The Department Develops Its Own Professional Intelligence Workforce

The Department and the Office of Intelligence and Analysis (I&A) have come a long way since I arrived in late 2005, when we could only provide our workforce with external training classes offered by the Intelligence Community (IC). Our Intelligence Training Branch has grown since then, and has begun to develop homeland security-centric courses for our DHS intelligence personnel and our state, local and tribal partners at our own Homeland Security Intelligence Training Center in Ashburn, Va. In fact, the Training Branch was recently a recipient of the Secretary’s award for team excellence.

Professional development opportunities are essential to recruit, develop and retain a cadre of intelligence professionals, who possess standardized knowledge and competencies across the DHS intelligence enterprise. These professional development opportunities help to build a common culture among our departmental intelligence workforce; and also to provide for enhanced collaboration among the intelligence offices of the department’s components.

To support DHS’ diverse intelligence mission, I directed the Training Branch in late 2005 to begin a number of strategic planning activities to strengthen departmental intelligence capabilities. One key area requiring substantial attention is the training and development of the Department’s entry-level intelligence professional workforce. To that end, the Training Branch has developed (or is in the process of developing) the following courses:

• Principles of Intelligence Writing and Briefing
• Critical Thinking and Analytic Methods
• Vulnerabilities and Threat Risk Assessment
• Intelligence Enterprise/Intelligence Community Overview
• Law Enforcement Intelligence Operations

All of the above intelligence training courses are less than one week in length and are delivered by well-qualified instructors. They are open to personnel in the DHS intelligence enterprise and to our state, local and tribal partners. These courses, set within a homeland security-centric exercise framework, make up our five-week, entry-level Basic Intelligence and Threat Analysis Course (BITAC), which confers a Homeland Security Intelligence Officer designation. The BITAC has the added benefit of offering unprecedented opportunities for collaboration and networking across the DHS intelligence enterprise. I am pleased to say that a study that compared BITAC to the national Intelligence Community’s Analysis 101 course found that BITAC met the analytic standards of Intelligence Community Directive Number 203.

To date, the Training Branch has offered five iterations of the five-week course, reaching 110 students from across the DHS intelligence enterprise, including state and local personnel, and even a student from the Canadian government. The first BITAC was piloted in January 2007, and the most recent was completed in November 2008. BITAC has proven popular with the enterprise components, and I&A has received rave reviews for the guest speakers, the curriculum, and the instructors. I’ve had the pleasure of addressing several of the BITAC graduations, where I had the opportunity to meet and talk with the young DHS intelligence officers.

As a follow-on to BITAC, I am proud to say that we completed our first pilot of the Mid-career Intelligence and Threat Analysis Course (MITAC) on Sept. 26, 2008, with 16 journeyman-level students. MITAC was developed as a response to a request from DHS intelligence enterprise chiefs for an enterprise-wide training program to meet the needs of our mid-career intelligence workforce. MITAC is the next step in a DHS intelligence enterprise professional’s career development. Unlike BITAC’s modular format, this course is designed in a block format around critical leadership skills, as follows:

■ Block 1 – Collaboration
■ Block 2 – Best practices
■ Block 3 – Critical thinking
■ Block 4 – Mentoring and communication
■ Block 5 – Applications and exercises

I am pleased to take this next step in establishing a uniform training regimen for all department intelligence professionals. We are looking forward to holding three more BITACs and three MITACs in FY 2009. In addition, another next step following MITAC will be the Senior Intelligence Leaders Course, which is planned for the future.

In addition to training BITAC and MITAC at our Homeland Security Intelligence Training Center, we have also taught 30 analysts in Critical Thinking and Analytic Methods (CTAM) and Principles of Intelligence Writing and Briefing. The five-day CTAM course teaches the basic analytical methods and critical thinking skills required to meet the IC Analytic Standards in a collaborative, homeland security-centric environment. For FY 2009, I am pleased that we will be able to offer four more CTAM courses and two more Principles of Intelligence Writing and Briefings courses.

We are also working to implement the intelligence training provisions from the Implementing Recommendations of the 9/11 Commission Act of 2007 through courses like the BITAC and MITAC in order to establish a common intelligence culture and intelligence-officer skill sets throughout the department. In addition to these two programs, for example, we have partnered with the DHS Office of Security to provide department employees with platforms to develop an understanding of critical types of information and intelligence that can enhance their on-the-job effectiveness.

