The Markle Task Force on National Security released their third and final report last Thursday, entitled “Mobilizing Information to Prevent Terrorism: Accelerating the Development of a Trusted Information Sharing Environment.” The report follows up on their two earlier reports, which were very influential in shaping the policy agenda to improve information-sharing via legislation such as the Intelligence Reform and Terrorism Prevention Act of 2004.
At the event to release the report, the members of the task force expressed general pessimism at the pace at which the federal government has improved its information-sharing, in spite of senior-level direction to do so. A story in the Baltimore Sun on problems with DHS and DOJ information-sharing served to illustrate this point. As the report notes:
Yet despite this progress [in improving the information-sharing policy framework], many projects and initiatives have been delayed because key organizations have not yet internalized these changes, and because many still cling to previous ways of doing business. Clear government-wide guidelines for the careful handling of personally-identifiable information have not been promulgated. Information sharing efforts have been stalled by turf wars and unclear lines of authority and control. Funding has sometimes been insufficient. Too many efforts are still focused on classified information from within the intelligence community, and not enough on all relevant information, whatever its origin, that might help prevent the next attack. Better cooperation between federal, state, and local agencies needs renewed attention. For these and other reasons, we are concerned that relevant information is still not being mobilized as fully as required to protect our nation’s security.
The report offers eight top-level recommendations that attack these practical barriers to improved information-sharing:
- Adopting a new, more workable authorized use mechanism to protect privacy and civil liberties when accessing and sharing personally-identifiable information that the government has collected lawfully; this mechanism would replace the existing U.S. persons and place of collection standards, which have become increasingly ineffective;
- Taking a “risk management” approach to classified information that better balances the risks of disclosure with the risks of failing to share information;
- Creating a government-wide dispute resolution mechanism to facilitate responsible, consistent, and lawful information sharing;
- Developing tools, training, and procedures to enhance senior officials’ use of the information sharing environment and its technological capabilities;
- Expanding community-wide training, modern analytic tools, and new tools to enhance the quality of information sharing and analysis;
- Encouraging the use of new technologies such as anonymization, and the use of expert and data directories;
- Employing immutable audit systems to facilitate both accountability and better coordination of analytical activities; and
- Creating an Information Sharing Institute.
The report goes into great detail on each of these recommendations, showing how they might work in practice and frankly discussing their limitations. For more on the report, see these news stories from FCW and GovExec, and this blog post at Secrecy News.