[Senate Hearing 107-912]
[From the U.S. Government Publishing Office]



                                                        S. Hrg. 107-912
 
                 SHOULD THE OFFICE OF HOMELAND SECURITY
                    HAVE MORE POWER? A CASE STUDY IN
                          INFORMATION SHARING

=======================================================================

                                HEARING

                               before the

        SUBCOMMITTEE ON ADMINISTRATIVE OVERSIGHT AND THE COURTS

                                 of the

                       COMMITTEE ON THE JUDICIARY
                          UNITED STATES SENATE

                      ONE HUNDRED SEVENTH CONGRESS

                             SECOND SESSION

                               __________

                             APRIL 17, 2002

                               __________

                          Serial No. J-107-73

                               __________

         Printed for the use of the Committee on the Judiciary



85-887              U.S. GOVERNMENT PRINTING OFFICE
                            WASHINGTON : 2003
____________________________________________________________________________
For Sale by the Superintendent of Documents, U.S. Government Printing Office
Internet: bookstore.gpr.gov  Phone: toll free (866) 512-1800; (202) 512ï¿½091800  
Fax: (202) 512ï¿½092250 Mail: Stop SSOP, Washington, DC 20402ï¿½090001


                       COMMITTEE ON THE JUDICIARY

                  PATRICK J. LEAHY, Vermont, Chairman
EDWARD M. KENNEDY, Massachusetts     ORRIN G. HATCH, Utah
JOSEPH R. BIDEN, Jr., Delaware       STROM THURMOND, South Carolina
HERBERT KOHL, Wisconsin              CHARLES E. GRASSLEY, Iowa
DIANNE FEINSTEIN, California         ARLEN SPECTER, Pennsylvania
RUSSELL D. FEINGOLD, Wisconsin       JON KYL, Arizona
CHARLES E. SCHUMER, New York         MIKE DeWINE, Ohio
RICHARD J. DURBIN, Illinois          JEFF SESSIONS, Alabama
MARIA CANTWELL, Washington           SAM BROWNBACK, Kansas
JOHN EDWARDS, North Carolina         MITCH McCONNELL, Kentucky
       Bruce A. Cohen, Majority Chief Counsel and Staff Director
                  Sharon Prost, Minority Chief Counsel
                Makan Delrahim, Minority Staff Director
                                 ------                                

        Subcommittee on Administrative Oversight and the Courts

                 CHARLES E. SCHUMER, New York, Chairman
PATRICK J. LEAHY, Vermont            JEFF SESSIONS, Alabama
EDWARD M. KENNEDY, Massachusetts     STROM THURMOND, South Carolina
RUSSELL D. FEINGOLD, Wisconsin       CHARLES E. GRASSLEY, Iowa
RICHARD J. DURBIN, Illinois          ARLEN SPECTER, Pennsylvania
                Benjamin Lawsky, Majority Chief Counsel
                    Ed Haden, Minority Chief Counsel


                            C O N T E N T S

                              ----------                              

                    STATEMENTS OF COMMITTEE MEMBERS

                                                                   Page

Schumer, Hon. Charles E., a U.S. Senator from the State of New 
  York...........................................................     1
Leahy, Hon. Patrick J., a U.S. Senator from the State of Vermont.    69
Sessions, Hon. Jeff, a U.S. Senator from the State of Alabama....     5

                               WITNESSES

Anderson, Philip, Senior Fellow and Director, Homeland Security 
  Initiative, Center for Strategic and International Studies.....    46
Hastings, Scott O., Associate Commissioner for the Office of 
  Information Resources Management, U.S. Immigration and 
  Naturalization Service, Washington, D.C........................    17
Hitch, Vance, Chief Information Officer, Justice Management 
  Division, Department of Justice, Washington, D.C...............     7
Jordan, Robert J., head of the Information Sharing Task Force, 
  Federal Bureau of Investigation, Washington, D.C...............    12
Light, Paul C., Brookings Institution, Washington, D.C...........    53
Panetta, Hon. Leon E., Director, Panetta Institute, Monterey Bay, 
  CA.............................................................    35
Terwilliger, George J., III, Partner, White & Case, Washington, 
  D.C............................................................    42

                       SUBMISSION FOR THE RECORD

Department of Justice, Joseph Karpinski, Director, Congressional 
  Relations and Public Affairs, letter...........................    70


                     SHOULD THE OFFICE OF HOMELAND

                      SECURITY HAVE MORE POWER? A

                   CASE STUDY IN INFORMATION SHARING

                              ----------                              


                       WEDNESDAY, APRIL 17, 2002

                      United States Senate,
          Subcommittee on Administrative Oversight 
                                    and the Courts,
                                Committee on the Judiciary,
                                                    Washington, DC.
    The Subcommittee met, pursuant to notice, at 9:36 a.m., in 
Room SD-216, Dirksen Senate Office Building, Hon. Charles 
Schumer, Chairman of the subcommittee, presiding.
    Present: Senators Schumer, Sessions, and Specter.

             STATEMENT OF HON. CHARLES E. SCHUMER, 
           A U.S. SENATOR FROM THE STATE OF NEW YORK

    Chairman Schumer. Good morning, everybody. The hearing will 
come to order.
    We have consulted with Senator Sessions' staff, and because 
of our timing issues and particularly a few of our witnesses 
have to catch planes, we are going to start now. We will 
probably have a quick vote at 10 o'clock, and so we are going 
to try to move things along as quickly as possible.
    I want to thank all of our witnesses for coming to what I 
think is a very interesting and important hearing. I hope you 
will agree--all of you in the audience--after you hear what we 
have to say.
    And here is Senator Sessions now. Jeff, I am just going to 
begin my opening statement, because we have some time 
constraints.
    Since the events of September 11th, every local, State and 
Federal Government agency has been scrambling to repair the 
holes in our homeland defense that were revealed on that 
fateful day.
    Our homeland defense situation is comparable to the story 
of the little Dutch boy who single-handedly tried to keep the 
floods from breaking through the dike and destroying Amsterdam. 
He was successful, but we have many more holes than that one 
little hole in the dike. All of them have to be plugged up 
rather quickly.
    Try as we might, every time we plug one hole, another pops 
up. Whether it is the discovery of a terrorist with a shoe bomb 
who made it onto a plane, or sending student visas to known 
terrorists, we keep discovering hole after hole, and that 
translates into threat after threat and risk after risk.
    That is something we clearly cannot afford in the post-9/11 
world. Our world changes, and we have to adapt to it.
    There are over 40 Federal agencies charged with law 
enforcement and intelligence gathering. Our safety relies in 
good part upon each and every one of them. When the left hand 
does not know what the right hand is doing, you have a problem. 
When you have 20 left hands and 20 right hands and none of them 
know what the other is doing, you have a potential disaster in 
the making.
    That is what we are facing right now.
    The backbone of homeland defense is good information 
sharing and coordination between Federal law enforcement and 
intelligence agencies. It is clear that we need some kind of 
body to coordinate government-wide policy on information 
sharing. We need an entity that can answer questions like: 
Where are we most vulnerable? Who can supply the right 
information about those vulnerabilities? Who needs to know 
about our weaknesses? And who is going to tell them?
    These sound like simple, basic questions, but in a 
bureaucracy like ours, unless someone is keeping an eye on 
things, the answers get lost pretty quickly.
    The Administration, in my judgment, was headed in the right 
direction when Tom Ridge was sworn in as the first Director of 
the Office of Homeland Security. Director Ridge was charged 
with developing and coordinating a comprehensive national 
strategy to strengthen protections against terrorist threats or 
attacks in the United States.
    Though the idea is a good one, I am afraid that the 
consequences, intended or not, have resulted in OHS becoming a 
little bit akin to something like a toothless tiger.
    Everybody has tremendous respect for Tom Ridge. I certainly 
do. We served in the House together, and he is an exemplary man 
and I am glad he is in that position.
    But at this point in time, he does not have the tools or 
the power to get what needs to be done, and this hearing will 
just show one little aspect of that.
    If OHS is meant to be more of a policymaking agency, then 
it needs to acquire the appropriate authority and be subject to 
congressional oversight.
    We are not taking any sides on whether Mr. Ridge ought to 
testify here or not; that is not the issue. The issue is what 
the scope of his office ought to be as it relates to 
information sharing and other issues.
    But OHS in this case needs to be able to prod or even 
direct the different Federal agencies into changing their 
management decisions and removing the blinders that stop 
agencies from thinking outside their own parameters. Each 
agency and bureau needs to think beyond its own functions, 
beyond its own databases, and work to connect to other 
departments.
    It is very hard to do this on your own. I am not blaming 
any of the agencies here for not doing it on their own. I am 
not blaming anyone in the Administration or in the House or 
Senate that we did not do this before. This is a brave new 
world and nobody had the foresight to know what we had to do. 
But now we do know what we have to do. And that is why we have 
to improve things and act.
    Various proposals have been laid out on how this entity, a 
new entity, an agency that is responsible for making sure there 
is coordination of information, be structured. And I look 
forward to hearing from our witnesses today on what they think.
    But whatever form it takes, I strongly believe that we need 
to empower one agency, one entity, to coordinate information 
sharing between and among the different Federal law enforcement 
and intelligence agencies for the purposes of homeland defense. 
Having an agency that coordinates information from different 
agencies is the first problem. Then having technology to help 
them do it is the second.
    I have been told the technology exists to vastly improve 
our agencies' databases so appropriate agency officials can 
access information in real time, both within their own agencies 
and, just as importantly, with other State, Federal, and local 
agencies.
    Before the recess, I introduced the idea of a supercomputer 
to coordinate Federal law enforcement intelligence gathering 
activities. While we would have to address the obvious privacy 
concerns in developing such an idea as this one, that is hardly 
beyond the pale. You can deal with privacy issues because you 
cannot just be Luddite and say do not make coordination better, 
do not have the best computers. You rather would have them, and 
then make sure that privacy concerns are protected as you use 
them.
    Now, we might need three or four of these computers, each 
one for a separate security purpose. In a recent interview, 
Larry Ellison of Oracle blamed a lot of our security problems 
on fragmented data. He said, ``We knew that Mohammed Atta was 
wanted. We just did not check the right database when he came 
into the country.'' And that sums up the problem as good as 
anybody can.
    For the most part, we have the right information. We know 
who to go after. We just keep stumbling into our own 
bureaucracy.
    About 6 weeks ago, I requested a complete list of the 
unclassified information databases used for law enforcement and 
intelligence purposes from 10 different law enforcement and 
intelligence agencies. I did not request what is in the 
databases, just what the databases are. I made follow-up call 
after follow-up call. I received the final lists only 
yesterday--6 weeks just to get a list of what the databases 
are, so we would know how to coordinate them.
    What does that say about our organizational capabilities? I 
have been told that our intelligence community is light years 
ahead of our law enforcement community in terms of the 
organization of information sharing and its technology. Well, 
everyone has to be brought up to speed and maybe the 
intelligence agencies can share some of their wisdom and what 
they have done with our law enforcement agencies.
    Intelligence gathering does not help if we do not have the 
law enforcement capability to deal with that information.
    Finally, we have to look at the culture in our Federal 
agencies and put a stop to the rivalries that get in the way of 
protecting our country. It is a well-known fact that cultural 
differences between the different law enforcement and 
intelligence agencies hinder proper information sharing. The 
CIA does not want to share with the FBI. The FBI does not want 
to share with the INS.
    My message to all of these groups is: Get with it. We are 
in a new and different world, and those rivalries cause us to 
pay a real price or could cause us to pay a real price. This is 
not about a turf war between Federal agencies. It is about 
preventing terrorists from murdering innocent civilians. If you 
cannot see that, then you need to take a good, hard look and 
figure it out.
    I very much look forward to hearing from our witnesses 
today from both inside and outside the government. And working 
together--this is not a partisan issue in any sense--we can 
repair our defenses and make our Nation a safer one.
    Thank you.
    [The prepared statement of Senator Schumer follows:]

                 Statement of Hon. Charles E. Schumer, 
               a U.S. Senator from the State of New York

    With over forty Federal agencies conducting homeland security-
related law enforcement or intelligence gathering activities, and no 
one entity actually in charge of coordinating and directing all of 
them, the Courts Subcommittee today held a hearing to explore whether 
the Office of Homeland Security has the authority it needs. Schumer 
pointed to frequent terrorist threats that can and are slipping through 
the cracks and examined why major mistakes like granting student visas 
to terrorists occur and whether the Federal Government is doing enough 
to develop a supercomputer to coordinate homeland security activities.
    The following is Schumer's statement from the hearing:
    Since the events of September 11th, every local, State, and Federal 
Government agency has been scrambling to repair the holes in our 
homeland defense that were revealed on that fateful day.
    Our homeland defense situation is comparable to that story of the 
little Dutch boy who singlehandedly tried to keep the floods from 
breaking through the dike and destroying Amsterdam. Though I think he 
was successful, we're having a much harder time defending our own.
    Try as we might, every time we plug one hole, another one pops up. 
Whether it's the discovery of a terrorist with a shoe bomb who made it 
onto a plane or sending student visas to known terrorists, we keep 
discovering hole after hole, and that translates into threat after 
threat, risk after risk. That's something we clearly can't afford.
    There are over forty Federal agencies charged with law enforcement 
and intelligence gathering. Our safety relies, in some part, upon each 
and every one of them. When the left hand doesn't know what the right 
hand is doing, you've got a problem. When you have 20 left hands and 20 
right hands and none of them knows what the other is, you've got a 
disaster in the making. And that's exactly what we're facing right now.
    The backbone of homeland defense is good information sharing and 
coordination between Federal law enforcement and intelligence agencies. 
It's clear that we need some kind of body to coordinate governmentwide 
policy on information sharing. We need an entity that can answer 
questions like: Where are we most vulnerable? Who can supply the right 
information about those vulnerabilities? Who needs to know about our 
weaknesses? And who is going to tell them? These may sounds like 
simple, basic questions, but in a bureaucracy like ours, unless someone 
is keeping an eye on things, the answers get lost pretty quickly.
    The Administration was headed in the right direction when Tom Ridge 
was sworn in as the first director of the Office of Homeland Security. 
Director Ridge was charged with developing and coordinating a 
comprehensive national strategy to strengthen protections against 
terrorist threats or attacks in the United States.
    Everyone has tremendous respect for Tom Ridge, but he needs the 
power to carry out his mandate: protecting the American people. If OHS 
is meant to be more of a policymaking agency, then it needs to acquire 
the appropriate authority and be subject to Congressional oversight. 
OHS needs to be able to prod the different Federal agencies into 
changing their management decisions and remove the blinders that stop 
agencies from thinking outside their own parameters.
    Each agency and bureau needs to think beyond its own functions, 
beyond its own databases, and work to connect to other departments. 
It's very hard to do this on your own. That's why we need an agency 
who's responsible for making sure it happens.
    Various proposals have been laid out for how this entity should be 
structured and I look forward to hearing from our witnesses today on 
what they think.
    But whatever form it takes, I strongly believe that we need to 
empower one agency, one entity, to coordinate information-sharing 
between and among the different Federal law enforcement and 
intelligence agencies for the purposes of homeland defense.
    Having an agency that coordinates information from different 
agencies is the first problem. Having the technology to help them do so 
is the second.
    I've been told that the technology exists to vastly improve our 
agencies' databases so that the appropriate officials can access 
information in real time both within their own agencies and with other 
Federal, State, and local agencies. Before the recess, I introduced the 
idea of a supercomputer to coordinate Federal law enforcement 
intelligence-gathering activities. While we would have to address the 
obvious privacy concerns in developing an idea such as this one, it's 
not beyond the pale. We might need three or four of these computers, 
each one for a separate security purpose.
    In a recent interview, Larry Ellison of Oracle blamed a lot of our 
security problems on fragmented data. ``We knew that Mohammed Atta was 
wanted,'' he said. ``We just didn't check the right database when he 
came into the country.''
    For the most part, we have the right information. We know who to go 
after. We just keep stumbling into our own bureaucracy. About 6 weeks 
ago, I requested a complete list of the unclassified information 
databases used for law enforcement and intelligence purposes from 10 
different Federal law enforcement and intelligence agencies.
    After making follow-up call after follow-up call, I received the 
final lists only yesterday. What does this say about our organizational 
capabilities?
    I've been told that our intelligence community is light years ahead 
of our law enforcement community in terms of the organization of 
information-sharing and its technology. Everyone has to be brought up 
to speed. Intelligence gathering doesn't help if we don't have the law 
enforcement capabilities to deal with the information.
    Finally, we have to look at the culture in our Federal agencies and 
put a stop to the stupid rivalries that get in the way of protecting 
our country.
    It's a well known fact that cultural differences between the 
different law enforcement and intelligence agencies hinder proper 
information sharing. The CIA doesn't want to share with the FBI, the 
FBI doesn't want to share with INS. My message to all of them is this: 
grow up. This isn't about turf wars between Federal agencies. It's 
about preventing terrorists from murdering innocent civilians. If you 
can't see that, then you need to take a good, hard look and figure it 
out.
    I look forward to hearing from our witnesses today, from both 
inside and outside the Government. Together, we can repair our defenses 
and make our Nation a safer one.

    Chairman Schumer. Now let me call on my colleague and 
friend, Senator Sessions.

               STATEMENT OF HON. JEFF SESSIONS, 
            A U.S. SENATOR FROM THE STATE OF ALABAMA

    Senator Sessions. Thank you, Senator Schumer, and thank you 
for your courtesy in working with us on putting this hearing 
together. We do not always work as well as we should in the 
Senate sometimes, but you have always been extremely courteous 
and open about what the purposes of a hearing would be and what 
you hoped to accomplish.
    I believe it is an important issue. How we go about making 
sure that we have the right kind of unified information-sharing 
system is a critically important issue.
    I have believed for some time that we have a number of 
problems there. DEA can do certain things. They do not input 
their intelligence information, but if there is a warrant or an 
arrest warrant for someone, they will flag it so that if that 
person is ever arrested, at least they would call the Drug 
Enforcement Administration, then they would know that this 
person has been arrested, and they would not have to share 
their most sensitive intelligence information on the NCIC or 
some other system.
    I believe we have to utilize the NCIC more. We have some 
600,000-plus State and local law enforcement officers, and, for 
example, 12,000 FBI agents. So not to enlist them in this 
effort is a colossal error. They have got to be. They are out 
there every day making arrests, making stops for people. And it 
is just a tragedy if they make an arrest of a seriously wanted 
individual, to not know it and release them.
    We have systems today that a person who has been stopped, 
you can put their thumb or finger on a machine, and it would 
tell their criminal history from the police officer's car. It 
is amazing.
    So we have some capabilities here that we need to make sure 
that we are utilizing fully. I look forward to asking some 
questions about how our computer data systems are working, how 
they actually work today, because I am not sure I fully 
understand it. But there are gaps, and it is a good thing to 
talk about.
    With regard to the homeland security organization, that is 
a matter of great complexity and importance. How we go about 
that, I do not know. I am not convinced we need to create a 
large, permanent Cabinet-level or even semi-Cabinet-level 
agency at this point. But we are going to have to decide how to 
do that, how we can improve our homeland security, so it will 
be good to talk about those issues, too.
    Mr. Chairman, thank you.
    Chairman Schumer. Thank you, Senator Sessions.
    I want to just repay the compliment. We are from different 
parts of the country. We are different ideologically. But we 
work together well, and it is a tribute to Jeff. He is 
straightforward and fair, and I very much appreciate that all 
the time.
    Now let's call on our witnesses and try to get right to the 
point here. I am going to ask each of the witnesses to really--
their entire statements will be read into the record--but each 
witness to try and limit the testimony to 5 minutes and get to 
the point, so we can ask questions, because I think we are 
going to have a vote at 10 o'clock. As I say, we have some 
plane schedules from some of our future witnesses to catch. We 
could not put them on first, because the protocol is always 
that you guys go first. So I just ask your cooperation.
    So let me introduce all three witnesses, and then we will 
have each of them testify.
    Mr. Vance Hitch is the CIO, the Chief Information Officer, 
for the Department of Justice. He was appointed by Attorney 
General Ashcroft in March. He is leading the development of an 
IT, information technology, strategic plan that provides 
direction for the Department of Justice's future IT 
investments. Before coming to DoJ, Mr. Hitch was a senior 
partner with Accenture, where he developed the IT strategic 
plan for the State of Maryland, comprehensive reengineering and 
automation of the city of Philadelphia's records. He has worked 
with other agencies, such as the Department of State, the NSA, 
the CIA, and the DoD, to name a few initials, and multiple 
State and local governments.
    Mr. Robert Jordan, our second witness, heads the 
information sharing task force for the FBI. He is the section 
chief in the Government and Civil Rights section. He is a 22-
year-old veteran of the FBI and was most recently in Newark, 
New Jersey, where he supervised the white-collar crime and 
corruption program for that entire State. Before that, he was a 
supervisory special agent in San Diego, where he initiated a 
large-scale judicial corruption case.
    Our third witness is Mr. Scott Hastings. He is the 
associate commissioner of the Office of Information Resource 
Management and the deputy chief information officer of the INS. 
As the associate commissioner, Mr. Hastings is responsible for 
the service's information technology programs, including all 
established ADP functions, telecommunications, and electronic 
enforcement technology programs.
    He has considerable experience with outsourcing of 
government operations. In his current position, he is examining 
the role of Federal information technology organizations and 
their future configurations and structure.
    Prior to this position, he was the assistant commissioner 
for the Office of Record Services at the INS, during which time 
he created a national records facility and centralized 
operation for holdings in excess of 25 million active files.
    So you can see all three gentlemen are very accomplished in 
this field and in the government. We are lucky to have all 
three of you. Each of your statements will be read into the 
record. I am going to try to stick to the 5 minutes.
    Mr. Hitch, you may proceed.

