<DOC> [108th Congress House Hearings] [From the U.S. Government Printing Office via GPO Access] [DOCID: f:98119.wais] FACILITATING AN ENHANCED INFORMATION SHARING NETWORK THAT LINKS LAW ENFORCEMENT AND HOMELAND SECURITY FOR FEDERAL, STATE, AND LOCAL GOVERNMENTS ======================================================================= HEARING before the SUBCOMMITTEE ON TECHNOLOGY, INFORMATION POLICY, INTERGOVERNMENTAL RELATIONS AND THE CENSUS of the COMMITTEE ON GOVERNMENT REFORM HOUSE OF REPRESENTATIVES ONE HUNDRED EIGHTH CONGRESS SECOND SESSION __________ JULY 13, 2004 __________ Serial No. 108-254 __________ Printed for the use of the Committee on Government Reform Available via the World Wide Web: http://www.gpo.gov/congress/house http://www.house.gov/reform U.S. GOVERNMENT PRINTING OFFICE 98-119 WASHINGTON : 2004 _________________________________________________________________ For sale by the Superintendent of Documents, U.S. Government Printing Office Internet: bookstore.gpo.gov Phone: toll free (866)512-1800; DC area (202) 512-1800 Fax: (202) 512-2250 Mail: Stop SSOP, Washington, DC 20402-0001 COMMITTEE ON GOVERNMENT REFORM TOM DAVIS, Virginia, Chairman DAN BURTON, Indiana HENRY A. WAXMAN, California CHRISTOPHER SHAYS, Connecticut TOM LANTOS, California ILEANA ROS-LEHTINEN, Florida MAJOR R. OWENS, New York JOHN M. McHUGH, New York EDOLPHUS TOWNS, New York JOHN L. MICA, Florida PAUL E. KANJORSKI, Pennsylvania MARK E. SOUDER, Indiana CAROLYN B. MALONEY, New York STEVEN C. LaTOURETTE, Ohio ELIJAH E. CUMMINGS, Maryland DOUG OSE, California DENNIS J. KUCINICH, Ohio RON LEWIS, Kentucky DANNY K. DAVIS, Illinois JO ANN DAVIS, Virginia JOHN F. TIERNEY, Massachusetts TODD RUSSELL PLATTS, Pennsylvania WM. LACY CLAY, Missouri CHRIS CANNON, Utah DIANE E. WATSON, California ADAM H. PUTNAM, Florida STEPHEN F. LYNCH, Massachusetts EDWARD L. SCHROCK, Virginia CHRIS VAN HOLLEN, Maryland JOHN J. DUNCAN, Jr., Tennessee LINDA T. SANCHEZ, California NATHAN DEAL, Georgia C.A. ``DUTCH'' RUPPERSBERGER, CANDICE S. MILLER, Michigan Maryland TIM MURPHY, Pennsylvania ELEANOR HOLMES NORTON, District of MICHAEL R. TURNER, Ohio Columbia JOHN R. CARTER, Texas JIM COOPER, Tennessee MARSHA BLACKBURN, Tennessee BETTY McCOLLUM, Minnesota PATRICK J. TIBERI, Ohio ------ KATHERINE HARRIS, Florida BERNARD SANDERS, Vermont (Independent) Melissa Wojciak, Staff Director David Marin, Deputy Staff Director/Communications Director Rob Borden, Parliamentarian Teresa Austin, Chief Clerk Phil Barnett, Minority Chief of Staff/Chief Counsel Subcommittee on Technology, Information Policy, Intergovernmental Relations and the Census ADAM H. PUTNAM, Florida, Chairman CANDICE S. MILLER, Michigan WM. LACY CLAY, Missouri DOUG OSE, California STEPHEN F. LYNCH, Massachusetts TIM MURPHY, Pennsylvania ------ ------ MICHAEL R. TURNER, Ohio Ex Officio TOM DAVIS, Virginia HENRY A. WAXMAN, California Bob Dix, Staff Director Chip Walker, Professional Staff Member Juliana French, Clerk Adam Bordes, Minority Professional Staff Member C O N T E N T S ---------- Page Hearing held on July 13, 2004.................................... 1 Statement of: Hughes, Lieutenant General Patrick, Assistant Secretary for Information Analysis, U.S. Department of Homeland Security; Russell Travers, Deputy Director and Associate Director for Defense Issues, Terrorist Threat Integration Center; and Willie Hulon, Deputy Assistant Director, Counterterrorism Division, Federal Bureau of Investigation.................. 7 Lynch, Gerard, chairman, Regional Information Security Systems Policy Board; Mark Zadra, chief of investigations, Florida Department of Law Enforcement; and Suzanne Peck, chief technology officer, government of the District of Columbia................................................... 60 Letters, statements, etc., submitted for the record by: Clay, Hon. Wm. Lacy, a Representative in Congress from the State of Missouri, prepared statement of................... 45 Hughes, Lieutenant General Patrick, Assistant Secretary for Information Analysis, U.S. Department of Homeland Security, prepared statement of...................................... 10 Hulon, Willie, Deputy Assistant Director, Counterterrorism Division, Federal Bureau of Investigation, prepared statement of............................................... 32 Lynch, Gerard, chairman, Regional Information Security Systems Policy Board, prepared statement of................ 62 Peck, Suzanne, chief technology officer, government of the District of Columbia, prepared statement of................ 90 Putnam, Hon. Adam H., a Representative in Congress from the State of Florida, prepared statement of.................... 4 Travers, Russell, Deputy Director and Associate Director for Defense Issues, Terrorist Threat Integration Center, prepared statement of...................................... 17 Zadra, Mark, chief of investigations, Florida Department of Law Enforcement, prepared statement of..................... 73 FACILITATING AN ENHANCED INFORMATION SHARING NETWORK THAT LINKS LAW ENFORCEMENT AND HOMELAND SECURITY FOR FEDERAL, STATE, AND LOCAL GOVERNMENTS ---------- TUESDAY, JULY 13, 2004 House of Representatives, Subcommittee on Technology, Information Policy, Intergovernmental Relations and the Census, Committee on Government Reform, Washington, DC. The subcommittee met, pursuant to notice, at 3 p.m., in room 2154, Rayburn House Office Building, Hon. Adam Putnam (chairman of the subcommittee) presiding. Present: Representatives Putnam, Turner, and Clay. Staff present: Bob Dix, staff director; John Hambel, senior counsel; Ursula Wojciechowski, professional staff member; Juliana French, clerk; Felipe Colon, fellow; Kaitlyn Jahrling, intern; Adam Bordes, minority professional staff member; and Jean Gosa, minority assistant clerk. Mr. Putnam. A quorum being present, this hearing on the Subcommittee on Technology, Information Policy, Intergovernmental Relations and the Census will come to order. Our deepest apologies for us running an hour late because of votes, but that is the nature of this business. Good afternoon and welcome to the subcommittee's hearing entitled ``Facilitating an Enhanced Information Sharing Network that Links Law Enforcement and Homeland Security for Federal, State, and Local governments.'' This hearing will address the initiatives and strategies being implemented to enhance information sharing capabilities between Federal, State and local law enforcement agencies and homeland security activities. There are many examples of direct and indirect links between criminal activity and terrorist-related activity. Accordingly, law enforcement agencies at all levels of government should have effective collaborative capabilities for information sharing. The need to coordinate the efforts of Federal, State, and local governments for homeland security is now well understood. September 11th highlighted the increasing risk of terrorist attacks on U.S. soil. Consequently, Federal, State and local governments recognized the need to effectively unify efforts to enhance homeland security by employing the unique contribution at each level a government can make on the basis of its capabilities and knowledge of its own environment. U.S. intelligence and law enforcement communities continuously assess both foreign and domestic terrorist threats to the United States. In October 2001, Congress passed the USA Patriot Act, to improve the sharing of information between the intelligence and law enforcement communities. Information sharing and coordination among government organizations are essential to producing comprehensive and practical approaches to combating threats. Having information on threats and actual incidents experienced by others can help an organization identify trends, better understand the risk, and determine what preventive measures should be implemented. In addition, comprehensive, timely information on incidents can help Federal and nonFederal analysis centers determine the nature of an attack, provide warnings and advise on how to mitigate an imminent attack. Also, sharing information on known terrorists and criminals can help secure our Nation's borders. There is clear, compelling, and documented evidence to support the notion that there are instances of a direct link between criminal activity such as drug trafficking, illegal gambling, and money laundering whose primary beneficiaries are terrorist organizations. Cutting off funding sources and interrupting the linkage that supports the threat activity will contribute to a more secure America. Another critical issue in developing effective analysis and warning capabilities is to ensure that appropriate intelligence and other threat information, both cyber and physical, are received from the intelligence and law enforcement communities. For example, there has been great public debate regarding the quality and timeliness of intelligence data shared between and among relevant intelligence law enforcement and other agencies. Today we will not focus on the rear-view mirror or dwell on past breakdowns in the process of gathering or sharing information. Today's hearing seeks to address this matter in the unclassified space, with knowledge that there's an enormously valuable and important component of information sharing managed and conducted in the classified space. Regardless of source, it is important that relevant information be available to appropriate decisionmakers to enhance our prevention efforts in the law enforcement and homeland security communities on behalf of protecting our citizens from foreign and domestic threats. We need only to be reminded of the sniper tragedy in the Washington area during the fall of 2002 to reflect on the intrinsic value of such collaboration. During this hearing, we will examine the efforts and progress achieved in developing secure, reliable, and interoperable information sharing networks that facilitate a comprehensive real-time information sharing capability that is dependable and respects privacy. The subcommittee will seek a better understanding of how improved collaboration and communication will enhance two-way flow of information between Federal, State and local law enforcement entities. With the threat environment that exists in the world today, it is increasingly important that cross-agency and intergovernmental collaboration is effective and efficient. Accordingly, the subcommittee will explore progress and obstacles to achieving the most successful implementation of a strategy for information sharing related to law enforcement and homeland security. We have a very distinguished panel of witnesses today and I look forward to their testimony and the opportunity to explore these matters in greater detail. Today's hearing can be viewed live via Webcast by going to reform.house.gov and clicking on the link under live committee broadcast. [The prepared statement of Hon. Adam H. Putnam follows:] [GRAPHIC] [TIFF OMITTED] 98119.001 [GRAPHIC] [TIFF OMITTED] 98119.002 [GRAPHIC] [TIFF OMITTED] 98119.003 Mr. Putnam. At this time, I would yield to the gentleman from Ohio for any opening statements he may have. You are recognized for 5 minutes. Mr. Turner. Thank you, Mr. Chairman. I want to congratulate you on your efforts to continue the review of the issues of technology and how it plays an important role in homeland security. So much of the work we have had in front of us has been an ascertainment of areas in which we need to bolster the ability for agencies to work together both in information sharing and just in basic communications, so I appreciate your focus on this issue. Mr. Putnam. Thank you very much. And we will insert Mr. Clay's statement for the record at the appropriate time. At this time, we will move directly into testimony. If the first panel would please rise for the administration of the oath and anyone accompanying who will be providing answers. [Witnesses sworn.] Mr. Putnam. All the witnesses have responded in the affirmative, and we will move to testimony. As you know, you have a light panel on your desk indicating the 5-minute time restraints, and the bulk of your statement will be inserted into the record. Our first is Lieutenant General Patrick Hughes, U.S. Army, retired, the Assistant Secretary for Information Analysis with the Department of Homeland Security. General Hughes assumed his current duties on November 17, 2003. He was formerly president of PMH Enterprises, LLC, a private consulting firm specializing in intelligence, national security and international relations. He retired from the U.S. Army on October 1, 1999 after more than 37 years of military service beginning as an enlisted soldier and combat medic in January 1962. His last Active-Duty assignment was Director of the Defense Intelligence Agency, a position which he held for 3\1/2\ years. Other positions included Director of Intelligence, J2, Joint Staff and DIA, Director of Intelligence J2 U.S. Central Command, and Commanding General of the U.S. Army Intelligence Agency. We appreciate the work that you have done for this Nation and you are recognized for your opening statement. STATEMENTS OF LIEUTENANT GENERAL PATRICK HUGHES, ASSISTANT SECRETARY FOR INFORMATION ANALYSIS, U.S. DEPARTMENT OF HOMELAND SECURITY; RUSSELL TRAVERS, DEPUTY DIRECTOR AND ASSOCIATE DIRECTOR FOR DEFENSE ISSUES, TERRORIST THREAT INTEGRATION CENTER; AND WILLIE HULON, DEPUTY ASSISTANT DIRECTOR, COUNTERTERRORISM DIVISION, FEDERAL BUREAU OF INVESTIGATION General Hughes. Thank you very much, Mr. Chairman and Congressman Turner and other distinguished staff of the subcommittee. I am privileged to appear before you today to discuss the current status of the progress being made by the Department of Homeland Security to coordinate efforts to achieve common goals. In this case, we are focused on information sharing and collaboration. Information sharing is becoming more common throughout the Federal, State, territorial, tribal, major city, local and private sector environment in which DHS interacts. However, we have not yet completed the mechanisms to engage in information sharing nor have we fully developed the systemic methodology necessary to fully achieve our collaborative goals. We are working toward that end as rapidly as we can. Our goal is to effectively, efficiently, and synergistically pass and receive information in all of its forms for the benefit of the U.S. Government, our nonFederal constituents and DHS entities. In order to achieve this goal, we must build an architecture with technical and procedural transparency and interoperability wherever possible. However, the most significant impediments to information sharing are not technological. They are legal and cultural and evolve both policy and procedure. In response to these and other challenges, DHS has established an Information Sharing and Collaboration Center which will achieve improvements in these areas. The primary means of interdepartmental, interagency, and intersector communication, intersector communication being two way, that DHS will use is the Homeland Security Information Network, otherwise known as HSIN. The service system and capabilities that form the larger network are on the way to being fielded throughout the State and territorial constituency with plans to expand that fielded element to all other partners and associates as soon as possible. Given our imperative to provide support and assistance to State and local officials, it is no longer sufficient to have vertical and horizontal linkage just with some of the participants. The Nation must achieve a fully collaborative environment through which homeland security officials, law enforcement, first responders, and decisionmakers can fully interact, across traditional boundaries, seamlessly and effectively to deal with issues of terrorism and response to terrorism and other emergency conditions. I would like to inform you at the present time, including our