Four Years After 9-11 Interagency Intelligence Sharing Still Lacking
Jim Kouri, CPP
April 25, 2006
There have been several pieces of legislation passed to improve information sharing among federal intelligence and law enforcement agencies, including the Homeland Security Act of 2002 and the Intelligence Reform and Terrorism Prevention Act of 2004. The 2002 act required the development of policies for sharing classified and sensitive unclassified homeland security information. The 2004 act called for the development of an Information Sharing Environment for terrorism information.
More than 4 years after September 11, the nation still lacks government-wide policies and protocols for helping agencies integrate the myriad of ongoing efforts to improve the sharing of terrorism-related information that is critical to protecting our homeland.
Responsibility for creating these policies and protocols shifted initially from the White House to the Office of Management and Budget, and then to the Department of Homeland Security, but none of the agencies have completed the task, according to a government report.
Subsequently, the Intelligence Reform Act called for creation of an Information Sharing Environment, including governing policies and processes for sharing, and a program manager to oversee its development. In December 2005, the President clarified the roles and responsibilities of the program manager, now under the Director of National Intelligence, as well as the new Information Sharing Council and the other agencies in support of creating an Information Sharing Environment by December 2006.
At the time, the Congressional Accounting Office conducted a review while the program manager was in the early stages of addressing this mandate. He issued an interim implementation report with specified tasks and milestones to Congress in January 2006, but soon after announced his resignation.
This latest attempt to establish an overall information-sharing road map under the Director of National Intelligence, if it is to succeed once a new manager is appointed, will require the Director's continued vigilance in monitoring progress toward meeting key milestones, identifying any barriers to achieving them, and recommending any necessary changes to the oversight committees.
The agencies that GAO reviewed are using 56 different sensitive but unclassified designations (16 of which belong to one agency) to protect information that they deem critical to their missions -- for example, sensitive law or drug enforcement information or controlled nuclear information. For most designations there are no government-wide policies or procedures that describe the basis on which an agency should assign a given designation and ensure that it will be used consistently from one agency to another.
Without such policies, each agency determines what designations and associated policies to apply to the sensitive information it develops or shares. More than half the agencies reported challenges in sharing such information.
Most of the agencies GAO reviewed have no policies for determining who and how many employees should have authority to make sensitive but unclassified designations, providing them training on how to make these designations, or performing periodic reviews to determine how well their practices are working. The lack of such recommended internal controls increases the risk that the designations will be misapplied. This could result in either unnecessarily restricting materials that could be shared or inadvertently releasing materials that should be restricted.
Sources: Office of the Director of National Intelligence, Government Accounting Office, National Security Institute, National Association of Chiefs of Police
More than 4 years after September 11, the nation still lacks government-wide policies and protocols for helping agencies integrate the myriad of ongoing efforts to improve the sharing of terrorism-related information that is critical to protecting our homeland.
Responsibility for creating these policies and protocols shifted initially from the White House to the Office of Management and Budget, and then to the Department of Homeland Security, but none of the agencies have completed the task, according to a government report.
Subsequently, the Intelligence Reform Act called for creation of an Information Sharing Environment, including governing policies and processes for sharing, and a program manager to oversee its development. In December 2005, the President clarified the roles and responsibilities of the program manager, now under the Director of National Intelligence, as well as the new Information Sharing Council and the other agencies in support of creating an Information Sharing Environment by December 2006.
At the time, the Congressional Accounting Office conducted a review while the program manager was in the early stages of addressing this mandate. He issued an interim implementation report with specified tasks and milestones to Congress in January 2006, but soon after announced his resignation.
This latest attempt to establish an overall information-sharing road map under the Director of National Intelligence, if it is to succeed once a new manager is appointed, will require the Director's continued vigilance in monitoring progress toward meeting key milestones, identifying any barriers to achieving them, and recommending any necessary changes to the oversight committees.
The agencies that GAO reviewed are using 56 different sensitive but unclassified designations (16 of which belong to one agency) to protect information that they deem critical to their missions -- for example, sensitive law or drug enforcement information or controlled nuclear information. For most designations there are no government-wide policies or procedures that describe the basis on which an agency should assign a given designation and ensure that it will be used consistently from one agency to another.
Without such policies, each agency determines what designations and associated policies to apply to the sensitive information it develops or shares. More than half the agencies reported challenges in sharing such information.
Most of the agencies GAO reviewed have no policies for determining who and how many employees should have authority to make sensitive but unclassified designations, providing them training on how to make these designations, or performing periodic reviews to determine how well their practices are working. The lack of such recommended internal controls increases the risk that the designations will be misapplied. This could result in either unnecessarily restricting materials that could be shared or inadvertently releasing materials that should be restricted.
Sources: Office of the Director of National Intelligence, Government Accounting Office, National Security Institute, National Association of Chiefs of Police
Print
Email