Our state, local and tribal partners who wish to take any of our courses, such as BITAC and MITAC, are provided assistance from the Grant Programs Directorate within the Federal Emergency Management Agency. These courses are provided at no cost to our partners, and the Grant Programs Directorate may provide grants that cover the cost of travel. This has provided a wonderful opportunity for our state, local and tribal partners to develop and further their analytical skills.

We have also instituted Intelligence Oversight training for everyone (federal employees, contractors, and detailees) who is assigned or detailed to I&A. This is mandatory training to ensure that the constitutional rights and privacy of U.S. persons are protected. In addition, we also have a dozen other web-based training opportunities in such diverse topics as Ethics, Computer Security, Sensitive Compartment Information Refresher, Operations Security, and Equal Employment Opportunity that have been made available through the Training Branch’s registrar desk. These courses are mandatory for I&A personnel, but are available for anyone in DHS who wants to take Web-based professional development courses.

The natural complement to an effective training program is an aggressive effort to retain talented employees through professional development programs. I&A participates in several formal programs, including the joint Intelligence Community duty assignments program and the DHS intelligence rotational assignment program. We are also providing opportunities for our people to take high-caliber leadership and management courses, to participate in Office of Personnel Management and IC professional development training, and to pursue a bachelor’s and master’s-level degree program. I&A has an excellent relationship with the National Defense Intelligence College, which accepts DHS employees for pursuit of a Bachelor of Science in Intelligence or a Master of Science of Strategic Intelligence. These are outstanding educational opportunities that are provided at no cost to I&A federal employees.

I am also enthusiastic about offering the Pat Roberts Intelligence Scholarship Program to new employees. In the past two years, I&A was granted 10 such scholarships annually for our employees who are new (within two years) to the IC. These scholarships are worth $25,000 each and can be used to finance continuing education or to pay off existing college loans. This has proven to be a wonderful tool to retain good employees.

We look forward to improving upon our successful training program this year and to continue developing I&A’s employees professionally because we understand that only well-trained professionals can produce the intelligence our leaders need to keep America safe.

Charlie Allen
Under Secretary for Intelligence & Analysis and Chief Intelligence Officer

Saint Elizabeths Progress

A major milestone was reached for the Department January 8, 2009, when the St. Elizabeths Final Master Plan was approved by the National Capital Planning Commission (NCPC). For the past three and a half years we worked closely with the General Services Administration, and all of the consulting parties with an interest in St. Elizabeths, to develop a Master Plan for a consolidated Department of Homeland Security Headquarters – a plan that meets our minimum requirement of 4.5 million square feet of functional office space, plus necessary parking. This approval makes way for us to begin the first phase of the plan – construction of the Coast Guard facility on St. Elizabeths.

I can’t tell you enough how very pleased I am with the close cooperation and support we’ve received from Congresswoman Eleanor Holmes Norton, the District of Columbia government and the General Services Administration on this project. The D.C. City Council approved the East Campus Small Area Plan December 16, 2008, for redevelopment which provides for the 750,000 square feet of federal parcel to meet the minimum Department need. The breakthrough in the master plan development was the opportunity to synchronize the East Campus and West Campus developments for the benefit of both Homeland Security and the D.C. Government.

Relocating a portion of our program to the East Campus allows us to obtain our minimum square feet of office space, helps address density concerns on the West campus and provides a campus that can function as a single unified headquarters. It will also further enhance our interaction with the community and serve as a catalyst for retail and commercial development on the East Campus.

We currently have employees scattered throughout 70 buildings across the National Capital Region which – among other difficulties – impedes our communication and effectiveness. Our goal is to reduce our total number of office locations from more than 40 to about eight. To remedy this situation we’re consolidating Department facilities and collocating 14,000 of our Headquarters personnel at St. Elizabeths, a historic hospital campus located in Southeast Washington. Once completed, this project will further unify our components, enhance communication, and increase our mission effectiveness, ultimately improving our nation’s security.

Built more than 150 years ago, St Elizabeths remains a National Historic Landmark and we intend to honor its history by retaining and adaptively reusing 99.8 percent of the contributing square footage. The General Services Administration has diligently pursued its historic preservation stewardship responsibilities to stabilize, repair, maintain and assess the St. Elizabeths campus historic buildings and landscapes – representing a $28 million investment to date. The master plan incorporates significant measures to ensure the preservation, rehabilitation and reuse of this historic campus as it is revitalized for the new consolidated headquarters.

