Monday, November 19, 2007

More on HSPD 21

Over at In Case of Emergency, Jimmy Jazz has completed his review of HSPD 21: Public Health and Medical Preparedness. His series is worth reading, but here's the 30-second version:

  • On Biosurveillance, the plan is long on promises but short on deliverables.
  • On Countermeasure Distribution, the plan is waaay too optimistic that the local, state, tribal, and federal plans can get coordinated in the timeframe allotted. (That's assuming they can get coordinated at all.)
  • On Mass Casualty Care, the plan is great but not doable within the deadlines.
  • On Community Resilience, the plan is much too vague, offering little more than some additional training and bland platitudes.
  • On Everything Else, the deadlines are ridiculous.
Sometimes I think that Community Resilience is the most important, even though it may be the toughest to pull off. Americans have succeeded largely because we've been resilient, always pushing ahead in spite of hardship. Someday we will have to deal with a major catastrophe even larger than 9/11 or Katrina. I wonder if we'll be resilient once again, or if fragility will ruin us.

Terrorist Exploitation of Criminal Infrastructure

Douglas Farah reminds us of the nexus between criminal and terrorist activity, writing about this criminal case, in which "A Palestinian national and a former detective with the Colombian Department of Administrative Security (DAS) have pleaded guilty to charges of conspiring to provide material support to a foreign terrorist organization and alien smuggling."

Farah writes:

What is interesting in the case is that criminal groups are willing to knowingly transport terrorist to the United States, and not simply using the “coyote” route through Central America and Mexico.

Rather, the criminal groups offered false passports from Spain with all the supporting documents, to those posing as terrorists seeking safe passage to the United States.

This highlights numerous points of overlap between criminal and terrorist groups that are necessary. Access to secure entry and exit points of a country, the need for legal travel documents and the supporting paperwork, the need for safe travel.
Terrorism can be thought of as a specialized form of organized crime. Unlike more common crimes, terrorism requires an infrastructure. The organization has to train its people; test its plans; move money, people, weapons or other dangerous agents; gain access to the target; etc. Generally speaking, the more dangerous and deadly the terrorist threat, the greater infrastructure that's required.

Partnerships with existing criminal networks can be an efficient way for terrorists to meet their needs by accessing existing infrastructure. However, this is both an asset and a potential liability for both partners.

When terrorists "outsource" some of their needs to criminal organizations, they can become exposed through this alliance, and vice versa. It is another form of vulnerability.

Thursday, November 15, 2007

The FBI Reviews Terrorism: 2002-2005

This is a quick review of the FBI's new Terrorism 2002-2005, which reviews domestic acts of terrorism during this four-year period. It discusses only acts of terrorism that either took place or were intended to take place in the U.S. or its territories.

Interestingly, the FBI defines not just "terrorism," but also "terrorism prevention":

A terrorism prevention is a documented instance in which a violent act by a known or suspected terrorist group or individual with the means and a proven propensity for violence is successfully interdicted through investigative activity.
It's that last phrase that's key. You don't "prevent terrorism" by getting lucky. If the bomber reaches his target and it fizzles, you haven't prevented anything. (See the July 21, 2005 London bombers.)

The good news in this report is the relatively limited damage caused by the terrorist attacks that have occurred. And even most of those that have been prevented would have had limited, localized impacts (e.g., bombing a building). Also, most successful terrorism in the U.S. has not targeted people, but facilities or other objects:
In keeping with a longstanding trend, domestic extremists carried out the majority of terrorist incidents during this period. Twenty three of the 24 recorded terrorist incidents were perpetrated by domestic terrorists.

With the exception of a white supremacist’s firebombing of a synagogue in Oklahoma City, Oklahoma, all of the domestic terrorist incidents were committed by special interest extremists active in the animal rights and environmental movements. The acts committed by these extremists typically targeted materials and facilities rather than persons.
The prevented attacks were a bit more interesting, so I'll spend more time looking at them:
The terrorism preventions for 2002 through 2005 present a more diverse threat picture. Eight of the 14 recorded terrorism preventions stemmed from right- wing extremism, and included disruptions to plotting by individuals involved with the militia, white supremacist, constitutionalist and tax protestor, and anti- abortion movements.

