Category Archives: Whistleblower

Facebook Shared your Data with 60+ Other Tech Companies

Posted on by

New privacy law forces some U.S. media offline in Europe

continue here where it has affected U.S. media.

It is a privacy war. It is data abuse. It is exploitation.

More than 50 companies including Apple and Amazon participated in the Facebook data-sharing partnership.

Have you noticed emails and terms of privacy has changed in volumes with those sites you often visit? Well we can thank Europe as the new privacy law went into effect in recent weeks.

On May 25, however, the power balance will shift towards consumers, thanks to a European privacy law that restricts how personal data is collected and handled. The rule, called General Data Protection Regulation or GDPR, focuses on ensuring that users know, understand, and consent to the data collected about them. Under GDPR, pages of fine print won’t suffice. Neither will forcing users to click yes in order to sign up. Read the details here.

But, it is suggested that you actually read what updates are in fact happening in the U.S., as it may not be all that protective. Fair warning and take caution, abuses may still continue.

Read on…it is no wonder that Facebook is running TV ads, but that still does not assure us our data is being abused.

Facebook: The Social Accelerator? | emergent by design photo

Facebook Gave Device Makers Deep
Access to Data on Users and Friends

The company formed data-sharing partnerships with Apple, Samsung and
dozens of other device makers, raising new concerns about its privacy protections.

As Facebook sought to become the world’s dominant social media service, it struck agreements allowing phone and other device makers access to vast amounts of its users’ personal information.

Facebook has reached data-sharing partnerships with at least 60 device makers — including Apple, Amazon, BlackBerry, Microsoft and Samsung — over the last decade, starting before Facebook apps were widely available on smartphones, company officials said. The deals allowed Facebook to expand its reach and let device makers offer customers popular features of the social network, such as messaging, “like” buttons and address books.

But the partnerships, whose scope has not previously been reported, raise concerns about the company’s privacy protections and compliance with a 2011 consent decree with the Federal Trade Commission. Facebook allowed the device companies access to the data of users’ friends without their explicit consent, even after declaring that it would no longer share such information with outsiders. Some device makers could retrieve personal information even from users’ friends who believed they had barred any sharing, The New York Times found.

Most of the partnerships remain in effect, though Facebook began winding them down in April. The company came under intensifying scrutiny by lawmakers and regulators after news reports in March that a political consulting firm, Cambridge Analytica, misused the private information of tens of millions of Facebook users.

In the furor that followed, Facebook’s leaders said that the kind of access exploited by Cambridge in 2014 was cut off by the next year, when Facebook prohibited developers from collecting information from users’ friends. But the company officials did not disclose that Facebook had exempted the makers of cellphones, tablets and other hardware from such restrictions.

“You might think that Facebook or the device manufacturer is trustworthy,” said Serge Egelman, a privacy researcher at the University of California, Berkeley, who studies the security of mobile apps. “But the problem is that as more and more data is collected on the device — and if it can be accessed by apps on the device — it creates serious privacy and security risks.”

In interviews, Facebook officials defended the data sharing as consistent with its privacy policies, the F.T.C. agreement and pledges to users. They said its partnerships were governed by contracts that strictly limited use of the data, including any stored on partners’ servers. The officials added that they knew of no cases where the information had been misused.

The company views its device partners as extensions of Facebook, serving its more than two billion users, the officials said.

“These partnerships work very differently from the way in which app developers use our platform,” said Ime Archibong, a Facebook vice president. Unlike developers that provide games and services to Facebook users, the device partners can use Facebook data only to provide versions of “the Facebook experience,” the officials said.

Some device partners can retrieve Facebook users’ relationship status, religion, political leaning and upcoming events, among other data. Tests by The Times showed that the partners requested and received data in the same way other third parties did.

Facebook’s view that the device makers are not outsiders lets the partners go even further, The Times found: They can obtain data about a user’s Facebook friends, even those who have denied Facebook permission to share information with any third parties.

In interviews, several former Facebook software engineers and security experts said they were surprised at the ability to override sharing restrictions.

“It’s like having door locks installed, only to find out that the locksmith also gave keys to all of his friends so they can come in and rifle through your stuff without having to ask you for permission,” said Ashkan Soltani, a research and privacy consultant who formerly served as the F.T.C.’s chief technologist.