participation in the newly constructed Homeland Security Interactive Operations Center, we in DHS at the Office of Information Analysis, which I am privileged to head, have the following connectivity: standard telephone; secure telephones; facsimile of all kinds; wideband encrypted NSTS, or gray phone; courier service; standard Internet connectivity; open-source information system and NIPRNet connectivity; SIPRNet connectivity; joint worldwide intelligence communication system linkage; secure VTC capability; and many software and hardware tools which collectively affords us access to virtually every communication and information sharing level and capability that we need to fully engage in the intelligence function. We have liaison officers with online access to the CIA, to the Terrorism Threat Integration Center, TTIC, to the National Security Agency, to the National Geospatial Agency, DOD, and especially to the Federal Bureau of Investigation. All of those liaison officers have access to their automated systems of their organizations. We are fully integrated into the national government meeting mechanism. We are making steady progress to connect to the Homeland Security Information Network. We can do the job now and do it well. We seek to continue to make progress to more fully realize the goals we have set for broad and unfettered access to as much information as possible in the shared context to secure our homeland. Mr. Chairman and members of the subcommittee, this concludes my prepared statement. Thank you very much. Mr. Putnam. Thank you very much, General Hughes. [The prepared statement of General Hughes follows:] [GRAPHIC] [TIFF OMITTED] 98119.004 [GRAPHIC] [TIFF OMITTED] 98119.005 [GRAPHIC] [TIFF OMITTED] 98119.006 [GRAPHIC] [TIFF OMITTED] 98119.007 Mr. Putnam. Our next witness is Mr. Russell Travers. Mr. Travers is serving as TTIC Deputy Director and the Associate Director for Defense Issues. Mr. Travers manages the government-wide information sharing initiative, TTIC's red team, and knowledge-development efforts in the maintenance of the USG's terrorists' identities' data base. He is responsible for TTIC's interaction with DOD's analytic efforts focused on terrorism. Formerly he was the Deputy Director for Policy Support at the Defense Intelligence Agency and responsible for intelligence support to the Office of Secretary of Defense, managing activities of the Defense intelligence officers and overseas liaison officers, administering special access programs and organizing agency support to homeland defense. He received his B.A. in government from the College of William & Mary and his J.D. from George Washington. Welcome to the subcommittee. Mr. Travers. Mr. Chairman, members of the subcommittee, I am pleased to be here today to discuss TTIC's role in information sharing. I will summarize three areas from my written statement: first, TTIC's access to information; second, TTIC information sharing initiatives; and third, an important qualifier about what information sharing can and can't do. First, our access. TTIC is an integration center, and by DCI directive we are to have unfettered access to terrorist threat-related information. For the last 14 months we have been working with the community to achieve that all-encompassing access. With our recent move to a new facility, TTIC analysts can now access up to 21 networks from across the relevant communities. That number will soon grow to at least 26. To give you some perspective on what that means, I am a Defense Department assignee to TTIC. At my desk, I can access the CIA operational traffic related to terrorism. At my desk, I can access FBI case files related to international terrorism. We have come a very long way. To be sure, we are still working some access issues, and our CIO is intently focusing on how we handle assimilation of data and the ability to efficiently search across the holdings from so many diverse networks. But the progress over the past 14 months has been exceptional. The second issue I want to address relates to a number of TTIC initiatives associated with information sharing. Importantly, by DCI directive our mandate is to work information sharing at the Federal level, and so I will focus on horizontal information sharing. However, we are posturing ourselves to support the FBI and DHS with their critical vertical information sharing responsibilities and I will be happy to address some of those initiatives during Q and A. With regard to horizontal information sharing, TTIC has established a program office to implement the March 2003 information sharing memorandum of understanding. This office is working with our community partners in the full range of impediments associated with information sharing: originated control information, third agency rule, no double standard, terror lines and so forth. The community can detail progress across the board, I believe. For instance, pure terrorism reporting has grown by a factor of 6 since before September 11. In terms of the technical advances to share terrorism information, TTIC's CIO has been leading community efforts. In August of last year, we launched the TTIC online Web site which is populated with terrorism-related information. This highly secured capability can reach virtually the entire structure of the Federal Government, hosting over 2,800 users. TTIC Online reaches all traditional Intelligence Community terrorism analytic elements, but also FBI headquarters, all JTTFs, Department of Homeland Security, the military commands and numerous other organizations that have a need for terrorism threat information: the Departments of Interior and Agriculture, for example. The success of TTIC Online can be seen by a comparison with the analogous capabilities that existed in September of 01. The user base is six times greater. Five times as many organizations participate. The average number of document hits per week has grown by 500 times. And the total repository of documents has grown from 1 to 3.5 million. Just over a month ago, TTIC deployed a SIPRNet version of TTIC Online. This has the potential to dramatically increase situational awareness for those tens of thousands of individuals involved in the war against terrorism but don't have access to the Top Secret Network. Moreover, to help support vertical information sharing, TTIC will be deploying a sensitive but unclassified presence of TTIC Online on the open-source information system network. I hope it is apparent that TTIC is taking a very aggressive approach to improving information sharing across the government. And while we are second to none in espousing the importance of information sharing, I do want to close with a few cautionary words: First, information sharing has become a bit of a bumper sticker; everybody supports it, but few appreciate the complexities of implementing it. There are almost invariably a complicated mix of technical security, policy, and legal issues associated with sharing information. Source sensitivity is real. Operational considerations do exist. Privacy matters do pertain. And the technical capabilities of government networks vary widely. There are always going to be impediments and reasonable people can and do disagree. Second, I am increasingly concerned with something that could be called effective information sharing. As we see the explosion of networks and Web sites, organizations can post their data and legitimately say they have shared their information. Whether anyone on the other end knows it is there and reads it is an entirely different matter. Third, information sharing is not and will never be a panacea. If we don't have a basic terrorism analytic business process right and have an established critical mass of analytic talent, we can pass information all over the government and still not connect the proper dots. Indeed we could face the prospect of being wrong faster. Terrorism is an extraordinarily difficult analytic problem and the key is having long-term expertise available to sort through the reams of information, much of which is inaccurate, contradictory, or utterly irrelevant. This in no way demeans the importance of information sharing, merely to point out that information sharing is necessary but not sufficient. Thank you for your time. TTIC looks forward to continuing to work with the subcommittee and I will be happy to answer any questions. Mr. Putnam. Thank you very much. [The prepared statement of Mr. Travers follows:] [GRAPHIC] [TIFF OMITTED] 98119.008 [GRAPHIC] [TIFF OMITTED] 98119.009 [GRAPHIC] [TIFF OMITTED] 98119.010 [GRAPHIC] [TIFF OMITTED] 98119.011 [GRAPHIC] [TIFF OMITTED] 98119.012 [GRAPHIC] [TIFF OMITTED] 98119.013 [GRAPHIC] [TIFF OMITTED] 98119.014 [GRAPHIC] [TIFF OMITTED] 98119.015 [GRAPHIC] [TIFF OMITTED] 98119.016 [GRAPHIC] [TIFF OMITTED] 98119.017 [GRAPHIC] [TIFF OMITTED] 98119.018 [GRAPHIC] [TIFF OMITTED] 98119.019 [GRAPHIC] [TIFF OMITTED] 98119.020 Mr. Putnam. Our third witness is Mr. Willy Hulon. Mr. Hulon is the Deputy Assistant Director of the Counterterrorism Division at the Federal Bureau of Investigation. He began his career as an FBI Special Agent in September 1983. In July 2001, Mr. Hulon was designated Chief Inspector for the FBI. In October 2002, Director Mueller appointed Mr. Hulon as Special Agent in Charge of the FBI's Detroit Division. In his capacity, he worked closely with the Detroit JTTF and oversaw a wide range of investigations. Delighted to have him here today to discuss all of the FBI's information sharing initiatives and welcome you to the subcommittee, and you are recognized for 5 minutes. Mr. Hulon. Good afternoon, Chairman Putnam, Ranking Member Clay, and members of the subcommittee. Thank you for inviting me to speak to you on the information sharing issues that face the Federal Bureau of Investigation and members of the intelligence and law enforcement communities. The terrorist threat of today poses complex challenges. Today's terrorists operate seamlessly across borders and continents. Aided by sophisticated communications technologies, they finance their operations with elaborate funding schemes and patiently and methodically plan and prepare their attacks. To meet and defeat this threat, the FBI must have several critical capabilities. First, we must be intelligence driven. To defeat the terrorists, we must develop intelligence about their plans and use that intelligence to disrupt those plans. We must be global. We must continue our efforts to develop our overseas law enforcement options, our partnerships with foreign law enforcement and intelligence services, and our knowledge and expertise about foreign cultures and terrorists adversaries overseas. We must have networked information technology systems. We need the capacity to manage and share our information effectively. Finally, we must remain accountable under the Constitution and the rule of law. We must respect human rights and civil liberties as we protect the American people. The FBI has an information and intelligence sharing strategy. The strategy recognizes that we have a responsibility to the Nation to disseminate information broadly, that we will share information by rule and withhold by exception, and the sharing is cross-community in nature. The FBI will protect sources and methods by separating what needs to be shared from how the information was obtained. Our strategy is implemented through both collaborative initiatives and information system connectivity initiatives both on a national scale and in local projects. Collaborative initiatives bring together personnel and processes in a common setting to facilitate information sharing through each agency's information systems. Information system connectivity initiatives share data electronically by combining the respective agency's data technologically in some form. As local and regional collaborative intelligence centers are being established across the country, the FBI has been asked to take an active role in building the intelligence processes in these initiatives. Through our field intelligence groups in each field office, we are contributing personnel, intelligence process development, information access and funding. To further strengthen our collaborative efforts with both local and national benefits, we have established an intelligence reporting capability in each of our joint terrorism task forces through the assignment of field intelligence group personnel. We can ensure that terrorist threat information collected by the JTTFs is quickly disseminated to all who need it to protect the country. On a national scale, the Law Enforcement National Data Exchange, or NDEX, is being developed by the FBI as the principal nationwide system for sharing criminal incident report data to link law enforcement interests and enhance law enforcement strategic planning. NDEX prototypes are being tested now and we are seeking new Department of Justice policy for Federal crime reporting to match local and State crime reporting. Other examples of national intelligence and information sharing systems are Law Enforcement Online, or LEO, and the Homeland Security Information Network. The FBI is using LEO to post and disseminate a variety of intelligence products to State and local police as well as to publish its intelligence priorities. We are working closely with DHS to support its mission by collaborating on information and intelligence sharing on DHS information networks. The FBI supports and participates in local and regional information sharing projects such as LINX in Seattle, WA, which was conceived by the Naval Criminal Investigative Service. LINX is an innovative example of an initiative to integrate disparate law enforcement information into a single data warehouse with the latest analytical tools to produce valuable intelligence that will help prevent terrorism and other crimes. Other examples are the upstate New York Regional Intelligence Center and the California State Warning Center. Thank you again for inviting me to speak to you today on the information sharing issues that face the Federal Bureau of Investigation and other members of the intelligence and law enforcement communities. It will be my pleasure to answer any questions you may have at this time. Mr. Putnam. Thank you very much. [The prepared statement of Mr. Hulon follows:] [GRAPHIC] [TIFF OMITTED] 98119.021 [GRAPHIC] [TIFF OMITTED] 98119.022 [GRAPHIC] [TIFF OMITTED] 98119.023 [GRAPHIC] [TIFF OMITTED] 98119.024 [GRAPHIC] [TIFF OMITTED] 98119.025 [GRAPHIC] [TIFF OMITTED] 98119.026 [GRAPHIC] [TIFF OMITTED] 98119.027 [GRAPHIC] [TIFF OMITTED] 98119.028 [GRAPHIC] [TIFF OMITTED] 98119.029 [GRAPHIC] [TIFF OMITTED] 98119.030 [GRAPHIC] [TIFF OMITTED] 98119.031 [GRAPHIC] [TIFF OMITTED] 98119.032 Mr. Putnam. Mr. Clay, do you have a statement you would like to place in the record? Mr. Clay. I do, Mr. Chairman. And I will forego reading if we can get right into the questions and I ask that my remarks be inserted into the record. Mr. Putnam. Without objection, your opening statement will be inserted into the record and you are recognized for 5 minutes of questioning. [The prepared statement of Hon. Wm. Lacy Clay follows:] [GRAPHIC] [TIFF OMITTED] 98119.033 [GRAPHIC] [TIFF OMITTED] 98119.034 Mr. Clay. Thank you, Mr. Chairman. I would like to start with Mr. Hughes. Does DHS plan to replace existing systems with a new national communications infrastructure? And if so, what are the specific milestones for implementing a national infrastructure? General Hughes. To the best of my knowledge, we do not have any intent to replace what you have referred to there, sir, as the national communications infrastructure. We plan to use it and ride upon it, connect using the capabilities that exist now and those that come in the future. But the Homeland Security Information Network does not duplicate most of that structure. It merely rides upon it. Mr. Clay. Mr. Hughes, let me ask you about TSA. Are