Homeland Security Watch

News and analysis of critical issues in homeland security

July 26, 2013

Congressional prospects for NSA operations

Filed under: Congress and HLS,Intelligence and Info-Sharing,Terrorist Threats & Attacks — by Philip J. Palin on July 26, 2013

As I explained in an early June post, I have mostly been reassured by the controversy over NSA domestic intelligence gathering.  So far the evidence I have seen indicates operations have been undertaken consistent with the law, with judicial authorization, and with Congressional oversight.

The close vote on Wednesday night to continue funding NSA operations is another example of the system working as it ought.  It is helpful and appropriate that policy of this sort be actively and critically examined by the people’s representatives.  Our security mavens have been forcefully reminded of their obligation to consult with Congress on policy and strategy.  (And I even hope against hope that those in Congress may have learned to listen more carefully.  I know I’m a glutton for disappointment.)

If some are tempted to “learn” from this experience that they need to be even more secretive, they are idiots.  If they instead recognize the benefit of proactive and principled engagement at the policy level, we will all be better off: both in terms of our tactical security and the preservation of liberty.

I am glad the funding was continued.  I am glad the vote was close.  I am glad that other efforts are underway to ensure legal constraints on domestic intelligence operations.  Yesterday reporting by ProPublica identified six proposals still under consideration by Congress:

1) Raise the standard for what records are considered “relevant”

2) Require NSA analysts to obtain court approval before searching metadata

3) Declassify Foreign Intelligence Surveillance Court opinions

4) Change the way Foreign Intelligence Surveillance Court judges are appointed

5) Appoint a public advocate to argue before the Foreign Intelligence Surveillance Court

6) End phone metadata collection on constitutional grounds

Read more on each proposal by Kara Brandeisky at ProPublica

July 11, 2013

DHS Vacancies Watch

Filed under: Congress and HLS,DHS News,General Homeland Security — by Christian Beckner on July 11, 2013

We are now more than halfway through 2013, and the number of vacancies of leadership positions at DHS continues to increase.  Until two weeks ago, the President had not yet nominated a single official to serve at DHS in a Senate-confirmed position, and had only made one senior-level appointment to a position that does not require Senate confirmation – the selection of Julia Pierson to serve as the new director of the Secret Service.

Having a certain level of senior-level vacancies in a Cabinet department is normal, given the typical churn of confirmed and appointed officials.  But if enough positions are open for a long enough period of time, it can lead to significant operational and management risks to that Department, and also diminishes its accountability to the U.S. Congress.

I am afraid that the Department of Homeland Security is now at the point where it is facing these risks.   As I note below, there are currently no less than 14 senior-level vacancies at DHS.  Given this, I think that it is critical that the White House prioritize nominations and appointment for the key positions listed below, and that when nominations are made, that the Senate act quickly on nominations for qualified candidates.

Below is a list of the Senate-confirmed positions that are currently unfilled (or will soon be unfilled) at DHS:

1. Deputy Secretary: Former Deputy Secretary Jane Holl Lute stepped down in May 2013.  Under Secretary for NPPD Rand Beers is currently serving as Acting Deputy Secretary.  On June 27th, the White House nominated current USCIS Director Alejandro Mayorkas to become the new Deputy Secretary, and his nomination is pending with the Senate Homeland Security and Governmental Affairs Committee.  His confirmation would open up a new vacancy at USCIS.

2. Under Secretary for Intelligence and Analysis: Former Under Secretary for I&A Caryn Wagner left DHS in December 2012.  Bill Tarry has been serving as Acting Under Secretary since that date, but his acting role will hit the 210 day limit under the Vacancies Act in the next ten days.  No nomination has been announced yet.

3. General Counsel:  Former GC Ivan Fong left DHS in September 2012.  Former Counselor to Secretary Napolitano John Sandweg was named as Acting General Counsel, but is now listed on the DHS website as Principal Deputy General Counsel, presumably because he had been in the acting position for longer than the 210 days allowed by the Vacancies Act.

4. Inspector General:  Former IG Richard Skinner left DHS in January 2011.  The President nominated Roslyn Mazer to serve in the position in July 2011, and her nomination was withdrawn in June 2012 following opposition by members of the Senate Homeland Security and Governmental Affairs Committee.  It’s now been over a year since her nomination was withdrawn, and no new nominee has been put forward.  Charles Edwards served as Acting IG until hitting the Vacancies Act limit and is currently listed as the Deputy IG on the OIG’s website.  He is currently being accused of a range of abuses of his position in a letter sent last month by Sen. McCaskill and Sen. Ron Johnson.

5. Commissioner, Customs and Border Protection: Alan Bersin was nominated as CBP Commissioner in September 2009, and in March 2010 was put in the position via a recess appointment by the President.  The Senate Finance Committee held a nomination hearing for Bersin in May 2010, but his nomination was never reported out of the Finance Committee, and his recess appointment expired at the end of 2011.   Since that time, former Border Patrol chief David Aguilar and Deputy Commissioner Thomas Winkowski have served as Acting Commissioner, but no new nominee has been put forward.

6. Director, Immigration and Customs Enforcement:  ICE Director John Morton announced his intent to resign in June and is departing at the end of July.

In addition to these six Senate-confirmed position, there are also senior leadership vacancies in at least eight other senior positions that do not require Senate confirmation, including Chief Privacy Officer, Officer for Civil Rights & Civil Liberties, Assistant Secretary for the Office of Health Affairs, Director of the Domestic Nuclear Detection Office, Assistant Secretary for the Office of Cybersecurity and Communications, Chief Information Officer, Assistant Secretary for the Office of Legislative Affairs, and Executive Secretary.

July 2, 2013

Where The Heck’s My Dec?

Filed under: Congress and HLS,Disaster,Legal Issues — by Christopher Bellavita on July 2, 2013

The post for Tuesday, July 2, 2013 was removed at the author’s request.

March 7, 2013

Issues in Homeland Security Policy for the 113th Congress

Filed under: Congress and HLS — by Christopher Bellavita on March 7, 2013

Congressional Research Service (CRS) published its outline of homeland security issues facing the 113th congress.  You can find a copy of the 70 page CRS report on the Federation of American Scientists’ CRS homeland security reports page.

Here is a direct link to the report:  http://www.fas.org/sgp/crs/homesec/R42985.pdf

From the Introduction:

This report outlines an array of homeland security issues that may come before the 113th Congress. After a brief discussion of the overall homeland security budget, the report divides the specific issues into five broad categories:

• Counterterrorism and Security Management,

• Border Security and Trade,

• Immigration,

• Disaster Preparedness, Response, and Recovery, and

• Departmental Management.

Each of those areas contains a survey of topics briefly analyzed by Congressional Research Service experts. The information included only scratches the surface on most of these issues.

More detailed information can be obtained by consulting the CRS reports referenced herein, or by contacting the relevant CRS expert.

 

On a related topic, here’s my favorite Doonesbury report on CRS (click for a larger image):

January 3, 2013

Due process: Collect, keep, and kill

No free man shall be seized or imprisoned, or stripped of his rights or possessions, or outlawed or exiled, or deprived of his standing in any other way, nor will we proceed with force against him, or send others to do so, except by the lawful judgment of his equals or by the law of the land. (Clause 39, Magna Carta)

No person shall… be deprived of life, liberty, or property, without due process of law… (Fifth Amendment to the Constitution of the United States)

–+–

Recent months have seen one-time expediencies dressed-up as new principles to frame the relationship between citizen and State.  Three examples:

On the Friday after Christmas the Senate reauthorized broad executive authority for  electronic surveillance and collection. The vote was 73-to-23 and extended for five years the Foreign Intelligence Surveillance Act. The House adopted the legislation earlier in the year.  On Sunday the President the signed the extension into law. Proposed amendments, including those offered by Senator Wyden,  that would have enhanced Congressional oversight of FISA were defeated.  FISA was originally intended to provide due process for the gathering of intelligence on non-citizens and so protect the privacy of citizens.  There has been increasing concern regarding how FISA methods now unintentionally — but perhaps quite widely — sweep up citizen communications as well.