The remaining preventions included disruptions to plotting by an anarchist in Bellingham, Washington, who sought to bomb a U.S. Coast Guard station; a plot to attack an Islamic center in Pinellas Park, Florida; and a plot by prison-originated, Muslim convert group to attack U.S. military, Jewish, and Israeli targets in the greater Los Angeles area.

In addition, three preventions involved individuals who sought to provide material support to foreign terrorist organizations, including al-Qa’ida, for attacks within the United States.
One thing I always pay attention to is the "precursor crimes" that are often committed in preparation for a potential terrorist plot. Would-be terrorists require materials for the attack and access to the target. As a result, many precursor crimes relate to acquiring money to buy these materials, or to means of gaining access. For instance, document forgery:
On April 10, 2003, the FBI arrested William Joseph Krar for fraud-related charges stemming from his attempt to deliver numerous false identification badges—including a United Nations Observer Badges, Defense Intelligence Agency identification, and a Federal Concealed Weapons Permit—to Edward Feltus, a member of the New Jersey Militia.
And counterfeiting:
On August 5, 2004, the FBI arrested Gale William Nettles in connection with his attempted sale of a half ton of ammonium nitrate to an undercover agent purportedly associated with a foreign terrorist organization. The FBI also had information that Nettles intended to use ammonium nitrate to bomb Chicago’s Dirksen Federal Office Building. Nettles planned to counterfeit U.S. currency in order to earn money to purchase bomb components for his attack.
And robbery:
On July 5, 2005, officers with the Torrance (California) Police Department arrested Levar Washington and Gregory Patterson during a commercial armed robbery in progress at a Los Angeles area gas station. Their arrest, and subsequent local and FBI investigation, revealed that Washington and Patterson were conducting the armed robberies to raise money for an alleged terrorist plot targeting U.S. military facilities, Israeli government facilities, and Jewish synagogues in the greater Los Angeles area.
It's also worth noting that, while the vast majority of successful terrorist incidents involved few or no injuries and fatalities, some of the prevented acts - and not just those by al Qaeda - posed potentially serious threats to people. For instance, at least one potential domestic terrorist plotted to use chemical weapons:
William Joseph Krar had also been identified as a potential weapons supplier associated with extremist militia activities. In a search of Krar’s Texas residence at the time of his arrest, FBI investigators found firearms, explosives, blasting caps, machine guns, over 100,000 rounds of ammunition, approximately 800 grams of sodium cyanide, and plans to weaponize the sodium cyanide.
Finally, one of the prevented incidents - involving an al Qaeda sympathizer - highlights the fact that al Qaeda remains steadfast in its intent to target the U.S. economy:

On December 5, 2005, Michael Curtis Reynolds was arrested at a motel near Pocatello, Idaho, after arranging to meet a purported al-Qa’ida contact. Reynolds offered to assist al-Qa’ida in engaging in acts of terrorism within the United States by identifying targets, planning terrorist attacks, and describing bomb-making methods.

Reynolds sought to carry out violent attacks against pipeline systems and energy facilities in an effort to reduce energy reserves, create environmental hazards, and increase anxiety. Reynolds sought payment for supplying his assistance and continuing work on behalf of al-Qa’ida. Reynolds has been charged with attempting to provide material support to a foreign terrorist organization.
Overall, the FBI's compendium of terror attacks is a rather heartening read. The lack of a major attack on U.S. soil since 9/11 can be construed only as a very good thing.

Wednesday, November 14, 2007

Europe's Counterterrorism Strategy

The EU has recently revised its Counterterrorism Strategy. The document is just 9 pages long, so it's not very detailed. After a quick review I found a few passages worthy of note and comment:

Terrorist threats should mostly be addressed at national level – even in the knowledge that the current threat is mostly international. Work at EU level complements these efforts and is built around prevention, protection, prosecution and responding if an attack occurs.
The situation in Europe is more complex than in the U.S. The number of nations involved, the different cultures and legal structures, the immigration patterns - all of it makes it more difficult to collaborate on a solution. But I'm not convinced that the most important work has to be done at the national level.