we safer in our airports now since September 11 with TSA? Do they have the adequate information in order to be able to detect what probably shouldn't be on an airplane? General Hughes. Yes, we are safer. And they do have information that tips them off to persons that we call persons of interest. It happens many, many times every day that persons who have come to our attention through intelligence or other information channels are sent to the Transportation Security Agency screeners and to the Customs and Border Protection officers that man the points of entry. TSA, itself, as you know is not an armed law enforcement organization, but Customs and Border Protection, Immigration and Customs Enforcement and the Federal Bureau of Investigation and local police, of course, take care of the law enforcement portion of that activity. Mr. Clay. I notice that in some airports TSA interacts with private security companies. General Hughes. That is true. Mr. Clay. How does that work? General Hughes. I think it is a cooperative association where some of the functions of screening passengers for their documentation especially--I will use as an example when you get into a line at the airport to approach the TSA screening point, you have to present a photo identification and your ticket in order to pass into the screening point, and often those persons are local security people who have been contract hired to perform that function. But the function of screening the individual, their carry-on luggage and person, is the TSA's function. Mr. Clay. I thank you for that explanation. Let me ask a question of the entire panel and we can start with Mr. Hulon. It seems to me that the goals for information sharing among stakeholders are well established, but the emergence of new threats make determining what our domestic or international threats are less clear. Are the stakeholder agencies such as DOJ, DHS and DOD working on methods to refine their determinants for what constitutes domestic or international-related incidents? Mr. Hulon. Yes, sir. Actually, Federal law enforcement is working collectively to identify those threats as we develop the intelligence. I think the thing that is really key is that through various relationships that are established specifically at the State and local level with the JTTFs, that information is passed to the appropriate local agencies so that we can take the right precautionary action to either disrupt or to gain additional information in regards to the potential threat. Mr. Travers. Yes, sir. I believe TTIC is a manifestation of exactly the phenomena about which you speak. We are represented with partner agencies to include the three you mentioned and we have 16 organizations within TTIC. And our job is to bring together threat information whether it is collected domestically or abroad. So we are precisely attentive to that problem with a blurriness between domestic and foreign threats. General Hughes. I think, first of all, Mr. Hulon's characterization is one that I would certainly agree with and certainly Mr. Travers, that this is a cooperative group effort and it is largely about human beings. It is largely about identifying persons who have for some reason come to our attention, and then processing them appropriately. In order to do that every day, we have to engage in some form of interaction. Quite often it is at a meeting, or sending a message to each other alerting one or another agency involved in this process about those people of interest. And that is working well, however it is not perfect. And frankly, it is about as dynamic as the traveling public who comes to America and travels inside America is. It is a very large body of activity and human beings to deal with. Mr. Clay. Thank you. Mr. Travers, since TTIC is not actually under the domain of the CIA or FBI, can its efforts to break down the barriers for information sharing between the two agencies be successful over the long term of its operation, and has TTIC had any managerial or strategic disagreements with its participating agencies on how to pursue its mission or goals? Mr. Travers. Two part question. With regard to information sharing barriers, I believe that we have enjoyed extraordinary success working with our partners across the government. As I suggested in my statement, none of these issues, at least in our view, lends itself to an easy fix. They have multiple components. There are, as suggested, source sensitivities, operational considerations, and there is always a balance; and we work with our partner organizations on a daily basis to break down the institutional barriers that exist and we have enjoyed substantial success. With regard to disagreements, I think it's fair to say that there is ambiguity in TTIC's mission relative to many other terrorism analytic organizations' missions across the government. I believe that is to be expected. We are dealing with organizations, departments, and agencies that go back to the National Security Act. We are dealing with some that go back to September 11. The government is not of one mind on precisely how best to sort this out, and so we are working through that on a daily basis. Mr. Clay. Just as a followup, my concern would be that we would not gum up the works to the point that it would hamper our ability to apprehend someone or to point out the real threat or to just make law enforcement that more ineffective. I mean that would be my concern, and hopefully---- Mr. Travers. TTIC has no operational responsibilities. I don't believe you would find any of our operational partners has gummed up the works. Mr. Clay. Thank you for your response. And thank you, Mr. Chairman. Mr. Putnam. Thank you, Mr. Clay. Last couple of weeks, the press has reported on a number of DHS initiatives to promote information sharing--including the expansion of the HSIN, which was launched in February--to the Secret level and the upgrading of the new Homeland Security Operational Center to promote information sharing. With these and other efforts underway, how does the Department envision itself promoting information sharing between levels of government? And how far a reach does the DHS plan to have, and what role or other law enforcement agencies pulling in that? General Hughes. I need to correct something about the information there. We have not yet secured the Homeland Security Information Network to the Secret level. It is our attempt to do so by December of this year. But we put the first part of the Information Network Online at the Sensitive but Unclassified level. And we do pass law enforcement Sensitive but Unclassified information over that system. But the Secret classification will have to come in the next few months. Our intent is to connect to all States and we are now connected to all 50 States to the governance level, either the State Governor's Office or the Homeland Security Office, or both, to all territories and possessions. And I believe we have one or two of those remaining. But generally we are connected. We intend to connect to many counties, if not all; all major cities; some municipalities which are complex organisms like themselves, like Los Angeles and Los Angeles County. New York would fit in that category, too. We would at some point connect to the tribal organizations, especially those that have administrative burdens on the borders of our country with Canada and Mexico. And last if not least, we intend to extend the Homeland Security Information Network into the private sector, especially to those companies and business organizations which have a nexus to their work ethic and national or homeland security. Mr. Putnam. Let me ask each of you to answer this. Who determines what information is passed along the chain and who determines to whom it is passed? Is that TTIC's responsibility? Who makes that decision ultimately? And I want to begin with the FBI. Mr. Hulon. It would depend on the nature of the information. But there are various systems in place to pass information. At the FBI, we have an Office of Intelligence that is basically responsible for assimulating and working with the other Federal agencies as well as State agencies with the collection and analysis of that information. Depending on the nature of that information as far as what it entails, what the threat might be or what the intelligence value of that information is, decisions will be made on where it goes. For example, if it is threat-related information that impacts a certain jurisdiction, then that information would go directly through the FBI and the other agencies that are involved to the appropriate law enforcement agencies at the level that they could effect whatever action that needs to be taken. And that information will be passed, say, to a JTTF, say, in Jacksonville, Florida. If there was information that impacted Jacksonville, Florida, that information would come into the FBI and come into the appropriate headquarters entity and then be disseminated to our appropriate channels down to that field office and go to the field intelligence group that we have there that is responsible for assessing that information, and then it would be disseminated to the appropriate JTTF members or the appropriate law enforcement agency that should get that information. Mr. Putnam. Mr. Travers. Mr. Travers. TTIC is not a collection organization. I have to distinguish between raw material and analyzed product. To the degree we receive products from the collection organizations, be they FBI, DHS or NSA or CIA, we will make that material as broadly available as the collector will allow us. If there are originator control restrictions, then, that may in fact restrict the amount of information that can go on a TTIC Online, for example. But to the degree we can make it available, we make it available as broadly as we can. Our finished products will be the same in that some product will be limited for very narrow audiences at the most senior levels of the government, but in general what we try to do is make information as broadly available across the Federal structures as possible. Mr. Putnam. General. General Hughes. I think first, I think both answers are correct and bear on DHS. I would like to give you two other perspectives. Some information has to be sensitively applied, and so the answer to the question who makes this determination, the answer I think should be given as leadership often has to make that determination. We decide very specifically at the leadership level, and sometimes the Secretary will decide where information goes and who it goes to and how it goes. And that would be the exception rather than the rule. But we often find ourselves dealing with exceptional information which if it didn't go to the right place at the right time, may have an unintended effect or consequence. That is especially true of our constituency, much like the FBI's. It is broad throughout the country. But in our case, it is not to Federal officials who are of longstanding experience in the intelligence and law enforcement system, but instead to persons who might have even a year or two of fairly spotty experience in handling federally originated information. So this is, once again, I think the point was made earlier, it is a complete organism. The last point I would like to make is that we are beginning now--and I think the FBI and DHS have set the standard here but others are doing this to, as frequently as we can, where it is appropriate, act jointly. Indeed, Mr. Hulon and I have recently acted jointly to inform local officials about various circumstances. And that communication mechanism, whether it is by secure telephone or open telephone or message or however it's done, gives added weight and importance and perhaps motivation to those we communicate with about the information. It's up to us to put it in the right context. But that joint effort from the Federal Government speaking together in some ways or collectively is vital to making this information meaningful and clarifying it to the respondents and people who receive it. Mr. Putnam. Let me followup on that. TTIC does not generate information, you disseminate it. That's the point you wanted to make earlier, correct? Mr. Travers. We do not collect information. We do have analysts who will pull together all source products and disseminate those. Mr. Putnam. If there is information about a potential event in a given city, what I'm really getting at, there are dozens of Federal and State law enforcement agencies that would immediately be involved. Where do you stop? You know, if you take Mr. Hulon's example of something in Jacksonville, you only do the city of Jacksonville, or do you do the county or surrounding counties, particularly if the airport for that city is in a different county? What point does it stop? And we can get into this with the second panel, when we have some of our State and local representatives, but it is the most common complaint is that folks still aren't getting the information. But when you look at the number of agencies only in the Federal Government that might have an interest in that piece of information and then to extrapolate it down to the boots in the alley, is there a technological system for disseminating that information or does it boil down to a judgment call by a human being? Mr. Travers. If that is directed to me, just a point of clarification. I don't deal with State and local organizations. I pass my information to the Bureau and to DHS, and they are much more intimately involved in the vertical information sharing, so over to them. Mr. Hulon. I can respond to that. Actually, it is twofold. We have networks that we can use, such as inlets, if we have a general message to get out, say if we are reporting something relative to threats or trends that all of law enforcement should be on the lookout for, general information, that could go out over the inlets and that is available to all law enforcement. Anybody can go on that's in law enforcement and get on to the inlets. Mr. Putnam. They could. You make them aware that information is posted that they ought to go read more about? Is that the way that it works? Mr. Hulon. With inlets, though, you would have a local law enforcement agency, a State agency. There are dispatchers monitoring the inlets. They would see that and pull it off and it would go to the appropriate person in that department. If we have something more specific, say to a general area, like a city or surrounding counties, you know, if that information should go to the city and the surrounding counties, we will make a judgment call that this information needs to be in this general area or this region, and we would make the notifications primarily for the FBI through our law enforcement networks which would be the JTTFs, which is what we rely on. And we have a lot of agencies that are involved in the joint terrorism task forces. And what happens on the field level--and I can kind of speak to that--we would make those notifications based on other associations that we have in that law enforcement community, whether that would be with the sheriff's association, police chief's association or whatever. And that is one mechanism we can use to put general information out to the entire law enforcement community: you should be on the look out for this. If it's threat information that's relative to an investigation or something we need to disrupt, then, of course, that information decision will be made on who does this information need to go to so we can effectively disrupt this operation or conduct this investigation without compromising it. And decisions have to be made there. And those are human decisions that, you know, basically the field office agent in charge is responsible for and we have networks to really facilitate that. And we talk about networks and we talk about IT systems, a lot of it depends on what we have in place, and that is