Informing government decision makers through research & industry insights.

New Identity Management System Unlikely to Prevent Future Mass Military Shootings

President Barack Ob, ... ] President Barack Ob, ... ] flickr user The U.S. Army

Nextgov reported this week on a new effort to continuously check criminal records of those with access to secure facilities. The Identity Matching Engine for Security and Analysis (IMESA) interface will automatically screen individuals at the entrances of military installations by running their information against the FBI’s criminal databases, and flagging their profiles “if the system shows an arrest, felony, or outstanding warrant.” Michael Butler, deputy director for identity services at the Defense Manpower Data Center, said of the motivation for the change that “it all comes back to the Washington Navy Yard process.”

The use of FBI data will allow the system to update constantly, even if the employee fails to report an incident to the DoD. In an interview with Nextgov, Butler gave the example of an employee being pulled over for driving under the influence one night. The next day, security will pull him aside as he tries to enter the base, and “law enforcement will study the situation further” before he can proceed. The update will undoubtedly improve continuity between disparate authorities, as it will synthesize information from the DoD’s own database, as well as the NCIC Wanted Persons File, National Sex Offender Registry File, and Known or Suspected Terrorists File. This is valuable information to have, as it may lead to greater scrutiny or suspension of employees who exhibit criminal behavior, but the connection between prior arrests and military base shootings remains tenuous.

According to Nextgov, the Navy Yard shooting of September 2013 led to a governmentwide effort to vigilantly monitor individuals with access to secure areas, after gunman Aaron Alexis used a valid ID to enter the base “despite having an arrest record and a history of other infractions.” The implication that an identity management failure at the Navy Yard entrance was to blame is a faulty one--Alexis was on assignment at the installation and gained access “despite his arrest record” without incident every day of his tenure there before the shooting. He was given Secret security clearance despite his record, which contained an arrest for malicious mischief involving deflating a man’s tires, another for disorderly conduct outside of a nightclub, and several other infractions. Returning to Michael Butler’s analogy, the suggestion that a previous DUI or similar infraction would be sufficient evidence to tip off security regarding an intention to commit a mass shooting is unconvincing.

Studies of mass shooters demonstrate the unlikelihood that a future gunman would have priors that might predict his intent; their commonalities are usually not previous arrests but “challenging setbacks in important social, familial, or vocational domains.” James Alan Fox, Professor of Criminology at Northeastern University and author of “Violence and Security on Campus: Preschool Through College,” wrote that mass shooters usually “do not have a criminal record or history of mental hospitalization.” However, while future mass shooters do not share a heightened arrest rate, individuals who have been diagnosed with PTSD do. Dr. Prakash Masand, a former Duke University psychiatrist and PTSD researcher, told the L.A. Times after the second Fort Hood shooting that combat veterans who have been diagnosed with PTSD are two to three times more likely than other combat veterans to commit domestic violence and other violent acts.

Experts on mass shooters, however, have found that mental health conditions in general, and PTSD in particular, do not indicate an increased likelihood to perpetrate a mass shooting. Dr. Charles Marmar, chairman of the psychiatry department at the N.Y.U Langone Medical Center, said that PTSD can cause an increase of spontaneous aggressive outbreaks- “but it does not provoke mass murder.” By flagging individuals with prior arrests, it is possible that instead of identifying employees with a future risk of dangerousness, the new system will worsen the stigma surrounding PTSD by singling out individuals affected by the condition at a much higher frequency than their unaffected peers.

An investigation performed after the Navy Yard shooting found that the initial police report said that Alexis in fact used a gun to “deflate” the man’s tires- this detail was omitted in the arrest record and therefore presumably from the FBI’s criminal database, demonstrating that critical nuances may remain outside the scope of IMESA’s capabilities. The major contribution of this security upgrade in its current model is to aggregate data from multiple sources, and to configure it in a way that allows continuous monitoring. More security may feel better than less, but the process of what exactly occurs as “law enforcement [studies] the situation further” deserves much more scrutiny.


This post is written by Government Business Council; it is not written by and does not necessarily reflect the views of Government Executive Media Group's editorial staff. For more information, see our advertising guidelines.


Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Sponsored by G Suite

    Cross-Agency Teamwork, Anytime and Anywhere

    Dan McCrae, director of IT service delivery division, National Oceanic and Atmospheric Administration (NOAA)

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

  • Federal IT Applications: Assessing Government's Core Drivers

    In order to better understand the current state of external and internal-facing agency workplace applications, Government Business Council (GBC) and Riverbed undertook an in-depth research study of federal employees. Overall, survey findings indicate that federal IT applications still face a gamut of challenges with regard to quality, reliability, and performance management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security


When you download a report, your information may be shared with the underwriters of that document.