Homeland Security Watch

As reported in today’s Washington Post, an employee of investment firm Wagner Resource Group in McLean, VA, traded music or movie files late last year with other users of the online file-sharing network LimeWire while using a company computer. As a result, he inadvertently made the private files of his firm’s clients accessible on the Net.

This exposed the names, dates of birth, and social security numbers of about 2,000 clients, including Supreme Court Justice Stephen G. Breyer.

This puts into perspective the concern expressed by Peter Schaar, Germany’s data protection commissioner, quoted in another story appearing in today’s Post by Ellen Nakashima. Commenting on a new effort by the Department of Homeland Security to gain access to more private information about individuals visiting the U.S. from Europe (as well as sharing such information about American’s with EU countries), Schaar found:

no “clear rules on purpose limitation” or on the storage period. “First,” he said, “which data are of concern is not really completely clear. Second, who are the competent authorities on the U.S. side? Third, and most important, there is a lack of independent supervision in the United States over data protection.” In European states, independent privacy commissions safeguard the privacy rights of citizens, he said.

If we have social security numbers of Supreme Court Justices being accidentally shared on the Internet, I can see why he might want further assurances. The Post article points out that Schaar’s questions over which “data are of concern is not really completely clear,” may actually be addressed. Unfortunately, it is disturbing which data is to be shared. According to the news:

The agreement, which was described by two European officials, also allows for the transmission of “personal data revealing racial or ethnic origin, political opinion or religious or other beliefs, trade union membership or information concerning health and sexual life” in cases where they are “particularly relevant to the purposes of this agreement.” It defines personal data as “any information relating to an identified or identifiable natural person.”

Political opinion, trade union membership, or information concerning sexual life? This is too much. That the agreement “shall take suitable safeguards, in particular, appropriate security measures, in order to protect such data,” does not provide the convincing assurance that such information would not be accessed by the ill-intended (like the State Department employees illegally accessing passport records) or the clumsy (like the case of the investment firm above).

But such assurances seem secondary in comparison to the apparent lack of connection between someone’s sexual orientation, political affiliation, or membership in a trade union to a criminal act. I can see why such things as previous travel destinations, the purchase of a one-way ticket, or the use of a suspicious credit card would be relevant to an investigation with cause, but knowing if the traveler is gay, a Republican, or a member of the American Federation of Teachers seems too much.

Yesterday the White House issued a new directive intended to coordinate efforts by Federal departments and agencies to collect, store, use, analyze, and share biometric and associated biographic and contextual information of “known and suspected terrorists.”

The joint national security and homeland security directive, known as NSPD-59/HSPD-24, seeks to enhance government capabilities in managing biometric data about suspected terrorists. This directive refers to a “Federal framework for applying existing and emerging biometric technologies to the collection, storage, use, analysis, and sharing of data in identification and screening processes.” The framework is intended to better structure the various federal efforts focused on biometric identification for national security purposes as part of “a layered approach to identification and screening of individuals.”

This dovetails well with the post earlier this week about the discussion with Patty Cogswell of the DHS Screening Coordiantion Office. Note also the potential relationship between this directive and efforts underway at the FBI (Next Generation Identification) and at DHS (Biometric Storage System).

The following orders, directives, and strategy documents bear on this directive’s implementation:
• Executive Order 12881 (Establishment of the National Science and Technology Council);
• Homeland Security Presidential Directive 6 (HSPD 6) (Integration and Use of Screening Information to Protect Against Terrorism);
• Executive Order 13354 (National Counterterrorism Center);
• Homeland Security Presidential Directive 11 (HSPD 11) (Comprehensive Terrorist Related Screening Procedures);
• Executive Order 13388 (Further Strengthening the Sharing of Terrorism Information to Protect Americans);
• National Security Presidential Directive 46/Homeland Security Presidential Directive 15 (NSPD-46/HSPD-15) (U.S. Policy and Strategy in the War on Terror);
• 2005 Information Sharing Guidelines;
• 2006 National Strategy for Combating Terrorism;
• 2006 National Strategy to Combat Terrorist Travel;
• 2007 National Strategy for Homeland Security;
• 2007 National Strategy for Information Sharing; and
• 2008 United States Intelligence Community Information Sharing Strategy.

The main thrust behind HSPD-24 is an intention to make all biometric and associated biographic and contextual information of threatening persons available to all agencies. Sounds sweeping. The HSPD does make explicit that the scope here is to enable information sharing across the Executive branch, not to collect more biometric data. That the Assistant to the President for Homeland Security and Counterterrorism is the primary person responsible for “interagency policy coordination on all aspects of this directive,” this may not mean much. That position has been vacant since last year.

UPDATE: The day before I wrote this post the President named Fran Townsend’s successor. Thomas P. Bossert is the new Deputy Assistant to the President for Homeland Security. This is a promotion from his job as Special Assistant to the President for Homeland Security and Senior Director for Preparedness Policy. Bossert also served as Director of Infrastructure Policy on the HSC staff and, before that, as Deputy Director in the Office of Legislative Affairs at DHS’s former Emergency Preparedness and Response Directorate.

Thursday, April 17

2:00 PM EDT
Principal Deputy Under Secretary for Intelligence and Analysis Jack Tomarchio will testify before the Senate Homeland Security Governmental Affairs Committee, Ad Hoc Subcommittee on State, Local and Private Sector Preparedness and Integration on state and local fusion centers
342 Dirksen Senate Office Building
Washington, DC

Friday, April 18

2:00 PM EDT
Secretary Michael Chertoff will sign a memorandum of understanding on the Visa Waiver Program with Korean Minister of Foreign Affairs and Trade Yu Myung-hwan followed by a press availability
Ronald Reagan Building
U.S. Customs and Border Protection
Press Briefing Room
1300 Pennsylvania Avenue, NW
Washington, DC

Waiting in the HLSWatch.com inbox upon my return from Big Sky, Montana, were scanned copies of correspondence between DHS Assistant Secretary for Policy Stewart Baker and Montana Attorney General Mike McGrath about the state’s request to opt out of the REAL ID Act.

DHS granted an extension on Friday to the state of Montana so that it can comply with the REAL ID Act. The only thing is that Montana never asked for an extension. Montana governor Brian Schweitzer made news over his intention to defy the law passed by Congress in 2005. Schweitzer is leading a charge (joined by Maine, South Carolina, New Hampshire, and Oklahoma) to oppose the REAL ID Act and any efforts by DHS to impose penalties for non-compliance.