STATEMENT OF VANCE HITCH, CHIEF INFORMATION OFFICER, DEPARTMENT 
                   OF JUSTICE, WASHINGTON, DC

    Mr. Hitch. Thank you.
    Mr. Chairman and Members of the Subcommittee, I am pleased 
to appear before you today to discuss information sharing, as 
you requested. I will take just a few minutes to briefly 
summarize my prepared statement.
    Last month, the Attorney General appointed me as the chief 
information officer of the Department of Justice. In announcing 
my appointment, the Attorney General stated: A critical element 
in our battle against the terrorist threat is the effective use 
of information technology to share information across law 
enforcement.
    To pursue this mission, my mandate, I believe, is very 
clear: Upgrade the department's information technology program 
to better enable core mission accomplishment and use 
information technology as a tool for collaboration among the 
Justice components and between Justice and other Federal 
agencies, as well as Federal, State and local law enforcement.
    Improving and expanding the department's use of information 
technology is a key component of the Attorney General's wartime 
reorganization of the department, which he announced last 
November 8. Just last week, the Attorney General ordered the 
Justice components to take further actions to institutionalize 
the department's ongoing efforts to coordinate information 
relating to terrorism.
    Specifically, he asked for four things. First, expand the 
information about known or suspected terrorists in existing law 
enforcement databases, such as the FBI's National Crime 
Information Center, or NCIC, the Department of State's TIPOFF 
system, and the Customs Service's Interagency Border Inspection 
System or IBIS. Number two, establish procedures to obtain on a 
regular basis identifying information on terrorists known to 
other countries. Three, establish a secure system for sharing 
information with State and local agencies. And four, 
standardize procedures for sharing sensitive information and 
implementing the information sharing provisions of the U.S. 
Patriot Act.
    But even prior to 9/11, the department was involved in 
several efforts to improve information sharing. For example, 
the El Paso Intelligence Center, or EPIC, is an interagency 
center that provides tactical drug intelligence to Federal, 
State and local users. A telephone call, fax or teletype 
provides the requester real-time information access to EPIC 
from many Federal databases and EPIC's own internal system. The 
IDENT/IAFIS project is integrating the INS's IDENT system with 
the FBI's IAFIS fingerprint database. The integration project 
will increase the apprehension and effective prosecution of 
criminal aliens. Finally, the JABS, or the Joint Automated 
Booking System, is streamlining the identification and booking 
of persons in Federal custody. JABS enables the department's 
law enforcement components to share arrest information 
electronically and update the FBI's crime master file in a 
real-time mode.
    In direct response to the deadly attacks on the World Trade 
Center and the Pentagon, the President directed the department 
also to create a foreign terrorist tracking task force, or 
FTTTF, a multi-agency group that leverages expertise, 
information, and technology to identify, locate, remove or deny 
entry to foreign terrorists and their supporters.
    Among the participating agencies are the CIA, the INS, FBI, 
State, Customs, Social Security and many members of the 
intelligence community.
    The President also directed that the Attorney General and 
the Director of Central Intelligence ensure to the maximum 
extent permitted by law that the task force has access to all 
available information necessary to perform its mission. The 
task force is gathering and analyzing data contributed by 
participating agencies, using advanced techniques to mine the 
data, establish patterns, and calculate risk parameters. The 
results of these analyses are provided to the relevant agencies 
for appropriate enforcement action.
    Although the task force is still in the early stages of its 
work, it offers an especially promising model for information 
sharing and collaboration associated with terrorism.
    Despite these efforts, it is clear that more needs to be 
done. We must fundamentally rethink how information systems are 
designed, developed, and managed, so that information 
technology fosters rather than hinders collaboration.
    This really means creating a Department of Justice 
information architecture, as well as infrastructure and the 
management approach that promotes both information sharing, as 
well as information security at the same time.
    I am confident that the organizational and cultural 
roadblocks to information sharing are being remedied. We know 
that to succeed we must work together. Our long-term goal and 
one that technology can help make a reality is that the 
Department of Justice and members of the law enforcement 
community, whether State, Federal or local, be able to 
communicate and collaborate with one another fully, easily, and 
securely.
    One of the Attorney General's top 10 management goals, 
which he announced in his initial reorganization letter, and 
one of his initial assignments to me, is the development of a 
comprehensive information technology plan for the department. 
We are working on this plan as we speak and expect to have it 
completed within the next several months.
    Among the major goals of this plan are removing any 
technical barriers to information sharing, building a 
department-wide security infrastructure, and developing an 
enterprise architecture that ensures secure access to data by 
all authorized users, and promotes sharing and collaboration 
across organizational lines.
    I can assure this Subcommittee that the Department of 
Justice is committed to moving away from the stovepipe systems 
and overcoming unnecessary obstacles to information sharing, 
and working closely with the Office of Homeland Security, the 
Federal agencies and others, to fully and securely share 
sensitive law enforcement information.
    Again, thank you for the opportunity to discuss this matter 
of critical importance to the Justice Department and to all law 
enforcement. I would be pleased to respond to your questions.
    [The prepared statement of Mr. Hitch follows:]

 Statement Vance Hitch, Chief Information Officer, Justice Management 
             Division, United States Department of Justice

    Mr. Chairman and Members of the Committee, I am pleased to appear 
before you today to discuss information sharing. I am both honored and 
grateful for this opportunity.
    Last month, the Attorney General appointed me Chief Information 
Officer (CIO) for the Department of Justice. In announcing my 
appointment, the Attorney General stated: ``A critical element in our 
battle against the terrorist threat is the effective use of information 
technology to share information across law enforcement.'' To pursue 
this mission, my mandate is clear: upgrade the Department's information 
technology program to better enable core mission accomplishment, and 
use information technology as a tool for collaboration among Justice 
components, between Justice and other Federal agencies, and among 
Federal, State, and local law enforcement.
    In the aftermath of the September 11 terrorist attacks, it is clear 
that information sharing is critical to our Nation's safety. The 
Attorney General recognizes clearly that access to accurate and timely 
information is crucial to supporting the Department's critical law 
enforcement responsibilities, and especially in protecting against acts 
and threats of terrorism. Improving and expanding the Department's use 
of information technology are key components of the Attorney General's 
wartime reorganization of the Department, announced on November 8, 
2001.
    Just last week, the Attorney General directed key Justice 
components to take further actions to institutionalize the Department's 
ongoing efforts to coordinate information relating to terrorism. 
Specifically, he ordered the investigating components to establish 
procedures to provide, on a regular basis and in electronic format, the 
names, photographs and other identifying data of all known or suspected 
terrorists for inclusion in the State Department's TIPOFF system, the 
FBI's National Crime Information Center (NCIC), and the Customs 
Service's Interagency Border Inspection System (IBIS). He also ordered 
the Assistant Attorney General for Legal Policy to work with the 
components to draft for his consideration procedures, guidelines, and 
regulations to implement the information sharing provisions of the USA 
PATRIOT Act.
    Historically, information systems have been developed and 
implemented to meet the particular business needs of a specific 
component organization. The result, as you know all too well, is a 
number of legacy stovepipe systems that impede cross component 
information sharing. However, even before 9/11, the Department was 
involved in several efforts to improve sharing or to consolidate 
systems. For example:
     El Paso Intelligence Center (EPIC). The Department of 
Justice established the El Paso Intelligence Center (EPIC) in 1974, 
staffed by representatives of the INS, the Customs Service, and the 
DEA, to provide a common information resource on drug movement and 
immigration violations. Today, EPIC has grown to include 15 Federal 
agencies, the Texas Department of Public Safety, and the Texas Air 
National Guard. In addition, EPIC maintains information sharing 
agreements with other Federal law enforcement agencies, the Royal 
Canadian Mounted Police and each of the 50 States and serves law 
enforcement agencies throughout the western hemisphere. A telephone 
call, fax, or teletype from any of these agencies provides the 
requestor real-time information accessed through EPIC from many 
different Federal data bases, plus EPIC's own internal database.
     IDENT/IAFIS. The IDENT/IAFIS project was established to 
integrate the INS IDENT system with the FBI's IAFIS. The integration 
project will directly enhance the Department's ability to meet its 
mission through increased apprehension and effective prosecution of 
criminal aliens. It is a major cross-cutting initiative and will 
provide improved INS identification services to determine whether a 
person they apprehend is the subject of a posted Want or Warrant or has 
a record in the FBI's Criminal Master File. Similarly, it will provide 
law enforcement agencies with all relevant immigration information as 
part of a criminal history response from a single FBI.
     Joint Automated Booking System (JABS). JABS is another 
major cross-cutting initiative involving the Bureau of Prisons, the 
U.S. Marshals Service, the INS, the FBI, and the DEA. JABS streamlines 
the identification and processing of Federal offenders by providing the 
means to electronically collect, store, and transmit photographic, 
fingerprint, and biographical data.
    More recently, and in direct response to the deadly attacks on the 
World Trade Center and the Pentagon, the President directed the 
Department to create a Foreign Terrorist Tracking Task Force (FTTTF). 
This is a multi-agency Task Force that combines agency expertise, 
information and advanced technologies to identify, locate, and remove 
or deny entry to foreign terrorists and their supporters. There are 
several Federal agencies that are already participating (e.g., the FBI, 
the INS, the State Department, the Customs Service, the Social Security 
Administration, and elements of the Intelligence Community). These 
agencies are joint participants with a common mission of neutralizing 
the threat of terrorist aliens.
    The President also directed that the Attorney General and the 
Director of Central Intelligence ``ensure, to the maximum extent 
permitted by law, that the Task Force has access to all available 
information necessary to perform its mission.'' The Task Force is both 
gathering and analyzing data contributed by participating agencies, 
using advanced methods to mine the data, establish patterns, and 
calculate risk parameters. Results of these analyses are provided to 
the relevant agencies for appropriate enforcement action. Although the 
Task Force is still in the early stages of its work, it offers an 
especially promising model for information sharing and collaboration.
    Despite these efforts, it is clear that more needs to be done. To 
meet the new threats and challenges we face today, we must 
fundamentally rethink how information systems are designed, developed 
and managed so that IT fosters, rather than hinders, collaboration. 
This means creating a DoJ information architecture, infrastructure, and 
management approach that promote both information sharing and 
information security.
    It is important that we move forward on both the sharing and 
security fronts simultaneously. Sharing information depends in no small 
measure on our ability to assure that the information will be protected 
from unauthorized disclosure. A primary obstacle to sharing has been, 
and remains, concerns about the security of the information once it is 
outside the control of the agency that ``owns'' it.
    The Department has a long ways to go, but I am confident we are 
headed in the right direction. I am convinced that organizational and 
cultural roadblocks to information sharing are being remedied. In part, 
this is because of executive branch and Congressional leadership; in 
part, it is because of the sheer magnitude and complexity of the 
threat. We know that to succeed we must work together. Our long-term 
goal--and one that technology can help make a reality--is that the 
Department of Justice and all members of the law enforcement community, 
whether Federal, State, or local, be able to communicate and 
collaborate with one another fully, easily, and securely.
    One of the Attorney General's top ten management goals, and one of 
his initial assignments to me, is the development of a comprehensive 
Information Technology Plan for the Department. We are working on this 
Plan and expect to complete it within the next month. However, let me 
briefly outline the Plan's major themes and directions:

Information Sharing

    There are three key technical barriers to information sharing 
within the Department of Justice: (1) insufficiently modernized office 
automation systems; (2) inadequate networking; and (3) applications and 
data stores that cannot be accessed by other components or agencies. 
Overcoming these barriers is a long-term effort, but progress has and 
is being made. For example, the components are in various stages of 
updating their office automation and networking infrastructures and, as 
mentioned earlier, there have been some, albeit limited, efforts to 
share information and integrate systems.
    Critical areas in support of information sharing to be addressed in 
the plan include:
     Upgrading our telecommunications infrastructure to improve 
cross component access to intranet sites and other data stores, meet 
projected demands for bandwidth, and ensure wireless and remote access 
to the DoJ network;
     Accelerating the completion of component office automation 
upgrades; and
     Modernizing access methods, such as through Web-like 
interfaces, collaboration platforms, and systems consolidation.
    I want to elaborate on the last point. Of great concern to this 
Committee is whether agencies are sharing information related to 
foreign nationals who want to enter this country, or are already here, 
and who may be threats to national security. One of the difficulties is 
that the INS has an array of heterogeneous systems that does not 
provide a full and complete picture of a foreign national's travel to 
and from the United States or critical events during his or her period 
of stay. For this reason, the Department is exploring with the Office 
of Homeland Security and affected agencies the creation of a 
consolidated database that would be organized by person rather than 
immigration event and would be accessible to all parties, including the 
State Department and the Customs Service.

Information Security

    Information systems must be protected from inadvertent or 
deliberate disclosure of sensitive information to unauthorized users, 
from attacks on the infrastructure that deny services, and from 
attempts to alter or otherwise falsify information. Securing our 
information systems has rightfully become the focus of increasing 
scrutiny by the Congress and others.
    We need to improve information security by building a long-term 
departmentwide security infrastructure that will ensure that 
information systems are secure from day one, rather than requiring 
continuous patches and fixes. In the meantime, we will take two 
immediate steps:
     First, we need to make sure that existing systems are as 
well protected as they should be by identifying vulnerabilities and 
taking corrective action. The Department is carefully monitoring and 
tracking component progress in this regard.
     Second, we need to build infrastructure-based 
capabilities, such as public key infrastructure, available for use 
throughout DoJ and scalable to the broader law enforcement and judicial 
communities.

IT Planning and Management

    We also intend to strengthen the way we plan for and manage our IT 
investments. Here again, progress has been made but more work is 
needed. Among my priorities will be developing an enterprise 
architecture that is linked to investment management and provides a 
foundation for ensuring that IT systems meet mission requirements, 
identifies redundancies and opportunities for consolidation, and 
ensures cross component sharing of common assets, services, and 
solutions. It will be an architecture that ensures secure access to 
data by all authorized users and promotes sharing and collaboration 
across organizational lines. Relatedly, I will be emphasizing the 
development of Departmentwide standards and policies, as well as 
stronger oversight of priority initiatives.
    This is an ambitious agenda, one that will take time, resources, 
and cooperation to implement fully. But I can assure this Committee 
that the Department of Justice is committed to moving away from 
stovepipe information systems, overcoming unnecessary obstacles to 
information sharing, and working closely with the Office of Homeland 
Security, Federal agencies, and others to fully and securely share 
sensitive law enforcement. We simply cannot afford to do otherwise.
    Again, thank you for the opportunity to discuss this matter of 
critical importance to the Justice Department, and to all law 
enforcement. I would be pleased to respond to your questions at this 
time.

    Chairman Schumer. Thank you, Mr. Hitch.
    Mr. Jordan.

STATEMENT OF ROBERT J. JORDAN, CRIMINAL INVESTIGATIVE DIVISION, 
        FEDERAL BUREAU OF INVESTIGATION, WASHINGTON, DC

    Mr. Jordan. Thank you. Good morning, Mr. Chairman and 
Senator Sessions.
    My name is Bob Jordan and I serve as the head of the FBI's 
information sharing task force. With me today is Gene O'Leary, 
acting Assistant Director of the FBI's Information Resources 
Division, and Ken Ritchhart, Chief of the Data/Information 
Management Section of IRD.
    We welcome this opportunity to meet with you today about 
the status of the FBI's information sharing initiatives within 
the bureau and with other government agencies for homeland 
defense purposes.
    The FBI is an organization in change. Not only are we 
structurally different, but in very fundamental ways, Director 
Mueller has revamped our approaches to counterterrorism and 
prevention.
    Since 9/11, we have seen massive shifts in our resource 
deployments. Our missions and priorities are being redefined to 
better reflect the post-9/11 realities. As an agency, we are 
committed to devoting whatever resources are necessary to meet 
our prevention mission and continue to sustain a dramatically 
enhanced worldwide counterterrorism effort.
    A substantial component of this approach is information 
sharing, not only at the Federal level, but also within the 
entire law enforcement and intelligence communities.
    Over the last several years, much has improved, but this 
seemingly simple issue is actually a complex myriad of 
technology, legal, policy, and cultural issues. Since the 
tragic events of 9/11, this single issue which is critical to 
public safety is receiving the sustained high-level attention 
necessary to ensure that everything that can be done on every 
facet of the issue is being done.
    In that regard, I am happy to say that the spirit of 
collaboration and willingness to exchange data has never been 
stronger or more pronounced than it is today. Many of the legal 
and policy impediments that kept us from more fully exchanging 
information in the past have been or are now being changed.
    The Patriot Act has greatly improved our ability to 
exchange data with the intelligence community and across law 
enforcement. In addition, the Attorney General's recent 
directive to increase the coordination and sharing of 
information between the Department of Justice, the FBI, INS, 
the Marshals Service and the Foreign Terrorist Tracking Task 
Force on terrorist matters, and to establish secure means of 
working with State and local officials, are major milestones in 
improving our information-sharing and collaboration efforts.
    Equally important, the difficult technology challenges we 
all face are on top of everybody's priority list. This is 
especially so at the FBI. Under Director Mueller's leadership, 
the FBI on every front is hard at work, carrying out the 
Attorney General's information-sharing directive.
    Within the FBI, Director Mueller has personally taken on 
the challenge of improving information sharing and has directed 
FBI executive management to develop every means necessary to 
share as much information as possible with other agencies, as 
well as State and local law enforcement. Years of experience 
have demonstrated that joint terrorism task forces, our JTTFs, 
have proven to be one of the most effective methods of unifying 
Federal, State and local law enforcement efforts to prevent and 
investigate terrorist activity by ensuring that all levels of 
law enforcement are fully benefiting from the information 
possessed by each.
    There are currently 47 JTTFs. We are working expeditiously 
to establish JTTFs in each of the FBI's 56 field offices. In 
1996, there were only 11 of these task forces. The creation of 
21 new JTTFs this year is resulting in an expanded level of 
interaction and cooperation between the FBI and their Federal, 
State and local counterparts, as well as an enhanced flow of 
information between the participating law enforcement agencies.
    Among the full-time Federal participants on JTTFs are the 
INS, the Marshals Service, Secret Service, the FAA, the Customs 
Service, ATF, the State Department, Postal Inspection Service, 
IRS, and the U.S. Park Police. State and local agencies are 
heavily represented.
    The FBI has a long tradition of exchanging unclassified 
information with Federal, State and local law enforcement 
agencies on wants and warrants, fingerprint identification, 
forensic information, and watch lists. The last few years has 
seen dramatic increases in the exchanges of specific case-
related information due in large part to the proliferation of 
task forces. Now we are improving our sharing of classified 
information, again through such mechanisms as the JTTFs.
    Following the terrorist attacks of September 11, FBI 
headquarters compiled what became known as the Project Lookout 
Watch List. The project was successful in identifying a number 
of individuals potentially connected to the PENTTBOM 
investigation. Due to the success of this effort and in 
recognition of the need to maintain a centralized repository of 
names in the investigative interests related to terrorism 
investigations, Director Mueller instructed the establishment 
of a permanent terrorism watch list, TWL, to serve as the FBI's 
single integrated listing of individuals of investigative 
interest that will be accessible throughout the law enforcement 
intelligence communities.
    We anticipate the full implementation of the TWL within the 
next 60 to 90 days, replacing the stopgap system now resident 
in NCIC. The TWL will consist of a compendium of names based on 
information identified through FBI and JTTF investigations, 
U.S. intelligence community reporting, and Department of 
Defense intelligence gathering, as well as information provided 
by cooperating foreign governments.
    Director Mueller has undertaken several other initiatives 
that either directly or indirectly enhance the FBI's 
information sharing capacity. All of these efforts are designed 
around the recognition that post-9/11, the FBI has adopted both 
a new focus and priorities that recognize the substantial 
investment being made in prevention.
    A few examples include:
    Director Mueller has recently named Louis Quijas, currently 
the Chief of Police of High Point, North Carolina, to be the 
FBI Assistant Director for Law Enforcement Coordination.
    An Office of Intelligence is now part of the FBI's 
organizational structure.
    The FBI has undertaken a major recruiting and hiring 
initiative to bring into the FBI private sector IT experts who 
can greatly assist in designing and managing our sizeable IT 
projects recently funded by Congress.
    The FBI's future ability to deter and prevent crimes 
requires the use of current and relevant IT. We have several 
critical initiatives underway to upgrade our IT infrastructure 
and investigative applications, such as Trilogy program, data 
warehousing and data mining, and our information assurance 
initiative.
    Funding these programs is essential to providing our 
investigators and analysts with improved IT resources and tools 
to support criminal and national security investigations, 
enabling improved and more expeditious data sharing and active 
collaboration.
    That concludes my prepared remarks, Mr. Chairman. I will be 
happy to respond to any questions.
    [The prepared statement of Mr. Jordan follows:]

     Statement of Robert J. Jordan, Federal Bureau of Investigation

    Good morning, Mr. Chairman and Members of the Subcommittee. My name 
is Bob Jordan and I serve as the head of the FBI's Information Sharing 
Task Force. With me today is Gene O'Leary, Acting Assistant Director of 
the FBI's Information Resources Division (IRD) and Ken Ritchhart, Chief 
of the Data/Information Management Section of IRD. We welcome this 
opportunity to meet with you today about the status of the FBI's 
information sharing initiatives within the Bureau and with other 
Government agencies for homeland defense purposes.
    The FBI is an organization in change. Not only are we structurally 
different but, in very fundamental ways, Director Mueller has revamped 
our approaches to counterterrorism and prevention. Since 9/11, we have 
seen massive shifts in our resource deployments. Our missions and 
priorities are being redefined to better reflect the post-9/11 
realities. As an agency, we are committed to devoting whatever 
resources are necessary to meet our prevention mission and continue to 
sustain a dramatically enhanced worldwide counterterrorism effort. A 
substantial component of this approach is information sharing, not only 
at the Federal level but also within the entire law enforcement and 
intelligence communities: Over the last several years much has 
improved, but this seemingly simple issue is actually a complex myriad 
of technology, legal, policy and cultural issues. Since the tragic 
events of September 11, this single issue, which is critical to public 
safety, is receiving the sustained, high-level attention necessary to 
ensure everything that can be done on every facet of the issue is being 
done.
    In that regard, I am happy to say that the spirit of collaboration 
and willingness to exchange data has never been stronger or more 
pronounced than it is today. Many of the legal and policy impediments 
that kept us from more fully exchanging information in the past have 
been or are now being changed. The USA Patriot Act (Pub. L. 107-56) has 
greatly improved our ability to exchange data with the intelligence 
community and across law enforcement. In addition, the Attorney 
General's recent directive to increase the coordination and sharing of 
information between the DoJ, the FBI, the INS, the USMS, and the 
Foreign Terrorist Tracking Task Force (FTTTF) on terrorist matters and 
to establish secure means of working with State and local officials are 
major milestones in improving our information sharing and collaboration 
efforts. Equally important, the difficult technology challenges we all 
face are on the top of everyone's priority list. This is especially so 
at the FBI. Under Director Mueller's leadership, the FBI, on every 
front, is hard at work carrying out the Attorney General's information-
sharing directive.

