Local databases. Criminal and threat data collection from local jurisdictions is a critical element in a fusion center’s construction of a complete threat picture, but the ability to query those multiple local databases has yet to mature. The obstacles to interoperability between fusion centers and local law enforcement agencies’ record management systems (RMS) are the same as those that prevent voice interoperability: technology, licensing restrictions imposed by individual agencies’ vendors, and cultural resistance. States that have succeeded in tying jurisdictions together credit leadership, hard work, and the ability to convince locals that buy-in is worth their while.
At the New Jersey Regional Operations Intelligence Center (ROIC), or “the Rock,” the fusion center’s staff faces the monumental task of establishing access to the RMS’s of 470 police departments representing 566 municipalities, explains director Richard Kelly. “We want to be able to search everything, so we could see if Mohammad Atta ever got a parking ticket in Roselle,” Kelly says. “You can’t connect the dots if you can’t see them.”
Thus far, ROIC has succeeded in the state’s two largest counties, thanks to “middleware” developed by DOJ’s Bureau of Justice Assistance. The program is most widely known under the name of the Global Justice XML Data Model. More recently, DOJ and DHS have rebranded their middleware initiative as the National Information Exchange Model.
Other states have applied commercial data management systems. Georgia accesses criminal records statewide with a customized application called Guide Star. Wayne Smith of the Georgia Bureau of Investigation (GBI), special agent in charge of the Georgia Information Sharing and Analysis Center (GISAC), says that securing buy-in from local jurisdictions was not a challenge for GISAC, due in large part to the state’s existing culture of intelligence-led policing, coordinated through the GBI’s Intelligence Unit.
Some states starting from scratch don’t have it so easy. In Utah, the Statewide Information and Analysis Center (SIAC) grew from an existing criminal intelligence operation, the Utah Criminal Intelligence Center. Yet that operation, which grew out of the state’s preparations for hosting the 2002 Winter Olympics in Salt Lake City, was mostly a state and federal operation.
When Utah Department of Public Safety Homeland Security Director Col. Keith Squires and colleagues engaged county and local jurisdictions about tying together data systems, they encountered resistance originating from local departments’ IT vendors. More recently, however, the Salt Lake City region has committed federal Urban Area Security Initiative funding for an information-sharing architecture to be developed along with the state. This commitment has brought the region’s three major RMS IT vendors to the table, which bodes well for statewide efforts, says Deputy Homeland Security Director Maj. Jeff Carr.
New Jersey’s ROIC encountered many of the same problems when it engaged county and local partners about middleware. But DOJ’s middleware simply “pings” outside databases to query relevant information and, thus, doesn’t violate agencies’ usage agreements with vendors. “Once folks saw how it works and the benefits, most of the resistance evaporated,” Kelly says.
Local coordination. To facilitate proper data collection at the local level, many fusion centers have assumed responsibility for coordinating local terrorism liaison officer (TLO) programs. Under the TLO programs, one or more officers in each local jurisdiction are trained in basic intelligence-led policing and counterterrorism. Those officers serve as information conduits between localities and fusion centers.
Local officers are more than willing to help. In Ohio, for example, William Vedra, executive director of the state’s Division of Homeland Security, says a volunteer officer from each of the state’s 88 counties has stepped forward to participate in the program.
Fusion centers need to get the information they collect to the people who need it most. But deciding on the best ways to deliver refined products to their stakeholders at the local level hasn’t been easy. Many centers began by sending out weekly bulletins of mostly open-source intelligence, but this method generated volumes of redundant information, most of it marginally useful to recipients. Centers now favor shorter weekly or monthly intelligence wrap-ups, supplemented by specific alerts or bulletins as threats dictate, usually designated “law enforcement sensitive.”
The Arizona Counter Terrorism Information Center (AcTIC) has added an extremely popular product to intelligence bulletins: a separate “analyst comment” following the intelligence content itself. The feature provides analysts a forum for their candid take on the nature and the severity of a threat. “Most of our consumers go straight to that,” says AcTIC spokeswoman Lt. Lori Norris of the state’s Department of Public Safety.
To minimize the technical burden of its Homeland Security Information Reports and to increase use, Ohio’s Strategic Analysis and Information Center (SAIC) does not transmit them in file attachments via mass e-mails. Instead, SAIC posts them to its secure Contact Information Management System (CIMS). When new products are posted, SAIC sends a standard e-mail to its vetted subscribers—located in more than 700 agencies across the state. The e-mail then instructs the stakeholders to log into CIMS to read news bulletins or advisories.
Clearances and classifications. Access to government-held information is inexorably tied to the question of security clearances and classifications. While officials at the federal level continue to wrestle with clearance issues, fusion center administrators say they no longer consider them a significant problem.
Until a few years ago, many fusion center operators complained that the FBI, the historical issuer of secret clearances for law enforcement officials, would not recognize clearances issued by DHS. Now the agency does recognize them so long as DHS-issued clearances are passed through FBI headquarters for verification, says FBI spokesman Brian Hale.
For classifications below “secret” and “top secret,” the federal government has begun consolidating 56 different “sensitive but unclassified” (SBU) document designations under a single “controlled unclassified information” (CUI) designation, per a directive issued last year by the White House.
While fusion centers handle information bearing “secret” and various SBU designations, fusion center directors say they classify their products either “law-enforcement sensitive” or “open source.”
Like other directors, Smith, who runs GISAC, explains that his analysts do what they can to make data accessible to the largest number of stakeholders. For example, last year GISAC received a restricted DHS bulletin about the discovery of an improvised explosive device near railroad tracks that service a coal-burning power plant in rural Washington State. The bomb consisted of wires and a blasting cap attached to a household propane tank.
Before packaging and distributing the information as law-enforcement-only intelligence, GISAC looked for news reports about the event using public Internet search engines and found coverage. GISAC notified DHS. Because the threat had been disclosed publicly, DHS reclassified the bulletin, and GISAC was able to distribute the information more widely, Smith says.
New Jersey officials likewise strive to make information accessible. “It doesn’t do us any good if we have information we can’t share with anyone,” says Kelly.
State and local officials have urged federal partners, specifically NCTC, to adopt a “tear sheet” approach to the distribution of intelligence. That means that federal officials redact sources and methods from intelligence products, allowing broader distribution of the content. NCTC formed the Interagency Threat Assessment Coordination Group (ITACG) in 2007 for this very purpose.
Fusion centers may proactively take that approach themselves. Smith says that in the face of an imminent threat, his staff would use its own judgment and redact federal bulletins themselves to distribute information quickly.