Details of Facebook’s partnerships have emerged amid a reckoning in Silicon Valley over the volume of personal information collected on the internet and monetized by the tech industry. The pervasive collection of data, while largely unregulated in the United States, has come under growing criticism from elected officials at home and overseas and provoked concern among consumers about how freely their information is shared.

In a tense appearance before Congress in March, Facebook’s chief executive, Mark Zuckerberg, emphasized what he said was a company priority for Facebook users.“Every piece of content that you share on Facebook you own,” he testified. ”You have complete control over who sees it and how you share it.”

But the device partnerships provoked discussion even within Facebook as early as 2012, according to Sandy Parakilas, who at the time led third-party advertising and privacy compliance for Facebook’s platform.

“This was flagged internally as a privacy issue,” said Mr. Parakilas, who left Facebook that year and has recently emerged as a harsh critic of the company. “It is shocking that this practice may still continue six years later, and it appears to contradict Facebook’s testimony to Congress that all friend permissions were disabled.”

The partnerships were briefly mentioned in documents submitted to German lawmakers investigating the social media giant’s privacy practices and released by Facebook in mid-May. But Facebook provided the lawmakers with the name of only one partner — BlackBerry, maker of the once-ubiquitous mobile device — and little information about how the agreements worked.

The submission followed testimony by Joel Kaplan, Facebook’s vice president for global public policy, during a closed-door German parliamentary hearing in April. Elisabeth Winkelmeier-Becker, one of the lawmakers who questioned Mr. Kaplan, said in an interview that she believed the data partnerships disclosed by Facebook violated users’ privacy rights.

“What we have been trying to determine is whether Facebook has knowingly handed over user data elsewhere without explicit consent,” Ms. Winkelmeier-Becker said. “I would never have imagined that this might even be happening secretly via deals with device makers. BlackBerry users seem to have been turned into data dealers, unknowingly and unwillingly.”

In interviews with The Times, Facebook identified other partners: Apple and Samsung, the world’s two biggest smartphone makers, and Amazon, which sells tablets.

An Apple spokesman said the company relied on private access to Facebook data for features that enabled users to post photos to the social network without opening the Facebook app, among other things. Apple said its phones no longer had such access to Facebook as of last September.

Samsung declined to respond to questions about whether it had any data-sharing partnerships with Facebook. Amazon also declined to respond to questions.

Usher Lieberman, a BlackBerry spokesman, said in a statement that the company used Facebook data only to give its own customers access to their Facebook networks and messages. Mr. Lieberman said that the company “did not collect or mine the Facebook data of our customers,” adding that “BlackBerry has always been in the business of protecting, not monetizing, customer data.”

Microsoft entered a partnership with Facebook in 2008 that allowed Microsoft-powered devices to do things like add contacts and friends and receive notifications, according to a spokesman. He added that the data was stored locally on the phone and was not synced to Microsoft’s servers.

Facebook acknowledged that some partners did store users’ data — including friends’ data — on their own servers. A Facebook official said that regardless of where the data was kept, it was governed by strict agreements between the companies.

“I am dumbfounded by the attitude that anybody in Facebook’s corporate office would think allowing third parties access to data would be a good idea,” said Henning Schulzrinne, a computer science professor at Columbia University who specializes in network security and mobile systems. Keep reading here for specific details.

Fed Gov Spent $76 Billion in 2017 for Cyber Security, Fail v Success

Posted on by

Go here for the Forum Part One

Go here for the Forum Part Two

Fascinating speakers from private industry, state government and the Federal government describe where we are, the history on cyber threats and how fast, meaning hour by hour the speed at which real hacks, intrusions or compromise happen.

David Hoge of NSA’s Threat Security Operations Center for non-classified hosts worldwide describes the global reach of NSA including the FBI, DHS and the Department of Defense.

NSA Built Own 'Google-Like' Search Engine To Share ... photo

When the Federal government spent $76 billion in 2017 and we are in much the same condition, Hoge stays awake at night.