Joint Terrorism Task Forces

    Within the FBI, Director Mueller has personally taken on the 
challenge of improving information sharing and has directed FBI 
executive management to develop every means necessary to share as much 
information as possible with other agencies as well as with State and 
local law enforcement. Years of experience have demonstrated that Joint 
Terrorism Task Forces, JTTFs, have proven to be one of the most 
effective methods of unifying Federal, State and local law enforcement 
efforts to prevent and investigate terrorist activity by ensuring that 
all levels of law enforcement are fully benefiting from the information 
possessed by each.
    There are currently 47 JTTFs. We are working expeditiously to 
establish JTTFs in each of the FBI's 56 field offices. In 1996, there 
were only 11 of these task forces. The creation of 21 new JTTFs this 
year is resulting in an expanded level of interaction and cooperation 
between FBI Special Agents and their Federal, State and local 
counterparts, as well as an enhanced flow of information between the 
participating law enforcement agencies.
    Among the full-time Federal participants on JTTFs are the INS, the 
Marshal's Service, the Secret Service, the FAA, the Customs Service, 
the ATF, the State Department, the Postal Inspection Service, the IRS, 
and the U.S. Park Police. State and local agencies are heavily 
represented.
    In addition to the JTTFs, the Regional Terrorism Task Force (RTTF) 
initiative serves as a viable means of accomplishing the benefits 
associated with information sharing without establishing a full-time 
JTTF. FBI Special Agents assigned to counterterrorism matters meet with 
their Federal, State and local counterparts in designated alternating 
locations on a semi-annual basis for common training, discussion of 
investigations, and to share and discuss intelligence. The design of 
this non-traditional terrorism task force provides the necessary 
mechanism and structure to direct counterterrorism resources toward 
localized terrorism problems within the United States. There are 
currently six RTTFs: the Inland Northwest, the South Central, the 
Southeastern, the Northeast Border, the Deep South and the Southwest 
RTTFs.
    The FBI has a long tradition of exchanging unclassified information 
with Federal, State and local law enforcement agencies on wants and 
warrants, fingerprint identification, forensic information and watch 
lists. The last few years have seen dramatic increases in the exchange 
of specific case-related information due, in large part, to the 
proliferation of task forces. Now, we are improving our sharing of 
classified information again through such mechanisms as the JTTFs.

Terrorism Watch List

    Following the terrorist attacks of September 11, 2001, FBI 
Headquarters compiled what became known as the ``Project Lookout Watch 
List.'' The project was successful in identifying a number of 
individuals potentially connected to the PENTTBOM investigation. Due to 
the success of this effort and in recognition of the need to maintain a 
centralized repository of names of investigative interest related to 
terrorism investigations, Director Mueller instructed the establishment 
of a permanent Terrorism Watch List (TWL) to serve as the FBI's single, 
integrated listing of individuals of investigative interest that will 
be accessible throughout the law enforcement and intelligence 
communities. We anticipate the full implementation of the TWL within 
the next 60 to 90 days, replacing the stop-gap system now resident in 
NCIC. The TWL will consist of a compendium of names based on 
information identified through FBI and JTTF investigations, U.S. 
Intelligence Community reporting, and Department of Defense 
intelligence gathering, as well as information provided by cooperating 
foreign governments.
    The TWL will be designed to assist both the intelligence and the 
law enforcement communities in their investigations of terrorist 
groups/individuals and, equally important, to alert officers or agents 
should a person of interest in a terrorism matter be encountered by 
another agency. TWL staff will coordinate with the FBI's Criminal 
Justice Information Services (CJIS) Division to ensure the utilization 
of appropriate NCIC files. This capability will provide all State and 
local law enforcement agencies ready access to this information. 
Information in the TWL will also be shared with U.S. Government 
agencies that operate comparable tracking systems. As I describe these 
new databases and our plans for sharing them, please remember that the 
FBI will by complying with the Privacy Act and the detailed regulations 
that govern our law enforcement, counterterrorism, and 
counterintelligence activities, which ensures proper protection for the 
rights of Americans in the use of the databases.
    The TWL will be divided into three distinct categories. The first 
category will include the names of individuals for whom formal criminal 
charges or indictments have been issued (e.g., the 22 individuals on 
the Most Wanted Terrorist list). The second category will include the 
names of individuals of investigative interest to the FBI.
    The third category of the TWL will include the names of individuals 
provided by the Intelligence Community and cooperating foreign 
governments.

Other FBI Initiatives

    We have recently developed an FBI-wide and DoJ-wide capability to 
electronically share case information. Our Integrated Intelligence 
Information Application (IIIA) database is another example of major 
improvements in information sharing. It uses information derived from 
many different sources including the Department of State and INS. IIIA 
provides analytical support for Counterintelligence and 
Counterterrorism programs. It is a real-time collection system that 
houses over 33 million records. In the aftermath of 9/11 and PENTTBOM, 
IIIA has been asked to provide electronic search support to units 
within the FBI as well as to the critical FTTTF. To satisfy these 
requests, multiple programs have been written to standardize incoming 
data arriving in differing formats and to package the responses to 
accommodate the requesters' needs.
    Director Mueller has undertaken several other initiatives that 
either directly or indirectly enhance the FBI's information sharing 
capacity. All of these efforts are designed around the recognition that 
post-9/11, the FBI has adopted both a new focus and priorities that 
recognize the substantial investment being made in prevention. A few 
examples include:
     Director Mueller has named Louis Quijas, currently Chief 
of Police of High Point, North Carolina, to be FBI Assistant Director 
for Law Enforcement Coordination. Chief Quijas has as his single 
mission fully exploiting State and local law enforcement support 
through enhanced information sharing and ensuring that State and local 
law enforcement have a strong voice within the FBI as we work on 
terrorism, prevention and major investigations.
     An Office of Intelligence is now part of the FBI's 
organizational structure. This office has as part of its mission not 
only to ensure the vigorous and fluid flow of information within the 
FBI but also to ensure that intelligence goes elsewhere within the law 
enforcement and intelligence communities in every instance when it is 
appropriate to do so.
     The FBI has undertaken a major recruiting and hiring 
initiative to bring into the FBI private sector IT experts who can 
greatly assist in designing and managing the sizable IT projects 
recently funded by Congress. These projects, such as Trilogy, are vital 
to any robust information sharing program.
     A Records Management Division has been established, headed 
by an outside records expert, to put in place the ``information 
management'' policies and mechanisms critical to effective sharing 
programs.
     The FBI is detailing personnel to other agencies, and vice 
versa, to ensure that information both is both shared and understood 
within both agencies. These efforts are critical to programs like the 
National Infrastructure Protection Center (NIPC), the Counterterrorism 
Center at CIA, and others.

Information Security

    One equity we must balance with our desire to share information as 
freely as possible is the need for the security of information. As 
recently detailed in Judge William Webster's report, we must keep in 
mind that we are keepers of information that is highly classified and 
controlled by ``need to know'' principles. Access to highly 
confidential information will be in accordance with the FBI's broad, 
new security policies. Access control mechanisms, such as 
identification and authentication will provide accountability for those 
individuals having a need to know restricted information. In addition, 
audits of this access will be routinely conducted. The lives of agents, 
informants and innocent victims often rest upon the safekeeping of 
their information. The need for information security must be balanced 
by the driving need of the criminal investigator to be able to follow 
any and all avenues in an investigation.
    The Webster Commission report accurately points out that the FBI's 
information technology (IT) recapitalization effort, Trilogy, includes 
funding for only the foundational elements of Information Assurance 
(IA). At rollout, Trilogy will provide more security than the FBI's 
current IT backbone. The goal, however, is to develop the IA Program to 
be on par with other world-class information systems security efforts. 
Significant coordination has taken place between the Trilogy Program 
and personnel assigned to the IA Program to ensure that the Trilogy 
security architecture will support the utilization of the future IA 
technologies we plan to employ. So, while Trilogy and related 
applications will give the FBI a vastly increased capability to use, 
analyze, exploit and share information collected in investigations, it 
will be designed and deployed in a manner that addresses the 
shortcomings apparent in the Hanssen matter.

Challenges

    Today, information sharing is technologically feasible. Advances in 
information technology have made it possible to link the information 
systems of agencies that are operating with different hardware and 
software. The improvements in information sharing that are at the heart 
of these initiatives, however, require that agencies participating in 
integration initiatives come together and agree upon a governance 
structure to manage decisionmaking in an integrated environment. 
Federal, State and Local law enforcement must address the considerable 
challenge of developing a formalized organizational framework within 
which participating agencies will share responsibility for making and 
executing overarching decisions on such issues as budgeting, hardware 
and software purchases, and the development of policies, procedures, 
and protocols that effect the operational integrity of the information 
sharing system. Our systems were originally designed to comply with a 
complex set of regulations restricting what can and cannot be shared 
amongst Federal, State and local agencies. We are committed to 
redesigning our systems and making whatever changes are necessary to 
ensure the effective and efficient exchange of information within the 
law enforcement community.
    At the same time, we still need to further improve our ability to 
share information between our own applications and our own multitude of 
databases. Our Data Warehousing project will provide us with the 
capability to finally combine information from all our applications 
into a coherent whole and provide advanced data mining, analytical and 
visualization tools. We are also working with the Office of Homeland 
Security on improving horizontal information sharing, developing common 
data standards, and improving collaboration capabilities.
    The FBI's future ability to deter and prevent crimes requires the 
use of current, and relevant IT. We have several critical initiatives 
underway to upgrade the FBI IT infrastructure and investigative 
applications such as the Trilogy Program; Data Warehousing & Data 
Mining; our Collaboration Initiative; and our Information Assurance 
initiative. Funding these programs is essential to provide our 
investigators and analysts with improved IT resources and tools to 
support criminal and national security investigations, enabling 
improved and more expeditious data sharing and active collaboration.
    That concludes my prepared remarks, Mr. Chairman. I will be happy 
to respond to any questions you may have.

    Chairman Schumer. Thank you, Mr. Jordan. I want to thank 
both witnesses. I know you condensed your testimony.
    Mr. Hastings. I presume you will do the same thing.

 STATEMENT OF SCOTT O. HASTINGS, DEPUTY ASSOCIATE COMMISSIONER 
   FOR INFORMATION RESOURCES, IMMIGRATION AND NATURALIZATION 
                    SERVICE, WASHINGTON, DC

    Mr. Hastings. I will certainly do that.
    I appreciate the opportunity to appear today to discuss 
this issue. In any discussion about moving Federal agencies to 
a more effective information-sharing environment, technical 
solutions need to be only a part.
    The Department of Justice approach and the approach of the 
Office of Homeland Security are similar: build a solid planning 
requirements base before identifying technical solutions, at 
the same time implementing tactical interim successes that make 
sense to support the immediate threats. Business needs and 
objectives that may be expressed in enterprise architectures 
must be established.
    Following that process, decide the information that is 
required by the operation and how to deliver it, identify 
technology alternatives to deliver that information, create 
utilities that support that process, and invest.
    Finally, select, control, and manage those utilities, and 
then create knowledge-management capability.
    The INS is clearly one of the core agencies that requires 
enhanced information-sharing capabilities. The data we collect 
are crucial to the law enforcement and intelligence 
communities, who are now integrating their functions to combat 
the threat of terrorism. Consequently, we are deeply involved 
in efforts to overcome the barriers to appropriate and secure 
exchange of data, and equally important to convert that data to 
useful information that supports clear operational objectives.
    The Office of Homeland Security, in conjunction with OMB, 
is overseeing initiatives that provide information sharing 
between Federal agencies horizontally, and then promote 
agencies vertically to State and local governments, as well as 
selected private industries. INS is a working partner in those 
efforts.
    Attorney General Ashcroft has made the prevention of 
terrorist activities an overriding priority in the Department 
of Justice and its components. With this goal in mind, he 
directed us to review and strengthen our policies and 
procedures to ensure that information sharing and analysis and 
coordination of activities with other Federal agencies, as well 
as our State and local partners, to combat terrorism.
    This mandate, coupled with new legislation, such as the USA 
Patriot Act, has provided us with greater authority to share 
information as appropriate. We are implementing technical 
linkages as we speak with other Federal agencies to integrate 
the data required to support the act.
    We have also been directed by the Attorney General to step 
up our efforts to coordinate information activities in the 
common effort to prevent and disrupt terrorism, and we are full 
participants in the departmental efforts to improve data 
sharing.
    Federal agencies maintain a number of databases that 
provide real-time information to officials at U.S. diplomatic 
posts abroad, offices at ports of entry, and the interior law 
enforcement officials. We work closely with agencies to prevent 
terrorists from entering the United States, to deny them entry 
across our borders, and to detect and apprehend those already 
in the country, and to gather intelligence on the plans and 
activities of terrorist conspiracies.
    We provide, in electronic format, biographic, biometric, 
and associated data for inclusion in several external agency 
databases to better identify these terrorists.
    For many years, INS has taken steps to enhance the exchange 
of information through greater cooperation amongst the law 
enforcement community. An example of this is the law 
enforcement support center, available 24 hours a day, 7 days a 
week, to provide State law enforcement with data and 
information from INS databases. We also verify immigration 
status for State and local benefit granting agencies, some 
employers and some State drivers license bureaus.
    Finally, we are working internationally to develop better 
ways of sharing information that will support enforcement 
intelligence operations. The U.S. government recently signed 
agreements with the governments of Canada and Mexico to further 
these initiatives.
    I cannot overemphasize the commitment of INS and the other 
Federal agencies to work together to achieve a more supportive 
and comprehensive information support environment. In each of 
these, we need to be sensitive to the legal limitations on 
sharing information, security and privacy concerns, and who are 
the appropriate users of the information.
    With all the initiatives, there are no quick fixes, 
technological or otherwise, to problems we face. We must work 
with advanced technology to improve our systems. But technology 
alone cannot solve our problems.
    In order to leverage our resources and maximize our 
capabilities, technology must be coupled with strong 
intelligence information-gathering distribution systems. This 
will require seamless cooperation amongst the agencies 
involved. It is crucial we focus on the efforts exemplified by 
DoJ, the Department of Justice, and the Homeland Security 
Office that solidify the planning and administrative structures 
that are required, while continuing to support the immediate 
requirements levied every day by ongoing intelligence and 
enforcement operations. In this way, the INS can help ensure a 
more dependable outcome that takes advantage of the wealth of 
technology solutions that already exist, but that may be 
embedded within individual agencies. Without these structures, 
we will be unable to interlace these solutions together in a 
meaningful way.
    Thank you for the opportunity to testify.
    [The prepared statement of Mr. Hastings follows:]

 Statement of Scott O. Hastings, Associate Commissioner for the Office 
of Information Resources Management, U.S. Immigration & Naturalization 
                       Service, Washington, D.C.

    Mr. Chairman and Members of the Committee, I appreciate the 
opportunity to appear before you to discuss the important issue of how 
technology and information can best support our efforts to reduce the 
threat of foreign terrorist activity.
    The Immigration and Naturalization Service (INS) is clearly one of 
the core agencies that will require enhanced information sharing 
capabilities. The data we collect are crucial to the law enforcement 
and intelligence communities that are now integrating their functions 
to combat the threat of terrorism. The INS will need to take advantage 
of additional external sources of data to support our enforcement and 
intelligence functions.
    Consequently, we are involved deeply in efforts to overcome 
barriers to the appropriate and secure exchange of data and, equally 
important, to convert that data to useful information that supports 
clear operational objectives. The Office of Homeland Security, in 
conjunction with the Office of Management and Budget, is coordinating 
agency initiatives that promote information sharing among Federal 
agencies horizontally, and then from those agencies, vertically, to 
State and local governments as well as selected private industries. INS 
is a working partner in those efforts.
    Attorney General Ashcroft has made the prevention of terrorist 
activities an overriding priority of the Department of Justice and its 
components. With this goal in mind, he directed us to review and 
strengthen our policies and procedures to ensure information sharing 
and analysis and coordination of activities with other Federal 
agencies, as well as our State and local partners, to combat terrorism. 
This mandate, coupled with new legislation such as the USA PATRIOT Act 
of 2001, has provided us with greater authority to share information 
with Federal officials to assist in the performance of their duties. We 
are implementing the technical linkages with other Federal agencies to 
integrate data required to support this Act.
    The Attorney General has also directed Department of Justice 
components to step up our efforts to coordinate information and 
activities in the common effort to prevent and disrupt terrorism. We 
are participating in Department efforts to improve data sharing.
    Federal agencies maintain a number of databases that provide 
realtime information to officials at U.S. diplomatic outposts abroad, 
officers at ports-of-entry, and interior law enforcement officials 
(e.g., the State Department's TIPOFF program). We work closely with 
these agencies to prevent terrorists from entering the United States, 
to deny them entry across our borders, to detect and apprehend those 
already in the country, and to gather intelligence on the plans and 
activities of terrorist conspiracies. We provide in electronic format 
biographic, biometric, and associated data for inclusion in several 
external agency databases to better identify suspected terrorists. For 
example, through the Interagency Border Inspection System (IBIS), the 
primary automated screening tool used by both the INS and U.S. Customs 
Service at ports-of-entry, access is provided to many databases, 
including the FBI National Crime Information Center (NCIC). NCIC is the 
Nation's principal law enforcement automated information sharing tool. 
It provides on-the-street access to information to over 650,000 U.S. 
local, State, and Federal law enforcement officers.
    Additionally, the INS works to share information through the 
Integrated Automated Fingerprint Identification System (IAFIS) and 
other appropriate law enforcement databases to assist in detecting and 
locating foreign terrorists.
    We have successfully integrated wants and warrants from the NCIC 
and the FBI into our own IDENT system. Through this joint endeavor, 
since August 15, 2001, we have identified a total of 891 individual 
aliens at the border who were wanted on outstanding criminal charges. 
With the expansion of IDENT to INS offices in the interior, we have 
been better able to identify criminal aliens residing in the United 
States.
    On October 30, 2001, the President directed the Department of 
Justice to establish the Foreign Terrorist Tracking Task Force (FTTTF). 
The mission of the FTTTF is to keep foreign terrorists and their 
supporters out of the United States by providing critical and timely 
information to border control and interior enforcement agencies and 
officials. To do so requires electronic access to large sets of data, 
including the most sensitive material from law enforcement and 
intelligence sources. The INS works closely with the FTTTF to discern 
patterns and probabilities of terrorist activities and to ensure that 
data is properly shared.
    For many years, the INS has taken steps to enhance the exchange of 
information through greater cooperation amongst the law enforcement 
community. An example of this is the Law Enforcement Support Center 
available 24 hours a day, 7 days a week to provide State law 
enforcement with data and information from INS databases. We also 
verify immigration status for State and local benefit granting 
agencies, some employers, and some State driver's license bureaus.
    Finally, we are working internationally to develop better ways of 
sharing information that will support enforcement and intelligence 
operations. The U.S. Government recently signed agreements with the 
governments of Canada and Mexico to further these initiatives.
    I cannot over-emphasize the commitment of the INS and other Federal 
agencies and other participants to work together to achieve a more 
supportive and comprehensive information support environment.
    In each of these data sharing initiatives we must be sensitive to 
the Privacy Act and other relevant legal limitations on sharing 
information. When making information available to other entities, 
security, privacy concerns and appropriate user access are primary 
considerations for us. We have created a standing reviewing body to 
ensure all these issues are addressed with each type of data-sharing 
request.
    All of our efforts to better share data need to take place in a 
sound planning and investment management process in order to succeed. 
Prior to September 11, the INS was developing mid- to long-range plans 
in response to growth in both its mission responsibilities and 
information sharing. Specifically, the INS has long-term plans to guide 
and align infrastructure and technology to accomplish this mission. The 
INS has undertaken several major initiatives to improve the planning 
and integration of its information technology environment, including an 
INS Enterprise Architecture Plan, a technology architecture, strategic 
information technology plans, and a 5-year records management plan. One 
goal of these plans is to ensure enhanced data sharing that is secure, 
accurate, and timely, and that meets the enterprise's operational 
objectives, not individual and ``stove-piped'' business functions. 
Other goals of these plans include:
    Additional agent support equipment and technology enhancements and 
expanded access to biometric identification systems, such as a mobile 
IDENT system.
    Implementation of automated access to the National Crime 
Information Center Interstate Identification Index (NCIC III) through 
the Advance Passenger Information System to enable primary inspectors 
at ports-of-entry receiving Advance Passenger Information to identify, 
prior to admission, aliens with criminal histories.
    Improved system checks for the adjudication of applications at INS 
Service Centers and District Offices.
    Improved accessibility to all Department of State visa data and 
photographs in electronic form at ports-of-entry so that visa 
information will be available at the time of actual inspection.
    Expanded implementation of alternative inspection systems to 
facilitate admission of low-risk travelers while focusing on high-risk 
travelers. Deployment of the Student Exchange Visitor Information 
System, an Internet-based system that provides tracking and monitoring 
functionality on non-immigrant students and exchange visitors. 
Implementation of an entry and exit data system that will record the 
arrivals and departures of foreign nationals visiting the United 
States.
    Continued cooperation with the State Department to replace old 
border crossing cards with the new biometric border crossing card and 
deploy card readers to our ports-of-entry.
    Even with each of these initiatives, there is no quick fix, 
technological or otherwise, to the problems we face. We must work with 
advanced technology and improve our systems. But technology alone 
cannot solve our problems. In order to leverage our resources and 
maximize our capabilities, technology must be coupled with a strong 
intelligence and information-gathering and distribution system. This 
will require seamless cooperation among the many Federal agencies 
involved.
    The most compelling progress in this arena has been the 
formalization of the planning and management processes needed to 
achieve the necessary level of information sharing among Federal, 
State, and local entities. These structures will bring discipline to 
the development and application of technology and will ensure that the 
INS defines what our operational objectives should be, identifies the 
data and the data sources needed to support those objectives, and 
applies the appropriate technology solutions to deliver that 
information.
    It is crucial that we focus on the efforts exemplified by the 
Department of Justice and the Homeland Security Office that solidify 
the planning and administrative structure, while continuing to support 
immediate requirements levied every day by ongoing intelligence and 
enforcement operations. In this way, the INS will ensure a more 
dependable outcome that takes advantage of the wealth of technology 
solutions that already exist, but that may be embedded within 
individual agencies. Without these structures, we will be unable to 
interlace those solutions together in a meaningful way.
    Thank you for the opportunity to testify before the Committee this 
morning. I welcome your questions.