a collective effort of law enforcement. You see it a lot when you get outside the D.C. area where you have State and local agencies working together, you have various associations, you have various law enforcement head working groups where there is a constant exchange of information. Now, could there be times where something might fall through the cracks and one particular agency might not get informed of some general information? That could in fact happen, but for the most part, it is really the relationships and the liaisons that are established among all the law enforcement that really helps to facilitate a lot of this information getting out. Mr. Putnam. In a post September 11 world, if one of your agents in Detroit made an observation, they had a hunch that was backed up by some facts that there was an unusual interest in flight schools, how would someone in Pahokee, Florida, where another flight school was, know that someone halfway across the country had made an observation that was relevant to them? Mr. Hulon. That information, say coming from Detroit, would go through the Detroit field office and make its way back through FBI headquarters to the Office of Intelligence where the information is assessed, assimilated, shared with the components of the Office of Intelligence which has participants from all the other agencies; all that information would be put back together to bring it into some type of understanding of this is a potential threat or this is a trend we should be aware of. And that is where sometimes TTIC will come in because they would have access to that information. We might have someone put an analytical piece together that would go out at TTIC or could go out in the form of an intelligence bulletin from the FBI. And the FBI intelligence bulletins are disseminated through LEO Law Enforcement Online where we have several thousand police agencies access that information that are members of that network to where they can get that information off. So information would be disseminated that way. Mr. Putnam. At what point would TTIC be involved? Mr. Hulon. When the information comes back to headquarters, TTIC would have access to that information also. And it could be a collaborative effort where this would be shared with TTIC. And they could work along with the other intelligence agencies to put together an analytical piece. Mr. Putnam. How long are we talking about? From the time this report is filed until the time that other law enforcement agencies around the country have the opportunity to pick up on it, how much time has elapsed? Mr. Hulon. It depends. And another way this could work also is information coming back to headquarters. It could go out as an intelligence requirement where we would disseminate this from the Office of Intelligence to State and local agencies where we have intelligence requirements that go out, to ask them to report certain information or be on the lookout for certain information. If you have that backed up through the FBI, it could go out through those channels. A lot of it depends on the nature of the information. Mr. Travers. I would concur with that entirely. TTIC would have instantaneous access to that information given that many of our analysts have access to FBI Net. It becomes part of the analytic grist mill that is occurring amongst the various intelligence organizations dealing with terrorism analysis and then is put out as a product, and then the organization that's responsible for vertical information sharing to push it down in the various ways that Willie talked about. Mr. Putnam. Let me approach this from a different angle. A telephone number is found in a cave in Afghanistan. How long does it take before that telephone number is in all these data bases that it then becomes actionable, or an address is discovered? How long between the time that some marine picks it up in the bottom of the cave in Afghanistan until the time that it winds up--let's say it is a Detroit area code, and ends up on one of his agent's desk--how much time elapses? Mr. Travers. It is going to depend on the medium in which we get that telephone number, and I think I would rather talk about this in closed session, if we could, but it's going to move its way back to Washington and be made available. But it could be some period of time, or maybe very little period of time, in terms of the amount of effort that goes into getting that number out of whatever the mechanism is in which we recovered it. I will need to talk to you about that off line, sir. Mr. Putnam. We will do that, because it is the key to your existence. I mean, the whole point of TTIC is to rapidly assimilate and then analyze and disseminate information to guys like Mr. Hulon in Detroit when things are being discovered or heard or overheard or whatever. Let me move onto the next question. The volume of information that all three of your departments or agencies generate, how much are we talking about here so that the average FBI agent, the average police chief in a medium-sized city, or the average intelligence law enforcement officer in a major police department, are they just being covered up in threats all day every day? Are there e- mails coming in every hour on the hour? Is that something that is condensed into a weekly bulletin? If you take all this data that's out there, how much information does it become when it reaches the end of the pipe? General Hughes. I will go ahead and start. First, this kind of refers in part to the previous discussion. I think this is a collective attempt here--we're trying to get specific information to the right place, not every piece of information every place. I believe that moderates the effect, the larger effect of so much information. But I don't know of a good way to characterize the volume except to say that it is large and it is growing, because we are now getting information from the civilian population here in the United States as well as from the traditional law enforcement and security organizations and from the Federal Government's activities. That large body of information is representing a much larger influx of information at some level, that I would imagine that there are still some police departments, some homeland security elements and others, who don't get too much information. And to be honest with you, that may be a function and part of who they are and where they are. It is just some places are much more active than others. If you went to the New York City Police Department, let me tell you, the information flow is large but probably not as large as they would like. I think they would like to have more; at least that is what they tell me. So I don't think there is an answer. Mr. Putnam. Mr. Clay. Mr. Clay. Mr. Hughes, since September 11, funds have gone to States and localities to improve emergency response planning. Many of these funds request the States to submit an emergency preparedness plan. For example, the Office of Domestic Preparedness is requesting the States submit a statewide strategic plan for fiscal year 2004 funds. Can you tell us what DHS is doing to ensure coordination among other Federal agencies that request emergency preparedness plans? General Hughes. I know we give the agencies and organizations that submit those plans as much help as we can with regard to the preparation of them. I would say probably not a happy constituency out there. I know there are complaints about the application of these funds, but it is frankly, quite difficult to do on a basis that makes everyone happy. But I am not sure if I understood your question exactly beyond help to prepare the plan. Once we get the plan, we try to administer it appropriately with the other agencies in government here in Washington. Mr. Clay. That was the question. I thank you for that answer. Mr. Travers, although TTIC is funded through several agencies' budgets, are there specific resource allocation concerns that Congress needs to be concerned in order for the TTIC to fulfill its objectives? Mr. Travers. No, sir, I don't believe so. We are funded out of the community management account for operations and maintenance and our building and so forth and our personal services are handled, given that we are assignees. DIA continues to pay my salary. We are working a memorandum of agreement with all of the partner organizations to ensure adequate manning of TTIC, and I believe we are in good shape. Mr. Clay. According to recent GAO studies, there are still more than 12 Federal agencies with more than nine different watch lists, and that doesn't include the CIA. Further, the GAO cites that in spite of congressional direction, information sharing remains inconsistent and limited. What role is DHS claiming to make information sharing more seamless among Federal agencies? Mr. Travers. Asking me about DHS? Mr. Clay. You are familiar with their operation, like you are familiar with yours. How is information seamless among the agencies? Mr. Travers. Let me use the watch list example, then, if we go back to that. TTIC has responsibility under HSPD 6 with maintaining an all source data base for the U.S. Government on all known and suspected terrorists. So all sources of information, be they from the Bureau, DHS, CIA, FBI comes into TTIC. We maintain the data base on known and suspected terrorists that is available to the community. Under HSPD 6, we then provide to the Terrorist Screening Center unclassified data elements so they can make those available to any screening opportunities that occur, be they in the United States or external. So it is a vast simplification of what occurred in the period leading up to September 11. Mr. Clay. How do citizens who may show up erroneously on a list, how do they address that? Mr. Travers. This data base will for the first time have U.S. persons in it. We are being assigned 15 FBI officers to maintain the U.S.-person portion of that data base, and electronic communication will come in to TTIC. If an investigation is started up on a U.S. person, if it is determined that person is no longer under investigation, we will get an electronic communication in to ensure that we pull that person out. Mr. Clay. All of the lists from all of the agencies. Mr. Travers. For U.S. persons particularly. So we are very attentive to that. Mr. Clay. OK. Thank you for that answer. Mr. Hulon, from your perspective, has the establishment of the TTIC aided in the information sharing practices between agencies, or is interagency coordination still inadequate? Mr. Hulon. I think there's always room for improvement. However, I would like to state that I think, today, after September 11, we are much better off than we were in the past, because what we have is, collectively, you have a lot of agencies coming together and actually, really making efforts to share information, just like some of the cross-designations, when we talk about the various agencies having representatives at other agencies, shops. Like in my division, in the Counter Terrorism Division at the FBI, the associate deputy director is from an intelligence agency that works with us. So, I think, collectively, we are really pulling together to make sure that we are sharing information better. We are looking for ways that we can do it that doesn't violate any laws, that doesn't violate any privacy acts, and things of that matter. And I think, with TTIC, what they are doing, like has been reported, they are taking this information and going to a lot of public-source information and putting together analytical pieces that go out to the law enforcement and intelligence communities that assist and enhance our abilities to look at information overall. So I think, collectively, we are moving down the road, and we are going to get where we need to be. Mr. Clay. And you are comfortable that the coordination is there and that the information is valid and good? Mr. Hulon. Yes, sir, I am confident that we are really working toward that. We have made a lot of improvements in the last 2\1/2\ years. Mr. Clay. I thank you for your response and thank the panel for your response. Thank you. Mr. Putnam. Thank you. Mr. Travers, you mentioned in your opening statement that information sharing is not just a bumper sticker, and I think that's well put. I mean, it's terribly complicated, and the more you peel the onion, the more layers there are as we get through this. I believe you also were the one who said that technical capabilities vary between the agencies who need to be talking to each other? And since this is the tech subcommittee, let me peel that onion a little bit. Mr. Hulon, the FBI is notorious for having lousy computer systems. Has your technology improved post September 11? Do you now have the tools that you need, whether it's in an office in Detroit or here at the headquarters, to be able to send and receive information in the 21st century? Mr. Hulon. First of all, I would like to maybe make a disclaimer. I am not a real technical person. However, I do know that the FBI technical systems are not quite where they should be. Efforts are being made to improve those systems. However, we are continuing to work through the problem. So, actually, I am just not the best person to really get into the technical aspects of the systems themselves. Mr. Putnam. General, is that a problem? I mean, if you look at all the agencies that used to be on their own and that are now just under DHS and add to that all of the other agencies that DHS needs to be listening to or talking to, how frequently, I mean, you pointed out correctly that legal and cultural barriers are the biggest problems, but how often is technology the problem? General Hughes. I think it's kind of a different question, if I may rephrase it. Technology is what it is, and if we had the best technology the world can provide, we wouldn't have that kind of problem. It is true that some agencies are more technologically advanced than others, but the FBI and TTIC and DHS sitting here, we probably have different variations on the theme of technological capability. But I personally believe that they could, all of us could, interact, given the decision to do so. That's my view. My personal viewpoint--I don't think I should speak for DHS here--is that what prevents us from doing that is making a decision to do it, and that's my personal view. I guess like you, sir, I am a creature of the automation system I have at home. And the only impediment I can see to interaction with virtually the world is someone deciding not to interact with me. Mr. Putnam. So, are all of the agencies now at a technological point of equivalence that everyone is now adequate, everyone has the tools they need to send and receive the information on an interagency basis? General Hughes. No. I don't think I should go that far. Once again, some agencies and some organizations are behind, technologically. Mr. Putnam. And who is? Who is ahead, and who is behind? General Hughes. I don't think it's appropriate for me to answer your question, because I would have to characterize organizations specifically to talk about things that I may not fully understand. I can look you in the eye and tell you that the Department I represent is technologically advanced. We are capable of interacting on every level. Mr. Putnam. You as the Department of Homeland Security? General Hughes. That is correct. Mr. Putnam. And everyone that got folded up inside of you is now technologically advanced and capable of communicating technologically? General Hughes. No. Mr. Putnam. Well, then, who is you? General Hughes. Actually, I speak for myself, and my organization here. The intelligence side of the house is very, very good, very, very capable. But some other administrative developments are not-- elements are not, and some other organizational elements may have organizational shortcomings in this regard. But, once again, I hasten to tell you, the technology is