According to a December 13, 2012 Wall Street Journal report, there may be good cause for concern.   In an exclusive investigative report, Julia Angwin found that new Department of Justice guidelines, “now allow the little-known National Counterterrorism Center to examine the government files of U.S. citizens for possible criminal behavior, even if there is no reason to suspect them. That is a departure from past practice, which barred the agency from storing information about ordinary Americans unless a person was a terror suspect or related to an investigation. Now, NCTC can copy entire government databases—flight records, casino-employee lists, the names of Americans hosting foreign-exchange students and many others. The agency has new authority to keep data about innocent U.S. citizens for up to five years, and to analyze it for suspicious patterns of behavior. Previously, both were prohibited.”

Meanwhile the White House is, according to several sources including Presidential adviser John Brennan, developing a legal and procedural framework for the deadly use of drones. Addressing the use of drones during an October 18 appearance on “The Daily Show,” President Obama said,  “One of the things we’ve got to do is put a legal architecture in place, and we need Congressional help in order to do that, to make sure that not only am I reined in but any president’s reined in terms of some of the decisions that we’re making.”  According to a May report in the New York Times, “Mr. Obama has placed himself at the helm of a top secret “nominations” process to designate terrorists for kill or capture, of which the capture part has become largely theoretical. He had vowed to align the fight against Al Qaeda with American values; the chart, introducing people whose deaths he might soon be asked to order, underscored just what a moral and legal conundrum this could be.”   Among the President’s decisions, presumably, was the targeted killing of Anwar al-Awlaki, a US citizen who was killed by drone-delivered Hellfire missiles on September 30, 2011 and his sixteen year-old son, also born in the US, who was killed in another drone attack two weeks later.  Both citizens were killed in Yemen.

The predominant motivation in each instance above — and others — is the protection of the American people and nation.  There is no imminent threat of Orwellian intention or intervention.

In each of these examples legislators and the executive are attempting to develop due process that is appropriate to their understanding of the present challenge.   (The judicial branch is poised to soon rejoin consideration of the issue.)

Nonetheless while it is, I suspect, the specific intention of no one, the space where individual liberty adjoins civil authority is being incrementally reshaped.  In the Anglo-American tradition there has long been in both theory and practice the presumptive primacy of individual initiative, what Blackstone termed “the absolute rights of man.”  The balance is shifting toward a presumed ability by the government to maintain order.

Perhaps this is the inevitable outcome of more and more diverse individuals living in dense proximity to each other.  Perhaps it is a prudent response to demonstrated risk.  Perhaps it reflects an emerging social consensus that liberty is less valued than previously.  Or we might be in the process of  redefining liberty.  These shifts might even be the accidental consequence of what Nassim Taleb has termed “naive interventionism”.  The preference, even obligation, to “do something” over doing nothing, even when the doing is non-productive or counter-productive.

Whatever the cause, the pattern can be perceived and seems to be persisting.

December 6, 2012

Senator Coburn gives a second warning to homeland security

Filed under: Budgets and Spending,Congress and HLS,State and Local HLS — by Christopher Bellavita on December 6, 2012

Senator Tom Coburn fired another warning shot over the bow of the USS Homeland Security Enterprise.

On December 4th, the man likely to become ranking minority member of the Homeland Security and Governmental Affairs Committee released “Safety at Any Price: Assessing the Impact of Homeland Security Spending in US Cities.” The 54 page report — well worth reading — “exposes misguided and wasteful spending” in the Urban Area Security Initiative (UASI) grant programs.

As if to emphasize “misguided and wasteful,” the cover features a toy truck, a toy 4 wheeler, a toy police helicopter, and a small R2D2 robot.

Coburn uasi report

The toys are immediately outside the US Capitol building. I’m not sure what that image is supposed to symbolize. It could mean somebody’s been playing around with Congress. Or maybe it is supposed to be a metaphor for the way Congress treats homeland security.

—————————————

The UASI report is the senator’s second recent warning to the homeland security enterprise.

Last October, he released “Federal Support For And Involvement In State And Local Fusion Centers.” That report questioned federal funding for fusion centers and concluded, among other things, that fusion centers do not contribute much to federal counterterrorism effectiveness, and DHS does not know how much it spent on fusion center support. (Spending estimates ranged — if “ranged” is the correct word here — from $289 million to $1.4 billion.)

The Fusion Center report hit a nerve. Within a week of its release, the International Association of Chiefs of Police, National Sheriffs Association, Major Cities Chiefs, Major County Sheriffs, National Governors Association Homeland Security Advisers Counsel, National Narcotics Officers Coalition Association, National Fusion Center Association, and the Association Of State Criminal Investigative Agencies issued a “joint statement” disagreeing with the report. (Eight public safety associations agreeing on anything in less than a week must be a world record.)

Their statement said, in part, “Simply put, the report displays a fundamental disconnect and severe misunderstanding of the federal government’s role in supporting state and locally owned and operated fusion centers and the critical role that fusion centers play in the national counterterrorism effort.”

Media attention to the Fusion Center report lasted about a week. I wonder how long interest in the UASI report will last.

—————————————

The UASI report has lots of material to provoke media outrage.

Some of the stories of questionable UASI expenditures are old news – for example the one about 13 sno-cone machines (p. 31). Other “questionable projects” were new – at least to me.

One city produced a series of videos titled “A Tale of Disaster and Preparedness.” The UASI report complains the “little more than common sense suggestions” in the video are “presented as a steady stream of jokes….” (p. 32).

I thought the preparedness videos were innocently compelling – sort of like Apple versus PC commercials. But as Will Rogers might have said, one person’s joke is another person’s misused taxpayer funds.

There was a somewhat too long description of a $1000, UASI allowable expense, entrance fee for a five day counterterrorism summit held on an island near San Diego. The Summit featured “40 actors dressed as zombies getting gunned down by a military tactical unit.” (p. 25)

The report even found some UASI money was apparently spent on “a true pork project – a hog catcher in Liberty County [Texas],” used (according to another source) to aid in catching and controlling unruly swine at holding sites. (p. 24)

—————————————

There are many other examples of UASI spending for things and activities that at a minimum activate a reader’s WTF response. But beyond the sometimes surreal stories, the report – addressed to “Dear Taxpayer” – is a serious critique of the $7 billion spent on the UASI programs over the past decade.

Part 2 of the report: “The Politics of Risk” discusses the role of political influence in determining how homeland security money is allocated.

Tom Ridge is quoted as saying he was looking for a grant formula that gets “218 votes in the House or 51 votes Senate….”  Anyone still operating under the assumption that grant awards are – or ever were – based on objective measures of threat or vulnerability or consequence can benefit from spending time with Part 2.

Part 3 asks whether UASI grants have made the nation safer.

This chapter is the latest cover of the “Nobody Knows Whether Homeland Security Spending Is A Worthwhile Investment” song. The report (later) even brings up the Mueller and Stewart critique about acceptable and unacceptable risk. I thought their analysis was anathema in DHS and in Congress. Maybe not everywhere.