    Chairman Schumer. Thank you, Mr. Hastings.
    As you can probably see, we had a vote called. Senator 
Sessions has gone to vote, so we do not have to interrupt, 
because we know the deadlines.
    So I am going to begin asking questions. The minute Senator 
Sessions gets back, I will break my questioning. He will ask 
questions. I will go vote, and then we will resume in that way.
    And however Arlen wants to fit into this will be fine with 
me in any way.
    I guess the first question I have is a preliminary one. You 
have all outlined some ambitious plans for information sharing 
and all of that, which obviously requires more dollars in terms 
of both hardware, machinery, computers, et cetera, as well as 
more personnel.
    First, how much would each of you estimate it will cost to 
eventually do this over the period of years? I guess Mr. Hitch 
would probably know this for all of Justice, and then just Mr. 
Jordan and Mr. Hastings, in your respective agencies.
    And second, is lack of money a problem at all? I would 
presume it is not at this point in time.
    Mr. Hitch.
    Mr. Hitch. Yes, sir. Right now, we do not have definitive 
estimates to respond to your question. However, I would say, 
the way I have been talking about this to my counterparts in 
Justice, is we need to view this as the Defense Department 
would a new aircraft carrier. It is a big effort to implement 
the kind of systems that are going to be necessary to protect 
our citizens. The number is--
    Chairman Schumer. It is in the billions, you would say?
    Mr. Hitch. It is probably in the billions, yes.
    Chairman Schumer. That is within the Justice Department.
    Senator Specter. Mr. Chairman, could I just say a word?
    Chairman Schumer. Please.
    Senator Specter. I am going to be departing in a moment for 
the vote, but I just wanted to thank you for scheduling this 
hearing.
    I believe the issue of homeland security is one of enormous 
importance. It cuts across many of our Committee lines. It is 
my hope that we will see some legislation in the field that 
will strengthen the operation, make it a Cabinet officer.
    And I think that a hearing like this is very constructive 
toward finding out what we ought to be doing.
    Thank you, Mr. Chairman.
    Chairman Schumer. Thank you, Senator Specter.
    Do you expect that you will have all the dollars that you 
need to do this? You have been told by the Attorney General or 
others to make the best system and do not let finances get in 
the way?
    Mr. Hitch. At this point, finances have not gotten in the 
way. I think the U.S. Patriot Act was really a landmark piece 
of legislation in helping us along that way. It provided a lot 
of seed money for a lot of things to get under way that we 
currently have under way. I think ongoing support is going to 
be necessary, but I think we have got enough to get us going in 
the right direction, to do the best we can without regard to 
that issue.
    Chairman Schumer. Right.
    Mr. Jordan, how much do you think it will cost and do you 
have the resources you need to do what you need to do in the 
FBI?
    Mr. Jordan. We have a budget request for fiscal year 2003 
in this area of approximately $411 million. With that, we would 
have what we need.
    Chairman Schumer. And has the Administration put that in 
its budget?
    Mr. Jordan. That is correct. It has.
    Chairman Schumer. It will continue to be at about that 
level over the next several years, by the way, Mr. Jordan.
    Mr. Jordan. That is my understanding.
    Chairman Schumer. Okay, Mr. Hastings.
    Mr. Hastings. We received specific funding for specific 
projects in the counterterrorism supplemental. We have a 2003 
budget request, which I do not have the details in front of me, 
but there are some large efforts that we have yet to put 
dollars to. The exit-entry system alone will be a significant 
investment, and it is really very difficult to predict at this 
point.
    I know that the department will be helping us orchestrate 
and integrating these requests to ensure that we are not 
duplicating efforts, and we are making the best use of the 
funds from a departmental standpoint.
    Chairman Schumer. Is yours in the hundreds of millions for 
this year?
    Mr. Hastings. I would say so.
    Chairman Schumer. Yes, okay.
    Well, Jeff is not here, and I think we have about a minute 
or two left to vote. So what I am going to do is just call a 
brief recess. I will run vote and come right back.
    But if Senator Sessions comes, we will let him start his 
questioning, and then I will resume mine when he finishes.
    We are calling a short recess.
    [Recess.]
    Senator Sessions. If you do not mind, we will get started 
again. Senator Schumer told me to go ahead and get started with 
some questions that I might have.
    I would just like to ask some fundamental questions that 
sort of go to where we are in terms of information sharing.
    My personal view is the National Crime Information Center, 
the NCIC, is accessible by police officers in their vehicles 
anywhere in America, by police departments and sheriff's 
departments. It is secure in the sense that anybody that leaks 
that information is subject to a criminal penalty. But it is 
not secure, not greatly secure, in terms of the intelligence 
community, I am sure, because so many thousands of people have 
access to it and could obtain access to it in any police 
department surreptitiously to run any name that they would like 
to run.
    So it has tremendous potential to help local law 
enforcement be the eyes and ears and hands of our effort to 
maintain security in our country, but it has some difficulties, 
too.
    Mr. Hastings, with regard to INS, let me ask you a few 
simple questions. If an individual who comes here overstays his 
visa or is otherwise declared to be illegally in the United 
States, is that information made available to local law 
enforcement through the NCIC? Is any of that information placed 
in NCIC, which is the primary information center for law 
enforcement throughout America?
    Mr. Hastings. The information would be available through 
our LESC, which is available 24 by 7 to law enforcement 
communities. We can provide that on a case-by-base basis.
    And we also have begun including absconder information, 
where folks have gone through deportation proceedings and are 
still known to be in the country.
    Senator Sessions. Prior to September 11, that was not the 
case. Is that correct?
    Mr. Hastings. That is correct.
    Senator Sessions. So prior to September 11, we did not have 
any database accessible to local law enforcement to identify 
people who they may be apprehending for some minor offense, but 
that would tell them that person was an illegal entrant or 
overstayer in the United States.
    Mr. Hastings. By accessing the LESC, it would be the--
    Senator Sessions. Now let's pursue the changes you have 
made. What is the LESC?
    Mr. Hastings. The Law Enforcement Support Center. I am 
sorry for the acronym.
    Senator Sessions. Is that available to a local police 
officer?
    Mr. Hastings. Yes, it is.
    Senator Sessions. And is it, therefore, part of the NCIC? 
Or does he have to do a double access?
    Mr. Hastings. The LESC will access a multiplicity of data 
sources to provide information that we have according to the 
query that is generated by the local law enforcement.
    Senator Sessions. Let me get that straight. I just want to 
know what it is like for the police officer out there trying to 
do his duty. He stops someone. Does that officer have to run 
two different systems from his vehicle or from the police 
station where he may have taken a person for some maybe minor 
crime? Or will one access to the general NCIC kick out a hit 
for that individual? Do you know?
    Mr. Hastings. If he runs NCIC, and we have put information 
such as the absconder in that database, he will have access to 
that. He might want to make a further inquiry to determine 
whether or not we have additional information on this 
individual, in which case that is when he would contact our Law 
Enforcement Support Center.
    Senator Sessions. With regard to absconder information and 
so forth, what if a person is eligible to stay in the country 
one year and they overstay and they are here 18 months. Is that 
going to be normally in your system under your current policy 
today?
    Mr. Hastings. In the NCIC?
    Senator Sessions. Yes.
    Mr. Hastings. Not at this point.
    Senator Sessions. So who would go in that system, then? You 
say you will put some of the absconders or others in there. How 
do you determine who will go in the system made available to 
local law enforcement?
    Mr. Hastings. Sir, you are getting into an area--I am the 
technologist, and I am really not able to give you the policy 
decisions behind how we make the decisions. I know that 
information is reviewed before it goes into the NCIC to make 
sure it is appropriate to go there.
    We can certainly follow up with a detailed explanation of 
what types of information at this point we put in there and how 
it is done, if I can defer that to a follow-up.
    Senator Sessions. All right. That is very important to me.
    Mr. Hastings. We will make sure you get that information.
    Senator Sessions. What we have done in this country with 
regard to illegal immigration, we have said the words, and we 
have passed generalized statutes that deal with immigration. 
But when it gets down to the grassroots level where it actually 
succeeds or does not succeed, we have created roadblocks and 
problems that have eviscerated the capability of enforcing our 
statutes.
    Well, I guess, Mr. Hastings, I will ask you. Maybe some of 
the others would comment. What happens if a police officer in 
Hagerstown stops a person that he identifies as being an 
illegal alien, but has not violated any serious Federal crimes? 
Do you know what that officer does, Mr. Hastings, with the 
person he has apprehended, who he determines to be illegally 
here?
    Mr. Hastings. I suspect that will be a case-by-case 
decision on their part.
    Again, sir, I would want to defer to our operations and 
investigations folks to give you the specifics on that.
    Senator Sessions. That may not your area of responsibility.
    Mr. Hitch, would you like to opine on that question?
    Mr. Hitch. Sir, I would have to defer to the INS on exactly 
how it works today. What I have been working on is the future 
vision of how this would work. Certainly, our objective is to 
do exactly what you are talking about, to have a tiered system 
where that police officer would know exactly what the situation 
for that person is. The top tier would be the 10 most-wanted 
terrorists, but along the line there would be the people who 
are on an overstay situation, with specific directions, action 
codes to tell the police officer how to react to that 
situation.
    Senator Sessions. We are going to get to the bottom of that 
question pretty soon.
    Mr. Jordan, what is your view on it?
    Mr. Jordan. Currently, right now, there is a stopgap system 
in place, wherein absconder information can be accessed through 
NCIC, and it is currently dependent on INS putting that 
information into the absconder file.
    Senator Sessions. Will the FBI accept any INS information 
indicating illegal aliens and absconder information that they 
wish to put in it? Or does the FBI refuse to accept--would have 
to approve that? Or do you object to receiving such 
information?
    Mr. Jordan. My understanding is that absconder information, 
where the person has been adjudged to be an absconder, that 
that information we will enter, if it is provided to us by INS.
    As I said in my opening statement, we have a terrorism 
watch list, which is being integrated into NCIC. And it will be 
fully implemented within this next 60 to 90 days, to bridge the 
gap that I think you are making reference to.
    Senator Sessions. Well, I just want the American people to 
know something. What the American people need to know is that 
all over America, when a police officer or sheriff's deputy 
stops someone, unless they have some high degree of notoriety, 
that is illegally in this country, they turn them loose. They 
do not even bother to call INS, from what I understand, because 
INS has no interest in it. They will not come and pick them up 
and process them, because they say they are too busy.
    And so we have these rules that people think are working, 
but actually out there on the ground, they are not working.
    So it makes a mockery, really, of the immigration laws in 
America.
    So let's go back. You say absconder information; that deals 
with a circumstance, if I am not in error, in which a full 
court hearing has been held and an individual has been declared 
to be illegal and has been ordered to remove himself from the 
country and fails to do so, but absconds and hides in the 
United States.
    Mr. Jordan. That is correct.
    Senator Sessions. Those are very, very few. That would be 
less than 1 percent of the people here illegally, would it not, 
Mr. Jordan?
    Mr. Jordan. I would not know the numbers, but it is 
certainly a distinction between someone who just overstays and 
someone adjudged to be an absconder.
    Senator Sessions. Well, I think it is going to be 
exceedingly small, probably less than one-tenth of 1 percent, 
but I may be in error about that.
    Overwhelmingly, the people that are here illegally have not 
been taken to court and been officially declared to be illegal. 
This is when they have contested it in some fashion or maybe 
got in trouble and there was an official court hearing.
    I have information, Mr. Hastings, that there are some 
321,000 people who have been ordered deported, but only 2,000 
names have been put in NCIC. What would you say about that?
    Mr. Hastings. I am not sure of those statistics. I believe 
that those cases are being reviewed. There are procedures that 
need to be followed before we enter individuals into NCIC, to 
make sure it is appropriate that they are there. Again, I will 
include the exact statistics in the follow-up that I can give 
you on where we stand in terms of how many have actually been 
entered.
    Senator Sessions. Well, that is the information I have. 
Certainly, prior to September 11, that is what the 
circumstances were, if not worse than that, which just 
indicates to me that we are not serious about this.
    There are people who say, well, we cannot do anything about 
people who are here illegally. It is just hopeless. One reason 
it is hopeless is because we are not taking the steps necessary 
to see that we enforce the law.
    To me, as a Federal prosecutor for 15 years enforcing the 
law and prosecuting a number of immigration cases, America has 
got to enforce the law fairly. It is just not right to have 
somebody who patiently waits their turn to come into the United 
States, and to have their slot, their spot, taken by somebody 
who is here illegally and who cuts the corners and goes around 
it.
    So I just think that in the course of all this it will help 
us in security. It will help us also just in maintaining the 
rule of law in this country.
    With regard to approval for a person, let's say from Iran, 
who would like to come to the United States, what does the 
American embassy in Iran, what kind of information do they have 
as they evaluate whether or not that person is a potential good 
person to trust to come into the country? Do they have access 
to your computer system?
    Mr. Hastings. They do not have direct access to our 
computer systems. There are databases that they utilize--TIPOFF 
is one--to inform the decision-making. We are working with them 
to include, again, additional information and make that 
available. We are working aggressively with a Department of 
State initiative to establish a collaboration zone to enhance 
the data sharing and information available to those decisions 
made before these individuals reach our shores.
    Senator Sessions. Well, what if an individual that has been 
approved for admission into the United States from Iran, and I 
just say that because there are some people in that country 
that would be dangerous, although normally I think most 
Iranians reject all terrorism and that kind of thing, but let's 
just say some country that we know has an indigenous terrorist 
network that perhaps may be trying to operate there illegally, 
and that after they have been approved for entry into the 
United States it is discovered by the consulate that they may 
be connected to al Qaeda, what is done? Are they taking any 
action to identify or apprehend that person?
    Mr. Hastings. Is State Department taking any action?
    Senator Sessions. Yes. Would they contact INS and say, 
``The person that we approved for entry we now think may be 
dangerous.''
    Mr. Hastings. I cannot testify to specific steps the State 
Department takes. I do know that information that is being 
developed cooperatively between intelligence and enforcement 
agencies is that there is an effort to include that in the 
inspectional access, the systems that we use as the 
inspections, to determine whether or not that information can 
be communicated at the point of inspection. I am not sure what 
the procedure is at State Department in a case like that.
    Chairman Schumer. I just had a follow-up here, related to 
Jeff's question, which I think is on the money.
    Right now, and I would ask this of Mr. Hastings and Mr. 
Hitch, right now if, say, the FBI Counterterrorism Bureau 
suspects somebody of being a terrorist, and they would be on 
this list that I think Mr. Jordan mentioned, what you called 
TWL, and they apply for a visa in any country--they are a 
foreign national--does that show up on the INS computers right 
now?
    Mr. Jordan.
    Mr. Jordan. Right now, the State Department, when they 
receive an application for a visa, prior to them approving it, 
they send that information on the application to the FBI, and 
we process that through our databases to include databases that 
have information about terrorism.
    Chairman Schumer. So every single person who applies for 
any kind of visa would go through your TWL list?
    Mr. Jordan. Yes. That is going on right now.
    Chairman Schumer. Through the State Department.
    Mr. Jordan. Right. That is correct.
    Mr. Hastings. And the INS gets access to it. A Border 
Patrol or somebody at a port of entry would have access to the 
IBIS system, which contains the same information. These are 
coordinated databases that would contain information about----
    Chairman Schumer. Right. That is what I was asking. So at 
the border, you would have exactly that information.
    Mr. Hastings. Yes.
    Chairman Schumer. So right now we could say that every 
person on this list--we do not know if we have everybody who 
might be a terrorist on this list--but anyone we have on this 
list would be known immediately as they apply to come into the 
country by both the State Department and the INS, whether it is 
at the border or in the embassies. Is that fair to say?
    Mr. Hitch. I think that is fair to say that that is 
certainly the intent, and in the post-9/11 world, the Attorney 
General specifically asked for a review of all those procedures 
to make sure that if there was anything that could be done, it 
was done. He followed up just this past week to 
institutionalize all those procedures to make sure that that is 
happening.
    Chairman Schumer. And what is the answer? I know he wants 
to make sure.
    Mr. Hitch. The answer is yes.
    Chairman Schumer. Yes, okay. And you both agree with that?
    Sorry, Jeff.
    Chairman Sessions. What about where there is a visa waiver 
in our relationship with a country? Many countries have that.
    First, if you know how many we have a visa waiver system 
with? And does this procedure you have just described work in 
those cases? Do they check?
    Mr. Hitch. The visa waiver countries, there are a lot of 
them. There are something like 29 or 30.
    Mr. Hastings. Twenty-eight countries.
    Mr. Hitch. Twenty-eight visa waiver countries. Those 
countries basically what they have is a speedy process of 
getting into the United States based on treaties that have been 
negotiated. Those procedures do not apply to them. They can 
come if they have a passport.
    So I think that is an area that, for our future look at 
what we are doing, what we are planning to do is to tighten up 
on those visa waiver people also, because that is a significant 
hole in our security.
    However, that is going to require renegotiation of those 
agreements.
    Mr. Hastings. We do have access to advance passenger 
information, and we are utilizing that in the inspectional 
process. And by the fall, we will have that fully integrated in 
that IBIS environment as well, again, as an interim step, 
knowing that we have still have an entry-exit system in a very 
large scope to be planned and developed over the next several 
years. These are the interim measures that we have taken.
    Chairman Schumer. But you are basically saying that your 
system at the borders is a lot better than your system 
internally in the country. I mean, the kind of thing we read 
about with the two people, the two terrorists who posthumously 
got the approval of their visas, shows that things are not in 
good shape. What you are leading us to believe is that, if they 
were coming into the country at this point in time, not 9/11, 
and they were on some kind of list--that is a different issue, 
how good our lists are--that they would have been blocked.
    Mr. Hastings. I think that is safe to say. As a matter of 
fact in those cases, at the point of inspection and the point 
of adjudication, there was no reason to believe in any of the 
data that was available in our databases that there was a 
record that these folks were of interest.
    Chairman Schumer. Right. Okay.
    Senator Sessions. The shoe bomber came in the country 
through another country that we have a visa waiver system for. 
Mr. Hitch, would our system today catch that or not? Or would 
that be a weakness in our system today?
    Mr. Hitch. I believe that is a weakness in our system today 
that we are fully aware of and trying to figure out ways to 
best fill it.
    As I mentioned before, the long-term answer is some 
renegotiation of the visa waiver agreements. I think the 
passenger manifests that were mentioned by Mr. Hastings are a 
step in the right direction.
    But unless we had some reason to suspect him, the passenger 
manifests would not have shown up anything.
    Mr. Hastings. Mr. Hitch is correct in that. I do want to 
articulate that, in that case, we would check the advance 
passenger information against what we have in our databases. 
The question would be, would there be information in those 
databases that would have suggested that this individual was 
someone we should be looking for?
    Chairman Schumer. As I remember, he was an American 
citizen, right? The shoe bomber?
    Mr. Hastings. I think he was a British citizen.
    He was traveling on a British passport.
    Chairman Schumer. A British passport.
    Mr. Hitch. I do believe that that is a weakness that has to 
be plugged up. The visa waiver issue has to be plugged up from 
a policy standpoint.
    Senator Sessions. Just one more.
    Mr. Jordan, with regard to the National Crime Information 
Center, let's say an individual came here from the United 
Kingdom. There is no evidence that they pose any threat to 
America, but under our new system that INS is going to be 
putting together, I trust he is identified as an overstayer or 
is identified as a person that otherwise has violated the terms 
of his entry and is therefore illegally entering here. Does the 
FBI have any objection to entering all of those people's names 
into the system?
    Mr. Jordan. Give me one minute, Senator?
    Our NCIC system is managed by an oversight panel that is 
staffed by local chiefs, who work with us in establishing what 
goes in and what does not go in NCIC files. One of the things 
we want to make sure is that the information is relevant and 
useful and mature enough to be disseminated.
    Senator Sessions. Has the FBI opposed that information 
coming in? Or is it INS that has no desire to put it in?
    Mr. Jordan. I do not know that sitting here this morning, 
Senator, I can answer that question.
    Senator Sessions. Well, the answer I guess fundamentally 
is, it is not going in. And it is either that the INS is not 
putting it in or there has been an objection from NCIC to 
receiving it. If it overwhelmed the computer system, I could 
understand that. Otherwise, I think it should be in there for 
whatever value it can provide to a local officer.
    I think we, ultimately, if we have any respect for law in 
America, if we have any respect for fairness and justice, will 
try to make sure that people who are here illegally are not 
allowed to continue in that status. And to do so, we have to 
enlist the local law enforcement, and they have to be able to 
access it on the computer.
    I do not mean to belabor that. That may be a subject for a 
different hearing, because you are the technicians, you are not 
the policymakers on this deal.
    Thank you, Mr. Chairman.
    Chairman Schumer. Thank you, Senator Sessions.
    I have so many questions, but we are going to move it 
along. This was all helpful.
    Just one final question on this level, Mr. Hastings. I 
remember back in 1993 when the outcry occurred because the 
sheik came in through Khartoum, I believe it was, and there was 
not a computer. I take it every one of our embassies has a 
computer now, whether INS or State Department. There are no 
just handwritten lists. And what we are talking about is 
available in any point of access.
    Mr. Hastings. I know that our staff overseas has access to 
computers. Again, I am not sure where the State Department is, 
but I assume that is correct.
    Chairman Schumer. Do you know, Mr. Hitch?
    Mr. Hitch. I cannot speak for the State Department.
    Chairman Schumer. Right. OK.
    Let me ask you, Mr. Hitch, a couple of questions.
    Do you have the authority to order all the various agencies 
in the Justice Department to do things so that their computers 
are in greater sync or so that their coordination is in greater 
sync? How does that work?
    Let's say you go to the FBI and then you go to the INS--
both Justice Department components--and they have good reason, 
each of them, to say, ``No, no, no, they have to do it my way, 
or I cannot do it.'' Each agency says that. Do you have the 
ability to order them to develop a system to coordinate?
    Mr. Hitch. I believe I do, sir. But that is a new position. 
I have only been around for a month, but in my discussions with 
the Attorney General when I accepted the position, I made it 
clear that I thought that was necessary in order to be 
successful.
    Chairman Schumer. Right. OK. And so your authority----
    Mr. Hitch. And he has asked me to define an organization to 
make that happen.
    Chairman Schumer. I see. Good.
    Now, what if the same problem occurs from without your 
agency? In other words, Justice to State or CIA to Justice or 
DIA to Justice. What happens? What will happen if, say, we need 
information from DIA or NSA and they, ``We are not giving it to 
any of your Justice Department components,'' and you say you 
need it? How does that work?
    Mr. Hitch. Well, the way it is working right now, and I can 
speak from experience on this, even though it is short, is we 
approach the department directly, and we are participating in 
what are called these policy coordination committee meetings of 
the homeland security, associated with a lot of different 
topics. On this one, it would probably be called horizontal 
sharing, which is the sharing of information among Federal 
agencies. On a regular basis, we would discuss those issues and 
come to resolution of those issues.
    Chairman Schumer. And someone from the Homeland Security 
Office is there?
    Mr. Hitch. Yes.
    Chairman Schumer. OK. What if there is an impasse? You may 
not have had that yet in your short history.
    Mr. Hitch. There has not been an impasse in my short 
history. Basically, I asked that same question and was told 
that we will work it out, and basically Homeland Security will 
help us broker the agreement.
    Chairman Schumer. Okay. So we do not know, but at this 
point, you have not come across it. I take it neither of you 
have either, where someone outside of the Justice Department 
purview, you feel you need certain information from them, and 
you cannot get it. Because of their own internal reasons, they 
will not give it to you. I am sure that has happened in the 
past.
    Is that correct, Mr. Jordan? You do not have to give me any 
specifics, but I am sure it has, right?
    Mr. Jordan. That is correct.
    Chairman Schumer. And how about now? Is it better?
    Mr. Jordan. Our Director has told us that we are going to 
share information unless there is a specific or legal reason 
not to. That has been a sea-change for us at the FBI.
    Chairman Schumer. Yes. And how about the other agencies 
sharing it with you, intelligence agencies in particular?
    Mr. Jordan. It is a tremendous change there. I can tell you 
that in my position as the chief of the corruption section, I 
brief up all the cases that we have in the presence of CIA and 
DEA personnel that are assigned to FBI headquarters. They sit 
in without any reservation on all those kinds of briefings.
    Chairman Schumer. Mr. Hitch, which agency in your purview 
needs the most help in terms of bringing its computers up to 
date, its entry and all of that? Which one is the furthest 
behind where you want them to be?
    Mr. Hitch. Within Justice?
    Chairman Schumer. Yes.
    Mr. Hitch. Obviously, the two largest agencies and the two 
at the center of this issue are here at the table with me, and 
so I am looking very closely at both of those and trying to get 
involved very deeply in all the projects associated with this 
topic.
    Chairman Schumer. When we hear that there are mess-ups at 
the INS, the people in the INS are often quoted in the press 
saying, ``Well, what do you expect? Our computer system is so 
backward that it doesn't work. It doesn't do what we need.'' 
You hear that sometimes from FBI, too, although I think there 
have been greater efforts to update the FBI computers.
    Again, this is not to blame anybody here. We are all new to 
this.
    Would it be fair to say that INS is considerably behind 
most of the others?
    Mr. Hitch. I think INS needs a lot of improvement in terms 
of its computer system. I think it is fair to say that.
    Comparing it to others, I have a difficult time doing that 
at this point, based on my short tenure.
    But I am trying to work with them to improve what they 
have.
    Chairman Schumer. I have one final question for all of you. 
I have more questions that I will submit in writing.
    But there has been talk of one sort of supercomputer, where 
all the information is almost automatically shared. You would 
have to have privacy safeguards. But, again, that is who 
manipulates the computer, not what the computer says.
    What do you think of that idea? I would ask each of you, 
given your experience in this, what you think of that idea? 
What do you think of the idea of the fellow from Oracle who 
came in and said, ``You just let me do it. I will do it for 
free, and I will have you all coordinated in no time.''
    Easier said than done, obviously. When you are worth $10 
billion, you can----
    Mr. Hitch. Having been in this business for 28 years so 
far, I certainly respect Larry Ellison. However, it is easier 
said than done.
    From my perspective, I am trying to understand what the 
business issues are and what the impediments to doing what we 
want to do are. I do not think it is technology.
    We are looking into all different alternatives--
supercomputers, data mining. We are looking into distributed 
databases. We are looking at all the options. And I do not feel 
that that is the obstacle at this point.
    Chairman Schumer. But I do think, and you tell me what you 
think of this, right now there is an era of cooperation because 
of 9/11. The way the world works, the way bureaucracy works, 
if, God willing, there is no new terrorist incident a year from 
now, that could fade back into the old bureaucratic 
mentalities, unless a system is in place that ensures that 
sharing. If you believe, as I know the President does and I do, 
that this terrorism is going to be with us for decades--it is 
not an al Qaeda phenomena; it is a technology phenomena that we 
have to deal with.
    It would be good to have a system in place that makes sure 
that there is no slide-back. Do you buy that?
    Mr. Hitch. Absolutely. Absolutely.
    Chairman Schumer. And do you think we will have one in a 
year or two?
    Mr. Hitch. I think putting in place the long-term solution 
to these issues is going to take more than a year or two. I 
would couch the problem a little differently than you have. As 
opposed to the technical solution being a supercomputer, I 
think the real solution--as a couple of us, Scott and I, 
mentioned--is looking at enterprise architecture, because that 
is really where you design into the systems the ability to 
share information, making sure that you do not have 
redundancies, making sure that the business functions that are 
related get related in the system. That is the real answer.
    So my long-term approach is to make sure that we are doing 
that kind of an approach to building systems at the Justice 
Department.
    Obviously, in the shorter term, we have to look to what I 
would call patches, things to physically integrate information 
that was not previously in the same database.
    Chairman Schumer. And have you in the short time that you 
have been there had disagreements among your component agencies 
about how to solve some of these problems?
    Mr. Hitch. I would not call them major disagreements. I 
would call them heated discussions about approaches.
    I have been involved very significantly in this entry-exit 
system that is being developed at the INS. I would say we have 
come up with a collaborative effort that I am pretty proud of.
    Chairman Schumer. Okay, thank you.
    I want to thank the entire panel for being here, and I 
would ask unanimous consent the record be held open for 
approximately a week so others might submit written questions 
or some of us might, but it was very helpful.
    Senator Sessions. Mr. Chairman, can I ask one thing?
    Chairman Schumer. Please.
    Senator Sessions. Regional Organized Crime, they have a 
database system too, don't they, Mr. Jordan? The Regional 
Organized Crime group?
    Mr. Jordan. Yes.
    Senator Sessions. State systems have data systems.
    I really think that we have to do better about getting it 
all in one system.
    You listed, Mr. Hitch, here a number--EPIC and IDENT and 
JABS. There are a lot of them out there, and how you make this 
come together in a coherent way is real important.
    These systems are sources of power for the individual 
entities. They create them. They work at them. They put their 
information in them. They tend to be very jealous of them.
    So we want you to know we are behind you in trying to work 
that out. I think that is fair to say.
    Chairman Schumer. One hundred percent.
    Senator Sessions. They have some legitimate concerns, but 
for the most part, unifying this system is going to be good for 
America.
    Mr. Hastings, with regard to the two individuals--I will 
just say it this way. You will hear from the people at the top 
echelons of the Department of Justice and INS and Customs and 
State and all that; they are looking at this level up here. I 
do not think they understand or have given nearly enough 
thought to the grassroots level where you have got two 
terrorists stopped for speeding in Maryland. They were on those 
planes that killed American citizens.
    Had that information been in the system available to those 
local police officers when they ran NCIC, which they invariably 
do when they stop somebody, there would have been a hit, would 
it not, Mr. Hitch?
    Mr. Hitch. Yes.
    Senator Sessions. And, Mr. Hastings, I know there are 
policies now, with regard to what you can put in the system and 
you cannot put in the system. Let's say you have an individual 
that has been approved properly to come into the United States, 
and somewhere along the way the embassy or State Department or 
another agency determines that that person has connections to 
al Qaeda. You find out that they have overstayed in the United 
States, but they have committed no provable crime at that 
point. Can you put in the system legally today, according to 
our rules and regulations, that information, so any police 
officer stopping them would know to hold them?
    Mr. Hastings. It is my understanding in that case, where we 
have developed specific information, that that would find its 
way into our watch list and be accessible.
    Just the overstay with no other negative information I 
think is a policy that has yet to be established.
    Senator Sessions. So a mere overstay with intelligence 
information.
    Mr. Hastings. I believe that if the intelligence community 
has uncovered information that we need to know about, they 
would be working through the FBI, and that information would be 
reviewed and made available in a watch list environment. In 
that case, I do not think we would be the lead agency on 
getting that done.
    Senator Sessions. And, Mr. Hitch, what about a local police 
officer? Can they hold the individual?
    Let's say it comes up on the NCIC--an overstay, flag, 
contact FBI before releasing--something to that effect is what 
it ought to say. What power does a local police officer have to 
hold a person who is illegally in the United States?
    Mr. Hitch. Sir, I am not the best person to answer that 
question, but I do recall just in the past couple of weeks that 
the Attorney General has made some statements about pilot 
projects in Florida and elsewhere, where they are empowering 
the local police to be extensions of the INS in some ways. I 
know it is a very sensitive topic, but that is happening right 
now.
    Senator Sessions. Well, it is not that complicated. Police 
officers hold people for all kinds of crimes, and if they can 
hold them for shoplifting, if they can hold them for absconding 
and not answering warrants for traffic tickets, they can hold 
them for being in the country illegally.
    This is a political deal. It is a political deal that 
undermines the realistic ability of our country to enforce our 
immigration laws. So we passed a law, but we create a system so 
it cannot be effectively enforced.
    So we need to deal with that. I think the Attorney 
General's steps are in the right direction, but it really needs 
to go a lot further, to me.
    And I do not think police officers need 2 weeks of training 
on how to hold an illegal alien. If you do that, you have 
basically made it very difficult for them to do it.
    Chairman Schumer. And on that strong note, we thank the 
panel.
    We are now going to combine the next two panels, so we are 
going to call all four people up--Congressman Panetta, Mr. 
Terwilliger, Mr. Anderson, and Mr. Light. What we are going to 
do is, because Mr. Panetta came here with the proviso that he 
had a plane to catch, we are going to let him testify, ask him 
questions, and then go to the other three, if that is okay with 
you, Jeff. Great.
    We put you closest to the door so you can get to that 
plane.
    Is Dr. Anderson here as well? Yes. Great.
    Okay, thank you. And I want to thank very much this panel 
for coming and very much appreciate Senator Sessions' 
participation and good questions. So what I am going to do is 
introduce Leon Panetta, let him testify. We will ask him 
questions, and then we will go to the other three, if that is 
OK with everybody. Is that all right? Thank you.
    Because of his time commitment, I am going to be brief in 
my introduction. Leon Panetta is co-founder and director of the 
Panetta Institute, a nonpartisan center for the study of public 
policy. He has had a very long, very distinguished career, 
starting in politics in appointed office in his 20s; serving in 
the House of Representatives for 16 years, four as Chairman of 
the Budget Committee; and then serving President Clinton as 
both the head of OMB and then Chief of Staff.
    In addition, he was my roommate for 12 years, and he is a 
man of hard work, intelligence, integrity--just the kind of 
public servant you want.
    So, Leon, welcome. It is great to see you again, and your 
entire statement will be read in the record and you may proceed 
as you wish.

