Homeland Security Watch

It’s about time. From remarks by Sec. Chertoff yesterday, quoted in the New York Post:

We’ve come to the conclusion that perhaps there was a little too much bean counting and a little less standing back and applying common sense to look at the total picture,” Chertoff told a grant-writing conference.

“And I’ve heard the complaints about it, looking like we’re playing kind of a pop-quiz type of game with local communities,” he said.

“They have to try to guess what we’re looking for – and if they guess wrong, they don’t get the money that they think they’re entitled to, and that they may be entitled to.”

Back when the decisions were announced, I described the analysis that led to this decision as “garbage in, garbage out”, criticizing it for relying too much on illusory statistical certainty and not enough on a gut-check about threats. And when Sec. Chertoff tried to defend the decision in a New York Times op-ed, I wrote:

I think [Chertoff] needs to get out of PR mode and acknowledge that this decision did not live up to his own high standards for risk management, discuss the unique nature of NYC and DC in the nation’s risk profile, and listen to constructive criticism about how to improve the allocation process.

I’m glad to see that he’s come around to acknowledging this reality. Hopefully we’ll see a more robust grant process in FY 2007, one that doesn’t get falsely seduced by a 3.2 billion calculation spreadsheet, but instead uses this analysis as a support tool for informed grant decisions.

Russia is hosting the “Global Forum for Partnerships between Government and Businesses to Counter Terrorism” this week in Moscow, an event created in conjunction with their chairing of the G8 this year. This press statement on it describes some of the topics of discussion at the forum:

“For example, international trafficking in precious metals and diamonds in estimated in astronomical sums. Part of these illegal funds are used to finance terrorism. Companies working in this sector have announced an initiative to combine the possibilities of government and business to create an effective global system for preventing the smuggling of precious metals. I repeat, the objective is not only to stop the financing of terrorism, but also to cut short the criminal possibilities of this business.”

“Another promising idea was proposed by Finmeccanica and provides for setting up a public/private consultative board to ensure protected and effective communication between critical infrastructures, in particular in the energy sector. The initiative on insuring against terrorism has been advanced as part of the objective to protect the rights of terrorism victims. These are only a few of the multitude of ideas the forum will discuss,” the minister writes.

This latter idea is already well-developed in the United States through ISACs and other tools, but in many countries this framework for public-private partnership on infrastructure issues is less mature. And the first idea is an an intriguing one, building on activities such as the Kimberley Process.

More on the event in this Defense News story.

Reuters has a story tonight which reveals that the US-VISIT entry-exit system has led to only one terror-related apprehension since the program’s inception:

A U.S. border security program that photographs and fingerprints visitors from most foreign countries has apprehended just one terrorism-related suspect since its 2004 inception, officials said on Wednesday.

Details about the 2005 case, brought to light under the Department of Homeland Security’s US-VISIT program, remain murky mainly because of classified restrictions on information about U.S. counterterrorism efforts overseas.

US-VISIT, an acronym for United States Visitor and Immigrant Status Indicator Technology, has denied entry to an estimated 1,644 foreign nationals by matching digital photos and fingerprint scans with records from criminal and terrorism databases.

Most turned away are criminals or immigration law violators. Apart from the single 2005 case, there have been no reported arrests of terrorism suspects as a result of US-VISIT, which has processed tens of millions of people since it began screening visa applicants in January 2004.

The likely reaction to this story will be that this system is ineffective and/or a waste of money, along the lines of Bruce Schneier’s prior thoughtsabout this program. But I think such a critique is essentially unfair. It elides the fact that the primary anti-terror value of US-VISIT is in deterrence, not interdiction; it increases the risk of legal entry such that potential terrorists from non-VWP countries are likely to be deterred from trying to enter by applying for a visa, and instead will choose alternate options such as illicit land border crossings.

