Summary
A 49-year-old retired Army veteran with a history of security clearances was granted a security clearance despite concerns under Guideline K (Handling Protected Information) and Guideline M (Use of Information Technology). The applicant had transferred sensitive company data, including usernames, passwords, proprietary business data, a business proposal, and accounting guidelines, from his company email to his personal account without authorization after leaving his employer. These actions violated company rules and raised disqualifying conditions K.34(b), K.34(d), K.34(g), M.40(a), and M.40(e).
The judge determined that the applicant's actions were unintentional, motivated by a desire to prepare for a consulting role. Several mitigating conditions were applied, including K.35(a), K.35(b), M.41(a), M.41(b), and M.41(c). The applicant demonstrated credible intent to comply with security protocols by promptly deleting the transferred data upon realizing his mistake.
Further supporting the decision, the applicant's former CEO provided positive testimony regarding his character and trustworthiness, suggesting the incident was an isolated error. The applicant also completed additional training on safeguarding sensitive information, reinforcing his commitment to security responsibilities. Based on these factors, the security clearance was granted.
Why the Applicant Prevailed
- The applicant demonstrated credible intent to comply with security protocols and took corrective action by deleting the transferred data.
- The applicant's former CEO testified positively about his character and trustworthiness, indicating that the conduct was a one-time mistake.
- The applicant completed additional training on safeguarding sensitive information, showing a commitment to security responsibilities.
Conditions Referenced
- K.34(b)raisedCollecting or Storing Classified or Other Protected Information at Home or in Any Other Unauthorized Locations
- K.34(d)raisedInappropriate Efforts to Obtain or View Classified or Other Protected Information Outside of One’s Need to Know
- K.34(g)raisedAny Failure to Comply with Rules for the Protection of Classified or Other Sensitive Information
- M.40(a)raisedIllegal or Unauthorized Entry Into Any Information Technology System or Component Thereof
- M.40(e)raisedUnauthorized Use of a Government or Other Information Technology System
- K.35(a)appliedSo Much Time Has Elapsed Since the Behavior Happened, or It Happened Under Such Unusual Circumstances, That It Is Unlikely to Recur and Does Not Cast Doubt on the Individual’s Reliability, Trustworthiness, or Good Judgment
- K.35(b)appliedThe Individual Responded Favorably to Counseling or Remedial Security Training and Now Demonstrates a Positive Attitude Toward the Discharge of Security Responsibilities
- M.41(a)appliedSo Much Time Has Elapsed Since the Behavior Happened, or It Happened Under Such Unusual Circumstances, That It Is Unlikely to Recur and Does Not Cast Doubt on the Individual’s Reliability, Trustworthiness, or Good Judgment
- M.41(b)appliedThe Misuse Was Minor and Done Only in the Interest of Organizational Efficiency and Effectiveness
- M.41(c)appliedThe Conduct Was Unintentional or Inadvertent and Was Followed by a Prompt, Good-faith Effort to Correct the Situation and by Notification of Supervisor
Key Rule Quoted
“The protection of the national security is the paramount consideration.”
Procedural Posture
- SOR issuedSep 12, 2014
- Answer filedSep 25, 2014
- Hearing heldNov 18, 2014
- Decision dateDec 9, 2014
Cite For
- Mitigation of Unauthorized Data Transfer Under Guideline K
- Credibility of Applicant's Intent in Handling Sensitive Information
- Impact of Corrective Actions on Security Clearance Decisions