[House Hearing, 113 Congress]
[From the U.S. Government Publishing Office]
NASA SECURITY: ASSESSING THE AGENCY'S
EFFORTS TO PROTECT SENSITIVE INFORMATION
=======================================================================
JOINT HEARING
BEFORE THE
SUBCOMMITTEE ON SPACE &
SUBCOMMITTEE ON OVERSIGHT
COMMITTEE ON SCIENCE, SPACE, AND TECHNOLOGY
HOUSE OF REPRESENTATIVES
ONE HUNDRED THIRTEENTH CONGRESS
SECOND SESSION
__________
JUNE 20, 2014
__________
Serial No. 113-81
__________
Printed for the use of the Committee on Science, Space, and Technology
Available via the World Wide Web: http://science.house.gov
U.S. GOVERNMENT PRINTING OFFICE
89-410 WASHINGTON : 2015
-----------------------------------------------------------------------
For sale by the Superintendent of Documents, U.S. Government Printing
Office Internet: bookstore.gpo.gov Phone: toll free (866) 512-1800; DC
area (202) 512-1800 Fax: (202) 512-2104 Mail: Stop IDCC, Washington, DC
20402-0001
COMMITTEE ON SCIENCE, SPACE, AND TECHNOLOGY
HON. LAMAR S. SMITH, Texas, Chair
DANA ROHRABACHER, California EDDIE BERNICE JOHNSON, Texas
RALPH M. HALL, Texas ZOE LOFGREN, California
F. JAMES SENSENBRENNER, JR., DANIEL LIPINSKI, Illinois
Wisconsin DONNA F. EDWARDS, Maryland
FRANK D. LUCAS, Oklahoma FREDERICA S. WILSON, Florida
RANDY NEUGEBAUER, Texas SUZANNE BONAMICI, Oregon
MICHAEL T. McCAUL, Texas ERIC SWALWELL, California
PAUL C. BROUN, Georgia DAN MAFFEI, New York
STEVEN M. PALAZZO, Mississippi ALAN GRAYSON, Florida
MO BROOKS, Alabama JOSEPH KENNEDY III, Massachusetts
RANDY HULTGREN, Illinois SCOTT PETERS, California
LARRY BUCSHON, Indiana DEREK KILMER, Washington
STEVE STOCKMAN, Texas AMI BERA, California
BILL POSEY, Florida ELIZABETH ESTY, Connecticut
CYNTHIA LUMMIS, Wyoming MARC VEASEY, Texas
DAVID SCHWEIKERT, Arizona JULIA BROWNLEY, California
THOMAS MASSIE, Kentucky ROBIN KELLY, Illinois
KEVIN CRAMER, North Dakota KATHERINE CLARK, Massachusetts
JIM BRIDENSTINE, Oklahoma
RANDY WEBER, Texas
CHRIS COLLINS, New York
BILL JOHNSON, Ohio
------
Subcommittee on Space
HON. STEVEN M. PALAZZO, Mississippi, Chair
RALPH M. HALL, TEXAS DONNA F. EDWARDS, Maryland
DANA ROHRABACHER, California SUZANNE BONAMICI, Oregon
FRANK D. LUCAS, Oklahoma DAN MAFFEI, New York
MICHAEL T. MCCAUL, Texas JOSEPH P. KENNEDY III,
MO BROOKS, ALABAMA Massachusetts
LARRY BUCSHON, Indiana DEREK KILMER, Washington
STEVE STOCKMAN, Texas AMI BERA, California
BILL POSEY, Florida MARC VEASEY, Texas
DAVID SCHWEIKERT, Arizona JULIA BROWNLEY, California
JIM BRIDENSTINE, Oklahoma FREDERICA WILSON, Florida
CHRIS COLLINS, New York EDDIE BERNICE JOHNSON, Texas
LAMAR S. SMITH, Texas
------
Subcommittee on Oversight
HON. PAUL C. BROUN, Georgia, Chair
F. JAMES SENSENBRENNER, JR., DAN MAFFEI, New York
Wisconsin ERIC SWALWELL, California
BILL POSEY, Florida SCOTT PETERS, California
KEVIN CRAMER, North Dakota EDDIE BERNICE JOHNSON, Texas
BILL JOHNSON, Ohio
LAMAR S. SMITH, Texas
C O N T E N T S
June 20, 2014
Page
Witness List..................................................... 2
Hearing Charter.................................................. 3
Opening Statements
Statement by Representative Steven M. Palazzo, Chairman,
Subcommittee on Space, Committee on Science, Space, and
Technology, U.S. House of Representatives...................... 11
Written Statement............................................ 12
Statement by Representative Dan Maffei, Ranking Minority Member,
Subcommittee on Oversight, Committee on Science, Space, and
Technology, U.S. House of Representatives...................... 13
Written Statement............................................ 14
Statement by Representative Paul C. Broun, Chairman, Subcommittee
on Oversight, Committee on Science, Space, and Technology, U.S.
House of Representatives....................................... 15
Written Statement............................................ 16
Statement by Representative Eddie Bernice Johnson, Ranking
Member, Committee on Science, Space, and Technology, U.S. House
of Representatives............................................. 17
Written Statement............................................ 17
Witnesses:
Mr. Richard Keegan, Associate Deputy Administrator, National
Aeronautics and Space Administration
Oral Statement............................................... 18
Written Statement............................................ 20
Ms. Belva Martin, Director, Acquisition and Sourcing Management,
Government Accountability Office
Oral Statement............................................... 31
Written Statement............................................ 33
Ms. Gail A. Robinson, Deputy Inspector General, National
Aeronautics and Space
Oral Statement............................................... 48
Written Statement............................................ 50
Mr. Douglas Webster, Fellow, National Academy of Public
Administration and Principal, Cambio Consulting Group
Oral Statement............................................... 57
Written Statement............................................ 59
Discussion....................................................... 75
Appendix I: Answers to Post-Hearing Questions
Mr. Richard Keegan, Associate Deputy Administrator, National
Aeronautics and Space Administration........................... 90
Ms. Belva Martin, Director, Acquisition and Sourcing Management,
Government Accountability Office............................... 112
Ms. Gail A. Robinson, Deputy Inspector General, National
Aeronautics and Space.......................................... 119
Mr. Douglas Webster, Fellow, National Academy of Public
Administration and Principal, Cambio Consulting Group.......... 126
Appendix II: Additional Material for the Record
Submitted statement for the record by Representative Donna F.
Edwards, Ranking Minority Member, Subcommittee on Space,
Committee on Science, Space, and Technology, U.S. House of
Representatives................................................ 142
Responses submitted by NASA for information requested by Chairman
Broun during the course of the hearing......................... 144
NASA SECURITY: ASSESSING THE AGENCY'S
EFFORTS TO PROTECT SENSITIVE INFORMATION
----------
FRIDAY, JUNE 20, 2014
House of Representatives,
Subcommittees on Space &
Oversight
Committee on Science, Space, and Technology,
Washington, D.C.
The Subcommittees met, pursuant to call, at 10:01 a.m., in
Room 2318 of the Rayburn House Office Building, Hon. Steven
Palazzo [Chairman of the Subcommittee on Space] presiding.
[GRAPHIC] [TIFF OMITTED]
Chairman Palazzo. This joint hearing of the Subcommittee on
Space and the Subcommittee on Oversight will come to order.
Good morning. Welcome to today's hearing titled, ``NASA
Security: Assessing the Agency's Efforts to Protect Sensitive
Information.'' In front of you are packets containing the
written testimony, biography, and truth-in-testimony disclosure
for today's witnesses.
Before we get started, since this is a joint hearing
involving two Subcommittees, I want to explain how we will
operate procedurally so all Members understand how the
question-and-answer period will be handled. We will recognize
those Members present at the gavel in order of seniority on the
full Committee, and those coming in after the gavel will be
recognized in order of arrival.
I recognize myself for five minutes for an opening
statement.
Welcome to today's joint hearing on NASA's ability to
protect sensitive information. Recent events have reminded us
that protecting sensitive aerospace information is more than a
matter of national pride; it is also a matter of national
security. Yet NASA continues to struggle with the protection of
sensitive information, even as the agency is persistently
targeted by our adversaries.
Today, we discuss the reports that have shown that NASA's
casual and negligent approach to foreign national access and
failure to control sensitive information is allowing our
nation's prized aerospace technology to be compromised. The
purpose of today's hearing is to ensure that NASA follows
through on addressing these failures.
On March 16, 2013, Federal agents conducted a search of a
foreign national contractor from the Langley Research Center
before departure to China. This search was prompted by concerns
that the individual was inappropriately granted access to
sensitive information. Despite the fact that the individual
pled guilty to a misdemeanor offense, the nature of the
information on his computer and how he obtained it remains
under investigation.
Also, a multiyear investigation dating back to 2009 showed
that foreign nationals were granted inappropriate access to
information and facilities at NASA's Ames Research Center. As a
result, NASA's Office of the Inspector General issued a
detailed 41-page report highlighting troubling cases where
improper access was granted under direction from senior center
leadership.
Today's hearing is one in a series of Congressional actions
to address these matters. In addition to a hearing held last
Congress in this Committee, Dr. Paul Broun, Chairman of the
Oversight Committee, requested a GAO review of NASA's export
control processes. And Representative Frank Wolf petitioned
NASA to work with the National Academy of Public Administration
to conduct an independent review of NASA's Foreign National
Access Management. Unfortunately NASA has only released a
summary of this report.
These reports confirm our worst fears: that the incidents
at Langley and Ames are not isolated incidents. Among
conclusions from these reports we find most centers continue to
release scientific and technical information that has not been
reviewed for export control purposes. NASA lacks both clear
export control policies and the oversight necessary to enforce
them. The NASA network has indeed been compromised and these
vulnerabilities could have significant impacts on national
security.