With North Korea in the constant news, FireEye published a report in 2017 known as APT37 (Reaper): The Overlooked North Korea Actor. North Korea is hardly the worst actor. Others include Russia, China, Iran and proxies.

Targeting: With North Korea primarily South Korea – though also Japan, Vietnam and the Middle East – in various industry verticals, including chemicals, electronics, manufacturing, aerospace, automotive, and healthcare.
Initial Infection Tactics: Social engineering tactics tailored specifically to desired targets, strategic web compromises typical of targeted cyber espionage operations, and the use of torrent file-sharing sites to distribute malware more indiscriminately.
Exploited Vulnerabilities: Frequent exploitation of vulnerabilities in Hangul Word Processor (HWP), as well as Adobe Flash. The group has demonstrated access to zero-day vulnerabilities (CVE-2018-0802), and the ability to incorporate them into operations.
Command and Control Infrastructure: Compromised servers, messaging platforms, and cloud service providers to avoid detection. The group has shown increasing sophistication by improving their operational security over time.
Malware: A diverse suite of malware for initial intrusion and exfiltration. Along with custom malware used for espionage purposes, APT37 also has access to destructive malware.

More information on this threat actor is found in our report, APT37 (Reaper): The Overlooked North Korean Actor.

** NSA 'building quantum computer to crack security codes ...  photo

Beyond NSA, DHS as with other agencies have cyber divisions. The DHS cyber strategy is found here. The fact sheet has 5 pillars:

DHS CYBERSECURITY GOALS
Goal 1: Assess Evolving
Cybersecurity Risks.
We will understand the evolving
national cybersecurity risk posture
to inform and prioritize risk management activities.
Goal 2: Protect Federal Government
Information Systems.
We will reduce vulnerabilities of federal agencies to ensure they achieve
an adequate level of cybersecurity.
Goal 3: Protect Critical
Infrastructure.
We will partner with key stakeholders
to ensure that national cybersecurity
risks are adequately managed.
Goal 4: Prevent and Disrupt Criminal
Use of Cyberspace.
We will reduce cyber threats by
countering transnational criminal
organizations and sophisticated cyber
criminals.
Goal 5: Respond Effectively to Cyber
Incidents.
We will minimize consequences from
potentially significant cyber incidents
through coordinated community-wide
response efforts.
Goal 6: Strengthen the Security and
Reliability of the Cyber Ecosystem.
We will support policies and activities
that enable improved global cybersecurity risk management.
Goal 7: Improve Management of
DHS Cybersecurity Activities.
We will execute our departmental
cybersecurity efforts in an integrated
and prioritized way.

Related reading:National Protection and Programs Directorate

NPPD’s vision is a safe, secure, and resilient infrastructure where the American way of life can thrive.  NPPD leads the national effort to protect and enhance the resilience of the nation’s physical and cyber infrastructure.

*** Going forward as devices are invented and added to the internet and rogue nations along with criminal actors, the industry is forecasted to expand with experts and costs.

Research reveals in its new report that organizations are expected to increase spending on IT security by almost 9% by 2018 to safeguard their cyberspaces, leading to big growth rates in the global markets for cyber security.

The cyber security market comprises companies that provide products and services to improve security measures for IT assets, data and privacy across different domains such as IT, telecom and industrial sectors.

The global cyber security market should reach $85.3 billion and $187.1 billion in 2016 and 2021, respectively, reflecting a five-year compound annual growth rate (CAGR) of 17.0%. The American market, the largest segment, should grow from $39.5 billion in 2016 to $78.0 billion by 2021, demonstrating a five-year CAGR of 14.6%. The Asia-Pacific region is expected to grow the fastest among all major regions at a five-year CAGR of 21.4%, due to stringent government policies to mitigate cyber threats, and a booming IT industry.

Factors such as the growing complexity and frequency of threats, increasing severity of cyber security, stringent government regulations and compliance requirements, ubiquity of online communication, digital data and social media cumulatively should drive the market. Moreover, organizations are expected to increase IT spending on security solutions and services, as well. Rising adoption of technologies such as Internet of things, evolution of big data and cloud computing, increasing smartphone penetration and the developing market for mobile and web platforms should provide ample opportunities for vendors.