The 9/11 Commission recommended that the U.S. rationalize the state identification regime in order to reduce the risk of fraud (suspected to aid terrorists and criminals alike). The Commission argued that the federal government should “set standards for the issuance of … driver’s licenses.” The REAL ID Act requires that a standardized driver’s license be used for “official purposes.” At this point, DHS proposes to define “official purposes” of a REAL ID as accessing federal facilities and nuclear power plants and boarding commercial aircraft. The main beef states have with the Act is the lack of funding to pay for the mandate. DHS is stretching out the compliance period over almost ten years (2014) to make it easier on states, but that only avoids the REAL problem according to Governor Schweitzer. Schweitzer and the Montana state legislature oppose it on principle.

(It sure doesn’t help that the Secretary suggested contrarians should “grow up” about security measures, such as the REAL ID provisions. The statement emboldened critics to examine his tenure more closely and shift the focus away from REAL ID.)

Montana seeks a complete waiver, but DHS’s Stewart Baker explained in a letter to Montana’s Attorney General that DHS has only the authority to carry out the statute or grant extensions to state’s that “meet the requirements” of the REAL ID Act.

Frankly, after Montana’s governor has called the law “nonsensical”, “kooky,” and “hare-brained,” and invited other states to join him in a showdown over “the DHS coercion to comply,” I’m impressed with Baker’s dispassionate response. Baker wrote in a response the same day he received McGrath’s letter:

Under the statute, the Department [of Homeland Security] can only grant an extension of the compliance deadline [as opposed to a waiver.] Therefore, I can only provide the relief you are seeking by treating your letter as a request for an extension.

Of course, Schweitzer’s whole deal is that he’ll never seek an extension because it would be interpreted as intention to implement the Act.

DHS is back to the drawing board with its National Applications Office. In hindsight, it was impressive that this new Office should come together so quickly and in final format with a Fact Sheet and all more than a month ahead of its roll-out. The interagency negotiations and burdens of transforming the legacy aspects of the Civil Applications Office must have quite a challenge. But not as challenging as the Congress would prove to be.

Bennie Thompson, Chairman of the House Homeland Security Committee released a statement this week that began by explaining that “After several requests from the Homeland Security Committee calling for a moratorium on the controversial use of spy satellite imagery for domestic purposes, the Department has heeded the call and delayed its planned October 1st launch of its new National Applications Office (NAO).”

Readers may recall the September 10 post here explaining the plans for this new office. This is effectively a modernization of the Civil Applications Office (CAO) to reflect a joint effort of two new entities: DHS and the Office of the Director of National Intelligence. A lot has changed since the days of the CAO. Evidently the civil liberties questions today are no match for the NAO. Thompson explains that as a result of the “moratorium,” DHS “has cited the need to address unanswered privacy and civil liberties questions from Congress – as addressed in the Committee’s September 6th hearing on the matter and also in letters from August 22nd and September 6th from Committee Members.”

This sounds a lot like the days when we rolled out the Domestic Nuclear Detection Office. While the challenges had more to do with political science than with privacy protection, the Congress felt as if they were in the dark about the DNDO and pushed back hard. Both Democrats and Republicans were skeptical of the DNDO since they were effectively told of its existence when it showed up in the President’s budget request. (The Presidential Directive creating it was not released.) It made a Congressional Affairs expert out of the DNDO Director real quick. Vayl Oxford spent upwards of 30 visits to the Hill over a few months. Eventually, as he explained it to me, they went from “justifying our existence to justifying our investments.”

That may be a better fate than the NAO will meet.

Intelligence, Information Sharing and Terrorism Risk Assessment Subcommittee (Chairman Jane Harman, D-CA) of House Homeland Security Committee will hold a hearing titled “The Way Forward With Fusion Centers: Challenges and Strategies for Change.”

Date: Thursday, September 27, 1000
Place: 311 Cannon Building
Witnesses:
• Charles Allen - Chief intelligence officer, Office of Intelligence and Analysis, Department of Homeland Security
• Michael Mines - Deputy assistant director, Directorate of Intelligence, FBI
• Eileen Larence - Director, Homeland Security and Justice Issues, Government Accountability Office (GAO)
• Todd Masse - Specialist, Domestic Intelligence and Counterterrorism, Congressional Research Service (CRS)
• John Rollins - Specialist, Terrorism and International Crime, CRS
• Norman Beasley - Coordinator for counter terrorism, Maricopa County Sheriff’s Office

Fusion Centers started back in 2003 with a good amount of support from DHS, state and local law enforcement, the FBI, and even Congress. Soon after, CQ’s Jeff Stein ran a story on April 25, 2006 about how popular the new Centers are proving to be, called “Local Intelligence ‘Fusion Centers’ Emerge as Major Force”.

At that time about 40 states had established their own “fusion centers,” where local agencies can share and act on criminal and terrorism information with representatives from the FBI and DHS. In August 2005, DHS and the Department of Justice issued guidelines to bring the fusion centers in line with federal practices.

DHS Assistant Secretary for Intelligence and Analysis Charlie Allen would follow these developments with plans to send DHS analysts and officers to one Fusion Center a month over the next two years. Two months later, DHS announced plans to embed their analysts at fusion centers in New York City, Los Angeles, Reistertown, MD, and Baton Rouge.

Today, about 43 Fusion Centers exist. Since 2003, DHS has provided more than $300 million to states and regions to establish these Centers and have assigned only about 15 of its own intel analysts to the Centers. (35 more analysts are to be deployed by year’s end.) A list of state and regional intelligence fusion centers dated March 8 was first published by Secrecy News, and by the National Criminal Intelligence Resource Center of the Justice Department in Tallahassee.

According to CQ’s Stein, the popularity of fusion centers reflects state and local disappointment with DHS’s Homeland Security Information Network (too many points of contact) and the FBI’s Joint Terrorism Task Forces (too opaque).

But how well are they doing?

The Congressional Research Service issued a withering June 6 report suggesting that little counterterrorism was actually being accomplished by the Fusion Centers. They seemed to be drifting back to their comfort zones: “Although many of the centers initially had purely counterterrorism goals, for numerous reasons, they have increasingly gravitated toward an all-crimes and even broader all-hazards approach.” That might be code for “everything and anything.” Its true that connecting dots requires better understanding of the dots and the relationships between them, but do more eyes on the dots necessarily mean better connectivity?

There are those who believe these Centers actually do a little too much work.