And finally, a troubling trend we have seen across agencies
in this Administration: the failure or the willingness--
unwillingness to hold accountable those responsible for these
errors.
Congress has also continued addressing these matters in the
NASA Authorization Act that recently passed the House by an
overwhelming bipartisan vote of 401 to 2. Our bill directs NASA
to give a timely report on compliance efforts in response to
the recommendations of the NAPA report. It also calls for a GAO
review of NASA's compliance and directs NASA to take national
security into consideration when conducting technology
transfers.
My goal as Chairman of this Committee is to hold NASA
accountable while working with the agency to correct these
serious matters. I understand that NASA has its challenges. The
original Space Act directed the agency to simultaneously
``provide for the widest practicable and appropriate
dissemination of information concerning its activities'' while
also directing the agency to protect classified, trade secret,
and confidential information.
Additionally, NASA, like other Federal agencies, is subject
to the requirements of the Arms Export Control Act and the
Export Administration Act. Too often, enforcement is left to
the discretion of center leadership in a NASA culture that
``has a tendency to lapse back into old habits once the
spotlight is off the area under review.'' I will point out that
this is more than my personal assessment; it is the independent
opinion as expressed in the NAPA report.
I am pleased that NASA's Office of the Inspector General is
here today to discuss these two reports, as well as their
yearly report to Congress on NASA's compliance with Federal
export controls laws. I am also pleased that two other outside
groups have also reviewed the topic, the National Academy of
Public Administration and GAO.
While much of the focus of today's hearing will be to
identify the failures within NASA's current structure, it is
also an opportunity to identify ways Congress can improve and
clarify its own roles in providing oversight and accountability
over NASA activities. I believe this is in the best interest of
all involved as we look to the future in a world where our
nation's space interests are impacted by both the cooperation
and competition of international players.
[The prepared statement of Mr. Palazzo follows:]
Prepared Statement of Subcommittee on Space
Chairman Steven M. Palazzo
Welcome to today's joint hearing on NASA's ability to protect
sensitive information.
Recent events have reminded us that protecting sensitive aerospace
information is more than a matter of national pride; it is also a
matter of national security. Yet, NASA continues to struggle with the
protection of sensitive information, even as the agency is persistently
targeted by our adversaries. Today we discuss the reports that have
shown that NASA's casual and negligent approach to foreign national
access--and failure to control sensitive information--is allowing our
Nation's prized aerospace technology to be compromised. The purpose of
today's hearing is to ensure that NASA follows through on addressing
these failures.
On March 16, 2013 federal agents conducted a search of a foreign
national contractor from the Langley Research Center before departure
to China. This search was prompted by concerns that the individual was
inappropriately granted access to sensitive information. Despite the
fact that the individual pled guilty to a misdemeanor offense, the
nature of the information on his computer, and how he obtained it,
remains under investigation.
Similarly, a multi-year investigation dating back to 2009 showed
that foreign nationals were granted inappropriate access to information
and facilities at NASA's Ames Research Center. As a result, NASA's
Office of the Inspector General issued a detailed 41 page report
highlighting troubling cases where improper access was granted under
direction from senior center leadership. Today's hearing is one in a
series of congressional actions to address these matters. In addition
to a hearing held last Congress in this Committee, Dr. Paul Broun,
Chairman of the Oversight Committee requested a GAO review of NASA's
export control processes. And Rep. Frank Wolf petitioned NASA to work
with the National Academy of Public Administration (NAPA) to conduct an
independent review of NASA's foreign national access management.
Unfortunately NASA has only released a summary of this report.
These reports confirm our worst fears: that the incidents at
Langley and Ames are not isolated incidences. Among conclusions from
these reports we find: most centers continue to release Scientific and
Technical Information that has not been reviewed for export control
purposes. NASA lacks both clear export control policies and the
oversight necessary to enforce them.The NASA network has indeed been
compromised, and these vulnerabilities could have significant impacts
on national security. And finally, a troubling trend we've seen across
agencies in this Administration: the failure or the unwillingness to
hold accountable those responsible for these errors.
Congress has also continued addressing these matters in the NASA
Authorization Act that recently passed the House by an overwhelming
bipartisan vote of 401 to 2. Our bill directs NASA to give a timely
report on compliance efforts in response to the recommendations of the
NAPA report. It also calls for a GAO review of NASA's compliance and
directs NASA to take national security into consideration when
conducting technology transfers.
My goal as Chairman of this Committee is to hold NASA accountable
while working with the agency to correct these serious matters. I
understand that NASA has its challenges: the original Space Act
directed the agency to simultaneously ``provide for the widest
practicable and appropriate dissemination of information concerning its
activities'' while also directing the agency to protect classified,
trade secret, and confidential information. Additionally, NASA--like
other federal agencies--is subject to the requirements of the Arms
Export Control Act and the Export Administration Act. Too often,
enforcement is left to the discretion of center leadership in a NASA
culture that ``has a tendency to lapse back into old habits once the
spotlight is off the area under review.'' I will point out that that is
more than my personal assessment- it is the independent opinion as
expressed in the NAPA report.
I am pleased that NASA's Office of the Inspector General is here
today to discuss these two reports, as well as their yearly report to
Congress on NASA's compliance with federal export controls laws. I am
also pleased that two other outside groups have also reviewed the
topic--National Academy of Public Administration (NAPA) and GAO. While
much of the focus of today's hearing will be to identify the failures
within NASA's current structure, it is also an opportunity to identify
ways Congress can improve and clarify its own roles in providing
oversight and accountability over NASA activities. I believe this is in
the best interest of all involved as we look to the future in a world
where our nation's space interests are impacted by both the cooperation
and competition of international players.
Thank you.
Chairman Palazzo. I now recognize Mr. Maffei, who--are you
going to be doing Ms. Edwards' statement or are you just going
to go straight into your statement?
Mr. Maffei. I am just going to go straight into mine, I
think.
Chairman Palazzo. Yes. Okay. Good.
Mr. Maffei. Thank you, Mr. Chairman. Thank you Chairman
Palazzo. Ms. Edwards does apologize. She was unavoidably
detained and will be a little late. I for one though am pleased
to see two Italian-American names up here, so, you know, a lot
of our space technology has a lot to owe to Italy and history
there.
I won't talk long and actually I ask unanimous consent to
put my full statement in the record. I want to put my full
statement in the record by unanimous consent and then I will
just talk for a minute.
Chairman Palazzo. Without objection.
[The prepared statement of Mr. Maffei follows:]
Prepared Statement of Subcommittee on Oversight
Ranking Minority Member Dan Maffei
Thank you Chairman Palazzo and Chairman Broun for holding this
hearing today.
Ensuring that America's sensitive technical designs and security
related research is not intentionally pilfered or inappropriately
exported is important to this nation's economic and national security.
Each year the U.S. loses billions of dollars' worth of advanced
technologies, innovative scientific research, and other sensitive data
due to economic espionage and data theft.
This impacts U.S. businesses as well as U.S. government
laboratories and research centers. NASA is no exception. The National
Aeronautics and Space Administration (NASA), like other federal
agencies, is a prime target of foreign agents and global cyber
criminals.
The agency has a lot to offer. NASA leads the world in space
exploration, aeronautics research, and other key scientific areas.
Controlling the inadvertent release of sensitive information or
intentional theft of export controlled technologies has always been a
difficult task. This is particularly true when that sort of data
resides in an environment that depends upon international
collaborations and access to foreign scientists and facilities. Over
its history NASA has had more than 3,000 international cooperative
agreements and currently maintains an estimated 600 international
agreements with more than 100 foreign countries. Last year NASA
approved more than 11,000 foreign national visits to its facilities. At
a time of constrained federal budgets and reductions in investments in
science and technology, NASA is dependent upon these global
interactions to ensure its continued success.
Unfortunately, NASA has suffered from several security incidents in
recent years that sparked reviews of its security policies and
practices. These reviews by the Government Accountability Office (GAO),
NASA's Office of Inspector General and the National Academy of Public
Administration (NAPA) have all identified poor practices in protecting
sensitive NASA technologies, organizational issues that may undermine
NASA's security protocols, and financial constraints that may
contribute to the inadvertent release of export restricted data. NASA
was fortunate, however, that the incidents themselves do not appear to
have resulted in major losses of sensitive data.
In one of the most high profile cases involving Chinese national Bo
Jiang, who was accused of attempting to take a NASA laptop to China
without proper authorization while working at NASA's Langley Research
Center in Virginia, federal prosecutors found that, ``none of the
computer media that Jiang attempted to bring to [China] on March 16,
2013, contained classified 2 information, export-controlled
information, or NASA proprietary information.'' In a separate incident
involving two foreign nationals working at NASA's Ames Research Center
in California a NASA Inspector General report released in February,
``uncovered no evidence to support allegations that any foreign
nationals at Ames were provided classified information during the
period covered by our review.''
NASA was lucky it did not sustain a serious loss of critical data
or technology, but the space agency has unique national assets,
innovative technologies, and valuable scientific data that must be
properly protected from global economic competitors, foreign
adversaries, or individual theft by those seeking to cash in on the
agency's valuable research and innovative discoveries.
Being able to detect and deter these security threats while at the
same time supporting important international scientific collaborations
is a delicate and often difficult balance to achieve. I look forward to
our witnesses helping us to better understand these issues, evaluating
these often conflicting objectives, and recommending ways to maintain
an appropriate balance.
Mr. Maffei. Ensuring that America's sensitive technical
designs and security-related research is not intentionally
pilfered or inappropriately exported is extremely important to
this nation's economic and national security, and that is why I
am so grateful to Chairman Palazzo and Chairman Broun for
holding this hearing today. It is an extremely important issue.