  STATEMENT OF LEON E. PANETTA, DIRECTOR, PANETTA INSTITUTE, 
                        MONTEREY BAY, CA

    Mr. Panetta. Thank you. Thank you, Mr. Chairman, Senator 
Sessions.
    Thank you for asking me to provide my views on the issue of 
the Office of Homeland Security and whether or not it should 
have more power in trying to meet this challenge of information 
sharing within the executive branch.
    Let me preface my remarks by saying that obviously I am 
going to provide these views from the White House perspective. 
I realize, as with the testimony that you just received, that 
there are a number of efforts, I am sure, that are going on 
between the various departments to try to improve the 
situation.
    Chairman Schumer. We wanted the first panel sort of to be a 
little bit of a case study, and now to take it to the larger 
issue.
    Mr. Panetta. That is why I would like to kind of address it 
from the larger perspective. Just let me get to the point very 
quickly.
    I do not think there is any question that if you want to 
have an Office of Homeland Security be effective, it has to 
have additional power to be able to effectively coordinate the 
information and activities that are so necessary to protecting 
this country against the threat of domestic terrorism.
    Part of the problem, obviously, is developing more 
effective technology. We understand that. They do have to 
develop more effective databases and better computers to put 
this information into and greater ability to share that 
information, obviously, at the local level.
    And part of the problem is also organizing common policy 
between a very large number and a diverse number of agencies 
and departments that you have to work with to try to develop 
some kind of common strategy.
    But make no mistake about it, the biggest problem to 
centralizing command and control here is the basic culture of 
the Federal bureaucracy. You have to be able to break through 
that. You have to be able to deal with a culture that basically 
resists the kind of coordination and sharing that is so 
essential to effective law enforcement.
    As Chief of Staff to the President, I was responsible for 
policy development and, obviously, the flow of crucial 
information to the President of the United States. It is my 
experience that in the absence of a clear line of authority and 
a clear chain of command, that the sharing of information 
within the Executive Branch is haphazard at best.
    When a crisis happens or when the White House directly 
says, ``I want information, and the President wants information 
on a particular issue or a particular crisis,'' the agencies 
and departments are obviously forthcoming.
    As an example of that, based on my own experience, when 
Oklahoma City took place and the bombing occurred there at the 
Federal building, what I did as Chief of Staff was convene a 
task force at the White House that included the 
representatives, obviously, of all of the responsible agencies 
involved with what had happened there for the specific purpose 
of making sure that they were sharing and coordinating crucial 
information on that crisis. We also needed to have a single 
place in which information flow could then go to the public.
    In the absence of that kind of presidential mandate or when 
that kind of crisis begins to--as you see in the present 
situation--as it begins to move away from public attention, 
information is largely provided at the discretion of each 
department or agency.
    I always found as Chief of Staff that good news can travel 
very quickly to the White House. People are willing to tell you 
if it is good news. But if it is bad news, usually it winds up 
on the front page of The Washington Post or the New York Times, 
and then you wonder why you did not hear about it or why the 
information was not shared--because nobody wants to provide 
that kind of bad news, obviously.
    So regardless of Administration, I want you to consider the 
kind of deep and intractable factors that involve the 
operations of the bureaucracy.
    Obviously, the first is protection of turf. There just is a 
natural instinct in every department and agency to try to 
protect their jurisdiction. I understand that. There is a 
loyalty that develops that is necessary for their particular 
operation. There is a certain competitiveness that is involved 
to try to sharpen their mission. Every secretary, every 
director basically talks about the special uniqueness of that 
particular operation. But the first loyalty is obviously to the 
President and the overall policy of the Administration and 
obviously to the American people, and that is a fundamental 
principle that is so often forgotten.
    The size of the bureaucracy, the sheer numbers of 
departments and agencies that share responsibility for a given 
area are just overwhelming. Homeland security, as you know, 
involves well over 40 agencies. When there are that many 
involved, it is just very difficult to determine who knows 
what. There are different databases. There are different 
operations. You have heard some of that this morning. Even 
within a large department, it was my experience that 
information can have a difficult time just making its way 
through the internal chain of command that is within that 
department. I have had secretaries tell me, when something has 
happened that was of concern to the White House, I have had 
secretaries tell me that they had no idea that a certain policy 
decision was being made at a certain level or that a certain 
fact had taken place, just because of the sheer immensity of 
the bureaucracy within that department.
    Security of information, you will hear a lot of that on 
issues that involve, obviously, national security or law 
enforcement. There is a concern about sharing that information, 
a concern about compromising an action or mission. And 
obviously, this is a legitimate concern, but there is no reason 
why that information cannot be shared with those that have the 
proper credentials, particularly at the White House level or at 
the Homeland Security level.
    Fighting for funding is another major problem, because 
every department and agency understands that their lifeblood is 
funding. They have developed their own approach to White House 
aides, to OMB aides, and to Members of Congress for the purpose 
of funding their particular programs. The dependence on certain 
Members and aides and programs just often inhibits the sharing 
of information. They basically understand that they have got to 
go to certain Members to basically make sure that those Members 
and those aides are working for them and not working for 
others.
    And obviously, there are personality differences. This is 
something that is true everywhere, I am sure. But in a large 
operation like the Federal Government, if you have friction and 
political competition between personalities, that can seriously 
affect communications and operations. There has got to be a way 
to cut through that, and obviously, you do not expect that kind 
of behavior from professionals. But if they have vital 
information, it can be used to undermine each other, and that 
is a reality.
    Recognizing the need for command and control, then, and 
coordinated information and response capability, what can be 
done to try to break through these bureaucratic barriers and 
try to accomplish the vital goal? I think the U.S. Commission 
on National Security in the 21st Century basically made this 
recognition before September 11, and I think it is still 
relevant, that we have to create a national homeland security 
agency with ``the responsibility for planning, coordinating, 
and integrating various U.S. Government activities that are 
involved in homeland security.'' They recommended the agency be 
built on the capabilities of FEMA, the Federal Emergency 
Management Agency, and include the Customs Service and the 
Border Patrol and the Coast Guard. I think it can be designed 
in different ways, but you need to establish some kind of 
agency, department agency, that has a Cabinet officer that has 
responsibility in this area.
    The appointment of a Director of Homeland Security, as the 
President has done, obviously is an important step. But unless 
that Director has direct line authority over the policies and 
funding of the agencies involved in homeland security, it is 
just very difficult to control and coordinate the effort. I do 
not care how likable that person. I do not care how nice that 
person may be. The reality is that he can persuade, he can try 
to convince people, but he cannot enforce, and you have to have 
the ability to enforce actions.
    Even with the blessing of the President, the primary 
instinct of agencies and departments is to protect their own 
information and their own operations. The reality is that they 
will do that because there is little threat of consequences.
    Funding and line authority primarily rest with each 
department and agency, so it makes them behave more like 
independent contractors than team players.
    At the very least, and this is a suggestion that I make 
from my own experience as Director of OMB, Tom Ridge obviously 
has to have broader authority over funding. I can tell you it 
would be my view that he would be more effective if you made 
Mr. Ridge a deputy director at the Office of Management and 
Budget, responsible for the budgets of the homeland security 
agencies, than just being another presidential assistant. At 
least in that position, you know that he has to oversee those 
budgets and that he can control the recommendations as to what 
those agencies ultimately get in their budgets.
    A better approach, of course, would be to have and 
establish a national homeland security agency. Again, I 
recognize there is no silver bullet here, but having that kind 
of agency and having better control and coordination and having 
a clear line of responsibility, not just for the country, not 
just for the Administration, but for the Congress. You cannot 
have a situation where you have a Homeland Security Director 
who, for whatever reason, will not testify to the Congress. You 
have to have somebody who has the ability to come here, to 
share information with the Congress, and to be the primary 
spokesman to the country.
    As a former Member of Congress, I recognize the 
difficulties of establishing any new agency. I know the turf 
battles that will go on, even in a situation that involves a 
national crisis. But I do not think that we can afford to 
simply have the internal politics of the Executive or 
Legislative Branch prevent the Nation from doing what is 
essential here to our security.
    So, Mr. Chairman, you have a choice. You can either go with 
the status quo as it exists and try to beat up different 
agencies and departments as they come up here one at a time. Or 
you can try to centralize this in a homeland security agency 
with the power to do the job.
    I think it is an important decision that hopefully you will 
proceed with.
    [The prepared statement of Mr. Panetta follows:]

    Statement of Hon. Leon E. Panetta, Director, Panetta Institute, 
                            Washington, D.C.