I still maintain that most of the important work has to be done on a local level. The national government can play a key supporting role - and a lead role in some instances - but in the end it requires coordinated local effort to dislodge terrorism and create an environment in which it cannot bloom again.

The strategy identifies eight key measures for combatting terrorism:
• Stopping violent radicalisation;
• Protecting our critical infrastructure;
• Improving the exchange of information between national authorities and cooperation between all stakeholders when appropriate;
• Reacting to non conventional threats;
• Improving the detection of threats;
• Depriving terrorists of financial resources;
• Supporting victims;
• Research and technological development.
The first measure, stopping violent radicalization, seems a logical step for the Europeans, given their demographics (i.e., a lot of immigrants who don't feel like they've assimilated into the dominant culture, some of whom have fallen under the sway of jihadists).

But in terms of stopping this radicalization, it seems like they're still trying to get their arms around the issue:
Understanding the motivations behind terrorist activity is a key part of prevention. The Commission is in the process of developing a policy on identifying and addressing the factors contributing to violent radicalisation. Research into this complex area is important and the Commission funds studies, conferences, and projects to share experience and better understand the issue.
It's admirable to try to understand the problem. But it seems to me that they're missing something. Instead of studying "the factors contributing to violent radicalisation" (i.e., what kind of person, from what kind of background, is subject to becoming a violent radical) I think they would do much better to focus on the process of recruiting and radicalization.

It really doesn't matter much what a person's background is, when you think of it. What matters is the process that they go through to become a violent radical. That process inevitably leaves signs and signals, in spite of the great efforts that are made to hide it. If you focus on that process, rather than the psychology of who becomes a radical and why, then you have a better shot at interdiction and prevention.

On information sharing, I found it noteworthy that they focus on information rather than intelligence:
Exchange of information – in compliance with fundamental rights including data protection – is essential. The Passenger Name Records (PNR) proposal which is part of this package demonstrates it. Much has been done by the Commission. Telecom and internet service providers now have to retain their data, as a consequence of the Data Retention Directive. The principle of availability has made its first step with the PrĂ¼m Treaty: soon, all Member States' databases on fingerprints, DNA and vehicle registration will be accessible to the authorities of other Member States.

Agreement has been reached to give law enforcement authorities access to the Visa Information System (VIS) once it becomes operational. Access to the VIS will allow police and other law enforcement authorities, as well as Europol, to consult data in the Visa Information System. It will store data on up to 70 million people concerning visas for visits to, or transit through, the Schengen Area.
Maybe I'm just making the assumption that they're subordinating sharing intelligence in favor of sharing information. But it seems odd that they're just talking about data here - and not the intelligence that's created by analyzing the data.

In the end, the EU introduces a security package for moving ahead. I find these steps to be generally on the right track:
This security package aims to improve the security of Europe and face the terrorist threat by:
  • Dealing with those who support terrorism.
  • Practical action to stem the use of explosives.
  • Establishing a European system for the exchange of Passenger Name Records ("PNR").
The first step wisely acknowledges the fact that terrorists require a sympathetic environment and an actively supportive infrastructure. The second is rather limited in scope, covering only one potential type of terrorist act. You've got to give a determined terrorist more credit than that, I think. The third step is logical, given the fact that many terrorists travel overseas before going operational with an attack plot.

Still, taken in their entirety, I'm not sure they've got a comprehensive strategy that is going to address all aspects of the terrorist threat.

(Hat tip to Jonah at HLS Watch, who also
provides a good overview of the strategy.)

Technology, All Is Technology!

Hmm... DHS is studying a proposed new technological system for detecting biological, radiological, and chemical agents:

Imagine that instead of anthrax-laced letters targeted at members of Congress the next bioterrorist attack to hit Washington is a wide-scale release of a toxin in the transit system. But rather than trusting a haphazard series of stationary air sensors installed at likely release points on platforms and waiting areas, first responders minimize the assault using thousands of mobile biodetectors embedded in a standard tool in every commuter’s arsenal: the cell phone.