Each year, the United States loses billions of dollars
worth of advanced technologies, innovative scientific research,
and other sensitive data due to economic espionage and data
theft, and this impacts U.S. businesses as well as government
laboratories and research centers. And NASA, like other Federal
agencies, is a prime target for this type of espionage. Being
able to detect and deter these security threats while at the
same time supporting important international scientific
collaboration is a delicate and often difficult balance to
achieve.
And I particularly look forward to hearing from our
witnesses to help us better understand these issues, how we set
that balance, and evaluate sometimes conflicting objectives to
recommend the right way to do it.
So thank you very much, and with that I will yield back.
Chairman Palazzo. Thank you, Mr. Maffei.
I now recognize Dr. Broun, Chairman of the Oversight
Committee.
Mr. Broun. Thank you, Chairman Palazzo.
I would like to add my welcome to all of you all witnesses
that are here today as well. I am looking forward to hearing
from you about this important matter of which I have been
concerned for a number of years now.
This Committee and the Oversight Subcommittee in particular
have held multiple hearings examining the state of information
security at NASA. A hearing two years ago highlighted the
unique cybersecurity challenges that NASA continues to face
with constant and ever-changing threats and adversaries. Just
last year, the Oversight Subcommittee, which I Chair, held a
hearing to focus on the broad intersection of two very
important issues at stake here today: finding the appropriate
balance between scientific openness and protecting our national
security.
We have learned that NASA should not only worry about
sensitive information going out of the back door through cyber
intrusions and lax protocols but also out of the front door by
its inability to protect sensitive technology and information
from foreign nationals who may have unauthorized access to
NASA's facilities.
In October of 2012, I wrote to the GAO regarding these
front-door concerns and requested a review of NASA's export
control program. While I was glad to see the completed GAO
report released last month, I was troubled by many of the
report's findings. For example, it is very troubling to learn
that although NASA's oversight tools have identified
deficiencies, NASA headquarters has not addressed them at all
as far as I can tell.
The GAO report states specifically that ``at NASA's 2013
annual review, the Center Export Administrators presented NASA
HC export control officials with a list of comments regarding
the export control program. However, NASA headquarters' export
control officials acknowledged that they have not fully
addressed the CEA concerns from the most recent program review
in March of 2013 and have not developed specific plans to do
so.'' This is intolerable. This is not because of any
disagreement between NASA headquarters' staff and NASA centers'
staff; in fact, the GAO report explains that NASA headquarters
export control officials agree with issues raised by the CEAs,
yet they have failed to develop an approach to address them.
This is wholly inadequate for protecting our valuable assets.
NASA needs suitable accountability and oversight in order to,
at the very least, make certain the agency's own audit findings
and suggestions are implemented.
Further troubling, the report states the GAO ``identified
instances where NASA security procedures for foreign national
access were not followed, which were significant given the
potential impact on national security or foreign policy from
unauthorized access to NASA technologies.''
NASA relies on new and sophisticated technology to
accomplish its mission. Given the sensitivity of these
technologies, many are subject to export controls, which
restrict the transfer of military and dual-use technologies. In
order to protect our leadership in technological innovations,
we must ensure that there is adequate and consistent oversight
and management of NASA's export control program. It is in our
national interest. It must be done.
I look forward to hearing from our witnesses on their
insight and recommendations on these matters, and I hope that
NASA will do everything in its power to address all of the
shortcomings discussed today to ensure our nation's space
agency can securely support and appropriately protect cutting-
edge research and technology.
Thank you, Chairman Palazzo, for holding this very
important hearing, and I yield back the balance of my time.
[The prepared statement of Mr. Broun follows:]
Prepared Statement of Subcommittee on Oversight Chairman Paul Broun
Assessing the Agency's Efforts to Protect Sensitive Information
Chairman Broun: Thank you Chairman Palazzo. I would like to add my
welcome to all of our witnesses here today as well. I am looking
forward to hearing from you all on this important matter of which I
have been concerned for a number of years now.
This Committee and the Oversight Subcommittee, in particular, have
held multiple hearings examining the state of information security at
NASA. A hearing two years ago highlighted the unique cybersecurity
challenges that NASA continues to face with constant and ever-changing
threats and adversaries. Just last year, the Oversight Subcommittee
held a hearing to focus on the broad intersection of two very important
issues at stake here today - finding the appropriate balance between
scientific openness, and protecting our national security.
We have learned that NASA should not only worry about sensitive
information going out of the back door through cyber intrusions and lax
protocols, but also out of the front door by its inability to protect
sensitive technology and information from foreign nationals who may
have unauthorized access to NASA's facilities.
In October of 2012, I wrote to the GAO regarding these front door
concerns and requested a review of NASA's export control program. While
I was glad to see the completed GAO report released last month, I was
troubled by many of the report's findings. For example, it is very
troubling to learn that although NASA's oversight tools have identified
deficiencies, NASA headquarters has not addressed them. The GAO report
states specifically that ``at NASA's 2013 annual review, the Center
Export Administrators presented NASA headquarters export control
officials with a list of comments regarding the export control
program.However, NASA headquarters' export control officials
acknowledged that they have not fully addressed the CEA concerns from
the most recent program review in March 2013 and have not developed
specific plans to do so.'' This is intolerable. This is not because of
any disagreement between NASA headquarters' staff and NASA centers'
staff; in fact the GAO report explains that NASA headquarters export
control officials agree with issues raised by the CEAs--yet, they have
failed to develop an approach to address them.
This is wholly inadequate for protecting our valuable assets. NASA
needs suitable accountability and oversight in order to, at the very
least, make certain the agency's own audit findings and suggestions are
implemented.
Further troubling, the report states that GAO ``identified
instances where NASA security procedures for foreign national access
were not followed, which were significant given the potential impact on
national security or foreign policy from unauthorized access to NASA
technologies.''
NASA relies on new and sophisticated technology to accomplish its
mission. Given the sensitivity of these technologies, many are subject
to U.S. export controls, which restrict the transfer of military and
dual-use technologies. In order to protect our leadership in
technological innovations, we must ensure that there is adequate and
consistent oversight and management of NASA's export control program.
It is in our national interest. It must be done!
I look forward to hearing from our witnesses on their insight and
recommendations on these matters, and I hope that NASA will do
everything in its power to address all of the shortcomings discussed
today to ensure our nation's space agency can securely support and
appropriately protect cutting edge research and technology.
Thank you again Chairman Palazzo for holding this very important
hearing, and I yield back the balance of my time.
Chairman Palazzo. Thank you, Dr. Broun.
I now recognize the Ranking Member of the full Committee
for a statement, Ms. Johnson.
Ms. Johnson of Texas. Thank you very much, Mr. Chairman.
And let me say good morning to all.
In the interest of saving time, I will be brief so that our
distinguished panel of witnesses will have time to present
their views.
I will say that civil R&D requires openness, collaboration,
and sharing of results to be successful. NASA's R&D portfolio
has benefited from the culture of openness, but the benefits of
that culture of openness, collaboration, and sharing must be
balanced with appropriate security limit and protections. This
can be a constructive hearing, especially if we can find ways
to enable NASA to strike a reasonable balance between
information sharing and the need to safeguard any sensitive
information and technologies from inadvertent disclosure.
I look forward to discussing this and other issues with our
expert panel since the issues being addressed today are many of
the same challenges that confront the other science agencies
under the Committee's oversight umbrella. And so with that, Mr.
Chairman, I yield back.
[The prepared statement of Ms. Johnson follows:]
Prepared Statement of Full Committeee
Ranking Member Eddie Bernice Johnson
Good morning. In the interest of saving time, I will be brief so
that our distinguished panel of witnesses will have time to present
their views.
Civil R&D requires openness, collaboration, and sharing of results
to be successful. NASA's R&D portfolio has benefitted from that culture
of openness. But the benefits of that culture of openness,
collaboration, and sharing must be balanced with appropriate security
limits and protections.
This can be a constructive hearing, especially if we can find ways
to enable NASA to strike a reasonable balance between information
sharing and the need to safeguard any sensitive information and
technologies from inadvertent disclosure.
I look forward to discussing this and other issues with our expert
panel, since the issues being addressed today are many of the same
challenges that confront the other science agencies under the
Committee's oversight umbrella.
With that, I yield back.
Chairman Palazzo. Thank you, Ms. Johnson.
If there are Members who wish to submit additional opening
statements, your statements will be added to the record at this
point.
Chairman Palazzo. At this time I would like to introduce
our witnesses.
Our first witness, Mr. Richard Keegan, is the National
Aeronautics and Space Administration's Associate Deputy
Administrator and Associate Administrator for Mission Support.
Our second witness, Ms. Belva Martin, is the Director of
Acquisition and Sourcing Management at the Government
Accountability Office. Our third witness, Ms. Gail Robinson, is
the Deputy Inspector General of the National Aeronautics and
Space Administration. And our final witness, Mr. Douglas
Webster, is a Fellow of the National Academy of Public
Administration and the Principal at Cambio Consulting Group.
As our witnesses should know, spoken testimony is limited
to five minutes each after which the Members of the Committee
will have five minutes each to ask questions. It is the
practice of the Subcommittee on Oversight to receive testimony
under oath. If you would now please stand and raise your right
hand.
Do you solemnly swear or affirm to tell the whole truth and
nothing but the truth, so help you God?
Please sit.
Let the record reflect that all witnesses participating
have taken the oath.
I now recognize Mr. Keegan for five minutes.
TESTIMONY OF MR. RICHARD KEEGAN,
ASSOCIATE DEPUTY ADMINISTRATOR,
NATIONAL AERONAUTICS AND SPACE ADMINISTRATION
Mr. Keegan. Mr. Chairman and Members of today's respective
Subcommittees, I am pleased to have this opportunity to discuss
NASA's efforts to manage and safeguard the agency's export-
controlled technologies and information from unauthorized
access and use. This is a topic which we agree is of great
importance to our Nation.
