Social Security Administration (Agency) and American Federation of Government Employees, AFL-CIO (Labor Organization/Petitioner)

[ v60 p57 ]

60 FLRA No. 15

SOCIAL SECURITY ADMINISTRATION
(Agency)

and

AMERICAN FEDERATION
OF GOVERNMENT EMPLOYEES,
AFL-CIO
(Labor Organization/Petitioner)

BN-RP-03-0030

_____

ORDER DENYING
APPLICATION FOR REVIEW

June 30, 2004

_____

Before the Authority: Dale Cabaniss, Chairman, and
Carol Waller Pope and Tony Armendariz, Members

I.     Statement of the Case

      This case is before the Authority on an application for review filed by the Social Security Administration (Agency) under § 2422.31(c) of the Authority's Regulations. The American Federation of Government Employees (Union) filed an opposition to the Agency's application for review.

      The Agency seeks review of the Regional Director's (RD's) Decision and Order and Direction of Election. The RD found that the nonprofessional employees in the Social Security Administration, Office of Telecommunications and Systems Operations, Division of National Network Services and Operations, Remote Operations Management Branch, Remote Operations Communications Center (ROCC), Philadelphia, Pennsylvania are not excluded from a proposed bargaining unit because they are not engaged in "security work which directly affects national security" within the meaning of § 7112(b)(6) of the Federal Service Labor-Management Relations Statute (the Statute).

      For the following reasons we deny the application for review.

II.     Background and RD's Decision

      The Union filed a petition seeking an election to include Information Technology (IT) Specialists and a Lead Technical Controller (LTC) in its nationwide consolidated bargaining unit of nonprofessional employees. RD's Decision at 1. The IT Specialists and the LTC are employed in the Philadelphia ROCC. Id. at 3. ROCCs are part of the Remote Operations Management Branch, which is part of the Division of National Network Services and Operations (DNNSO). Id. The DNNSO is a division of the Office of Telecommunications and Systems Operations (OTSO) which

manages the installation, relocation, and operations of the telecommunication network facilities for the transmission of program and management data over Agency-established networks; monitors telecommunications operations, analyzes equipment problems, and effects proper maintenance and repair; reports outages to vendor management for prompt resolution; serves as the initial point of contact for user and technical problem determination for telecommunications; diagnoses data-center problems, hardware and network problems, and coordinates network operations issues with applications and support staff; manages traffic flow between telecommunication complexes and other Agency complexes; and operates and maintains an integrated systems and technical coordination control center and help desk to coordinate problem identification and resolution activities.

Id. According to the RD, a division separate from the DNNSO is responsible for the security systems and policies in OTSO. Id. at 3 n.3.

      The Agency has six ROCCs that "function as hubs in its nationwide telecommunications network." Id. at 3. A ROCC contains the "infrastructure for data communication and e-mail services" and connects regional offices in a particular geographic area with the nationwide network. RD's Decision at 3. A ROCC allows users to connect to the National Computer Center (NCC) where client data is maintained and transmits the data between field offices and the NCC, but does not store data and does not have the systems to do so. Id. The Philadelphia ROCC serves the mid-Atlantic area and connects about 300-350 sites and about 16,000 users. Id. at 4.

      The Agency administers the Social Security Act and pays about $7 billion a month to approximately 55 million recipients. Id. The processing of claims, including initial claims, terminations, overpayments, etc., is done through the network connections provided by ROCCs. Id. The RD stated that if a ROCC is not operating and providing "connectivity" for its field offices, "electronic processing cannot be done, e-mail service will be unavailable, and hearing offices cannot hold hearings using automated processes . . . ." Id. Although [ v60 p58 ] the loss of connectivity would create problems accessing the telecommunications network, the only client data affected would be the data that was in transit at the moment "connectivity" is lost because client data is not stored at ROCCs. Id. According to the RD, the Agency has contingency plans for the loss of a ROCC and the interruption of service would not interfere with the payment of benefits to clients because the Department of the Treasury would issue checks based on the previous month's payments. Id. at 4-5.

      The RD set forth the following issues for resolution:

1. Whether the employees of the [ROCC], Philadelphia, who are the subject of the petition, are engaged in security work that directly affects national security and should be excluded from the proposed unit pursuant to section 7112(b)(6) of the Statute.
2. Whether the incumbent in the position of Lead Technical Controller, GS-392-13, who is the subject of the petition, is a supervisor as described in section 7103(a)(10) of the Statute and should be excluded from the Petitioner's proposed unit pursuant to section 7112(b)(1) of the Statute.

