[House Hearing, 112 Congress]
[From the U.S. Government Printing Office]
LESSONS FROM FORT HOOD: IMPROVING OUR ABILITY TO CONNECT THE DOTS
=======================================================================
HEARING
before the
SUBCOMMITTEE ON OVERSIGHT,
INVESTIGATIONS, AND MANAGEMENT
of the
COMMITTEE ON HOMELAND SECURITY
HOUSE OF REPRESENTATIVES
ONE HUNDRED TWELFTH CONGRESS
SECOND SESSION
__________
SEPTEMBER 14, 2012
__________
Serial No. 112-118
__________
Printed for the use of the Committee on Homeland Security
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
Available via the World Wide Web: http://www.gpo.gov/fdsys/
__________
U.S. GOVERNMENT PRINTING OFFICE
81-127 PDF WASHINGTON : 2013
For sale by the Superintendent of Documents, U.S. Government Printing
Office Internet: bookstore.gpo.gov Phone: toll free (866) 512-1800;
DC area (202) 512-1800 Fax: (202) 512-2104 Mail: Stop IDCC,
Washington, DC 20402-0001
COMMITTEE ON HOMELAND SECURITY
Peter T. King, New York, Chairman
Lamar Smith, Texas Bennie G. Thompson, Mississippi
Daniel E. Lungren, California Loretta Sanchez, California
Mike Rogers, Alabama Sheila Jackson Lee, Texas
Michael T. McCaul, Texas Henry Cuellar, Texas
Gus M. Bilirakis, Florida Yvette D. Clarke, New York
Paul C. Broun, Georgia Laura Richardson, California
Candice S. Miller, Michigan Danny K. Davis, Illinois
Tim Walberg, Michigan Brian Higgins, New York
Chip Cravaack, Minnesota Cedric L. Richmond, Louisiana
Joe Walsh, Illinois Hansen Clarke, Michigan
Patrick Meehan, Pennsylvania William R. Keating, Massachusetts
Ben Quayle, Arizona Kathleen C. Hochul, New York
Scott Rigell, Virginia Janice Hahn, California
Billy Long, Missouri Ron Barber, Arizona
Jeff Duncan, South Carolina
Tom Marino, Pennsylvania
Blake Farenthold, Texas
Robert L. Turner, New York
Michael J. Russell, Staff Director/Chief Counsel
Kerry Ann Watkins, Senior Policy Director
Michael S. Twinchek, Chief Clerk
I. Lanier Avant, Minority Staff Director
------
SUBCOMMITTEE ON OVERSIGHT, INVESTIGATIONS, AND MANAGEMENT
Michael T. McCaul, Texas, Chairman
Gus M. Bilirakis, Florida William R. Keating, Massachusetts
Billy Long, Missouri, Vice Chair Yvette D. Clarke, New York
Jeff Duncan, South Carolina Danny K. Davis, Illinois
Tom Marino, Pennsylvania Bennie G. Thompson, Mississippi
Peter T. King, New York (Ex (Ex Officio)
Officio)
Dr. R. Nick Palarino, Staff Director
Diana Bergwin, Subcommittee Clerk
Tamla Scott, Minority Subcommittee Director
C O N T E N T S
----------
Page
STATEMENTS
The Honorable Michael T. McCaul, a Representative in Congress
From the State of Texas, and Chairman, Subcommittee on
Oversight, Investigations, and Management:
Oral Statement................................................. 1
Prepared Statement............................................. 3
The Honorable William R. Keating, a Representative in Congress
From the State of Massachusetts, and Ranking Member,
Subcommittee on Oversight, Investigations, and Management:
Oral Statement................................................. 7
Prepared Statement............................................. 8
The Honorable Bennie G. Thompson, a Representative in Congress
From the State of Mississippi, and Ranking Member, Committee on
Homeland Security:
Prepared Statement............................................. 9
WITNESSES
Panel I
Mr. Douglas E. Winter, Deputy Chair, The William H. Webster
Commission:
Oral Statement................................................. 10
Prepared Statement............................................. 12
Ms. Ishrad Manji, Director, Moral Courage Project, New York
University:
Oral Statement................................................. 20
Prepared Statement............................................. 22
Mr. Michael E. Leiter, Former Director of the National
Counterterrorism Center:
Oral Statement................................................. 23
Prepared Statement............................................. 25
Panel II
Mr. Kshemendra Paul, Program Manager, Information Sharing
Environment, Office of the Director of National Intelligence:
Oral Statement................................................. 42
Prepared Statement............................................. 43
FOR THE RECORD
The Honorable Michael T. McCaul, a Representative in Congress
From the State of Texas, and Chairman, Subcommittee on
Oversight, Investigations, and Management:
Statement of William H. Webster, Chair, The William H. Webster
Commission................................................... 28
LESSONS FROM FORT HOOD: IMPROVING OUR ABILITY TO CONNECT THE DOTS
----------
Friday, September 14, 2012
U.S. House of Representatives,
Subcommittee on Oversight, Investigations, and
Management,
Committee on Homeland Security,
Washington, DC.
The subcommittee met, pursuant to call, at 9:12 a.m., in
Room 311, Cannon House Office Building, Hon. Michael T. McCaul
[Chairman of the subcommittee] presiding.
Present: Representatives McCaul, Duncan, Keating, and
Davis.
Mr. McCaul. The committee will come to order.
The purpose of this hearing is to examine information
sharing across relevant intelligence and law enforcement
agencies, specifically as it pertains to the report issued by
the Webster Commission, which focused on the Fort Hood attack.
As I mentioned, Mr. Winter, let me applaud you for your great
work, and Mr. Webster, on that report.
I now recognize myself for an opening statement.
Before we begin today's hearing, we should pay tribute to
our brave diplomats who serve our Nation abroad. Unfortunately,
one of our ambassadors, Chris Stevens, and three of his
colleagues were killed on Tuesday, the 11th anniversary of the
9/11 attacks on the United States. These events and others
should remind every American that we are a Nation under siege
and must remain vigilant, doing all that we can to uncover and
take action against terrorist plots, whether the danger
confronts us here in the United States or abroad.
In June 2009, FBI Director Robert Mueller acknowledged the
immense challenge facing the Bureau, stating, ``It is not
sufficient for us as an organization to respond to a terrorist
attack after it has occurred. It is important for us as an
organization to develop the intelligence to anticipate a
terrorist attack, developing intelligence, developing facts. In
the past, we looked at collecting facts for the courtroom. We
now have to think of ourselves as gathering facts and painting
a picture of a particular threat, understanding the risk and
moving to reduce that risk.'' I couldn't agree more with the
Director's statement.
Then on November 5, 2009, a gunman walked into the Soldier
Readiness Center at Fort Hood, Texas, and shouted the classic
jihadist term ``Allahu Akbar'' and opened fire on unarmed
soldiers and civilians. He killed 13 and wounded 42 others.
This was the most horrific terrorist attack on U.S. soil since
9/11.
Today, we will examine the facts of the Fort Hood case as
we know them to better understand how these facts that seem so
obviously alarming now were so missed by seasoned professionals
and to understand how the FBI and intelligence community as a
whole can benefit from the lessons learned from this tragedy at
Fort Hood.
The suspect in the Fort Hood shooting is Major Nidal Hasan,
a commissioned officer in the United States Army, who openly
communicated with the Muslim cleric and No. 2 terrorist Anwar
al-Awlaki. Hasan characterized himself as a soldier of Allah
and who was assigned the task of counseling our soldiers coming
home from the battlefield.
Let's step back in time and examine the facts.
On May 31, 2009, Hasan sent one of several emails to al-
Awlaki, one of the ones that I found most disturbing. The email
read in part, ``I heard a speaker defending suicide bombings as
permissible. He contends that suicide is permissible in certain
cases. He defines suicide as one who purposely takes his own
life but insists that the important issue is your intention.
Then he compares this to a soldier who sneaks into an enemy
camp during dinner and detonates his suicide vest to prevent an
attack that is known to be planned the following day. The
suicide bomber's intention is to kill numerous soldiers to
prevent the attack to save his fellow people the following day.
He is successful. His intention was to save his people, his
fellow soldiers, and the strategy was to sacrifice his life.
This logic seems to make sense to me,'' says Mr. Hasan.
This email telegraphs almost precisely what happened that
fateful day. This email was in the hands of the FBI before the
attack.
In another email to Anwar al-Awlaki, Hasan asked, ``Please
keep me in your Rolodex in case you find me useful, and please
feel free to call me collect.''
So in December, 2008, the FBI's San Diego field office
intercepted two emails from Hasan and al-Awlaki and identified
the email as a product of interest. Over the course of the next
several months, the San Diego field office and the Washington
field office would exchange emails about how aggressively to
investigate the Hasan lead.
In June 2009, Washington sent the following email to San
Diego: ``Given the context of his military and medical research
and the content of his, to date, unanswered email messages from
al-Awlaki, WFO does not currently assess Hasan to be involved
in terrorist activities.''
The FBI agent in San Diego described Washington's inquiry
into Major Hasan as ``slim.''
The case was dropped until November 5, when the media began
circulating reports of the massacre. At that time, the San
Diego agents knew exactly who the perpetrator was, saying,
``You know who that is. That's our boy.''
Years before the FBI knew of Nidal Hasan, the Army major
was being noticed by his superiors and colleagues at Walter
Reed Army Medical Center, where he was a resident in the
psychiatric program being trained to care for soldiers coming
home from war. Two fellow officers described Hasan as a,
``ticking time bomb.''
During his medical residency and post-residency fellowship,
Hasan demonstrated evidence of violent extremism. On several
occasions he presented sympathetic views towards a radical
Islam view and wrote papers defending Osama bin Laden, actions
that enraged his classmates and professors. Yet no action was
taken. Instead, Major Hasan was rewarded for his work and
promoted.
His officer evaluation reports state, ``Among the better
disaster and psychiatry fellows to have completed the master of
public health at the Uniformed Services University. He has a
keen interest in Islamic culture and faith and has shown
capacity to contribute to our psychological understanding of
Islamic nationalism and how it may relate to events of National
security and Army interest in the Middle East and Asia.''
These officer evaluation reports were inaccurate. These
were all flags, none of which were acted upon. So many flags in
this case. These reports did not present the facts about
Hasan's character. In reality, Hasan was barely a competent
psychiatrist, whose radical views alarmed his colleagues; and
the irony to me is this is the very man who was to counsel our
soldiers coming back from the field of battle.
In the Hasan case, both the FBI and DOD had important
pieces to the puzzle that, if put together, maybe just could
have possibly saved the lives of 12 soldiers and one civilian.
I want to personally express my sympathy to those impacted
by the terrorist attack at Fort Hood. We should treat those who
died and who were wounded as brave Americans and award each of
them a Purple Heart medal.
When I spoke with the victims' families at the Fort Hood
memorial service, I saw first-hand the outrage and loss they
felt, and I wanted to help them find answers. But I want these
answers to serve as a catalyst to effect change and improve our
intelligence community as a whole so we can stop these attacks
before they occur. We have had great successes. We do look
forward to hearing from the witnesses' testimonies to
understand what went wrong in this case and how we can prevent
such a tragedy from occurring in the future.
With that, I now recognize the Ranking Member, the
gentleman from Massachusetts, Mr. Keating.
[The statement of Chairman McCaul follows:]
Statement of Chairman Michael T. McCaul
September 14, 2012
Before we begin today's hearing we should pay tribute to our brave
diplomats who serve our Nation abroad. Unfortunately one of
Ambassadors, Christopher Stevens, and three of his colleagues were
killed on Wednesday, the eleventh anniversary of the 9/11 attacks on
the United States. These events, and others, should remind every
American that we are a Nation under siege and must remain vigilant
doing all we can to uncover and take action against terrorists, whether
the danger confronts us here in the United States or abroad.
In June 2009, Federal Bureau of Investigation (FBI) Director Robert
Mueller acknowledged the immense challenges facing the Bureau stating:
``The stages we are going through now I call mind-set changes. By mind-
set I mean understanding that it is not sufficient for us as an
organization to respond to a terrorist attack after it has occurred. It
is important for us as an organization to develop the intelligence to
anticipate a terrorist attack. Developing intelligence is developing
facts. In the past we looked at collecting facts for the courtroom. We
now have to think of ourselves as gathering facts and painting a
picture of a particular threat, understanding the risk and moving to
reduce that risk.''
On November 5, 2009, a gunman walked into the Soldier Readiness
Center at Fort Hood, Texas, shouted ``Allah Akbar,'' and opened fire on
unarmed personnel. He killed 13 and wounded 42 others. This was the
most horrific terrorist attack on U.S. soil since 9/11.
Today we will examine the facts of the Fort Hood case as we now
know them--to better understand how these facts that seem so obviously
alarming now were missed by seasoned professionals--and to understand
how the FBI and intelligence community as a whole can benefit from the
lessons learned from the tragedy at Fort Hood.
The suspect in the Fort Hood shootings is Major Nidal Malik Hasan,
a commissioned officer in the United States Army, who openly
communicated with the terrorist Anwar al-Awlaki, who characterized
himself as a soldier of Allah, and who was assigned the task of
counseling our soldiers coming home from the battlefield.
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
Let's step back in time and examine the facts. On May 31, 2009,
Hasan sent one of several emails to the radicalized Muslim cleric Anwar
al-Alwaki. The email read:
``I heard a speaker defending suicide bombings as permissible . . . He
contends that suicide is permissible in certain cases . . . He defines
suicide as one who purposely takes his own life but insists that the
important issue is your intention . . . Then he compares this to a
soldier who sneaks into an enemy camp during dinner and detonates his
suicide vest to prevent an attack that is known to be planned the
following day. The suicide bomber's intention is to kill numerous
soldiers to prevent the attack to save his fellow people the following
day. He is successful. His intention was to save his people/fellow
soldiers and the strategy was to sacrifice his life. The logic seems to
make sense to me . . . ''
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
In another email to al-Awlaki, Hasan asks to ``Please keep me in
your Rolodex in case you find me useful and feel free to call me
collect.''
In December 2008, the FBI San Diego Field Office intercepted two
emails from Hasan to al-Awlaki and identified the email as ``Product of
Interest.'' The lead was sent to the Washington field office because
Hasan resided in the area. Over the course of the next several months
the San Diego field office and the Washington field office would
exchange emails about how aggressively to investigate the Hasan lead.
In June 2009, the Washington field office sent the following email to
the San Diego field office:
``Due to [redacted] HASAN'S email contact with AULAQI, HASAN was not
contacted, nor were his command officials. Given the context of his
military/medical research and the content of his, to date unanswered
[from AULAQI] email messages, WFO does not currently assess HASAN to be
involved in terrorist activities.''
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
The FBI agent in San Diego described Washington's inquiry into
Hasan ``slim''. The case was dropped until on November 5 when the media
began circulating reports of the massacre--the San Diego agents knew
immediately saying, ``you know who that is, that's our boy.''
Years before the FBI knew of Nidal Hasan the Army Major was being
noticed by his superiors and colleagues at Walter Reed Army Medical
Center where he was a resident in the psychiatric program being trained
to care for soldiers coming home from war. Two fellow officers
described Hasan as a ``ticking time bomb''. During his medical
residency and post-residency fellowship Hasan demonstrated evidence of
violent extremism. On several occasions, he presented sympathetic views
towards radical Islam and wrote papers defending Osama bin Laden--
actions that enraged his classmates and professors. Yet no action was
taken.
Instead, Major Hasan was rewarded for his work and promoted. His
officer evaluation reports state:
`` . . . among the better disaster and psychiatry fellows to have
completed the Master of Public Health at the Uniformed Services
University''
`` . . . keen interest in Islamic culture and faith and has shown
capacity to contribute to our psychological understanding of Islamic
nationalism and how it may relate to event of National security and
Army interest in the Middle East and Asia.''
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
These officer evaluation reports were inaccurate. They did not
present the facts about Hasan's character. In reality, Hasan was barely
a competent psychiatrist whose radical views alarmed his colleagues.
In the Hasan case, both the FBI and DOD had important pieces to the
puzzle that if put together could have developed the picture more
accurately and in my opinion, would've prompted a more thorough
inquiry. Of course, we don't know if that could've changed the events
at Fort Hood but we should strive to improve, for the victims and their
families.
I want to personally express my sympathy to those impacted by the
terrorist attack at Fort Hood. We should treat those who died and were
wounded as brave Americans and award each a Purple Heart Medal.
When I spoke with the victims' families at the Fort Hood Memorial
service, I saw first-hand the outrage and loss they felt and I want to
help them find answers. But I want the answers to serve as a catalyst
to affect change and improve our intelligence community as a whole so
we can stop these attacks before they occur.
We look forward to hearing the witness testimonies to better
understand what went wrong and how we can prevent such tragedies in the
future.
Mr. Keating. Thank you, Mr. Chairman.
As we all pause to think of the families of the four
Americans who were lost just this week in Libya and keep their
families in our prayers and thoughts, it is significant that we
come here today in dedication to find every piece of
information we can find that will determine how better to keep
the Americans that serve us so well safe as they try to keep us
safe. So with that, Mr. Chairman, I thank you for holding
today's hearing.
Three years ago, on November 5, 2009, the Nation was
shocked by the mass shooting that occurred at the Army
Deployment Center located at Fort Hood, Texas. During the
shooting, 13 lives were lost, 43 individuals were wounded, and
the lives of so many others were forever changed.
It later became evident that the warning signs existed well
before the tragedy and should have, at a minimum, been further
investigated. Both the FBI and the Department of Defense had
knowledge of Major Hasan's potential as a threat to homeland
security.
The actions leading up to the massacre by Major Nidal Malik
Hasan, the sole suspect in the murders, should have
unequivocally sparked a greater concern on the part of
officials. Yet dots were not connected, information was not
shared, and the lack of formal policies and protocols led to a
colossal breakdown in communication.
In December, 2009, at the direction of the FBI director,
the Webster Commission was created to examine the events that
occurred before and after the shootings. The Final Report of
the William H. Webster Commission on the FBI, Counterterrorism
Intelligence, and the Events at Fort Hood Texas, which
represent the work of the Commission, was released in July
2012.