Part 3 also describes how homeland security money expands the militarization of state and local law enforcement, including the use of drones and “Long-Range Acoustic Devices” (i.e., sound cannons) in urban areas.

Part 4 was a bit disappointing. It offered a recycled critique that FEMA ineffectively manages grant programs, and shows a surprisingly naïve understanding of how measuring homeland security preparedness is different from measuring risk in the finance and insurance industries. The report avoids trying to explain the causes of this “mismanagement;” saying instead, “It is unclear why FEMA continues to have difficulties in [measuring the effectiveness of its grant programs] considering the experience and expertise of the private sector that is available to inform FEMA’s own efforts.”

How about “Not everything that can be counted counts, and not everything that counts can be counted?”

I thought the report all but gave up in Part 5: “Conclusions and Recommendations.” I did not see anything new here in the slightly more than one page final section.

DHS needs to address A, B, C…
DHS needs to demand Q, R & S from local and state partners…
DHS needs to implement a systematic approach to X, Y & Z…

Yes, DHS ought to do all those things.

But what is that old saying about insanity? About doing the same thing again and again and expecting different results? Those recommendations are not new insights.

—————————————

The UASI report missed an opportunity to break new ground in the decade long search for ways to bring more rigor, order, rationality, and common sense to the homeland security grant process.

On page 5, one finds this nugget of realpolitik:

“Any blame for problems in the UASI program, however, also falls on Congress, which is often more preoccupied with the amount of money sent to its cities than with how the money is spent, or whether it was ever needed in the first place. With so few accountability measures in place, there is almost no way to ensure taxpayers are getting value for their money, and more importantly, whether they are safer.”

The report blames the members of Congress for being more interested in sending money to constituents than figuring out the usefulness of those expenditures.

So what does the report recommend Congress should do to fix this primal cause of the UASI allocation problem?

The only recommendation I could find was in the last sentence of the report: Congress needs to … “demand answers.”

—————————————

Lorelei Kelly describes in another document  called  “Congress’ Wicked Problems,” — also released on December 4th – how and why Congress has become incapacitated, despised and obsolete.   She argues in its present state, Congress “cannot serve the needs of American democracy in the 21st Century.”

Kelly’s essay is especially worth reading in conjunction with the UASI report.

Someone who is sick probably can’t get better by demanding that other people get healthy.

Maybe the next step Congress could take to remedy the significant issues raised in the UASI report is to heal itself first.

I wonder if that healing will be on the agenda of the new ranking minority member of the Homeland Security and Governmental Affairs Committee.

September 26, 2012

Government and the cyber-domain; or command-and-control encounters complexity

Filed under: Congress and HLS,Cybersecurity,Strategy,Technology for HLS — by Philip J. Palin on September 26, 2012

There is considerable expectation that an Executive Order will soon try to pick up the pieces from a failed effort at cybersecurity legislation.  You can read more at CNET, Wall Street Journal, or The Hill (for three very different angles on reality).

Technical challenges, political problems, and real philosophical differences complicated the legislative process.  I already gave attention to many of these issues in a February post.  Whatever the text of the Executive  Order these complications will persist.

Many of the most vexing problems are not particular to cyber.  Similar issues are encountered in regard to strategy, policy, regulation, innovation, security, resilience, and competition in domains seemingly as diverse as eCommerce, supply chains, and the global financial system.

Sunday there was a brief two-page essay in the New York Times Magazine that focuses on how the Internet was created.  Following are a few key paragraphs.  As you read cut-and-paste your preferred networked-entity over the word Internet.  When I do that,  the author’s explanation still holds.

Like many of the bedrock technologies that have come to define the digital age, the Internet was created by — and continues to be shaped by — decentralized groups of scientists and programmers and hobbyists (and more than a few entrepreneurs) freely sharing the fruits of their intellectual labor with the entire world. Yes, government financing supported much of the early research, and private corporations enhanced and commercialized the platforms. But the institutions responsible for the technology itself were neither governments nor private start-ups. They were much closer to the loose, collaborative organizations of academic research. They were networks of peers.

Peer networks break from the conventions of states and corporations in several crucial respects. They lack the traditional economic incentives of the private sector: almost all of the key technology standards are not owned by any one individual or organization, and a vast majority of contributors to open-source projects do not receive direct compensation for their work. (The Harvard legal scholar Yochai Benkler has called this phenomenon “commons-based peer production.”) And yet because peer networks are decentralized, they don’t suffer from the sclerosis of government bureaucracies. Peer networks are great innovators, not because they’re driven by the promise of commercial reward but rather because their open architecture allows others to build more easily on top of existing ideas, just as Berners-Lee built the Web on top of the Internet, and a host of subsequent contributors improved on Berners-Lee’s vision of the Web…

It’s not enough to say that peer networks are an interesting alternative to states and markets. The state and the market are now fundamentally dependent on peer networks in ways that would have been unthinkable just 20 years ago…

When we talk about change being driven by mass collaboration, it’s often in the form of protest movements: civil rights or marriage equality. That’s a tradition worth celebrating, but it’s only part of the story. The Internet (and all the other achievements of peer networks) is not a story about changing people’s attitudes or widening the range of human tolerance. It’s a story, instead, about a different kind of organization, neither state nor market, that actually builds things, creating new tools that in turn enhance the way states and markets work.

Legislation, regulation, many theories of management and the practice of most managers assume someone is in charge of something.  Someone is accountable for discreet action that leads to reasonably foreseeable consequences.  There are intentional practices to regulate, systematize, and evaluate.   Certainly this is part of reality, but only part and its proportion of the whole seems to be decreasing.  In homeland security I expect most of our reality cannot be accurately described in these traditional “Newtonian” terms.

When I have most seriously failed it has been because I have very reasonably, diligently, and intelligently applied the lessons learned in one corner of reality to another corner of reality without recognizing the two realities are almost totally different.

 

August 2, 2012

NYT editorial and op-ed on cybersecurity

Filed under: Congress and HLS,Cybersecurity,General Homeland Security — by Philip J. Palin on August 2, 2012

The issue certainly deserves sustained and serious attention.   It is not, however, where I spend most of my time.  So… without further comment and just to be sure you did not miss: two recent pieces from the New York Times editorial page. To read the commentary in full please click on the link.

Cybersecurity at Risk

Published: July 31, 2012

Relentless assaults on America’s computer networks by China and other foreign governments, hackers and criminals have created an urgent need for safeguards to protect these vital systems. The question now is whether the Senate will provide them. Senator John McCain, a Republican of Arizona, and the Chamber of Commerce have already exacted compromises from sponsors of a reasonably strong bill, and are asking for more. Their demands should be resisted and the original bill approved by the Senate.

READ THE FULL EDITORIAL

A Law to Strengthen Our Cyberdefense

By ASHTON B. CARTER and JANE HOLL LUTE
Published: August 1, 2012

OVER the last decade, the United States has built a sophisticated security system to protect the nation’s seaports against terrorists and criminals. But our nation’s critical infrastructure is not similarly secured from cyberattack. Although we have made progress in recent years, Congressional action is needed to ensure that our laws keep pace with the electronically connected world we live in. The bipartisan Cybersecurity Act of 2012, currently before the Senate, offers a way forward.

READ THE FULL OP-ED

July 17, 2012

Highlights from “The Future of Homeland Security: Evolving and Emerging Threats”

Filed under: Congress and HLS — by Christopher Bellavita on July 17, 2012

Last week, the Senate Homeland Security and Governmental Affairs Committee held the first in a series of hearings about the future of homeland security. Wednesday’s hearing focused on evolving and emerging threats.

