Sex and the Servers

The Interior IG gets in a lather over employees' Web surfing habits.

Interior Department Inspector General Earl Devaney knows how to draw attention to his work. Any IG can issue a report on employees' use of the Internet. But if you really want to make your point, it helps to title such a study "Excessive Indulgences," and issue it with a cover featuring a slot machine, a shopping cart, a chess set and-here's how to really hook 'em-a woman's bare torso. That's what Devaney did in October.

The predictable result? The IG's servers slowed to a crawl when the report was released as curious Web surfers flocked to see what it was all about. But it's safe to say they got quite a bit less than they bargained for.

What the report contained was mostly standard bureaucratese revealing that Devaney was shocked, shocked that Interior workers were using their computers for something other than official business. Employees, he wrote, "continue to access sexually explicit and gambling Web sites despite being specifically prohibited from doing so by federal regulation and department policy. This prohibited activity exposes the department to threats of compromised system integrity, increased risk of legal liability and potential public embarrassment."

Devaney's team analyzed Web logs from across the department for a week and found 4,732 entries related to sexually explicit or gambling sites, accounting for an estimated 24 hours' worth of Internet use. Even worse, Devaney said, they found more than 1 million log entries on game and auction sites, adding up to more than 2,000 hours of time. Over a year, the IG said, these "veritable shopping and gaming binges" would cost the department more than 100,000 hours of lost productivity.

Forgive me for getting somewhat less worked up about this whole situation than Mr. Devaney.

First of all, much of the activity Devaney and his team documented does not violate Interior policy. Department employees, Assistant Secretary Lynn Scarlett wrote in a memo after the report was released, "may make limited personal use of government equipment as long as it occurs on nonduty time, does not interfere with official business, does not adversely impact electronic systems, is not commercial-gain activity, or is not otherwise prohibited, and the expense to government is negligible." Specifically, they're allowed to make personal purchases over the Internet, as long as they don't have their orders shipped to government addresses.

That leaves the porn and gaming sites, and the problem there is by no means trivial. A number of computers, the IG report found, had been used to access sexually explicit Web sites for 30 minutes to an hour. One computer had more than 2,300 log entries at two game sites lasting 14 hours.

But Devaney's report also said there have been 177 disciplinary actions for improper or inappropriate Internet use at Interior since 1999. That's a "low number," he argues, given that the probe uncovered thousands of hits at prohibited sites. But it's large enough to assume that the department is punishing egregious violators, and looking the other way at minor, routine violations.

That doesn't strike me as all that unreasonable. After all, does anybody think that the employees of any large private corporation are doing any less Web surfing on company time? Of course not. But the folks at those companies are being judged primarily on results, not by an assumption that absolutely every minute they spend on a computer can, should and will be dedicated to quantifiable official business.

I'm a lot less concerned about Interior employees' online habits than top officials' offline behavior. At a House subcommittee hearing in September, Devaney said, "Short of a crime, anything goes at the highest levels of the Department of the Interior." The department, he said, suffers from a "culture of managerial irresponsibility and lack of accountability," and "ethics failures on the part of senior department officials-taking the form of appearances of impropriety, favoritism and bias-have been routinely dismissed with a promise 'not to do it again.' "

Now that's a scandal.

Stay up-to-date with federal news alerts and analysis — Sign up for GovExec's email newsletters.
Close [ x ] More from GovExec

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Sponsored by G Suite

    Cross-Agency Teamwork, Anytime and Anywhere

    Dan McCrae, director of IT service delivery division, National Oceanic and Atmospheric Administration (NOAA)

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

  • Federal IT Applications: Assessing Government's Core Drivers

    In order to better understand the current state of external and internal-facing agency workplace applications, Government Business Council (GBC) and Riverbed undertook an in-depth research study of federal employees. Overall, survey findings indicate that federal IT applications still face a gamut of challenges with regard to quality, reliability, and performance management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security


When you download a report, your information may be shared with the underwriters of that document.