In addition to size and historical concerns, we’re also keenly aware of the impact our move will have on the surrounding community. To that end we will work directly with community leaders and consulting parties to implement the framework for limited public access outlined in the Section 106 Programmatic Agreement; while still preserving our security and operational requirements. We also plan to exclude the West Campus Cemetery from any security perimeters, thus maximizing public access opportunities. We look forward to being good neighbors and valued members of the community.

The 2009 fiscal year DHS Appropriations Bill passed by the Congress and signed by the President provides $97 million for tenant requirements to begin construction of the new Coast Guard Headquarters on the West Campus, which is the first phase of our Consolidated Headquarters effort. We look forward to GSA receiving their 2009 appropriation for the project at the conclusion of the current continuing resolution to start the building construction in earnest this fiscal year.

The St. Elizabeths Campus offers a tremendous opportunity to create a secure, state-of-the-art Headquarters focused on achieving our core mission¬—to protect our homeland. We look forward to becoming a valued member of the Ward 8 community as we redevelop and preserve the St. Elizabeths National Historic Landmark for generations to come.

Elaine C. Duke
Under Secretary for Management

Electronic System of Travel Authorization (ESTA)

Beginning Monday, travelers under the Visa Waiver Program will be required to obtain an Electronic System of Travel Authorization (ESTA) in order to visit the United States. This means that any national or citizen seeking to travel to the U.S. under the Visa Waiver Program from one of its 35 participating countries must first go on-line and register for an ESTA. Once approved, the traveler will be authorized to visit our country for up to 90 days for business or tourism without first having to obtain a visa.

Why is ESTA necessary? For starters, it is one of the key security elements of our expanded Visa Waiver Program and an essential tool for identifying potentially high-risk travelers ahead of time. By requiring travelers to register on-line before their journey, ESTA gives authorities more time to screen for threats and ensure that a traveler isn’t a known security risk. ESTA also helps us determine, in advance of travel, whether an individual is eligible for travel under the Visa Waiver Program. This is important because it saves travelers the time, expense, and hassle of flying to the United States only to find out that they are inadmissible under the Visa Waiver Program.

ESTA is quick, easy, and free. In most cases, it provides an almost immediate determination of eligibility for travel. Since its inception, more than one million people have successfully used the system without any problem.

Moreover, each approved ESTA application is generally valid for a period of two years and allows for multiple visits to the United States within that period. ESTA involves no new data collection. All information required for an ESTA application is already collected on the I-94W arrival and departure form that Visa Waiver Program travelers currently provide. And any information submitted through the ESTA website is subject to the same strict controls for similar traveler screening programs governed by U.S. laws and regulations.

Visitors may apply for travel authorization via the ESTA website. If a traveler fails to obtain an ESTA, he or she may be denied boarding, experience delayed processing, or be denied admission to the United States. Travelers who currently have a valid visa for travel to the U.S. are not required to apply for an ESTA.

Michael Chertoff

What the Passenger Name Record Report Really Says

The DHS Privacy Office works overtime to ensure privacy protections at the department for Americans and those who travel to the U.S.  News of our efforts doesn’t always get out.  Recently, my office issued the Passenger Name Record (PNR) Data Report (download PDF), a public document that is a requirement of the joint U.S./EU agreement on PNR.  In fact, I encourage you to check out a previous Leadership Journal where I discussed this. On December 18, I pointed out that the department, including U.S. Customs and Border Protection (CBP), actually complied with the agreement and privacy documentation issued by my office.  Any statements to the contrary are mischaracterizations. I invite you to read the report for the truth.

Yes, the Privacy Office review did find areas for operational and policy improvement – I would be remiss in my statutory duties had I overlooked areas where privacy protections could be better integrated into DHS operations. Specifically, CBP needs to improve its handling of Freedom of Information Act/Privacy Act requests, a key component of redress generally, and with respect to PNR data.  I note, however, that for every recommendation made in the report, there was a concrete and actionable response that CBP began to implement before the report was even issued.  As with any program, improvements can always be made and so is the case here.  CBP did not fail in meeting its commitments to the Agreement and Letters between DHS and the Council of European Union.  CBP actively contributed to the review, opening itself up to criticism while still trying to operationally meet the requirements of the 2007 Agreement and Letters.  Moreover, CBP and the Privacy Office have been working together closely to improve CBP’s handling of FOIA and Privacy Act requests.  I am proud of my office’s hard work and I commend CBP for its efforts and its improvements.