there. It may not have been installed or it may not have been acquired for installation, but it can be, and, in my view, it should be. Mr. Putnam. Well, in my view, it should be, too, but you won't tell me where I am supposed to do it. General Hughes. Well, I will be glad to talk about DHS, if that will help you. Mr. Putnam. That will. That's a start. General Hughes. Inside the Department of Homeland Security, the organizations that were folded in under the large DHS umbrella include the U.S. Secret Service, the U.S. Coast Guard, the former Bureau of Customs, the former Department of Immigration and Naturalization, the Federal Protective Service, the Federal Air Marshals and some other organizational entities. Each of those has their own system. Not every part of that system is compatible or fully interoperable, because it is composed of a set of legacy systems that were designed some years ago, perhaps even as long as 10 years ago, and other parts of that system are newly provided. They are newly engineered into this amalgam. So, across the Department of Homeland Security, we need to--and we are, we have a program to do this, which I mentioned, the information sharing and collaboration program, which is a formal effort to normalize for purposes of interoperability and compatibility, across the organization, internal to DHS. With regard to our external communication, the Homeland Security Operation Center, and the information analysis element that I had, those two organizations between them do not have any compatibility problems with anyone else; we could make it work. Mr. Putnam. Well, that's all. That's fantastic. That's what we are after. I mean, the title of this hearing is, Facilitating Information Exchange, and we need to know where, where the information exchange is working particularly well, and where it's not. And we had a number of hearings prior to September 11th that pointed out an awful lot of problems in communications, and I don't think they went away immediately, but I would like to know that we are on some plan to make them go away. And that's just within the Department of Homeland Security, not to mention the new monsters that have been created since then, in addition to the DHS, like TTIC, and certainly the radical transformation that's going on in the FBI, both culturally and in terms of the scope of their responsibilities. So, that's why we are picking that scab, is because we are trying to get to the bottom of this to try to figure out what we can do to improve this thing. And, you know, I know everybody suits up and goes to work every day trying to figure out new ways to protect the American people. We just want to know if you have the tools you need to do it. That's where we are going with this. General Hughes. I think that's an admirable goal. And, speaking for my organization--not others--you have done a good job of providing us with both money and technical capability to do the job. We have taken advantage of it. Mr. Putnam. Let me ask a final question as a segue into our second panel. Any or all three of you would certainly be welcome to answer. How much good, actionable information do you receive from the bottom up? We have spent most of this time talking about how effectively you pass along your tips down to local law enforcement. How much good stuff is coming back up the pipe? Mr. Hulon. Mr. Hulon. Mr. Chairman, I can speak to that, solely reflecting back on my former duty as the agent in charge in Detroit. We do get a lot of information coming up, and a lot of it might be relative to preoperational type surveillances or suspicious-type activity that's reported back up to the FBI from some police officers on the street. You know, they might see something that seems out of the ordinary. And because of the relationships that are established in the field offices, between the FBI, State and local law enforcement agencies, as well as other agencies, that information is provided back to that police department's intelligence bureau, if they have one, or directly to someone in investigations who might be associated or affiliated with the JTTFs. That information comes into the JTTFs. It goes to the intelligence components in the field offices for immediate action if it's necessary, and then, of course, then, it can be channeled back to headquarters, FBI headquarters, and goes to the Office of Intelligence to be assimilated in the total overall intelligence, as being gathered and analyzed. So, it does come back up, too. I can't really quantify that for you, though, but there are situations where it does happen. Mr. Putnam. General Hughes. General Hughes. I think, once again, I think Russ Travers didn't answer, because he is not in that category. But we receive quite a lot of information--it's a growing body of information--from local input. But it is not as good as it can be or will be in the future. Part of that issue is the fielding of connectivity, and the case of the Homeland Security is slightly different from the FBI's in that we are not dealing just with the law enforcement mechanism or the security mechanisms who usually do have good communications, mechanisms, even if it's interpersonal. We are dealing with a new body and a broader body of individuals, down to the citizen level. We are getting reports from individual citizens who note something suspicious. They communicate that to the appropriate authority. Quite often, it's law enforcement. But, whatever the mechanism, whatever the authority they communicate it to, that is now finding its way, often in parallel, to the Federal Bureau of Investigation or other Federal law enforcement like ATF or DEA or somebody like that and to the Homeland Security headquarters, and that's, I think, a very good thing. That will improve and grow over time as we develop the mechanisms to interact with these people, and they understand their role, too. And I would hasten to add to the explanation that Secretary Ridge, on several occasions now, and in his most recent pronouncement, has noted the importance of an aware and involved citizenry who begins to pass this kind of information to local authorities, and then local authorities pass it to State and Federal authorities. And in a digital, interactive environment, when the information gets into the digital system, unless we, by some policy or procedural mechanism limit it, it will appear everywhere. It will appear kind of, sort of, let's call it ubiquitously, throughout the digital interactive system, and that's, I think, our goal. That's what we would like, so that everyone has this information, knows about the problem or the issue and then follows up on it or acts on it according to their own responsibilities. Mr. Putnam. Very good. Thank you very much. Again, I apologize for the fact that we were an hour late beginning. I want to thank all three of you gentlemen for the work that you do and for the time that you have taken to prepare for this hearing and joining us today. Your information was very helpful, and we will be following up with you in a closed-door session to pursue some of the other lines that we were unable to pursue in this environment. So thank you very much. The subcommittee will stand in recess for a couple of moments while we set up the second panel. [Recess.] Mr. Putnam. The subcommittee will reconvene. If our second panel of witnesses will please rise for the administration of the oath. [Witnesses sworn.] Mr. Putnam. I would note for the record that all of the witnesses responded in the affirmative. We will move immediately to their testimony. Our first witness is Mr. Gerard Lynch. Mr. Lynch serves as chairman of the Regional Information Security Systems Center Directors Association and is currently the executive director of the Middle Atlantic Great Lakes Organized Crime Law Enforcement Network. Formerly, Mr. Lynch served as counsel to the New Jersey State Commission of Investigation where he was in charge of the Organized Crime Unit for the State of New Jersey. While serving as counsel, Mr. Lynch helped create and organize the MAGLOCLEN Concept, later serving as the association's secretary, vice chairman and chairman. During his tenure with the commission, Mr. Lynch worked on the infiltration of organized crime in the casino, construction, trucking and boxing industries. You are a busy man. Mr. Gerard Lynch. Yes, sir. Mr. Putnam. Welcome to the subcommittee. You are recognized for 5 minutes. STATEMENTS OF GERARD LYNCH, CHAIRMAN, REGIONAL INFORMATION SECURITY SYSTEMS POLICY BOARD; MARK ZADRA, CHIEF OF INVESTIGATIONS, FLORIDA DEPARTMENT OF LAW ENFORCEMENT; AND SUZANNE PECK, CHIEF TECHNOLOGY OFFICER, GOVERNMENT OF THE DISTRICT OF COLUMBIA Mr. Gerard Lynch. Thank you, Mr. Chairman. Mr. Chairman, it is indeed a pleasure to testify before this subcommittee. I am going to try to lead my 5 minutes---- Mr. Putnam. Please pull the mic a little built closer to you so our reporter can be sure to pick it up. Mr. Gerard Lynch. OK, I'm sorry. I am going to lead it into how technology developed into the information sharing that we know today as the RISSNET. In the early 1970's, through the early 1980's, the way we shared information--and that's what the RISS system is all about--was through the telephone line. We would share information, talk to one another. The information would then be relayed back to the inquiring officer. If need be, we would telephonically contact each one of the six RISS centers across the country. Subsequent to that, we decided to seek approval from the Federal Government to give us the ability to electronically connect our systems together, and that became the RISSNET I system, and subsequent to that the RISSNET II system, where, when an agency then calls us up, we didn't have to call the other RISS centers; we would just do it over a wide area of network. It worked very well, but it was still behind the times. Shortly thereafter, we had a meeting in Baltimore, Maryland, where we discussed how we could possibly use the internet for technology exchange, and that's where we really blossomed into the system that we now know as the RISSNET system. The RISS system is comprised of about 7,000 law enforcement agencies on the RISSNET system. We have approximately 70,000 individuals that can use the system and use it well. The RISSNET provides secure connectivity and electronic access to law enforcement SBU information, encrypted e-mail, electronic collaboration and data bases known as RISSINTEL, successfully to all of the law enforcement agencies, criminal justice agencies, from the Federal, State and local and tribal agencies. We operate a current state-of-the-art technical capabilities and systems architecture that allows member agencies to interact electronically in a secure environment. We, the system and the architecture that we developed, was adopted and endorsed by the National Criminal Intelligence Sharing Plan, which was created not too long ago. When we decided to hook up the system, we were very successful, and then we started to look at other partners in order to avoid duplication. We were approached by the High Intensity Drug Trafficking Area Centers across the country, known as the HIDTAs, and their main goal was to see if they could talk to each other electronically, which they didn't have the ability to do at that point. Since RISS had at that point the only national communication system around the country, they approached us. And in order to avoid duplication and to save money, all of the HIDTA systems partnered with the RISS systems, and they are now today seamlessly working on the RISSNET systems. And each one of the HIDTA centers are connected. There are 16 node centers on as well as all 32 HIDTA centers around the country. And that's a partnership that has been working exceptionally well since its inception. Besides the 16 HIDTAs, we have 15 State law enforcement systems that have also hooked onto our system. And what we have done is basically started creating nodes, and a node is a system-to-system communication. In order to enable that to work out, we had to develop using the current technology, XML technology, which would allow system A to talk to system B. So, for instance, if you are going to hook up the Colorado State Police with the RISS system, we created this XML translator that allows the Colorado system to transfer information over the RISS system that's being requested by someone maybe down in Florida. So it has been working and working out well. And we were the first law enforcement entity to use the XML technology, and we used it very well. We are also have 16 HIDTAs that are hooked up. We have 93 U.S. Attorney's offices around the country that are hooked up, the Criminal Division of Department of Justice, the EPIC Crime Lab Seizure System, law enforcement intelligence units across the country, the National White Collar Crime Center, The National Drug Pointer Index Center, the National Telecommunications System or NLETS, and the National Drug Intelligence Center. We are also in talks with the Postal Services, Postal Inspection Services, and with the Department of Defense ADNET, with the Open Source Network of CIA and also the Department of State's OpenNet Plus system, and these systems are coming on, as we speak, very, very rapidly. We also developed the RISS ATIX system to talk to the first-responder communities, the Governors across the State, the mayors, then the various critical infrastructures. And we have roughly 47,000 users of the RISS ATIX system, and we have RISS ATIX online. We can go into more and more of that, but we are very pleased with what the RISS system has developed to date. [The prepared statement of Mr. Lynch follows:] [GRAPHIC] [TIFF OMITTED] 98119.035 [GRAPHIC] [TIFF OMITTED] 98119.036 [GRAPHIC] [TIFF OMITTED] 98119.037 [GRAPHIC] [TIFF OMITTED] 98119.038 [GRAPHIC] [TIFF OMITTED] 98119.039 [GRAPHIC] [TIFF OMITTED] 98119.040 [GRAPHIC] [TIFF OMITTED] 98119.041 [GRAPHIC] [TIFF OMITTED] 98119.042 Mr. Putnam. Thank you very much. I appreciate your testimony and for your recognition of the clock. We will put all of your testimony in the record and get to the rest of it in questions. Mr. Gerard Lynch. Thank you. Mr. Putnam. Our second witness is Mr. Mark Zadra. Is that correct? Mr. Zadra. Zadra. Mr. Putnam. Zadra. Mr. Putnam. I am sorry, Mr. Mark Zadra. Mr. Zadra currently serves as chief of investigations for the Florida Department of Law Enforcement Office of Statewide Intelligence. In this role, Chief Zadra provides oversight for investigations, intelligence and business functions. This includes oversight of automated intelligence systems, the Counter Terrorism Intelligence Center, Financial Crime Analysis Center, Computer Crime Center, Investigative Intelligence Support and Publications. Chief Zadra provides administrative oversight of Florida's effort in the implementation of the MATRIX project. He also chairs the State of Florida Data Integration Committee, which functions to insure data interoperability and efficiency in data collection maintenance, analysis and dissemination. In addition, he insures coordination and consistency of intelligence components of Florida's seven Regional Domestic Security Task Forces. Welcome to the subcommittee. You are recognized. Mr. Zadra. Thank you, Chairman Putnam, and the staff and for the opportunity to speak with you today about some of Florida's efforts in conjunction with our local, State and Federal partners in information sharing across our State and Nation. Following September 11th and the horrific events of that day, it soon became quite apparent that local law enforcement in the State had a role in ensuring security in our Nation. State law enforcement representatives began meeting from all over the country to talk about how we could share the right types of information necessary to do that. Resulting from those discussions were the development of the MATRIX project, which stands for