RD's Decision at 9.

      The Agency argued that the employees cannot be included in a bargaining unit because they "`oversee and protect systems which if lost due to tragedy, would have serious consequences to the Nation's economy.'" Id. (citing Agency Brief at 8 (citing Social Security Admin., Baltimore, Md., 59 FLRA 137 (2003) (SSA Baltimore))). The Agency asserted that the employees play an important role in protecting the Agency's infrastructure. Id. Regarding the supervisory status of the LTC, the Agency contended that the employee "attends management meetings, gives assignments to employees, and makes recommendations about hiring and awards." Id. at 9-10.

      The Union maintained that the employees are not engaged in "security work" within the meaning of the Statute because they do not "plan, direct, or coordinate security systems, they maintain no classified material systems, and they do not control access to any classified material"; they only maintain equipment to "ensure the flow of data." Id. at 10. In addition, the Union argued that the employees do not engage in work that directly affects "national security." Id.

      Addressing the positions in dispute, the RD described the IT Specialists as the employees responsible for resolving problems in the network that affect the transfer of data between the ROCC's service area and the NCC. Id. at 6. The employees are classified as level 5-C, meaning their access would afford them an opportunity to do moderate damage to an "automated information system[]." Id. at 7.

      According to the RD, the IT Specialists may, at the direction of the NCC, monitor the "data traffic" on the network to identify the cause of a problem. Id. at 6. The RD found that the data is encrypted for transmission and the IT Specialists cannot decipher it. Id. The RD determined that one of the IT Specialists has permission that enables him to change a user's password and unlock a user's account, but does not have permission to alter an account in any other way. RD's Decision at 7. The RD concluded that the only PINs maintained at the ROCC are those necessary to enable machines to communicate. Id. at 6. According to the RD, the employees focus on the server, not on any data stored on that server, and do not have access to the client data, the mainframe, social security accounts or the security repository. Id. at 6-7. Finally, the RD established that the employees are expected to report any security incident to the security office. Id. at 7-8.

      Based on the duties performed by the IT Specialists, the RD concluded that "ROCC staff does not develop security procedures, monitor the security of the system, or take part in special security software or applications." Id. at 7.

      In assessing these facts against the requirements of the Statute, the RD focused his analysis on whether the employees are engaged in "security work which directly affects national security" and therefore fall within the meaning of § 7112(b)(6). Id. at 10.

      The RD stated that according to Authority precedent, "security work" includes positions in which "the required tasks, duties, functions, or activities of the employee's position include: (1) the designing, analyzing, or monitoring of security systems or procedures; or (2) the regular use of, or access to, classified information." Id. at 11 (citing United States Dep't of the Army, Corps of Engineers, United States Army Engineer Research Development Ctr., Vicksburg, Miss., 57 FLRA 834, 836-37 (2002); United States Dep't of Justice, 52 FLRA 1093, 1103 (1997) (DOJ)). The RD explained that the Authority has defined, and reaffirmed the definition of, "national security" to include sensitive government activities that "are directly related to the protection and preservation of the military, economic [ v60 p59 ] and productive strength of the United States, including the security of the Government in domestic and foreign affairs, against or from espionage, sabotage, subversion, foreign aggression and any other illegal acts which adversely affect the national security." Id. (citing SSA Baltimore, 59 at 144, aff'g Dep't of Energy, Oak Ridge Operations, Oak Ridge, Tenn., 4 FLRA 644, 655-56 (1980) (Oak Ridge). Finally, the RD maintained that the Authority has defined "directly affects" to mean there is a "straight bearing or unbroken connection that produces a material influence or alteration." RD's Decision at 11.

      Applying these standards to the employees, the RD concluded that the employees are not engaged in "security work which directly affects national security." Id. at 11-12. The RD explained that according to the record, none of the employees have access to classified data, are responsible for designing, analyzing or monitoring security systems or procedures or are responsible for ensuring that classified information is not disclosed. Id. In addition, the RD pointed out that these employees do not work with a security system; they work with a data communication system. Id. at 12. The RD found the employees install protective measures onto systems and monitor them to ensure proper installation, but they do not design, monitor or analyze the measures. Id. The RD concluded that based on the duties performed, the employees "function as technicians and maintenance workers . . . not as guardians of the Agency's security system." Id.

