Field Fusion

Regional centers share records on suspected terrorists.

A police officer driving by a King County, Wash., dam that supplies drinking water in the Seattle area notices a hole in a chain-link fence surrounding the premises. He interviews passersby to see whether they saw anybody with a wire cutter. His training tells him the hole could be the work of someone trying to see how easy it would be to penetrate the fence and dump poison into the reservoir. Or the culprit could have been testing security to see how quickly the chink gets patched.

The officer alerts his supervisor at the King County Sheriff's Office, who in turn forwards a message to the state's "fusion center," an information sharing operation partly supported by the federal government that vets reports of suspicious behavior for possible distribution to fusion centers nationwide. The center deems the tip worthy of circulation, in case multiple vicinities have reported similar incidents. An intelligence analyst records the officer's report on a standard form in a locally based computer server that is searchable at fusion centers in other states and cities, plus along Amtrak railways. The local police do not want to release any information that could identify the witnesses, so the analyst leaves the names and certain other data fields blank. Within 24 hours, the suspicious activity report is published.

This is how agencies across the nation are sharing information to pre-empt terrorists. The government defines suspicious activity as behavior or incidents that could signal planning related to terrorism, crime, espionage or other illicit schemes. This type of surveillance did not exist before the Sept. 11, 2001, attacks. And some privacy activists think it still shouldn't today. But the federal government is working to expand the program to all 72 regional fusion centers and convince critics that doing so will protect national security and civil liberties. By the end of September, it is expected that 50 fusion centers will have the technological capacity to fully participate in the program, and the remaining 22 will be able to search the system but not add reports.

The Nationwide Suspicious Activity Reporting Initiative, or NSI, is a virtualized catalog of tips that any federal, state or local government authority can search. But the records actually reside in separate databases maintained by the regional fusion centers. This compartmentalization protects citizens' privacy by allowing each jurisdiction to retain control over its submissions and eliminates the need to buy new computing systems. "It does not create a centralized database," says NSI Director Thomas O'Reilly. "It creates a series of 72 front porches."

The Justice and Homeland Security departments, along with other agencies, developed this standard framework in 2007 to overcome information sharing obstacles that dogged law enforcement prior to 9/11. Back then, agency data systems could not talk to each other. Police could not communicate effectively because they used different lingo for describing incidents. And nondisclosure policies often made it impossible for machines or officers to even try.

Now, according to officials, localities can exchange intelligence using NSI's common terminology, data elements and Web formats so that, for example, the New York Police Department and the Seattle police can understand the details of suspicious activity in Los Angeles. "However they store their information locally, we're providing a technology to search that information nationally," says David P. Lewis, senior policy adviser for Justice Information Sharing and NSI chief technology officer.

The word "virtualization" is thrown around so loosely in product marketing that the term has come to mean anything from providing Web-based, cloud software to segmenting a computer's memory into multiple machines. "In the highest sense of the word, NSI is a virtual system," says Paul Wormeli, Integrated Justice Information Systems Institute executive director emeritus and consultant on the project. "There is no central data storage," he adds.

"The higher-level meaning of virtualization is really key in solving the privacy problems. It allows each state to determine what they share based on their own state's statutes."

Privacy groups, however, argue that much of the potential terrorist activity reported might be nothing more than innocuous tourist habits, such as taking multiple pictures of the Statue of Liberty.

Federal officials agree that some actions dubbed suspicious are consistent with tourist behavior, which is why NSI guidelines instruct trainees to consider the "totality of the circumstances." In addition, officials say, the program teaches officers to log behaviors-not individuals-that are indicative of criminal activity. For instance, police should be on the lookout for people who ask security guards at nuclear plants, "Where did you get your uniform?" This approach reduces the risk of racial or religious profiling, officials note. As of July, more than 46,000 law enforcement personnel had received training, with the rest on the U.S. front line expected to receive instruction by the fall.

"We're not looking for people based on how they dress or how they look, how they pray," O'Reilly says. Plus, jurisdictions can withhold personal information in their fusion center reports to protect privacy.