At a recent meeting of the Data Privacy and Integrity Advisory Committee (a DHS entity populated by private citizens and senior DHS officials), the Electronic Privacy Information Center (EPIC) sent a representative to submit a prepared complaining about FC oversight and management with special focus on the concern that with the added fusion comes an erosion of privacy. The EPIC statement recommends:

• Disclosing the location, jurisdiction, and funding provided for each center.
• Suspending of funds to the centers until a full privacy impact analysis is concluded.
• An inspector general’s investigation to confirm compliance with federal laws about due process, privacy, civil liberties and civil rights.
• Requiring each Fusion Center to publicly name all its federal, state, local and private partners.
• Annual reports from each Fusion Center listing the number of arrests, prosecutions, and convictions by category of offense.
• Having any information collected, analyzed or shared with a center comply with the Federal Privacy Act.

Whoa. We’re not already doing this? Chairwoman Harman’s hearing will likely get into these issues, but will more likely focus on performance measures. With both CRS and GAO speaking at the hearing we’ll get some critical details.  But that a local user, Norman Beasley, Coordinator for counter terrorism at the Maricopa County Sheriff’s Office, will speak means we might here the other side of the story. 

A new office opens in October at DHS that will manage civilian use of intelligence community and DoD assets. The National Applications Office is the post-9/11 incarnation of what used to be called the Civil Applications Committee that started in 1974 as the result of the President’s Commission on CIA Activities Within the United States (Rockefeller Commission).

Beginning next month, the National Applications Office (NAO) will serve as the “principal interface” between the intelligence community and the Civil Applications, Homeland Security, and Law Enforcement Domains.  According to Bobby Block at the Wall Street Journal, it was a May 25 memo that empowered DHS through the NAO to gain access to some of the U.S.’s most powerful intelligence-gathering capabilities.  Director of National Intelligence Michael McConnell designated DHS as the executive agent and functional manager of the National Applications Office.  It was this May 25 memo to Secretary Chertoff that assigned responsibility to DHS for:

• Enabling a wide spectrum of civil applications, homeland security, and law enforcement users greater access to the collection, analysis, and production skills and capabilities of the intelligence community;

• Enhancing intelligence and information sharing and dissemination to federal, state, and local government and law enforcement users;

• Educating customers about the capabilities and products of the intelligence community;

• Advocating future collection technology needs of the civil applications, homeland security and law enforcement customers in the intelligence community and Department of Defense forums; and

• Providing a forum for discussion of proper use oversight and management of new uses of classified information on behalf of domains, in addition to already established uses.

Last week, the House Homeland Security Committee convened a hearing about the NAO as noted here. Witnesses from DHS included Charlie Allen, Chief Intelligence Officer; Hugo Teufel, Chief Privacy Officer; and Dan Sutherland, the Civil Rights and Civil Liberties Officer.

A National Applications Executive Committee will be established to provide interagency oversight. A DHS fact sheet issued on 15 August describes how the NAO will work with the “advice and support” of three customer domain working groups:

• Civil Applications Domain Working Group: This working group will continue the efforts of the Civil Application Committee that have been ongoing for more than 30 years, including scientific, geographic and environmental research.

• Homeland Security Domain Working Group: The “Homeland Security Domain” includes those government agencies and activities involved in the prevention and mitigation of, preparation for, response to, and recovery from natural or man-made disasters, including terrorism, and other threats to the homeland. This domain can encompass the many operational and administrative components of DHS, as well as other federal, state, local, and tribal elements who partner with the department. Its work will complement the Civil Applications Working Group in areas like natural disaster response.

• Law Enforcement Domain Working Group: This working group includes federal, state, local, and tribal entities, and those activities which support both the enforcement of criminal and civil laws, and the other operational responsibilities and authorities of these entities.

UPDATE 9/11/07: For video stream and complete statements for the record by those testifying before the House Homeland Committee, click here.

The NYPD released a study created by their Intelligence Division that analyzes the nature and evolution of terrorism radicalization and recruitment.  Entitled Radicalization in the West: The Homegrown Threat, the report presents a “conceptual framework for understanding the process of radicalization in the West,” which is based on an analysis of five U.S.-based incidents: 

Lackawana, New York
Portland, Oregon
Northern Virginia
New York City - Herald Square Subway
New York City – The Al Muhajiroun Two (see page 66 of the report)

NYPD Commissioner Ray Kelly introduces this new study by explaining that “understanding this [terrorist recruitment] trend and the radicalization process in the West that drives it is vital for developing effective counterstrategies.”  This is why, Kelly continues, the “NYPD places a priority on understanding what drives and defines the radicalization process.” 

The NYPD suggests that a prime differentiator in the cases of the five incidents studied is that the perpetrators are “unremarkable.”  The authors of the report, Mitchell D. Silber and Arvin Bhatt of the NYPD Intelligence Division, apply the term about a dozen times in the report to suggest a new evolution of the terrorist threat in the U.S.: It could be anybody.

By this the report intends to explain that the traditional antecedents to an attack – perpetrators with criminal records, a presence on watchlists, observable anti-American behavior, travel to certain overseas locations – no longer necessarily present themselves even when a terrorist plan has become operational.  The report explains that the process of radicalization and recruitment can be characterized as follows: 

 

Each of the four stages is treated with detail.  In addition to a serious, if somewhat academic, definition of radicalization, the report provides an in-depth threat assessment from the perspective of the NYPD as informed by such well known experts as RAND’s Brian Jenkins.  In the end, the treatment given by this report may do well to highlight the interconnected nature of this threat across national boundaries and thereby give better impetus to a collaborative approach with allies and friends.  This is something the NYPD is known for doing well.  Another byproduct could be a more intentional assessment of drivers, which we called “root causes” years ago before the use of that phrase fell out of popular favor. 

This vitally important subject is covered in other posts here with links to related content from across the policy community.

DHS Chief Privacy Officer Hugo Teufel III last Friday announced that the Department has released four Privacy Act records involving DHS’s Automated Targeting System (ATS). These records have been posted to the department’s public Web site and were scheduled to appear Monday in the Federal Register.  The four records are an updated System of Records Notice (SORN), the Discussion of Public Comments Received on the SORN, a Notice of Proposed Rulemaking for Privacy Act Exemptions, and a Privacy Impact Assessment (PIA).  

After receiving hundreds of comments regarding the initial SORN published in November 2006, the department revised it in the following way:

•        ATS-P will retain the information for a far shorter period of time. The retention period is now 15 years (7 years active and 8 years dormant), a significant decrease from the proposed 40-year period.

•        Under ATS-P, the purposes for which Passenger Name Record data (PNR) may be used have been narrowed.