The crucial recommendation mirrored in both the Webster
Commission's report and the 9/11 Commission's report focused on
the importance of information sharing to our Nation's security
and the need to do away with a culture of territorialism that
existed between the various levels of Federal, State, and local
authorities. As a former Massachusetts district attorney
myself, I was once at the bottom rung of the information-
sharing ladder and understand the consequences of inadequate
lines of communication. For this reason, my first legislative
measure signed into law was an amendment to the intelligence
authorization that encouraged Federal authorities to utilize
fusion centers and enlist all of the intelligence capabilities,
including that of law enforcement, to secure our homeland.
Since then, I have been following the progress of the
recommendations set forth in the 9/11 Commission, and now the
Webster Commission, in regard to intelligence sharing and am
pleased that the administration has indicated that effective
information sharing and access throughout the Government is a
top priority.
This all being said, I am interested in hearing from both
our witness panels today on their thoughts and their own
recommendations.
With that, I yield back the balance of my time.
[The statement of Ranking Member Keating follows:]
Statement of Ranking Member William Keating
September 14, 2012
Three years ago, on November 5, 2009, the Nation was shocked by the
mass shooting that occurred at the Army deployment center located at
Ft. Hood, Texas. During the shooting, 13 lives were lost, 43
individuals were wounded, and the lives of so many others were forever
changed. It later became evident that warning signs existed well before
this tragedy and should have, at a minimum, been further investigated.
Both the FBI and the DOD had knowledge of Major Hasan's potential
as a threat to homeland security. The actions leading up to the
massacre by Major Nidal Malik Hasan--the sole suspect in the murders--
should have unequivocally sparked greater concern.
Yet, dots were not connected, information was not shared, and the
lack of formal policies and protocols led to a colossal breakdown in
communication.
In December 2009, at the direction of the FBI Director, the Webster
Commission was created to examine the events occurring before and after
the shootings.
The Final Report of the William H. Webster Commission on the FBI,
Counterterrorism Intelligence, and the Events at Fort Hood, Texas which
represents the work of the Commission was released in July 2012.
The crucial recommendation mirrored in both the Webster
Commission's report and the 9/11 Commission's report focused on the
importance of information-sharing to our Nation's security and need to
do away with the culture of territorialism that existed between the
various levels of Federal, State, and local authorities.
As a former Massachusetts District Attorney, I was once on the
bottom rung of the information-sharing ladder and understand the
consequences of inadequate lines of communication.
For this reason, my first legislative measure that was signed into
law was an amendment to the Intelligence Authorization that encouraged
Federal authorities to utilize fusion centers and enlist all of the
intelligence capabilities--including that of law enforcement--to secure
our homeland.
Since then I have been following the progress of the
recommendations set forth by the 9/11 Commission, and now the Webster
Commission, in regard to intelligence-sharing and am pleased that the
administration has indicated that effective information sharing and
access throughout the Government is a top priority. This all being
said, I am interested to hear from both witness panels today on their
thoughts and their own recommendations.
Mr. McCaul. I thank the Ranking Member. Members are
reminded that additional statements may be submitted for the
record.
[The statement of Ranking Member Thompson follows:]
Statement of Ranking Member Bennie G. Thompson
September 14, 2012
Three days ago, we marked the eleventh anniversary of the September
11, 2001 terrorist attacks.
That tragedy left us with a number of valuable lessons. As the 9/11
Commission found, Government agencies charged with collecting
intelligence and law enforcement data did not ``connect the dots'' that
could have revealed that attacks of the proportion launched on 9/11
were under way.
Since that time, the importance of horizontal information sharing
among Federal agencies and vertical information sharing from Federal
agencies to State, local, and Tribal entities has been weaved into our
homeland security efforts.
However, on November 5, 2009, the tragic events that occurred at
the Army base located in Fort Hood, Texas, once again revealed that the
failure to connect the dots can lead to disastrous results.
On that day, 13 people lost their lives and 43 individuals were
wounded at the hand of a single gunman who was on the separate radars
of the FBI and the DOD. Unfortunately, that information was not
coordinated.
In some of the reports and the rhetoric following the Ft. Hood
shooting, there were claims that the failure to connect the dots was
based on ``political correctness.''
I strongly disagree. The information-sharing challenges that we
faced then and continue to face now are more grounded in protecting
turf than being timid.
To conclude that the source of the missteps was based on the
religion of the perpetrator takes us backwards and takes our eyes off
the ball.
Instead, our focus should be on ensuring that communication
systems, information technology, training, and protocols are improved
Government-wide.
And most importantly, removing stovepipes.
The Fort Hood shooting occurred nearly 3 years ago. Fortunately,
since that time, information sharing has improved and we have the death
of Osama bin Laden, the conviction of the New York City subway bomber,
and other success stories as proof of this joint effort.
Mr. McCaul. We are pleased to have a very distinguished
panel of witnesses here today, and I would like to introduce
them.
First, we have Mr. Douglas Winter. He is Deputy Chair and
Editor-in-Chief of the William Webster Commission. He is a
counsel and former partner in the law firm of Bryan Cave, where
he is the head of the firm's electronic discovery unit. He
served as law clerk to Judge William Webster on the U.S. Court
of Appeals for the 8th Circuit. Also served as a captain in the
U.S. Army and is a graduate of the U.S. Army Judge Advocate
General school.
Second, we have Ms. Irshad Manji. She is the Director of
Moral Courage Project at New York University's Wagner Research
Center for Leadership in Action. As Director, she equips
students to become global citizens by speaking truth to power
in their communities. As a reformist Muslim, Ms. Manji has
written multiple books on the trends that are changing the
world of Islam.
It is so great to have you here today. Thank you for being
here.
Finally, I would say my colleague and friend from
Department of Justice, Mr. Leiter. Michael Leiter is the Senior
Counsel to the Chief Executive Officer of Palantir Technologies
and the former Director of the National Counterterrorism
Center.
It is great to have you here today as well, Mr. Leiter.
The Chairman now recognizes Mr. Winter for his testimony.
STATEMENT OF DOUGLAS E. WINTER, DEPUTY CHAIR, THE WILLIAM H.
WEBSTER COMMISSION
Mr. Winter. Thank you.
Good morning, Chairman McCaul, Ranking Member Keating, and
Members of the subcommittee. I am joined today by Adrian Steel,
the commissioner who was responsible as governing authorities
liaison with the Department of Justice and the FBI, and also
staff member George Murphy.
It is impossible in the time allotted to describe the
lengthy and detailed investigation that is set forth in the
final report. Director Mueller's terms of reference were
extraordinary in scope.
The factual background, as you know, is intricate and
complex. There is no simple calculus of cause and effect here.
The mistakes and shortcomings we identified were the products
of cascading sets of circumstances that range from a lack of
policy guidance, training, and adequate technology to a
misleading set of Army personnel records and an error in
interpreting an abbreviation.
My written statement sets forth an overview of our analysis
and our findings. Today, I will devote a review of the
recommendations to help underscore the lessons of Fort Hood.
The FBI has concurred in the principles underlying each of
our 18 recommendations and in almost every instance has
implemented or is implementing a responsive measure. We
recommended that the FBI adopt seven policies to formalize FBI
practices that were not followed in the Hasan matter or that
would help assure information sharing in similar circumstances.
The recommended policies concerned the counterterrorism
command-and-control hierarchy at the FBI, restrictions on
counterterrorism leads assigned to Joint Terrorism Task Force
officers, and clearinghouse procedures for counterterrorism
investigations and assessments of law enforcement personnel and
other Government personnel.
When Judge Webster was sworn in as director of the FBI,
there were three analysts at the FBI. Today, the FBI relies on
a cadre of more than 3,000 intelligence analysts with
established career paths. We applauded the FBI's success in
embedding analysts, creating fusion cells, and other analysis-
driven initiatives. We recommended further integration of
analysts into FBI operational groups.
A crucial lesson of Fort Hood is the ever-changing
diversity and complexity of communications technologies and the
impact of the ever-growing amount of electronic information on
the FBI's ability to identify and combat terrorism. These
change the ways in which the FBI will in the future need to
acquire, store, review, manage, disseminate, and act on
intelligence.
We recommended that the FBI expedite and seek expanded
funding for enterprise data management programs, with an
emphasis on aggregating its primary investigative databases,
collecting and storing data as a separate service from
applications, and developing shared storage solutions across
the U.S. intelligence community.
We recommended that the FBI seek funding for acquisition of
new hardware for its DWS-EDMS database system, which lacks the
infrastructure to fulfill system demands and also lacks a live
disaster recovery backup.
Only two people, an FBI agent and an analyst, were charged
with reviewing information in the al-Awlaki investigation. The
crushing volume of information they confronted, the limited
technology, and other factors forced those two people to review
the 18 Hasan-al-Awlaki communications in a day-to-day context
with 20,000 other items of electronic information they
reviewed.
We recommended that the FBI evaluate and acquire
information technology that was automated and advanced that
would assist personnel in reviewing and managing data.
We also recommended that the FBI implement managed
information review protocols for these types of large data
collections. That would allow for case-specific review of the
type that occurred in the al-Awlaki investigation, as well as
strategic review by different review teams.
An important reminder of Fort Hood is that Congress, the
Justice Department, and the FBI must assure that the FBI's
governing authorities strike an appropriate balance between
protecting civil liberties and privacy interests and detecting
and deterring threats like those posed by Major Hasan. We
recommended, among other things, that the FBI should increase
internal compliance reviews and audits and that its existing
governing authorities should remain in effect.
Training, we learned, is crucial, particularly in the task
force context, where you have a diverse number of Federal,
State, local, and Tribal agencies. The DCIS agent who conducted
the Hasan assessment in the Washington field office did not
even know that the DWS-EDMS database existed, leading him, and
in turn his FBI supervisor, to believe that there were only two
communications between Hasan and al-Awlaki. We recommended that
the FBI require task force officers to complete database and
computer training before they join the Joint Terrorism Task
Force.
In closing, I want to note that the final report focuses on
what went wrong. But throughout our investigation we were
witness to all that was right about the FBI. We saw patriotism,
professionalism, dedication, and long hours of work in a
context of constant threats and limited resources. Agents,
analysts, and task force officers are confronted with decisions
every day whose consequences may be life or death. These
personnel need better policy guidance to know what is expected
of them, better technology, resources, and training to navigate
the ever-expanding flow of intelligence information. They also
deserve our gratitude.
Thank you.
[The prepared statement of Mr. Winter follows:]
Prepared Statement of Douglas E. Winter
September 14, 2012
I first want to express, on behalf of Judge William H. Webster and
my fellow Commissioners, our profound sympathy for the victims of the
Fort Hood tragedy, their loved ones, families, and friends. Their loss
is unimaginable. It is also America's loss.
I also want to acknowledge the honor and privilege of working with
Judge Webster. He is one of America's most distinguished public
servants--a former U.S. Navy officer, U.S. Attorney, U.S. District
Judge, U.S. Circuit Judge, Director of the Federal Bureau of
Investigation, and Director of the Central Intelligence Agency. He is
also an inspiration, a mentor, and a friend.
In January 2010, Judge Webster asked me to join his independent
investigation of the Federal Bureau of Investigation. At that time, we
discussed the extraordinary scope of the Terms of Reference set out by
FBI Director Robert S. Mueller III. We did not know then that our
assignment would evolve and expand. We knew only the essential factual
background, which I now describe.
background
On December 17, 2008, U.S. Army Major Nidal Malik Hasan visited the
website of radical Islamic cleric Anwar Nasser al-Awlaki (sometimes
spelled ``Awlaki''). He sent a message to al-Awlaki. He sent another on
January 1, 2009. The FBI Joint Terrorism Task Force (JTTF) in the San
Diego Field Office, which led the FBI investigation of al-Awlaki,
acquired the messages. An FBI Special Agent (SD-Agent) and Analyst (SD-
Analyst) reviewed the messages. Concerned by the content of the first
message and implications that the sender was a U.S. military officer,
SD-Agent set leads to the JTTF in the Washington, DC, Field Office
(WFO) and to FBI Headquarters on January 7, 2009.
Fifty days later, a WFO Supervisory Special Agent (WFO-SSA) read
the lead and assigned it to a Defense Criminal Investigative Service
(DCIS) Special Agent who served on the JTTF (WFO-TFO). Ninety days
later, on May 27, 2009, WFO-TFO conducted an investigative assessment
of Hasan, who worked as a psychiatrist at Walter Reed Army Medical
Center. WFO-TFO queried certain FBI and Department of Defense (DoD)
databases and reviewed the limited set of Army personnel records
available to him. In the mean time, San Diego had acquired and reviewed
12 additional messages and emails from Hasan to al-Awlaki and two
emails from al-Awlaki to Hasan. San Diego did not connect these
communications to the lead.
WFO-TFO did not know about or review these additional
communications. WFO's assessment concluded that Hasan was not
``involved in terrorist activities.'' San Diego advised WFO that its
assessment was ``slim.'' Neither JTTF took further action. Hasan sent
his last message to al-Awlaki on June 16, 2009. al-Awlaki did not
respond.
In July 2009, the Army assigned Hasan to Fort Hood, Texas. In
October 2009, the Army notified Hasan that he would be deployed to
Afghanistan. On November 5, 2009, Hasan entered the Fort Hood
deployment center carrying two handguns. He shouted ``Allahu Akbar!''--
Arabic for ``God is great!''--and opened fire, killing 12 U.S. soldiers
and one DoD employee, and injuring as many as 43 others.
This bare-bones summation veils an intricate and complex factual
background.
The FBI conducted an internal investigation of how San Diego and
WFO handled the Hasan-al-Awlaki communications. The FBI took specific
steps to improve its ability to deter and detect threats like Hasan.
Director Mueller determined that an additional, independent
investigation of the FBI's actions was appropriate.
the webster commission's investigation
Judge Webster's written statement provides the subcommittee with an
overview of our lengthy and detailed investigation, our findings, and
our recommendations as set forth in the Final Report of the William H.
Webster Commission on the Federal Bureau of Investigation,
Counterterrorism Intelligence, and the Events at Fort Hood, Texas on
November 5, 2009.
To fulfill Director Mueller's Terms of Reference, the Commission
conducted inquiries into violent radicalization; the FBI's Joint
Terrorism Task Force Program; the FBI's governing authorities; the
FBI's information technology and document review infrastructure; the
FBI's investigation of al-Awlaki; the FBI's assessment of Hasan; and
the FBI's pre- and post-Fort Hood data holdings on Hasan.
Our analysis of the FBI's actions addressed knowledge and
information sharing; ownership of the Hasan lead; WFO's assessment of
Hasan; the FBI's information technology and review workflow; and
training. Director Mueller also asked us to assess the FBI's remedial
actions in the aftermath of the shootings, and to analyze whether the
FBI's governing authorities strike an appropriate balance between
protecting individual privacy rights and civil liberties and detecting
and deterring threats such as that posed by Hasan. The investigation
did not probe the shootings, which are the subject of a U.S. Army-led
inquiry and military criminal proceeding against Hasan.
Director Mueller promised, and the FBI provided, full cooperation
and support. No request was denied. No question went unanswered. The
Commission had personal contact with more than 100 FBI Agents,
Analysts, and Task Force Officers assigned to investigate al-Qaeda and
other organizations linked with violent Islamic extremism. We spent
many days in interviews, briefings, operational meetings, and
conversations with personnel from at least 7 different Field Offices/
JTTFs, FBI Headquarters, and the National Counterterrorism Center. We
conducted a lengthy ``no limits'' field visit with a WFO
counterterrorism unit of our choice that was not involved in the Hasan
matter. We had direct access to the FBI's computer systems and to all
personnel involved in the events at issue.
The Commission found shortcomings in FBI policy guidance,
technology, information review protocols, and training. I summarize our
analysis here. I caution the reader, however, against reaching
conclusions based solely on this summary, which lacks the factual and
analytical context of the Final Report. I also emphasize that we could
not base our analysis on what we learned about Hasan or al-Awlaki on
and after November 5, 2009. Our review was based on information known
or available to the FBI at the time the actions were taken in the
context of the FBI's then-existing policies and procedures, operational
capabilities, and technological environment. Finally, we recognized our
limited ability to predict what might have happened if different
policies or procedures were in effect or personnel had made different
decisions or taken different actions. We chose not to speculate. We
examined instead the reasonableness of what did happen, in order to
identify and recommend, when appropriate, better and corrective
policies and procedures for the future.
analysis of fbi actions
I. Knowledge and Information Sharing
A. The FBI's Understanding of Violent Radicalization
The FBI's understanding of violent radicalization is consistent
with the contemporary views of the psychiatric community. Before the
events at issue, the FBI had provided training on its radicalization
model to Agents, Analysts, and Task Force Officers, including all
personnel involved in the Hasan assessment. That training has expanded
in the aftermath of the Fort Hood shootings.
B. The FBI's Knowledge About Anwar al-Awlaki
In early 2009, the FBI knew Anwar al-Awlaki as an English-speaking,
anti-American, radical Islamic cleric and the subject of an FBI
counterterrorism investigation. San Diego believed that al-Awlaki was
developing ambitions beyond radicalization. WFO viewed him as merely
inspirational. The FBI's full understanding of al-Awlaki's operational
ambitions developed only after the attempted bombing of Northwest
Airlines Flight 253 on Christmas day 2009.
C. The FBI's Knowledge About Nidal Malik Hasan
Our searches of the FBI's data holdings confirmed that San Diego's
lead contained all of the FBI's actionable knowledge about Hasan as of
January 7, 2009. The FBI's knowledge grew, or should have grown, over
the next 5 months as San Diego acquired and reviewed 14 further
messages from Hasan to al-Awlaki and two emails from al-Awlaki to
Hasan. That knowledge also grew, or should have grown, as WFO conducted
its assessment of Hasan on May 27, 2009, and San Diego reviewed that
assessment in June 2009.
D. Information Sharing
The FBI did not share the Hasan information with any DoD employees
other than DCIS and NCIS personnel assigned to the San Diego and WFO
JTTFs.
Notice of the Hasan Assessment.--Prior to Fort Hood, FBI Field
Offices informally shared information with DoD on a regular basis about
counterterrorism assessments or investigations of members of the U.S.
military, DoD civilian personnel, and others with known access to DoD
facilities. However, there was no formal procedure or requirement to
advise DoD about these assessments and investigations.