As the world's premier aerospace agency with expertise in
space launch vehicles, satellites, aircraft, and other advanced
technologies, NASA takes our responsibility for securing
sensitive export-controlled information at our facilities very
seriously. To be clear, all NASA employees have a
responsibility to comply with export control regulations and
Foreign National Access Management requirements. That is why
the NASA Administrator himself has communicated to every
employee that these requirements are critically important and
that there will be appropriate consequences for those who fail
to appropriately safeguard sensitive technologies and
information.
The recent independent reviews that will form the basis of
today's hearing have already provided invaluable guidance to
the agency in our efforts to protect sensitive information and
to improve our Information Technology Security, Foreign
National Access Management, and Export Control Management
programs. Therefore, NASA is working to implement these
recommendations in an expeditious manner, beginning
immediately. In parallel, NASA will continue to improve and
implement appropriate policy and process changes that we
ourselves identify during our own internal audits and reviews.
Cooperation with other nations is one of the agency's
founding principles and thus we would like to thank the GAO and
NAPA for recognizing this core principle during their recent
reviews about NASA security issues. In doing so, these
independent reviewers also highlighted the need for NASA to
strike the right balance between protecting sensitive export-
controlled technologies from unauthorized access and the need
for the agency to share important scientific information to
further our public and international partnerships. In striking
the appropriate balance, NASA recognizes that the agency must
have clear export control policies and procedures and that all
NASA employees must understand and abide by those policies and
procedures.
NASA is redoubling our efforts to ensure that we are doing
all we can to safeguard the sensitive and valuable resources
entrusted to us. As specific examples, NASA is working to
improve training for employees who deal with export control and
foreign nationals. We have established a new Foreign National
Access Management program office. We are strengthening our
foreign national access and export control policies and
procedures. We are augmenting the civil service staff dedicated
to counterintelligence activities. And we are increasing
collaboration with other Federal agencies to share intelligence
on threats and vulnerabilities to our information technology
and other assets.
In conclusion, let me assure you that NASA takes seriously
our responsibility to secure sensitive export-controlled
information. Additionally, the agency's security issues and
threats will continue to have the focused attention of NASA's
most senior managers, including the Administrator himself.
Lastly, NASA will continue to follow through on the
valuable recommendations made by the GAO, NAPA, and our own
Inspector General with regard to these issues.
Thank you for the opportunity to testify before you today
and for your ongoing support for NASA's missions and its
workforce. I would be pleased to answer any questions you may
have.
[The prepared statement of Mr. Keegan follows:]
[GRAPHIC] [TIFF OMITTED]
x
Chairman Palazzo. Thank you, Mr. Keegan.
I now recognize our next witness, Ms. Martin.
TESTIMONY OF MS. BELVA MARTIN, DIRECTOR,
ACQUISITION AND SOURCING MANAGEMENT,
GOVERNMENT ACCOUNTABILITY OFFICE
Ms. Martin. Thank you, Chairmen Palazzo, Broun, and Ranking
Member Maffei, and Members of the Subcommittee for this
opportunity to participate in this hearing. I will summarize my
written testimony and ask that the entire statement be placed
in the record.
Mr. Keegan has summarized actions that NASA is taking or
plans to take to address recommendations from GAO, the IG, and
NAPA. GAO issued its report in April. Today, I will focus on
one area: developing a risk-based approach to compliance where
NASA can leverage existing resources to make improvements that
can help it to effectively balance its mission of protecting
sensitive technologies and information and supporting
international agreements on the one hand and disseminating
important scientific information as broadly as possible.
But in order to develop a risk-based approach, NASA needs
to know where technologies it is trying to protect and where
they are located. We found that NASA headquarters officials and
some of the front-line managers, the Center Export
Administrators, or the CEAs, lack a comprehensive inventory of
the types and locations of export-controlled technologies at
the centers, severely limiting their ability to identify and
internal and external risks to compliance. This is not a new
issue. The NASA IG identified this issue as early as 1999.
While acknowledging the benefits of obtaining comprehensive
knowledge of export-controlled technologies, NASA headquarters
officials state that doing so is resource-intensive. But as I
have just stated, NASA has an opportunity to leverage existing
resources. So absent a NASA-wide initiative, three centers
began recent efforts to identify export-controlled technologies
at their centers. At one of these centers the
Counterintelligence Office collaborated with the CEA to
identify the most sensitive technologies and develop protective
measures. This is one example of a risk-based approach that
could be implemented NASA-wide to enable NASA to target
resources to first identify the most sensitive technologies and
then ensure the location of these are known to staff and are
protected. NASA concurred with our recommendations in this
area.
As I mentioned, the export-control--I am sorry, the Export
Center Administrators are the front-line managers. These
professionals are responsible for ensuring that all center
program activities comply with U.S. export control laws and
regulations. However, our review found wide variations across
the centers in position and resource allocation for these
professionals.
For example, seven of ten CEAs are at least three levels
removed from the center director. We were told by some CEAs
that such placement makes it difficult to maintain authority
and visibility to staff and to obtain the resources necessary
to carry out their responsibilities. We found variations among
centers and resource allocation and in particular found
indications that the resources assigned to export controls at
centers did not always appear to be commensurate with the
export control workload. NASA concurred with our
recommendations to define the appropriate level and placement
for the CEA function and to assess workload to determine
appropriate resources needed at each center.
In closing, ensuring compliance with export controls is
important because just one instance of unapproved foreign
national access to NASA information or unapproved release of
scientific and technical information increases the risk of harm
to national security. Therefore, it is important that NASA
leverage existing resources to identify export control items
and assess vulnerabilities in adopting a risk-based approach to
ensuring compliance. Effective oversight is also important to
ensure consistent adherence across NASA centers. Moreover, it
will be important for NASA to be vigilant in assessing actions
taken to help ensure effective implementation and to avoid a
relapse into former practices. Unless this is done, NASA will
remain at risk of unauthorized access to its export-controlled
technologies.
Mr. Chairman, Ranking Members, this concludes my oral
statement. I will be happy to address any questions you may
have. Thank you.
[The prepared statement of Ms. Martin follows:]
[GRAPHIC] [TIFF OMITTED]
Chairman Palazzo. Thank you, Ms. Martin.
I now recognize our next witness, Ms. Robinson.
TESTIMONY OF MS. GAIL A. ROBINSON,
DEPUTY INSPECTOR GENERAL,
NATIONAL AERONAUTICS AND SPACE ADMINISTRATION
Ms. Robinson. Thank you, Mr. Chairman, Members of the
Subcommittee. Thank you for the opportunity to testify today
about our work examining NASA's management of foreign national
access, compliance with export control laws, and related
security issues.
As you mentioned, in January of each year the OIG submits
to the House and Senate Appropriations Committees a letter
describing the audits and investigations we conducted the
preceding year that shed light on the extent to which NASA is
complying with Federal export control laws. In our most recent
letter we cited four audits examining security controls for
NASA's information technology assets, many of which contain
data subject to export control laws; and also a special review
examining a Chinese national's access to Langley Research
Center, which has also been mentioned.
Subsequent to that letter, we also completed our review
involving foreign national access and export control issues at
Ames. I summarized those reviews in my written testimony and
also described several of our audits.
In my oral statement, I would like to highlight several
themes from our oversight work that echo findings that the GAO
and NAPA made as well. First, our work leads us to conclude
that NASA needs to take a more standardized and systematic
approach to its management of both foreign national access and
export control. In the Langley matter, we were struck by the
highly bureaucratic nature of NASA's process for reviewing
foreign visit requests. For example, we noted that many
individuals involved in the process appeared to view their
roles in isolation with little consideration or understanding
of the role played by others.
Similarly, in the Ames review we found a lack of early
coordination between project and export control personnel as
well as deep disagreement between those groups regarding
whether work performed by foreign nationals involved export-
controlled technology. Indeed, the issue only surfaced when the
Ames scientists sought to publish a paper many months after
work on the project had begun. In addition, it appeared that
NASA lacked an efficient mechanism to resolve the dispute. We
believe that NASA needs to work towards a model that encourages
agency scientists and engineers to consult with export control
professionals when projects involving foreign nationals are
initiated and develop a mechanism for resolving disputes in a
timely manner.
Second, we believe export control professionals at the
various NASA Centers should improve their understanding of the
type and location of export-controlled technology and
information at their Centers and at other facilities under
their control. For example, in the course of a recent
investigation we learned that a Center Export Control
Administrator was not aware that an off-site lab under his
responsibility contained export-controlled equipment and data.
Center export control personnel need this information to ensure
that foreign nationals do not have access to those areas.
Third, we encourage NASA to study the best practices noted
in the GAO and NAPA reports and adopt them at all of their
Centers. As we have learned through our oversight work in other
areas, NASA Centers often work independently from one another
and do not consistently learn about or benefit from successful
practices developed at other locations. We were particularly
intrigued by the discussion about the Jet Propulsion
Laboratory's success with using engineers and scientists as
Export Control Representatives to work with the Lab's export
control staff, a model that could help address the lack early
interaction between project managers and export control staff
we observed at Ames as well as provide a mechanism for dispute
resolution.
Finally, we agree that NASA needs to improve and expand
training to provide its scientists and engineers with a deeper
understanding of the importance of complying with the rules and
regulations governing export control and foreign national
access.
That concludes my remarks and I would be pleased to answer
any questions. Thank you.
[The prepared statement of Ms. Robinson follows:]
[GRAPHIC] [TIFF OMITTED]
Chairman Palazzo. Thank you, Ms. Robinson.
I now recognize our final witness, Mr. Webster.
TESTIMONY OF MR. DOUGLAS WEBSTER, FELLOW,
NATIONAL ACADEMY OF PUBLIC
ADMINISTRATION AND PRINCIPAL,
CAMBIO CONSULTING GROUP
Mr. Webster. Good morning, Mr. Chairman and members of the
Committee. I thank you for the opportunity to present the
National Academy of Public Administration's assessment of
NASA's Foreign National Access Management.
