Social networks have changed the world, but they make things very complicated for the CIA.
Facebook, Twitter and other services give the spy agency enormous amounts of new information about people of interest around the world, but they also open up huge new vulnerabilities.
For example, how should the CIA conceal details about a spy who has been sharing information about herself online before joining the agency — perhaps since she was in middle school? And can it create a convincing enough story about someone who has to lie about who they really are?
"From the standpoint of a clandestine officer seeking to create and maintain her cover — perhaps the most fundamental element of espionage — this can pose a real challenge," said CIA Deputy Director David Cohen.
Cohen told students at his alma mater Cornell University in the autumn that what he called "digital dust" leaves the CIA's intelligence officers vulnerable in many ways. Credit card transactions, car rentals, Internet searches or purchases all leave a trail, he said.
But Facebook, Twitter, LinkedIn and other such services may be a case of their own.
Imagine a college student with normal online posting habits being recruited by the CIA because of his language, technical or other skills. If a foreign intelligence agency learned about that connection, it could access years' worth of his photos on the open Web – making it nearly impossible to enter another country under cover. It could also find likes and dislikes, friends and other such information prized by spies.
How Not To Handle A CIA Job Offer
Even young people sharp enough to attract the attention of the CIA sometimes don't connect the risks of that work with their social media habits.
The agency's top recruiter, Ron Patrick, told CNN last year that CIA has had to withdraw job offers because candidates shared online that they'd interviewed with the CIA or had just been hired.
New recruits can't simply go quiet, however. Agency officials realize how suspicious it looks for a prolific Facebook poster or Twitter user to suddenly disappear. Nor can an officer working undercover simply appear online one day out of nowhere.
"We must find ways to protect the identity of our officers who increasingly have a digital footprint from birth," Cohen said. "Likewise, since having no digital trail can raise suspicions too. We also have to figure out how to create digital footprints to support cover identities."
The recruiting dilemma works both ways. Agency officials worry the young people they want to attract might assume they can't ever use Facebook or Twitter — or if they have, they're disqualified.
The agency made social media the no. 2 "myth" it tries to debunk on one of its hiring pages, after "an average day involves a car chase" but before "hardly anyone makes it through the background check."
"The truth is, CIA employees can use social media," the agency's page says. "We just have some guidelines to protect the men and women who serve our country. There can be plenty of friending and following and liking in your future (just not during the work day)."
CIA officials won't discuss how they're tackling these problems, but they do point to the creation of the agency's new Directorate of Digital Innovation, launched last year, as evidence of how serious they are about solving them.
The department was the spy agency's first full-scale new directorate since 1963, when it launched the Directorate of Science and Technology to build what Cohen called "spy gadgets."
"I want to make sure the agency is able to understand how that [cyber] environment affects our mission," CIA Director John Brennan told NPR this week. "I want to make sure our people are trained well so that they can go to far-off corners of the world."