    Mr. Chairman and Members of the Judiciary Committee:
    Thank you for your invitation to provide my views on the issue of 
the Office of Homeland Security and whether it should have more power 
in meeting the challenge of information sharing within the Executive 
Branch.
    Let me get to the basic point quickly: There is absolutely no 
question but that the Office of Homeland Security must have additional 
power if it is to effectively coordinate the information and activities 
relevant to protecting our country against the threat of domestic 
terrorism.
    Part of the problem of coordination is developing more effective 
technology and part of the problem is organizing common policy among a 
large group of agencies and departments. But make no mistake--the 
biggest problem to centralizing command control is the basic culture of 
the Federal bureaucracy.
    As Chief of Staff to the President and therefore responsible for 
policy development and the flow of crucial information to the President 
of the United States, it is my experience that absent a clear line of 
authority and chain of command, the sharing of information within the 
Executive Branch can be haphazard at best.
    In a crisis or when the White House demands information on an 
issue, the agencies and departments are generally forthcoming. As an 
example, following the Oklahoma City bombing at the Federal Building, I 
convened a task force at the White House of all the responsible 
agencies and each day would meet for the specific purpose of sharing 
and coordinating crucial information on this crisis.
    In the absence of that kind of Presidential mandate, information is 
provided largely at the discretion of the department or agency. Good 
news generally seems to flow much faster to the White House. Bad news 
seems to usually wind up first on the front page of the Washington Post 
or the New York Times.
    Why is this? Regardless of Administration, there are some deep and 
intractable factors that characterize the operations of the 
bureaucracy.
    (1) Protection of Turf. There is a natural instinct in each 
department or agency to protect their jurisdiction. Loyalty is an 
important quality necessary to the esprit of any Federal operation. And 
competitiveness can sharpen the performance of a mission. But the first 
loyalty is to the President and to the overall policy of an 
Administration and too often, that fundamental principle is forgotten.
    (2) Size of Bureaucracy. The sheer numbers of departments and 
agencies that share responsibility for any given area can be 
overwhelming. Homeland security alone involves well over 40 agencies. 
When that many are involved, it is difficult to determine who knows 
what. Even within a large department, information can have a difficult 
time making its way through the internal chain of command.
    (4) Security of Information. In areas that involve national 
security or law enforcement, there is a concern about protecting 
information so as not to compromise an action or mission. While this 
can be a legitimate concern, there is no reason why information cannot 
be shared with those in authority at other agencies or the White House 
who have the proper security credentials.
    (5) Fighting for Funding. Because the lifeblood of each department 
and agency is money, each has developed its own approach to White House 
aides and the Congress for funding programs. Obviously, this dependence 
on specific members, aides and programs often inhibits the sharing of 
information between agencies if they believe it can hurt their 
particular budgets.
    (6) Personality Differences. In any large operation, particularly 
in government, friction and political competition between personalities 
can seriously affect communications and operations. Withholding vital 
information can be one of the ways people try to undermine each other. 
Again, there is no excuse for this kind of behavior by professionals, 
but it can be a reality.
    Recognizing the need for command control and a coordinated 
information and response capability for effective homeland security, 
what steps can be taken to overcome these bureaucratic barriers and 
accomplish this vital goal?
    The U.S. Commission on National Security in the 21st Century laid 
out the most important step--the creation of a National Homeland 
Security Agency with ``responsibility for planning, coordinating and 
integrating various U.S. Government activities involved in homeland 
security.'' They recommended building this agency on the capabilities 
of the Federal Emergency Management Agency and including the Customs 
Service, Border Patrol and Coast Guard.
    While the President has appointed a Director of Homeland Security 
within the White House, unless that Director is given direct line 
authority over the policies and funding of the agencies involved with 
homeland security, it will be very difficult to control and coordinate 
their efforts. He can persuade but he cannot enforce.
    Even with the blessing of the President, the primary instinct of 
these agencies and departments will be to protect their own information 
and operations first because there is little threat of any real 
consequences. Funding and line authority will primarily rest within 
each department and agency, and that makes them act more like 
independent contractors than team players.
    In the very least, Tom Ridge needs broader authority over funding. 
As a former Director of the Office of Management and Budget, it is my 
view that it would be more effective to make Mr. Ridge a Deputy 
Director at OMB in charge of the budgets for the homeland security 
agencies rather than just another Presidential assistant.
    The better approach is for the President to support and the 
Congress to establish a National Homeland Security Agency. Not only 
would this ensure better control and coordination within the Executive 
Branch, it would establish a clear relationship with the Congress and 
the country as to who is responsible for overall homeland security 
policy.
    As a former Member of Congress, I recognize the difficulties of 
establishing any new agency, even one essential to dealing with a 
national crisis. But if September 11 told us anything, it is that we 
cannot afford to allow the internal politics of either the Executive or 
Legislative branches prevent the Nation from doing what is essential to 
its security.
    Mr. Chairman and Members of the Committee you have two choices: You 
can accept the status quo--a Homeland Security Director with little or 
no direct line authority; or you can establish a single Homeland 
Security Agency with the power needed to do the job. This is not just a 
political decision; it is a national security decision that will 
determine whether we can more fully protect our citizens from acts of 
terrorism. I urge you and the Congress to make the right choice.

    Chairman Schumer. Well, thank you, Leon Panetta, and once 
again your remarks are excellent. Whether one agrees or not, 
they are just laid out terrifically.
    Let me ask you this. The report that you refer to that was 
made before 9/11 gave rather limited agencies. You know, there 
were a few there--the Border Patrol and FEMA and others. Would 
you, just off the top of your head, think other agencies would 
have to be part of this, or at least parts of other agencies?
    And the second question is, there are some agencies you 
would not want to put under the direct authority of the Office 
of Homeland Security, but you would certainly want that person 
to have authority to get certain things done. Take information 
sharing between the FBI and the State Department, let's say. 
How do you accomplish that in this kind of an office as well?
    Mr. Panetta. Well, obviously there would be, I think, at 
least parts of other agencies that I think that ought to be 
included here.
    Having seen efforts to try to get the Coast Guard located 
in a number of other areas, it is impossible to do. I mean, 
with all respect to the commission, that is going to be tough 
to do. But in the very least, if you could get an element of 
Coast Guard that is associated with enforcement located there, 
I think that would be important, and the same thing is true for 
these other agencies.
    I think building it on FEMA does make sense, just because 
FEMA has the responsibility for emergency response, and I think 
that is true for others, so I would look at that.
    In addition, I do think that you need a council at the 
White House. I would have the head of the Homeland Security 
Agency chair that council. But the difference is that as a 
Cabinet member and a lead Cabinet member, that person would 
have greater authority then to get responses from the other 
agencies at the table.
    So the way to get at having the Defense Department, having 
the CIA, having DIA, having these other agencies at the table 
would be make sure that you, in addition to establishing a 
Homeland Security Agency, that you formalize a council within 
the White House for that purpose.
    Chairman Schumer. Let me ask you, does it make sense to 
have a strong and statutory national chief information officer, 
maybe under the homeland security person, to deal with the 
problems that we face? I mean, the model is so obvious.
    Mr. Hitch talked about now how he has authority within the 
Justice Department, which no one had ever had before, to sort 
of knock heads and get one information-sharing system. But of 
course, if that model works, then the obvious question is, why 
don't you use a similar model when you go interagency as 
opposed to intra-agency in this kind of chief information 
officer, on the area of information would make sense. What do 
you think of that?
    Mr. Panetta. I think either a directorate or an assistant 
director responsible for coordinating that information would be 
very important, because again, even though within the 
departments there will be efforts now to try to better 
coordinate information, you have to be able to establish a 
larger information base in which different agencies can be able 
to share information, and you can require that information to 
be shared.
    Right now, there is no central location for that kind of 
information. In the absence of that, you basically have to go 
hat in hand, then, to Justice, to CIA, to these other 
departments and say, ``What do you know about this and what is 
happening?''
    Chairman Schumer. What about the answer to this?
    And I have read in the paper now that the White House is 
actually considering upgrading Tom Ridge's office, which my 
guess is, if they were to propose it, it would pass the House 
and Senate like a hot knife through butter.
    But what about the alternative answer, which says, look, 
the President is in charge of this. You do not really need this 
Cabinet-level officer, because that is his job to do. If he 
wants it done, he will get it done, and if he does not want it 
done, no matter who you have there, he will not get it done.
    Mr. Panetta. The President of the United States has 
responsibility in a number of areas each day. He is dealing 
obviously with foreign policy crises. He is dealing with 
legislative issues. He is going out on political trips. He is 
going here. He is going there. Admittedly, the President of the 
United States appoints somebody as an assistant to oversee 
that, but the problem is that the agencies and departments know 
very well that unless the President is calling on every issue 
that the Homeland Security Director is trying to enforce, that 
they can basically nod, say ``yes'', and walk away and nothing 
happens.
    You have to have line authority. And the only way you 
really have line authority is controlling the purse strings.
    Chairman Schumer. So you would say that this office has to 
have authority, but budget authority as well?
    Mr. Panetta. Absolutely. Absolutely.
    Chairman Schumer. OK. I know you are in a hurry. We very 
much appreciate your remarks. I am going to ask the other 
witnesses what they think of them, and have a safe flight.
    Mr. Panetta. Thank you, Mr. Chairman.
    Chairman Schumer. Thank you. Great.
    Okay, now let's introduce our next three witnesses and hear 
from them and see what they have to say about chief of staff, 
Congressman Panetta's fairly strong views on these issues.
    First, we are honored to have somebody just like Leon 
Panetta, who stands for excellence in government and has been 
there a long time in many different capacities, even though now 
he is out of government. My guess is he will be back at some 
point or another. But George Terwilliger is a partner now in 
the office of White & Case, which is an international law firm. 
He represents institutional clients in dealings with the U.S. 
Government. During 15 years of public service, Mr. Terwilliger 
was the Deputy Attorney General of the United States, second-
ranking in the Department of Justice. He was the U.S. Attorney 
in Vermont and Assistant U.S. Attorney in Washington, DC, and 
in Vermont. On policy matters, he was a principal in the 
highest councils of government charged with addressing a broad 
array of legal, policy issues arising in the Executive Branch. 
Mr. Terwilliger has served as counsel to a U.S. Senate 
investigation, outside general counsel to Federal commissions, 
as well as confidante and counselor to elected and appointed 
officials.
    We are also honored to have Dr. Phil Anderson. He is a 
senior fellow in the international security program at CSIS, 
the Center for Strategic and International Studies. He 
specializes in homeland security studies and was previously 
Director of Defense and Aerospace Content for the Intellibridge 
Corporation, a provider of customized Internet-based 
intelligence and advisory solutions. He also served 23 years in 
the Marine Corps, and his military experience includes 
leadership of operational organizations, from platoon through 
battalion, with deployments worldwide. He was the principal 
operations adviser to the commander of the U.S. Marine Corps 
Forces Atlantic, where he conducted research and onsite 
analyses, resulting in successful antiterrorism force 
protection plans for the U.S. forces assigned to Haiti.
    And finally, Dr. Paul Light is the founding director of the 
Center for Public Service and Vice President and Director of 
Governmental Studies at Brookings. After serving as director of 
studies at the National Academy of Public Administration from 
1984 to 1997, he came to Capitol Hill as a senior staffer to 
the Senate Governmental Affairs Committee. He then became 
Associate Dean and Professor of Public Affairs at the 
University of Minnesota's Hubert H. Humphrey Institute and was 
Director of the Public Policy program at the Pew Charitable 
Trust in Philadelphia. Dr. Light has written 15 books, 
including ``Thickening Government,'' ``The Tides of Reform,'' 
and ``The True Size of Government.''
    Each of your entire statements will be read into the 
record.
    And, Mr. Terwilliger, you may proceed.
    Senator Sessions. Mr. Chairman?
    Chairman Schumer. Please.
    Senator Sessions. If I could have a moment of personal 
privilege to welcome my good friend George Terwilliger. He used 
to be my boss; he was the Deputy Attorney General.
    But more than that, what we liked about him, and all the 
prosecutors out around the country liked, he had been a line 
prosecutor; personally tried hundreds of cases and knew all 
about that, and then had served in Vermont as a United States 
Attorney, where he was a hands-on United States Attorney.
    So not only did he have a view from the high echelons of 
the Department of Justice, but he knows what it is like out in 
the real world.
    George, it is great to have you before us.

STATEMENT OF GEORGE J. TERWILLIGER III, PARTNER, WHITE & CASE, 
                         WASHINGTON, DC

    Mr. Terwilliger. Thank you, Jeff, Senator Sessions, and 
thank you, Mr. Chairman. I do appreciate being invited here.
    I cannot help but observe, in light of your kind 
introduction and Senator Sessions' remarks, that Jeff and I 
shared duties at the Justice Department on the Attorney 
General's Advisory Committee of United States Attorneys when we 
were both United States Attorneys. Regretfully, I must say that 
some of the very information sharing-issues, and the effect of 
information sharing on how things really work out in the real 
world where the rubber meets the road, were topics of more than 
a few of those meetings, some of the self-same issues we are 
here to talk about today.
    Chairman Schumer. Which might give us cause for pessimism.
    [Laughter.]
    Mr. Terwilliger. Well, actually, I think what it may be is 
that, for all of the tragedy of September 11, it may in fact be 
the impetus to change some things that will not only help us in 
dealing with terrorism, but with a lot of other national 
problems.
    Mr. Chairman, thank you for taking my statement for the 
record. I will try to briefly summarize a couple of the points 
that I have here, in the interests of time.
    I do want to say at the outset that despite your very 
generous introduction, I do not claim to have all the answers, 
maybe not even some of them. I am not sure I even know all the 
questions, but I will share some observations.
    My statement goes into some detail about the importance of 
intelligence historically to success in our military endeavors. 
Today, while we may be in a different kind of war, we are in a 
war, and this is not a metaphorical war. I have heard some 
people recently describe it that way. We are really facing a 
new paradigm of warfare.
    But it is a war, and it is a war where our fundamental 
liberty interests are what is at stake. In my view, knowledge 
is the most important weapon we have to be able to fight that 
war against terrorists.
    We can tighten our borders. We can improve aviation 
security. We can do a bunch of other things that will improve 
infrastructure security. But there is a real danger, I think, 
in concentrating on those tangible and visible improvements 
that we could develop a Maginot Line-type mentality that will 
lull us into a sense of security based on what we see, but does 
not protect us from the real threat.
    The fact of the matter is, Mr. Chairman, I believe that we 
cannot remain the kind of free and open society that we exist 
to be without remaining vulnerable to people who are both 
willing to subvert the rule of law and to surrender their own 
lives or perhaps the lives of others to create mayhem and 
destruction in our midst.
    What this means is that intelligence, information about who 
our foe is, what they are planning to do, how they operate, is 
what is essential to victory in order to preempt further 
attacks. I would also observe that, as we divide the response 
to terrorism into prevention or preemption and consequence 
management, intelligence has great value on the consequence 
management side as well. We cannot prepare for everything that 
we have to deal with. It makes more sense to know more about 
what we are most likely to face and prepare for that.
    So the first question for me in terms of how the government 
is organized in terms of dealing with counterterrorism--how it 
is best organized--is how can we improve our counterterrorism 
intelligence effort. I think first the fact that this hearing 
is being held and that this topic is before the Congress and 
before the Administration is important, because we simply have 
to recognize and understand how important information is to our 
eventual success.
    On a more practical level, somebody has to be in charge of 
that function. It is one of the principal functions of the 
counterterrorism effort, and somebody has to be in charge of 
it. I think if you asked the question today, ``Who is in charge 
of counterintelligence intelligence functions within the 
government?'' the answer would be a lot less clear than it 
ought to be.
    There are also several policy issues that may inform a 
reasoned judgment about how to best organize the government to 
deal with this. For example, is this a law enforcement 
function? I would say, not entirely. Is it a military function? 
Not necessarily, but perhaps sometimes. Is it largely a 
national security function? Arguably so.
    I do not think these are academic points. The need to 
defend ourselves here at home, based on information to be 
acquired both here and abroad, diminishes the traditional 
distinctions between counterterrorism responsibilities of law 
enforcement agencies and those in the intelligence community.
    In addition to that, I think when we talk about 
reorganizing the law enforcement functions of some of our major 
agencies to focus on counterterrorism, we should not lose sight 
that even though counterterrorism, as you remarked before, Mr. 
Chairman, will be with us for decades, it is not going to be 
here forever.
    I see my light is on, so I will submit the rest of my 
statement for the record, if I may just make a couple of 
closing points.
    I think we ought to consider some other kind of an agency 
to perform at least the intelligence function in 
counterterrorism. It is clear that somebody has to be in 
charge. It is clear that it has to be someone that bears the 
President's authority and can direct the activities of other 
agencies, coordinate with State and local governments, and, 
indeed, the private sector, as I mention in my statement.
    The idea of having an agency or a unit or a combination of 
agency functions to do this is not inconsistent, as Mr. Panetta 
mentioned, with also having a council that is a domestic analog 
to the National Security Council at the White House performing 
this function with someone bearing the President's authority in 
charge of that.
    I do not think it is a good idea to take what is 
essentially now Governor Ridge's office and make it 
operational. The White House should not run operations.
    Thank you, sir.
    [The prepared statement of Mr. Terwilliger follows:]

    Statement of George J. Terwilliger III, Partner, White & Case, 
                            Washington, D.C.