NASA's charter to work cooperatively and share information
with other nations while safeguarding its classified and
proprietary information and assets can prove to be a
challenging task. Security incidents involving foreign
nationals at NASA research centers have led to justifiable
scrutiny by NASA, the media, and Congress. Having a well-run
Foreign National Access Management, or FNAM, program is in the
best interest of NASA both in terms of protecting vital U.S.
security and proprietary information, as well as capitalizing
on the talents of foreign nationals.
The panel report describes a number of important steps the
agency can take to improve Foreign National Access Management
and has proposed 27 specific recommendations which I will
summarize under six topic areas, the first of which is a
recommendation to manage Foreign National Access Management as
a program.
There is no systematic approach to FNAM at NASA. It is not
managed as a program but rather in a more stove-piped
organizational fashion. Individual headquarters elements
produce program requirements which are in turn subject to
broadly varying interpretations by NASA centers. Additionally,
headquarters has inadequate means for determining the overall
efficacy of these processes with a resulting broad range of
outcomes, many of which are unsatisfactory.
The second topic area is to reduce the flexibility given to
centers to interpret FNAM requirements. The panel believes that
NASA FNAM directives are overly broad and subject to too much
interpretation in the field combining too much flexibility for
interpreting largely procedural processes with a stove-piped
organizational structure that produces organizationally
specific directives, results in inconsistent, ineffective, and
often fundamentally flawed outcomes.
The third topic area is for NASA to determine critical
assets and build mechanisms to protect them. NASA needs to
improve how it protects all of its valuable technical--excuse
me, technical data and proprietary information, not simply the
proprietary sensitive and/or classified information potentially
exposed to foreign nationals. The panel recommended that NASA
strengthen its risk management capability by building on
existing agency risk review processes to compile a
comprehensive assessment of risks and threats.
The fourth topic area concerns information technology. The
panel believes that NASA needs to correct long-standing
information technology security issues. During this review,
NASA IT professionals expressed strong concerns about the
security of the agency's non-classified systems with some
believing that these systems have already been compromised.
This finding is reinforced by other reviews of NASA's
information technology, including those done by the NASA IG.
The fifth topic area concerns NASA organizational culture,
which in many ways is exemplary, but when considering FNAM,
NASA needs to change several aspects of its culture. The first
aspect of NASA culture involves unnecessary competition between
NASA field centers. Some centers struggle to solve problems
that other centers have already resolved, wasting time and
money. NASA also needs to approach its current budget situation
in an organizationally united fashion.
A second aspect concerns accountability. The belief that
individuals are not held accountable for ignoring or
deliberately failing to comply with FNAM requirements is
widespread at NASA and includes both managers and rank-and-file
employees.
A third aspect of NASA culture that needs to be addressed
is the organizational tendency to revert back to prior lax
habits once a problem has been solved and the tension of the
moment has passed.
The sixth and final topic area involves communicating the
importance of these FNAM changes clearly, firmly, and
consistently. The importance of security, the existence of
real-world threats to NASA assets, and the need for
improvements in handling foreign national issues have not been
clearly and consistently communicated throughout NASA. Senior
leaders must communicate their total commitment to an effective
Foreign National Access Management program.
In closing, Mr. Chairman, let me note that I believe the
Academy has provided NASA with a good template for building a
more robust and effective FNAM program and that the agency has
the right leadership and commitment to make that happen. The
Academy is in a prime position to assist NASA and this
Committee in implementing the panel's recommendations and
providing the Committee with information to the extent to which
NASA has complied with the recommendations. With the
Committee's support and oversight, I am certain this program
will continue to provide NASA with the foreign talent it needs
to fulfill its mission while capably safeguarding sensitive
information.
Thank you for providing me this opportunity to share these
findings with you.
[The prepared statement of Mr. Webster follows:]
[GRAPHIC] [TIFF OMITTED]
Chairman Palazzo. Thank you, Mr. Webster. I thank the
witnesses for their testimony.
Reminding Members that Committee rules limit questioning to
five minutes, the Chair will at this point open the round of
questions. The Chair recognizes himself for five minutes.
The NASA IG report on Bo Jiang stated Jiang admitted that
the laptop computer he carried with him when he attempted to
leave the United States in March contains some NASA
information. According to these Department of Justice
officials, the nature of the information on Jiang's computer
and how he obtained it remains under investigation. The OIG
report also states that Jiang had access to a NASA employee's
computer that specialized in technology that would allow for
real-time video image enhancement to improve aircraft safety by
making it easier for pilots to fly in poor visibility
conditions.
Ms. Robinson, are you aware of the status of this
investigation? Has anyone looked into whether Jiang transferred
any information electronically prior to being stopped at the
airport since he had access to NASA information long before he
attempted to leave the country?
Ms. Robinson. Mr. Chairman, to my knowledge the
investigation is still open. The FBI is the cognizant law
enforcement agency in that regard.
Chairman Palazzo. So it is ongoing and active?
Ms. Robinson. As far as I am aware, it is still open.
Chairman Palazzo. Okay. The IG's report on Bo Jiang
incident states that from an individual perspective, the
preponderance of the evidence available to us suggest that one
of Jiang's sponsors inappropriately authorized Jiang to take
the laptop to China. Mr. Keegan, has that individual been
reprimanded, and if so, how?
Mr. Keegan. We appreciate the Office of Inspector General--
--
Chairman Palazzo. Your mike, please.
Mr. Keegan. We appreciate the Office of Inspector General's
report on the entire Bo Jiang incident and we have concurred
with all those recommendations.
With respect to personnel actions, I can't discuss them
here, but I can assure you that that report got the personal
attention of the Administrator and appropriate actions have
been taken or will be taken at the appropriate time.
Chairman Palazzo. Will you be able to provide some of that
information to professional staff, Committee staff?
Mr. Keegan. I don't think I can discuss specific
individuals with respect to personnel actions. I would also
note because of the ongoing investigation, there are some
actions that NASA could not have appropriately taken until that
investigation is concluded.
Chairman Palazzo. Okay. Thank you.
The IG's Ames report states that a foreign national working
at Ames inappropriately traveled overseas with a NASA-issued
laptop containing ITAR-restricted information. The report also
stated, ``we believe several Ames managers exercised poor
judgment in their dealings with foreign nationals.'' With
respect to ITAR issues, we found that several foreign
nationals, without the required license, worked on projects
that were later determined to involve ITAR-restricted
information. In addition, on two occasions, a senior Ames
manager inappropriately shared documents with unlicensed
foreign nationals that contained ITAR markings or had been
identified as containing ITAR-restricted information by NASA
export control personnel.
Mr. Keegan, similar to the other question, were any of
these individuals reprimanded, and if so, how?
Mr. Keegan. As noted in Ms. Robinson's opening statement,
there was a great confusion and disagreement at Ames about what
was the appropriate roles and responsibilities and whether
export-controlled information was involved or not, and those
pointed to weaknesses in our guidance and in our policy and
procedures, and we have concurred with the recommendations to
improve those items and we are moving to implement those
changes.
Again, with respect to personnel actions, I can't discuss
those but I will say in that case, again, the Administrator
personally got involved with that report in response to it and
appropriate actions have been taken.
Chairman Palazzo. Okay. Thank you, Mr. Keegan. And we
respect the fact that you are not going to be able to directly
talk about personnel actions. That is private in nature. We may
delve more into it at a later time but, you know, it goes back
to the culture of, you know, just kind of shrugging off these
incidents, not taking them seriously. And if senior officials
don't reprimand, you know, the parties that are allowing this
sensitive information to possibly be compromised, it sends the
wrong message across the entire institution. So we hope you
will continue taking these recommendations and not just
concurring with them but actually implementing them and then
punishing those going forward if they continue to violate ITAR
restrictions.
My last question, the GAO report states that NASA
headquarters export control officials and Center Export
Administrators lack a comprehensive inventory of the types and
location of export-controlled technologies and centers limiting
their ability to identify internal and external risks to export
control compliance. This is not new. The GAO report also
recognized that NASA's lack of comprehensive inventory of its
export-controlled technologies is a long-standing issue that
the NASA Inspector General identified as early as 1999. I know
Ms. Martin's testimony touched on this.
So Mr. Keegan, how can NASA protect what it doesn't know it
has?
Mr. Keegan. I think the reports that you cited pointed out
opportunities for NASA to improve its sort of centralized
approach to categorizing the risk and the vulnerable
technologies in our system. NASA has concurred with those
recommendations and is consulting with our own internal Chief
Technologist Office, Protective Services and the Mission
Support Directorate to identify existing catalogs of
technologies that would prove useful in implementing a risk-
based assessment of Key technologies. We are also working to
improve our internal reviews and audits in both export control
and Foreign National Access Management and to strengthen
compliance and accountability mechanisms to address the issue
you raised in your comment that individuals need to be held
accountable for knowing their responsibilities and for
fulfilling those responsibilities.
Chairman Palazzo. Well, I appreciate that. You know, the
issue has been out there for 15 years. You know, Congress wants
to trust NASA that they are going to take corrective action
this time and fix the problem.
At this time I recognize the Ranking Member, Mr. Maffei.
Mr. Maffei. Thank you, Mr. Chairman.
It seems to me that we are just lucky that even more
sensitive information hasn't been compromised. I will ask Mr.
Keegan, why is international collaboration so critical to
NASA's mission and should we just suspend international
cooperation until these security concerns are addressed?
Mr. Keegan. Cooperation with international nations is
actually part of the NASA's foundational legislation, the Space
Act, and NASA has derived great benefits from our international
cooperation. Over half the operational science missions have
significant international participation and contributions. The
International Space Station obviously depends heavily on
international contributions, and humans have inhabited that
facility continuously for 13 years. So a lot of NASA's best,
greatest accomplishments have depended on international
contributions and cooperation.