When San Diego set the lead to WFO, the FBI did not know whether
the sender of the messages was a U.S. Army officer. In conducting its
assessment of Hasan, WFO identified Hasan as a military officer but
decided not to contact his chain of command. WFO's assessment concluded
that Hasan was not involved in terrorist activities. Under these
circumstances, the failure of either JTTF to advise DoD about the
assessment was not unreasonable. However, the absence of a formal
policy on notifying DoD of assessments or investigations of its
personnel was unreasonable.
The Decision Not to Issue an Intelligence Information Report.--FBI
policy is to share intelligence when dissemination has the potential to
protect the United States against threats to National security or
improve the effectiveness of law enforcement. San Diego decided not to
issue an Intelligence Information Report (IIR) to DoD and other U.S.
intelligence community members because of a mistake in interpreting
Hasan's Defense Employee Interactive Data System (DEIDS) record. A DCIS
Agent assigned to the San Diego JTTF (SD-TFO3) read the DEIDS
abbreviation ``Comm Officer'' to mean ``Communications Officer'' rather
than ``Commissioned Officer.'' SD-Agent, who led the al-Awlaki
investigation, thus believed that, if the sender was in fact Hasan, he
might have access to IIRs. To protect the al-Awlaki investigation, he
decided not to issue an IIR.
SD-TFO3's misinterpretation of the DEIDS record was understandable;
others had made the same mistake. WFO's response to San Diego corrected
this mistake and identified Hasan as an Army physician. Given WFO's
identification of Hasan and its assessment that he was not involved in
terrorist activities, San Diego had no reason to revisit the question
of issuing an IIR.
II.Ownership of the Lead
The FBI's operational actions suffered from a lack of clear
ownership of the Hasan lead. After setting the lead, San Diego believed
that WFO was responsible for Hasan. WFO acted as if San Diego were
responsible. The confusion resulted from the nature of Discretionary
Action leads, a lack of policy guidance, the differing investigative
interests of San Diego and WFO, a lack of priority, a misguided sense
of professional courtesy, undue deference to military TFOs, and an
inversion of the chain of command.
A. FBI Policy and Practice
In 2009, no FBI written policy established ownership of interoffice
leads. In FBI practice, the receiving office was responsible for taking
action in response to the lead and determining what, if any, additional
investigative steps were warranted.
B. The Leads
San Diego's primary purpose in conducting the al-Awlaki
investigation was to gather and, when appropriate, disseminate
intelligence about him. The ``trip wire'' effect of the investigation
in identifying other persons of potential interest was, in SD-Agent's
words, a ``fringe benefit.''
SD-Agent set a Routine Discretionary Action lead to WFO and an
Information-Only lead to FBI Headquarters that included Hasan's
messages. The messages contained no suggestion of imminent violence and
no overt threat. Because the lead did not demand action within 24
hours, FBI policy required SD-Agent to set a Routine lead. Because FBI
practice was to give the receiving office discretion in assessing
potential threats in its Area of Responsibility, the lead was ``[f]or
action as deemed appropriate.''
The decision to set a Routine Discretionary Action lead was
reasonable under the circumstances and existing policies. The follow-
up, however, was not adequate.
C. The Response
San Diego set the lead on January 7, 2009. At that time, there was
no formal policy guidance on the assignment or resolution of Routine
leads. The timing of assignments depended on the practice of the
receiving supervisor.
At WFO, the receiving Supervisory Special Agent (WFO-SSA) did not
read and assign the lead until February 25, 2009, nearly 50 days after
the lead was set.
No formal FBI policy set a deadline for the completion of work on
Routine leads. Because file reviews occur on a quarterly basis,
informal FBI policy required personnel to complete work on Routine
leads within 90 days of assignment.
WFO-SSA assigned the lead to a DCIS Agent detailed to the JTTF
(WFO-TFO). WFO-TFO waited 90 days--until May 27, 2009, the day his work
on the lead was supposed to be completed--to read it and take action.
The 90-day delay in even reading the lead, let alone taking action, was
unreasonable. That delay may have affected the shape, scope, and
outcome of WFO's assessment of Hasan, which took place in 4 hours on
that 90th day.
Five months passed before WFO responded to San Diego's lead. The
delay pushed Hasan further from the minds of SD-Agent and SD-Analyst,
and may have contributed to their failure to connect other Hasan
communications with the lead.
D. The Impasse
Although the lead identified a potential threat in the Washington,
DC, area, WFO-SSA and WFO-TFO treated Hasan as part of San Diego's
investigation of al-Awlaki. This perspective appears to inform their
apprehension about interviewing Hasan and conducting a more expansive
assessment without first checking with San Diego. Yet WFO declined to
take further action even after San Diego criticized the assessment as
``slim,'' and instead offered to ``re-assess'' if San Diego,
``request[ed] any specific action.''
E. Deference to Military Task Force Officers
SD-Agent engaged DCIS and NCIS Task Force Officers (TFOs) in San
Diego in researching Hasan's military status and deciding whether to
circulate an IIR. Those actions were reasonable and prudent.
Interagency synergy is a prime reason for the JTTF Program.
That synergy weakens, however, when TFOs assume sole responsibility
for investigating members of their own departments or agencies. WFO-
SSA's assignment of the lead to WFO-TFO had practical advantages. As a
DCIS Agent, WFO-TFO had access to DoD resources and databases that were
not available to the FBI. He also had an insider's knowledge of DoD
practices and procedures that could prove vital to an assessment of a
service member. However, he also brought the subjectivity of an insider
to the assessment. That subjectivity may have caused undue deference to
the Army chain of command and undue concern about the potential impact
of an interview on Hasan's military career, which appear to have driven
the decision not to interview Hasan or contact his superiors.
F. An Inverted Chain of Command
The JTTF synergy also weakens when the FBI looks to TFOs to resolve
disputes between offices. Here, after SD-Agent reviewed WFO's response
to the lead, he asked SD-TFO3 to contact WFO-TFO, DCIS Agent to DCIS
Agent.
SD-Agent should have called WFO-SSA. If they could not resolve
matters, SD-Agent should have raised the dispute up the FBI chain of
command to his supervisor, who could have reviewed the matter and
contacted WFO-SSA's supervisor. If disagreement continued, the
supervisors could have turned to FBI Headquarters for resolution. This
is how the FBI has routinely handled interoffice disputes and
disagreements, but only as a matter of unofficial policy.
G. The Lack of Formal Policies
The lack of formal policy guidance defining ownership of this lead
and requiring elevation of interoffice disputes caused or contributed
to a situation in which two JTTFs effectively disowned responsibility
for the lead--each believing that the other office was responsible.
That belief affected, in turn, each JTTF's sense of priority when it
came to the assessment, the search for additional Hasan-al-Awlaki
communications, and how the conflict between the offices should be
resolved.
III. The Assessment
WFO-SSA and WFO-TFO erred in the process they followed to conclude
that Hasan's communications with al-Awlaki were benign and acceptable.
They also erred in failing to search the database in which electronic
communications were stored, if only to determine whether al-Awlaki had
replied to Hasan's messages. Their assessment of Hasan was belated,
incomplete, and rushed, primarily because of their workload; the lack
of formal policy setting deadlines for the assignment and completion of
Routine counterterrorism assessments; WFO-TFO's lack of knowledge about
and training on DWS-EDMS; the limited DoD personnel records available
to WFO-TFO and other DoD TFOs; and the delay in assigning and working
on the lead, which placed artificial time constraints on the
assessment.
A. The Records Check
WFO-TFO assessed Hasan using the limited Army Electronic Personnel
File that WFO-TFO had authority to access. Those records praised
Hasan's research on Islam and the impact of beliefs and culture on
military service, and showed that he held a security clearance and had
been promoted to Major weeks earlier. WFO-TFO thus believed--and WFO-
SSA agreed--that the Army encouraged Hasan's research and would approve
of his communications with al-Awlaki.
Based on this simple records check, those conclusions may have been
reasonable. Hasan's two messages solicited Islamic opinions. He made no
attempt to disguise his identity and used an email address that
revealed his proper name.
The Army records available to WFO-TFO did not present a complete or
accurate picture of Hasan. Indeed, their contents were misleading. WFO-
TFO--and, in turn, the FBI--did not have access to the disturbing
contents of Hasan's personal files at Walter Reed Army Medical Center
and the Uniformed Services University of Health Sciences.
Despite the Army's interest in Hasan's research, his communications
with an inspirational and potentially operational radicalizer under FBI
investigation deserved scrutiny beyond a simple records check.
Regardless of the contents of his Electronic Personnel File, the lead
warranted a closer look at Hasan.
B. The Decision Not to Interview Hasan
The decision not to interview Hasan was flawed. WFO-TFO and WFO-SSA
believed that an interview could jeopardize the al-Awlaki investigation
by revealing the FBI's access to Hasan's messages. This explanation is
not persuasive. FBI Agents talk to subjects and assess threat levels
every day without explaining the source of their knowledge.
WFO-TFO and WFO-SSA also concluded, from the records check, that
Hasan was not ``involved in terrorist activities.'' As a result, they
believed that an interview and contact with Hasan's chain of command
might jeopardize his military career, contrary to the FBI's ``least
intrusive means'' requirement. Under that requirement, an investigative
technique (for example, a records check or interview) may be used if it
is the least intrusive feasible means of securing the desired
information in a manner that provides confidence in the information's
accuracy.
The fact that messages to a radical imam appear to be benign
academic inquiries does not answer the question of whether Hasan was a
threat. The ``least intrusive means'' requirement did not prohibit
further inquiry into that question, but would require a careful
balancing of the competing interests of assessing a potential threat
and minimizing potential harm to the subject of the assessment.
Moreover, when San Diego expressed doubts about WFO's assessment,
the calculus of the least intrusive means requirement should have
changed. The next-least intrusive means (for example, an interview)
could have been used to resolve any doubts about the messages and
provide more confidence in the accuracy of the information supporting
WFO's conclusion.
C. The Failure to Search for Additional Messages
WFO-TFO did not even know that DWS-EDMS, the database in which the
Hasan-al-Awlaki communications were stored, existed until after the
Fort Hood shootings. As a result, WFO-TFO searched only databases known
to him and did not find any of the later messages. After receiving
WFO's assessment, which stated incorrectly that WFO had searched all
FBI databases, San Diego did not search DWS-EDMS for additional
messages acquired during the intervening 5 months.
The failure to search for additional messages appears to have had
significant ramifications. That search, if performed on May 27, 2009,
the date of WFO's assessment, would have returned 12 additional
communications from Hasan and al-Awlaki's two emails to Hasan. Although
none of the messages contained a suggestion of imminent violence or an
overt threat, the additional messages could have undermined the
assumption that Hasan had contacted al-Awlaki simply to research Islam.
The failure to search for additional messages resulted primarily
from the FBI's failure to provide TFOs with training on DWS-EDMS and
other FBI databases, the search and information management limitations
of DWS-EDMS, the lack of ownership of the Hasan lead, the lack (at that
time) of a baseline collection plan, and the absence of the type of
initiative that Agents, Analysis, and TFOs should be encouraged to
take, particularly when confronted with dissonant information or an
interoffice dispute.
D. Workload and the Lack of Formal Policies
The nearly 50-day delay in the assignment of the lead and the 90-
day delay in taking action on the lead suggest that WFO-SSA and WFO-TFO
were overburdened. That underscores the importance of formal policy
direction that allows personnel to understand, prioritize, and manage
their workloads.
The absence of formal policy guidance setting deadlines for
assignment and resolution of Routine counterterrorism leads and
establishing a baseline for information to be collected in
counterterrorism assessments caused or contributed to an assessment of
Hasan that was belated, incomplete, and rushed.
IV. Information Technology and Review
A crucial lesson of Fort Hood is that the information age presents
new and complex counterterrorism challenges for the FBI. Diverse and
ever-growing waves of electronic information confront its law
enforcement and intelligence-gathering activities. Emerging
technologies demand changes in the ways that the FBI acquires, stores,
reviews, organizes, manages, disseminates, and acts on intelligence.
The actions of the Agents, Analysts, and Task Force Officers who
handled the Hasan information cannot be judged fairly or accurately
without an understanding of their working environment--and, in
particular, their technological environment. Our investigation revealed
that the FBI's information technology and review protocols were, then
and now, less than adequate for fulfilling the FBI's role as the
premier U.S. intelligence and law enforcement agency combating domestic
terror.
A. Information Technology Limitations
DWS-EDMS, the primary database under review, is a capable tool that
lacks the modern hardware infrastructure needed to fulfill and preserve
its crucial functionality. The relatively aged server configuration for
DWS-EDMS and its ever-increasing data storage demands, coupled with
ever-increasing use, create issues that we witnessed in our hands-on
use of the system. DWS-EDMS also lacks a ``live'' or ``failover''
disaster recovery backup.
B. Information Review Workflow
In examining San Diego's review of the information acquired in the
al-Awlaki investigation, we identified serious concerns about the
available technology and two interrelated concerns about human actions:
Questionable decisions in reviewing certain communications and the
failure to relate subsequent messages to the lead.
The DWS-EDMS collection presented, in SD-Analyst's words, a
``crushing volume'' of information. We were unable to assess the
reasonableness of San Diego's review decisions and tracking of messages
outside the context of the nearly 20,000 other al-Awlaki-related
electronic documents that SD-Agent and SD-Analyst reviewed prior to
Hasan's final message on June 16, 2009.
We found, however, that the FBI's information technology and
document review workflow did not assure that all information would be
identified and managed correctly and effectively in DWS-EDMS because of
a confluence of factors: (1) The humanity of the reviewers; (2) the
nature of language; (3) the ``crushing volume'' of the al-Awlaki
information; (4) the workload; (5) limited training on the databases
and search and management tools; (6) antiquated and slow computer
technology and infrastructure; (7) inadequate data management tools;
(8) the inability to relate DWS-EDMS data easily, if at all, to data in
other FBI stores; and (9) the absence of a managed quality control
regime for review of strategic collections.
The Final Report discusses each of these factors in detail (see
Chapters 4-6 and 11). The confluence of these diverse human and
technological factors forced SD-Agent and SD-Analyst to review, using a
linear, forward-looking workflow, each of the Hasan-al-Awlaki
communications in isolation as 18 of the nearly 8,000 electronic
documents that they reviewed between December 18, 2008, and June 16,
2009, the dates of Hasan's first and last messages to al-Awlaki. That
workflow encouraged anticipatory review, analysis, and identification
of products, but discouraged reflection, connectivity, and
retrospective review and analysis. The operational and technological
context in which SD-Agent and SD-Analyst worked, not their actions as
reviewers, was unreasonable.
C. Data Aggregation
FBI Agents, Analysts, and Task Force Officers regularly consult
many databases in the performance of their duties. In 2009, with few
exceptions, users accessed each database using a discrete interface,
password, and search engine. Our investigation found that planning for
enterprise data aggregation, and consolidating and conforming the
contents of these diverse databases, are vital to the FBI's ability to
respond to the threat of terrorism.
assessment of fbi remedial actions
At Director Mueller's request, Part Three of the Final Report
assessed the changes to FBI policies, operations, and technology that
resulted from its own internal review and subsequent events. We applaud
these steps, which are outlined in Exhibit B.
analysis of the fbi's governing authorities
A. Existing Authorities
After an extensive review of the FBI's governing authorities (see
Chapter 3), we asked representatives of Congressional oversight staff
(the Majority and Minority staffs of the Senate and House Judiciary and
Intelligence Committees) and public interest groups (the American Civil
Liberties Union and the American Enterprise Institute) to identify
their concerns abut the impact of the governing authorities on privacy
rights and civil liberties.
Part Four of the Final Report assesses those concerns. We concluded
that existing authorities balance the FBI's responsibility to detect
and deter terrorism with protection of individual privacy rights and
civil liberties. We believe, however, that the FBI should monitor and
report on its use of investigative techniques that raise concern
through the Office of Inspection and Compliance, Inspection Division,
and National Security Division. The FBI should modify or abandon
policies and protocols that prove unacceptably harmful to privacy
rights or civil liberties.
B. Additional Authorities
We interviewed a broad range of FBI personnel involved in
counterterrorism work; former FBI and other U.S. intelligence community
personnel; and members of the Majority and Minority staff of the
Congressional Judiciary and Intelligence Committees. Although we
received a number of recommendations, we identified, but took no
position on, two legislative actions that the FBI could propose to
improve its ability to deter and detect terrorist threats.
The Communications Assistance for Law Enforcement Act.--The FBI
believes that amending the Communications Assistance for Law
Enforcement Act (CALEA) (1994), 47 U.S.C. � 1001 et seq., is an
immediate priority. Congress enacted CALEA to assure that law
enforcement obtains prompt and effective access to communications
services when conducting a lawful electronic surveillance. The statute
recognizes that surveillance may be difficult, if not impossible,
absent an existing level of capability and capacity on the part of
communications service providers. The threat to our National security--
increasingly explicit in FBI investigations--is that service providers
using new technologies often lack that capability and capacity.
Administrative Subpoena Authority.--The FBI's counterterrorism
authorities are not as robust, definitive, and consistent as its law
enforcement authorities. The FBI has the authority to issue
administrative subpoenas in narcotics, child-abuse, and child-
exploitation investigations, but not in counterterrorism
investigations. This inconsistency is noteworthy, although we recognize
that counterterrorism investigations may implicate potential risks to
civil liberties and privacy interests in ways that traditional law
enforcement investigations do not.
recommendations
We made 18 formal recommendations for corrective and enhancing
measures on matters ranging from FBI policies and operations to
information systems infrastructure, review protocols, and training.
Exhibit A summarizes those recommendations. We also assessed whether
any administrative action should be taken against any employee involved
in this matter, and we concluded that administrative action was not
appropriate.