You can watch and read the hearing transcripts here.

I gleaned a few excerpts from the speakers prepared remarks. I encourage those with an interest in homeland security rhetoric, thought, analysis, fact, social construction, discourse, comity and history to download and read the full statements.

—————————————-

First, my favorite part of all the testimony, from Brian Jenkins.

The sentiments are not new; they appear in his Unconquerable Nation. But neither are they old.

Common Will and Common Purpose

Terror is just as much an enemy as the terrorists who try to create it. Our reactions to terrorism are part of any assessment. America has come through the dark shadow of 9/11, but as a nation, are we stronger?

Individual acts of courage inspire us, but Americans remain anxious rather than confident in the country’s ability to survive the threats we face. Fear-mongers and doomsayers still find a receptive audience.

Instead of our traditional self-reliance, Americans look too much to government to protect them, in part the reflection of rhetoric that, rather than involving us in a national effort, tells us that as individuals we can do nothing beyond remaining vigilant.

Americans have come to hold unrealistic expectations about security, believing that risk can be abolished. We are too ready to seek someone to blame when security fails.

Instead of the stoicism needed for a long fight, Americans remain vulnerable to overreaction. A terrorist attack of even modest scale could provoke paroxysms of panic.

Whatever one thinks about the wisdom, or the folly, of the wars in Iraq and Afghanistan, the sacrifices of war have been borne unequally. Our sense of community has eroded.

Terrorists did not create America’s anxieties. Terrorism acted as their condenser. Nor will America’s homeland be secured in the mountain passes of Afghanistan, the Arabian Peninsula, or the sands of the Sahara. Our commonwealth, our common defense, will come only from the recovery our own sense of common will and common purpose.

—————————————-

Joseph I. Lieberman

This coming November will mark the tenth anniversary of the signing into law of the Homeland Security Act legislation created in this Committee in the aftermath of al Qaeda’s attack on 9-11. Given this coming milestone, it seems appropriate not only to reflect on the major homeland security developments of the last decade but also to look ahead to the next ten years, and examine whether we are adequately prepared to address them.

The preeminent threat to our homeland security today remains the threat of terrorism….

The cyber threat is the second most significant threat to the United States….

The violence in Mexico by drug trafficking organizations has reached the level where it is now a direct threat to our national security….

Transnational organized criminal groups are becoming increasingly sophisticated and are engaged in a wide variety of activities, from human smuggling to Medicare fraud….

…[While] our threats are becoming increasingly interrelated, we continue to address them in a fragmented way, with different agencies responsible for different threats.

—————————————-

Susan M. Collins

In an understatement, the [9/11] Commission’s report observed that, “[i]magination is not a gift usually associated with bureaucracies.” Yet, imagination is precisely what is needed to address emerging threats. We must persistently ask: Where are the future threats? What technology could be used? Do we have the intelligence that we need? Are we prepared to thwart novel plans of attack? What will our enemy look like in two, five, or even ten years?

—————————————-

Michael V. Hayden

Because of globalization, the international structure that was created by the Treaty of Westphalia more than five centuries ago is no longer dominant. …. most of the attributes of the age of industrialization made the state stronger and more relevant. Most of the effects of today’s globalization make the state weaker and less relevant…. But here we sit with institutions optimized and practiced for the earlier age: methodical, thorough, stable….

We all agreed in the 9-11 Commission Report that we needed a domestic intelligence service and it would be best to house it in the FBI. But look at the reaction even today when the bureau tries to collect information without a criminal predicate, in that area we called “spaces between cases.”

And heaven save us from the Associated Press if the New York City Police Department tries to do the same thing….

This committee knows more than most how many of our secrets (state and industrial) are being stolen by foreign governments; how much of our wealth is being pilfered by criminal gangs; and how much of our infrastructure is vulnerable to cyber enabled anarchists and malcontents….

I should add that cyber, terrorist and criminal threats today all merge in a witches’ brew of danger.

—————————————-

Brian Michael Jenkins

The United States confronts a more diverse terrorist threat in 2012 than it has in the past. Al Qaeda, still our principal concern, has exploited the turmoil created by the Arab uprisings to make tactical advances and open new fronts. In addition, several incidents in the past year suggest a resurgence of Iranian-sponsored terrorism. Mexico faces what some analysts have called a “criminal insurgency” by the country’s drug cartels, which could expose the United States to the kind of savagery seen in that country. The global economic crisis has spawned mass protests.

These are legitimate expressions of popular discontent, but they attract violence-prone anarchists and may generate their own violent fringe groups. Anti-federal-government sentiments, a continuing current in American history, have become more virulent, fueled in part by economic dislocation that transcends the current economic crisis, deep national divisions, and the rancorous partisanship that characterizes contemporary political debate.

—————————————-

Frank J. Cilluffo

… [At] the level of principle, we need to be as flexible and adaptive as our adversaries, who are nothing if not creative and ever-thinking. A static posture is an ineffective one. After all, each time we raise the security bar (often at great cost to the U.S. Treasury) our adversaries devote themselves determinedly to crafting a reasonably inexpensive and clever way around the latest security measure(s). Their ingenuity and inventions are often vivid, and include body and “booty” bombs. Now is not the time to ease off the gas pedal. Rather we should and must keep up the pressure and exploit this unique window of counterterrorism opportunity by maintaining, if not accelerating, the operational tempo. The threat would look and be markedly different otherwise….

To my mind, the cybersecurity community’s state of development is akin to that of the counterterrorism community as it stood shortly after 9/11….

Now is the time to act. For too long, we have been far too long on nouns, and far too short on verbs.

—————————————-

Stephen E. Flynn

In response to the attacks on 9/11, the Bush Administration mobilized U.S. national security capabilities to go after al Qaeda and those within the international community who supported them. To an overwhelming extent, the strategy was one of prevention by way of military force supported by stepped-up intelligence. … The hoped for outcome of engaging the threat in Iraq and Afghanistan and around the world… was “so we do not have to face them here at home.”

This strategy has involved a considerable amount of national treasure…. That amount translates into a burn-rate of $350 million for each and every day for ten years.

By contrast, the cost of one-hour of these war operations—$15 million—has been the most that has been invested in the entire annual budget for the Citizens Corps Program which was initiated after 9/11 to engage citizens in the homeland security mission by volunteering to support emergency responders….

… [The] total amount of containers inspected overseas in 2011 was just 45,500. This represents 0.5% of the 9.5 million manifests that CBP … reviewed overseas in advance of loading. If the 45,500 number is divided by the 58 … ports and 365 days per year, the result is [security] inspectors are examining with their foreign counterparts on average, 2.15 containers per day per overseas port before they are loaded on carriers bound for the US–two containers each day.

This does not represent much of a deterrent.

…In addition to the ongoing risk associated with terrorism, there is an even more clear and present danger to the safety of Americans that should animate the homeland security mission: natural disasters. It turns out that 91 percent of Americans live in places at a moderate risk of earthquakes, volcanoes, tornadoes, wildfires, hurricanes, flooding, high wind damage….

[The] investment Washington makes in homeland security remains a fraction of the resources devoted to traditional national security. At times, this can have the perverse outcome of actually making civilian targets potentially more attractive to our adversaries. For instance, the U.S. Navy has invested more in protecting the single port of San Diego that is home to the Pacific Fleet, than the Department of Homeland Security has invested in the ports of Los Angeles, Long Beach, San Francisco, Oakland, Seattle, and Tacoma combined, upon which the bulk of the U.S. economy relies….