Given those benefits, we need to balance that with our duty
to protect sensitive export-controlled information, and that
is, you know, a balance that has been mentioned by a number of
the reports we are talking about today. And when the
Administrator first became aware of issues, that sort of shook
his confidence that we were able to fulfill that
responsibility. Therefore, he took immediate action to stand
down, for example, to issue a moratorium on foreign national
access until each center director could validate their
compliance with existing rules and policies through internal
reviews, and he also took down a NASA website, the NASA NTRS
website, which is the website through which we share publicly
the results of NASA's scientific and technical research until
we could validate that all the documents, over a million on
that website, had proper internal controls.
And as a result of these actions and other actions we are
taking in response to the reports we are discussing here today,
NASA is confident that we can assure the security of sensitive
export-controlled information.
Mr. Maffei. All right. Thank you, Mr. Keegan.
Mr. Webster, are you satisfied that NASA is making due
progress in addressing the concerns of your organization?
Mr. Webster. Well, I can say that they were very receptive
and very cooperative with the study. The study has not reviewed
the progress that they have made since our recommendations, and
so that progress remains to be seen.
Mr. Maffei. Ms. Martin and Ms. Robinson, can you comment on
the progress since the study?
Ms. Robinson. We have not gone to see what NASA has done
since the study in terms of an audit or anything like that, but
I agree that they have been very receptive to our
recommendations and I believe they are working hard on the
matter.
Ms. Martin. Likewise, NASA agreed with all seven of our
recommendations. We were certainly encouraged that the
Administrator issued a memo to all staff reiterating the
importance of export controls and also met with the Center
Export Administrators. So that is an example of the tone from
the top. But again, we have not fully evaluated all of the
actions.
Mr. Maffei. Mr. Keegan, Mr. Webster talked about, in his
testimony, some cultural changes that would need to take place
at NASA. Those are very challenging for any Administrator to
implement. Do you feel if the current Administrator is able to
change some of the culture at NASA? How are you approaching
that?
Mr. Keegan. In a couple ways. NASA is looking at our whole
competition model as to the advantages and to the drawbacks of
that model and we acknowledge that that sometimes creates
incentives not to share information across centers in a way
that is helpful to NASA as a whole. I think the Administrator
has emphasized directly both to me and Associate Administrator
Robert Lightfoot and to the Center Directors and Mission
Directors who report to Mr. Lightfoot that they will be held
accountable for implementing the actions in response to these
reports and for emphasizing and complying with the requirements
in these areas and for seeing that that is done in their
organizations.
Mr. Maffei. I thank the witnesses and yield back.
Chairman Palazzo. I now recognize Dr. Broun for five
minutes.
Mr. Broun. Thank you, Mr. Chairman.
Mr. Keegan, I am a little perplexed--actually a little more
than perplexed about NASA's priorities toward protecting
sensitive or secure information. Chairman Palazzo has called
this hearing because of multiple points highlighting NASA's
poor oversight and management in protecting sensitive
information, yet your written statement discusses a request for
``new'' statutory authority for--to allow NASA to withhold from
the public certain technical data requested under FOIA.
It is also my understanding that NASA has resisted the
Committee's efforts to make public the NAPA report even with an
offer for the agency to redact it.
Now, don't get me wrong; I am certainly not encouraging
NASA to release sensitive information. But to be clear, it is
NASA's position that the entire NAPA report, the entire NAPA
report, is sensitive and that no aspect whatsoever can be
released without compromising security vulnerabilities.
If so, would you please provide this Committee a detailed
list of the specific passages and concerns NASA is worried
about releasing? For instance, I find it hard to believe that
the background section has anything of concern within it.
Mr. Keegan. NASA appreciates the comprehensive, thorough,
and detailed analysis that the NAPA panel did on our security
vulnerabilities and problems with our systems and processes,
internal deliberations, IT assets, and so forth. We also
appreciate the fact that they rank-ordered their 27
recommendations with an assessment of risk associated with each
one so that we could prioritize our actions and response. But
the combination of that information would serve to make
vulnerable the very information that we are trying to protect
by improving our processes in these areas. The information that
would provide--you know, too much information about our
vulnerabilities--is interwoven throughout the report, so to
meaningfully and thoroughly redact it, to take that out, would
in our opinion make the report no more useful than the
executive summary which summarizes the six areas of
recommendations and at the same time still pose a risk to
security. So NASA has no plans to publicly release that report,
although we have provided a copy of the full report--an SBU
full report to the Committee Chairman at his request.
Mr. Broun. Mr. Webster, do you believe there is any
specific information in the NAPA report that is sensitive, and
if so, could it be redacted that the entire--that the public
could read the rest of the report? We have just heard what Mr.
Keegan said.
Mr. Webster. I do believe that there is some information in
there that is sensitive and I do understand the basic
underlying premise that you can take individually--information
that is standing on its own is not sensitive, but when you
piece it together with other related pieces of information, it
can provide insight to an adversary that might be useful they
would otherwise not gain. So I understand the philosophy. I am
not in a position to judge if you will because we haven't done
that analysis and we don't really have that charter to provide
that type of analysis, but I do understand the basic logic.
Mr. Broun. Ms. Robinson, ironically, it appears that--as
though NASA is more concerned about protecting this report
rather than its own sensitive information. As this hearing
demonstrates, this Committee is very aware of the impact of
releasing sensitive information. I am worried, however, that
NASA is suppressing this report not because it would compromise
security but because it would embarrass the agency. Would the
NASA Office of Inspector General be willing to conduct a review
of the decision to classify this report as sensitive but
unclassified?
Ms. Robinson. Well, I have to admit I haven't thought of
that. We certainly could take it under advisement.
Mr. Broun. I hope you will do so because I am very
concerned about this. And as Chairman of the Oversight
Subcommittee, it is my responsibility in our Committee to make
sure that we have all the information, and it seems to me that
NASA has been more--has let sensitive information out.
Mr. Chairman, I have got a question if you would allow me
to go over my time a half-minute.
But, Mr. Keegan, without divulging personal information,
how are the individuals that have allowed these compromises
been punished, reprimanded, or dealt with? Now, you can tell us
that in open session like this. And I realize that also we can
go into closed session. We can go into whatever means it takes
to protect a personal--a person's identity, et cetera.
Certainly I am not asking you to divulge any personal
information here today, but can you tell us how have these
individuals been reprimanded, punished, or dealt with?
Mr. Keegan. Their management has certainly spoken with the
responsible individuals about the incidents and the facts
underlying the report and I would say taken appropriate
personnel action for which the----
Mr. Broun. Mr. Keegan, that is not an answer. If you would
just please--whatever--would you provide that to our Committee
or the Committee staff?
Mr. Keegan. I don't--I believe as a matter of privacy we
can't provide information about employee discipline.
Mr. Broun. Well, I think you can provide how--individuals,
that is true. You cannot tell us how an individual particularly
has been reprimanded, punished, or dealt with, but I think you
can give us an idea. People need to be reprimanded. What I have
seen over and over again in this Oversight Subcommittee, not
only in this Committee but others, is people violate what they
are supposed to be doing, they violate security, and nothing
ever happens. And I am sick of it. And I hope that you all will
provide this Committee some information.
Mr. Chairman, my time is expired. Thank you.
Chairman Palazzo. I now recognize the Ranking Member, Ms.
Edwards.
Ms. Edwards. Thank you, Mr. Chairman. And thank you to our
witnesses today.
You know, when you look back at NASA and the establishment
of the Space Act in 1958, it is an important consideration to
look at NASA's mission and the complications of balancing both
the openness that is expected in the scientific and research
innovation community and cooperation around the world with
these really important security interests, and so for me it
really, you know, raises a question about intent of the agency
and the civil servants versus a culture that we need to work to
change and shape so that there is more consideration of
security, still respecting the overall mission of the agency.
And I want to thank the witnesses for their testimony today.
I especially want to commend Ms. Martin. I know that you
are here and you are in your waning days after 36 years of
public service, and so I want to thank you for that. I am
reminded all the time, especially as one who represents a local
Congressional District here in the Metropolitan Washington
region in Maryland about all of the important and valuable work
of our civil servants, wherever they fall.
And so it leads me to the question about what is going on
at the agency. And so, Ms. Martin, I would like to address this
to you if you would, and other witnesses, please chime in. I
wonder if, in looking at the conclusions of your three reports,
whether you conclude that the security weaknesses that you
found stem from an inconsistent application of policies and
guidance on protecting sensitive information, technologies, and
other assets of the agency and centers rather than from a
conscious disregard of security measures by NASA personnel?
Ms. Martin. Well, first, Ms. Edwards, I would like to thank
you for your very kind remark, and it is indeed a pleasure to
have this opportunity to testify before this Committee, the
Subcommittees, a week before I am actually due to retire. It
has been indeed an honor and a pleasure to serve the Congress
and the American public for 36 years. So thank you very much
for that.
And to your question, we certainly did not find any
widespread indications of overt attempts to circumvent policies
and procedures. As we state in our report, there were certainly
some lack of clarity in terms of the policies and procedures,
and as you well know, NASA devolves a lot of responsibility to
its centers, and so we found variations across those centers in
terms of how they implemented policies and procedures. And no
doubt accountability is important, but there was not any
widespread indication in terms of our work that someone went
about, you know, deliberately trying to circumvent policies and
procedures.
Ms. Edwards. Thank you very much for clarifying that. And
it then leads me, Mr. Webster, to a question for you, and that
is around the culture at NASA and what you are doing because it
strikes me--and I worked at Goddard Space Flight Center, so I
know this--the importance of devolving a lot of
responsibilities to the agency because in part that is what
creates an environment of innovation and creativity. And so how
do you then balance security concerns and preventing breaches
of release of sensitive information with a culture in which you
want to encourage innovation and creativity? What can you do to
bring a lot more consistency to the application of these issues
within the agency?