According to such a plan, a portion of the phone-toting population would voluntarily use devices that included minuscule bio, radiation or chemical sensors that could detect dangers in real time. If terrorists released a toxin, cell-phone sensors would detect the substances and signal the threat to District of Columbia police via the Global Positioning System network.

Officials would quickly know the type of outbreak they faced and could pinpoint the release points and map how prevailing air currents were spreading the poison.

"Pretty soon you know there’s a botulism release at McPherson Square," said Rolf Dietrich, deputy director at the Homeland Security Department’s Science and Technology Office of Innovation. "The police could push through the news to anybody in the vicinity, telling them: 'We have indications of a potential problem. Evacuate to the south, because the wind is blowing this stuff to the north.'"
Here's the thing. This is a difference in degree, not in kind. We're already establishing the network of biosensors and radiation detectors in major cities, through the BioWatch program and the Secure Cities Initiative. Putting them in cell phones is an improvement, yes, but it's essentially more of the same.

More importantly, is this the best use of our resources? Let's remember that this type of intervention takes effect only after the cat is out of the bag. These detectors work only after the bad guy has already released the chemical, biological, or radiological agent. At that point, you're just trying to speed the response and do damage control. These are important, yes. But are they worth a major investment of time, money and technology? A few questions:
  • How many people are we going to be able to protect, thanks to the sensors in the cell phones, as compared to the number of people we could protect with the BioWatch and SCI sensors?
  • Will the police and other first responders coordinate their communication, which seems so essential to maximizing the effectiveness of this intervention?
  • Will they even have the interoperable systems that allow them to communicate?
  • Will emergency services be able to move groups of victims to healthcare facilities?
  • Will those healthcare facilities have sufficient resources to manage the influx of patients?
  • How quickly can we test to know exactly what agent we're dealing with and what the treatment should be?
  • Do we have enough facilities for decontamination of those people who may have come into contact with the agent?
  • What can we do to prevent the release of the agent?
All of these questions seem more immediate and pertinent than the question of, "If we put the sensors in cell phones, can we move more people out of harm's way more quickly?"

No Community Is An Island

Some solid thinking from Effect Measure on pandemic preparedness:

[L]ocal preparation can't be too local: only looking after ourselves and our families. Of course families should prepare, to the best of their ability, and having some reasonable stockpile will stand them in good stead whether it is a pandemic, a flood, a hurricane or a blizzard. But the more important point is that making a community more resilient requires structures that allow us to help each other, not just protect ourselves.

Communities where the impulse to help is encouraged and facilitated will do much better than those where helping others depends on individual heroic initiative. In practical terms, this means looking ahead to organizing and using volunteers efficiently, establishing means of communication (like neighborhood visiting groups) that allow others to know when a family is in distress, having community stockpiles and resources available for those who need it (e.g., essential medications or baby formula) are all part of thinking like a community, not just acting like anonymous individuals and isolated families.
Humans are social beings. We always do our best work within the context of a community, when we are connected with each other in meaningful ways.

Part of this is "circling the wagons" when an outside peril threatens us. Communities that are best prepared will be those that have encouraged groups to work together and have practiced their response.

Terrorism Ties to LA Drug Bust

From the "unsurprising if true" file comes this report from the New York Daily News that a small-time drug gang busted in Los Angeles is suspected of raising funds for Hezbollah:

A seemingly small-time drug ring busted this week in Los Angeles was actually targeted for funding the Lebanese terror group Hezbollah, the Daily News has learned.

Prosecutors left out the terror tie when they announced Tuesday that federal agents and local cops had arrested a dozen people for allegedly peddling cocaine and counterfeit clothing in Bell, Calif.

But several sources familiar with the investigation said the predominantly Arab-American gang was believed to have smuggled its crime cash to the Iranian-backed terror group.

