'Policy, not technology' creates barriers to info sharing

[David Farber <dave () farber net>]

---------- Forwarded message ----------
From: Shaun Waterman <swaterman () upi com>
To: Shaun Waterman <swaterman () upi com>
Subject: [osint] UPI: 'Policy, not technology' creates barriers to info 
sharing

'Policy, not technology' creates barriers to info sharing
By Shaun Waterman
UPI Homeland and National Security Editor

WASHINGTON, Sept. 18 (UPI) -- The barriers to information sharing 
between federal agencies are ones of policy and practice, not 
technology, the White House official in charge of overcoming them told 
United Press International.

"The reasons why (different government computer systems and databases) 
are not interconnected has nothing to do with technology," Karen Evans, 
the administrator for e-government and information technology at the 
White House's Office of Management and Budget, said in an interview 
Friday.
"It is policies and business processes," she said.

The failure of federal agencies, and especially the nation's 
intelligence services, to share information was -- according to the 
Sept. 11 Commission -- one of the key problems hampering the nation's 
fight against terrorism.

"Each agency concentrates on its specialized mission, acquiring its own 
information and then sharing it via formal, finished reports," the 
commission found in its July final report. "No one component holds all 
the relevant information."

Critics caution that you can -- in effect -- have too much of a good 
thing, and that the free exchange of information between all the 
various parts and levels of government will rob citizens of their 
privacy and that government use of private-sector data may violate the 
Fourth Amendment.

Nonetheless, the commission called for action from both White House and 
Congress to rectify the situation. They recommended setting up a 
"trusted information network" -- a decentralized, horizontally 
integrated network of systems -- which would make it possible for one 
agency's databases to be searched by an employee of another agency.

The same solution was recommended last year by a task force set up by 
the Markle Foundation. Zoe Baird, who headed the task force, explained 
to UPI that such a totally connected network does not require the 
centralization of data.

"You don't need to put all the content on a single network," she said. 
"Instead, you use a directory-based system. The directory ... tells you 
where to look for what you need." In such a network, she added, the 
theoretical capability is there for any authorized user to access 
almost any piece of data -- it is the rules that determine who can get 
access to what. And that is where things get tricky, according to 
Evans.

"We've got the easy job," she said of the Information Systems Council 
that President Bush set up last month to start work on the issue. 
"Technology is always the easy part. The tough decisions are the ones 
about policy."

The executive order that created the council was one of a batch of 
directives the president signed on Aug. 27. Most of the attention -- as 
it generally seems to be -- fixed on the measures strengthening the 
hand of the current director of central intelligence and establishing 
the National Counter-Terrorism Center.

But another dealt with watch-listing and screening, a fourth with 
interoperable communications for first responders and a fifth with 
setting up a civil liberties and privacy watchdog.

And it is the information-sharing directive that may ultimately have 
the largest impact. It is certainly the one that has privacy and 
civil-liberties advocates -- who generally consider the watchdog to be 
toothless -- most concerned.

Evans' council must come up with a plan to create "an interoperable 
terrorism information-sharing environment" by the end of the year. It 
is chaired by Clay Johnson, the deputy director of the Office of 
Management and Budget, and made up of senior officials from a dozen 
Cabinet departments and agencies.

Evans is the executive director for the council and put together the 
interagency working group of information-technology chiefs that is 
doing the day-to-day development work.

"Our job is to take technology off the table as an issue," Evans says. 
"The policymakers decide how they want to go forward. We just outline 
what kinds of business decisions need to be made for each possible 
approach."

But in order to go forward, she points out, it is necessary "to ask the 
tough questions: How centralized do we want this system to be? Who 
should have what kind of access?"

Answering those questions is the job of a much smaller group of 
officials.

The director of central intelligence -- almost certain to be Rep. 
Porter Goss, R-Fla., quite shortly -- Attorney General John Ashcroft 
and Homeland Security Secretary Tom Ridge are charged with setting 
baseline standards for the sharing of data between intelligence 
agencies, with other federal agencies, and with state and local law 
enforcement; and developing policies and personnel practices that will 
get them met.

That includes "requirements, procedures, and guidelines for terrorism 
information to be collected within the United States, including, but 
not limited to, from publicly available sources, including 
non-governmental databases."

That reference has conjured up memories of John Poindexter's ill-fated 
universal data-mining operation. Given the unfortunate title of Total 
Information Awareness, the project was killed -- or rather, driven into 
the classified portions of the defense budget -- by lawmakers alarmed 
at its Orwellian implications.

Lee Strickland, formerly a senior information-technology official at 
the CIA, believes that TIA's failure was a matter of poor public 
relations rather than bad policy. But he nonetheless acknowledges that 
the government's access to private-sector data does generate concern 
and might raise constitutional issues.

"Private action, like denying you credit, doesn't raise constitutional 
issues -- it's a tort at most. But government action does," he says, 
arguing it is a Fourth Amendment question.