We recognize that the FBI has continued to evolve as an
intelligence and law enforcement agency in the aftermath of Fort Hood
and in furtherance of internal and external recommendations that
followed, including the Special Report of the Senate Committee on
Homeland Security and Governmental Affairs (February 3, 2011). To the
extent our Recommendations may parallel or implicate actions and
initiatives proposed internally or by others, they should not be read
to suggest that the FBI has not been diligent in pursuing those actions
and initiatives, but to underscore their importance.
conclusion
In the words of our Final Report: ``We conclude that, working in
the context of the FBI's governing authorities and policies,
operational capabilities, and the technological environment of the
time, FBI and Joint Terrorism Task Force personnel who handled relevant
counterterrorism intelligence information made mistakes. We do not
find, and do not suggest, that these mistakes resulted from intentional
misconduct or the disregard of duties. Indeed, we find that each
Special Agent, Intelligence Analyst, and Task Force Officer who handled
the [intelligence] information acted with good intent. We do not find,
and do not believe, that anyone is solely responsible for mistakes in
handling the information. We do not believe it would be fair to hold
these dedicated personnel, who work in a context of constant threats
and limited resources, responsible for the tragedy at Fort Hood.'' We
concluded instead that ``these individuals need better policy guidance
to know what is expected of them in performing their duties, and better
technology, review protocols, and training to navigate the ever-
expanding flow of intelligence information.'' We also concluded that
the FBI should continue to focus on compliance monitoring and the
oversight of authorized investigative techniques that may affect
privacy rights and civil liberties.
EXHIBIT A
summary of webster commission recommendations
Policies
A.1: A Formal Policy on Counterterrorism Command-and-Control Hierarchy
A.2: A Formal Policy on the Ownership of Counterterrorism Leads
A.3: A Formal Policy on Elevated Review of Interoffice Disagreements in
Counterterrorism Contexts
A.4: A Formal Policy on the Assignment and Completion of Routine
Counterterrorism Leads
A.5: A Formal Policy on Counterterrorism Leads Assigned to JTTF Task
Force Officers
A.6: A Formal Policy on the FBI Clearinghouse Process for
Counterterrorism Assessments and Investigation of Law Enforcement
Personnel
A.7: A Formal Policy on the FBI Clearinghouse Process for
Counterterrorism Assessment and Investigation of Other Government
Personnel
Operations
B.1: Continued Integration of Intelligence Analysts into Operations
Information Technology and Review
C.1: Expedite Enterprise Data Management Projects
C.2: Expand and Enhance the Data Integration and Visualization System
C.3: Acquire Modern and Expanded Hardware for DWS-EDMS
C.4: Acquire Advanced Information Search, Filtering, Retrieval, and
Management Technologies
C.5: Adopt Managed Information Review Protocols for Strategic
Collections and OtherLarge-Scale Data Collections
Governing Authorities
D.1: Increase Office of Integrity and Compliance (OIC) and Inspection
Division Compliance Reviews and Audits
D.2: Assure Strict Adherence to Policies That Ensure Security for
Information That Lacks Current Investigative Value
D.3: The FBI's National Security letter, Section 215 Business Record,
Roving Wiretap, and ``Lone Wolf'' Authorities Should Remain in Effect
D.4: Update Attorney General Guidelines Affecting Extra-Territorial
Operations
Training
E.1: Train Task Force Officers on FBI Databases Before They Join Joint
Terrorism Task Forces
EXHIBIT B
summary of fbi remedial actions
Information Sharing
(1) FBI-DoD Clearinghouse Process for Counterterrorism Assessments and
Investigations of Military Personnel
(2) Consolidation of FBI-DoD Memoranda of Understanding on Information
Sharing, Operational Coordination, and Investigative Responsibilities
Operations
(1) Discontinuance of ``Discretionary Action Leads''
(2) Counterterrorism Baseline Collection Plan
(3) Triggers for Assessments/Investigations
(4) Decisions to Close Certain Investigations of DoD Personnel
(5) Identification and Designation of Strategic Collections
Technology
(1) Automatic Linking of Email Data
(2) Automatic Flagging of Certain Email Data
(3) Flagging DWS-EDMS Activity Across Cases
(4) Workload Reduction Tools
(5) DWS-EDMS September 2011 Release
Training
(1) Virtual Academy
(2) Classroom Training
(3) Database Training
THE WILLIAM H. WEBSTER COMMISSION ON THE FEDERAL BUREAU OF
INVESTIGATION, COUNTERTERRORISM INTELLIGENCE, AND THE EVENTS AT FORT
HOOD, TEXAS, ON NOVEMBER 5, 2009
The Honorable William H. Webster, Chair
commissioners
Douglas E. Winter, (BRYAN CAVE LLP), Deputy Chair and Editor-in-Chief
Adrian L. Steel, Jr., (MAYER BROWN LLP), Governing Authorities Liaison
William M. Baker, (former FBI Assistant Director, CRIMINAL
INVESTIGATIVE DIVISION)
Russell J. Bruemmer, (WILMER HALE)
Kenneth L. Wainstein, (CADWALADER, WICKERSHAM & TAFT LLP)
adjutant
Stephen J. Cox, (APACHE CORPORATION)
associates
George F. Murphy, (BRYAN CAVE LLP)
Margaret-Rose Sales, (MAYER BROWN LLP)
Mr. McCaul. Thank you, Mr. Winter.
The Chairman now recognizes Professor Manji for her
testimony.
STATEMENT OF ISHRAD MANJI, DIRECTOR, MORAL COURAGE PROJECT, NEW
YORK UNIVERSITY
Ms. Manji. Thank you.
Good morning. My name is Irshad Manji, and I am here in my
capacity as founder and director of the Moral Courage Project.
Before I formally begin, allow me also to express my
sympathy to those, both American and not, who have been
victimized by this week's violence in Libya, Egypt, and now
Yemen.
Housed in the Wagner School of Public Service, the Moral
Courage Project teaches people worldwide to speak up when
others, frankly, want to shut them up. We are motivated not
just to break silences but also to combat the abuse of power,
in other words the corruption, that comes from the fear of
speaking out. This means understanding why silences develop in
the first place, which brings me to the question that concerns
our hearing.
Let me be clear: I do not know if one or more FBI officers
intentionally withheld information about Major Nidal Malik
Hasan. But personal experiences leave me skeptical about
whether the standard bearers of National security are willing
to share vital information, whether with the public or with
each other.
I will give you a couple of examples in a moment. First,
let me address why I would have personal experiences on this
front. The reason is I am a devoted Muslim who loves God; and,
because I love God, I speak up whenever anybody uses Islam to
violate all of our God-given liberties and human rights.
As refugees from East Africa, my family and I settled on
the West Coast of Canada; and there I grew up attending two
types of schools, the multi-racial, multi-faith public school,
and then every Saturday, for several hours at a stretch, the
Islamic religious school, the madrassa.
At madrassa, I asked candid questions. For instance, why
can't Muslims take Jews and Christians as friends? At the age
of 14, having asked one too many of these questions, I got
booted out of the madrassa. But as I have had to assure my
mortified mother more than once, leaving madrassa does not mean
leaving Allah.
I decided to study Islam on my own and discovered that
there is an Islamic tradition of questioning, of
reinterpreting, and even of dissenting with the clerics. It is
this tradition that empowers me to reconcile my faith with
freedom. All of which puts me and my team on the receiving end
of death threats and actual violence not just in Muslim-
majority countries but also in this part of the world. That is
why I have first-hand experience with some of the inner
workings of National security. That is how I have come to
observe the censorship that plagues many good people, people to
whom we do owe gratitude and whose mission is to protect the
public.
In my remaining time, I would like to share two stories.
Although the first takes place in Canada, of which I remain a
citizen, it foreshadows the second story, which takes place in
the United States, where I now live and work.
In June, 2006, Canadian police arrested young Muslims for
plotting to blow up Parliament and behead the Prime Minister.
The Toronto 17, as they came to be known, called their campaign
Operation Badr, B-a-d-r, Badr. Operation Badr is a tribute to
the battle of Badr, the first decisive military victory by
Prophet Mohammed.
Now, police knew that religious symbolism helped inspire
the Toronto 17. Still, at the press briefing to announce those
arrests, police did not mention the words Muslim or Islam.
At their second meeting with the press, police boasted,
bragged about avoiding the words Muslim and Islam, again
despite knowing that Operation Badr had been organized in the
name of Islam.
Three months later, at a police conference, I raised my
concern about the silence. After my plea for honesty, several
law enforcement insiders, independent of each other, confided
to me that the lawyers prevented these authorities from
publicly uttering the words Muslim and Islam.
As for my experiences in the United States, here is a
concrete one. In 2009, I received media calls about David
Headley, a U.S. citizen who helped plan the terrorist attacks
on Bombay in 2008, in other words, the year before. Apparently,
Mr. Headley had named me among his targets, too. Journalists
wanted to know how that made me feel. You can guess my
response.
What made me feel worse, though, was that these media calls
came in a full day before any National security officials got
in touch. Somehow, somewhere their chain of communication had
broken down.
The research on institutional silos and silence suggests
multiple forces at play. But the antidote to all of these
forces is moral courage, the willingness to speak up when
others want to shut you down.
I thank you for this invitation and, unlike my madrassa
teacher, I welcome your questions.
[The prepared statement of Ms. Manji follows:]
Prepared Statement of Irshad Manji
September 14, 2012
My name is Irshad Manji. I am here in my capacity as founder and
director of the Moral Courage Project at New York University.
Housed in the Wagner School of Public Service, the Moral Courage
Project teaches people worldwide to speak up when others want to shut
them up. We are motivated not just to break silences, but also to
combat the abuse of power--the corruption--that comes from the fear of
speaking out.
This means understanding why silences develop in the first place,
which brings me to the question that concerns our hearing.
Let me be clear: I do not know if one or more FBI officers
intentionally withheld information about Major Nidal Malik Hasan. But
personal experiences leave me skeptical about whether the standard-
bearers of National security are willing to share vital information,
whether with the public or with each other.
I will give you a couple of examples in a moment. First, allow me
to address why I would have personal experiences on this front. The
reason is: I am a devoted Muslim who loves God, and because I love God,
I speak up whenever Muslims use Islam to violate our God-given liberty
and human rights.
As refugees from East Africa, my family and I settled on the West
Coast of Canada. There, I grew up attending two types of schools--the
multi-racial, multi-faith public school and then, every Saturday, for
several hours at a stretch, the Islamic religious school (madressa). At
madressa, I asked candid questions. For instance, why can't Muslims
take Jews and Christians as friends?
At the age of 14, having asked one too many of these questions, I
got booted out of madressa. But as I had to assure my mortified
mother--more than once--leaving madressa does not mean leaving Allah.
I decided to study Islam on my own, and discovered that there is an
Islamic tradition of questioning, re-interpreting, and even dissenting
with the clerics. It is this tradition that empowers me to reconcile my
faith with freedom.
All of which puts me and my team on the receiving end of death
threats--and actual violence--not just in Muslim-majority countries,
but also in this part of the world. That is why I have first-hand
experience with some of the inner workings of National security.
And that is how I have come to observe the censorship that plagues
many good people whose mission is to protect the public.
In my remaining time, I would like to share two stories. Although
the first takes place in Canada, of which I remain a citizen, it
foreshadows the second story, which takes place in the United States,
where I now work and live.
In June 2006, Canadian police arrested young Muslims for plotting
to blow up Parliament and behead the Prime Minister. The ``Toronto
17,'' as they came to be known, called their campaign, Operation Badr.
This title is a tribute to the Battle of Badr, the first decisive
military victory by Prophet Muhammad.
Police knew that religious symbolism helped inspire the Toronto 17.
Still, at the press briefing to announce those arrests, police did not
mention the words ``Muslim'' or ``Islam.''
At their second meeting with the press, police boasted about
avoiding the words ``Muslim'' and ``Islam''--again, despite knowing
that Operation Badr had been organized in the name of Islam.
Three months later, at a police conference, I raised my concern
about this silence. After my plea for honesty, several law enforcement
insiders, independent of each other, confided to me that lawyers
prevented authorities from publicly uttering the words ``Muslim'' and
``Islam.''
As for my experiences in the United States, here is a concrete one:
In 2009, I received media calls about David Headley, a U.S. citizen who
helped plan the terrorist attacks on Bombay the year before.
Apparently, Mr. Headley had named me among his targets. Journalists
wanted to know how that made me feel. You can guess my response.
What made me feel worse was that these media calls came in a full
day before any National security officials got in touch. Somehow,
somewhere, their chain of communication had broken down.
The research on institutional silos--and silence--suggests multiple
forces at play. But the antidote to all of these forces is moral
courage: The willingness to speak up when others want to shut you up.
I thank you for this invitation and, unlike my madressa teacher, I
welcome your questions.
Mr. McCaul. Thank you, Professor, and we appreciate your
courage. Thank you for being here.
The Chairman now recognizes Mr. Leiter.
STATEMENT OF MICHAEL E. LEITER, FORMER DIRECTOR OF THE NATIONAL
COUNTERTERRORISM CENTER
Mr. Leiter. Mr. Chairman, Mr. Ranking Member, it is a
pleasure to be back. This is my first appearance before the
Congress outside of the Executive branch, and I have to say the
freedom is rather invigorating.
Today, I am actually appearing as a member of the Homeland
Security Project at the Bipartisan Policy Center. That is the
follow-on organization to the 9/11 Commission, led which the
very distinguished and talented Governor Tom Kean and
Congressman Lee Hamilton. Although, of course, also my comments
are really based on my time, over 4 years, as the head of the
National Counterterrorism Center, as well as serving in the
Navy and the Department of Justice.
Now, rather than spending my 5 minutes now going over
extensively where I think improvements have been made, I would
like to focus most of my comments on where I think there are
still challenges that the Congress and the Executive branch
faces over the next several years. But I do want to highlight,
because you are focused on a failure--Congressman McCaul, you
obviously noted the successes, and there really have been many,
and many of these successes we simply take for granted today:
The fact that we have a single, consolidated watch list at the
National Counterterrorism Center; the fact that we have
analysts and information systems from a variety of
organizations all in one place; the fact that we have 104 Joint
Terrorism Task Forces and fusion centers.
These are all--none of this is to say that the problems are
solved, but this is to say that the improvements are quite
tremendous. The tragedy of the 13 brave Americans who were lost
at Fort Hood can never be eliminated.
All that being said, that we have avoided large-scale
terrorist attacks in the United States and a total of 14
individuals have been killed in the United States in the past
11 years is, in my view, nothing short of remarkable. Tragic
that every one of those lives was lost but a record which I do
think that the Congress and the U.S. Government and our allies
can in fact be proud of.
Now, having accepted that not everything is right, I would
offer two caveats before I go into the areas where I think they
can be improved.
First, I think the Congress and the Executive branch must
be very careful not to conflate all information-sharing
problems as being the same. There is real sophistication in
this. What happened on Christmas day, an intelligence failure,
was one type of information challenge; and it is a very
different challenge from what happened at Fort Hood. I say that
because I think it is important to, as I say, get under the
hood, examine these with some specificity.
Second, I think this committee knows this well, but we have
to continue to remember that information sharing is not always
unmitigated good. We need look no father than WikiLeaks to
remember that, as we share information, we must also do it in a
way that not only protects privacy and civil liberties but
protects the security of that information.
I believe these two things can be reconciled, but we cannot
forget that there are dangers as well.
Very quickly, where do I see some opportunities and need
for improvement? I will divide it into five basic areas: Legal,
policy, budgetary, personnel, and technology.
First, on the legal front, I am a recovered lawyer, but I
will say there is probably no area in which I work in National
security where the legal landscape is a myriad of complicated,
conflicting statutes, and it is extremely difficult to ever
know how information can or cannot be shared. The burden that
that puts on operators and analysts, not to mention lawyers, is
tremendous.
Although I think the Foreign Intelligence Surveillance Act,
FISA, serves some very valuable purposes both for collection
and for protection of civil liberties, anything that Congress
can do to simplify that law, especially in an era of rapidly-
changing technology, would be critically important.
Second, on the policy front, I think it is important that
the Congress and the Executive branch work together to move
legal policies--pardon me, move information-sharing policies in
a far more rapid way than they move today. I think as a general
matter--and I say this having served in a Republican and
Democratic administration. I think as a general matter
administrations have gotten these policies right about how
information should be shared, but the pace at which these
discussions occur borders on the Biblical. In an era of
rapidly-evolving terrorist threats we cannot allow these
discussions to go on endlessly. The Congress must demand that
the Executive branch rapidly adopt policies, like the Attorney
General guidelines, to ensure there is effective information
sharing once laws are passed.
On the budgetary front, this committee knows quite well the
pressures that all of National security and State and local
governments will face in the coming years. We have spent an
enormous amount of money building Joint Terrorism Task Forces
and State and local fusion centers. In my view, although these
have done quite well, as we enter a more austere budgetary
period the Congress will have to look quite closely at how we
can rationalize and truly create a National system and not
simply a patchwork of entities.
Very quickly on the last two points, personnel and
technology, I think part of the failure at Fort Hood was
undoubtedly a thorough understanding among some well-
intentioned agents and officers about what were signs and
symptoms of radicalization in the population. This sort of
training must be continued; and, of course, training on the
tools that people already have must be increased.
Last, but not least, technology can help us here. We all
know that technology is not a panacea. But basic technological
tools which flag information for people allow uncorrelated
information to be shown to a variety of individuals,
information to be shared across security regimes amongst the
FBI, National Counterterrorism, Department of Defense, and the
like are absolutely critical. So it is not simply two agents
looking at an email trying to decide whether or not an
individual is radicalized, but we are actually taking full
advantage of the larger National security community. Technology
exists to do that today.
With that, Mr. Chairman, I welcome your questions. It is
very good to be back. I want to simply close on joining you on
your notes of condolences for the loss that we saw in Libya,
the losses that we see every day in Afghanistan, and the losses
that we suffered in Fort Hood.
[The prepared statement of Mr. Leiter follows:]
Prepared Statement of Michael E. Leiter
September 14, 2012
introduction
Mr. Chairman, Mr. Ranking Member, Members of the subcommittee: I am
pleased to have the opportunity to appear before you today. This
subcommittee has been at the center of ensuring that needed reform is
taking place in our Government. I am deeply grateful to you for your
sustained leadership in that effort. The subject of today's hearing,
``Lessons from Fort Hood: Why Can't We Connect the Dots to Protect the
Homeland?'' is of critical importance to National security.
Today, I appear in my capacity as a Task Force Member of the
Bipartisan Policy Center's Homeland Security Project, a successor to
the 9/11 Commission. Drawing on a strong roster of National security
professionals, the HSP works as an independent, bipartisan group to
monitor the implementation of the 9/11 Commission's recommendations and
address other emerging National security issues.