    Mr. Chairman and Members of the Committee: I was asked to assist 
your consideration of government organizational issues related to 
counter-terrorism. I thank you for the invitation, but let me say at 
the outset that I do not claim to have a lot of answers, nor even to 
know all the questions. Thus, I offer no advice to anyone. Rather, I am 
pleased to share some observations based on my experience that I hope 
will assist consideration of how to best defend the United States from 
terrorist attack. Biographical material concerning my background is 
attached for your reference.
    Tomorrow is the 226th anniversary of one our fledgling Nation's 
early intelligence successes. When Paul Revere rode through the 
Massachusetts countryside awakening the citizen army, he was 
functioning as intelligence officer, analyst and disseminator of 
product. Observation of the British fleet, signaling the enemy's 
intentions from the tower of the North Church and a call to arms from 
horseback combined to provide and disseminate the intelligence that 
made the following day a success for the colonial forces fighting a 
war.
    Today we are in a different kind of war, but a war nonetheless. 
This is not a metaphorical war. We are confronted with a new paradigm 
of warfare.
    It is one where we face a clandestine foe using tactics that 
include the use of common instrumentalities of our commerce as weapons 
against us. It is every inch a war to defend our country from 
fundamental threats to liberty.
    In my view, knowledge is the most important weapon we have in the 
war against terrorists. We can and should tighten our borders, improve 
transportation security, increase immigration controls and take a host 
of other security measures. However, there is a danger of developing a 
``Maginot Line mentality'' that would mistake these tangible and 
visible improvements to security as a complete defense against the 
terrorist threat. We cannot remain a free society without also 
remaining vulnerable to those willing to subvert the rule of law and 
surrender their own lives in order to create mayhem and destruction. 
The only way to best such people is to know who they are, what they are 
planning and to stop them.
    This gives us something in common with our colonial predecessors. 
It means that intelligence--information about who our foe is, how it 
operates and what its plans are--is essential to our victory. Today the 
objective is to acquire the information necessary to preempt further 
attacks. Large, clandestine outlaw organizations cannot be completely 
eliminated. But their capabilities to operate can be greatly diminished 
and even destroyed if we understand who they are and how they function. 
Intelligence also has value in helping those who must manage the 
consequences of attack anticipate what particular challenges they are 
most likely to face.
    So, for me, the first question concerning how the government is 
organized to deal with terrorism today is how can we improve our 
counter-terrorism intelligence effort? I have a few observations.
    First, we need to simply recognize and understand how important the 
intelligence effort is to success. If one accepts the premise that our 
counter-terrorism program requires detailed information about our foes, 
then it must be asked, who is in charge? Perhaps because perception of 
the current threat has emerged gradually and only become a matter of 
great urgency in recent months, I think the answer to that question may 
be less clear than it ought to be.
    Second, there are several policy issues that may inform a reasoned 
judgment about how the Government would be best organized to fight 
terrorism today. Chief among these is the issue of defining clearly the 
nature of the current counter-terrorism mission here in the United 
States. Is this a law enforcement function? Not entirely. Is it a 
military function? Not necessarily. Is it a largely national security 
function? Arguably so.
    I do not intend an academic discussion. These questions, and other 
related issues, have very practical implications. The need to defend 
ourselves from attack at home with knowledge of what is going on both 
here and abroad may diminish the traditional distinction between the 
counter-terrorism responsibilities of law enforcement agencies and 
those of the intelligence community. For example, is the FBI gathering 
information in criminal investigations or for other intelligence 
purposes? Can the CIA and other community agencies share classified 
terrorism information with Federal law enforcement agencies?
    Likewise, we might bear in mind that while making us safe from 
terrorist attack will take time, it is a mission that is more limited 
than the general Federal law enforcement responsibility. Thus, one 
might question whether the broad powers and authorities necessary for 
counter-terrorism measures should be provided as general law 
enforcement authority. This could result in relatively extraordinary 
powers being applied to a wide range of investigative activities having 
nothing to do with terrorism. Conversely, the authority necessary to 
effectively combat terrorism may be withheld out of concern that we not 
expand law enforcement powers in general. In my view, despite some 
current modernizing that is necessary, the FBI and other Federal law 
enforcement agencies have built well deserved reputations for 
excellence in making this Nation more safe from crime. For all these 
reasons, I believe we should be cautious in fundamentally altering the 
role and authority of Federal law enforcement agencies.
    My third observation is that, given the foregoing considerations, 
it maybe worth considering a new organizational approach to counter-
terrorism, especially as to the intelligence function. This could be a 
new organization, or new unit or task force made up of a combination of 
parts of existing agencies. What to me renders this worth considering 
are three principal factors:
    1. The counter-terrorism intelligence challenge today is a 
domestic-international hybrid which may obviate the utility of 
traditional distinctions between domestic and international terrorism;
    2. Preempting further attacks and neutralizing terrorist 
capabilities are likely to necessitate intrusive investigative 
activities at home and unprecedented coordination of domestic and 
international intelligence functions.
    3. The organizations and the people performing these tasks must 
have clear and unambiguous legal authority for their work.
    A smaller organization dedicated to counter-terrorism intelligence 
may be both more nimble in, and more accountable for, the use of more 
powerful investigative authority that also crosses traditional legal, 
policy and agency jurisdictional lines. This may not be any answer at 
all, but we should not let the way we have been organized to date 
dictate what we do going forward without consideration of alternatives.
    My fourth point is that, regardless of the organizational structure 
used, we must improve the quality and quantity of information made 
available to those upon whose work our security depends. We cannot 
allow their work to be hindered by systemic inadequacies. For example, 
putting terminals from multiple information systems in one room and 
calling it an ``intelligence center'' is no substitute for true systems 
integration. Our Nation is in the forefront of information technology 
and our intelligence agencies should have state-of-the-art information 
systems. If government procurement procedures are an impediment to 
keeping these vital functions on the cutting edge of this rapidly 
changing technology, then the way government acquires, maintains and 
updates this technology needs to change.
    My fifth and final observation is that further organizational 
changes in government to address the terrorist threat must account for 
the necessary involvement of many Federal agencies, State and local 
governments and the private sector as both contributors and consumers 
of counter-terrorism intelligence. Federal agencies of limited 
jurisdiction, such as Immigration, Customs, BATF and others make 
extremely important contributions to counter-terrorism, including by 
collection of valuable intelligence in the ordinary course and by 
executing specific tasks in furtherance of intelligence objectives. 
Each performs part of a critical intelligence function that must be, in 
my judgment, not just coordinated, but directed.
    The same premise is true as to State and local governments, 
including their law enforcement components. While Federal direction is 
not called for, coordination in counter-terrorism is. Time and again 
State and local authorities, which have the most frequent and routine 
encounters with the general population, discover information that, when 
placed into a bigger picture, may be critical to counter-terrorism 
objectives.
    The private sector's potential to contribute should not be 
overlooked. Experience has shownthat the terrorist organizations and 
their support networks make considerable use of private sector 
services, educational and employment opportunities. Business can be a 
great help, but the effort needs Federal leadership and assistance.
    Are we doing a better job of all of this today then before 
September 11? While I have no access to non-public information, I am 
sure that we are doing better, much better. I would not be surprised to 
learn at some point in the future that our government and our allies 
have succeeded in stopping one or more significant terrorist episodes 
in the last several months. The recent capture of a key terrorist 
leader is a reminder that there are many people whose names we will 
probably never know, and whose faces we will never harm's way in 
distant places so that see, going we and our families may sleep in 
safety and security. If something more can be done here, we owe it to 
them to do it.
    Thank you.

    Chairman Schumer. Thank you, Mr. Terwilliger, again, for 
your intelligence and being right to the point.
    Dr. Anderson.

  STATEMENT OF PHILIP ANDERSON, SENIOR FELLOW, INTERNATIONAL 
   SECURITY PROGRAM, CENTER FOR STRATEGIC AND INTERNATIONAL 
                    STUDIES, WASHINGTON, DC

    Mr. Anderson. Good morning, Mr. Chairman, Senator Sessions. 
It is an honor to be here this morning, and I thank you for 
accepting my longer statement into the record.
    I would like to begin by saying that we are barely 7 months 
into what I believe to be a much deeper examination of the 
homeland security issue.
    The President has given Governor Ridge the task of 
developing a national strategy for homeland security, and it is 
important to note that despite the criticism in the media and 
on Capitol Hill that the Office of Homeland Security is 
understaffed and has no budget authority or power to make 
decisions. I believe that the public should understand that the 
Administration has really not been given enough time to fully 
address this new challenge.
    While time is of the essence, this new environment demands 
some patience to allow a comprehensive strategy to emerge. In 
the absence of a comprehensive strategy, there can be no clear 
understanding of the threat to be addressed or any real sense 
of the priorities from which specific requirements will emerge. 
Assuming the Office of Homeland Security can produce a 
comprehensive strategy this year, once it is published, the 
debate can begin on implementation.
    Although there are numerous challenges associated with 
securing the homeland, the following are a few that I believe 
should be given priority going forward.
    First, a national strategy as the basis for initiating 
government reform. In the absence of a comprehensive national 
strategy which addresses all aspects of waging an ongoing war 
against terrorism--to include detection, preparation, 
prevention, protection, response, and recovery--there can be no 
framework for establishing clear priorities or defining 
requirements to base decisions on how to organize the 
government and spend the taxpayers' money.
    With real threats to the homeland and agreement that we are 
unprepared to deal with those threats, what is needed is 
continued leadership in the Administration to finish a 
comprehensive national strategy. Significant organizational 
reform cannot happen without all the strategic underpinnings--
the strategy and all its interrelated parts that enables 
government to make decisions on how best to move forward.
    Second, a national strategy that addresses the principal 
obstacles to information sharing and coordination. No one 
disagrees the coordination and the sharing of information is 
absolutely essential in this environment, but there is little 
mention or debate about the cultural barriers that exist both 
within the Federal Government and between the Federal 
Government and the State and local governments, and between all 
aspects of government and the private sector. With extremely 
large agencies like those in the intelligence community, the 
senior leadership has their own business interests and their 
own relationships with customers and capabilities that they 
think they are protecting, that truly are the source of their 
influence.
    The CIA is a good example, and in many ways is supposed to 
be the focal point for the intelligence community. The CIA has 
privileged access to the President of the United States and 
privileged access to the Congress. Why would the Director of 
Central Intelligence want to cooperate fully with other 
intelligence agencies and give up the power that he has as CIA 
Director?
    That said, I believe that behavior can be changed through 
incentives and disincentives. Leadership is critical to 
cultural change--leaders who see the broader need, the greater 
good, and aggressively pursue them to initiate change in their 
organization and across government.
    The inherent distrust between the Federal Government and 
State and local governments is another obstacle that will have 
to be overcome. In this new environment, State and local assets 
will play the lead role in responding to and managing the 
consequences of an attack. With the exception of some 
specialized Federal capability in the Department of Energy for 
nuclear weapons and in the Department of Defense's capability 
for chemical and biological response, the majority of first 
response assets will come from State and local governments.
    It would seem that much attention has been focused on the 
Federal apparatus, but the national strategy, to be 
comprehensive, must establish the framework for effective 
communication and coordination at every level of government.
    The terrorists who attacked the World Trade Center and the 
Pentagon on September 11th were able to move information, 
people, and finances across a sophisticated terrorist network. 
The fact that government at all levels is not networked must be 
addressed.
    The intelligence community again offers a good example. 
There are 14 agencies in the intelligence community doing 
analysis. Coordinating intelligence across those disparate 
agencies involves moving information across those agencies.
    The terrorists of September 11th proved that they could 
beat us at this game. On September 12th, if you were employed 
by the Nuclear Regulatory Commission, for example, you were 
getting reports about Osama bin Laden's potential attack 
against nuclear facilities. Most assuredly, those reports came 
from a newspaper or from CNN, but not from the intelligence 
community.
    We are still in the infancy stage of determining how best 
to do this, but in the context of homeland security, if you are 
a fireman or if you are a policeman, you certainly do want and 
should expect relevant information and effective communication 
from your Federal government. As the concern about security 
abates, as it inevitably will, networking the Federal 
Government with State and local government functions must be 
aggressively pursued.
    Third, a national strategy that provides for private sector 
involvement. A good example of the complexity of initiating 
public-private cooperation can be seen in the containerized 
shipping industry. Approximately 7.5 million containers enter 
the United States each year, and the Customs Service only 
inspects 2 percent of those. The contents of these containers 
originate with approximately 450,000 shippers globally. This 
would appear to represent an unworkable number, but I believe 
that there are steps that can be taken now to reduce this 
vulnerability. An interesting statistic is that the contents of 
60 percent of those shipping containers entering the United 
States originate with just 1,000 large shipping companies 
worldwide. This would seem to be a workable number where 
cooperation between government and the private sector could 
again make a difference and drastically reduce our overall 
vulnerability.
    Recently, and I think it was just yesterday, 60 large 
corporations agreed to work with the government as part of the 
Customs Trade Partnership Against Terrorism to ensure adequate 
security of goods entering the United States, in exchange for 
faster passage through border checkpoints.
    Much of the Nation's strength rests on its privately owned 
critical infrastructure, but the private sector does not just 
own and operate the Nation's critical infrastructure. The 
private sector owns a lot of expertise that could improve the 
way in which government approaches the information-sharing 
problem. The Y2K problem is a good example, where the private 
sector did a much better job in understanding the problem in 
developing responses to it.
    And I will wrap this up quickly.
    Networking is an area that the private sector has mastered. 
They proved that during the Y2K situation.
    In the National Security Council or Homeland Security 
Council, you will not find our Federal agencies networked in 
the same way that you would find similar functions networked in 
the private sector. Developing public-private partnerships is 
complicated by the need to protect sensitive information and 
the lack of information sharing and coordination between the 
numerous agencies of the Federal Government with responsibility 
for homeland security.
    The national strategy must be the vehicle for simplifying 
the communication and coordination problem within government 
and between government and the private sector. The private 
sector should be included in the development of the strategy, 
and the strategy must formalize the means to ensure private 
sector involvement in its implementation.
    In conclusion, Mr. Chairman, over the long term, in the 
absence of a comprehensive national homeland security strategy, 
there can be no clear understanding of the threat to be 
addressed or any real sense of priorities from which specific 
requirements will emerge.
    Mr. Chairman, my time is way passed up. We appreciate the 
Committee's leadership on this issue and we look forward to 
helping in any way we can at CSIS.
    [The prepared statement of Mr. Anderson follows:]

  Statement of Philip Anderson, Senior Fellow and Director, Homeland 
  Security Initiative, Center for Strategic and International Studies

I. Introduction.

    Good morning, Mr. Chairman, Members of the Committee, it is an 
honor to be with you today, to present my views on ``Should the Office 
of Homeland Security Have More Power? A Case Study in Information 
Sharing.'' Let me begin by saying that the statement I am about to give 
represents my views and in no way should be taken as the institutional 
view of CSIS. Before beginning though, let me provide you with some 
background on the work we are doing at CSIS.
    CSIS has completed a number of homeland security projects both 
prior to and since the tragic events of September 11. In January 2001, 
CSIS released a report on the results of an 18-month study, Homeland 
Defense: A Strategic Approach. In June 2001, CSIS co-directed Dark 
Winter, a high-level simulation of a smallpox attack originating in 
Oklahoma City. In the immediate aftermath of September 11, CSIS 
convened an internal task force on terrorism, the results of which were 
published in To Prevail: An American Strategy for the Campaign Against 
Terrorism.
    CSIS is currently working on two projects in the area of Critical 
Infrastructure Protection:
    (1) A comprehensive series of events to address critical 
infrastructure issues facing the United States establishing the 
foundation for a report that will focus on what business and government 
can accomplish together to meet future threats--pulling together 
public-private partnerships.
    A simulation exercise, patterned after our Dark Winter effort--to 
focus on energy infrastructure in the United States. Rather than 
consequence management, this simulation exercise will focus on the less 
understood--and explored--scenarios in which policymakers must decide 
on whether and how to act in the case of a credible threat against 
critical energy infrastructure.

II. Overview.

    In the 7 months since the tragic events of September 11, there has 
been a great deal of momentum, both inside and outside of government--
and it would seem that we are all developing a clearer understanding of 
the Homeland Security problem in all of its complexity--but most often, 
solutions remain out of reach--which should be expected at this point--
as we are barely 7 months into a much deeper examination of the issue 
which in most ways represents the most daunting challenge the United 
States has ever had to address.
    In this new and very dangerous environment, it is clear that 
government reform will be necessary to ensure clear lines of authority, 
responsibility and most importantly, accountability to unify the 
efforts of the 46 Federal agencies that, to varying degrees, have 
responsibility for Homeland Security. With responsibility spread across 
so many agencies, effective communication and coordination is extremely 
complicated and will only become more difficult in the long term as 
threats to the homeland increase. This is made far more complex by the 
additional requirement for the Federal Government to coordinate and 
communicate efforts with State and local governments and further, to 
develop the means to work with, and cooperate with the private sector.
    The most important question to consider at this juncture is: When 
should reform be initiated? Some would argue that there is no time to 
waste and that well-informed decisions should be acted on immediately 
in this environment. However, the President has given Governor Ridge 
the task of developing a strategy for National Homeland Security and as 
such, the Office of Homeland Security should be allowed some time to 
fully address the problem. In the absence of a comprehensive strategy, 
there can be no clear understanding of the threat to be addressed or 
any real sense of priorities from which specific requirements will 
emerge. If the strategy that emerges is truly comprehensive, the debate 
that will follow will certainly involve the appropriate organization of 
government to address the problem.
    It would seem that with each passing day, the Administration, in 
the process of developing a National Strategy, is learning that 
organizational and process reform will be necessary to streamline the 
process of coordination and communication. At a Senate hearing on April 
11, to address Senator Lieberman's proposal to create a Department of 
National Homeland Security and a White House Office to combat 
terrorism, at which I was also fortunate to testify, OMB Director Mitch 
Daniels Jr., told the Senate Government Reform Committee that President 
Bush ``has said from the outset that the structure for organizing and 
overseeing homeland security may evolve over time . . . should the 
ongoing strategy review ultimately recommend to the President a 
different homeland security structure, there is a chance it may 
resemble Senator Lieberman's bill.'' Among the many organizational 
issues the strategy will have to address, the following would seem most 
important:
    Create a foundation for unifying the efforts of the Federal 
Government or at least establish the conditions for effective 
cooperation and coordination.
    (2) Point the way for those agencies of the Federal Government, 
with direct responsibility for Homeland Security, to effectively 
cooperate, coordinate and communicate with State and local governments.
    (3) Establish the conditions for every level of government to 
effectively cooperate with the private sector since they own and 
operate most of the critical infrastructure in the United States and as 
such, are ultimately responsible for securing it.
    Developing a National Homeland Security strategy that points the 
way toward effectively addressing these issues is no small task, it is 
truly a daunting challenge--the likes of which have never been faced at 
any other point in our Nation's history. It is important to note that 
despite the criticism in the media and on Capitol Hill--that the Office 
of Homeland Security is understaffed and has no budget authority or 
power to make decisions--the public should understand that the 
Administration has really not been given enough time to fully address 
this new challenge. While time is of the essence, this new environment 
demands some patience to allow a strategy to emerge. The strategy 
should serve as the basis to initiate government reform and allocate 
resources and assuming the Office of Homeland Security can produce a 
comprehensive strategy this year--and once it is published--the debate 
can begin on implementation.