      Regarding the issue of whether the employees' work directly affects "national security," the RD concluded that the work of the employees in this case is "not directly related to the protection of [the Agency's] facilities" and that a different office is responsible for protecting the physical facilities of the ROCC. Id. at 13, contra SSA Baltimore, 59 FLRA at 146. In addition, the RD found that the employees are not acting to prevent the destruction of the ROCC and that the Agency did not demonstrate that the loss of the ROCC (essentially the ability to process claims or use e-mail) would have a "serious adverse effect on the economic strength" of the nation. Id. Finally, the RD determined that the employees could not do serious damage to the Agency because the employees do not have access to the client data as it is transmitted, the stored client data, or the security repository. Id.

      Addressing the supervisory status of the LTC's duties, the RD stated that the incumbent is responsible for all technical issues in the ROCC and is the senior IT expert. Id. at 8. The RD found that the LTC may assign technical tasks to other staff members if he needs assistance with a project, but cannot change anyone's shift in order to accomplish those tasks. RD's Decision at 8. The RD also concluded that the LTC maintains overtime lists in accordance with the set procedure for rotating overtime. Id. In addition, the RD determined that the LTC gives the supervisor daily feedback as to technical matters and staff performance, but is not directly involved with ROCC staff performance evaluations. Id. According to the RD, the LTC attends management meetings solely for his technical expertise, but does not participate in management or personnel matters. Id. The RD also found that the LTC may provide input regarding the hiring process, but that the incumbent does not have the authority to hire. Id. The RD determined that any discipline would be handled at the division level, not by the LTC. Id. at 8-9. Finally, the RD stated that the LTC is not authorized to sign leave slips. Id. at 8.

      The RD, applying the Statute, ascertained whether the LTC acts as a supervisor. The RD cited § 7103(a)(10) of the Statute, which defines a supervisor as "an individual employed by an agency who has authority to hire, direct, assign, promote, recall, suspend, discipline, or remove employees, to adjust their grievances or to effectively recommend such action, if the exercise of the authority is not merely routine or clerical in nature but requires the consistent exercise of independent judgment[.]" Id. at 13-14. The RD explained that an employee only needs to exercise one or more of the duties set forth in the Statute, in conjunction with independent judgment, to be considered a supervisor. Id. at 14 (citing United States Dep't of the Army, Army Aviation Sys. Command, 36 FLRA 587 (1990); United States Dep't of Veterans Affairs, Veterans Admin. Medical Ctr., Allen Park, Mich., 35 FLRA 1206 (1990) (VA Allen Park)). The RD also pointed out that the Authority has defined a "leader" as an employee whose responsibilities are routine in nature and do not require the exercise of independent judgment. Id. (citing United States Army Communications and Electronics Materiel Readiness Command, Fort Monmouth, N.J., 9 FLRA 101 (1982); United States Dep't of the Navy, United States Naval Station, Panama, 7 FLRA 489, 492 (1981)).

      Based on the Authority's definitions, the RD concluded that the LTC is not a supervisor, but rather is a "leader". RD's Decision at 14-15. The RD found the LTC did not have the authority to "independently perform" any of the duties set forth in the statutory definition of a supervisor. Id. The RD explained that the LTC assigns and directs employees solely based on his technical expertise and does not have the authority to assign [ v60 p60 ] overtime or change an employee's shift. Id. In addition, according to the RD, the LTC does not have any authority over performance evaluations and is not involved in labor-management issues. Id. Based on his findings, the RD determined that the LTC did not fit the definition of a supervisor under § 7103(a)(10), but instead would be considered a technical "leader" under Authority precedent. Id. at 15.

III.     Positions of the Parties

A.     Agency's Application

      The Agency argues that the Authority should grant its application for review because: (1) the Authority's established precedent regarding "security work" warrants reconsideration; and (2) the RD failed to apply established law.

      The Agency cites the RD's findings that support a conclusion that the ROCC employees are not engaged in "security work" and claims that the Authority's definition of "security work" warrants reconsideration. Application at 2, 4, 6-11. The Agency bases this request on its belief that the "traditional view of what comprises security work needs to be revised to fit the situation that we find ourselves in today[.]" Id. at 2.