…Everyday civilians, supported by state and local officials, will need to be better informed and empowered to play a meaningful role. This role includes not only preventing acts of terrorism, but making investments that mitigate the risk of disruption to our communities and critical infrastructure. This will require a homeland security enterprise centered around three efforts: (1) setting appropriate expectations, (2) increasing transparency, and (3) building community and infrastructure resilience.

July 10, 2012

Homeland security’s all star old timers’ game

Filed under: Congress and HLS — by Christopher Bellavita on July 10, 2012

The Senate Homeland Security and Governmental Affairs Committee will hold two hearings this week about The Future of Homeland Security.

July 11th features a session on “Evolving and Emerging Threats.” On July 12th, the topic is the “Evolution of the Homeland Security Department’s Roles and Missions.”

Based on the list of witnesses, homeland security’s future looks a lot like its past.

The lineup is only two people short of an all star team:

  • Michael Hayden
  • Brian Jenkins
  • Frank Cilluffo
  • Stephen Flynn
  • Jane Harman
  • Thad Allen
  • Richard Skinner

I wonder what these first rate intellects will say. I wonder what they will say that is new or substantially different from what they’ve said and written before.

I wonder where homeland security’s all stars get their new ideas from.

Or maybe their ideas about homeland security’s future won’t be new. Maybe these dedicated, proven and honorable leaders will make the same points about homeland security they frequently make when they write or talk.

Maybe — like major league baseball’s all stars — they are not expected to do anything new. Perhaps it’s enough simply to watch them do again what they do often and well.

Maybe they are all stars because their ideas need to be restated, motivated by the eternal hope that words will lead to behaviors that might influence how homeland security evolves.

I wonder if anyone will actually listen to what these people say.

——————————-

Baseball’s all star game matters because the league that wins (tonight, 5 pm Pacific time, Fox TV and radio) gets home field advantage for the world series.

Home field advantage matters. It certainly helped St. Louis in 2011 (that, plus the baseball gods smiling on David Freese)

I would like to believe senate hearings matter.

I recall from the “How a bill becomes law” chapter in my 9th grade civics book that congress holds hearings to discover what the problems are, and then writes laws to solve those problems.

I don’t know the political science literature well enough to know how accurately that chapter describes reality.

But, I have my beliefs.

——————————-

Speaking of beliefs about homeland security, Jonathan Haidt — in his wonderfully written, cognitively disruptive book, The Righteous Mind — cites the work of Tim Gilovich, a social psychologist (p. 84):

His [Gilovich's] simple formulation is that when we want to believe something, we ask ourselves, “Can I believe it?” Then … we search for supporting evidence, and if we find even a single piece of psuedo-evidence, we can stop thinking. We now have permission to believe. We have a justification, in case anyone asks.

In contrast, when we don’t want to believe something, we ask ourselves, “Must I believe it?” Then we search for contrary evidence, and if we find a single reason to doubt the claim, we can dismiss it. You only need one key to unlock the handcuffs of must.”

The best part about the Can I and the Must I reactions is they often happen below the level of conscious awareness.

I’m looking forward to this week’s hearings so I can test myself.

What will I hear that triggers my “Can I believe it” reflex?

What will I hear that triggers my “Must I believe it” reflex?

——————————-

I wonder what would happen if the Senate held a homeland security hearing and no one listened, because they didn’t know how?

February 24, 2012

Creating a Cyber Coast Guard

Filed under: Congress and HLS,Cybersecurity,Private Sector — by Philip J. Palin on February 24, 2012

It is not yet clear if the Cybersecurity Act of 2012 will be taken up by the whole Senate — as previously announced — or disappear into committee review while under sustained attack by those opposed.

Senator John McCain, one of those opposed, has promised a competing piece of legislation:

The fundamental difference in our alternative approach is that we aim to enter into a cooperative relationship with the entire private sector through information sharing, rather than an adversarial one with prescriptive regulations. Our bill, which will be introduced when we return from the Presidents’ Day recess, will provide a common-sense path forward to improve our nation’s cybersecurity defenses.

Last Friday I outlined the perceived — in my judgment, real — tension between collaboration and compliance that any approach to effective cybersecurity will require. The real debate is over how to resolve this tension: with more dependence on voluntary cooperation or the threat of regulation. (To be clear, the proposal unveiled on February 14 by Senators Lieberman, Collins, and others does not create new regulations per se, but it does initiate a public-private process that would eventually create a regulatory regime.)

Some private sector organizations have welcomed the opportunity to frame-up the process, others are ready to do what they can to stop any movement to regulation. So far the private sector line-up on each side seems mostly to reflect revenue streams. Those that may make money on increased attention to cybersecurity are in favor of the current proposal, those that see cybersecurity mostly as a cost are opposed. (The cost-benefit discussion is, so far, not very sophisticated on either side.)

While the efficacy of the new bill is debatable, it is clear the current approach — depending almost entirely on voluntary collaboration — has not worked. The weakest links in the cybersecurity system are the least willing to show up, talk turkey, and truly collaborate in sharing information and changing behavior. What do you do when “pretty please”, earnest presentations on self-interest, and peer pressure do not work? What do you do when neglect by one “house” on the block endangers the safety of the entire block (or city)?

Sanctions are needed. But no matter how tough, sanctions will not be sufficient. Whatever sack of sanctions are available, unless the sanctions are used to craft collaboration (rather than mere compliance) cybersecurity will not be enhanced.  The threat of regulatory sanctions may encourage collaboration, but a rigid regulatory approach alone will only achieve minimal compliance, which in cyberspace will always lag behind new threats and vulnerabilities.

Whichever of the current sides win, execution will be key. The current legislation addresses execution primarily under Title III through a DHS National Center for Cybersecurity and Communications. The new entity would combine several existing offices, and would be directed by a Presidential appointee confirmed by the Senate. Here are the director’s duties enumerated in the current legislation:

(1) manage Federal efforts to secure, protect, and ensure the resiliency of the Federal information infrastructure, national information infrastructure, and national security and emergency preparedness communications infrastructure of the United States, working cooperatively with appropriate government agencies and the private sector;

(2) support private sector efforts to secure, protect, and ensure the resiliency of the national information infrastructure;

(3) prioritize the efforts of the Center to address the most significant risks and incidents that have caused or are likely to cause damage to the Federal information infrastructure, the national information infrastructure, and national security and emergency preparedness communications infrastructure of the United States;

(4) ensure, in coordination with the privacy officer designated under subsection (j), the Privacy Officer appointed under section 222, and the Director of the Office of Civil Rights and Civil Liberties appointed under section 705, that the activities of the Center comply with all policies, regulations, and laws protecting the privacy and civil liberties of United States persons; and

(5) perform such other duties as the Secretary may require relating to the security and resiliency of the Federal information infrastructure, national information infrastructure, and the national security and emergency preparedness communications infrastructure of the United States.

Title III continues for another 28 pages. Included under Authorities and Responsibilities of the Center, “serve as the focal point for, and foster collaboration between, the Federal Government, State and local governments, and private entities on matters relating to the security of the national information infrastructure.”

On page 114 of the proposed legislation a supervisor training program for the Center is set out. The current language suggests Senator Akaka and his staff have persisted in pushing his perennial concerns. It’s all good. It could be better.

The currently proposed training program  is mostly internally focused. I suggest language be added to focus on mission achievement. Consider for a moment a supervisor training curriculum focused on just one of the duties listed above, ” support private sector efforts to secure, protect, and ensure the resiliency of the national information infrastructure”

What is the nature of the private sector?

What are the private sector’s current efforts related to cyberspace?