The GAO released a report recently entitled “Suggested Areas for Oversight in the 110th Congress” which lists 15 “Targets for Near-Term Oversight,” nearly half of which have to do with key homeland security and counterterrorism challenges. Item #4 is “Ensure the Effective Integration and Transformation of the Department of Homeland Security,” and under that point, the report suggests four key areas of focus:

• Evaluate the progress of DHS and its components in strategic planning, particularly whether strategic plans conform to best practices and link performance goals to resource requirements.
• Assess the progress of DHS in developing and integrating key management functions—financial, acquisition, information, and human capital—across its components.
• Review the progress of DHS and its components in performing risk assessments—particularly in the mission areas like border and transportation security and critical infrastructure protection—as part of a risk management approach to the allocation of resources.
• Examine the progress of DHS and its components in improving partnering with other federal, state and local governments, and private entities in the fulfillment of its homeland security and non-homeland security missions.

There are also sections suggesting near-term oversight on immigration and border security, counter-WMD proliferation, transportation safety and security, computer security, and intelligence transformation. The report also contains a section on programs in need of reform and a section discussing broad governance issues that Congress should look at.

On Monday, DHS released a bulletin announcing the FY 2007 Emergency Management Performance Grants, and opening them for competition, with a due date of December 29, 2006. There is $194 million of funding for the EMPG in FY 2007. You can find the grant guidance and application kit at this link.

Sec. Chertoff released a statement today discussing the Visa Waiver Program (VWP), following on remarks by Pres. Bush earlier in the day in Latvia and Estonia announcing his intentions to find a way to get them into the Visa Waiver Program. Chertoff’s statement describes a vision for a modified VWP that would look a lot like his desired end-state for advanced passenger notification, as outlined in the course of the US-EU negotiations over the PNR dispute earlier this year. His statement today notes:

We envision a secure travel authorization system that will allow us to receive data about travelers from countries before they get on the plane. Countries that are willing to assist the United States in doing effective checks on travelers could be put on track to enter the program soon. For countries seeking admission to the Visa Waiver Program, this would be an opportunity to set a standard that will be applied to the program generally.

This is a clever maneuver on the part of DHS, one that gives eastern European countries the incentive to accede to DHS’s desired rules on PNR’s, and by doing so create pressure on the European nations who are already in the VWP to bend in this direction. Whether this strategy works or not remains to be seen, and a lot will depend on the specifics of the proposal. But this could be a good way to broaden the VWP while at the same time addressing a key security vulnerabilities: the legal, thinly-screened entry into the United States of terrorists who are VWP-country citizens.

Below is a list of homeland security policy events in the DC area next week (as well as the occasional listing outside of DC). Please note that many events require prior invitations and/or RSVPs.

11/27-12/1: 4th International Aviation Security Technology Symposium. Omni Shoreham Hotel, DC.
11/27: Muslim-American Society press conference related to the recent removal of a group of imams from a US Airways flight. Washington National Airport, US Airways ticket counter, 8:15am.
11/27: Homeland Security Legal Policy Discussion & Tour by Women in Government Relations. Lockheed Martin, 300 M St SE, 12 noon.
11/27: SAIS event with Judge Richard Posner on “The Role of Intelligence in Counterterrorism.” 1740 Massachusetts Ave NW, 5:30pm.
11/28: Homeland Defense Journal conference on “Physical and Critical Infrastructure Resilience.” NRECA Headquarters Building, 4301 Wilson Blvd, Arlington VA. 8:30am.
11/28: University of Maryland START event on “Framing Counterterrorism: Comparing Perspectives and Goals.” National Press Club, 529 14th St NW, 9am.
11/29: Library of Congress book event with Susan Hirsch on her book “In the Moment of Greatest Calamity: Terrorism, Grief and a Victim’s Quest for Justice.” 10 First St. SE, Room 119, 12 noon.
11/29: Heritage Foundation event on “Obsession: Radical Islam’s War Against The West.” 214 Massachusetts Ave NE, 12 noon.
11/29: GWU Homeland Security, Emergency and Risk Management Forum on “Massport and Logan Airport: Post 9/11.” 800 21st St NW, Room 307, 4pm.
11/29: Center for American Progress event with Lee Hamilton on “9/11 and the Current State of Homeland Security.” 1333 H St NW, 10th Floor, 5pm.
11/30: National Press Club Newsmaker Luncheon with FEMA director David Paulison. 529 14th St NW, 12:30pm.
12/1: Center for National Policy event on “Jihad.com: How Terrorists Use the Internet.” 1 Massachusetts Avenue, NW, Third Floor, Suite 333. 12 noon.