HSP includes the following membership:
Governor Thomas H. Kean, Former Governor of New Jersey;
Chairman of the 9/11 Commission; and Co-Chair of the Homeland
Security Project;
The Honorable Lee H. Hamilton, Former Congressman from
Indiana; Vice-Chair of the 9/11 Commission; and Co-Chair of the
Homeland Security Project;
Peter Bergen, Director, National Security Studies Program at
the New America Foundation;
Christopher Carney, Former Congressman from Pennsylvania and
Chair of the U.S. House Homeland Security Oversight Committee;
Stephen E. Flynn, Ph.D., Founding Co-Director of the George
J. Kostas Research Institute for Homeland Security and
Professor of Political Science at Northeastern University;
Dr. John Gannon, Former Deputy Director of the CIA for
Intelligence;
Dan Glickman, Senior Fellow, Former Secretary of
Agriculture; Former Chairman of the U.S. House Intelligence
Committee;
Dr. Bruce Hoffman, Director, Center for Peace and Security
Studies, Georgetown University;
Michael P. Jackson, Chairman and CEO, VidSys, Inc. and
Former Deputy Secretary of the U.S. Department of Homeland
Security;
Ellen Laipson, President and CEO of the Stimson Center and
member of the President's Intelligence Advisory Board;
Michael E. Leiter, Senior Counselor to the Chief Executive
Officer, Palantir Technologies and Former Director of the
National Counterterrorism Center;
Edwin Meese III, Former U.S. Attorney General, Ronald Reagan
Distinguished Fellow in Public Policy and Chairman of the
Center for Legal and Judicial Studies at The Heritage
Foundation;
Erroll G. Southers, Former Chief of Homeland Security and
Intelligence for the Los Angeles Airports Police Department;
and Associate Director of the National Center for Risk and
Economic Analysis of Terrorism Events at the University of
Southern California;
Richard L. Thornburgh, Former U.S. Attorney General and
Governor of Pennsylvania;
Frances Townsend, Former Homeland Security Advisor and
Deputy National Security Advisor for Combating Terrorism;
Jim Turner, Former Congressman from Texas and Ranking Member
of the U.S. House Homeland Security Committee.
My HSP colleagues and I believe the depth of this group's
experience on National security issues can be of assistance to you and
the Executive branch and we look forward to continuing to work with
you.
I will also draw on my experience as former Director of the
National Counterterrorist Center (NCTC), a post I stepped down from 1
year ago. While I will address certain aspects of deficiencies in
information sharing surrounding the Fort Hood shootings, I believe I
can best help the subcommittee by sharing my views about how well the
Government is sharing information generally. While my testimony is in
part based on my work with the HSP, it does not necessarily reflect the
views of my HSP Board Member colleagues.
Now, exactly 11 years after the tragic 9/11 attacks, and 8 years
since The 9/11 Commission Report, is an appropriate time to take stock
of how well our Government is sharing information.
overview
The 9/11 Commission documented major failures of National security-
related agencies to share vital terrorist-related information in the
months and years before the 9/11 attacks. In the pre-9/11 period,
legal, policy, and cultural barriers among agencies created serious
impediments to information sharing. The Commission made a number of
specific recommendations to improve information sharing across our
Government and regarded it imperative that all levels of Government
make improvements.
Information sharing within the Federal Government, and among
Federal, State, local, and Tribal authorities, and with allies, while
not perfect, has been considerably improved since 9/11. The level of
cooperation among all levels of government is higher than ever. State
and local officials have a far greater understanding not only of the
threat and how to respond to it but also of their communities and those
who may be at risk of radicalization. The formation of the National
Counterterrorism Center (NCTC) was a major step toward improved
information sharing. When the follow-on organization to the Commission
issued grades and reviews in late 2005 and subsequently, it cited the
creation of NCTC and its performance as a success in National security
reform. Although I am admittedly biased on this point, I certainly
agree that NCTC has played and continues to play a critical
information-sharing role.
NCTC's information-sharing responsibilities are extremely broad and
encompass items that many now take as a given--even though 10 years ago
they were nonexistent. For example, NCTC's maintenance of a
consolidated watch list that is available to local police during a car
stop, foreign service officers checking a visa application, and
homeland security professionals at a border, ensure that a critical
information-sharing gap from 9/11 is filled. Similarly, NCTC's three-
times daily video conferences ensure that every element of the U.S.
Government knows what threats are on the radar. In addition the
presence of analysts from more than 20 organizations at NCTC, sitting
side-by-side, and sharing information countless times a day is a
radical (and positive) shift from 2001. Finally, the Interagency Threat
Assessment and Coordination Group (ITACG) provides greater information
sharing between State and local officials and the whole of the U.S.
Counterterrorism Community. In short, when it comes to information
sharing the U.S. Government has moved forward in leaps and bounds.
This improvement is, of course, not just because of NCTC but
because of an equally concerted effort by the FBI, DHS, and others.
Most notably there are now 104 Joint Terrorism Task Forces throughout
the Nation, and 72 Fusion Centers in which Federal, State, local, and
Tribal authorities investigate terrorism leads and share information.
Since 2004, DHS has provided more than $340 million in funding to the
Fusion Centers. Information sharing with the private sector has also
become routine and is an important part of our defenses.
Despite these improvements, there is no doubt that weaknesses
exist--although I frankly believe we must be careful not to equate more
recent information-sharing failures with those of the past. Information
sharing is no more monolithic than any other complex issue or business
process. Although information sharing is a good headline, when
considering information sharing successes and failures we have to
``look under the hood'' to see what is really going on, lest we fix
things that weren't the problem in the first place.
While the mechanisms are in place for better information sharing,
the fact is that we missed opportunities to stop the Christmas day
bomber from boarding Northwest Flight 253, as well as opportunities to
intervene before the Fort Hood shootings. In my view each of these
represents a different challenge.
With respect to the first, information regarding the bomber was
shared and shared widely. In the simplest of terms, the issue was not
that people didn't have the data, but instead that they had too much
data--and policy issues existed about what steps should be taken based
on that data. With respect to the second, relevant information was not
sufficiently recognized as such and passed to other operators, and FBI
information technology hampered the connection of key data.
An enormous amount of intelligence information constantly pours
into our National security system. Sifting through it, synthesizing it,
making sense of it, and making sure it receives the necessary attention
is a backbreaking challenge, one that requires attentive management and
testing to determine where the flaws are and how to fix them. It also
requires the latest software and technology to ensure that searches
dive into all databases so that no pertinent information on an inquiry
fails to be captured. That technology exists and is available today it
simply needs to be widely deployed.
Of course, we should not view information sharing as an unmitigated
good--or at least not as a good that does not require attendant
modifications to other aspects of intelligence and homeland security as
it advances. There is no greater illustration of this than the tragedy
of WikiLeaks, which has disclosed to the world--both our adversaries
and friends--sensitive information about our intelligence and policies.
This publication of sensitive Government documents has harmed our
Government's ability to conduct its affairs and has had serious
consequences for our National security.
In my view WikiLeaks demonstrates why as we share information we
must also increase our ability to control the information that is
shared and take special care to control the wholesale movement of
sensitive information off of protected networks. It is not new that
those who wish to harm the Nation will attempt to steal our secrets; it
is new that with the spread of electronic information they can steal
petabytes rather than mere pages of documents.
still a need for improvement
Where, then, can improvements still be made? We offer some
suggestions along the traditional lines of correction: Legal, policy,
budgetary, personnel, and technology.
With respect to the first, legal, we must recognize that the
Constitution and countless statutes govern the mosaic that is
information sharing. In my experiences at NCTC, statutes ranging from
the Foreign Intelligence Surveillance Act (FISA) to the Violence
Against Women's Act drove what could and could not be shared. If there
was one statute that was most at issue, however, it was FISA. In my
view although FISA obviously provides critical protection of U.S.
persons' privacy, it also makes for an exceedingly complex decision-
making process within the intelligence community. Any way in which we
can simplify this statute while maintaining protections would be
invaluable for both collectors and analysts.
On the policy front, I believe it is important that we accelerate
the review and adoption of Executive branch implementation guidelines
for any information sharing-related policies. In my view the Executive
branch has done an admirable job getting to the right polices in cases
like the Attorney General Guidelines for various elements like NCTC,
but the time required to adopt such policies borders on the Biblical.
Yes there are difficult issues that must be addressed, but these issues
are too important to allow the process to drag on as it most usually
does.
Also on the policy front--but directly related to the budgetary--we
remain concerned that FBI and DHS information-sharing efforts with
State and local governments lack full cohesion. With declining
budgetary resources, it strikes us as important to determine the best
way to spend the marginal on DHS-sponsored fusion centers--where today
the FBI has more people in place than does DHS. The U.S. Government
must, 11 years after 9/11, ensure that respective Departmental foci are
consistent with the reality of long-standing intergovernmental
relationships and on-the-ground presence. I believe that the FBI's new
responsibility as domestic DNI representatives is a very positive step
in that direction.
Nowhere will budget play a bigger role in information sharing than
State and local fusion centers, which are facing wide and deep
budgetary challenges. In addition, budgetary issues will be faced in
the context of protecting information from leaks (which is required to
enable information sharing), training for personnel on advanced
analytic tools that enable information sharing, and having sufficient
personnel to collect and exploit information so it can be shared
effectively.
On the personnel front, many agencies must continue to train
personnel to ensure that they know what information is relevant and
hence what must be shared. In particular, the FBI needs to--as it
generally has in the past--prioritize enhancing the status of its
analysts and ensuring that analysis drives operations. Similarly, DHS
must continue to improve its analytic cadre and move away from contract
personnel. All analysts and operators must continue to receive high-
quality training on issues like radicalization, to recognize signs of
danger.
Finally, on the technology front, we continue to face a relative
maze of Government information systems of significantly varying
capability. We cannot be so naive to say that one big database of
information can be created: This is neither technically feasible nor
wise as it relates to protection of information and privacy. That being
said, we must ensure that operators and analysts have advanced
technology that allow them to make connections in disparate data sets,
share their knowledge across organizations, and keep information
secure. And perhaps most importantly, the Congress must continue to
closely monitor Government information technology reforms as the
bipartisan Executive branch record on this front is less than
inspiring.
conclusion
In sum, up until now the Government's counterterrorism capability
has grown with much energy and devotion, but it has done so while flush
with resources. The Nation's current fiscal situation means we have to
be smarter in how we use our resources so that we get the maximum bang
for our counterterrorism buck and can stay one step ahead of the ever-
changing terrorist threat.
Our terrorist adversaries and the tactics and techniques they
employ are evolving rapidly. We will see new attempts, and likely
successful attacks. One of our major deficiencies before the 9/11
attacks was that our National security agencies were not changing at
the accelerated rate required by a new and different kind of enemy. We
must not make that mistake again. Sharing information rapidly is a
major comparative advantage we have over terrorists. We must regularly
review how we are doing and move quickly to address any problems, fill
any gaps that arise.
Thank you for inviting me to testify, and for this subcommittee's
leadership on these critical issues.
Mr. McCaul. I appreciate those comments, Mr. Leiter. Thank
you for being here again; and I look forward to hearing the
answers to my questions in a more open format, without the
constraints of the Federal Government on top of you.
So with that, I would like to enter into the record a
statement from the Honorable William Webster, the chair of the
Webster Commission.
Hearing no objection, so ordered.
[The statement of Mr. Webster follows:]
Statement of William H. Webster, Chair, The William H. Webster
Commission
September 14, 2012
On December 17, 2009, Federal Bureau of Investigation Director
Robert S. Mueller III asked me to conduct an independent investigation
of the Federal Bureau of Investigation's handling of counterterrorism
intelligence before and after the tragic shootings at Fort Hood, Texas,
on November 5, 2009. The FBI had conducted an internal investigation in
the immediate aftermath of the shootings and had implemented
procedural, operational, and technological improvements. Director
Mueller believed, however, that an objective, independent review was
critical to understanding the FBI's actions and assessing the potential
for further improvements.
I agreed to what proved to be a complex and lengthy assignment. The
Terms of Reference were extraordinary in scope. Director Mueller
requested not only a full investigation of the manner in which the FBI
and its Joint Terrorism Task Forces handled and acted on
counterterrorism intelligence before and after the shootings, but also
a review and assessment of the FBI's governing authorities and the
FBI's remedial measures in the aftermath of Fort Hood--with a
particular focus on whether existing laws and policies strike an
appropriate balance between protecting individual privacy rights and
civil liberties and detecting and deterring threats. That broad mandate
was complicated, and its importance underscored, by subsequent terror-
related events. The investigation did not probe the shootings, which
are the subject of a U.S. Army-led inquiry and military criminal
proceeding against Major Nidal Hasan.
In discharging my duties, I asked five distinguished citizens--
seasoned investigators and legal specialists--to volunteer their time
to serve as Commissioners: William M. Baker, Russell J. Bruemmer,
Adrian L Steel, Jr., Kenneth L. Wainstein, and Douglas E. Winter. They
were assisted by Stephen J. Cox, George Murphy, and Margaret-Rose
Sales. Their contributions of time and energy were substantial, adding
to the already significant demands of their work in the private sector.
Their commitment to this investigation and the resulting report was an
act of selfless patriotism.
The Commission took its responsibilities seriously. My colleagues
and I pursued the sensitive, complex matters under review with
diligence and care. The investigation was meticulous. Our discussions
were vigorous. The Commissioners asked questions and expressed their
perspectives, concerns, and opinions with candor. Although we disagreed
from time to time during the course of our investigation, we were
unanimous in our factual findings, our analysis of the FBI's actions,
our recommendations, and every other aspect of the Final Report.
When I agreed to undertake this project, Director Mueller promised
the FBI's full cooperation and support. That promise was fulfilled. The
FBI and Department of Justice provided the Commission with more than
100 formal and informal interviews, meetings, and briefings; more than
10,000 pages of documents; and direct access to FBI computer systems.
To obtain a broad range of perspectives, the Commission also consulted
with outside experts on counterterrorism and intelligence operations,
information technology, and Islamic radicalism; public interest groups
that promote civil liberties and privacy interests; and staff from
Congressional committees with FBI oversight responsibilities. The input
of more than 300 persons and hundreds of documents informs the Final
Report.
On July 12, 2012, after a completing the 2\1/2\-year investigation,
we delivered the Final Report of the William H. Webster Commission on
the Federal Bureau of Investigation, Counterterrorism Intelligence, and
the Events at Fort Hood, Texas on November 5, 2009, to Director
Mueller. As you have seen, the Final Report exceeds 150 single-spaced
pages in length and includes 18 formal recommendations for corrective
and enhancing measures.
Director Mueller asked me to examine, among other things, ``whether
the actions taken by the FBI were reasonable under the circumstances
known at the time.'' Our analysis of those actions could not proceed
from what we later learned about Nidal Malik Hasan or Anwar Nasser al-
Awlaki. Hindsight has uses, but it is not an appropriate tool for
assessing the reasonableness and adequacy of actions taken without its
benefit. Our review was based on information known or available to the
FBI at the time the actions were taken.
We also recognized that reasonableness must be measured in the
context of the FBI's governing authorities and policies, operational
capabilities, and the technological environment of the time. For
example, as discussed in the Final Report, the FBI's governing
authorities limit its ability to disseminate information acquired using
the Foreign Intelligence Surveillance Act of 1978, 50 U.S.C. ��1801 et
seq., and require Agents and Task Force Officers to use the ``least
intrusive means'' in conducting assessments and investigations. As a
further example, the FBI's then-existing information technology and
document review workflow did not assure that potentially relevant
intelligence would be identified, correlated, and assessed in a
strategic context.
Finally, we recognized our limited ability to predict what might
have happened if different policies or procedures were in effect or
personnel had made different decisions or taken different actions. We
chose not to speculate. We examined instead the reasonableness of what
did happen, in order to identify and recommend, when appropriate,
better and corrective policies and practices for the future.
The Final Report did not hesitate to identify shortcomings when we
found them. In its words: ``We conclude that, working in the context of
the FBI's governing authorities and policies, operational capabilities,
and the technological environment of the time, FBI and Joint Terrorism
Task Force personnel who handled relevant counterterrorism intelligence
information made mistakes. We do not find, and do not suggest, that
these mistakes resulted from intentional misconduct or the disregard of
duties. Indeed, we find that each Special Agent, Intelligence Analyst,
and Task Force Officer who handled the [intelligence] information acted
with good intent. We do not find, and do not believe, that anyone is
solely responsible for mistakes in handling the information. We do not
believe it would be fair to hold these dedicated personnel, who work in
a context of constant threats and limited resources, responsible for
the tragedy at Fort Hood.''
We concluded instead that ``these individuals need better policy
guidance to know what is expected of them in performing their duties,
and better technology, review protocols, and training to navigate the
ever-expanding flow of intelligence information.'' We also concluded
that the FBI should continue to focus on compliance monitoring and the
oversight of authorized investigative techniques that may affect
privacy rights and civil liberties.
The Commission found shortcomings in FBI policy guidance,
technology, information review protocols, and training. We made 18
important recommendations for corrective and enhancing measures in
those areas and about the FBI's governing authorities. We also
identified, but took no position on, two legislative actions that the
FBI could propose to improve its ability to deter and detect terrorist
threats. Finally, we assessed whether administrative action should be
taken against any employee involved in this matter, and we concluded
that administrative action was not appropriate.
The FBI has agreed with the principles underlying all 18 of our
recommendations. In most cases, the FBI has taken action to implement
the recommendations based a combination of the Commission's work, its
own internal review of the Fort Hood shootings, and the report of the
U.S. Senate Committee on Homeland Security and Governmental Affairs.
I appreciate the subcommittee's interest in the lessons of Fort
Hood. Those lessons are not specific to the Federal Bureau of
Investigation, but resonate throughout the law enforcement and
intelligence communities. The Final Report provides insights into the
arduous mission of the FBI and other agencies in combating the threat
of terrorism, whether domestic or international.
Throughout our investigation, we witnessed the ever-increasing
challenge that electronic communications pose to the FBI's efforts to
identify and avert potentially destructive activity. Although our
Report reviews the specifics of one tragic event, it also speaks to
transcendent issues that are crucial to our ability to combat terrorism
in the electronic age.
We did recommend corrective and enhancing measures, but nothing
said in the Final Report is intended to cast doubt on the dedication
and professionalism of the men and women who serve our Nation in
combating terror and crime.
Thank you.