•        The SORN implements the department’s mixed system policy, which administratively extends the protections of the Privacy Act of 1974 to non-U.S. persons by providing access and redress to their PNR data.  

According to Teufel, DHS does not collect information on race, ethnicity, religion, or orientation, or make decisions based on such information, and to the extent such information may be provided by a carrier, the department filters that information.  More information about this announcement is available.

GAO just released three studies.  The first reviews FBI’s management of acquiring and implementing Sentinel, which is a program slated to replace and improve upon the FBI’s failed Virtual Case File project.  The Sentinel program is critical to FBI’s need to modernize case management and information sharing obligations.  Think of this as a case of the opposite of the Deepwater project run by Lockheed for the Coast Guard: this GAO report actually focuses on how well the project is going.  For GAO to publish something positive is a rarity.  This report highlights “best practices” used by FBI to implement Sentinel with IBM.  Complete report available here.

 (click thumbnail)

The second study scrutinizes the privacy protection capabilities of the US-VISIT technology.  Intended to track all those people who enter and exit at any of the country’s 285 air, sea, and land ports of entry, US-VISIT is an ambitious undertaking — and a frequent subject of GAO studies.  Given the various sources of information DHS draws upon in order to run US-VISIT, matters pertaining to privacy rank at the top for members of Congress.  This GAO report gets into just this topic, but also weighs in on the information sharing capabilities of US-VISIT to determine if the program does a good enough job of sharing the info that it hoovers with the practioners who need it operationally.  Following is an image from the GAO study that illustrates this range of entities within the US-VISIT orbit.  Complete report available here.

(click thumbnail)

The third study details the challenges faced by the State Department in adjudicating large and growing numbers of visa applications while facilitating the legitimate flow of visitors.  The GAO study starts off with this problem statement: 

DOS has acknowledged that long waits for visas may discourage legitimate travel to the United States, potentially costing the country billions of dollars in economic benefits over time, and adversely influencing foreign citizens’ opinions of our nation. 

This helpful chart below makes the point that we need to be ready for a surge in immigration requests.  Of course, this portends challenges not only for State, but also USCIS.  How DHS plans to manage such a trend is difficult to discern now that immigration reform is off the table this Congress.  It was that legislation that would have provided an avenue for much needed modernization of USCIS capabilities.  Even with the recent increases in fees charged by USCIS, they won’t be able to collect enough to fund technology upgrades that are needed immediately because those fees will take a while to roll in.  Complete report available here.

The head of Customs and Border Protection, Commissioner Ralph Basham, circulated a memo to employees this week announcing plans to open a new Office of Intelligence and Operations Coordination on October 1 under his command.  Frankly, I’m fond of any reorganization that includes the word Coordination.  I’m not sure if its possible to have too much. 

The main points at this stage are that the OIOC is not operational, it appears to be more of an executive management function, and it reflects a focus on information analysis and flow.  This is key language from the announcement: 

The office will be comprised of an optimal blend of operators and analysts and will be structured in such a way as to optimize their interaction and collaboration.  The office will be focused on programmatic oversight, analysis and coordination, rather than conducting operations.  The new OIOC will establish mechanisms to ensure the flow of valuable information to and from field intelligence assets and the integration of field information into broader analytic products that directly support headquarters and field operators. 

And the starting line-up:

• Al Gina, Deputy Assistant Commissioner
• Tom Bortmes, Executive Director of Intelligence and Situational Awareness
• Tom Bush, Director of Targeting and Analysis
• Jeanne Ray-Condon, Director of Field Coordination
• Rodney Scott, Director of Incident Management and Operations Coordination

The Basham memo: 

 

Deputy Under Secretary for Preparedness Robert Zitz and Acting Director for US-VISIT Robert Mocny testified March 20 before the House Homeland Security Committee about the National Preparedness and Protection Directorate (NPPD). 

Zitz said the NPPD will integrate risk reduction activities of the Office of Infrastructure Protection, Office of Cyber Security and Communications, and US-VISIT.  Mocny explained that US-VISIT will move to the new Directorate to support DHS-wide risk management efforts, but also to better share VISIT-gathered information across other authorities of the USG (State, DOJ, the intelligence community). 

Connecting up State, Justice, and the IC with information gathered from screening conducted by ICE, CBP, USCIS, Consular offices, and FBI sounds like an important priority, and a significant undertaking.  Oversight of this kind of information sharing would appear to be almost as difficult given the privacy issues and permissions likely to be involved, let alone the coordination of it to reduce redundant screening and resolve inconsistent data.  Where the DHS Screening Coordination Office fits into this effort is pretty important, too.  I did not attend this hearing so I do not know if Members raised the SCO an issue.  If any readers have insight on this, please comment.

Malcolm Gladwell (the author of The Tipping Point and Blink) has an excellent article in this week’s issue of The New Yorker. The piece is primarily focused on the downfall of Enron, but it also includes some interesting passages that are thought-provoking in terms of intelligence, homeland security and counterterrorism:

The national-security expert Gregory Treverton has famously made a distinction between puzzles and mysteries. Osama bin Laden’s whereabouts are a puzzle. We can’t find him because we don’t have enough information. The key to the puzzle will probably come from someone close to bin Laden, and until we can find that source bin Laden will remain at large.

The problem of what would happen in Iraq after the toppling of Saddam Hussein was, by contrast, a mystery. It wasn’t a question that had a simple, factual answer. Mysteries require judgments and the assessment of uncertainty, and the hard part is not that we have too little information but that we have too much. The C.I.A. had a position on what a post-invasion Iraq would look like, and so did the Pentagon and the State Department and Colin Powell and Dick Cheney and any number of political scientists and journalists and think-tank fellows. For that matter, so did every cabdriver in Baghdad.

The distinction is not trivial. If you consider the motivation and methods behind the attacks of September 11th to be mainly a puzzle, for instance, then the logical response is to increase the collection of intelligence, recruit more spies, add to the volume of information we have about Al Qaeda. If you consider September 11th a mystery, though, you’d have to wonder whether adding to the volume of information will only make things worse. You’d want to improve the analysis within the intelligence community; you’d want more thoughtful and skeptical people with the skills to look more closely at what we already know about Al Qaeda. You’d want to send the counterterrorism team from the C.I.A. on a golfing trip twice a month with the counterterrorism teams from the F.B.I. and the N.S.A. and the Defense Department, so they could get to know one another and compare notes.

If things go wrong with a puzzle, identifying the culprit is easy: it’s the person who withheld information. Mysteries, though, are a lot murkier: sometimes the information we’ve been given is inadequate, and sometimes we aren’t very smart about making sense of what we’ve been given, and sometimes the question itself cannot be answered. Puzzles come to satisfying conclusions. Mysteries often don’t.