By solution type, the banking and financial segment generated the most revenue in 2015 at $22.2 billion. However, the defense and intelligence segment should generate revenues of $50.7 billion in 2021 to lead all segments. The healthcare sector should experience substantial growth with an anticipated 16.2% five-year CAGR.

Network security, which had the highest market revenue in 2015 based on solution type, should remain dominant through the analysis period. Substantial growth is anticipated in the cloud security market, as the segment is expected to have a 27.2% five-year CAGR, owing to increasing adoption of cloud-based services across different applications.

“IT security is a priority in the prevailing highly competitive environment,” says BCC Research analyst Basudeo Singh. “About $100 billion will be spent globally on information security in 2018, as compared with $76.7 billion in 2015.”

List of Issues for Talks Between Trump and Kim Jung Un

Posted on by

North Korea is holding up to 120,000 political prisoners in “horrific conditions” in camps across the country, according to estimates from a newly released State Department report.

The department on Tuesday issued its annual International Religious Freedom Report for 2017, which covers 200 countries and territories, documenting religious freedom and human rights abuses.

The findings on North Korea come as the Trump administration is working to engage the isolated regime. The White House says the administration continues to “actively prepare” for a possible summit with Kim Jong Un.

The report, though, addressed the brutal conditions festering inside Kim’s kingdom. It revealed 1,304 cases of alleged religious freedom violations in the country last year, while detailing the harsh treatment of political and religious prisoners — and persecution of Christians.

Secretary of States Mike Pompeo is meeting with 4 Star General and head of the military intelligence, Kim Yong Chol is a longtime spy chief and vice chairman of the ruling Workers’ Party was responsible for hacking Sony. More here.

North Korea Releases 3 US Citizens Ahead of Trump-Kim ... photo

Then North Korea has 2 satellites in orbit and more planned in 2018-2019.

“The Unha launcher can put maybe 100 kilograms [220 lbs.] into a pretty low orbit, maybe 400 or 500 kilometers [250 to 310 miles]” above the Earth’s surface, Wright said. “By increasing the thrust, it allows North Korea to lift satellites to higher altitudes, or to carry a greater payload to longer distances if it is a ballistic missile.”

Wright noted that the earlier, Nodong engine was essentially a scaled-up version of the one in the Scud, the Soviet missile that Iraq often used during the Gulf War of the 1990s. Whereas the Nodong used Scud-level propellants instead of ones used in more modern rockets, Wright noted that the color of the flame coming from the new engine in photos of the test suggest that this missile uses more advanced propellants that can generate higher thrust. [Top 10 Space Weapons]

“The surprise has been why North Korea has stuck with Scud propellants for so long,” Wright said. “There have been reports for 15 years now that North Korea had bought some submarine-launched missiles from the Soviet Union after it collapsed that used more advanced propellants, yet in all this time, we didn’t see them launch missiles with anything but Scud propellant.

In 2016, At United States Strategic Command, controllers likely had a high-workload evening as STRATCOM monitored the launch of a Russian Soyuz rocket from the Plesetsk Cosmodrome just eight minutes prior to North Korea’s launch, as is typical for launches from Russia’s military launch site. The ascending Unha rocket was tracked using the Space-Based Infrared System in Geostationary Orbit, capable of detecting the infrared signature of ascending rockets from ground level all the way into orbit. This allows the U.S. military to track the vehicle’s trajectory in real time before relying on ground-based radars to track any objects that entered orbit. More here .

Ah but there is but one more issue at least. Yes, North Korea imploded their nuclear test site at Punggye-ri. But…there are 4 more locations.

nk map amanda photo

The most important is Yongbyon, while the other locations appear to have slight or no activity.

Further, North Korea maintains a rather advanced air defense system, listed among the top in the world.

However, while North Korean technology is relatively primitive—the nation’s air defenses are coordinated.

“They do have an old Soviet computerized anti-aircraft command and control system. Most of the radars are old, but they did receive some newer Iranian phased array radars,” Kashin said. “This is what I know, the anti-aircraft units are extensively using underground shelters for cover—not easy to destroy.”

Thus, while generally primitive, North Korean defenses might be a tougher nut to crack than many might expect. Moreover, while their technology is old, North Korea’s philosophy of self-reliance means it can produce most of its own military hardware. More here.