Mr. McCaul. I want to just show, not for any reason other
than--this was taken the day of the memorial service at Fort
Hood, and you can see--I was standing here--you can see the
boots, the rifles, the helmets. It really gives you a graphic
picture of what really happened that day.
[The information follows:]
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
Mr. McCaul. You can see one of these soldiers on crutches.
I asked him, ``What did he say when he shot you?''
``Congressman, he said `Allahu Akbar,' '' God is great, the
classic jihadist terminology.
At that moment, I realized that this was not a workplace
violence incident, that this was something more, that this was
in fact an act of terrorism. I was criticized at the time for
saying that. I think history will judge that as a correct
assessment of what happened on that fateful day.
Mr. Leiter, I want to start with you, because you headed
the NCTC. You are really the expert at connecting the dots, and
you did perform a masterful job while you were there.
You and I worked with Joint Terrorism Task Forces. They
have an enormous challenge, an enormous amount of data that
comes through, and many of which, if you miss one thread of
evidence, you can be held accountable by Members of Congress
like myself at a later hearing.
But these emails, the 18 emails that took place, when we
were briefed by senior intelligence officials--and they
wouldn't give us the content, they would just simply say--the
only word I can use is downplay the significance of these
emails. Finally, when the good work of the Webster report
revealed these emails publicly, we all had a chance to actually
read the content.
The one that I described in my opening statement on May 31,
2009, Major Hasan, he almost seems to be telegraphing exactly
what he is getting ready to do, almost asking for permission
from al-Awlaki in Yemen, is it okay for a suicide bomber to
kill soldiers and innocent civilians in the cause to protect
our fellow brothers?
You know, you and I have worked in law enforcement. This is
one of 18. The other one, ``keep me on your Rolodex,'' you
know, to me, this is a huge flag.
It was a big deal in San Diego. The San Diego Joint
Terrorism Task Force thought, wow, there is something wrong
going on here. We need to start--let's send a lead to WFO.
Let's have them investigate.
The response from WFO is astounding, that, well, we don't
really see a terrorist threat here; and they basically shut
down this investigation until 5 months later when Major Hasan
kills 13 people, 12 soldiers.
There is a Department of Defense official on the Joint
Terrorism Task Force, and yet that official didn't contact Fort
Hood. Maybe it is the legal restrictions that you are talking
about. If so, we need to change that.
There were so many flags not only between the FBI two
offices--and I really commend the San Diego office for their
courage and bravery of trying to get to the bottom of this. I
fault the WFO office for not following up on this. In the
military, the way they passed this guy along, knowing he is
proselytizing radical Islam with a business card: Soldier of
Allah. He is enraging his colleagues. What do they do? They
don't want to deal with the problem. They want to pass him
along, promote him, send him down to Fort Hood.
So many flags in this case. The dots were identified, but
they weren't shared. How did this happen?
Mr. Leiter. Congressman, I will say that I agree with you
that it did not take long, from my perspective, to know that
this was an act of terrorism. In fact, the National
Counterterrorism Center within a week of the event entered this
into its world-wide database of terrorist events based on
preliminary reports. That was not a conclusive legal judgment
but certainly all the indications were that this was terrorism.
I think in terms of the information that was not shared,
you had a breakdown along so many different angles. The San
Diego team I think did do a very good job; and I would defer to
Mr. Winter, of course, who knows these details better than I,
but they were not even aware of all of the emails. They were
not aware of the Department of Defense information. WFO was not
aware of much of that. It was handed to an officer who,
frankly, from an outsider's perspective, I think didn't have a
really strong understanding of the signs of radicalization.
Now, the two points I would make quickly in defense of how
this evolved is: No. 1, we do have to put ourselves back in
2009 to recall who Anwar al-Awlaki was then versus who he is
perceived to be today. In 2011, 2012, we understood him to be
an operational leader in a way that in 2009 we did not. That is
not an excuse, but it is some color.
The second piece is, from my perspective, Congressman, the
idea that people would not go talk to him I do not understand.
I do believe that if that information were shared with a
broader group who understood radicalization there would have
been increased pressure from headquarters to make that happen;
and that would have led to, I believe, a better outcome.
Mr. McCaul. I couldn't agree with you more.
I talked to the commanding officer at Fort Hood. Wouldn't
you have liked to have known this? I understand FISA
complications. I understand you want to shake down somebody.
They could have at least watched him, put him under some sort
of surveillance. Just maybe that would have stopped what
happened.
My time is limited. I do want to go to Mr. Winter.
Eighteen emails, WFO only has two emails. Some technology
breakdown occurs where they are not even aware--they can't even
access, they didn't even know how to access to get these
remaining emails. I have to say, Mr. Leiter, I mean, you as a
former Justice Department official like myself, this May 31
email, if you read this, would that concern you?
Mr. Leiter. Congressman, I look at one email and I look at
the body of the emails and to me they are clear indicators of
an individual who has been radicalized. Whether or not he has
been mobilized to take action, that is a hard call----
Mr. McCaul. But when he is asking permission to perform a
suicide bombing mission against soldiers and civilians at a
dinner to protect his fellow----
Mr. Leiter. That is why I said, Congressman, I would want
somebody to go out and interview this guy, who has clearly been
radicalized.
Mr. McCaul. I think that is what should have happened in
this case.
Mr. Winter, what happened here?
Mr. Winter. The decisions made in WFO were based on a
cascading set of circumstances.
Mr. McCaul. Your microphone?
Mr. Winter. I am sorry. Is that better?
Mr. McCaul. Yes.
Mr. Winter. The decisions made at WFO were the result of
truly a cascading set of circumstances. San Diego sent this
lead based on the first two emails that were acquired from
Hasan to al-Awlaki. There was no FBI policy on the assignment
of these types of leads or on taking action on these types of
leads.
The supervisor of WFO waited 50 days after the arrival of
the lead to read it and to assign it. He assigned it to a DCIS
agent who was a task force officer.
That agent waited 90 days from then to read it and to act
on it. Under informal FBI practice, agents had 90 days to work
on leads, either to elevate them into an investigation or to
close them down. So this agent read that lead and acted on it
on the last day under that FBI practice and, indeed, conducted
this assessment in 4 hours on that day.
So it was rushed. There was that pressure that was created
by their workload and these late assignments.
He consulted U.S. Army electronic personnel files on Major
Hasan. That was the entirety of what he as a DCIS agent could
have access to from the JTTF. That meant he received a brief
and highly misleading set of personnel records that indicated
that Major Hasan had a security clearance, he had been promoted
to major only 10 days earlier, and his supervisors praised him
thoroughly. The only negative in those 80-some pages, I
believe, was that he had failed his PT test.
Mr. McCaul. They praised him.
Mr. Winter. They praised his research on Islam in the
military.
Now, Hasan had used his real name in communicating with al-
Awlaki, so had not tried to render himself anonymous. The DCIS
agent concluded, based on that, that this was part of Hasan's
research on Islam in the military and that the Army approved of
it.
At the same time, there was no FBI policy on what is called
a baseline collection plan. That policy was instituted in
September, 2009, after this investigation but before the Fort
Hood shootings. That created a minimum of what agents are meant
to collect when conducting an assessment. If that plan had been
in effect then, this agent would have been required to consult
the DWS-EDMS system, which is a computer database on which all
of the messages from Hasan to al-Awlaki and vice versa were
stored. Thus, he would have known of that, and he would have
been required to search it.
But he had not been trained on that database. He didn't
even know it existed. So, what he believed, after searching FBI
databases, was that there were only two emails, that they were
sent in December, 2008 and January, 2009, which was 5 months
prior, and that al-Awlaki had not responded. Based on that, he
concluded and his supervisor concluded that Hasan was not
involved in, ``terrorist activities.''
Now, did that resolve the question of whether or not Hasan
was a threat? We didn't believe so. We felt that this decision-
making process was flawed and that they should have considered
and conducted an interview of Hasan based solely on the
information they had at that time.
But I am not defending the decision; I am explaining it.
You can understand how reasonably these men could have been led
down this path by the combination of all these circumstances,
some of which were self-imposed, others of which were the
result of the lack of policy, others that were the result of an
inability to gain access to those records that Walter Reed, for
example, had.
Mr. McCaul. I think those problems need to be fixed. But I
will ask you this question. I believe that gross errors were
made in this matter that resulted in 13 people being killed, 12
soldiers. Should anybody be held accountable within the Federal
Government?
Mr. Winter. On our review--we were specifically asked by
Director Mueller to assess whether any disciplinary action
should be taken against any of the personnel involved. Although
we found that mistakes were made, we found that these
individuals acted with good intent, they acted mostly
reasonably under the circumstances, and that they were not
individually responsible for some of the decisions that
occurred because of the lack of policy direction, for example.
One of the reasons we advocated the seven policies that we
recommended was that if those policies had been in place, and
similar procedures, then actions like this would violate them
and individuals would be directly responsible and subject to
discipline.
Mr. McCaul. Is it your understanding these policies are in
place now?
Mr. Winter. Almost all of the policies are in place. They
are not--some of them are being coordinated into a single
policy, the command-and-control hierarchy, for example.
Mr. McCaul. My time is kind of running short.
On the Center report, they indicated the San Diego office
calls WFO; and the response back is: Look, we don't want to
damage his stellar career, and something to the effect of this
is a politically sensitive matter.
That was not corroborated by the WFO office. Is that
correct?
Mr. Winter. That is correct.
Mr. McCaul. But, according to San Diego, that conversation
took place.
Mr. Winter. Well, the first part that you discussed is
corroborated, that WFO advised San Diego twice that they did
not believe an interview of Hasan was appropriate because it
would damage him in terms of his position in the military. The
chain of command would not take it lightly.
Mr. McCaul. I do think that the American people and the
families and the victims deserve that somebody in this
Government be held accountable for what happened.
Professor, I want to ask you real briefly, with my limited
time left, you spoke very eloquently of your experience of the
fear of speaking out. Within the Department of Defense, you
know, we have this individual that various of his colleagues
are seeing these warning signs popping up. They call him a
ticking time bomb. He is proselytizing radical Islam, talking
about Osama bin Laden, having business cards that say Soldier
of Allah. I mean, so many indicators are there, and then no one
wants to speak out. There is a fear of retribution within the
Army, and he is just sort of passed along. Is this a case where
political correctness was more important or overshadowed
National security?
Ms. Manji. It sure sounds like that--if you can hear me, it
sure sounds like that.
Thank you.
It sure sounds like that, Congressman. Frankly, I think it
would be fairer to ask if political correctness also crept into
the FBI.
For example, we have spent the last several minutes talking
about how somebody at the San Diego office of the FBI had a
troubling lead, passed it on to the Washington field office,
after which it went nowhere. One of the questions I have, as I
am listening to these other testimonies, is why did the San
Diego officer not stand up when it became clear to him or her
that an obviously unsettling lead was not going to be acted
upon?
Now, one can argue that, well, it is obvious why people
don't stand up in general, because doing so invites
complication in your life. Life is complicated enough, thank
you very much.
But this is where I believe we can actually learn something
about a mechanism that the Department of State has put into
place, and that is a mechanism called the dissent channel. It
was actually introduced just after the Vietnam war, whereby
foreign policy officers, when they see that the chain of
command is going to be resisting their dissent with groupthink,
with the settled consensus that has been accepted for too long
within the cozy confines of that department, they can actually
use this dissent channel to explain why somebody higher up
needs to hear a counter argument. They do not have to get
permission from their higher-ups in order to be heard through
this channel.
I don't think that that exists either at the Department of
Defense or at the FBI, but it is something well worth
investigating whether it works, as it did, by the way, in the
lead-up to the Yugoslav--to the Balkan genocide. It was, one
could argue that that was the reason, because at the time
Secretary of State Eagleburger heard a dissenting voice through
that channel and realized that the United States must
intervene.
It was through that that I think we can learn a little bit
more about how dissent can be institutionalized so that it is
constructive rather than chaotic.
Mr. McCaul. Thank you. Excellent point.
The Chairman now recognizes the Ranking Member.
Mr. Keating. Thank you, Mr. Chairman, and I think you have
done a good job of looking historically at this.
I want to come at this at a different angle, maybe ask Mr.
Leiter first. I have heard about the policies. I have heard
about some of the changes. Could this, under the same set of
circumstances, happen today?
Mr. Leiter. Congressman, you would end up with a slightly
different set of facts. It wouldn't quite fit the policies that
you put in place, but I think that there remain holes.
Mr. Keating. Forget the policy, just the circumstances.
Mr. Leiter. I think it is less--the more it looks like this
circumstance, the less likely it is going to occur. But could
something like this fall through the cracks? Absolutely.
I still believe that there is information that is not being
shared effectively and, quite often, that information is about
U.S. persons, which is appropriately the most protected set of
information; and the Congress and the Executive branch must
ensure that that information is effectively shared. So, as the
professor very ably said, you can get second and third opinions
and you aren't simply forced to take the views of one operator
or one analyst about whether or not someone is a threat.
Mr. Keating. Mr. Winter, could this still happen today?
Mr. Winter. Absolutely. I agree with Mr. Leiter, the closer
the circumstances to those of the Hasan matter the less likely
it is to happen because of the policy changes, because of the
higher sensitivity to these types of issues.
For example, however, two of our recommendations concern
the FBI putting into place a clearinghouse process by which--
which it currently has with DOD--by which it advises DOD
through headquarters and through the National Joint Terrorism
Task Force about investigations of DOD personnel in the
military. We recommended that similar clearinghouse procedures
be adopted for law enforcement agencies, whose Members may have
equal if not greater access to weapons and intelligence than
military members and also as to other departments of the
Federal Government.
So that if someone at the State Department is under
investigation there is a mechanism in place for the
investigating officers to move that not only up the FBI chain
of command but also move it to the State Department chain of
command and their investigators so that all the individuals can
work together to detect and deter the potential for terrorism.
However, obviously, outside of Government hierarchies, the
possibilities for individuals like Major Hasan to take these
kinds of actions exist; and it is difficult for the FBI to have
constant knowledge of the whereabouts and intent of those types
of individuals.
Mr. Keating. One thing that--I wasn't going to ask this,
but you sparked this interest. I have asked it of General Barry
McCaffrey before. That initial information, getting to whether
it is local or State officials usually, how is that inhibited
by not having a comprehensive immigration policy in the State?
If people see things, if people want to come forward, how are
they going to come forward if they are going to effectively
make themselves criminals? How weak is that in the initial
information?
Mr. Winter. That is something that is slightly beyond my
pay grade, sir. I would try to answer in this fashion, however.
The FBI has in place what is known as an eGuardian system,
which is an electronic version of its Guardian system, by which
individuals who bring information to local law enforcement
agencies, let's say, even anonymously, tips and the like, can
be forwarded on immediately and promptly by electronic means
and acted on by FBI agent reviewers and analysts, I should say,
within a very short period of time.
Mr. Leiter. Congressman?
Mr. Keating. Assuming they did that.
Yes, Mr. Leiter.
Mr. Leiter. I think interaction with immigrant communities
is critical. In the counterterrorism context, obviously what we
are most focused on is American Muslim communities, which may
or may not be immigrant communities. But engagement by the FBI,
the Department of Homeland Security, Immigration, a wide range
of agencies and State and local officials with American Muslim
communities is absolutely critical to occur not just for law
enforcement intelligence but for good Government and
engagement.
I will say that Congress has an important role in that
regard, that when the FBI does engage these Muslim communities
that they are not immediately second-guessed about which
Muslims they talk to. It is very important for them to have
wide engagement to understand these communities and potentially
identify individuals who have been radicalized. In my view, the
Congress has to give the Executive branch reasonable room to
maneuver to do that engagement to find problem areas.
Ms. Manji. May I add something of my own in this regard?
Mr. Keating. Just briefly, yes.
Ms. Manji. Sure.
Of course, engagement with communities of all kinds is
necessary for good governance. The problem is that, too often,
especially in this country, we stumble over ourselves to try to
identify who are the moderates and who are the extremists. I
would argue to you gentlemen that this is the wrong
distinction.
The better distinction to make, if you want to really get
at the heart of the matter, is who are the moderates and who
are the reformists. Moderates, for example, don't much differ
from extremists in that moderates are so consumed with what
they perceive to be Western imperialism, Israel, America, so
forth, that they have distracted themselves from dealing with
the imperialism within their communities, those clerics, those
imams, and even those supposedly secular civil leaders who
insist that good Muslims remain silent when crimes such as
honor killings happen within their communities.
So we need to ensure that we get the framing here right if
you are actually going to hear people who are willing to step
forward. But they are not going to be willing to step forward,
Congressman, unless they know that you have got their back.
Because they know what backlash is coming their way by virtue
of having opened their mouths.
Mr. Keating. Thank you. Thank you.
I just want to get back to the process itself, too.
One of the things that you said, Mr. Leiter, that concerned
me, is--because we hear it all the time in this committee in
particular in different shapes and forms--but you used the word
the necessity of having a National system versus a patchwork
system. To me, we could have the greatest information in the
world coming forth. If we don't have a way to process that on a
National basis--can you really talk more specifically about
what you meant when you said that? I mean, how far along----
You know, all of DHS is patchwork, as far as I am
concerned. It is amazing that we haven't gone past
jurisdictional issues and done some of these things yet. But,
to me, that has to get fixed first.
Now, I know we have budgetary issues in front of us. But if
that is not fixed and that is not a priority, what good does
all this gathering of information, what good is it?
So when you said that, you know, I think that is a priority
that we have to have. What budgetary issues are confronting
that and what actual technology issues or interaction issues
with different levels of intelligence? Expound on that.
Mr. Leiter. Congressman, absolutely. We obviously, as both
you and the Chairman know well as attorneys, we live in a very
Federated system. As we built up these State and local fusion
centers with hundreds of millions of dollars, that information
is being collected at the local level and, to some extent,
shared with Department of Homeland Security and the FBI through
the JTTFs. But what we have not done is created a system where
you can actually effectively compare that information across
State and local fusion centers, across JTTFs.
Now, I think the FBI took a very, very valuable step in the
past year, which is to move toward a regionalized structure.
Because I don't believe that you can have any system with 104
JTTFs and 50-plus fusion centers and actually see correlations
quite effectively. So a regionalized intelligence structure,
where you have I believe it is six or eight regions that are
looking at the various State and local fusion centers and JTTFs
and seeing where there is suspicious activity or where there is
a FISA intercept of import. Then having those cases managed by
the FBI headquarters, in coordination with DHS, that starts to
look like a system.