….That same transformation is happening in the intelligence world as well. During the Cold War, the broad context of our relationship with the Soviet bloc was stable and predictable. What we didn’t know was details. As Gregory Treverton, who was a former vice-chair of the National Intelligence Council, writes in his book “Reshaping National Intelligence for an Age of Information:”

Then the pressing questions that preoccupied intelligence were puzzles, ones that could, in principle, have been answered definitively if only the information had been available: How big was the Soviet economy? How many missiles did the Soviet Union have? Had it launched a “bolt from the blue” attack? These puzzles were intelligence’s stock-in-trade during the Cold War.

With the collapse of the Eastern bloc, Treverton and others have argued that the situation facing the intelligence community has turned upside down. Now most of the world is open, not closed. Intelligence officers aren’t dependent on scraps from spies. They are inundated with information. Solving puzzles remains critical: we still want to know precisely where Osama bin Laden is hiding, where North Korea’s nuclear-weapons facilities are situated. But mysteries increasingly take center stage. The stable and predictable divisions of East and West have been shattered. Now the task of the intelligence analyst is to help policymakers navigate the disorder. Several years ago, Admiral Bobby R. Inman was asked by a congressional commission what changes he thought would strengthen America’s intelligence system. Inman used to head the National Security Agency, the nation’s premier puzzle-solving authority, and was once the deputy director of the C.I.A. He was the embodiment of the Cold War intelligence structure. His answer: revive the State Department, the one part of the U.S. foreign-policy establishment that isn’t considered to be in the intelligence business at all. In a post-Cold War world of “openly available information,” Inman said, “what you need are observers with language ability, with understanding of the religions, cultures of the countries they’re observing.” Inman thought we needed fewer spies and more slightly batty geniuses.

These passages raise a critical question: is the US intelligence community still expending too much effort trying to solve “puzzles,” and not enough at uncovering “mysteries”? The massive emphasis within the intelligence community budget on the raw collection of SIGINT, ELINT, MASINT, etc. seems to support that contention. Does this distinction explain many of the notable intelligence failures (e.g. WMD’s in Iraq) in the past decade? And what should the intelligence community be doing to get better at solving “mysteries”? The aforementioned “batty geniuses” are part of the equation, but so are new collaborative tools, such as Intellipedia, to synthesize information and discover new insights.

For more on this topic, check out the book that Gladwell references in the article, Gregory Treverton’s “Reshaping National Intelligence for an Age of Information”.

Incoming House Speaker Nancy Pelosi announced the creation today of a new Select Intelligence Oversight Panel within the House Committee on Appropriations, the role of which would be to bridge the gap between intelligence oversight and authorization at the HPSCI and intelligence spending, which is largely controlled today by the Subcommittee on Defense of House Committee on Appropriations. This change is part of the incoming Congress’s efforts to implement the 9/11 Commission Report recommendations, and is specifically responsive to Recommendation #33 in the 9/11 Commission Report (see pages 20-21 here). It runs counter to a Washington Post story from November which suggested that reorganization of intelligence authorities was unlikely to take place in the House, given opposition to the idea among House appropriators.

The Cato Institute published a paper yesterday entitled “Effective Counterterrorism and the Limited Role of Predictive Data Mining” by Cato’s Jim Harper (whose book Identity Crisis I reviewed here last month) and fellow IBMer/blogger Jeff Jonas. The paper argues against the value of pattern-based predictive data mining as a tool for counterterrorism, instead favoring tools that investigate links among and outward from known suspects, using intelligence and detection tools within a more robust information-sharing environment.

This seems to be an emerging consensus viewpoint about predictive data mining; indeed, as the National Journal reported recently, a recent procurement document admitted the challenges that the US government has faced in developing reliable predictive models for counterterrorism applications. There is still a value in using predictiving modeling in limited security applications - e.g. looking for trends among cleared government personnel that would suggest counterintelligence activity (as mentioned in this post) - but in general, other forms of data analysis are more suited for counterterrorism.

Overall, a solid piece. For more on this topic, I would again recommend Mary DeRosa’s Data Mining and Data Analysis for Counterterrorism.

Since the elections in November, there’s been a lot of discussion about plans by the incoming Democratic leadership to implement the 9/11 Commission recommendations. Advocates of the idea have touted it as a critical and timely response to issues left unaddressed in the last two years, with incoming House Speaker Nancy Pelosi making their implementation “one of the centerpieces of her “first 100 hours” legislative agenda” according to the Washington Post. Skeptics have scoffed at this notion, with the Heritage Foundation’s James Carafano telling the AP in late November that “I don’t think there’s a lot more to do there” and “I think we’re done.”

Amidst all of this rhetoric, there’s an easy way to resolve this dispute: go to the source. That’s what I’ve done over the last two weeks, going one-by-one through the each of the 41 recommendations in the 9/11 Commission Report, looking at what’s been done to date, and analyzing what the 110th Congress could potentially do to make progress on each and every one of these recommendations.

You can read the complete analysis in this 25-page paper:

Implementing the 9/11 Commission Recommendations: An Analysis. Christian Beckner, December 2006.

Overall, I think the analysis shows that there is a lot that the incoming Congress can do to respond to the 9/11 Commission’s recommendations, not only in terms of authorizing legislation, but also in terms of funding, oversight, investigations, public communications, and personal outreach. These recommendations are neither a panacea nor a finish line (there is no finish line against a constantly evolving threat), but they are still a useful set of recommendations that can improve our counterterrorism, homeland security, and intelligence capabilities, and they are part of a credible security agenda for the next Congress.

Update (12/9): As mentioned in a comment below, the Congressional Research Service issued a report this week on the same topic, which I first became aware of yesterday after publishing my analysis.

The Information Sharing Environment program office within the DNI released their final implementation plan to Congress yesterday, as part of efforts to fulfill a mandate of the Intelligence Reform and Terrorism Prevention Act of 2004 to improve information-sharing among the intelligence community and with key external stakeholders. This press release and this Washington Post story summarize the Plan. The Post story focuses on the most newsworthy item in the Plan: the creation of a new Interagency Threat Assessment Coordination Group (ITACG), led by DHS and housed at the NCTC, which will be responsible for leading efforts to better coordinate the synthesis and distribution of intelligence and warning information for state and local customers. This chart on page 71 of the report shows the notional framework for the ITACG’s role (click to enlarge):

If this initiative succeeds, it will be a welcome development, given the frustrations that many state and local officials have felt in recent years when it comes to their information-sharing interactions with the federal government, struggling to deal with the reality of too little information coming down too many different pipes. If the intelligence community can integrate and streamline its communications with state and local officials, that effort (in combination with related efforts strengthen fusion centers and build personal ties at the local level) will go a long way to remedying the problems that have existed over the past few years in the area of state and local info-sharing. But there is still a long way to go to turn this framework into reality.