North Korea has a fairly robust chemical and biological weapons program. The 46 page report is found here.

Lastly but hardly finally is the cyber weapons produced and applied by North Korea.

Most recently is: May 29, 2018, The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) released a joint Technical Alert (TA) that identifies two families of malware—referred to as Joanap and Brambul—used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA.

In conjunction with the release of this TA, NCCIC has released a Malware Analysis Report (MAR) that provides analysis on samples of Joanap and Brambul malware.

NCCIC encourages users and administrators to review TA18-149A: HIDDEN COBRA – Joanap Backdoor Trojan and Brambul Server Message Block Worm and MAR-10135536-3 – RAT/Worm.

While there has been recent discussions about applying the Libya model to North Korea for removing nuclear weapons, you can bet Kim Jung Un is going to demand the Pakistan model.

 

 

What is the Magnitsky Act Anyway

Posted on by

The Global Magnitsky Act enables the United States to sanction the world’s worst human rights abusers and most corrupt oligarchs and foreign officials, freezing their U.S. assets and preventing them from traveling to the United States. Sanctioned individuals become financial pariahs and the international financial system wants nothing to do with them.

Before proceeding, ask yourself: is Global Magnitsky right for my case? The language of the Global Magnitsky Act as passed by Congress was ex-panded by Executive Order 13818, which is now the implementing authority for Global Magnitsky sanctions. EO 13818 stipulates that sanctions may be considered for individuals who are engaging or have engaged in “serious human rights abuse” against any person, or are engaging or have en-gaged in “corruption.” Individuals who, by virtue of their rank, have ordered others to engage or have facilitated these acts also are liable to be sanctioned.

Keep in mind that prior to the EO’s expansion of the language, human rights sanctions were limited to “gross violations of internationally recognized human rights” as codified in 22 USC § 2304(d)(1). The original language also stipulates that any victim must be working “to expose illegal activity car-ried out by government officials” or to “obtain, exercise, defend, or promote internationally recognized human rights and freedoms.” As for sanctions for corruption, it identifies “acts of significant corruption” as sanctionable offenses. This is generally thought to be a stricter standard than the EO’s term “corruption.” It may be worthwhile to aim for this higher standard to make the tightest case possible for sanctions.

As a rule, reach out to other NGOs and individuals working in the human rights and anti-corruption field, especially those who are advocating for their own Global Magnitsky sanctions. Doing so at the beginning of the process will enable you to build strong relationships, develop a robust network, and speak with a stronger voice.

Download the full guide to learn more.

***  And harass they did. Bill Browder is a distant buddy and I watched his communications this morning as he was arrested in Spain. The warrant:

  It was about 40 minutes later, he was released. He was in Madrid is to give evidence to senior Spanish anti Russian mafia prosecutor Jose Grinda about the huge amount of money from the Magnitsky case that flowed to Spain. Now that I’m released my mission carries on. Meeting with Prosector Grinda now. This was the SIXTH Russian arrest warrant using Interpol channels. It was NOT an expired warrant, but a live one. Interpol is incapable of stopping Russian abuse of their systems. He is right.

 

***

United States citizens are outraged about the Kremlin’s incursion into the U.S. electoral system, but that is unfortunately just the tip of the iceberg. Russia is also trying to hijack the U.S. judiciary for corrupt purposes, expropriation and political repression, which has received little attention.

Unlawful seizure of private assets and private companies by the Kremlin has been the norm since Vladimir Putin became president in 2000. Russia’s law enforcement agencies and courts are regularly used for the enrichment of the ruling elite.

Annual State Department and Freedom House reports underscore that the Russian judicial system lacks independence from the country’s powerful executive branch.

The Sergei Magnitsky case is the best-known example of the Russian state’s co-opting of the courts to support its kleptocracy. A cabal of Russian tax and law enforcement officers conspired to defraud Russian taxpayers of $230 million, the largest tax fraud in Russian history, by targeting Bill Browder’s company, Hermitage Capital.

When Magnitsky, Browder’s tax attorney, discovered the fraud and notified authorities, Hermitage and Magnitsky were charged with their own fraud. Magnitsky was then arrested and died in pre-trial detention at the age of 37.