The other half of the story is the one that has been ignored, so I will make it quite clear. The U.S. has upheld its commitments, but the Europeans, to date, have not.  On July 25, 2008, the European Commission vice president wrote to Secretary Chertoff suggesting the first review take place in "late 2008" and that questionnaires be exchanged beforehand.  The Secretary confirmed our intent to participate in order to review "the effective operation and privacy protection" of both U.S. and European systems.

My report was originally intended to provide the basis for a Joint Review in December 2008, which the European Commission unfortunately postponed for unknown reasons. The Joint Review is meant to illustrate the effective oversight and to promote further transparency of activities in both the U.S. and the EU. This is particularly important given that the EU is now considering use of PNR as a screening tool, and some Member States have already begun national PNR programs.

Only through effective oversight and real transparency, here and in Europe, can we truly gauge the effectiveness and impact on individual freedoms resulting from any single approach.

Hugo Teufel III
Chief Privacy Officer

Principles for Implementing Privacy Protections in Research Projects

The Department is often in the headlines for our high-profile efforts to protect the nation, but there are mission-critical activities going on behind the scenes to advance homeland security—including a recent achievement of our Science and Technology Directorate (S&T) and the Privacy Office. Although many of S&T’s activities, such as our work to develop vaccines for dangerous animal diseases, do not impact personal privacy, some of our efforts—like the development of new physical screening technologies—have potential privacy implications.

As we carry out the S&T mission to encourage innovation in the development and use of new technologies in support of homeland security, we have made it a priority to protect the privacy of individuals. To ensure that goal, the Privacy Office and S&T have just developed "Principles for Implementing Privacy Protections in S&T Research." Working together on this new guidance has been a natural fit, enabling us both to contribute our particular expertise. These Principles enable us to provide advanced tools, technologies, and systems to those working to protect our nation while incorporating privacy protections into privacy-sensitive S&T research.

Key Principles

• Privacy Assessment. An assessment of privacy impacts, conducted jointly by S&T and the Privacy Office, will be an integral part of the design, development and implementation of any S&T research project that is privacy-sensitive or involves or impacts personally identifiable information (PII).
• Purpose Specification. The scope and purpose of any specific S&T project will be clearly articulated and documented through a process that includes reviews of its effectiveness by internal experts (S&T staff other than the project’s proponents) and external experts (with appropriate security clearances).
• Transparency. S&T will conduct Privacy Impact Assessments (PIAs) in conjunction with the Privacy Office, as required by the E-Government Act of 2002, for all research projects that involve or impact PII, and will publish PIAs for all non-classified research.
• Data Quality and Integrity. Projects will endeavor to use only data that is reasonably considered both accurate and appropriate for the project’s documented purpose(s).
• Data Minimization. Projects will use the least amount of PII consistent with their documented purpose(s). Where practicable, S&T will use data minimization techniques to accomplish this goal.
• Use Limitation. Projects will only use data in a manner that is consistent with disclosures in all applicable PIAs and Privacy Act System of Records Notices, and consistent with privacy notices and policies that apply to data originally collected by the private sector.
• Data Security. Researchers will take all reasonable steps necessary to maintain the security of the data they use.
• Training. Personnel involved in a project will receive training on DHS privacy policy and on the privacy protections built into individual research projects.
• Audit. Projects will use automated or non-automated audit procedures to ensure compliance with project access and data usage rules.
• Redress. The Privacy Office, together with S&T’s Privacy Officer, will develop and administer a redress program to handle inquiries and complaints regarding any S&T research project and to provide relief where warranted.

The Principles appear in an appendix to Data Mining: Technology and Policy, the Privacy Office’s 2008 report to Congress on Department data mining activities. The report is available on the Privacy Office website.

We are proud of the collaborative work that led to the creation of these principles, and look forward to continuing to work together in our common mission to protect the American people and our homeland.

Hugo Teufel III
Chief Privacy Officer

Jay M. Cohen
Under Secretary, Science and Technology Directorate