"This was a classic case of terrorism financing, and it was pretty sophisticated how they did it," a source close to Operation Bell Bottoms told The News.

The defendants once crammed $123,000 in money orders into a stuffed animal flown to Lebanon, an indictment alleged.
While I don't have any particulars on this case, it's no secret that terror groups use illegal activities such as counterfeiting, drug sales, and identity theft as a quick way to earn cash. And Hezbollah is perhaps the best organized and funded terrorist group in the world. They also have connections in North America.

But these illegal activities are a significant vulnerability for them - one that local law enforcement is ideally positioned to detect and exploit.

Note: The LA Times also covered the story, providing more information on the initial indictments, which were not terrorism-related.

Monday, November 05, 2007

The National Strategy for Information Sharing

Recently the White House released the new National Strategy for Information Sharing, which tries to bring together many existing government efforts (e.g., the Information Sharing Environment, state and urban area fusion centers, etc.) under a strategic umbrella. I've had a chance to review the document in some detail and can provide some thoughts on it.

Much of the language in the strategy is relatively bland. You can't take issue with it, but neither do you get a strong sense of direction from it. For example, regarding information sharing at the federal level, the strategy says:

Today’s ISE consists of multiple sharing environments designed to serve five communities: intelligence, law enforcement, defense, homeland security, and foreign affairs.

Our objective is to establish a framework for Federal agencies in the fulfillment of their individual roles and responsibilities and forge a coordinated and trusted interagency partnership and process across all five communities. This collaborative approach at the Federal level will in turn drive the manner in which terrorism-related information is shared with non-Federal partners.
Well...yes. This is the sort of thing that everybody has been saying all along. It's a nice vision - and the correct one - but the test of this strategy will be in how well it achieves the vision, not whether it can correctly articulate the vision.

It's perhaps not too surprising, but a little disappointing, that the strategy so strongly emphasizes continuance of the status quo. The strategy introduces little that's new, but instead attempts to coalesce existing programs and projects into a coherent whole, as explained in the section titled "The Need for a National Strategy":
Memorializing the Strategy in a single document not only provides information to others about the Administration’s plans and outlook, but also guides our efforts as we continue to implement many programs and initiatives designed to advance and facilitate the sharing of terrorism-related information.

[W]hile this Strategy describes the vision that has guided the Administration for the past six years, it also sets forth our plan to build upon progress and establish a more integrated information sharing capability ...
The only section of the strategy that does bring some new ideas is the annex on fusion centers, which I'll give extended treatment in a future post.

In short, the creation of the new strategy has not involved asking, "Where are we?" and "Where do we need to go from here?" but has instead involved asking, "How can we strategically explain everything that's been done so far and extend it into the future?"

The underlying message is that we're confident that we're on the right track.

And I would agree that, at least on the big, sweeping ideas, we are on the right track. Everyone has the right intentions. We are very good at saying the right things. For instance, here are the core principles and understandings as enumerated by the new strategy:
Effective information sharing comes through strong partnerships among Federal, State local, and tribal authorities, private sector organizations, and our foreign partners and allies;

Information acquired for one purpose, or under one set of authorities, might provide unique insights when combined, in accordance with applicable law, with seemingly unrelated information from other sources, and therefore we must foster a culture of awareness in which people at all levels of government remain cognizant of the functions and needs of others and use knowledge and information from all sources to support counterterrorism efforts;

Information sharing must be woven into all aspects of counterterrorism activity, including preventive and protective actions, actionable responses, criminal and counterterrorism investigative activities, event preparedness, and response to and recovery from catastrophic events;

The procedures, processes, and systems that support information sharing must draw upon and integrate existing technical capabilities and must respect established authorities and responsibilities; and

State and major urban area fusion centers represent a valuable information sharing resource and should be incorporated into the national information sharing framework, which will require that fusion centers achieve a baseline level of capability to gather, process, share, and utilize information and operate in a manner that respects individuals’ privacy rights and other legal rights protected by U.S. laws.
Anybody want to take issue with that?