      The Agency argues that the ROCC gives the Agency's field offices the infrastructure needed to conduct business and that ROCC employees can connect anyone to the Agency's server and thus can enable anyone to access Agency data. Id. at 12, 14. Citing testimony from the Chief Security Officer, the Agency asserts that if the ROCC is not operating and providing that infrastructure, the Agency cannot conduct its business. Application at 12, 14.

      The Agency contends that ROCC employees "play an integral part in protecting and securing the [Agency's] infrastructure[,]" whether they are aware of that role or not. Id. at 16. The Agency describes the employees as the "technical implementers" of the security policy and points out that the employees are responsible for firewalls and for reviewing security logs and monitoring for system breaches. Id. at 13, 15, 16. The Agency alleges that the employees are involved in security policy because of the decisions the employees could make regarding the infrastructure. Id. In addition, the Agency states that the employees are in a locked and secure work area with strict access control and are responsible for the physical security of the servers and equipment. Id. at 14, 15. Finally, the Agency asserts that the ROCC employees have "sensitivity clearances unlike anyone else in the building, because they work with equipment and on processes that can affect the entire [Agency] program and function in the northeastern part of the United States . . . ." Id. at 16.

      The Agency argues that the RD erred when determining that the incumbent in the position of LTC is not a supervisor within the meaning of § 7103(a)(10) of the Statute. Id. The Agency explains that an employee is a supervisor if that employee exercises the authority to "hire, direct, assign, promote, recall, suspend, discipline, or remove employees, to adjust their grievances" and the exercise of the authority requires independent judgment and is not routine or clerical in nature. Id. at 16-17 (citing VA Allen Park, 35 FLRA at 1206). The Agency, acknowledging Authority precedent differentiating a "leader" from a supervisor, explains that the LTC most closely fits the statutory definition of a supervisor. Id. at 17-18 (citations omitted).

      The Agency states that the LTC is the "focal point" for technical issues and as such, directs employees and gives out work assignments. Id. at 18. The Agency also asserts that the LTC reviews other employees' performance, provides training classes as needed and documents employee problems. Application at 18-19. In addition, the Agency alleges that the LTC is involved with promotion panels, reviews applications and makes hiring recommendations. Id. at 18.

      The Agency contends that the LTC attends management conference calls and participates in discussions regarding workloads, awards and other personnel issues. Id. Finally, the Agency explains that the LTC is placed in charge when the supervisor is gone and that the supervisor considers the incumbent as part of the management team. Id. at 19, 20. The Agency argues that although the LTC does not sign leave slips, other managers would honor his decision on whether or not an employee was needed and therefore, the other managers' signatures were merely "pro forma[.]" Id.

B.     Union's Opposition

      The Union argues that the employees are not engaged in "security work" as evidenced by the fact that the employees do not have access to the Agency's mainframe computer. Opposition at 2-3. The Union also alleges that the Agency admitted that if anything happened to the ROCC, none of the records in the mainframe would be affected, and if something did happen to the ROCC, the Agency has a backup plan. Id. at 3. According to the Union, none of the employees has a role in "planning, directing or coordinating any security systems." Id. The Union asserts that the employees do not investigate individuals or maintain or control access to any classified information. Id. Finally, the Union explains that these employees have the same position descriptions as bargaining unit employees in the NCC, [ v60 p61 ] whose primary function is to "ensure the optimal efficiency of the system." Id. at 3-4.

      The Union maintains that employees testified that the LTC does not do evaluations, does not grant or deny leave and does not hear grievances. Id. at 2. The Union argues that there is no evidence to support a finding that the LTC is a supervisor. Id. According to the Union, the LTC is a "leader" who "gives advice and guidance to employees who do the same job he does." Id.

IV.     Analysis and Conclusions

      For the following reasons, we find that no basis has been established for granting review of the RD's Decision and Order.

