How the U.S. Can Effectively Share Threat Information With Other Nations

A new report draws lessons from U.S. and European experts on how best to build trust and effectiveness in exchanging insight across borders.

The increasingly complex nature of threats around the world makes it imperative for governments to share information that can help them detect, protect, and respond with speed and efficiency. To that end, the IBM Center is releasing a new report, “Integrating and Analyzing Data Across Governments: The Key to 21st Century Security, by Douglas Lute, former U.S. ambassador to NATO and now affiliated with Harvard’s Belfer Center for Science and International Affairs, and Francis Taylor, former Homeland Security undersecretary for intelligence and analysis and now affiliated with Notre Dame’s Keough School of Global Affairs.

The report’s authors draw primarily on insights and recommendations from two roundtable discussions with current and former government leaders and stakeholders. The first meeting, held in Washington in October 2017, focused on how the Homeland Security Department’s information sharing enterprise can have the greatest impact and interaction with partners. The second meeting, held at the U.S. Mission to the European Union in Brussels in March 2018, focused on how the European Union and other European organizations and member states can work with U.S. agencies to enhance outcomes from improved information sharing.

Based on these sessions, the report focuses on data gathering, analysis, and dissemination challenges and opportunities across the homeland security enterprise, looking especially at how improved information sharing could enhance threat prediction and prevention in a transatlantic context. The authors address how stakeholders in the U.S. and Europe can increase understanding of effective ways to leverage channels involving technology, human capital, organizations, and private sector coordination that meet strategic, mission, and operational needs. The report highlights opportunities for governments to leverage data integration and analytics to support better decision making around cyber and homeland security.

The report finds that addressing these challenges will help the department, the EU, and related stakeholders understand common operational needs and strengthen transatlantic information sharing and collaboration, especially in light of EU protections for privacy and data security. Other topics included how best to assist Homeland Security and other stakeholders in using information to achieve strategic and mission outcomes, the expertise within government needed to develop and maintain solutions, and external linkages needed to ensure successful implementation.

As the report notes, U.S. and EU organizations can learn from each other’s experiences to develop solutions that are not predominantly technology-focused, but rooted in human-based institutions along with deficits in trust. Specifically, mutual learning can advance in several areas, including:

  • Fostering cross-domain or cross-function approaches to government data —U.S. agencies are developing policies, processes, and technology to resolve these issues, and the U.S. government has made data strategy a new cross-agency priority goal.
  • Approaching analytics through a rules-based formula, instead of binary calculation. Homeland Security has made progress in this arena.
  • Developing industry partnerships. For example, the U.S. government has developed numerous public-private partnerships to address cyber information sharing.
  • Pursuing information sharing across multilateral collaboratives, like the Schengen Area, which is the integrating factor across Europe. Schengen is a region of 26 European countries that do not require a passport or other controls to cross their borders.
  • Learning from the process of developing and implementing the General Data Protection Regulation (GDPR) legislation and similar policies, which have enabled the EU to promote a much more robust debate about the relationship between government and citizens involving data protection.

The U.S. and EU face similar challenges with interoperability and trust. Homeland Security has been working with the EU on interoperability; the EU has taught department officials about the “once-only” policy, under which citizens must give information to government once, and then the government uses the information in a transparent manner. The EU has also made progress on information sharing between countries.

Ultimately, trust underpins any information sharing. Given the complex environment in which the U.S. and EU operate, building trust must be dynamically negotiated and not a “binary” condition. Governments must be specific about the data to be shared, its handling, and its acceptable use. Trust is built by the successful exchange of information for a specific purpose, which requires specific content for an agreed upon time period.

Given the imperative for transatlantic and cross-sector collaboration to understand and respond to an increasingly complex set of threats facing governments, we hope this report provides timely insights for public sector leaders and stakeholders.