What does “secure”, “protect”, and “ensure the resiliency” of cyberspace mean?

What is the national information infrastructure?

What does it mean to “support” the private sector? Why this verb rather than another?

That would be an interesting — valuable — curriculum.   Develop similar curricula around each of the statutory goals, include private sector participants in the curriculum… and a whole new approach to private-public collaboration might be cultivated.

This curriculum should  include a heavy dose of culture, a culture of private-public collaboration.  If the Center becomes a cyber-SEC none of us will be any safer.   Cybersecurity cannot focus on accountability after-the-fact.  The focus must be on cultivating a culture of prevention and resilience, not compliance.

For this purpose, I propose the Akaka Academy for Cybersecurity give close attention to the way the Coast Guard cultivates a collaborative relationship with owners and operators of marine vessels. Just for a taste of what I mean, consider the implications of the following written instruction from a Coast Guard flag officer… and this is not atypical, this approach is entirely consistent with  standard Coast Guard practice.

The Coast Guard’s objective is to administer vessel inspection laws and regulations so as to promote safe, well equipped vessels that are suitable for their intended service. It is not the Coast Guard’s intent to place unnecessary economic and operational burdens upon the marine industry. In determining inspection requirements and procedures, inspection personnel must recognize and give due consideration to the following factors:

  • Delays to vessels, which can be costly, need to be balanced against the risks imposed by continued operation of the vessel, with safety of life, property, and the environment always the predominant factor over economics;
  • Certain types of construction, equipment, and/or repairs are more economically advantageous to the vessel operator and can provide the same measure of safety;
  • Some repairs can be safely delayed and can be more economically accomplished at a different place and time;
  • The overall safety of a vessel and its operating conditions, such as route, hours of operations, and type of operation, should be considered in determining inspection requirements;
  • Vessels are sometimes subject to operational requirements of organizations and agencies other than the Coast Guard; and
  • A balance must be maintained between the requirements of safety and practical operation. Arbitrary decisions or actions that contribute little to the vessel’s safety and tend to discourage the construction or operation of vessels must be avoided.

I know of no better example of effective private-public collaboration than that of the U.S. Coast Guard with the industry it helps regulate, serve, and sometimes save.  It is a cultural model well-suited to the cyber domain.

February 17, 2012

Cybersecurity Act: Collaboration v. Compliance?

Filed under: Congress and HLS,Cybersecurity,Private Sector — by Philip J. Palin on February 17, 2012

On Valentine’s Day the Senate Homeland Security and Governmental Affairs Committee released a proposed Cybersecurity Act of 2012.  The Committee’s Chairman, Joseph Lieberman (I-CT) and ranking member, Susan Collin’s (R-ME) are co-sponsors.

The roll-out has been impressive.  Check out the Committee’s website for gobs of additional background.  All-star testimony was taken on Thursday.

My HLSWatch colleague, Jessica Herrera-Flanigan has authored a persuasive piece for Roll Call pushing for quick adoption.  Rapid approval by the Senate is a big part of the legislative strategy.

Every cyber-specialist, like Jessica, I have communicated with supports the legislation.  Those on the Hill who have come out against are – so far – objecting mostly to procedural or cost concerns. (The best political update I could find on Friday morning is from Ellen Nakashima at the Washington Post.)

Yesterday I used a cross-continent flight to read the 205 pages of statutory prose.  Politico called it a “door-stop of a bill.”

Taken at face-value the language could hardly be more benign.

The clear intent is to prevent when possible – and mitigate when prevention is not possible – “the risk of national or regional catastrophic damage within the United States caused by damage or unauthorized access to information infrastructure…”

To achieve this and similar goals the legislation frames and facilitates a rather intricate process of private-public consultations, information exchange, risk analyses, certification, audits, education, research, and exercises.

In a whole host of ways the language implicitly – but quite obviously – acknowledges that cyber security is not possible without extraordinary – just for emphasis: extra-ordinary – cooperation between government and the private sector and between various elements of the private sector.

As a result, the proposed legislation goes to amazing lengths to encourage information exchange on cyber threats, vulnerabilities, and more.  For example, here are three sections of Title VII Information Sharing (page 163):

(d) EXEMPTION FROM PUBLIC DISCLOSURE.—An cybersecurity threat indicator disclosed by a non-Federal entity to a cybersecurity exchange under subsection (a) shall be— (1) exempt from disclosure under section 552(b)(3) of title 5, United States Code, or any comparable State law; and (2) treated as voluntarily shared information under section 552 of title 5, United States Code, or any comparable State law.

(e) EXEMPTION FROM EX PARTE LIMITATIONS.— Any cybersecurity threat indicator disclosed by a non-Federal entity to a cybersecurity exchange under subsection (a) shall not be subject to the rules of any governmental entity or judicial doctrine regarding ex parte communications with a decision making official.

(f) EXEMPTION FROM WAIVER OF PRIVILEGE.—Any cybersecurity threat indicator disclosed by a non-Federal entity to a cybersecurity exchange under subsection (a) may not be construed to be a waiver of any applicable privilege or protection provided under Federal, State, tribal, or territorial law, including any trade secret protection.

Please, please, please let us know when you are in danger, we promise not to hold you accountable. The federal government is made into a worried parent trying to protect a troubled teenager.

No one tells me the cyberthreat is overdone.   Most tell me it is already worse than is generally known. Threats, vulnerabilities, and consequences are expected to grow.

Everyone seems ready to agree – at least behind closed-doors – the legislation is well-intended and designed to tee-up a meaningful process of private-public consultations, not pre-ordain the results of that consultation.  If anything, many cybersecurity mavens find the proposed language entirely too tentative and toothless.

But one Chief Information Officer I talked with calls the bill a “Trojan horse, superficially attractive and deeply dangerous.”  According to this person the legislation is fundamentally flawed because it moves the focus of discussion from collaboration to compliance.  “As soon as compliance is the agenda,” he says, “the lawyers take over. We will hardly ever see a technologist again.  That’s not what we need.  They are going to replace a messy, difficult, but realistic process of collaboration with an orderly and mostly meaningless process of certification and compliance.  Risk management is hard.  Compliance is easy.  In one case you invest in real outcomes, in the other you create a legally defensible illusion.”

When I outlined the CIO’s critique to a self-defined “Hill Rat” (and lawyer) who has been involved in cybersecurity, he responded, “The lawyers are already too involved.  That’s been a problem.  It’s been easy for government relations people to show up.   We need CIOs, CTOs, CFOs, COOs, and CEOs.  One way to read the legislation is as a small but very sharp blade to cut through the veil of lawyers behind which too many of our cyber-assets are obscured.  No one wants to regulate, but we need to get real about the risk.”

As the Congressional staffer continued he went even further, “You know what?  This is really an anti-regulation bill. Unless we do something like this and get much better at the drill than today, a major system is going to be taken down and people will die.  Russian mafia, Iranian Quds, Chinese class project – who knows who?  Then just imagine the rush to regulation.”

Maybe I am overly influenced by two men who were each speaking with evident candor and concern.   But I come away thinking they are probably both right.

The issue is not so much current Congressional intent as longer-term execution.  Whenever legislation is adopted, how can we keep the focus on substantive collaboration?  Next Friday I will offer a suggestion.

February 8, 2012

Supply chain testimony

Yesterday several DHS officials and others were on the Hill giving testimony related to the new National Strategy for Global Supply Chain Security.  Please see: http://homeland.house.gov/hearing/subcommittee-hearing-balancing-maritime-security-and-trade-facilitation-protecting-our-ports

Three quick impressions:

1. Constructive example of “stovepipes” being brought together around a supposedly stovepipe-busting strategy.

2. The tension between security and resilience is real, persistent, and difficult to effectively engage.   Security is tough enough.  Resilience requires even more creativity.