Importantly, the strategy acknowledges the importance of state, local, and tribal governments as parterns for sharing information:
[T]he nature of the global threat, as well as the emergence of homegrown extremists, require that State, local, and tribal governments incorporate counterterrorism activities as part of their daily efforts to provide emergency and non-emergency services to the public.

These partners are now a critical component of our Nation’s security capability as both “first preventers” and “first responders,” and their efforts have achieved concrete results within their communities, as the following examples illustrate:
  • A narcotics investigation – conducted by Federal, State, and local law enforcement officials and resulting in multiple arrests – revealed that a Canadian-based organization supplying precursor chemicals to Mexican methamphetamine producers was in fact a Hezbollah support cell.
  • A local police detective investigating a gas station robbery uncovered a homegrown jihadist cell planning a series of attacks.
  • An investigation into cigarette smuggling initiated by a county sheriff’s department uncovered a Hezbollah support cell operating in several States.
One thing about the strategy that worries me a bit is its unstated assumption that the Information Sharing Environment - which is really just getting off the ground - is going to be a success.
The ISE Implementation Plan, among other things, delineates how the President’s guidelines and requirements will be implemented by drawing upon recommendations developed pursuant to those guidelines. It also incorporates the perspectives of representatives from State, local, and tribal governments who reviewed the ISE Implementation Plan Report during its development.

Since the Plan’s submission to the Congress, many of its action items have been implemented.
True enough, as we learned in this status report from the ISE Program Manager in September (also see my post). But at this point the development of the ISE is far too preliminary to assume that it will be a rousing success. My eyebrows always wrinkle whenever I hear language that implies, "If we say it, it must be so."

Now a few notes on the four major sections of the strategy, dealing with information-sharing with federal, state-local-tribal, private-sector, and international partners.

Federal Information Sharing

The section on Federal information sharing is remarkably brief. Its basic message is, "Stay the course, implement the ISE, go through the National Counterterrorism Center (NCTC)." The focus on NCTC is almost single-minded:
NCTC has the primary responsibility within the Federal Government for analysis of all intelligence and information pertaining to terrorism, and supports the Department of Justice (DOJ), DHS, and other appropriate agencies in the fulfillment of their responsibilities to disseminate terrorism-related information.

All Federal departments and agencies that possess or acquire terrorism-related intelligence and information provide access to such information to NCTC for analysis and integration unless prohibited by law or otherwise directed by the President. As the “Federal Fusion Center” responsible “for analyzing and integrating all intelligence pertaining to terrorism and counterterrorism,” NCTC works with appropriate Federal departments and agencies to enable the development of “federally coordinated,” terrorism-related information products tailored to the needs of Federal entities.
All this attention to the NCTC begs the question, however, of whether information-sharing is relevant to all-hazards, or only to counterterrorism. How do we share information on the risk of and/or preparedness for, say, earthquakes or pandemic flu? Surely the NCTC doesn't want this information - nor should they.

And what if a state or local government, through its all-hazards fusion center, provides such information to a federal agency or agencies? What then? It's not clear to me.

State, Local, and Tribal Information Sharing

By contrast to the concise, one-page section on federal information sharing, the state-local-tribal section is positively expansive, rolling along for 4 pages. Which is nice to see, as it reflects the idea that state, local, and tribal partners are important partners for information sharing.

The strategy accurately describes the needs at the SLT level:
The informational needs of State, local, and tribal entities continue to grow as they incorporate counterterrorism and homeland security activities into their day-to-day missions. Specifically, they require access to timely, credible, and actionable information and intelligence about individuals and groups intending to carry out attacks within the United States, their organizations and their financing, potential targets, pre-attack indicators, and major events or circumstances that might influence State, local, and tribal preventive and protective postures.
In the above quote, the words "access to" bother me a bit, as they seem to imply that the information exists somewhere outside the state, local, or tribal government - and the SLT entity needs to be able to reach it. In fact, much valuable information exists within these entities, and it needs to be pushed out.