Mr. Webster. I believe that the cultural issue is perhaps
one of the largest challenges being faced as a result of this
review because unlike information technology or policies that
can be changed and so on, changing the culture is a long-term
effort. It may be that NASA and the workforce looks at its
mission as a set of objectives and then the rest of what NASA
has to do is sort of what they have to do in order to be able
to execute the mission. And that would be unfortunate. And I
suspect that is the case in many cases because instead, the
housekeeping types of things that need to occur needed to be
viewed as part of the mission so it is not this balancing what
do we have to put up with in order to achieve the mission? It
is recognized as part of the mission.
And going back to your earlier question, I would say that
in my perception, and I believe it is reflected in our study,
is that NASA has consistent policy but it is inconsistently
applied, and so that is where I think getting the culture to
understand that as part of their mission is important.
Ms. Edwards. Thank you. Mr. Chairman, if you can indulge me
with Mr. Broun's 30 seconds, I would appreciate it.
Chairman Palazzo. I will.
Ms. Edwards. So I want to go to Mr. Keegan. I mean there
has been some discussion about an oversight body such as the
internal Asset Protection Oversight Board that has been
advocated by NAPA to oversee safety concerns. What is your view
about the necessity and how NASA would view the necessity of
standing up such a board?
Mr. Keegan. We think that is a valuable recommendation and
we agree that that function would be useful to help us address
challenges in this area and we are looking to set up something
along those lines that would then report up to the agency's
Mission Support Council to implement that recommendation.
Ms. Edwards. Thank you very much.
Thank you, Mr. Chairman.
Chairman Palazzo. I now recognize Mr. Brooks.
Mr. Brooks. Thank you, Mr. Chairman.
Dick Thornburgh, panel chair, testified before Congress on
April the 8th of 2014 that the National Academy of Public
Administration, or NAPA, as we have been referring to it, found
that ``there is little accountability for noncompliance when
identified through specific incidents or periodic assessments.
This validates the identified perception among NASA personnel
that 'mandatory compliance' means little as there are few if
any consequences for deliberate or inadvertent violations of
the mandates.'' NAPA further found that ``NASA headquarters
officials and center directors have not adequately communicated
that strict compliance was and is required for a foreign
national hosting, sponsoring, and escort policy and
procedures.'' Finally, NAPA also found that ``a number of NASA
leaders also noted that the agency tends not to hold
individuals accountable even when they make serious preventable
errors. Whenever an example of such an error was mentioned
during interviews, Academy staff would follow up with: what
happened to those responsible for the error? In almost every
instance, the answer was either 'nothing' or 'I don't know'.''
Mr. Keegan, who at NASA is responsible for ensuring
accountability for protecting sensitive information at NASA?
Mr. Keegan. Ultimately--the ultimate accountability for
that is the Administrator and I think the Administrator has
made it clear through his actions in response to these reports
that he takes that responsibility very seriously. He or the
Associate Administrator has traveled to every center to
emphasize that every employee has the responsibility in this
area. His message that Ms. Martin mentioned earlier that he
sent to every employee at NASA said he wanted to--I am
quoting--``I also want to remind each of you of your
responsibility to comply with all export control regulations
and our foreign national management requirements. This is a
serious matter and penalties for noncompliance can include
fines and imprisonment, as well as administrative personnel
actions such as reduction in grade or even termination.'' And
he has directed us, as we improve the internal audit functions
for both export control and foreign national access, to address
strengthening compliance and accountability mechanisms.
Mr. Brooks. Well, inasmuch as it is clear that there are
many NASA employees who are not doing their jobs protecting
NASA's sensitive technology and information or protecting
America's national security by protecting information of a
national security concern, why haven't these individuals been
fired or otherwise seriously punished?
Mr. Keegan. I am not sure the specific incidents to which
you are referring.
Mr. Brooks. Well, you just testified that you have got the
NASA Administrator, Associate Administrator talking to these
individuals who apparently aren't following our sensitive
information and national security interest, and that there is a
problem in NASA according to the NAPA report. How many of them
have been fired, the employees who have not been in compliance
with NASA's own rules and regulations concerning protection of
sensitive information and protection of our national security?
Mr. Keegan. I am not aware of any findings of intentional
misconduct on the part of NASA employees but rather problems
with understanding the roles and responsibilities as spelled
out by the policies and procedures.
Mr. Brooks. So if the employees are just not doing their
jobs, they are not paying attention, they are negligent,
grossly negligent, NASA doesn't terminate them because they are
doing a bad performance job?
Mr. Keegan. We have--we acknowledge that we have
shortcomings in this area of accountability and I think the
Administrator has taken strong actions to address those
shortcomings.
Mr. Brooks. And does that strong action include the threat
to terminate the NASA employees who intentionally or
negligently or through gross or reckless misconduct fail to
protect sensitive NASA material, thereby also failing to
protect America's national security? Do we have assurances that
in the future these people will be fired if they risk our
country's sensitive information and national security?
Mr. Keegan. Well, you have NASA's assurance we will take
the appropriate disciplinary actions, the most serious of which
include termination.
Mr. Brooks. Well, I hope in the future that termination
will be an option that NASA will utilize because I can assure
you in the private sector those folks are gone. And in the
public sector we should treat employees who fail to do their
jobs similarly. Thank you for your responses.
Chairman Palazzo. I now recognize Ms. Bonamici.
Ms. Bonamici. Thank you very much, Mr. Chairman.
Thank you to all the witnesses for your testimony, for
being here today. This is an important topic. Of course it has
national security implications but also we are pondering
whether the recommendations made by the reports that we are
discussing here today, whether they could impact some of the
core elements of NASA's mission.
Also, I have to say that the public is really looking to us
to find the right balance, and we heard that word this morning,
balance, quite a lot, between of course keeping our country
safe and protecting sensitive research and data, maintaining
our country's leadership role, but also understanding that
there is importance in NASA publicly disseminating the results
of research and the scope of its scientific activities. I have
to say that that is important for many reasons but especially
to help educate the public about the benefits of NASA's work.
So it is finding that right balance.
I do want to point out that, Dr. Webster, you said in your
testimony that NASA provided complete cooperation for this
review and NASA interviewees were candid, cooperative, and
eager to offer both suggestions and be involved in problem-
solving, and I just wanted to point that out, that you
recognized that when you did your assessment. And that is so
important.
We look at the report from the NAPA, National Academy of
Public Administration, and they acknowledge that foreign
national participation in NASA programs and projects is an
inherent and essential element in NASA operations. So
considering the implications that the OIG and the NAPA reports
have on these areas, I am interested in whether our witnesses
see any potential to improve international collaboration
through the recommendations of these reports if they are all
implemented. Might there be a possibility that international
collaboration is improved? If you just want to each state
briefly whether you agree that there is any potential there?
Mr. Keegan. I think the thoughtful recommendations from all
three of the reports that we are talking about here this
morning offer the opportunity for NASA to strengthen its
foreign national participation by having clear guidance and by
assigning roles and responsibilities that everyone understands
and complies with. This will sort of make it easier for
involving foreign nationals as appropriate in our research.
Ms. Bonamici. Does anyone disagree with that? Ms. Martin?
Ms. Martin. No. I would agree that it is not an either/or,
and obviously foreign participation, international agreements
are important to NASA's work, as Mr. Keegan and others have
said, but it is important to have those clear policies and
procedures and we think that risk-based approach to compliance
is really one way that can help NASA with that balance.
Ms. Bonamici. Ms. Robinson, Dr. Webster, do you agree
with----
Ms. Robinson. Yes.
Mr. Webster. I do as well. I believe it is a risk-based
approach and it is a balancing act. I mean you can obviously
have more collaboration by ignoring security, but there is a
cost to be paid for that.
Ms. Bonamici. Right. And thank you. I want to follow up on
questions that were just asked. It seems listening to the
testimony and reviewing what you have submitted that the core
problems described in the reports are because individual NASA
employees did not appropriately follow existing policies or
procedures. So I want to start with Mr. Keegan. Do you see that
as resulting from inadequate training, ineffective
organizational structure, or a lack of resources, or some of
each?
Mr. Keegan. I think that it is a combination, and we are
taking action. One of the earlier reports mentioned that there
was confusion and bureaucracy in the implementation of these
requirements, so we are trying to address that through
clarified policy, through clarified training. And also we have
detailed a full-time person who is a project engineer who can
sort of put these export control requirements in language and
in the training sort of in terms of the process that flight
project folks understand in terms of what their
responsibilities are. So we think there are improvements to be
made in all three areas.
And we are allocating, as I mentioned in my opening
statement, increased resources to this area as well. And I
think the Foreign National Access program will pull together,
you know, the coordination of the various elements in this area
of responsibility across the agency.
Ms. Bonamici. And the recommendations that NASA is
implementing, do you see those as realistic fixes? Once
implemented, will they resolve the problems that were brought
to light by the assessment?
Mr. Keegan. Absolutely realistic fixes and we hope they
will address all of the issues, but in my 32 years at NASA I
have never seen a strong external review that has failed to
identify some areas where we could continue to improve as well.
Ms. Bonamici. Thank you.
And I yield back the balance of my time. Thank you, Mr.
Chairman.
Chairman Palazzo. I now recognize Mr. Posey.
Mr. Posey. Thank you, Mr. Chairman.
Mr. Keegan, I think you are aware everybody on this panel,
probably everyone in this room I think is a friend to NASA.