Federal officials also have issued guidance on distinguishing between cultural behaviors and conduct that indicates criminal activity. An Information Sharing Environment annual report to Congress released in June states that the federal government collaborated with organizations such as the American Civil Liberties Union to develop an NSI privacy framework that officials are working diligently to implement.

ACLU Senior Policy Counsel Michael German acknowledges that federal leaders realize his concerns, but worries that state and local law enforcement agencies are not following guidelines. While NSI managers have set "a high standard on their program," he says, "I don't know whether they have enough control to see if that policy is implemented." Working against the federal government's best intentions, German says, is the fact that many jurisdictions are adopting their own reporting programs. A federal assessment found that just 2 percent of the reports processed by Virginia's fusion center met NSI's guidelines, while only 12 of Florida's 5,727 reports met protocols. "It's difficult to imagine people paying attention to a 40-page [privacy] report when they also are shown a five-minute training video with buildings blowing up," German says.

Federal officials insist the video concentrates on identifying suspicious activity. Additionally, local police reports undergo a two-part assessment at regional fusion centers to ensure the write-ups adhere to standards.

Other privacy groups question whether NSI has truly made Americans safer. The Electronic Frontier Foundation points to a skeptical June Congressional Research Service report stating, "One of the biggest challenges facing policymakers is how to determine whether the NSI program is successful . . . Are the number of [suspicious activity reports] produced or the number of SARs shared relevant metrics? How does one know if the SARs produced and shared under the program are actually meaningful intelligence dots?"

Federal officials could not provide statistics that gauge the impact of NSI, but they did summarize a few episodes they say show the initiative has improved operational efficiency. In 2009, for instance, an employee at a New York self-storage facility, who had been briefed through an NSI community outreach program, contacted the local police after noticing odd activity at one of the units. Law enforcement authorities ran checks and discovered the site already was under federal surveillance. Two weeks later, four men were arrested for plotting to bomb a Bronx synagogue.

This year, Homeland Security is linking NSI with its "If you see something, say something" campaign, which encourages the public to report signs of crime to the police. A July DHS progress report on implementation of the 9/11 commission recommendations states, "This campaign is being expanded to places where NSI is being implemented, to ensure that calls to authorities will be handled appropriately, in an environment where privacy and civil liberties protections are in place."

The ACLU says this outgrowth of NSI is like spying on your neighbors and is a throwback to a controversial post-9/11 Terrorist Information and Prevention System, which the organization says encouraged postal workers to rat on residents. NSI officials maintain the concept is similar to the philosophy of community policing, which encourages residents to join Neighborhood Watch.

"This is whole of government, but it's local control," says Kshemendra Paul, program manager for the Information Sharing Environment within the Office of the Director of National Intelligence.

Stay up-to-date with federal news alerts and analysis — Sign up for GovExec's email newsletters.
Close [ x ] More from GovExec

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

  • The Big Data Campaign Trail

    With everyone so focused on security following recent breaches at federal, state and local government and education institutions, there has been little emphasis on the need for better operations. This report breaks down some of the biggest operational challenges in IT management and provides insight into how agencies and leaders can successfully solve some of the biggest lingering government IT issues.

  • Communicating Innovation in Federal Government

    Federal Government spending on ‘obsolete technology’ continues to increase. Supporting the twin pillars of improved digital service delivery for citizens on the one hand, and the increasingly optimized and flexible working practices for federal employees on the other, are neither easy nor inexpensive tasks. This whitepaper explores how federal agencies can leverage the value of existing agency technology assets while offering IT leaders the ability to implement the kind of employee productivity, citizen service improvements and security demanded by federal oversight.

  • IT Transformation Trends: Flash Storage as a Strategic IT Asset

    MIT Technology Review: Flash Storage As a Strategic IT Asset For the first time in decades, IT leaders now consider all-flash storage as a strategic IT asset. IT has become a new operating model that enables self-service with high performance, density and resiliency. It also offers the self-service agility of the public cloud combined with the security, performance, and cost-effectiveness of a private cloud. Download this MIT Technology Review paper to learn more about how all-flash storage is transforming the data center.

  • Ongoing Efforts in Veterans Health Care Modernization

    This report discusses the current state of veterans health care


When you download a report, your information may be shared with the underwriters of that document.