3. It is striking to have a hearing on this topic without hearing directly from the private sector as well.

This is an early step in rolling-out the new strategy.  Much more to come.

January 25, 2012

SOTU: ‘Osama’s dead, GM’s alive’

Filed under: Budgets and Spending,Congress and HLS,Events — by Mark Chubb on January 25, 2012

A short time before President Obama delivered the annual state of the union address to a joint session of Congress, a media outlet I follow Tweeted a summary attributed to Vice President Joe Biden: “Osama bin Laden is dead, GM is alive.” The president spoke for more than an hour this evening, but that just about sums it up from a homeland security perspective.

The elimination of bin Laden and the routing of al-Qaeda’s leadership since President Obama took office is arguably the singular foreign policy accomplishment of his presidency. His administration achieved much of its success on this front by all but ignoring promises it made to its political base and taking actions even his Republican predecessors seemed to shy away from in scale if not necessarily in scope.

It might not be fair to suggest that President Obama’s admiration for the military expanded with his ascendence to the office of commander-in-chief. The two most significant role models in his young life beyond his own mother were his maternal grandparents in Kansas. His grandfather, he reminds us, served in Patton’s army while his grandmother assembled bombers back home. The experiences that shaped them clearly left an indelible impression on him as a young man and inspire his sense of duty even today.

The president’s address tonight made it clear that he sees the armed forces as a model of what America can be when it tries to be its best. In many ways, I agree. The U.S. armed forces are truly a model of diversity, innovation and adaptability. But what can be said of the armed forces cannot necessarily be said of the armed services.

Of those American institutions that did not atrophy from lack of attention or loss of investment, many have become sclerotic as money, influence-peddling and political polarization have conspired to clog the arteries of our democracy. The resulting death spiral threatens the American Dream and has all but snuffed out our faith in a better future. From his opening remarks to his conclusion, the president called upon Americans to see in the can-do example of our fighting forces the inspiration to revive our democracy and the incentive to renew our nation.

As with previous addresses, the president emphasized the need to establish clear priorities and make smarter choices. He called on Congress to work with his administration to create an America “built to last.” To do this, he called for the restoration of an economy “where everyone gets a fair shot, everyone does their fair share, and everybody plays by the same set of rules.”

Calls for renewed investments in education, energy innovation and infrastructure took center stage once again this year despite the president’s acceptance of the need to make further spending cuts in other areas, including entitlements. At several points, he noted how government investment had created the very opportunities our men and women under arms have fought to protect and that have benefited the wealthiest among us.

The president’s address not only displayed the rhetorical strengths for which he is rightly admired by supporters and reviled by opponents. His remarks also revealed a growing sense of pragmatism and purpose. The president made it clear that he will meet Congressional obstruction with action. One particularly clear indication of his intentions come from his emphasis on regulatory reforms that will enable some of the savings from defense cuts to be put to work on “nation-building right here at home.”

Before President Obama arrived on Capitol Hill tonight, Speaker of the House John Boehner remarked to the media that the president’s address would amount to little more than a campaign stump speech. Clearly, this president knows the campaign has already begun. And he knows too that re-election is no certainty. But he also seems more committed to reinforcing his accomplishments and taking the fight to his opponents than he did last year.

Something tells me any effort by Republicans to prematurely rewrite Biden’s pre-SOTU summary to serve as an epitaph for this administration — “Obama’s dead, America’a alive” — have another think coming.

January 2, 2012

NDAA is law: President’s statement

Filed under: Congress and HLS,Legal Issues,Radicalization — by Philip J. Palin on January 2, 2012

In prior posts I have argued against several provisions of the the National Defense Authorization Act.  On New Year’s Eve, the President signed the legislation.  It is now law.

I am not concerned — have never been concerned — about the immediate implications of the law.  I am deeply concerned regarding how it may be applied at some future date.  I am saddened by what overwhelming, bipartisan passage of the law seems to say regarding Congressional commitment to the foundations of freedom extending at least to the Magna Carta.  That the executive has chosen to accept the gift of additional power is not surprising, this is the innate tendency of the executive.  That the legislature has enthusiastically authorized such extraordinary power is profoundly troubling.  The current executive promises to exercise restraint. In a future crisis, how may a less reluctant executive choose to exercise this power?

Following is a statement by the President on his decision.

–+–

Today I have signed into law H.R. 1540, the “National Defense Authorization Act for Fiscal Year 2012.” I have signed the Act chiefly because it authorizes funding for the defense of the United States and its interests abroad, crucial services for service members and their families, and vital national security programs that must be renewed. In hundreds of separate sections totaling over 500 pages, the Act also contains critical Administration initiatives to control the spiraling health care costs of the Department of Defense (DoD), to develop counterterrorism initiatives abroad, to build the security capacity of key partners, to modernize the force, and to boost the efficiency and effectiveness of military operations worldwide.

The fact that I support this bill as a whole does not mean I agree with everything in it. In particular, I have signed this bill despite having serious reservations with certain provisions that regulate the detention, interrogation, and prosecution of suspected terrorists. Over the last several years, my Administration has developed an effective, sustainable framework for the detention, interrogation and trial of suspected terrorists that allows us to maximize both our ability to collect intelligence and to incapacitate dangerous individuals in rapidly developing situations, and the results we have achieved are undeniable. Our success against al-Qa’ida and its affiliates and adherents has derived in significant measure from providing our counterterrorism professionals with the clarity and flexibility they need to adapt to changing circumstances and to utilize whichever authorities best protect the American people, and our accomplishments have respected the values that make our country an example for the world.

Against that record of success, some in Congress continue to insist upon restricting the options available to our counterterrorism professionals and interfering with the very operations that have kept us safe. My Administration has consistently opposed such measures. Ultimately, I decided to sign this bill not only because of the critically important services it provides for our forces and their families and the national security programs it authorizes, but also because the Congress revised provisions that otherwise would have jeopardized the safety, security, and liberty of the American people. Moving forward, my Administration will interpret and implement the provisions described below in a manner that best preserves the flexibility on which our safety depends and upholds the values on which this country was founded.

Section 1021 affirms the executive branch’s authority to detain persons covered by the 2001 Authorization for Use of Military Force (AUMF) (Public Law 107-40; 50 U.S.C. 1541 note). This section breaks no new ground and is unnecessary. The authority it describes was included in the 2001 AUMF, as recognized by the Supreme Court and confirmed through lower court decisions since then. Two critical limitations in section 1021 confirm that it solely codifies established authorities. First, under section 1021(d), the bill does not “limit or expand the authority of the President or the scope of the Authorization for Use of Military Force.” Second, under section 1021(e), the bill may not be construed to affect any “existing law or authorities relating to the detention of United States citizens, lawful resident aliens of the United States, or any other persons who are captured or arrested in the United States.” My Administration strongly supported the inclusion of these limitations in order to make clear beyond doubt that the legislation does nothing more than confirm authorities that the Federal courts have recognized as lawful under the 2001 AUMF. Moreover, I want to clarify that my Administration will not authorize the indefinite military detention without trial of American citizens. Indeed, I believe that doing so would break with our most important traditions and values as a Nation. My Administration will interpret section 1021 in a manner that ensures that any detention it authorizes complies with the Constitution, the laws of war, and all other applicable law.

