Privacy and Civil Liberties Overview — Vocabulary Flashcards

Vocabulary flashcards covering key terms and concepts from the Privacy and Civil Liberties Overview lecture notes.

Insider Threat Program

Programs at federal agencies, DoD components, and industry to deter, detect, and mitigate insider threats while protecting privacy and civil liberties.

Privacy and Civil Liberties Overview

A course outlining how privacy laws, regulations, and policies affect insider threat actions and mission success.

FOIA

Freedom of Information Act; gives the public the right to request records from federal agencies; has nine exemptions.

FOIA Exemptions

Nine categories that protect interests such as national security, privacy, and law enforcement from disclosure.

Privacy Act of 1974

Laws governing federal agencies’ collection, maintenance, and disclosure of personal information to protect privacy and provide access and correction rights.

System of Records Notice (SORN)

Public notice describing the nature of collection, retention, and dissemination of records by an agency.

PII

Personally Identifiable Information; data that can identify an individual (e.g., name, SSN, biometrics).

PHI

Protected Health Information; health data regulated under HIPAA; subset of PII.

HIPAA Privacy Rule

Standards governing the use and disclosure of PHI by covered entities and individuals’ privacy rights.

Consent Rule (Privacy Act)

Rule requiring consent to disclose information from a Privacy Act system, with listed exceptions.

Consent Rule Exceptions

Twelve listed exceptions (e.g., legitimate need to know, FOIA, routine uses, census, statistical research, law enforcement, court orders).

First Amendment

Protects freedoms of speech, religion, press, assembly, and petition; limits on government actions regarding these rights.

Fourth Amendment

Protects against unreasonable searches and seizures; requires probable cause and reasonable expectation of privacy.

Fifth Amendment

Protects against self-incrimination and guarantees due process; prohibition against double jeopardy.

Ninth Amendment

States that the enumeration of rights in the Constitution is not exhaustive; other rights exist.

Fourteenth Amendment

Citizenship, due process, and equal protection under the law; basis for many privacy rights through due process.

Reasonable Expectation of Privacy

Test used to determine Fourth Amendment privacy rights: actual expectation and societal recognition of reasonableness.

O'Connor v. Ortega (1987)

Fourth Amendment rights apply to public employees; workplace realities affect reasonable privacy expectations.

Garrity v. New Jersey (1967)

Public employees cannot be compelled to incriminate themselves; Garrity warnings in internal investigations.

Pickering v. Board of Education (1968)

Public employees have First Amendment free speech rights on matters of public importance, absent false statements.

DOD EO 13587

Executive Order establishing reforms to safeguard classified information while protecting privacy and civil liberties.

PCLOB

Privacy and Civil Liberties Oversight Board; analyzes privacy and civil liberties implications of government actions.

OPSEC

Operations Security; process to protect critical information and prevent inadvertent disclosures.

OPSEC Five-Step Process

Identify critical information, analyze threats, assess risks, apply countermeasures, and evaluate impact.

Protected Information

Personally Identifiable Information (PII) and Protected Health Information (PHI) that must be safeguarded.

PHI

Protected Health Information; health data covered under HIPAA protections.

Even-Handedness Approach

Focus on conduct, not individuals; ensure triggers are lawful and standards-based; avoid bias.

Collaborative Roles

Team members (Legal Counsel, HR, Behavioral Science, Security, Cyber, Counterintelligence, Law Enforcement) who support privacy and civil liberties.

Unauthorized Disclosure vs. Whistleblowing

Unauthorized disclosure is a crime; whistleblowing is protected reporting through approved channels.

Whistleblower Protections

Legal protections (e.g., 10 USC 1034, No Fear Act) for reporting fraud or abuses via proper channels.

Threats of Violence

Not protected speech; threats may be restricted to protect safety; R.A.V. v. City of St. Paul outlines rationale.

Balancing Institutional Protections and Rights

Reconciling security needs with individual privacy and civil liberties through governance and collaboration.

Public Trust in Government

Essential to insider threat work; privacy protections help maintain trust while addressing national security needs.

SORN vs. Privacy Act

SORN describes records systems; Privacy Act governs access, corrections, and disclosures of those records.

NISPOM

National Industrial Security Program Operating Manual; relates to safeguarding sensitive information in industry contexts.

15-Word Summary of Civil Liberties in Insider Threat

Civil liberties, privacy, and lawful handling of information are essential in insider threat work.