As you see that and as that information is shared within
the Federal family, with the National Counterterrorism Center,
with Homeland Security, who is specializing on borders, using
their collection resources, and ICE and Customs and Border
Protection, you start to understand how you can close these
gaps and, as you so eloquently stated at the beginning of your
questions, try to avoid this from happening in the future.
As budgets go down, weaving this together will be more
difficult. But absolutely the technology exists today to make
sure that some of those less understandable correlations are
seen both at the State level, at the local level, and
ultimately at the Federal level for some of these cases.
Mr. Keating. Just a last quick question of yourself and Mr.
Winter. Would you say that is among the top priorities right
there in having that occur?
Mr. Leiter. Yes.
Mr. Winter. I absolutely agree. That was the first of our
information technology recommendations to the FBI, enterprise
data management.
Mr. Keating. Thank you very much. I yield back.
Mr. McCaul. Thank the Ranking Member.
The gentleman from South Carolina, Mr. Duncan, is
recognized.
Mr. Duncan. Thank you, Mr. Chairman. Thanks for this very
timely hearing.
You know, the State Department had warnings at least 48
hours in advance of the 9/11 attacks that happened this week,
yet they did not go in lockdown in certain embassies where the
threats were. The reason I say that is a lot of times we are
given very, very clear signals, staring us in the face, and we
fail to act on those.
Or many times we lean back on political correctness. As
Professor Manji pointed out, the religious symbolism, the
Operation Badr, they didn't even want to discuss the real
ideology behind a certain terrorist attack, the fact that we
have here in America taken to calling the Fort Hood a case of
workplace violence, yet we will call what happens in Wisconsin
an act of domestic terrorism.
I am alarmed and really want to raise awareness here in
this committee of some of the things that I hear going on
within our Pentagon and within the military, where servicemen
and women are discouraged from pointing out things that they
see such as what happened at Fort Hood with SOA on the card,
and just signals that are very clear for people that are going
through their daily routine that should raise a red flag for
us. But yet they are scared they are going to be labeled as an
Islamophobe.
I think when we have hearings within this committee
addressing Fort Hood or addressing the radicalization of Muslim
youth, it is not an address of Islam, it is more of an address
of an ideology that is really encouraging folks that practice
Islam as a religion to embrace a certain set of ideals and
ideological values that lean more toward the attacks that we
see. I think that is what happened. Major Hasan was caught up
in that.
But, as Americans, we can't be afraid to speak out. I want
to thank the professor for having the courage, the moral
courage to speak about those differences--that is what I heard
today--about the difference between Islam and your practice of
the Islamic religion, but also the fact that, you know, there
are some folks that do practice that religion who have gone in
another direction in another part of their life in their
political ideology and what their world vision is.
So one thing I want to ask all of you is, following the
findings and recommendations of the Webster report on the Fort
Hood attacks, how would you categorize the attack that occurred
at Fort Hood? Mr. Winter.
Mr. Winter. We discussed this question at length. I speak
for the Commission and our unanimous view. Our view was that we
saw evidence but we did not have the opportunity to investigate
on a criminal basis, as the U.S. military is doing, and so we
don't know----
Mr. Duncan. Let me ask this question a different way.
Workplace violence or domestic terrorism?
Mr. Winter. I have heard that, both of those
characterizations. We refused to reach a finding on that. I
have to say the reason is that we don't have the evidence
sufficient to know. We don't know what kind of standard
Department of Defense is applying.
Certainly our investigation was not into Department of
Defense activities; and it was not into the criminal
investigation itself, which was to a great degree hands-off to
us because the military is pursuing that criminal case against
Major Hasan. So we were unable to reach a decision on those
issues. We do believe and really would like to see justice done
for the victims, their families.
Mr. Duncan. I am going to end this dance.
Professor Manji.
Ms. Manji. Domestic terrorism, home-grown.
Mr. Duncan. Thank you.
Mr. Leiter.
Mr. Leiter. Congressman, the analysts at NCTC within a
week, as I said, deemed it to qualify as an act of
international terrorism under our statute that we use. It was a
subgovernmental group, political violence. We called it
terrorism then; I call it terrorism today.
Mr. Duncan. Okay. I want to refer back to the Chairman's
opening statement. The men and women that stood at Fort Hood at
that ceremony, ones that were wounded in that attack, the
families of the victims of that attack will tell you to this
day this was an act of domestic terrorism in the war against
terrorism. I think we as America need to set aside political
correctness and really be able to discuss the real threats,
existential threats to our way of life.
With that, Mr. Chairman, I yield back.
Mr. McCaul. Thank the gentleman.
The gentleman from Illinois, Mr. Davis, is recognized.
Mr. Davis. Thank you very much, Mr. Chairman; and I
certainly want to thank the witnesses for their participation
and especially for their insights and their answers.
I was thinking that, you know, we can always know what
happened because we have the information. It is obviously far
more difficult to determine why it happened or the causes that
may have generated or caused it to take place.
Mr. Winter, let me ask you, if I could, you indicated that
policies are that investigators and agents have 90 days to work
on leads and that sometimes individuals have more call for
activity than time or there is not enough personnel, there are
so many leads and trying to follow up on all of them. Are there
thresholds that will jump out at you? I mean, if you are
reviewing tips and information and allegations, that a person
can just kind of see that this appears to be over the line and
we need to try and check it out as quickly as we can?
Mr. Winter. Yes, there is a significant amount of training
on many different levels on how to deal with tips, information,
intelligence of different kinds. Here the San Diego agents
recognized that the messages deserved some form of action.
Under FBI policies that then existed, they could set what was
called a routine discretionary action lead because it was not--
there was no indication of anything imminent, something that
required a 24-hour or 48-hour response. That meant it was a
routine lead, which would be resolved in the ordinary course of
business. It also meant that the WFO would exercise its
discretion on how to handle the lead.
The 90-day period that was in existence was an informal FBI
practice at that time. We have, of course, recommended that the
FBI establish periods within which leads must be acted upon.
The FBI in turn has also eliminated these discretionary action
leads and has required action on all leads that are sent out
from other offices.
Mr. Davis. Let me ask each one of you if you think that we
do as well as we possibly could in making assessments of
individuals when they are going to be placed in certain kinds
of positions relative to evaluation as people seek employment,
as people take assignments and have access to certain kinds of
opportunities. Do we assess their personalities or do we glean
enough information where it gives a comfort level in terms of
where they are and what they might be doing?
Mr. Leiter. Congressman, I will answer on two pieces.
First, I think we probably all as bosses have interviewed
someone, given them a job. They had glowing recommendations,
and then they come and work for you and the performance ain't
so glowing. So this is a pretty broad problem. Obviously, the
manifestation in this situation is absolutely tragic.
The second piece, though, more specific to terrorism, is
the FBI does have an incredibly difficult job of distinguishing
those people who were radicalized and have radicalized views
and those who become mobilized and actually take a terrorist
action. Again, that is why you want people to go out and
interview them and try to make that determination.
But, frankly, the FBI, with all its resources, if you used
everyone in the Federal Government, they couldn't watch
everyone who was just, ``radicalized.'' They have got to
prioritize. Making that determination is very hard before the
fact and looks very, very easy after the tragedy.
Mr. Davis. Or even people who might seek to become members
of the FBI to be in a position to carry out their ultimate aim.
So all I am really seeking is opinion. I know that it is
tough trying to deal with motivation all of the time. I mean,
if we could answer that, we would be in very good shape.
Ms. Manji. Congressman, if you will allow me one quick
intervention, I have written exactly about this question of
what to ask in order to conclude within the Muslim communities
of this country where people stand on the continuum of reform,
moderation, extremism; and I would be very pleased to submit to
the committee the specific questions that I recommend be asked.
Mr. Davis. Thank you very much.
Thank you, Mr. Chairman.
Mr. McCaul. I thank the gentleman.
Just let me close by--first, let me thank you for this
excellent testimony. I agree with you, Mr. Leiter, that the
FBI, JTTFs have an enormous challenge. So much information is
coming through, and you miss one thread and then you are held
accountable.
I think this case, though, I would make the argument is a
little different. You have got a major on a base, Fort Hood,
who is talking to a cleric, who there was some evidence may
even have had ties to the 9/11 hijackers, for God's sake, and
he is really rising in stature to becoming the No. 2 in the
world, next to bin Laden.
I think, unfortunately, WFO only gets two emails. They
don't get the May 31 email that clearly outlines what his
intentions are and what he is planning to do.
You are right, Professor, San Diego has it, though; and
they have DOD employees on these task forces. You know, why
didn't one of those at least contact Fort Hood? Why didn't
anybody contact Fort Hood and say, you know what, there is an
issue here? You got a problem. You got a guy that could
actually kill somebody, you know.
I don't think any of you really have the answer to that. I
don't have the answer to that. It is just unfortunate that it
didn't happen in this case.
So with that, again, we thank you for your brilliant
insight and your excellent testimony; and I will dismiss this
panel, move onto Panel No. 2. Thank you.
[Off the record for a few minutes.]
Mr. McCaul. Our Government witness requested to be on a
separate panel all by himself.
Let me introduce Mr. Kshemendra Paul, who is the program
manager for the Information Sharing Environment at the Office
of the Director of National Intelligence. As program manager,
Mr. Paul has Government-wide authority to plan, oversee the
buildout, and manage use of Information Sharing Environment. He
also co-chairs the White House's Information Sharing and Access
Interagency Policy Committee.
The Chairman now recognizes Mr. Paul for his testimony.
STATEMENT OF KSHEMENDRA PAUL, PROGRAM MANAGER, INFORMATION
SHARING ENVIRONMENT, OFFICE OF THE DIRECTOR OF NATIONAL
INTELLIGENCE
Mr. Paul. Chairman McCaul, Ranking Member Keating,
distinguished Members of the committee, thank you for inviting
me to testify today.
My is Kshemendra Paul. I am the program manager for the
Information Sharing Environment. By training and profession, I
am an information technologist. Formerly, I was the chief
architect of the Federal Government.
My office works with mission partners--Federal, State,
local, Tribal, private sector, and internationally. Together,
our focus is on the improvement of the management, discovery,
fusing, sharing, delivery of, and collaboration around
terrorism-related information.
The role of my office is planning, oversight, and
management. We span a variety of communities--law enforcement,
homeland security, defense, foreign affairs, and intelligence.
As my office and our partners continue to implement
responsible information-sharing practices, we reflect on the
progress we have made across the Nation, as well as recognizing
that work remains.
In January, Director Clapper spoke of a National
responsibility to share information. He encapsulated our
vision. He said, and I quote, ``The right data, anytime,
anyplace, usable by any authorized recipient, preventable only
by law and policy and not technology and protected by a
comprehensive regime of accountability.''
This week, we marked the 11th anniversary of the 9/11
terrorist attacks. The National security community has achieved
numerous successes. As they pertain to my office, these include
improving interoperability of our sensitive but unclassified
networks, enhancing the capabilities of the fusion centers,
State and local fusion centers, expanding the mission
application and the impact of the Nation-wide Suspicious
Activity Reporting Initiative, strengthening industry and
Government adoption of our interoperability and standards
framework, including the National information exchange model,
and, finally, integrating our non-Federal stakeholders, in
particular State and local law enforcement, into the National
policy conversation through the interagency policy committee
you mentioned.
But we are not without challenges. These include the
continuously evolving threat environment, the tsunami of data
faced by my mission partners, and the constrained fiscal
environment.
My office continues to convene partners and lead efforts in
responsible information-sharing innovation. This is a journey.
The evolution of the threats against us, the integration of our
resources, and the efficient use of technology require constant
vigilance and leadership. The threats to our safety do not stop
at jurisdictional or agency boundaries. Our information
shouldn't either.
Three core ideas are the drivers of the mission of my
office. We are grounded by an enduring purpose to advance
responsible information sharing to further the counterterrorism
and homeland security missions. We are focused on responsible
information sharing to enable decisions to prevent harm to the
American people. Finally, we are building capacity for
responsible information sharing across our mission partners at
all levels of Government.
We are also strengthening protections for privacy, civil
rights, and civil liberties. This work makes us stronger.
Let me elaborate. Every fusion center in our country has a
privacy policy as comprehensive as Presidential privacy
guidelines. The bulk of Federal departments are in the same
position, and we are well on the way to finishing the job here
in Washington. This means that when citizens see something and
say something, when police officers submit reports to fusion
centers and Joint Terrorism Task Forces, when analysts work to
connect the dots, the work proceeds across agencies and levels
of government in a standardized and efficient manner that
handles information appropriately and responsibly.
Gaps, challenges, and opportunities for improvement exist.
We have traction, a clear and compelling value proposition, and
a way forward to continue to accelerate responsible information
sharing. You have our comprehensive annual report; and, for the
record, it is located on our website, ISE.gov.
In summary, I believe there is no higher priority in the
nexus between National security and public safety than
responsible information sharing.
On a personal note today, as we talk about the attacks at
Fort Hood and also reflect on recent events overseas, I just
want to say that my thoughts and prayers go out to the victims
and their families.
Mr. Chairman, Ranking Member, thank you for the opportunity
to be here, and I look forward to your questions.
[The prepared statement of Mr. Paul follows:]
Prepared Statement of Kshemendra Paul
September 14, 2012
introduction
Chairman McCaul, Ranking Member Keating, and distinguished Members
of the subcommittee, I am Kshemendra Paul, the program manager for the
Information Sharing Environment (ISE). We are the National office for
responsible information sharing. The ISE provides analysts, operators,
and investigators with information needed to enhance National security.
These analysts, operators and investigators come from a variety of
communities--law enforcement, homeland security, intelligence, defense,
and foreign affairs--and may work for Federal, State, local, Tribal, or
territorial governments, or in the private sector or our international
partners. The PM-ISE works with ISE mission partners to improve the
management, discovery, fusing, sharing, delivery of, and collaboration
around terrorism-related information. The primary focus is any mission
process, anywhere in the United States, that is intended or is likely
to have a material impact on detecting, preventing, disrupting,
responding to, or mitigating terrorist activity. The PM-ISE facilitates
the development of the ISE by bringing together mission partners and
aligning business processes, standards and architecture, security and
access controls, privacy protections, and best practices.
statement
As PM-ISE and our mission partners continue to implement
responsible information-sharing practices, we reflect on the tremendous
progress made toward our goal, while recognizing that significant work
still needs to be done. In January, Director of National Intelligence
James R. Clapper spoke of the National responsibility to share
information--``the right data, any time, any place, usable by any
authorized recipient, preventable only by law or policy and not
technology, and protected by a comprehensive regimen of
accountability.''\1\ As the office responsible for organizing and
implementing responsible information-sharing practices Nation-wide, we
are proud of the progress we have made strengthening National security
while also honoring and protecting privacy, civil rights, and civil
liberties.
---------------------------------------------------------------------------
\1\ http://csis.org/files/attachments/
120126_info_sharing_clapper_transcript.pdf.
---------------------------------------------------------------------------
We have become much better at using our inherent strengths to make
the American people safer. Our federated democracy means that we have
committed law enforcement, public safety, and intelligence
professionals working at the Federal, State, local, and Tribal levels;
they are also working closely with partners in the private sector to
protect our Nation's infrastructure. We have carved out a strong role
for governance through our leadership role in the White House's
Information Sharing and Access Interagency Policy Committee. Our robust
and innovative private sector contributes significantly to the work of
the ISE. And we are championing a standards-based approach to defining
Government requirements for responsible information sharing that will
enable greater interoperability across our Government's networks while
offering a greater potential for cost savings.
This week we marked the eleventh anniversary of the 9/11 terrorist
attacks. The National security community has achieved numerous
successes since 2001, including progress towards improving:
Interoperability of our sensitive but unclassified computer networks,
capabilities of our fusion centers, and mission impact of our Nation-
wide suspicious activity reporting practices. The PMISE has enhanced
our National security by: Advancing these initiatives, brokering
solutions between organizations with different missions, convening
partners from inside and outside the Government, and leading
improvements in responsible information sharing through policy,
governance, and strategy.
The PM-ISE is committed to continuing to convene partners and lead
efforts in innovation. We understand that this is a continuing journey.
The evolution of the threats against us, the integration of our
resources, and the efficient use of technology to move our responsible
information sharing agendas forward requires constant vigilance and
leadership.
Three core ideas are the drivers of PM-ISE's mission. We are:
Grounded by an enduring purpose to advance responsible
information sharing to further the counterterrorism and
homeland security missions. We must stay focused on the fact
that we are sharing information in order to keep the American
people safe.
Leading a transformation from information ownership to
information stewardship in order to improve Nation-wide
decision making. We must treat information held by the
Government as a National asset: This means it must be used, and
reused, to benefit the American people. Information must be
protected and cultivated to ensure that we get the maximum
value from it. At the same time, strong protections for the
privacy, civil rights, and civil liberties of the American
people must be safeguarded.
Promoting partnerships across Federal, State, local, and
Tribal governments, and the private sector, as well as
internationally. By building organizational capacity at every
level, we will share information more securely and effectively.
The threats to our safety do not stop at jurisdictional
borders; our information must not either.
We have also strengthened privacy, civil rights, and civil
liberties protections by developing privacy guidelines, on behalf of
the President, and supporting Federal, State, and local agencies as
they develop privacy policies that are at least as comprehensive as the
ISE privacy guidelines.\2\ This means that when citizens see something
and say something, and when police officers submit reports to their
local fusion centers, they all know that the information will be
handled appropriately. It means that when analysts conduct their
evaluations, they will proceed in a manner based on agreed-upon
definitions of behaviors that are indicative of terrorist activity, and
that their investigations will not be based on race or religion. It
means that the American people can know that their Government is
committed to protecting their privacy, civil rights, and civil
liberties, as well as their security.
---------------------------------------------------------------------------
\2\ Guidelines to Ensure that the Information Privacy and Other
Legal Rights of Americans are Protected in the Development and Use of
the Information Sharing Environment (``ISE Privacy Guidelines'')
(November 2006) available at http://ise.gov/sites/default/files/
PrivacyGuidelines20061204_1.pdf.