Multistate Anti-Terrorism Information Exchange. This project is to increase and enhance the exchange of terrorism and other criminal activity information among local, State and Federal agencies. The project is funded by two Federal grants, and it currently involves five States--Connecticut, Florida, Michigan, Ohio and Pennsylvania--four States, I would note, which are represented by members of your subcommittee. There are other agencies that are, States that are continuing to involve in discussions regarding joining. The funding was used to purchase hardware, software, communication support, to make each State a member of RISS, through a RISS node, also develop secure Web sites and for data integration efforts. There are three main objectives of the MATRIX project. One is connectivity. The other is Web-based access to data intelligence, and the third is factual data analysis. On the connectivity side, as Mr. Lynch had indicated, the RISSNET is used by all the MATRIX participants for all their secure connectivity. And it's graphically displayed there, the six RISS centers. Florida is a node directly to that. The importance to that is that the Criminal Justice Network within the State of Florida is a trusted, secure intranet which connects all of Florida's criminal justice agencies, over 1,000 of those. It provides e-mail services in a secure environment, the ability to have interagency files and image transfers and, as importantly, it allows access to all different types of applications that local agencies and State agencies make available over the CJNet. And some of those are displayed on the materials that have been provided to you. The second objective, as I mentioned, was Web-based access. And in that, we have, within each State, the desire is to be a secure Web site, and that would leverage existing systems that are already built. There's been too much time, money and effort placed into putting in systems; those do not need to be duplicated. You will see in the next slide, the Office of Statewide Intelligence, Florida Department of Law Enforcement. We do have a secure Web site, which allows us to provide law enforcement sensitive information to all of our local, State and Federal partners in the State of Florida. And regarding the first panel and the ability to push information, you will see, in the middle of that, the daily brief. That's something that we do every day. We provide a daily brief to all of our partners, including the Homeland Security Operation Center, about what is going on this day in Florida. The third objective was factual data analysis, and that is the ability to take information, which we discovered as a result of a specific investigation of September 11, where the data aggregators have commercially, public-available information. We discovered, when that can be dynamically linked with data that States collect and maintain--and those are drivers license and digital images, motor vehicle information, criminal history, sexual offender information, Department of Corrections, that when you combine that data, you can take what would be disparate data and make it very meaningful for law enforcement purposes. You will see displayed in the next slide, there is actual screen shots from the FACTS program, and it shows that we can produce information regarding subjects who are the subjects of criminal investigations, their relationships can be shown between individuals of that criminal organization as well as photo lineups and thosetype of things. The system has numerous security considerations in place. The MATRIX board, which may represent each State and oversees the activities of the MATRIX participant, they, as well, address the privacy concerns. And you will see graphically displayed there information that when each member signs on to the system, it again acknowledges again the purpose they are there and the guidelines that they are to operate under. It also requests the need to identify a case number and the type of activity that is being examined. The searches that are done within the FACTS application-- drivers license, vehicles, corporations, telephone directory assistance, property, deed, assessments, those types of things--it is used to investigate domestic security concerns as well as other types of domestic criminal activity. I would like to point out, too, the project has had a lot of misconceptions that have been attached to it. I would like to highlight just one or two of those. Primarily, the FACTS application does not do predictive analysis. It does not track or monitor individuals. It does not collect the types of information that I believe our citizens would be concerned about, such as their health records, where it is that they shop, their credit information and thosetype of things. Simply put, FACTS, within the MATRIX project, was designed simply to allow law enforcement investigators to work more efficiently, pulling information that they have always had access to, legally, and it's not unlike an internet search engine that you use to conduct internet searches. It is a tool; it is not a substitute for investigative work. Thank you, Mr. Chairman, for the opportunity to address you. [The prepared statement of Mr. Zadra follows:] [GRAPHIC] [TIFF OMITTED] 98119.043 [GRAPHIC] [TIFF OMITTED] 98119.044 [GRAPHIC] [TIFF OMITTED] 98119.045 [GRAPHIC] [TIFF OMITTED] 98119.046 [GRAPHIC] [TIFF OMITTED] 98119.047 [GRAPHIC] [TIFF OMITTED] 98119.048 [GRAPHIC] [TIFF OMITTED] 98119.049 [GRAPHIC] [TIFF OMITTED] 98119.050 [GRAPHIC] [TIFF OMITTED] 98119.051 [GRAPHIC] [TIFF OMITTED] 98119.052 [GRAPHIC] [TIFF OMITTED] 98119.053 [GRAPHIC] [TIFF OMITTED] 98119.054 [GRAPHIC] [TIFF OMITTED] 98119.055 [GRAPHIC] [TIFF OMITTED] 98119.056 Mr. Putnam. Thank you very much. Sorry, Ms. Peck. We saved the best for last. Ms. Peck. You did indeed. Mr. Putnam. Our third witness on the panel is Ms. Suzanne Peck. She is chief technology officer for the District of Columbia. Prior to her appointment, she served as the senior technology and operations executive for several Fortune 500 companies. Ms. Peck is a recognized expert in the conception and implementation of large-scale technology operations. Her decade-long service as senior vice president, chief information officer of the Student Loan Marketing Association of Sallie Mae helped transform the $46 billion corporation into one of the Nation's largest wholesale credit providers. More recently, Ms. Peck was senior vice president of CoreStates Financial Corp. and chief executive officer of its $50 million technology startup subsidiary, Welcome to the subcommittee. You are recognized for 5 minutes. Ms. Peck. Thank you. Good afternoon, Mr. Chairman. I am the District of Columbia's chief technology officer, leading the Office of the Chief Technology Officer, the central information technology and telecommunications agency of the District of Columbia Government. I am pleased to testify today on the District's leadership efforts in developing an enhanced information- sharing network that links law enforcement and homeland security for multi-jurisdictional use. In the District, we have developed an integrated suite of information-sharing programs for local, regional and Federal public safety and domestic preparedness. This suite focuses on the exchange, transportation, presentation and coordination of important public safety and emergency preparedness data. And we are building this enhanced information-sharing network to be fully interoperable among District agencies, Federal agencies and regional and national municipalities. In the area of data exchange, we are building a public safety and criminal justice data sharing system that easily integrates this data using only open-standard components which can be easily and quickly replicated by other jurisdictions. This initiative is underway under the name of SHIELD, Securing the Homeland By Integrating Existing Local Data bases. SHIELD currently shares data among 14 District and Federal public safety criminal justice and court agencies and also shares this data with similar agencies in New York City, Pennsylvania, Maryland and Virginia. SHIELD provides access to available, unrestricted public safety and justice data through an interoperability partnership of independent city, State and regional information systems. Through secure internet access, SHIELD allows justice and homeland security officials across the region and the Nation to share incident information and to perform comprehensive public safety analyses in real time and to respond more rapidly with better-informed decisions in first-responder and terrorist situations. In the area of data transport, we are implementing broadband networks over which we are prepared to drive SHIELD shared-information data, both regionally and nationally. One network we are supporting uses the internet as the broadband transport network. We're implementing secure internet connections, using existing components, such as browsers, ISP connections and commerciallyavailable authentication tokens. Another network we are supporting is a pilot broadband public safety network in the 700 megahertz band that allows us to transport real-time video-streaming data from first responder incident sites to central command centers. A third transport initiative we are underwriting is the District's leadership of the Spectrum Coalition, a national coalition of cities, States and counties formed to advocate for national legislation that would permanently allocate spectrum in the 700 megahertz band to public safety so that States and cities throughout the United States would have sufficient reserved spectrum to support vital public safety wireless applications. A fourth key data network effort in which we are participating is the Capital Wireless Integrated Network, or CapWIN, a partnership among Maryland, Virginia and the District to develop an integrated transportation and criminal justice information wireless network. In the area of data presentation, we are enhancing the uses and usefulness of the justice and emergency preparedness data we share and transport to municipal and Federal colleagues by presenting that data in innovative ways. The District's DCSTAT system provides both nearly daily and real time capabilities to collect, organize, report, and map data for use by local, regional and Federal agencies in the national capital region and, by extension, the Nation. DCSTAT will enable local and Federal agency executives and program managers to merge spatial data, that is map data, with traditional public safety data to better predict and manage public safety emergencies in a geographic mapped context. In the area of data coordination, it's critical to effective homeland defense that first-responder and emergency management agencies coordinate data planning and deployment. Our Unified Communications Center, UCC, a 127,000-square-foot building on the East Campus of St. Elizabeths Hospital in Ward 8, will consolidate, when opened in early 2006, District emergency communications and traffic management functions and our 911 emergency, 311 non-emergency, and 727-1000 citizen service call centers. But, in addition, the UCC will play a very key homeland defense role, serving as the Regional Incident Command and Control Communications Center [RICCC], for the 17 major jurisdictions in the national capital area. The RICCC will facilitate communication and coordination among local, State and Federal authorities for effective and timely response to regional and national emergencies. In summary, the initiatives I have just spoken about address the public safety, criminal justice and homeland security data sharing, transportation, presentation and coordination needs that are critical and urgent for the Nation's capital and for the Nation. We have designed our programs from inception to serve not only the District but national homeland defense as well. Each of the elements of the District's enhanced information-sharing network can be easily expanded to local, State, regional and Federal agencies to meet homeland defense needs on a national scale. And we look forward and, in fact, are already working with DHS and our county, State, regional and national partners in achieving this. Thank you, Mr. Chairman. [The prepared statement of Ms. Peck follows:] [GRAPHIC] [TIFF OMITTED] 98119.057 [GRAPHIC] [TIFF OMITTED] 98119.058 [GRAPHIC] [TIFF OMITTED] 98119.059 [GRAPHIC] [TIFF OMITTED] 98119.060 [GRAPHIC] [TIFF OMITTED] 98119.061 Mr. Putnam. Thank you, Ms. Peck. I want to thank all of you for being here today and, in particular, for being here so long here today. We were an hour late starting, and you have been very patient, and fortunately, I am hopeful that we will be able to complete this without being interrupted by votes. But the award, I guess, for your resilience is that you get the last word. So my first question to each of you is to comment on what you heard in panel one and give us some sense if things are going well, not so well, and how you evaluate their observations from the Federal level on information sharing to prevent future terrorist acts, and where there may be some differences from your perspective at the State and local level. So, Mr. Lynch, I will let you begin. Mr. Gerard Lynch. Thank you, Mr. Chairman. I did listen very intently to the gentleman from the FBI as well as Homeland Security, and what they are saying, there is truth to it, although it was sometimes a little more difficult to get the information that we thought we would be getting sooner. But, with regard to the FBI, just before September 11, we were in discussions with the FBI about marrying their system, the LEO system, with the RISS system so that we could have the Federal entities also hooked up with the State and local entities system-wide, not individualized. And since September 11, that became a reality. We are still modifying it. We are still perfecting the relationship with the FBI and the LEO system, and we are very confident that's going to continue. We are getting the bulletins from the FBI that are needed to share among the 7,000 law enforcement agencies that I previously testified about, and we are getting them on a regular basis. We are also working very intently with the Department of Homeland Security. As a matter of fact, just yesterday, we had a meeting with the IAIP section of the Homeland Security to see if we could get some more seamless cooperation between the two entities. And we seem to be on that road, and the road, I think, is going to be leading to more and more cooperation and more and more sharing of information. In fact, on Monday, I have another meeting with the Department of Homeland Security, and the purpose of that is to work out ways that we can share information, use the systems that are out there, the existing systems, and get the information to the entire community. As you know, since RISS system has already developed RISS ATIX, we have been there for several years. Homeland Security is now getting into that field. And what we want to do is, once they are in it, we want to marry those two systems up. And we are in those discussions to make that occur. So we are cautiously optimistic that things are improving, and will continue to improve in the future. Mr. Putnam. Mr. Zadra. Mr. Zadra. Mr. Chairman, I believe that you would be pleased to hear from the State standpoint that things are greatly improved, as each of the gentlemen indicated. Probably would not be so pleased to hear, as was also indicated, that we are not there yet with everything that needs to be done. From the State's perspective, it's our belief and representative of our local agencies, that what we need the Federal Government to do is to help bring all of these systems together. As you can see, they have sprung up all across the Nation. There were existing systems before. What we don't need is to go to a desktop and have to go check 120 different