However, he suggests that what he calls "a growth area in Fourth 
Amendment law" -- the "special needs" of the government -- might trump 
the expectation of privacy case law considered inherent in that 
amendment's restriction on unreasonable search, seizure and trespass by 
the state.

If you can catch terrorists -- or even get clues as to who might be a 
terrorist -- by trawling through millions of anonymous credit-card 
transactions and only de-anonymizing any that are linked in suspicious 
patterns, the argument goes, what is unreasonable about letting the 
government do so?

The key, says Baird, lies in the regime that grants or denies access to 
information. "You have to have a process for making people explain why 
they want the information, how it's related to terrorism.

"New checks and balances are needed."

At the moment, the executive order represents a very broad statement of 
principles, plus an instruction to Ashcroft, Ridge and (probably) Goss 
to devise a regime that will balance Americans' rights to keep data 
about themselves out of the hands of the government with the need to 
know what people are up to in order to help find terrorists.

Although the executive order tasks officials to "protect the freedom, 
information privacy and other legal rights of Americans," it also 
instructs them to "give the highest priority to" detecting and 
preventing terrorism, sharing information and "the protection of the 
ability of agencies to acquire additional such information."

These priorities worry Charlie Mitchell, legislative counsel with the 
American Civil Liberties Union.

"As they implement this, no one is paying anything like enough 
attention to the civil liberties and privacy implications of this 
massive centralization of information and (in the post of the new 
national intelligence director) power," he said.

"There was a reason why information wasn't shared. There was a reason 
the wall was there," he said, referring to the prohibition on using 
information gleaned from intelligence investigations in criminal cases. 
"The reason was, to limit the power of the government."

One thing almost everyone agrees on is that the executive order sets 
challenging and ambitious deadlines. Ninety days for the guidelines and 
policies, 120 for the plan.

"This is a very optimistic schedule, even just to map what's already 
there," said Strickland. "People do not know what they have," he added, 
citing a Government Accountability Office report on the FBI that found 
they had 500 separate data-management systems.

Baird argues that the deadlines can be met, "because they aren't 
starting from zero. They're starting from a lot of thinking," from the 
Markle task force, the Sept. 11 Commission and others.

Evans maintains that the deadlines demonstrate how serious the 
president is about getting these reforms through.

"Yes, they're aggressive timelines. That's because the president is 
committed to pushing forward on this."

She says that the prospect that Congress might suddenly blindside her 
process with legislation that mandates a different set or different 
priorities does not phase her in the least.

"That's what is so great about this area of work. 
Information-technology people are used to change, in software for 
instance. You just address the changes and deal with them as you go 
forward."

--

The above is an example of UPI's continuing coverage of Intelligence 
Reform and related issues, published on Sunday Sept. 19. I hope you 
find it interesting. You may link to it on the web here: 
http://www.upi.com/view.cfm?StoryID=20040917-054221-6438r

Thank you,
Shaun Waterman
UPI Homeland and National Security Editor
E-mail: swaterman () upi com
Tel: 202 898 8081

Copyright © 2001-2004 United Press International
--------------------------
Brooks Isoldi, editor
bisoldi () intellnet org
http://www.intellnet.org
  Subscribe:    osint-subscribe () yahoogroups com

*** FAIR USE NOTICE. This message contains copyrighted material whose 
use has not been specifically authorized by the copyright owner. OSINT, 
as a part of The Intelligence Network, is making it available without 
profit to OSINT YahooGroups members who have expressed a prior interest 
in receiving the included information in their efforts to advance the 
understanding of intelligence and law enforcement organizations, their 
activities, methods, techniques, human rights, civil liberties, social 
justice and other intelligence related issues, for non-profit research 
and educational purposes only. We believe that this constitutes a 'fair 
use' of the copyrighted material as provided for in section 107 of the 
U.S. Copyright Law. If you wish to use this copyrighted material for 
purposes of your own that go beyond 'fair use,' you must obtain 
permission from the copyright owner. For more information go to: 
http://www.law.cornell.edu/uscode/17/107.shtml

 "When you come to the fork in the road, take it" - L.P. Berra
   "Always make new mistakes" -- Esther Dyson
   "Any sufficiently advanced technology is indistinguishable from 
magic"
    -- Arthur C. Clarke
    "You Gotta Believe" - Frank "Tug" McGraw (1944 - 2004 RIP)

                          John F. McMullen
   johnmac () acm org johnmac () computer org johnmac () m-net arbornet org
         johnmac () tmail com johnmac () panix com johnmac () echonyc com
           jmcmullen () monroecollege edu johnmac () alumni iona edu
              ICQ: 4368412 Skype, AIM & Yahoo Messenger: johnmac13
                  http://www.westnet.com/~observer

-------------------------------------
You are subscribed as interesting-people () lists elistx com
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/