For those who follow intelligence and info-sharing issues, there are a number of other important ideas in the final ISE implementation plan, such as a plan for standardization of sensitive-but-unclassified (SBU) markings across the intelligence community.

US News reported this week on a new collaborative tool within the Intelligence Community for analysis: Intellipedia. From the article:

Intellipedia. Many of the hottest online tools now in use turn out to be ideal for sharing intelligence, officials say. Two years ago, the CIA launched its own wiki. (A wiki is an online site that allows users to collectively add and edit content, like Wikipedia, the online encyclopedia.) Dubbed simply the CIA Wiki, it now boasts some 10,000 classified pages. In January, the DNI followed with a communitywide wiki, dubbed the Intellipedia. The DNI’s National Intelligence Council-which produces the government’s weighty National Intelligence Estimates on key topics-has just launched an experiment to produce the first NIE by wiki. The subject: Nigeria. Top experts on the oil-rich African nation are working together on the Intellipedia to help chart its future. “I don’t know if it’s going to work,” says Thomas Fingar, the chief of analysis for the DNI. “It might; might not.”

The DNI held a news conference yesterday to describe Intellipedia in greater detail. I think this is a great idea, and is a perfect example of how the intelligence community can harness new tools and technologies to strengthen analysis.

Update (10/31): More on Intellipedia from the L.A. Times.

Shane Harris of the National Journal continues his first-rate efforts to ferret out the details of the inner workings of the intelligence community in his latest article, headlined “Terrorist Profiling, Version 2.0.” The article focuses on an Air Force procurement solicitation entitled “Tangram,” which seems to be causally linked to the former Total Information Awareness (TIA) program. But more interestingly, the solicitation document describes the challenges that the intelligence community has faced in terror-related data analysis in recent years. Harris writes:

In addition to descriptions of Tangram, the document offers a rare and surprisingly candid analysis of intelligence agencies’ fits and starts — and failures — in other efforts to profile terrorists through data mining: Researchers, for example, haven’t moved beyond “guilt-by-association models” that link suspected terrorists to other, potentially innocent people, and then rank the suspects by level of suspicion.

“To date, the predominant approaches have used a guilt-by-association model to derive suspicion scores,” the Tangram document states. “In the cases where we have knowledge of a seed entity [a known person] in an unknown group, we have been very successful at detecting the entire group. However, in the absence of a known seed entity, how do we score a person if nothing is known about their associates? In such an instance, guilt-by-association fails.”

Intelligence and privacy experts who reviewed the document said that it reaffirms their long-held belief that many computerized terrorist-profiling methods are largely ineffective. It also raises significant privacy concerns, because to distinguish terrorists from innocent people, a system that’s as broad as Tangram purports to be would require access to many databases that contain private information about Americans, the experts said, including credit card transactions, communications records, and even Internet purchases.

I’ve read through the document myself, and it’s true that it’s a candid assessment of the challenges associated with terror-profiling. But after reading it, I don’t come to the conclusion that this program is futile or misguided, as several of the people that Harris talked to seem to do. Instead, I see a research program whose leaders have made progress in some areas, still have meaningful goals in others, and realize that certain objectives are unlikely to be achieved given the practical limitations imposed by human volition and cognition. It makes sense to continue to research and improve these programs, using “synthetic data or foreign-intelligence data already being used by analysts” as the article notes, as one of many facets of our homeland security and counterterrorism efforts.

My main concern about these programs is the lack of oversight, which creates the risk that this type of program will head in a direction that does violate privacy and civil liberties. The application of this type of technology is too important to be left solely to the scientists and technicians. But at the same time, we’ve seen that when these programs are publicly discussed by the executive branch - as was the case with Total Information Awareness - they become vulnerable to demagogic and misguided interpretations and accusations. The debate over the use of data analysis for counterterrorism thus has become something of a shell game over the last few years, which is too bad, but perhaps as good as we can do given the sensitivities involved.

As I noted last week, a segment on 60 Minutes on Sunday night looked at the issue of the government’s no-fly list, based upon an investigation that studied a copy of the list. The investigators found numerous flaws with it, most notably the fact that 14 of the 19 9/11 hijackers (presumably dead) were still on the list, and people with common names such as “Robert Johnson” are repeatedly flagged when they fly. The transcript of the segment is available here.

The segment was based largely on the reporting found in the new book “Unsafe at Any Altitude” by Susan Trento and Joseph Trento. I read a review copy of the book over the weekend, and while it was a compelling read, I’m not quite sure what to make of it.

The main argument of the book is that private aviation screening firms were falsely scapegoated after 9/11, and that today’s TSA performs worse at aviation screening than these private companies. The book tells the story of Frank Argenbright, the founder and namesake of one of the major screening companies at the time, arguing that he was personally scapegoated because of screening problems at the company in Philadelphia in 2000, even though (the book argues) the screeners at the company’s airports in Dulles and Newark performed their duties appropriately on the morning of 9/11.

The book suggests that TSA employees today “detect only about half the dangerous articles sent through airport security in tests,” in contrast with a “80 to 95 percent detection rate” by private screeners prior to 9/11. I’ve been a strong advocate of federal-run screening at the TSA, fearing an overly cost-driven race to the bottom if it is reprivatized, but this part of the book makes a credible case for examining a return to private sector screening - something that TSA is looking at today via the Screening Partnership Program.

So why am I not sure what to make of the book? Because amid this narrative are a few mind-boggling revelations, which if true, would require complete reassessments of the conventional wisdom about 9/11.

For example, on page 137 and page 192:

The biggest secret was that Saudi Arabian government agents whom the CIA had relied on for inside information on al Qaeda were, in fact, working for Osama bin Laden. Two of those agents were among the hijackers on American Airlines Flight 77 out of Dulles. Those two men were the ones the CIA and FBi had asked [Argenbright manager] Steve Wragg to watch on the video at Dulles Airport. The CIA had known since 2000 that they were in the United States, but it hadn’t notified the FBI until June 2001. The FBI had been looking for them all summer in connection with the October 2000 bombing of the Navy’s USS Cole off the coast of Yemen, but had not been able to find them.