A.     The Authority's established precedent regarding "security work" does not warrant reconsideration.

      Section 7112(b)(6) of the Statute states that a unit will not be considered appropriate if it includes "any employee engaged in intelligence, counterintelligence, investigative, or security work which directly affects national security." The Authority has determined that an employee is engaged in "security work" if the task and duties of the employee's position include: "(1) the designing, analyzing, or monitoring of security systems or procedures; or (2) the regular use of, or access to, classified information." DOJ, 52 FLRA at 1103, modifying Oak Ridge, 4 FLRA at 655. The Authority has determined that "national security" includes "sensitive activities of the government that are directly related to the protection and preservation of the . . . economic . . . strength of the United States[.]" SSA Baltimore, 59 FLRA at 143 (citing Oak Ridge, 4 FLRA at 655-56).

      Upon review of the Agency's submission and the record in this case, we find no basis for modifying the Authority's definition of "security work" generally. The Agency has not established that the Authority's definition of "security work" is inconsistent with the test set forth in § 7112(b)(6) or the concerns reflected in that portion of the Statute.

      More specifically, the Agency has not shown how the employees at issue here are engaged in any activity that would or should be considered as "security work." The record illustrates that the ROCC employees do not analyze, design or monitor a security system and do not have access to classified information. The ROCC employees are responsible for the maintenance of the telecommunications network, but do not monitor the network for security issues. See RD's Decision at 7; Transcript (Tr.) at 38, 40, 93, 94-95, 110, 209, 223-24. The ROCC employees do not have access to the mainframe computer or the security repository and therefore do not have access to or regularly use classified information. See RD's Decision at 6-7; Tr. at 60, 163, 212, 223, 230-31. The ROCC employees do not make determinations about who will have access to the network and what access each person will have. See RD's Decision at 7; Tr. at 113, 138-140, 166-67. The ROCC employees are not responsible for the physical security of the facility, as they are expected to report any security concerns to the security office. See RD's Decision at 7-8; Tr. at 70, 94-95, 110, 188, 206, 208. In short, the evidence presented does not support a finding that the ROCC employees are engaged in "security work." Contra SSA Baltimore, 59 FLRA at 146 (Authority determined that the employees were engaged in "security work" because they wrote and implemented security plans, were involved in granting access to the facilities, had access to the security repository as well as access to the security systems).

      Accordingly, we find that the Agency has offered no basis that reconsideration of the Authority's established precedent regarding "security work" is warranted.

B.     The RD did not fail to apply established law.

      Section 7103(a)(10) defines a supervisor as an individual having authority to "hire, direct, assign, promote, reward . . . suspend, discipline, or remove employees, to adjust their grievances . . . if the exercise of the authority is not merely routine or clerical in nature but requires the consistent exercise of independent judgment . . . ." The Authority has held that an employee will be considered a supervisor if the employee "consistently exercises independent judgment with regard to the supervisory indicia set forth" in § 7103(a)(10). National Mediation Bd., 56 FLRA at 1, 7-8 (2000) (NMB) (citing Army and Air Force Exch. Serv., Base Exch. Fort Carson, Fort Carson, Colo., 3 FLRA 596, 599 (1980)). "[A]n employee need exercise only one of the responsibilities set forth in § 7103(a)(10) in conjunction with independent judgment in order to be found a supervisor." Id. at 8. In addition, the Authority has determined that if an employee's actions in connection with one of the supervisory indicia are of a routine nature, entailing the exercise of very little independent judgment or no consistent exercise of discretion, the employee will not be considered a supervisor. See, e.g., NMB, 56 FLRA at 8; United States Dep't of the Treasury, Office of Chief Counsel, 32 FLRA 1255, 1259 (1988).

      The Authority, in determining whether an employee is a supervisor, has distinguished employees who are considered "leaders." The Authority has concluded that an employee will be considered a "leader," and not a supervisor, if the employee's responsibilities are routine in nature and do not consistently involve the exercise of independent judgment. See, e.g., NMB, 56 FLRA at 8 (citing United States Dep't of the Army, Army Aviation Sys. Command and Army Troop Support Command, St. Louis, Mo., 36 FLRA 587 (1990)). [ v60 p62 ]

      Upon review of the record and Authority precedent, we find no basis to conclude that the RD failed to apply established law. Although the LTC may be involved in recommending awards, this does not support a finding that the LTC is a supervisor because the record indicates that any employee can recommend another employee for an award. Tr. at 25, 53, 200. The record illustrates that the LTC attends management conference calls, but the RD found and the Agency does not dispute that he does so for his technical expertise. RD's Decision at 8; Tr. at 26-27. The LTC does not sign leave sl