(Please e-mail me if you have suggestions about additions to this list for this week, or future weeks).

A Washington Post front-pager on Wednesday reported on an internal DHS report that found extensive problems with contracting activities at the Department. From the story:

The confidential report, delivered to department officials in March, focused on spending in fiscal 2005 by the Office of Procurement Operations. During that period, nearly $17.5 billion was spent department-wide on contracts for a variety of goods and services, including security at airports and borders, radiation-detection monitors, and information technology consultants.

….The firm hired to write the report, Acquisition Solutions, examined a sample of 72 contract files for DHS, which wanted to determine whether it was following federal contracting laws and internal policies.

At the outset, the team of acquisition specialists could not locate 33 of the 72 contract files it had selected for the review, so the consultants had to select 33 others.

“The files were extremely difficult to locate and were organized in an inconsistent manner,” they wrote.

The consultants sharply criticized an array of contracting procedures. Of the 72 contract files reviewed, only 14 were deemed to be in “excellent” shape. Those files contained evidence that the contracts were awarded with adequate competition and represented the best deal for taxpayers.

Forty-seven files met only “minimum” standards and showed little evidence of fair and reasonable pricing or supervision by contracting officials.

Eleven files were deemed to be “seriously inadequate,” with key documents missing or incomplete and little evidence that the contracts were competitively awarded or prices were justified.

This story seems consistent with a lot of the prior reportage about DHS contracting practices over the past three years, and has largely been a function of the under-staffing of procurement offices around the Department, something that DHS has worked to address in the last couple of years. There have clearly been problems with contracting at DHS, but it’s difficult to really assess this story further without knowing more about the contents of the report, e.g. what contracts were examined, and in which ways were some of them deficient. Hopefully DHS or the Post will release the full report and provide this additional context.

The final regulations for the air travel portion of the Western Hemisphere Travel Initiative (WHTI) were published in the Federal Register today, available at this link. The publication today means that regulations will go into effect 60 days from today – January 23, 2006 – and will require U.S. citizens and non-immigrant aliens to present a passport when departing or arriving internationally within North America.

The most interesting part of the document is the regulatory analysis, which includes an estimate that 4 million people will need to purchase passports as a result of this regulation in the first year after the rules go into effect, and a significantly lower number in subsequent years. And the document keeps open the possibility that REAL ID-compliant drivers’ licenses could be a future option for WHTI compliance, depending upon how states implement these rules in the coming years.

GovExec published a long story on Wednesday that looks at the role of exercises and simulations as a tool to improve emergency preparedness and response capabilities. It’s a solid piece, discussing the benefits and limitations of different types of exercises and highlighting a few imperatives for these exercises, such as the importance of issuing after-action reports and working seriously to address their implications.

In my continuing efforts to refine and update the links on the right-hand column of this site, I’ve added a new page that lists the myriad websites controlled by the Department of Homeland Security and its constituent agencies. The purpose of this page is to highlight the multiple sources of official information from DHS available on the Internet, above and beyond the main dhs.gov website, which is increasingly difficult to find new information on given its revised layout. Note that a few of these links are entry points for closed systems for certain communities (e.g. law enforcement officials), and not accessible to the general public.

I’ve probably missed a few – if you see a notable omission, e-mail me and let me know.

The Center for Strategic and International Studies (CSIS) held an event that I attended earlier today which looked at the Western Hemisphere Travel Initiative (WHTI). The event focused primarily on the US-Canada border, and examined the challenges associated with delivering the security imperatives of WHTI while at the same time preserving and facilitating the movement of people across borders and accounting for the geographic heterogeneity of the border environment.

