Signs of Cold-War-era threats to national security—troops massing, submarines departing, and missile launchers where they weren’t before—were easier to detect than today’s more subtle indicators of terrorist activity. Emerging terrorist threats can hide in plain sight on our own soil, scattered among millions of driver’s license applications and bank transfers or amid tourists snapping photos of national icons. In this new environment, vigilance is everyone’s job, and the tasks of vetting, analyzing, and sharing information about threats can’t be left to the federal government alone.
In recognition of that fact, there is a growing network of intelligence fusion centers. More than 70 operate at the state, regional, and urban levels. The question eight years after 9-11 is: How well are these centers fulfilling their goals of information collection, analysis, and dissemination—and to the extent that these efforts are falling short, what remains to be done to meet the goals and to ensure the future sustainability of these centers?
Fusion centers can gather information from two primary sources: government and commercial-sector repositories.
Government portals. Among the places fusion centers turn to for data are a growing number of national data portals. Even before 9-11, the Department of Justice (DOJ)-led Regional Information Sharing Systems (RISS) had evolved into the RISS Automated Trusted Information Exchange (ATIX). Meanwhile the Department of Homeland Security (DHS) offers its Homeland Security Information Network State and Local Intelligence Community Interest (HSIN-SLIC) for nonclassified information, and two secret-level portals—the Homeland Security Data Network (HSDN), which is geared expressly toward fusion center analysts, and the National Counterterrorism Center (NCTC) Online.
Most of the country’s fusion centers have access to the two secret-level portals, either via a secure HSDN connection or the FBI’s FBINET portal, according to John Cohen, a spokesman for the Program Manager, Information Sharing Environment (PM-ISE).
Many fusion center administrators embrace the multitude of portals, which they say gives them options for customizing data influx. It’s up to fusion center administrators themselves to decide which portals they choose to tap. When possible, federal administrators distribute the same information on different portals. Information is then “scrubbed” to different degrees depending on the portal’s security level to ensure that it reaches as many stakeholders as possible.
The process is, however, far from efficient, says Paul Wormeli, executive director of the IJIS Institute, a nonprofit research corporation formed by the DOJ and industry stakeholders to improve information sharing. “One of the complaints I hear is that they’ve got to check so many portals all the time that they don’t have time to do anything else,” he says.
The number of portals is not the only drawback to the current model. Another is the passive nature of the process. The model must change so that critical data is pushed out by its owners rather than waiting to be pulled in by those who need it in the field, says Wormeli.
The government should adapt the latest information technology to the ISE to help it deliver information to stakeholders.
Among the technologies that can be leveraged are custom content, RSS feeds, and blog technology, Wormeli says.
Commercial databases. A majority of state and local intelligence fusion centers subscribe to services from consumer database vendors such as LexisNexis, Lexis’s Accurint, and ChoicePoint, which house public-record data as well as personal data like credit applications or unlisted mobile telephone numbers.
Scott Weaver, a senior analyst at the Delaware Intelligence Analysis Center (DIAC), the state’s fusion center, says that information in these consumer databases can help center analysts assess whether an event is innocuous or bears the mark of a potential link to terror.
A fusion center analyst might pursue a lead stemming from a report of suspicious activity, such as possible surveillance of critical infrastructure. The officer who responded may have obtained the individual’s name, address, telephone number, and vehicle license plate number—all of which he forwarded to the fusion center via the state’s “tips and leads” system.
A check of government databases, including motor vehicle records or National Crime Information Center data, might not generate anything out of the ordinary. A consumer database check, however, might indicate that the individual applied for credit cards at an address not listed with that name in any government records. A further check might reveal that a permanent resident of that unlisted address is on the federal terrorist watch list, Weaver explains.