So I'd add one more critical need: State, local and tribal agencies need reliable systems for sharing information with one another and with federal agencies. So it's good to see the strategy acknowledging this.
Authorities at all levels of our federal system must share a common understanding of the information needed to prevent, deter, and respond to terrorist attacks. The common understanding will be achieved through a framework that enables:
  • Federal entities to work together to provide information in ways that better meet the needs of State, local, and tribal partners; and
  • Information gathered at the State and local level to be processed, analyzed, disseminated, and integrated with information gathered at the Federal level.
We will have an integrated approach that allows Federal agencies to work together to produce and disseminate a federally-validated perspective on available threat information and relies on the efforts of consolidated fusion environments at the State and regional levels.
That last bit bothers me. Is information valid only after it has been run through the NCTC?

And again, what about all-hazards information? Many fusion centers have an all-hazards focus (a concept I support). Do they share this information? How? Surely we can understand that many potential natural disasters and accidents - especially catastrophic ones - can have regional or even national impacts.

Here are a few of the things SLT governments are supposed to do. These are good and reasonable, but again there is a terrorism-centric aspect to the plan:

To implement recommendations developed pursuant to Guideline 2 of the President’s Guidelines, and as key participants in the information sharing mission, State, local, and tribal entities are encouraged to undertake the following activities, in appropriate consultation and coordination with Federal departments and agencies:
  • Foster a culture that recognizes the importance of fusing information regarding all crimes with national security implications, with other security-related information (e.g., criminal investigations, terrorism, public health and safety, and natural hazard emergency response);
  • Support efforts to detect and prevent terrorist attacks by maintaining situational awareness of threats, alerts, and warnings, and develop critical infrastructure protection plans to ensure the security and resilience of infrastructure operations (e.g., electric power, transportation, telecommunications) within a region, State, or locality; and
  • Develop training, awareness, and exercise programs to ensure that State, local, and tribal personnel are prepared to deal with terrorist strategies, tactics, capabilities, and intentions, and to test plans for preventing, preparing for, mitigating the effects of, and responding to events.
On the federal side, the NCTC's Interagency Threat Assessment and Coordination Group (ITACG) is critical to the information-sharing effort with SLT entities:
Specifically, the group [ITACG] will coordinate the production and timely issuance of the following interagency products intended for distribution to State, local, and tribal officials, the private sector, as well as the general public when appropriate:
  • Alerts, warnings, and notifications of time-sensitive terrorism threats to locations within the United States;
  • Situational awareness reporting regarding significant events or activities occurring at the international, national, State, or local levels; and
  • Strategic assessments of terrorist risks and threats to the United States.
As will be discussed in more detail in a future post, fusion centers continue to be a major emphasis in information-sharing. It has become virtually impossible to find a significant government information-sharing initiative that does not involve fusion centers. Accordingly, the strategy says:
State and major urban area fusion centers are vital assets critical to sharing information related to terrorism. They will serve as the primary focal points within the State and local environment for the receipt and sharing of terrorism-related information.

As a part of this Strategy, the Federal Government is promoting that State and major urban area fusion centers achieve a baseline level of capability and become interconnected with the Federal government and each other, thereby creating a national, integrated, network of fusion centers to enable the effective sharing of terrorism-related information.

Federal departments and agencies will provide terrorism-related information to State, local, and tribal authorities primarily through these fusion centers. Unless specifically prohibited by law, or subject to security classification restrictions, these fusion centers may further customize such information for dissemination to satisfy intra- or inter-State needs.

Fusion centers will enable the effective communication of locally generated terrorism-related information to the Federal Government and other fusion centers through the ISE. Locally generated information that is not threat- or incident-related will be gathered, processed, analyzed, and interpreted by those same fusion centers—in coordination with locally based Federal officials—and disseminated to the national level via the DoD, DHS, FBI, or other appropriate Federal agency channels.
A couple of thoughts:

1. Again, the single-minded focus on terrorism.

2. It's good to see the emphasis on networking the fusion centers. Regional partnerships can really be a strength. But it's a bit concerning that the flow of information - even information that's not relevant to threats or incidents - has to flow through the federal government before it can be shared with others. Given this, it's not clear how the fusion centers will be "networked" together. Is state-to-state sharing really possible? (See the "federally-validated" comment above.)