systems from across the country to connect those puzzle pieces. What we need to do is to have the Federal Government, hopefully through the--was mentioned through the National Intelligence Criminal Sharing Plan, they indicated in their Criminal Intelligence Coordinating Council, which would be made up of representatives of the right organizations, to help us as a country come together, and so that we can take and integrate all of the existing systems, to leverage what we have and not take all of this funding that is going forward to the States and to the locals to build, again, disparate silos of information. So there is a lot of work that really needs to be done, and we would hope that the Federal Government would help with that. Also, I think it's critical that what we need the Federal Government to do, and all of the agencies that were represented here today, is we don't need to query their data bases. We need information pushed to us. We should not be where we have to make individual phone calls to all of them. So that information that TTIC is analyzing, it needs to be disseminated, and it's currently, how it's structure is now that it goes to the Federal Bureau of Investigation, which goes to their Joint Terrorism Task Forces or, first, to the intelligence center and then to the respective Joint Terrorism Task Force. Within Florida, we have seven regional district domestic task forces that have liaisons with each of the two JTFFs, and in fact, in two of our regions, they are co-located with them. So we depend a lot on Homeland Security for situation awareness. As there are events unfolding in Florida, we make notification to their command center. Likewise, they make notice to us and, through Jay Reeves, as incidents that are occuring, issues of concern across the country. On the intelligence side, we depend a lot on the intelligence coming from--internationally coupled with the domestic--from other areas of the country to funnel us from the FBI, in addition to the information and intelligence mechanisms from the Department of Homeland Security. Mr. Putnam. Ms. Peck. Ms. Peck. The District of Columbia is in the unique position, not only of being the Nation's capital, but of being the single municipality in the Nation which is a city, a county and a State. So the perspective I bring is of all three of those. And our perspective is that, finally, all terrorism is local. DHS, I think, is doing an extraordinary job at the Federal and national level, and the system that we bring to the party is a system that we have implemented for ourselves to make sure that all of our local public safety, criminal justice and court information is shared within the District; 14 criminal public safety and court entities in the District are now sharing their data for the first time ever in the history of the District. That system can be replicated through using commercially available components, in every municipality in the United States, and the funding for that replication can be taken from local funding. If, theoretically, every individual municipality in the State created only just their own local information- sharing system, and brought that system to a national consortium, all they would need, in addition to that system, is a browser capability, an ISP, a secure ISP connection, and some authentication token so that integration would be the only additional expense to making all local information in the major municipalities in the United States available. What the District of Columbia is doing and believes very strongly in is that system, where we don't create monolithic new systems and structures of communications but take locally funded information-sharing systems in municipalities across the Nation, connect via commercial, secure internet connections and have data available in any kind of emergency preparedness or terrorist incident where any combination of city, States, counties across the Nation can converse with each other, local data availability. DHS then adds the component that each of these systems, local information systems, can also connect, as the gentleman from the FBI told you earlier, with NWCCC, with NCIC, with LEO, with HSIN, with all of the DHS systems and the Federal systems. But a system of local data-sharing across the United States does not have to be invented and implemented whole cloth. It already exists. We are proving that and have proved it in the District and have taken that system, already regionally, to the September 11 municipalities, to New York City, to Virginia, to Maryland and to Pennsylvania and have piloted data exchange of local information among all of those elements. Our next step in this system, in showing that every jurisdiction could build the system very quickly, and for very little marginal cost, is to do what the first panel--you queried the first panel about notification and alerts. The very next thing we are putting into place is that system, so that system, nationwide, of notifications on alerts would exist at a local level, and we are also going to the next production pilot. What we are doing is to connect the entire eastern seaboard and have them exchange information. From the Eastern Seaboard, it's just one easy step to the Nation. So the systems that we have built really are a pilot to show how to have local data available in any permutation and combination, available between and among localities across the Nation and available to DHS. So we look at DHS as the Federal information consortium, and we are looking at local municipalities and connecting local municipalities. Mr. Putnam. It sounds like what you just said, please correct me if I am wrong, is that if DHS would just get out of the way, you would have this thing done in a year or two? Ms. Peck. Local, there--no, what I am saying is, our focuses are different. The focus of DHS is Federal, national information. Our focus is in working with them, and we are working closely with them on these initiatives. And our focus is to have--when I say local information, DHS is not currently focusing on having local mug shots, local fingerprints, local criminal records, local incarceration records at a very, very detailed level. Those are the kinds of things we say, when terrorism occurs, are kinds of information you are very likely to need as well. And so we are, as I look at us, DHS's partner in helping get that information into the bundle without extraordinary expense, from scrap expense. We have simply shown how you can have all of that information made available at very little incremental cost; only integration is the incremental cost. Mr. Putnam. Mr. Zadra, MATRIX, a very innovative program that you have brought up to speed in Florida, does DHS have access to that, or do they have to go through you? Mr. Zadra. We are still awaiting a final policy decision from DHS. We have members of DHS, such as the Immigration, Customs, Enforcement representatives, within this State of Florida who are assigned to our Domestic Security Task Forces. They have access to the FACTS application, the MATRIX project. One complicating factor, Mr. Chairman, since this is under a pilot project and is funded by Federal grants, the information that's been provided to us is that Federal agencies, therefore, cannot benefit from the Federal funds for the position that it possibly could be supplanting congressional funding. That's a policy decision that's still being waited on. Within Florida, however, the Federal partners to our task forces, the State of Florida, our State legislature authorized additional funding for us to purchase additional licenses, if you will, for use by the task force members, and, therefore, we can provide those licenses to our Federal partners and not be in conflict with, perhaps, that policy decision. Mr. Putnam. Have you had an opportunity, post September 11, to take this thing out for a spin and really see how it works in a real live threat situation? Has there been an operation where there was either a threat or a situation that required you to really exercise the system that has grown up since September 11? Mr. Zadra. Respect to FACTS, sir? Mr. Putnam. Yes. Mr. Zadra. Yes, sir. Let me say that FACTS is utilized by the regional domestic security task forces with the subject of concern relating to criminal organizations involved in, perhaps, terrorist activities. So it is used every day by them. An actual incident that happened, that I was personally involved in, is we received a request from a Federal agency who had been advised that there were a certain number of individuals who were on their way to an airport within the State of Florida to bomb it. And they had partial descriptions of vehicles but no tag numbers. Some very suspicious circumstances regarding the individuals observed with those vehicles and the activities that they were involved in. The request to the State of Florida was to provide for them, if you will, the universe of those type vehicles that are registered in the State of Florida. Prior to being able to utilize FACTS, the ability to do that would have required an offline search through our Department of Motor Vehicles which, in the past, has taken 24 to 48 hours to do. Within less than 2 minutes, we provided a list of--and the numbers, our round numbers of approximately 80 of one vehicle and 70 of the other vehicle to them within 2 minutes. The importance of that, however, is by dynamically combining the State-owned data, which is the vehicle registrants, the drivers licenses but, more importantly, the drivers license photographs, when that material was provided to the Federal agency, it had the list of all known vehicles that met that description within a 25-mile radius of where the incident was reported. It had the motor vehicle registration information, the address for each of those. But, more importantly, it had the drivers license photographs for those registered owners. And the Federal agency could go to their witness, provide this and ask that witness, do you recognize any of the following as that? Now, compare minutes to what really would have taken weeks or, I should say, days if not weeks of a table full of analysts and agents sorting through stacks of computer printouts, only then to find a vehicle that may match the description. But then have to go make a separate query to identify the registered owner, make a second query to then identify the actual drivers license photograph associated with that. Now, I will tell you that, in that particular circumstance that I just referenced, that it turned out to be a hoax, so you might ask me, why, Mr. Zadra, would you be discussing that as a success story? And I would say this, it's a success story from this standpoint, that every time it's used, it enhances the investigator's ability with respect to not only the hopeful successful conclusion of that investigative league, but timeliness is what's critical. And when you are talking about a weapons of mass destruction, it's the time, it's those minutes and seconds that count. So any time you utilize FACTS is a success story, in my personal view. And the other thing is that, if you think about this particular circumstance, of the hours that were saved by not having that table full of analysts and agents pursuing leads relating to a hoax--this all--there are numerous success stories, Mr. Chairman, regarding all types of criminal activity. And if I could mention one more to give you an idea of how successful of a tool it is. Within Florida, we had a 15-year-old female who was victimized by a sexual offender who was going around exposing himself to young females within the State. A call came from local law enforcement. And this one young female, there was an attempted actual abduction, so it went beyond just exposing himself to now attempted abduction. Fortunately, this young female was very heady, used good technique, was able to obtain a partial description of attack, observe the facial description of the individual and was able to escape from being abducted, provided that information to local law enforcement. The call to us was, ``We have a partial tag. We have a color of a vehicle. That's all we know. Is there anything you can do?'' Within minutes, we provided a list of, because you can do what is referred to as a wildcard search within FACTS on a partial tag number. But, again, it brought back the registered owner of just a few vehicles now that met that within, again, a mile radius of that, where it was reported, and now, again, we had the photograph. It was shown to the victim, immediately identified the subject, and warrants were issued for its arrest. So that is how the system is used effectively in pursuit of not only terrorism investigations, which are certainly critical, but all types of criminal activity. What we had found was we developed a tool which obviously was brought about from the standpoint of and addressing counter terrorism efforts, but certainly, I don't think any of us would find, if we had a tool in our tool box that was multipurpose, that we would not utilize that tool for any other use. Mr. Putnam. Well, that's interesting that you are so willing to disclose that your search took 2 minutes, and TTIC was reluctant to disclose how long theirs took. I suspect, if it was as efficient as 2 minutes, they might have been more willing to disclose it in open forum. I think that is a perfect example of technology being utilized in a nonintrusive way to keep people safe, either from the traditional bad guys and as well as the, the new terrorist threat that's even greater in this post September 11. Are you satisfied with the level of coordination from the Federal level on these threats? And the example I would use is sort of a nontraditional example, but it's a big deal for Florida, and the example is the recent unrest and humanitarian crisis, actually, in Haiti, that for several days bordered on what could have been a massive migration to Florida. And in the middle of that, I can remember getting a briefing from the State Department on the preparations that were being made in anticipation of a refugee crisis. And my first question was, ``Are you, have you talked to Florida about this?'' and they said, ``Well, no, we haven't.'' Well, then I said, ``You don't have a plan if you are not talking to the people who are about to be on the shores, receiving thousands of people who are going to be in need of medical treatment and food and shelter and clothing and all of these things.'' And it really sort of set off a red light that they still don't get it. Are you satisfied with the level of coordination that exists on major, major efforts like that? Mr. Zadra. Mr. Chairman, I would say that I am encouraged to say I am completely satisfied, I do not think would be the case. There is room for improvement. Perhaps if it would make you feel better with respect to that Haitian situation, we were very well aware and were planning very diligently and were reaching out and we're involving our homeland security partners, the U.S. Coast Guard, the Maritime Intelligence Center out of south Florida. Fortunately within the State of Florida, we were the first State to engage in a very innovative project where we actually have 35 of our regional domestic security task force members who are cross-trained and designated and have detention and arrest authority for immigration issues with respect to domestic security. So we had in place not only with our local law enforcement, but also regional and domestic security task forces to have those representatives and members available to assist in that particular situation. We are continuing dialog and there is still a lot of work to be done to ensure that the State of Florida, particularly our local law enforcement, because as was mentioned, the issues always occur locally. So when you have boatloads of those that are migrating to our shores, they come to local jurisdictions as