Section 1022 seeks to require military custody for a narrow category of non-citizen detainees who are “captured in the course of hostilities authorized by the Authorization for Use of Military Force.” This section is ill-conceived and will do nothing to improve the security of the United States. The executive branch already has the authority to detain in military custody those members of al-Qa’ida who are captured in the course of hostilities authorized by the AUMF, and as Commander in Chief I have directed the military to do so where appropriate. I reject any approach that would mandate military custody where law enforcement provides the best method of incapacitating a terrorist threat. While section 1022 is unnecessary and has the potential to create uncertainty, I have signed the bill because I believe that this section can be interpreted and applied in a manner that avoids undue harm to our current operations.

I have concluded that section 1022 provides the minimally acceptable amount of flexibility to protect national security. Specifically, I have signed this bill on the understanding that section 1022 provides the executive branch with broad authority to determine how best to implement it, and with the full and unencumbered ability to waive any military custody requirement, including the option of waiving appropriate categories of cases when doing so is in the national security interests of the United States. As my Administration has made clear, the only responsible way to combat the threat al-Qa’ida poses is to remain relentlessly practical, guided by the factual and legal complexities of each case and the relative strengths and weaknesses of each system. Otherwise, investigations could be compromised, our authorities to hold dangerous individuals could be jeopardized, and intelligence could be lost. I will not tolerate that result, and under no circumstances will my Administration accept or adhere to a rigid across-the-board requirement for military detention. I will therefore interpret and implement section 1022 in the manner that best preserves the same flexible approach that has served us so well for the past 3 years and that protects the ability of law enforcement professionals to obtain the evidence and cooperation they need to protect the Nation.

My Administration will design the implementation procedures authorized by section 1022(c) to provide the maximum measure of flexibility and clarity to our counterterrorism professionals permissible under law. And I will exercise all of my constitutional authorities as Chief Executive and Commander in Chief if those procedures fall short, including but not limited to seeking the revision or repeal of provisions should they prove to be unworkable.

Sections 1023-1025 needlessly interfere with the executive branch’s processes for reviewing the status of detainees. Going forward, consistent with congressional intent as detailed in the Conference Report, my Administration will interpret section 1024 as granting the Secretary of Defense broad discretion to determine what detainee status determinations in Afghanistan are subject to the requirements of this section.

Sections 1026-1028 continue unwise funding restrictions that curtail options available to the executive branch. Section 1027 renews the bar against using appropriated funds for fiscal year 2012 to transfer Guantanamo detainees into the United States for any purpose. I continue to oppose this provision, which intrudes upon critical executive branch authority to determine when and where to prosecute Guantanamo detainees, based on the facts and the circumstances of each case and our national security interests. For decades, Republican and Democratic administrations have successfully prosecuted hundreds of terrorists in Federal court. Those prosecutions are a legitimate, effective, and powerful tool in our efforts to protect the Nation. Removing that tool from the executive branch does not serve our national security. Moreover, this intrusion would, under certain circumstances, violate constitutional separation of powers principles.

Section 1028 modifies but fundamentally maintains unwarranted restrictions on the executive branch’s authority to transfer detainees to a foreign country. This hinders the executive’s ability to carry out its military, national security, and foreign relations activities and like section 1027, would, under certain circumstances, violate constitutional separation of powers principles. The executive branch must have the flexibility to act swiftly in conducting negotiations with foreign countries regarding the circumstances of detainee transfers. In the event that the statutory restrictions in sections 1027 and 1028 operate in a manner that violates constitutional separation of powers principles, my Administration will interpret them to avoid the constitutional conflict.

Section 1029 requires that the Attorney General consult with the Director of National Intelligence and Secretary of Defense prior to filing criminal charges against or seeking an indictment of certain individuals. I sign this based on the understanding that apart from detainees held by the military outside of the United States under the 2001 Authorization for Use of Military Force, the provision applies only to those individuals who have been determined to be covered persons under section 1022 before the Justice Department files charges or seeks an indictment. Notwithstanding that limitation, this provision represents an intrusion into the functions and prerogatives of the Department of Justice and offends the longstanding legal tradition that decisions regarding criminal prosecutions should be vested with the Attorney General free from outside interference. Moreover, section 1029 could impede flexibility and hinder exigent operational judgments in a manner that damages our security. My Administration will interpret and implement section 1029 in a manner that preserves the operational flexibility of our counterterrorism and law enforcement professionals, limits delays in the investigative process, ensures that critical executive branch functions are not inhibited, and preserves the integrity and independence of the Department of Justice.

Other provisions in this bill above could interfere with my constitutional foreign affairs powers. Section 1244 requires the President to submit a report to the Congress 60 days prior to sharing any U.S. classified ballistic missile defense information with Russia. Section 1244 further specifies that this report include a detailed description of the classified information to be provided. While my Administration intends to keep the Congress fully informed of the status of U.S. efforts to cooperate with the Russian Federation on ballistic missile defense, my Administration will also interpret and implement section 1244 in a manner that does not interfere with the President’s constitutional authority to conduct foreign affairs and avoids the undue disclosure of sensitive diplomatic communications. Other sections pose similar problems. Sections 1231, 1240, 1241, and 1242 could be read to require the disclosure of sensitive diplomatic communications and national security secrets; and sections 1235, 1242, and 1245 would interfere with my constitutional authority to conduct foreign relations by directing the Executive to take certain positions in negotiations or discussions with foreign governments. Like section 1244, should any application of these provisions conflict with my constitutional authorities, I will treat the provisions as non-binding.

My Administration has worked tirelessly to reform or remove the provisions described above in order to facilitate the enactment of this vital legislation, but certain provisions remain concerning. My Administration will aggressively seek to mitigate those concerns through the design of implementation procedures and other authorities available to me as Chief Executive and Commander in Chief, will oppose any attempt to extend or expand them in the future, and will seek the repeal of any provisions that undermine the policies and values that have guided my Administration throughout my time in office.

BARACK OBAMA
THE WHITE HOUSE,
December 31, 2011.

 

December 1, 2011

Against Al-Qaeda: Where bipartisanship finds an uneasy home

Filed under: Congress and HLS,Radicalization,Terrorist Threats & Attacks — by Philip J. Palin on December 1, 2011

The following is quoted verbatim from page A-22 of the New York edition of the November 30 New York Times.  I do not have time for further comment, but felt it was too easy to miss and too important not to call out.  See more at the Times.

By a vote of 61 to 37, the Senate turned back an effort to strip a major military bill of a set of disputed provisions affecting the handling of terrorism cases. While the legislation still has several steps to go, the vote makes it likely that Congress will eventually send to President Obama’s desk a bill that contains detainee-related provisions his national-security team has said are unacceptable.

The most disputed provision would require the government to place into military custody any suspected member of Al Qaeda or one of its allies connected to a plot against the United States or its allies. The provision would exempt American citizens, but would otherwise extend to arrests on United States soil. The executive branch could issue a waiver and keep such a prisoner in the civilian system.

A related provision would create a federal statute saying the government has the legal authority to keep people suspected of terrorism in military custody, indefinitely and without trial. It contains no exception for American citizens. It is intended to bolster the authorization to use military force against the perpetrators of the terrorist attacks of Sept. 11, 2001, which lawmakers enacted a decade ago…

Among Republican senators, there was nearly unanimous support for keeping the detainee provisions in the bill: 44 Republicans voted for them, while two — Mark Kirk of Illinois and Rand Paul of Kentucky — voted to remove them. By contrast, members of the Democratic caucus were deeply divided: 35 wanted to strip the detainee provisions from the bill, but 17 voted to keep them in it.

A previous post on the issue is available here.

« Previous PageNext Page »