---------------------------------------------------------------------------
While we focus on the accomplishments and the progress to date on
numerous fronts, we maintain a sense of urgency about tackling the work
that remains to be done. The biggest challenges facing the ISE are the
continuously evolving threat environment, the tsunami of new data, and
a constrained fiscal environment. As the ISE grows and its work deepens
and expands, we need to continue to assess and adjust for current
realities--allowing us to be well-positioned for dealing with future
threats and exploiting opportunities.
These challenges and opportunities present a framework within which
to rethink the ISE and our approach to responsible information sharing.
We see great potential in leveraging our advances and building from the
terrorism-related mission to more broadly support information-led
public sector transformation. Recognition of the enduring value of the
ISE lies in the ceaseless needs of the mission and the variety of
continued successes that have been spawned by our work. The 2012 ISE
Annual Report to the Congress showcases many of these accomplishments
and lays out our way forward. While gaps, challenges, and opportunities
for improvement are present and described, we have established
traction, developed a clear and compelling value proposition, and
identified a way forward.
We are fulfilling the mission set out before us, and we are
enhancing our National security through responsible information
sharing. We will continue to fulfill this mission and to identify and
meet new challenges as they arise.
More information about the Information Sharing Environment and the
office of the Program Manager is available at ISE.gov.
summary
I believe there is no higher priority for our National security
than the issue of information sharing. Congress has provided us the
mandate through legislation; the President has provided us the
leadership and further guidelines; we continue the work of transforming
our information-sharing environment into one that works more
effectively for all.
Thousands of men and women work tirelessly to protect this Nation
from terrorist threats. It is important for us to provide them and
other decision makers with the best possible information to do their
job to protect the people and interests of the United States against
another terrorist attack.
Mr. Chairman, I appreciate the opportunity to provide this
subcommittee with information on the activities of the Program
Manager's Office and look forward to your questions. Thank you.
Mr. McCaul. Thank you, Mr. Paul, and thank you for
recognizing the importance of information sharing, fusion
centers.
Mr. Keating, my Ranking Member, we both worked with fusion
centers. Sometimes they are given a bit of a bad name, and I
think that privacy protection piece is important to preserve
the integrity of the work that they are doing and to make sure
that privacy interests are protected.
So, with that, I again want to focus back to what this
hearing is all about, and that is Fort Hood.
Now, my question may go outside of your expertise or
ability to comment. But, again, in this case I think you had a
huge breakdown in information sharing, not only between the FBI
within itself but also with the Department of Defense. If you
can speak to these issues, I would like to know how to fix
this.
First, you have got an agent sitting at WFO who sits on
this matter for the maximum amount of time possible, looks at
the lead on the very last day. I understand the FBI is swamped.
They have a lot on their plate. But when you have a major at
Fort Hood who is the subject matter, I think that would take a
little higher priority. But they wait until the very last day
and within 4 hours make an analysis based upon two of 18 emails
because this analyst doesn't know how to access the database
that would give him the other 16 emails, one of which, as I
mentioned previously, telegraphs what he is getting ready to
do. So you have got that breakdown.
Then, you know, finally, within these task forces you
actually have Department of Defense representatives. Why on
either side, both from Washington or San Diego, in your
opinion--and maybe you can't speak to this--but why didn't one
of those DoD representatives on the JTTFs contact Fort Hood and
say, you got a problem?
Mr. Paul. Commenting on the specific operational aspects of
Fort Hood are a little bit outside of my lane.
But what I would like to come to is some of the comments
that were discussed on the earlier panel that relate to this
question, things like doing a better job of enterprise data
management. That was a key recommendation coming out of the
Webster Commission. It is a key focus of my office, all right.
There is a recognition, this goes back to the 9/11 Commission,
a series of seminal reports from the Markle Foundation that is
codified in the Intelligence Reform and Terrorism Prevention
Act. It is really the mandate for my office. It is to drive a
better job of enterprise data management so we can knit
together all the different aspects of National and public
security to keep the American people safe.
I mean, think about 800,000 police officers in this
country. The bulk of law enforcement is State and local, 18,000
police departments. Knitting that together into a coherent
National architecture requires a focus on common processes,
policies, and data standards.
We have had success with that, actually. I mentioned in my
opening comments about the National information exchange model.
What is not widely understood is that originated with State and
local law enforcement. It is actually a State and local
innovation that we have adopted at the Federal level as the
basis for our counterterrorism data sharing enterprise.
So I think, you know, the focus on knitting together all
these different components into a coherent architecture really
is the key.
Mr. McCaul. You know, as somebody who has worked on the
FISA applications, I understand the restrictions when a FISA is
out there, like in this particular case with Mr. al-Awlaki. I
think there is so much apprehension when you get in the FISA
world and so many restrictions, legal restrictions, that that
may have been counterproductive and may have gotten in the way
of these Department of Defense employees or officials sharing
this information with Fort Hood, which is something that the
Ranking Member and I would like to maybe look at jointly as to
if we have to reform it or somehow just have some sort of
reporting language that would clarify that that can be shared.
I can't imagine why, if the Federal Government has this
information within its hands, it can't share it with the United
States Army, United States military, you know, on one of its
bases. To me, that is just incomprehensible.
So I thank you for your testimony.
With that, I recognize the Ranking Member.
Mr. Keating. Thank you, Mr. Chairman.
Mr. Leiter and Mr. Winter had said that although the
chances would have been less likely, the circumstance, this
tragedy at Fort Hood could indeed occur again today. Could you
reflect on your thinking whether it could occur today?
Also, what would you give for your recommendations to try
and not have--the greatest legacy we can give to these families
that have lost loved ones are--I think the greatest legacy is
that this wouldn't happen again to another American. Could you
comment on what you think in that regard?
Mr. Paul. It is difficult to answer a hypothetical about
the specific events that occurred at Fort Hood. But what I will
say, and I will highlight the Nation-wide Suspicious Activity
Reporting Initiative, you know, one of the things that we are
really successful on with this initiative is being able to
bring together a lot of different voices across levels of
government, and outside the Government, to identify a process
for doing suspicious activity reporting that addressed privacy,
civil liberties concerns, but also operational effectiveness.
Through that process, we were able to identify 16 behaviors
reasonably indicative of terrorism-related activity or pre-
operational criminal planning. So that functional standard is
in place Nationally now.
You know, coming back to the question about policy or
things like that, when we started that journey a lot of folks
were concerned that we wouldn't be able to rationalize how
folks looked at these kinds of issues because of the levels of
government and the privacy issues. But we were able to work
through those successfully, all right. So I think there is a
model there, and I go back to that as----
To answer your question about, you know: What is the
highest priority? From where I sit, accelerating responsible
information-sharing practices, as championed by my office, you
know, is a real part of the answer in terms of dealing with the
enterprise data management issues that were highlighted,
dealing with the jurisdictional issues, dealing with the
cultural issues, I think just accelerating the work.
Mr. Keating. The other thing that Mr. Leiter mentioned is,
when we were talking about a patchwork system versus a National
system, he referred to having six regional areas perhaps as an
approach that would be effective. What do you think in terms of
that?
Because I do think the more you have it under one roof, so
to speak, even though it might be an IT roof, the more that is
there the better off we are. His reference to having six
regional areas as sort of a better step than we have now in
this patchwork quilt, do you think that would be effective as
well? I mean, you are dealing with getting the same message,
but the process by which it is reviewed and shared is the
issue, too.@
Mr. Paul. You know, the Information Sharing Environment by
design, by statute is a distributed and decentralized
environment that interconnects existing systems. So the focus
we have is on interoperability but not just at the technical
level. It is not about pipes and things like that. That is an
important component, but it is more. It is interoperability at
the policy level, the business process level. So we think it is
key to keep that focus on interoperability so that you can
seamlessly share the information.
Now, the FBI approach on regionalization, that is a focus
on coordinating Federal activity, which I think is a good
thing. It is something we have heard from our State and local
partners. It is something that we are working through the
different governance structures.
Mr. Keating. I will just ask you this, too. We had a
hearing in Houston, actually, on the Port of Houston and
security. One of the things that came out of that was the need
for the first line, the need for local police to be there and
to be really one of the most important flash points in terms of
information.
I must tell you, it is just my feeling, that of all the
areas, we are talking about all the higher governmental areas,
Department of Defense, FBI, I just don't see enough effort or
enough success at that local level, the front line. Sometimes
that information can be just the catalyst to spring the network
of information that really will tell us something. What are
your recommendations to really do a better job at the local
level of having them be part of that information network?
I know there is agencies that don't want to go down to that
level for fear that some of that information might be breached.
But the other side of that is, without sharing that information
at the local level, you could really lose probably the most
important information that you could have in front of you in
the most time-sensitive way.
Mr. Paul. You know, we have had some success as a
Government with the National network of fusion centers and
their increasing maturity. Those efforts are led by DHS with
close involvement from FBI--integral involvement from FBI, and
DOJ, and other Federal agencies.
I talked about the SAR initiative before. Three hundred
thousand police officers in this country have been trained. It
is the first time that I know of where these police officers
have been through the same training. It was around the
behaviors I mentioned earlier.
So there is some success that way. It's at risk right now
because of the fiscal situation, right?
This goes to--you know, to answer your question, when I
talk to my State and local stakeholders, that comes back loud
and clear. When you look across that landscape, 18,000 police
departments, 90 percent of which have 50 or fewer sworn
officers, there is a real concern about the smaller
departments, which make up the bulk of law enforcement, how to
integrate them in the National architecture. So a focus of our
office and working with our stakeholders is to look at
solutions like regionalization, you know, that is controlled by
States, or State-wide information-sharing environments, or co-
location. All right. There is a variety of different
approaches, and they are talked about in the annual report.
But I think thoughtful solutions like that to help bring
people together to have a common information infrastructure are
a key part of dealing with this financial issue as well as
knitting together the smaller departments into a National
architecture.
Mr. Keating. So, just to be clear, you are hearing from the
local stakeholders that they are saying that if there was, for
instance, Federal money that could go to that kind of training,
then they would be more apt to participate and then be a part
of this, you think, from their vantage point?
Mr. Paul. When I talk to the State and locals and the
Federal, there is a key focus on making sure that as we have
these investments today, right, in the fusion centers and in
other initiatives that we are looking at making them as
effective as possible by expanding the usage of them with the
smaller agencies and also looking at, over time, other priority
crimes, other priority threats that allow then the business
case to be made more effectively for these and to develop
support for them.
Mr. Keating. Okay. Thank you. I yield back.
Mr. McCaul. The gentleman from South Carolina, Mr. Duncan.
Mr. Duncan. Thank you, Mr. Chairman.
Mr. Paul, thank you for your work. Your vision and your
goal for information sharing that will help prevent future
attacks on this country and just help law enforcement in
general and mine are similar, are shared, really. So I thank
you for the work.
In subsequent hearings or past hearings, we have talked
with all the agencies, DHS, State, about information sharing
between those agencies. Some of the things that I have learned
is that if someone--and I will use the case of maybe a visa
overstay, and DHS was looking into someone who may or may not
overstay their visa and investigate the background of that
person. Sometimes they have to come out of one database or
system and actually log into another and come out of that
system and actually log into another. I even heard that an MS-
DOS-type program or database is still being used. I hadn't even
heard the word DOS in so many years that that kind of caught me
by surprise.
But they are all passwords, entry level. So instead of
having one password or one biometric system where one person
could enter one time and get in all the databases that they
need, they are having to remember all the different passwords.
That gets frustrating, and they end up not doing a complete
search because of the frustration level.
So I just share that with you, because I think you need to
know that. That is what I am hearing from people that currently
work in the different levels of government.
In your prepared statement, you talked about the
transformation of information ownership to information
stewardship, which I think that is a very valid point. Do you
believe we have reached that point of information stewardship?
In my experience, there are still holdouts today, 11 years
after 9/11, 3 years after Fort Hood, where folks refuse to
partner or share their information. They still consider they
have got ownership of that, and they really don't want to share
it for whatever reason, whether they want to hold themselves up
to their superiors as the person in the know or the person that
has the ability to move up in the ranks. We see that in the
private sector as well. How do we overcome that? Are we
overcoming that? What do you foresee in the future?
Mr. Paul. Thank you. That is a focus of the work of my
office, and I appreciate you mentioning the stewardship focus.
It has taken us a long time as a Government to develop the
siloed structures, the programmatic structures, and we have
lots of policies around information that is based on classes of
information and that is specific to agencies or bureaus.
The vision that I talked about that Director Clapper talked
about is more focused on policy around classes of decisions.
The Markle Foundation called it an authorized use standard. It
is a big job to look at the body of policy we have and how do
we transition it to making decisions about information sharing,
discoverability, and things like that based on the classes of
decisions. It requires the technical infrastructure, right,
with networks that are secure, where identity management works
across these networks, across different organizations, across
different levels of government, where we have more consistency
in how we implement policy in the computer systems.
This is a lot of work. It is a big journey in front of us.
We have had some successes. You know, one that I will
mention is related to the watch list that Mr. Leiter was
talking about earlier is a success. When somebody gets stopped
by State and local law enforcement and there is a hit on the
watch list, we have a process now where that information gets
back to the local fusion centers and the Joint Terrorism Task
Forces in a timely manner. All right. So that is important
again to bring in State and local law enforcement into having
that situational awareness of what is going on in their
communities.
So there is more processes, more work to do, but it is a
valid point, and it is where we are headed is the stewardship
focuses.
Mr. Duncan. I applaud the fusion centers. I see it as the
first platform, as long as those platforms are integrated to
talk to the higher platforms, so that the higher-up authorities
have the ability to go to one platform and be able to Google,
so to speak--to use that term not necessarily, that company--
but your name and find out everything that someone at a
decision-making level needs to know about you. So I applaud
your work.
I appreciate this committee, the questions that have been
raised here. Mr. Chairman, I really don't have anything else.
Mr. McCaul. I thank the gentleman.
The gentleman from Illinois, Mr. Davis, is recognized.
Mr. Davis. Thank you very much, Mr. Chairman; and thank
you, Mr. Paul, for your testimony.
Government-wide there have been challenges to the
development of unclassified and classified systems of
information sharing. In particular, DHS has had problems in the
past developing and deploying these information-sharing
systems.
Let me ask you, how will the recent round of cuts to the
budget impact development of some of these systems? How can we
make sure that they are developed and get to the State and
local and Tribal governments that need them?
Mr. Paul. It is difficult for me to comment on the cuts
specific to DHS, but I do want to highlight that DHS, with
their classified network, the HSDN system, has connectivity out
to the fusion centers, and they have been making some stellar
progress with the HSIN system, Homeland Security Information
Network.
We are also doing a lot of work to drive interoperability
across DHS's HSIN system, FBI's LEO--Law Enforcement Online--
the IntelLink system out of the intelligence community, and
also the grant-funded, State-owned Ris.Net.
So that is a core initiative of the office, is to have
interoperability. Our philosophy--there is no wrong door. When
you are in a fusion center, working in a police department,
line law enforcement, you can get into these systems and find
the information.
We have made progress, as I talked about in the Annual
Report, but I don't want to overstate that. There is still a
lot of work to do there.
We do think that having consistent standards and
architecture and working with industry to make sure that we are
not building systems and then trying to interconnect them in a
one-off manner, that kind of a jerry-rigged approach is not the
right way. The right way is to have a consistent architecture
that is used across these different systems and by our State
and local partners and work with industry and standards
organizations to make sure that, you know, identity management
is done in a consistent, best practices way, that we are
implementing access-based authorization and controls that
people can discover information. I think that it is a
challenge, there is more work to do, but we have made some
substantial progress.
I do want to highlight that key to making this progress is
the fact that we have integrated our State and local
stakeholders into our governance structures. We do that both--
in a variety of ways, but in particular we focus on working
with professional associations. That gives us a big ability to
help drive culture change, because it is bottoms-up, and it is
inclusive.
Mr. Davis. Let me ask you, it is my understanding that the
eGuardian system set up by the FBI is a major part of the
National Suspicious Activity Reporting, or SAR, Initiative and
is the main way that State and local law enforcement can share
information on suspicious activities with one another and with
the Federal Government. How helpful has this system and has
SARs in general been for Federal counterterrorism efforts? Can
you give an estimate of how many State and local law
enforcement SARs have led to Federal counterterrorism
investigations?
Mr. Paul. The Suspicious Activity Reporting Initiative is
foundational to our domestic counterterrorism activities. It is
a critical integral part. There is approximately 20--maybe a
little bit more now--I can give you the precise numbers after
the hearing--in the suspicious activity reports that have been
vetted to the functional standards that my office has
published. There is something on the order of 40,000 searches
in what is called a Shared Space. That is the electronic pool,
if you like, that the fusion centers and the Joint Terrorism
Task Forces and other participants in the ISE use to share this
information.
Numerous cases have been opened by the FBI. I believe those
numbers are for official use only, so I would like to respond
for the record or in a different way for those numbers.
You know, the eGuardian system is one of two technologies.
The other is what is called Shared Space. They are
interoperable. The important thing is they work within the
functional standard, and there is a common process for how the
information flows from the citizenry, from industry, critical
infrastructure, key resource sectors, to local law enforcement,
to the fusion centers, and the Joint Terrorism Task Forces,
shared for analytic purposes.
Mr. Davis. I would just suspect that the number--or that
there would be some serious increase in the reporting of
suspicious activity.
Mr. Paul. There is a substantial number, a substantial
number of investigations that are across this Nation related to
suspicious activity reporting, either directly out of the SAR
system or SAR-like activity. It is foundational.
Mr. Davis. Thank you very much.
I have no further questions, Mr. Chairman. I yield back.
Mr. McCaul. I thank the gentleman.
Mr. Paul, let me thank you for your testimony as well.
I just want to conclude by saying that we have
representatives of the victims and their family members here
today at this hearing, and I think the Federal Government
deserves--or should give an apology, a formal apology as to
what happened, and should call this what it actually was. It
was an act of terrorism, and I do believe that the families of
the victims need to be compensated adequately and given our
deepest respect. As for this Member of Congress and this
committee, you have my assurance that we will do everything we
can to make sure that that happens.
So, with that, the hearing record will be open for 10 days.
Without objection, this committee is adjourned.
[Whereupon, at 11:01 a.m., the subcommittee was adjourned.]
|
NEWSLETTER
|
|
Join the GlobalSecurity.org mailing list
|
|
|