….Prior to 9/11 senior CIA officials had convinced themselves that GID, the Saudi intelligence service, had placed agents inside al Qaeda. Because these two men - Khalid al-Mihdhar and Nawaf al-Hazmi - were thought to be Saudi agents, the CIA did not tell the FBI about them when they came into the United States from a terrorist summit meeting in Malaysia. Had the CIA shared what it knew, the FBI might have had a chance to at preventing the 9/11 attacks.

Read that passage twice. The authors are suggesting something that I’ve never heard before, and couldn’t find in any of the authoritative sources on 9/11 over the weekend - that two of the 9/11 hijackers were thought to be Saudi agents inside al-Qaeda but were actually double-double agents, and true members of al-Qaeda - who could have been easily tracked down in San Diego had information on them been shared with the FBI and other agencies. The ability to assess the verity of this claim is above my paygrade, but I have a hard time believing that 60 Minutes would associate itself with a book without vouching for its credibility.

Some other key revelations in the book:

• The reason that 14 of the 19 9/11 hijackers are still on the no-fly list is that U.S. intelligence agencies fear that the real hijackers stole the identities of other Saudis prior to 9/11;
• The first chapter of the book tells the story of Eric Gill, an Argenbright employee at Dulles who stopped an attempt by five Middle Eastern men dressed as airport employees to enter the secure zone of Dulles Airport on the night of 9/10/01…and later identified two of the men among the 9/11 hijackers;
• The book claims that “the CIA is routinely placing employees undercover with airlines and even as sky marshals” (page 195);
• The book describes incidents of finding bombs at airports after 9/11 that have heretofore been unreported, including one “found taped to a bathroom wall at the airport in Seattle.” (page 183)

Overall, I’m hesitant to accept everything in the book as fact, given the prevalence of anonymous sourcing, until there is further cross-checking of their findings. But for those who follow aviation security and intelligence issues, it’s a worthwhile read, and likely to stir up some lively discussion in the coming days and weeks. Here’s the link to it on Amazon.

The Congressional Research Service released a new report this month on aviation security pre-screening:

RL33645: Terrorist Watchlist Checks and Air Passenger Prescreening, September 6, 2006

The full Homeland Security Watch collection of CRS reports is available here.

The Department of Defense Inspector General has released a report responding to the numerous allegations regarding the Able Danger program and its relation to the 9/11 attacks. Among the findings:

• The program did not identify Mohammed Atta prior to 9/11, stating that witness recollections to this effect were not accurate.
• DOD officials did not explicitly prohibit the sharing of Able Danger information with the FBI.
• Several terabytes of data related to the program were destroyed.
• The revocation of Lt. Tony Shaffer’s security clearance was appropriate given the full scope of circumstances beyond those publicly known.

Here’s an AP story on the report. And here’s the reaction on the Able Danger Blog.

The DHS inspector general released a report last week entitled “Survey of DHS Data Mining Activities” which identifies and describes 12 systems and capabilities at DHS, some of which are operational, others of which are under development. Many of the 12 have received little to no public scrutiny until this report, most notably the Intelligence and Information Fusion (I2F) program under the DHS Office of Intelligence Analysis, which was previously alluded in the IT spending analysis for the FY 2007 budget request and at a conference in May, but has not been really discussed until this report. The report notes:

The purpose of the I2F is to make operational an integrated intelligence and information capability for DHS. This capability will enable intelligence analysts to understand relationships that would otherwise not be readily apparent. I2F is in early development and is primarily dependent on the analyst manually processing, compiling, and analyzing data. The next version of the system will be a set of tools and technologies integrated to support the intelligence analyst.

I2F provides intelligence analysts with tools that aid in the discovery and tracking of terrorism threats to the United States population and infrastructure. I2F is principally made up of commercial off-the-shelf software, but also integrates government off-the-shelf programs. These programs are used for entity extraction, search capabilities, and link analysis.

The report also discusses the ADVISE program, which has been the subject of occasional worried speculation over the past year and a half. The report adds additional details to previous official accounts of ADVISE, describing how it uses semantic graph techniques to “connect information extracted from text and images, databases, and simulation and modeling tools to provide a watch-and-warning system for analysts.”

Overall, an informative report. For more info, see these stories last week from Washington Technology and the Washington Times.

For those of you that missed it earlier this week, take a minute to check out Secretary Chertoff’s op-ed in the Washington Post. He argues for more effective use of detailed airline passenger information (Passenger Name Record or PNR data) to identify high-risk passengers. Chertoff identifies problems arising from international restrictions on the use and sharing of this data:

The U.S. government has collected PNR data on travelers aboard international flights to the United States since the early 1990s. This information is of such value that after the Sept. 11 terrorist attacks, Congress mandated its continued collection. But in the past few years European privacy concerns have limited the ability of counterterrorism officials to gain broad access to data of this sort.

For example, under an agreement with the European Union, U.S. Customs and Border Protection receives this information regularly, but it cannot routinely share it with investigators in another DHS component, Immigration and Customs Enforcement, or with the FBI — never mind with our allies in London. This information might yet identify associates of those arrested in the plot in Britain, but the rules blind us in routinely searching for that connection.

Yet another reminder that homeland security is not just a domestic issue. Effective HLS policies require strong international relationships and better channels for sharing threat information.

The Congressional Research Service issued a new report that looks at the definition, scope, and characteristics of homeland security intelligence (HSINT). It’s available for the first time on the Internet here at Homeland Security Watch:

RL33616: Homeland Security Intelligence: Perceptions, Statutory Definitions, and Approaches, August 18, 2006

The report attempts to address a question that hasn’t been fully answered yet: what do we really mean by “homeland security intelligence”? Is it a new intelligence discipline? Is it instead simply a constituency within the intelligence community? Or is it instead something new, that doesn’t easily conform to earlier intelligence paradigms, and requires new means of interaction and control?

The author of the report, Todd Masse, offers three potential ways to frame thinking about homeland security intelligence: (1) a geographic approach, i.e. focusing on where collection takes place; (2) a structural/statutory approach, focusing on who is doing the collecting; and (3) a holistic approach, that does not have formally delineated borders. About this final approach, Masse writes:

The approach recognizes no borders and is neither “top down” nor “bottom up.” It involves and values equally information collected by the U.S. private sector owners of national critical infrastructure, intelligence related to national security collected by federal, state, local, and tribal law enforcement officers, as well as the traditional “Ints” collected by statutory members of the IC. It involves strategic and tactical intelligence designed to prevent attacks on the U.S. homeland, as well as highly tactical and event-driven information coordination that must take place in response to a terrorist attack or national disaster. Yet such an approach also implies a level of information sharing between federal, state, local, tribal, and private sector information collection entities that does not appear to exist currently.