Since then, Russian authorities have repeatedly called on Interpol to disseminate red notices to harass Browder and other victims. Interpol, which is meant to facilitate cross-border coordination among law enforcement agencies, is susceptible to abuse as it passes on requests and notices from states without much scrutiny.

Russia misuses Interpol’s red notices to gain the support of international law enforcement agencies, including U.S. law enforcement, in pursuing political dissidents and victims of corporate raiding.

Russian legal authorities also abuse the U.S. court system by exploiting U.S. federal discovery laws. Under these laws, a foreign party can use the U.S. federal courts to compel discovery from any person under U.S. jurisdiction.

The Russian authorities used this law repeatedly against Yukos and its affiliates, after confiscating the oil giant from Mikhail Khodorkovsky and other shareholders.

More recently, agents of the Russian state have engaged in two federal court cases in New York: a 2016 attempt to loot the assets of Janna Bullock and her real estate investment firm RIGroup, and a 2018 effort to plunder the personal property of banker Sergei Leontiev, a former shareholder of Probusinessbank.

The Russian state is using the discovery process to extract information to further criminal charges and extortion schemes against individuals who fled to the U.S. seeking the protection, safety and rule of law now being undermined.

The Russian government and its associates have developed similar strategies to use federal and state courts to recognize and validate bogus decisions from Russian courts, exploit the U.S. Bankruptcy Code on behalf of sham creditors aligned with the Russian state and enforce illegitimate claims and orders issued by corrupt Russian judges.

Although U.S. judges are permitted to consider evidence questioning the legitimacy of a foreign judicial decision, they are rightly hesitant to speculate on whether another country upholds the rule of law.

Such a determination requires significant analysis beyond the scope and ability of most courts and therefore leaves the U.S. judiciary ill-equipped to defend itself against Russian incursion.

The U.S. is slowly beginning to fight back against Russian intrusion into our courts. In 2017, the United States sanctioned two Russian private-sector lawyers, Yulia Mayorova and Andrei Pavlov, who repeatedly represented Russian government agencies in the United States.

After passage by Congress of the “Global Magnitsky Human Rights Accountability Act,” the U.S. sanctioned Artem Chaika, the son of Russia’s prosecutor general, who used his father’s position to extort bribes and win contracts for himself and his cronies, while driving out competition.

More needs to be done to keep Russian lawlessness abroad at bay. The House and Senate judiciary committees should investigate the hacking of U.S. courts and hold hearings to examine the threat they pose, with an eye toward developing legislation that will help block future attacks.

The Department of Justice and the State Department should consider establishing a joint task force to coordinate with U.S. courts, where victims of abuse by corrupt governments could submit their evidence.

The State Department already produces annual reports that opine on the state of foreign judiciaries, which can be put to good use to protect the integrity of U.S. courts.

Trumps’ 3 Executive Orders Take on Government Employees

Posted on by

Union Helps New Jobs In L.A. Go To 'Pot'

Primer: Why are there unions in the Federal government anyway? Anyone?

Highlights from the 2017 data:

–The union membership rate of public-sector workers (34.4 percent)
continued to be more than five times higher than that of private-
sector workers (6.5 percent). (See table 3.)

–Workers in protective service occupations and in education, training,
and library occupations had the highest unionization rates (34.7
percent and 33.5 percent, respectively). (See table 3.)

–Men continued to have a higher union membership rate (11.4 percent)
than women (10.0 percent). (See table 1.)

–Black workers remained more likely to be union members than White,
Asian, or Hispanic workers. (See table 1.)

–Nonunion workers had median weekly earnings that were 80 percent of
earnings for workers who were union members ($829 versus $1,041). (The
comparisons of earnings in this release are on a broad level and do not
control for many factors that can be important in explaining earnings
differences.) (See table 2.)

–Among states, New York continued to have the highest union membership
rate (23.8 percent), while South Carolina continued to have the lowest
(2.6 percent). (See table 5.)

Trump signs executive orders making it easier to fire feds, overhaul official time

President Donald Trump signed three executive orders Friday that aim to reduce the time it takes to fire poor-performing federal employees and overhaul federal employees union rights, including cuts to official time.