One weakness of this approach - if it in fact is the approach - is that someone at the federal level has to recognize the information as important before it can be shared with other states. But can't we imagine a situation where state officials in a given region understand their own risks better than federal agencies and are in a better position to decide what information ought to be shared with their counterparts in other states?

I recognize the balance that must be struck here. You can't assume that all information is important, and share everything; because if everything is important, nothing is. But at the same time, you don't want to create bottlenecks where one gatekeeper gets to decide what's important and what isn't.

I hope these concerns are unfounded. It may be that interagency collaboration may be able to allay some of these concerns - that is, if many agencies have a voice in deciding what gets shared, in a truly collaborative environment, there's a better chance that important information will go through.

But on the other hand, I was surprised to find the following sentence in the strategy. It had earlier appeared in the SE Program Manager's status report in September 2007, and it bugged me then, as evidenced in my post on the status report:
Where practical, Federal organizations will assign personnel to fusion centers and, to the extent practicable, will strive to integrate and collocate resources.
If you're really intending to create a collaborative environment, you don't agree to integrate and collocate "where practical" and "to the extent practicable." You make a commitment to do it, and you do it. This is an important concern, if we remember that the CRS recently reported, "
In general, fusion centers collocated with a federal agency reported favorable relationships with that agency. This was often in stark contrast to the views of other fusion centers not collocated with a federal agency(s)."

Private Sector Information Sharing

Like the "Federal" section of the Strategy, the "Private Sector" section can be roughly paraphrased as, "We'll keep doing what we're doing to try to share information with the private sector, and we'll get even better."
[A]s we improve efforts to share terrorism-related information with the private sector we must continue to:
  • Build a trusted relationship between Federal, State, local, and tribal officials and private sector representatives to facilitate information sharing;
  • Ensure that Federal, State, local, and tribal authorities have policies in place that ensure the protection of private sector information that is shared with government entities;
Etc. Etc. Etc.

International Information Sharing

This section is sort of out of the bounds of my interests, but on international sharing the emphasis is on laying the diplomatic groundwork to develop solid relationships with other countries, to ensure that any information that's shared is safeguarded and handled correctly.
In summary, strong partnerships and trusted collaboration with foreign governments are essential components of the war on terror. Effective and substantial cooperation with our foreign partners requires sustained liaison efforts, timeliness, flexibility, and the mutually beneficial exchange of many forms of terrorism-related information.
Protecting Privacy and Other Legal Rights

The strategy also discusses the necessity to protect privacy. I won't go into this much, except to say that respecting privacy is essential to effective information gathering and sharing. As citizens we must have confidence that our rights are respected and that any information that is gathered and shared has been done so legally and with appropriate oversight. The strategy says:
At the direction of the President, the Attorney General and the Director of National Intelligence developed a set of Privacy Guidelines to ensure the information privacy and other legal rights of Americans are protected in the development and use of the ISE. The Privacy Guidelines provide a consistent framework for identifying information that is subject to privacy protection, assessing applicable privacy rules, implementing appropriate protections, and ensuring compliance.
Looking back on this post, it's already pretty long. I'll cover the Appendix on fusion centers in another post, which it really deserves anyway.

Overall, my thoughts on the new strategy are that it's good at sounding good; but it generally just codifies the status quo. There's a lot of assumptions here: That the ISE will work, that Fusion Centers are the best means for sharing information with state and local entities, that federal, state and local agencies will trust one another to share information without getting bogged down in turf battles, etc.

Information sharing is always a delicate process, and the stakes are high. I thought one passage from the strategy eloquently - if unwittingly - expressed both the risks we face from terrorism and from trying to develop a reliable, trustworthy system of sharing information:
[T]he Untied States will continue to face ideologically committed extremists determined to attack our interests at home and abroad.
Untied States? Let's hope not.