….Under the holistic approach, the HSINT community might include the 16 statutory members of the IC (as each collects national intelligence, or intelligence related to national security which could have a profound impact on homeland security); the National Counterterrorism, National Counterintelligence, National Counter Proliferation, and Open Source Intelligence Centers; the 14 existing private sector Information Sharing and Analysis Centers, scores of state and local law enforcement entities charged with gathering criminal intelligence, numerous state and regional “intelligence fusion” centers, and federal entities with law enforcement responsibilities which may collect intelligence related to national security. This holistic approach implies an interdependency between the diverse players of the statutory IC and the broader HSINT Community.

Building these interdependencies needs to be one of the most important objectives for our national security today. Unfortunately progress has been halting over the last five years, although I think the intelligence community has started to turn the corner within the last year. Organizations like the NCTC, the ISE office, and the many state/local fusion centers are gradually leading to a more interdependent HSINT community. But these efforts will be insufficient without a deep commitment to cultural change (tied to pay and promotion) in the intelligence community, one that eschews classification except when absolutely necessary (to allow rapid sharing with non-federal sources), promotes collaboration, and encourages information-sharing rather than information-hoarding.

Overall, a very thoughtful piece from CRS. And as always, the full Homeland Security Watch collection of CRS reports is available here.

The New York Times has an important story today on the issue of the Passenger Name Record (PNR) and the role that it can play as a data input into the aviation screening system, in the wake of the foiled UK terror plot. The proposals discussed in the story seem to go beyond the currently-planned uses of PNR data, envisioning a broader system of data analysis using the PNR information, perhaps with a direct hook into the major Computerized Reservation Systems (e.g. Sabre, Galileo, Amadeus) that are the core information nodes of the global travel system:

A proposal by Homeland Security Secretary Michael Chertoff would allow the United States government not only to look for known terrorists on watch lists, but also to search broadly through the passenger itinerary data to identify people who may be linked to terrorists, he said in a recent interview.

Similarly, European leaders are considering seeking access to this same database, which contains not only names and addresses of travelers, but often their credit card information, e-mail addresses, telephone numbers and related hotel or car reservations.

….“Ideally, I would like to know, did Mohamed Atta get his ticket paid on the same credit card,” Mr. Chertoff said, citing the lead hijacker of the 2001 plots. “That would be a huge thing. And I really would like to know that in advance, because that would allow us to identify an unknown terrorist.”

Would there be direct security benefits from this type of analysis? Absolutely. Will the privacy loss from this outweigh its benefit? That depends, based upon different individual and national privacy values (and some people would object to the concept of even quantifying this). Are there ways to do this that are less invasive in terms of individual privacy? Definitely, including data anonymization and a system where individual countries and the reservation systems conduct data analysis themselves and share only the ‘hits’ against common watch list and indicators databases, without having to share the full stream of unwashed PNR data.

Update (8/23): More on this issue from Ryan Singel at 27BStroke6.

Breaking news this afternoon:

A federal judge in Detroit ordered a halt to the National Security Agency’s warrantless surveillance program, ruling for the first time that the controversial effort ordered by President Bush was unconstitutional.

U.S. District Judge Anna Diggs Taylor wrote in a strongly-worded 43-page opinion that the NSA wiretapping program violates privacy and free-speech rights and the constitutional separation of powers between the three branches of government. She also found that it violates a 1978 law set up to oversee clandestine surveillance.

The Justice Department said that it was appealing the decision and that the parties to the lawsuit had agreed to delay the judge’s order until the appeal could be heard.

Obviously this is only the start of the legal process on this question; I would expect this issue to go all the way to the Supreme Court, even if Congress authorizes the program. You can read the opinion here. And Memeorandum captures the blog reaction this afternoon.

Update 1 (8/17): I just read the opinion. One interesting implication is that even though the government presented additional classified details about the program to the judge, these details did not convince her that the Terrorist Surveillance Program was greater in scope than what is already publicly-known, with the possible exception of the case’s data mining claim, which she did throw out based on the invocation of the state secret privilege. Instead, she says that the key elements of the program are publicly known, in her denial of the request to dismiss based on the state secret privilege:

It is undisputed that the Defendants have publicly admitted to the following: (1) the TSP exists; (2) it operates without warrants; (3) it targets communications where one party to the communication is outside the United States, and the government has a reasonable basis to conclude that one party to the communication is a member of al Qaeda, affiliated with al Qaeda, or a member of an organization affiliated with al Qaeda, or working in support of al Qaeda. As the Government has on many occasions confirmed the veracity of these allegations, the state secret privilege does not apply to this information.

Update 2 (8/17): Cogent detailed analysis of the opinion from Glenn Greenwald.

Judge Richard Posner, one of the nation’s top thinkers on matters of homeland security and intelligence, argues in today’s Washington Post in favor of the creation of an MI5-type organization in the U.S. government:

Intelligence succeeded in part because of the work of MI5, England’s domestic intelligence agency. We do not have a counterpart to MI5. This is a serious gap in our defenses. Primary responsibility for national security intelligence has been given to the FBI. The bureau is a criminal investigation agency. Its orientation is toward arrest and prosecution rather than toward the patient gathering of intelligence with a view to understanding and penetrating a terrorist network.

The bureau’s tendency, consistent with its culture of arrest and prosecution, is to continue an investigation into a terrorist plot just long enough to obtain enough evidence to arrest and prosecute a respectable number of plotters. The British tend to wait and watch longer so that they can learn more before moving against plotters.

The FBI’s approach means that small fry are easily caught but that any big shots who might have been associated with them quickly scatter. The arrests and prosecutions warn terrorists concerning the methods and information of the FBI. Bureaucratic risk aversion also plays a part; prompt arrests ensure that members of the group won’t escape the FBI’s grasp and commit terrorist attacks. But without some risk-taking, the prospect of defeating terrorism is slight.

MI5, in contrast to the FBI (and to Scotland Yard’s Special Branch, with which MI5 works), has no arrest powers and no responsibilities for criminal investigation, and it has none of the institutional hang-ups that go with such responsibilities. Had the British authorities proceeded in the FBI way — rather than continuing the investigation until virtually the last minute, which enabled them to roll up (with Pakistan’s help) more than 40 plotters — most of the conspirators might still be at large, and the exact nature and danger of the plot might not have been discovered. We