In a conference call with reporters on Friday, senior White House officials said the executive orders call back to a promise Trump made at his State of the Union address, in which he sought to empower every cabinet secretary with the authority to award good federal employees and to remove poor performers more quickly.

“Today, the president is fulfilling his promise to promote more efficient government by reforming our civil service rules,” said Andrew Bremberg, the assistant to the president and the director of the Domestic Policy Council. “These executive orders will make it easier to remove poor-performing employees and ensure that taxpayer dollars are more efficiently used.”

One of the executives orders aims to make it easier for agencies to fire poor-performing employees and makes it harder for those employees to hide adverse employment information when seeking re-employment at another agency.

The Government Accountability Office has found it takes between six months and a year, on average, to remove federal employees flagged for misconduct, plus an average of eight more months to resolve appeals.

“Every year, the Federal Employee Viewpoint Survey has consistently shown that less than one-third of federal employees believe the poor performers are adequately addressed by their agency,” Bremberg said.

Under this EO, agencies will be required to report disciplinary actions records and management of poor performers to the Office of Personnel Management.

Data from the Office of Personnel Management shows that federal employees are 44 times less likely to be fired than a private-sector worker.

The Trump administration first sought to make it easier to fire federal employees under the  VA Accountability and Whistleblower Protection Act.

Under that authority, the Veterans Affairs Department, under the first full year of the Trump administration, fired 2,537 people — about 500 more federal employees than the agency let go in 2016.

Cuts to official time

A second executive order would significantly reduce the amount of time that federal employees can be paid for union work while on-the-clock.

Under the executive order, federal employees would not be able to spend any more than 25 percent of their work hours on through official time.

The executive order calls on agencies to renegotiate contracts with labor unions and reduce official time by about two-thirds.

The White House claims more than 470 Veterans Affairs Department employees, including 47 full-time nurses, spend 100 percent of their work-hours on union-related business.

Renegotiated labor contracts

A third executive order would curtail the labor contract bargaining window between government and unions.

The terms of regotiated contracts would be overseen by a new Labor Relations Working Group, which the EO orders OPM to establish.

In addition, the executive order would require federal union contracts be posted to an online database, with the goal of promoting transparency.

Senior White House officials said a drawn-out bargaining benefits union negotiations. Federal agencies, they said, paid $16 million in salaries for union negotiators in 2016.

Elevating federal workforce? Or an ‘assault’ on feds?

OPM Director Jeff Pon said the executive orders will protect federal employees who are doing their jobs, while making it more efficient to remove those who are not.

“By holding poor performers accountable, reforming the use of taxpayer-funded union time, and focusing negotiations on issues that matter, we are advancing our efforts to elevate the federal workforce.  The vast majority of our employees are dedicated public servants who are dedicated to their missions and service to the American people.  It is essential that we honor their commitment, and these measures reflect just that,” Pon said in a statement.

J. David Cox, the president of the American Federation of Government Employees, said the president’s trio of executive orders would chip away at federal employees rights.

“This is President Trump taking retribution on an apolitical civil service workforce,” Cox said.

National Treasury Employees Union President Tony Reardon called the executives orders “an assault on federal employees.”

“Rather than promote efficiency in the federal sector, the administration is demanding federal workers lose their ability to challenge unfair, arbitrary and discriminatory firings and other actions. This would begin the process of dismantling the merit system that governs our civil service,” Reardon said in a statement.

Senate Homeland Security and Governmental Affairs Committee Chairman Ron Johnson (R-Wis.), signaled his support for the executive orders.

“These reforms will improve accountability and productivity in the federal workforce, and I applaud the Trump administration for taking action to restore the public interest as the top priority of government operations,” Johnson said.

Sen. James Lankford (R-Okla.), the chairman of the Regulatory Affairs and Federal Management Subcommittee, said the EOs would reign in employee unions’ influence over government operations.

“These executive orders strive to make the federal government more efficient, not only for the taxpayer, but for our great federal workers. We have thousands of federal employees who work very hard for the nation; it’s important that their work is not frustrated by the poor performance of a small few,” Lankford said.