They recognize NASA does many wonderful things. They want them
to do many more things. But like everybody in this room, NASA
is not perfect. We can't expect anybody to be perfect. But we
are talking about matters of national security now and we need
to be as close to perfect as we can possibly be. And when
Members ask questions like about disciplinary action in the
past, you know, and they kind of get rope-a-dope here, you
know, the bobbing and weaving, no direct answers. It sounds
petulant, arrogant, defiant. It seems like an us-against-them,
and I know that you don't intend that but that is how it comes
across.
This is not my first rodeo with issues like this. Financial
Services Committee, the Securities and Exchange Commission
played rope-a-dope with us for a couple years. They let Bernard
Madoff steal $70 billion from people, innocent people. People
died because of it. People went broke. People are living in
poverty now instead of a comfortable retirement because about
50 people in that agency didn't do their job. And we had great
Inspector General reports, IG reports, made recommendations
about what the accountability should be, and we got the rope-a-
dope from the SEC for years. Well, we are working on it. Some
of these things are still pending. We can't talk about them. It
is a big secret.
So finally, basically under Freedom of Information Act, we
find out that none of the recommendations for disciplinary
actions were taken. Everybody was let off easy. One explanation
that was supposed to make us happy is the Secretary said, well,
it might please you to know that half the employees are no
longer with the agency that let him do all these things bad. I
said, well, you know, great. That is problem solved. A
pedophile moved into a different neighborhood. No. I mean they
are retired on the government's dime. They took jobs as
investigators or compliance people for other agencies maybe.
That doesn't solve any problems because they are not with the
agency.
So we wonder how many of people in your agency that we are
going to find out three years from now, oh, well, we let them
hang in there until they got a better job and could double
their salary on K Street or whatever, you know. I mean we would
like some serious answers and I think you owe them.
And my question to you now, has any disciplinary action
ever been taken? And you can tell me yes or no and tell me what
kind it was.
Mr. Keegan. Yes, disciplinary action has been taken. I know
certainly of instances of counseling. I don't know of----
Mr. Posey. Okay.
Mr. Keegan. --any other specifics related to the issues in
these reports we are talking about here today. I certainly know
about instances elsewhere in NASA where--I mean I don't think
NASA shies away from taking appropriate discipline up to and
including removal.
Mr. Posey. Has anyone ever been removed, do you know?
Mr. Keegan. At NASA?
Mr. Posey. Yes, sir.
Mr. Keegan. Sure.
Mr. Posey. Over security breaches?
Mr. Keegan. I don't know that.
Mr. Posey. Could you find out for us? We would like to kind
of have a summary. You can tell us what actions have taken and
you don't have to name employees. The IG has even named
specific employees and said this employee did this; they should
be disciplined like such. Of course they weren't, you know, but
I think we would like to know what the history is, with the
track record is, if actions have really been taken. I mean do
these people write these reports to come in and give them to
Congress and then the agencies just blow them off and say,
those suckers, they can't make us do anything?
I mean that is the way it seems sometimes. That is the way
a lot of the taxpayers feel at home. They see that there is a
lack of accountability in government. We come here, we hold
hearings, and yeah, we will check into that, yeah, we will
report on that, and sure, we will get back with you. But we
don't. I mean I have got stacks of unanswered correspondence,
you know, over my head. It seems like, you know, some of the
agencies just refuse to do any compliance and it just--it seems
like it is us, government, against them, the public or their
representatives. And we would like to think that that culture
is not pervasive in NASA, but when we can't get straight
answers, that is the conclusion people tend to think. And it
makes it hard.
I mean we want to get funding for NASA to big things. It
takes money. And the public perception is, you know, that NASA
gets 20 percent of the budget. We know the reality you get 1/2
of one percent and we know that is plundered. We know that
comes through like a big piinata from everything from the COPS
program to whatever other pet projects people want to steal
from NASA because, number one, we don't do a good PR job in
NASA and I could spend a couple hours talking about that; and
number two, people already think we spend too much money on it;
and number three, there is cases like this where they don't see
a lack of accountability.
So I would hope that when you come in here to share with
us, we work toward changing that, that it is not us against
them. We are just trying to see that there is some fundamental
accountability. We try and teach our children that in school.
You know, everybody in the private sector has it that I know
about and we just want to see that that is in place at NASA,
too.
And again, we are not talking about personalities. We are
literally, we are literally talking about the national security
of this Nation. We are talking about people that come here from
another country and we can't expect you to profile everybody
who is going to have access to any information because they
shake down everybody when they get home, from tourists, to
students, to everybody else. We know that is tough but we have
to get off the dime and move in that direction. And when people
seemingly almost willfully violate or transgress guidelines
that make this nation secure, they need to be held accountable
and you need to let us know that that is happening.
Thank you, Mr. Chairman. I yield back.
Chairman Palazzo. I now recognize Mr. Johnson.
Mr. Johnson of Ohio. Thank you, Mr. Chairman.
I would like to associate myself with some of the comments
that my colleague Mr. Posey said. I am a big fan of NASA. I
mean I grew up on Buck Rogers and Star Trek and enamored by
space travel. I have got NASA, Glenn, in Ohio. I am a big, big
fan of NASA's.
But, Mr. Keegan, some of your responses don't rise to the
level of credibility with what we are dealing with here today.
How did you go about preparing for this hearing today? You knew
this was going to be about security breaches and personnel
having done those, but we are getting a lot of ``I don't know''
answers. What did you do to prepare for today's hearing?
Mr. Keegan. I reviewed the reports and----
Mr. Johnson of Ohio. You did review the reports?
Mr. Keegan. Yes.
Mr. Johnson of Ohio. Okay. That is a good start because you
said earlier that you were not aware of any deliberate actions
by NASA employees to violate security protocols. Have I got
that right? Is that what you said earlier?
Mr. Keegan. I am not aware of any specific employees that
have----
Mr. Johnson of Ohio. Okay. Well, in the report----
Mr. Keegan. --been identified----
Mr. Johnson of Ohio. --from--in the report from GAO they
state that in some instances in terms of trying to avoid export
control review, they said it was the result of deliberate
action by authors to avoid export control review of papers
prior to release. And yet you say you read the reports and to
come to this hearing and not know whether or not people have
been addressed and disciplined for those types of deliberate
actions, that doesn't rise to a level of credibility for me,
and I worked for almost 26-1/2 years in the Air Force, much of
that in top-secret and classified conditions. I know at least
in the environment I worked in where the buck stopped. You are
pretty close to where the buck stops. I am a little incensed
that you don't know the answers to these questions that you are
saying you don't know the answers to.
Let me go back to one that Mr. Posey asked you. You said
that there have been people removed from NASA but specifically
in your written testimony you noted that penalties for
noncompliance with export control regulations, of which reviews
are part of and Foreign National Access Management
requirements, that those penalties could include fines,
imprisonment, or administrative personnel actions. Well, let me
ask you again--and you don't have to give me a specific name of
anyone--but do you--has anyone in NASA received any of those
things--fines, imprisonment, or administrative personnel
actions--for a security breach--for a deliberate security
breach, as noted by GAO? Has anyone been disciplined to that
level?
Mr. Keegan. I will take that question for the record and
provide you a response.
Mr. Johnson of Ohio. Okay. I would appreciate that. Thank
you very much.
Ms. Robinson's testimony noted that NASA's Jet Propulsion
Laboratory has had success using engineers and scientists as
export control representatives to work with the export control
personnel, so I will ask, Mr. Keegan, if you know the answer to
this. Maybe others on the panel want to comment. Can someone
provide a more detailed explanation of the process of working
with scientists as export control representatives? I mean what
do the scientists at NASA's Jet Propulsion Laboratory do that
scientists at NASA centers do not do? How do they work
differently with export control personnel?
Mr. Keegan. I would like whoever reviewed that as a model
that we can look at to describe it.
Mr. Johnson of Ohio. Okay. So we are not sure. Okay.
Ms. Robinson. I think it is just--again, this was not in
our report; it was something that I noted in the other reports,
but I think it is a process that they have in place, a way to
have interactions between the two groups of professionals so
they are having conversations and they are understanding what
kind of projects are we working on, are there foreign nationals
working here, how do we resolve these issues? So it is a
process.
Mr. Johnson of Ohio. Okay. All right. Well, that five
minutes went fast.
Mr. Chairman, I guess I will yield back the balance of my
time, the one second I have got.
Chairman Palazzo. Are you sure you don't want 30 more
seconds or a minute? Okay.
That is perfect time and I do believe votes were just
called or did they go back in session? Well, the buzzer went
off.
Well, it is absolutely obvious that this Committee takes
our national security very importantly. It is a bipartisan
issue. It is also obvious that when you look at the global
events around the world that the world is not becoming safer;
it is becoming much more dangerous. And America's leadership in
space isn't just about national pride; it is about national
security. And we are not going to wait 15 years to make sure
that these recommendations are being implemented by NASA. We
are going to be looking forward to reports every year and we
are going to be taking a hard look at this.
So I thank the witnesses for their valuable testimony and
the Members for their questions. Members of the Committee may
have additional questions for you and we will ask you to
respond to those in writing. The record will remain open for
two weeks for additional comments and written questions from
Members.
The witnesses are excused and this hearing is adjourned.
Thank you.
[Whereupon, at 11:22 a.m., the Subcommittees were
adjourned.]
Appendix I
----------
Answers to Post-Hearing Questions
Answers to Post-Hearing Questions
Responses by Mr. Richard Keegan
[GRAPHIC] [TIFF OMITTED]
Responses by Ms. Belva Martin
[GRAPHIC] [TIFF OMITTED]
Responses by Ms. Gail A. Robinson
[GRAPHIC] [TIFF OMITTED]
Responses by Mr. Douglas Webster
Appendix II
----------
Additional Material for the Record
[GRAPHIC] [TIFF OMITTED]
Responses submitted by NASA for information requested by Chairman Broun
[GRAPHIC] [TIFF OMITTED]