they pass through the international waters, obviously. But when they get to our shore, local law enforcement is the first to intervene. So we are working through and we are in the process of finalizing some training, which would be for those jurisdictions that line, particularly our south Florida coast line, where there would be specific individuals that would be trained and have the ability to do nothing else but to stop and detain and wait for the proper Federal law enforcement representatives to effectively deal with that situation. Mr. Putnam. Perhaps Ms. Peck or Mr. Lynch could comment on what cyber security assurances are in place to protect the sensitive information that is being transferred between jurisdictions, whether it is between the States and the Federal Government or between States. Mr. Gerard Lynch. I think the cyber security issue is being addressed by the law enforcement communities that are members of the RISS system. And not only do we put on trainings for the law enforcement community about cyber crime and how cyber crime is affecting the lives of the average citizens, but we are also posting on not only RISSLEADS, or RISSLIVE bulletin board incidences of cyber crime identity theft. We are finding out that more and more of these State and local agencies are becoming aware of the effect that cyber crime has had on the relationships of the citizens of this country. And we really looked at it as part of a major crime, whether it is narcotics trafficking or gang activity. Cyber crime is just as important, just as debilitating and just as an effective means of the criminals to perpetrate crimes on the citizens of this country. So we are up to date on that. We are looking constantly to ways that we can combat it and we will continue that training of our law enforcement personnel throughout the country to ensure that cyber crime does, in fact, become an entity. Mr. Putnam. In your organized crime work in New Jersey, had you ever come across an organized crime influence in cyber crime? Mr. Gerard Lynch. Such as identity theft? Mr. Putnam. No. I would kind of lump, unfortunately, identity theft into the more traditional basket of crimes. But utilizing cyberspace perhaps to affect infrastructure, bring confusion or affect perhaps local response capabilities or things like that. Mr. Gerard Lynch. The traditional organized crime members were not involved in that. That was not even--I don't think I've seen any indications that the traditional organized crime was involved in cyber crime to the effect that they want to disrupt the Internet and do something to shut down the communications, such as the banking industry. What we are seeing and what RISS has done is we have basically made our system very secure, so that when they had that last attack on the cyber community, we were being banged almost 20 to 30,000 times an hour from Russia, from Belarus, from all the European countries, so it is a very severe thing. And if the private community does not pick up on it and constantly stay on top of it, they will be shut down as Citibank was done during the last cyber crime attack. We are aware of it and the member agencies are aware of it and we are doing everything to educate and see to it that the criminal information is not affected by it. And I am sure that homeland security will be doing the same thing. It is a very serious issue that could face us in a very dangerous way down the road. But I see it more and more being protected as we protect our system. Mr. Putnam. Sitting here listening to the different acronyms, MAGLOCLEN, RISS, MATRIX, FAX, CJNet, CRIMES, CLEAR, recognizing that it is always kind of a good thing to have your States or localities be the laboratories for innovation, have we reached the point that we are reinventing the wheel in different States? And is the technology mature enough that we really could be just replicating successful programs in other States instead of funding a bunch of new pilot programs? Mr. Gerard Lynch. There will always be regional interests for regional purposes that will be drafted, but we have been in constant contact with Members of Congress who appropriate funding for the RISS program or some similar programs. And what they have put in language now is language that would instruct those grant issuing agencies a directive that if they are going to be setting up any kind of a regional data base or regional telecommunications system that they use existing systems out there and they don't reinvent the wheel so that the existing systems can operate in a very effective manner. And that has been happening. Most of the technology that we have today can be developed so that it can marry most systems up. When we decided to hook up the U.S. attorney's offices nationwide so that we could give them secure e-mail and encrypted translation of information back and forth, it was done because we developed a system that would allow that. And I think that what we are seeing here is that systems are being developed such as the RISS system that allow other systems to seamlessly, if not transfer information, but at least talk to one another and we are seeing that. We in MAGLOCLEN oppose constant duplication, because not only does it affect law enforcement when they want to talk to other agencies and the systems don't talk to each other, but also it costs money when you are developing new systems. So when new systems are coming up and they are coming up--I don't think we can stop that--we want to make sure that if those systems come up, that they are compatible with the systems that are out there. And what I see in the future is that we are going to have a system of systems whether it's RISS system hooked up to the homeland security system, hooked up to RISS/LEO, there are many systems out there that will be able to communicate. Technology is not the issue. Policy is the issue. Mr. Putnam. Ms. Peck. Ms. Peck. I would absolutely concur with that. It is the position of DHS that they support a number of these State-based initiatives and that they follow these initiatives to the logical conclusion of the successful initiatives. So, you know, you plant your beans and you see which ones come up and which ones grow the highest and the best. So I think it makes a great deal of sense to support a number of State systems. We all come to more or less the same conclusion so if you look at MATRIX's technology and SHIELD's technology, we come to a single place that says let's not build it from scratch. Let's use components that already exist. We have used exactly the same kinds of components. The only place I think in which we differ and we both come from a place that says it's the local data that needs to be integrated into the national DHS system. I think the only place that we disagree knowing what I know of MATRIX is knowing what kind of data is included and how that data is used. But in terms of the technology and recognizing that we need to build very cost sensitive systems from existing components and not ask the national government to attach all local data on their expense, we need to ask localities to do that. We have come to exactly the same place. SHIELD's next focus is governments and national security and the security rules that will govern national data sharing and regional data sharing. So again, the technology can be easily replicated at very low costs and we need to have governance structures that say what kind of data, who is authorized to access that data and under what circumstances the data will be used and for what purposes, those kinds of governance, and the security rules as well in terms of the kinds of data and who has access to it. So it's those policy issues that are the things that we are looking at now and I am sure every other State-based system is looking at the same thing. The technology is the easy part, getting people to play together and to agree under which rules they play is much more focused now. Mr. Putnam. Thank you very much. And before we bring this to a close, I want to give all of you the opportunity to have any final comments, it is the least we can do after this long afternoon. Ms. Peck, we will begin with you and end with Mr. Lynch and we will bring this subcommittee hearing to close. Any final thoughts? Ms. Peck. I would like to thank you very much as chairman for the opportunity to highlight the leadership work that the District of Columbia has done in the area of local to national information sharing of public safety, criminal justice. Thank you very much for the opportunity. Mr. Putnam. Chief. Mr. Zadra. Mr. Chairman, I thank you for the opportunity to be here today and I applaud the efforts of this subcommittee. It is the leadership. And we need, speaking from a State and local perspective on bringing all this together. I concur with both the last statements of Ms. Peck and Mr. Lynch in that the technology is not the problem. We have all the systems there that really what we need. What we need to do is figure out how to connect them together. We need them not only regional strategies, we need a State strategy for each of our States so that each of the projects that they have within their major municipalities or sheriff's offices that they can bring those together from a State perspective, and as Mr. Lynch said, we will connect systems to other systems. I am 26-year member of the department of the law enforcement and been involved in criminal investigations for years. What I would like to see on my desk stop is instead of Mark Zadra having to query every police jurisdiction in the United States of America, I believe that we need a national index to where Mark Zadra could query a name and if nothing else, if it was just a pointer--because we are going to have to work through all of the security issues, policy issues, those are privacy issues that need to catch up to the technology, but we need, if nothing else, so I can connect those puzzle pieces. When you go to a store now and you buy a puzzle, you come home and it has a picture on the box and it tells you how many puzzle pieces are in there and you know they're all in that box and you can put your puzzle together. Law enforcement's problem is that we don't have the picture. We don't even know how many pieces there are and our pieces don't come in a box but are spread across the country. So each of those jurisdictions may have that puzzle piece that we need. We shouldn't have to go individually and make phone calls in the way that we used to do business 10 years ago, including just most recently prior to September 11. What we really need to do is collapse all those tools on our desk. We don't need to be a multitasking disorder. Having information is good, but what is important is making it meaningful to us and figure out whether that information fits that puzzle piece. What we would like to see and it needs, from the national perspective, and hopefully, this coordinating council can pull this off, but we need to be in a position that when I sit as investigator at my desktop, I need homeland security to be dealing with me and also me with them as to what is the situational awareness issues that are going on across our country as they are developing. We need to know about them so that when something happens in another State, we in Florida can take that and apply the same protective and necessary protective measures to our critical infrastructure that is the issue. The other thing we need to do is we realize everyday there are individuals that come into contact with our criminal justice agencies as what talked about in SHIELD, that information is sitting out there and being collected already in systems that are already existing. I need the ability to determine with a single query who and where have they come in contact with the criminal justice community, realizing that there are others that have a different type of job and that is intelligence. And intelligence really isn't intended to be shared at all levels with everyone in the criminal justice community or law enforcement. And this plan again speaks to that. We need the ability to hook up to those criminal intelligence systems as well. So again, I thank you for your what you're doing with your subcommittee because I think that is the leadership we need is to pull all of this together, someone to put their hands around it and assist us. We have 40,000 law enforcement officers in the State of Florida who everyday have eyes and ears that are trained on domestic security issues and those things do happen locally. And we need to make sure that not only are we capturing it but we are sending that information and making available to others that have a need for that as well. So again, thank you, sir. Mr. Putnam. Mr. Lynch. Mr. Gerard Lynch. Thank you, Mr. Chairman and thank the committee for bringing this to the forefront. I think that in the followup to the last statement, we are getting closer to that realm. If you saw where we were 2 years ago to where we are today, we are light years ahead of that, but yet we are still a long way from seeing total connectivity. What we have seen as we have seen with the RISS system is that our member agencies such as the Florida Department of Law Enforcement as well as New York City Police Department, are participating more and more because they are seeing a lot more advantages coming out of these systems out there. And with our RISSLive and our RISS ATIXLive, we are seeing a lot more of the agencies starting to talk real-time to each other on key issues, whether it is a fire marshal talking to a fire marshal across the country or a police officer talking to a fire marshal across the country, we are seeing the communities of interest marry each other. And we are seeing a very fruitful end to all of this. We have ventured into the first responder community and we have seen a lot of positive feedback from the electrical critical events individuals to the railroad associations to the trucking industry. They are now working together to share information to shore up our homeland. And not only are the eyes and ears of the local police department alerted, but now we have the truck drivers, the electrical meter readers knowing more about what is going on in this country as far as security and posting threat information. You know, the pilot program we have with the Department of Homeland Security on nuclear power plants is crucial that these pilot plans are developed and our country is much safer, when we see homeland security talking to the FEMA or the Federal management of each State and the local police departments and talking about suspicious activity around nuclear power plants. So I see a lot more happening, but we still have a long way to go. And I think we have to make sure that the systems that are out there are funded properly and moved forward and that these connections such as the NODE activity and the NODE connection with the Florida Department of Law Enforcement can be spread throughout the entire country. And maybe this committee might be a spear head in moving that forward. Again, I thank you. Mr. Putnam. Thank you very much. I want to thank all of our witnesses for your outstanding participation today. Your testimony is vital to helping us to better understand this issue and move toward solutions and better interoperability. Thank you for your patience and your willingness to wait us out. I want to thank the staff for pulling together an outstanding hearing, in particular one of our committee interns who we are losing, Kaitlin Jarling's last day and we appreciate the work that she has done on this hearing and a number of others this summer. In the event that there may be additional questions we did not have time for today, the record will remain open for 2 weeks for submitted questions and answers. Thank you all very much. Subcommittee stands adjourned. [Whereupon, at 5:25 p.m., the subcommittee was adjourned.] <all>