I don’t have the time or wherewithal to write up a full summary, but below are a few newsworthy and/or interesting comments from the event:

• Paul Rosenzweig from the DHS Policy Office mentioned something that has been speculated but I haven’t seen the government confirm: that the Terrorist Identities Datamart Environment (TIDE) database gets more positive ‘hits’ at the US-Canada border than at the US-Mexico border.
• The State Department and DHS intend to release the Notice of Proposed Rulemaking for the land portion of WHTI in the first quarter of calendar year 2007. The Departments intend to then implement this land rule as quickly as possible, and not wait until the new deadline of June 2009.
• Frank Moss from the Department of State mentioned a statistic that I hadn’t heard previously, but which makes sense: that 48% of the crossings at the US-Canada border each year are done by 2% of the total population of border crossers (about 500,000 people) – in essence, people who regularly cross the border for work, school, family visits, or shopping trips. But another speaker noted that only about 25% of these 500,000 are enrolled in the NEXUS frequent traveler program right now.
• The issue of REAL ID came up frequently throughout the morning’s discussions, in terms of its potential linkages to WHTI, and forthcoming activity on REAL ID. Alan Snyder from the Office of Rep. Louise Slaughter noted that initial REAL ID regulations are likely to be released in December, and that there was “not a lot of enthusiasm” for REAL ID among the incoming leadership of the House – a comment that could foreshadow changes to laws regarding its mandates.

Overall, it was a very interesting event. C-Span was there, so you’ll perhaps be able to catch reruns over Thanksgiving weekend (but hopefully you have better things to do). And I’ll amend this post if/when there are any news stories that emanate from the event.

Update (11/21): GovExec reports on the event.

A new report from the Congressional Research Service surveys legislation that has been enacted to reform FEMA and the broader preparedness and response system in the wake of Hurricane Katrina:

RL33729: Federal Emergency Management Policy Changes After Hurricane Katrina: A Summary of Statutory Provisions, November 15, 2006

The majority of the report is focused on summarizing Title VI of P.L. 109-295, post-Katrina reform legislation that was tacked onto the FY 2007 DHS approiations bill (H.R. 5441).

The full HLS Watch collection of CRS reports is available here.

The testimony from last week’s hearing on the Secure Border Initiative, which I mentioned in this recent post, is now online on the House Homeland Security Committee website. Looking through the prepared remarks, I found a very interesting chart in the testimony by DHS officials Greg Giddens and Deborah Spero that conceptualizes the DHS strategy for border security in a way that I’ve seen discussed but never illustrated (click picture to enlarge):

The chart essentially provides a framework for deciding what types of resources (e.g. physical infrastructure, technology, border officers) are needed at a particular point along the border, given existing resources, current flows of people, and the geographical realities in that area. The leadership of DHS has talked in the last year about how it is using this type of dynamic model to simulate activity along the border and accordingly make investment decisions, but this is the first time that I’ve seen the concept presented in this format.

The DHS privacy office has finally released its latest annual report to Congress, covering a two-year period from mid-2004 to mid-2006. The delay in the release of this report, which is supposed to be released annually rather than every other year, has been the topic of recent complaints by privacy advocacy groups. This delay is acknowledged in the preface to the report, although it attempts to excuse it based upon leadership turnover issues – a rationale that doesn’t really cut it, given DHS’s decision to leave the privacy office with an acting director for ten months from September 2005 to July 2006.

As for the report itself, there’s very little in the way of new information; it’s essentially a list of activities by the Privacy Office over the last two years, nearly all of which have already been publicly reported.

Homeland security-related issues figured prominently on the agenda of the APEC ministerial meeting in Vietnam last week, building on related work at these meetings over the past several years. The joint statement from the ministerial meeting contains a lengthy discussion of ongoing work on counter-terrorism, pandemic influenza, and emergency preparedness issues among APEC member nations. There are a number of interesting programs and activities mentioned in the document, such as the Asian Development Bank’s Regional Trade and Financial Security Initiative, APEC work on “Mitigating the Terrorist Threat to the APEC Food Supply”, and a Regional Movement Alert List (RMAL) pilot between the United States, Australia and New Zealand, described as “a world first in real time multilateral travel document data exchange.” There are also descriptions of a number of supply chain security initiatives – an issue of particular importance in the Asia-Pacific region.

It’s difficult to judge any one of these programs in isolation, but collectively, I think they serve an important and necessary purpose, building and strengthening the web of ties among nations and government agencies on homeland security issues, in a way that ultimately improves the security of all participating nations.