is now sending emails to employees warning them about whistleblowers and encouraging them to report suspected whistleblowers.
An email sent by the VA’s Insider Threat Program on September 9, obtained by Mother Jones, alerted its employees that September was “Insider Threat Awareness Month” and explained how and why employees should be on the lookout for such threats: “The United States has been betrayed by people holding positions of trust,” the emails reads. “Arguably ‘insiders’ have caused more damage than trained foreign professional intelligence officers working on behalf of their respective governments. Not every suspicious circumstance or behavior represents a spy in our midst, but every situation needs to be examined to determine whether our nation’s security is at risk.”
The email describes “behavior indicators” for employees to be on the lookout for, which includes any employee who “inappropriately seeks/obtains classified information on subjects not related to their work duties,” “works odd hours without authorization,” “engages in suspicious contacts,” is “overwhelmed by life crises/career disappointments,” and expresses “concern they are being investigated.” The email then encourages employees that “if you see something say something” and instructs managers on best practices for monitoring employees as potential insider threats, including providing “non-threatening, convenient ways for employees to report suspicions” and “routinely monitor[ing] computer networks.”
It’s unclear how many VA employees received this email. Two VA whistleblowers who spoke to Mother Jones said they received the email but that many of their coworkers did not. The email was addressed to a mail group that includes all VA executive officers, but neither of the sources that Mother Jones spoke with fall into that group. A VA spokesperson would not answer any questions about the details of the email and who it was addressed to, issuing only this statement: “VA is always working to safeguard government resources, property and information. As part of that effort, VA observes Insider Threat Awareness Month, as many other government agencies do.”
It’s not unheard of for certain government agencies to have an insider threat program that sends out emails like this. But Tom Devine, legal director at the Government Accountability Project—a nonprofit whistleblower advocacy and protection organization—says this program and these sorts of emails have typically been limited to departments that deal with matters of national security, like the National Security Agency, the State Department, and the Department of Defense. “This is new for the VA,” he says. According to the VA’s website, the agency’s insider threat program is a part of the Office of Operations, Security, and Preparedness.
Though insider threat programs might be standard in federal agencies that deal with matters of national security, there have been concerns that Trump administration officials are abusing the programs in other federal agencies to intimidate would-be whistleblowers and prevent leaks to the media. In August 2017, the Project on Government Oversight—a nonprofit federal watchdog group—called on the Office of Special Counsel to investigate the Department of Energy for appearing to have violated whistleblower protection laws when it urged staff to “report possible insider threat indicators,” and placed posters in its headquarters discouraging staff from leaking information to the media. The OSC ordered the removal of the posters from the DOE and issued a memo warning that insider threat programs and the electronic monitoring of employee communications could run afoul of whistleblower protection laws.
For the VA to employ the same kind of tactics that national security agencies use to combat espionage and classified leaks to foreign nationals is especially worrisome in the midst of a pandemic. (But, as Devine notes, while the VA does not directly handle classified information, he does say there “can be some overlap between their work and national security concerns.”) The VA functions primarily as a public health agency that serves veterans. It’s the largest integrated health care system in the United States, with more than 9 million veterans enrolled in the agency’s health care program, so when aspects of the agency aren’t working the way they’re supposed to, it’s important for VA employees to have the tools and resources to report it. But the Trump administration has gone to great lengths to weaponize those tools against the employees who use them. Keena Smith, the president of the local union representing VA employees in St. Louis, told In These Times last month that Trump’s orders have “eviscerated the union’s last contract, stripping out health and safety provisions and whistleblower protections, and severely cutting back employees’ rights to fight back against disciplinary actions.”
Conditions for federal whistleblowers—especially at the VA—were bad during the Obama administration, but they’re significantly worse under Trump. Since Trump took office, his administration has gone to great lengths to intimidate potential whistleblowers and retaliate against public servants who have brought attention to corruption, fraud, and waste. It started almost immediately after Trump was sworn in, when the White House issued gag orders to employees that appeared to violate federal whistleblowing laws because they barred communication with the press, public, and Congress.
Throughout Trump’s presidency, the VA has borne the brunt of the president’s whistleblowing wrath, as he continues to staff the newly created OAWP with appointees who target known whistleblowers within the agency. As a blistering report released last year by the agency’s inspector general noted, the OAWP didn’t just fail to protect whistleblowers—which, at a minimum, is its core function—but instead targeted them and “created an office culture that was sometimes alienating to the very individuals it was meant to protect.” And the insider threat program is a prime example of just one of the many ways that the VA targets whistleblowers.
Though the email sent out by the VA’s insider threat program last month might read like a message meant to discourage whistleblowing—and potentially violate federal law—Devine says its language in the “behavior indicators” section has been neutered in a way that makes it too vague to be interpreted as a direct threat. “This sort of behavior could legitimately be symptoms of someone who is trying to breach security for illegal reasons rather than it being an anonymous source protected by the whistleblower laws.”
But that’s not how some VA whistleblowers who received the email interpreted it. One VA whistleblower who received the email and spoke to Mother Jones on the condition of anonymity said it’s “terrifying that the VA, who is not a member of the US National Intelligence or national security community, is openly and brazenly—and probably unlawfully—using government intelligence resources against US citizens on US soil.”
Scott Davis, a VA employee in Atlanta who, in 2014, exposed VA mismanagement that resulted in veterans having delayed access to health care, also interpreted the email as a threat against whistleblowers. “The agency is using cybersecurity methods to intimidate whistleblowers,” he says. In the years since he went public, Davis—who still works for the VA—has been outspoken about whistleblower intimidation and retaliation at the VA, which he says has been much worse under the Trump administration. Though Davis received the “Insider Threat Awareness Month” email in September, he says he has colleagues who did not, which makes him wonder who exactly received that email—and why. “This is a threat the agency has been using to intimidate whistleblowers,” Davis says.