III. The Challenges.

    Although there are numerous challenges associated with securing the 
homeland, the following are a few that should be given priority going 
forward:
    A National Strategy as the basis for initiating government reform: 
There have been numerous commissions and studies conducted--the Hart-
Rudman Commission, the Gilmore Commission, the Bremer Commission, and 
the Center for Strategic and International Studies Working Group on 
Homeland Defense--that addressed the lack of coordination among the 46 
Federal agencies that have specific responsibilities for Homeland 
Security. There have also been a number of proposals floating around in 
the Administration and in Congress that call for consolidating some of 
the agencies responsible for securing the homeland. The 
Administration's proposal to consolidate Immigration and Naturalization 
Service, Customs and the Border Patrol in one agency and Senators 
Lieberman and Specter's proposed National Homeland Security and 
Combating Terrorism Act of 2002 are just two examples. Governor Ridge's 
original proposal also included the Coast Guard and border-related 
parts of the Agriculture Department. In addition, many commissions and 
studies recommended that Congress develop the means for reviewing the 
President's policy and budget for Homeland Security. The lines of 
responsibility are unclear in the Executive Branch but they are just as 
unclear in the Legislative Branch given the existing committee 
structure that further complicates coordination in the Executive 
Branch.
    Most importantly, in the absence of a comprehensive National 
Strategy which addresses all aspects of waging an on-going war against 
terrorism to include, detection, preparation, prevention, protection, 
response and recovery, there is no framework for establishing clear 
priorities and defining requirements to base decisions on how to 
organize the government and spend the taxpayers' money. With real 
threats to the homeland and agreement that we are unprepared to deal 
with those threats, what is needed now is leadership in the 
Administration to finish a comprehensive National Strategy. Significant 
organizational reform cannot happen without all the strategic 
underpinnings--the strategy in all its interrelated parts--that enables 
government to make decisions on how best to move forward.
    A comprehensive threat assessment as the basis for the National 
Strategy: It would seem that the Administration has, since September 
11, taken a ``vulnerabilities-based'' approach to the problem. That is, 
in the absence of a strategy, they have attempted to identify the 
Nation's critical vulnerabilities and focus attention and resources 
accordingly. Unfortunately, at this juncture, this is exactly the 
condition the public should expect where everything appears to be a 
critical vulnerability. This situation will not resolve itself until 
the Nation has a comprehensive Homeland Security strategy.
    At the heart of any effort to develop a strategy is the requirement 
to address the likely threats. The strategy that emerges at the end of 
the development process will need to be first and foremost, threat-
specific. However, defining likely threats in this new environment is 
problematic in that they will likely derive from multiple sources with 
different objectives and various means to do us harm. Defining the 
threat is risky but absolutely necessary to developing a coherent 
National Strategy to fully address the problem. It is hard to develop 
plans, organize and allocate resources to address the myriad 
vulnerabilities that exist without taking an informed position on 
potential threats.
    While we remain extremely vulnerable in many areas, most do not 
represent critical vulnerabilities simply because they are not likely 
targets. How many people would argue, at this point, that commercial 
aviation is a critical vulnerability? On the other hand, private 
aviation with 500,000 private pilots and 200,000 private aircraft 
operating from approximately 18,000 airfields could represent a 
critical vulnerability. Some would argue that the nuclear power 
industry is critically vulnerable. I would submit that the nuclear 
power industry, the most regulated in the United States, is far less 
vulnerable than other aspects of energy infrastructure to include, 
liquid natural gas operations, refineries and petro-chemical 
operations. Without an informed assessment of how those that would do 
us harm may act, the ability to organize and allocate resources 
effectively is extraordinarily difficult, if not impossible. Another 
important point relates to the way in which the current organization of 
government looks at the threat. FEMA is a good example--with an 
organizational culture that has, for the most part, addressed natural 
disasters rather than a thinking enemy.
    A National Strategy that addresses the principal obstacles to 
information sharing and coordination: There are numerous obstacles that 
stand in the way, culture certainly not the least among them. No one 
disagrees that coordination and the sharing of information is 
absolutely essential in this environment but there is little mention or 
debate about the cultural barriers that exist both within the Federal 
Government and between the Federal Government and State and local 
governments, and between all aspects of government and the private 
sector. With extremely large agencies, like those in the intelligence 
community, the senior leadership has their own business interests and 
their own relationships with the customers and capabilities they think 
they are protecting that are the source of their influence. The CIA is 
a good example and many ways is supposed to be the focal point for the 
intelligence community. CIA has privileged access to the President of 
the United States, and privileged access to the Congress. Why would the 
Director of Central intelligence want to cooperate fully with the other 
intelligence agencies and give up the power that he has as the CIA 
director? However, behavior can be changed through incentives and 
disincentives. Leadership is critical to cultural change--leaders who 
see the broader need--the greater good--and aggressively pursue them to 
initiate change in their organizations and across government.
    The inherent distrust between the Federal Government and State and 
local governments is another obstacle that will have to be overcome. In 
this new environment, State and local assets will play the lead role in 
responding to and managing the consequences of an attack. With the 
exception of some specialized Federal capability in DOE for nuclear 
weapons and DoD's specialized chemical and biological capabilities, the 
majority of first response assets will come from State and local 
governments. It would seem that the Federal Government is primarily 
focused on the Federal apparatus, but the national strategy, to be 
comprehensive, must establish the framework for effective communication 
and coordination at every level of government.
    The terrorists who attacked the World Trade Center and the Pentagon 
on September 11 were able to move information, people, and finance 
across a sophisticated terrorist network. The fact that government at 
all levels is not networked must be addressed. The intelligence 
community again offers a good example. There are at least 11 agencies 
in the intelligence community doing analysis. Coordinating intelligence 
across those disparate agencies involves moving information across 
those agencies. The terrorists of September 11 proved that they could 
beat us at this game. On the September 12, if you were employed by the 
Nuclear Regulatory Commission, you were getting reports about Osama bin 
Laden's potential attack against nuclear facilities. Most assuredly, 
those reports came from a newspaper or from CNN not from the 
intelligence community. We are still in the infancy stage of 
determining how best to do this, but in the context of homeland 
security, if you're a fireman or policeman, you certainly do want and 
should expect relevant information and effective communication from 
your Federal Government.
    As the concern about security abates, as inevitably it will in our 
society, networking the Federal Government with State and local 
government functions must be aggressively pursued. To effectively 
respond to threats to the homeland, government at every level is going 
to have to be networked.
    A National Strategy that accounts for the primary missions of 
Federal agencies associated with Homeland Security: The national 
strategy must establish the framework to account for large gaps in 
missions that potentially stand in the way of unifying around the 
homeland security mission. Most agencies that are now focused on 
homeland security have other primary missions that will have to be 
accounted for. The Customs Service is a good example because its 
mission is as a revenue-generating agency, focused on goods and trade, 
not on security. Last year, the Customs Service collected in $23.5 
billion in taxes, fees, and penalties, second only to the Internal 
Revenue Service in generating government income. The Coast Guard is 
another good example with non-homeland security missions associated 
with routine law enforcement, fisheries, and deep-water drug and 
political refugee interdiction.
    A National Strategy that provides for private sector involvement: A 
good example of the complexity of initiating public-private cooperation 
can be seen in the containerized shipping industry. Approximately 7.5 
million containers enter the United States each year. The Customs 
Service only inspects 2 percent. The contents of these containers 
originate with approximately 450,000 shippers globally. This represents 
an unworkable number, but there are steps that can be taken now to 
reduce our vulnerability. Recently more than 50 large corporations 
agreed to work with the government to ensure adequate security of goods 
entering the United States in exchange for faster passage through 
border checkpoints. An interesting statistic is that the contents of 60 
percent of shipping containers entering the United States originate 
with just 1000 large shipping companies worldwide. This would seem to 
be a workable number where cooperation between government and the 
private sector could again make a difference and drastically reduce our 
overall vulnerability.
    Much of the Nation's strength rests on its privately owned critical 
infrastructure, but the private sector does not just own and operate 
the Nation's critical infrastructure, the private sector owns a lot of 
the expertise that could improve the way in which government approaches 
the homeland security problem. The private sector does not just have 
interest in working with the government, the government absolutely has 
to have help from the private sector. The Y2K problem is a good example 
where the private sector did a much better job in understanding the 
problem and developing responses to it. Networking is an area that the 
private sector has mastered. In the National Security Council or 
Homeland Security Council, you won't find our Federal agencies 
networked in the way you would find similar functions networked in the 
private sector.
    Developing public-private partnership is complicated by the need to 
protect sensitive information and the lack of information sharing and 
coordination between the numerous agencies of the Federal Government 
with responsibility for homeland security. The national strategy must 
be the vehicle for simplifying the communication and coordination 
problem within government--and between government and the private 
sector. The private sector must be included in the development of the 
strategy and the strategy must formalize the means to ensure private 
sector involvement in its implementation.

IV. Conclusion

    Mr. Chairman, over the long term, in this new and very dangerous 
environment, government reform must be initiated to ensure unity of 
effort and clear lines of authority, responsibility and most 
importantly, accountability. In the absence of a comprehensive national 
homeland security strategy, there can be no clear understanding of the 
threat to be addressed or any real sense of priorities from which 
specific requirements will emerge. The strategy should be the vehicle 
that establishes the framework for every aspect of government to move 
forward together in a unified and coordinated way to fully address what 
is surely the most complex problem our government has ever had to face.
    Mr. Chairman, the road ahead remains complex and dangerous with 
numerous challenges yet to be addressed. The Center for Strategic and 
International Studies is ready and willing to help.
    Organizing effectively to secure the American homeland is essential 
to our country's prosperity and to the prosperity of our allies. We 
appreciate the Committee's leadership on this issue, and we look 
forward to helping in any way we can.

    Chairman Schumer. Thank you, Dr. Anderson. I very much 
appreciate your testimony as well.
    And finally, Dr. Light.

   STATEMENT OF PAUL C. LIGHT, VICE PRESIDENT AND DIRECTOR, 
          GOVERNMENTAL STUDIES, BROOKINGS INSTITUTION

    Mr. Light. It is nice to have the last word again on this 
issue.
    As you know, the Governmental Affairs Committee is 
considering legislation to create both a Cabinet department and 
a statutory Office of Homeland Security.
    Before I go into a brief summary of my statement, I should 
note that there already is a de facto national chief 
information officer. That individual is the deputy director of 
the Office of Management and Budget for management. That is a 
position that has been vacant for 16 months. There is no 
nominee currently pending before the United States Senate. 
There is no individual who has been announced for that 
position.
    Last week, this Committee received testimony from the 
Webster Commission about streamlining and improving the FBI 
review process for appointees. We have over in the Governmental 
Affairs Committee now legislation co-authored by Senators 
Lieberman and Thompson that was favorably marked up earlier 
this session called the Presidential Appointments Improvement 
Act.
    I cannot speak for those two Senators, obviously, but a 
friendly amendment to ask the FBI to accelerate and make less 
burdensome the review process for presidential appointees might 
improve the odds that we would actually get somebody into the 
position that you clearly have heard a case made for today.
    My statement here basically argues that there is not 
necessarily too little information in the Federal Government 
today regarding potential threats, but possibly too much. 
Perfect hindsight suggests that government often has the 
information it needs to make decisions, but that it cannot sort 
it, integrate it, or interpret it. I think that historians 20 
or 30 years from now will be making that argument regarding 
September 11th.
    The Office of Homeland Security does not appear to have the 
power to break down the barriers and address the most serious 
problems facing those who desire to harm this country.
    Interestingly enough, in my analysis of the Office of 
Homeland Security, it may be young, it may be new, it may be 
understaffed, but let me tell you, Senator, it is thick. The 
organization chart for this young office is one of the most 
complicated organization charts for a White House unit or for a 
departmental unit that I have seen in my career. I make a 
career of pointing at organization charts, and I have just 
never seen on what appears to have been designed to complexify 
the movement of knowledge.
    I do not question Governor Ridge's sensibilities in putting 
together this organization chart. I just point out that it is a 
rather novel and complicated organization chart that may make 
the procurement, production, and integration of information 
more difficult than it needs to be.
    My statement looks at seven components of an integrated 
information chain that the Office of Homeland Security might 
need. I talk about production of information, which the office 
does not do and does not have the power to do. I talk about the 
procurement of information. The office does not have the 
authority to order, purchase, or otherwise gain information 
that does not currently exist. It cannot order the study of a 
particular issue. It cannot analyze a particular body of 
information.
    The word ``coordinate'' appears 33 times in the Executive 
Order establishing the office. The word ``investigate'' appears 
once. The word ``analyze'' appears not at all. The word 
``study'' appears not at all.
    The office does appear to have considerable authority to 
collect information, but as my colleagues have argued at 
Brookings and elsewhere, there is not enough staff or 
capability in the office right now to basically crunch that 
information into meaningful analysis. It does not have the 
power to assess the quality of information or the capability to 
assess the quality of information. It does not have the 
capability to assess trends, to do analysis. It absolutely does 
have the authority to disseminate information, but ironically--
and this is an important issue for this Committee and for the 
Senate as a whole--the President's assistant for homeland 
security does not have one authority to disseminate information 
to the United States Congress. He may not disseminate 
information through formal hearing or testimony before the 
United States, and I think that is a weakness in the office, 
which can be easily remedied by making that position a Senate 
advise and consent position.
    The director does have the power to classify information as 
Top Secret, but does not have the power to declassify 
information that he deems to be in the national interest to be 
declassified.
    My recommendations in my testimony are, number one, to give 
the office a statutory base. That is the coin of the realm. You 
want to go toe-to-toe with these agencies, you have to have a 
statutory base which means Senate confirmation. You need 
additional staffing. You need the dollars and the authority to 
produce and procure information, and you need to be able to 
coordinate an information technology plan for the agencies of 
government.
    I submit my testimony for the record and am open to any 
questions you may have.
    [The prepared statement of Mr. Light follows:]

        Statement of Paul C. Light, The Brookings Institution, 
                            Washington, D.C.

    I am pleased to appear before the Subcommittee today to consider 
options for strengthening the Office of Homeland Security. I believe 
this Subcommittee is right on target in asking whether and how the 
office might improve the flow of information to and from key 
decisionmakers. Although there are many causes of the September 11 
tragedy, none was so easily addressed as the failure to collect, 
interpret, and share information.
    I believe the question of information sharing involves two discrete 
parts. First, is the Federal Government currently producing the right 
information? Second, is that information available to the right people 
at the right time?
    The Immigration and Naturalization Service is a perfect case in 
point. It suffers from a dearth of high-quality information on 
potential threats to national security, and has serious vulnerabilities 
in making sure that high-quality information reaches the right people 
at the right time. Bluntly put, even if the agency were to discover a 
potential threat, it is not clear that the information would make it to 
key law enforcement and security officials in time to prevent a 
tragedy.
    We know, for example, that the INS does not have the information 
technology to track visitors to the United States. The agency simply 
does not have the right information about who is entering the country 
under what conditions and for what purpose, nor does it know where 
current visitors might be located, or whether they have over-stayed 
their welcome. Although there is nothing the Office of Homeland 
Security can do at this point to better coordinate, share, or monitor 
information that does not exist, I believe there are ways that the 
office can better control the production of information through 
expanded authority.
    We also know that the INS does not have the technology to share the 
information it does have with the right people at the right time. We 
know, for example, that information about the individuals involved in 
the September 11 attacks on New York City and Washington, D.C., did not 
make it to the right people at the right time in the Immigration and 
Naturalization Service and its contractors. Otherwise, one would be 
hard-pressed to explain last month's extraordinary news that ACS, Inc., 
had mailed visa notices on behalf of Mohamed Atta and Marwan Al-Shehhi. 
Although one can argue that there was no harm, and, therefore, no foul, 
the lack of communication up and down the INS hierarchy speaks to the 
extraordinary problems in sharing information in a timely fashion.

Deja Vu

    The INS is hardly the only Federal agency with problems collecting 
and sharing the right information. Indeed, recent Federal history is 
replete with examples of breakdowns caused by either bad information or 
good information ignored, including the security problems at the 
Nation's nuclear weapons laboratories and the taxpayer abuse at the 
Internal Revenue Service. Looking back with perfect hindsight, we can 
now see the outlines of a remarkable information breakdown at the core 
of the September 11 attacks, not the least of which were bits and 
pieces of evidence from flight schools and simulation centers. As in so 
many similar cases, from Pearl Harbor to Vietnam, we are likely to 
discover that the Federal Government had significant information about 
the potential threat, but could not put the pieces together in time.
    The fact is that the Federal Government, indeed most organizations, 
almost always have the information to prevent failure, but not the 
analysis or communication chains. That was the case in the 1980s with 
the HUD scandal and the savings & loan debacle, in the 1990s with 
espionage at the nuclear weapons labs and taxpayer abuse at the 
Internal Revenue Service, and the early 2000s with the INS. Sadly, I 
have made a living out of showing the problems associated with 
communication failures in the Federal Government. We see the same 
problems over and over and over again as information gets lost, 
distorted, mishandled, improperly classified, or misinterpreted up and 
down the ponderous Federal hierarchy. See the appendix of this 
testimony for a side-by-side confirmation of my conclusion.

Assessing the Case at Hand

    Our task today is not to look back for culprits, but to look 
forward to solutions. Simply asked by the Subcommittee, should the 
Office of Homeland Security have more power? As I and my colleagues at 
the Brookings Institution have argued, the answer is ``yes.'' Much as 
one can credit Governor Ridge with substantial success in shaping the 
budgets of the agencies involved in homeland security, his office does 
not provide the levers that are essential for coordinating, let alone 
assuring the flow of high-quality information in real time. He should 
be congratulated for having made the best of a very difficult 
situation, but should be fully empowered to make sure that the Federal 
Government has the information it needs.
    Unfortunately, I do not believe Governor Ridge has the authority to 
prevent communication failures in the future. Even a cursory review of 
the Office of Homeland Security organization chart confirms the 
problem. According to the latest available Yellow Book listing, the 
office is structured around an assortment of titles whose primary tasks 
focus more on outreach than information collection or analysis: (I have 
numbered the layers within the office using conventional nomenclature.)

        1. Assistant to the President for Homeland Security (Ridge)
        2. Deputy Assistant to the President and Deputy Director
        3. Deputy Assistant to the President (Communications & 
        Legislative Affairs)
        4. Deputy Assistant to the President for Legislative Affairs
          Senior Associate Counsel to the President and General Counsel
        5. Special Assistant and Senior Director for Information 
        Integration and Chief Information Officer
          Special Assistant and Senior Director for Policy & Plans
        6. Special Assistant and Executive Secretary
          Special Assistant for External Affairs
        7. Protection & Prevention Senior Director
          Response & Recovery Senior Director
        8. Special Assistant and Director of Communications
        9. Special Assistant for External Affairs
          Special Assistant for Public Liaison
        10. Assistant Director for Intergovernmental Affairs
        11. Communication Strategy Director
        12. Staff Assistant

    Much as one might question the problems associated with 12 discrete 
layers in the office, and much as one might ask whether the special 
assistant for information integration and chief information officer is 
(1) placed high enough in the bureaucratic pecking order, and (2) has 
too many competitors for access, the more important question at hand is 
whether Governor Ridge and his team have the authority needed to 
assemble the information they need. The answer appears to be ``no.'' At 
best, information collection and analysis is but one of many competing 
priorities in the Office of Homeland Security. At worst, it appears to 
reside in a single unit that has multiple responsibilities, not the 
least of which is ensuring that the office itself has adequate computer 
technology, which is the traditional concern of chief information 
officer posts across government. At a minimum, I would recommend 
splitting the information integration and chief information officer 
posts, while raising the former to the level of deputy assistant to the 
President.

An Inventory of Authority

    More importantly, however, I worry that the office as currently 
constructed does not have the authority to implement an aggressive 
information collection, analysis, and dissemination strategy. Let me 
suggest the following problems facing the office today:
    1. Production. The Office of Homeland Security does not have the 
authority to produce information that it deems essential to its 
planning process. Although it does have a talented, albeit small staff, 
the office does not have the internal capacity to investigate or study 
problems that Governor Ridge deems essential. To the extent words have 
meaning, ``coordinate'' appears 33 times in the President's Executive 
Order establishing the Office of Homeland Security, while the word 
``investigate'' appears only once. ``Study'' and ``analyze'' do not 
appear at all.
    2. Procurement. The Office of Homeland Security does not have the 
authority to order or purchase information, whether through private 
contractors such as the RAND Corporation, which has extraordinary 
capacity for conducting the kind of exploratory analysis that Governor 
Ridge might find particularly useful in anticipating potential threats, 
or through government intelligence agencies. Nor does the Office of 
Homeland Security have the dollars to make such purchases. If Governor 
Ridge wants a special analysis of trends across or within agency 
databases, one presumes he must ask.
    3. Collection. The Office of Homeland Security appears to have 
adequate mechanisms for tapping into the Federal Government's vast 
inventory of information. The question is whether an office composed of 
a scant 100 or so individuals, many of whom are dedicated to 
prevention, outreach, legislative affairs, communications, etc., can 
hope to swallow from the fire-hydrant of information that currently 
courses through government. I do not see, for example, the capacity to 
evaluate the quality of information flowing into the office, nor do I 
see the ability to reach down into agencies to demand the release of 
information that already exists. Even more importantly, I do not see 
the capacity needed to compel the release of information that agencies 
might or might not know they have.
    4. Quality. I do not see firm evidence that the Office of Homeland 
Security has the internal capacity to assay the quality of information 
flowing from inside or outside government. At least for the time-being, 
the office must rely on its sources to validate information.
    5. Analysis and Interpretation. The Office of Homeland Security 
does not appear to have adequate mechanisms for analyzing information. 
That might mean, for example, resolving disputes between different 
portraits of threats, or pulling strands of analysis together into a 
particular whole. Such analysis requires a much greater staffing 
complement than currently exists. By way of comparison, I would point 
the Subcommittee to the National Security Council staff, which contains 
a series of well-staffed directorates for monitoring international 
threats, as well as a well-developed administrative infrastructure. 
Although it is fair to argue that it has taken more than a half century 
to develop, the Nation does not have another 50 years to wait. This 
problem is particularly significant given the office's role in 
maintaining the Homeland Security Advisory System, which assigns 
threats on a green (low) to red (highest) level.
    6. Dissemination. The Office of Homeland Security appears to have 
adequate capability for disseminating information about potential 
threats.
    7. Classification and Declassification. Although the Office of 
Homeland Security has ample authority to classify information as ``top 
secret,'' it does not have parallel authority to order the immediate 
declassification of information that it deems in the national interest.

Recommendations for Action

    I do not believe statutory authority can solve all of these 
problems. However, it can improve the odds that the Office of Homeland 
Security can produce the right information at the right time. At a 
minimum, I strongly recommend that the office be given the authority, 
and budget, needed to produce and procure its own analysis. Some may 
argue that such analysis would merely duplicate already existing 
information. I would argue to the contrary. The Office of Homeland 
Security has a special obligation to examine information through a very 
broad lens and from a vantage point that no other agency of government 
has.
    I also strongly recommend that the office be given enough staff to 
interpret, analyze, and assay the information that it currently 
receives, and to make recommendations to Congress and the President 
regarding improvements in the information system. That might mean, for 
example, that Congress would provide the funding for a minimum staff 
floor, or create a special information directorate within a new Office 
of Homeland Security. That might also mean that Congress would require 
the office to conduct an information audit of the Federal agencies it 
coordinates, and make recommendations regarding the technology 
investments needed to assure secure, high-quality information. Finally, 
I recommend that the director of Homeland Security be given limited 
authority to declassify information deemed in the public's interest.
    These authorities will be wasted, however, if the current office or 
its statutory successor is allowed to thicken with needless 
bureaucracy. The thickening has already begun. Being lean and flat is 
not just a value that the President himself espoused in the 2000 
Presidential campaign; it is also the sine qua non for effective 
information sharing. For whatever reason, the current Office of 
Homeland Security has already become one of the thickest units in the 
White House. That not only weakens communication within the office, it 
merely adds to the extraordinary thickening of other units of 
government. To the extent the President relies on Governor Ridge to 
stay in touch with the front-lines at the INS, for example, he is 
staring down an information chain with 30-35 links. That is more than 
the Nation can afford.

    Chairman Schumer. Thank you again. I think all three of you 
really helped contribute.
    Let me start off with one question. Our first panel gave a 
pretty sanguine view of how information sharing was going 
within the Justice Department. You could argue that that makes 
the argument all three of you have made in different ways that 
we ought to do the same thing within the whole Federal 
Government, because we do have a new person here, Mr. Hitch, 
who has the power, which I did not know until this testimony, 
to order all the agencies to share information within Justice, 
and can tell the INS and FBI, et cetera, to coordinate.
    First, do you think things are going as well within the 
Justice Department, based on your experience, as they say?
    And second is the analogy that I am making: If it is good 
for within the Justice Department, which has traditionally had 
problems with information sharing, then it is probably good for 
the whole government as well.
    Mr. Terwilliger.
    Mr. Terwilliger. Senator Schumer, let me observe that I 
think it is no particular insight to say there is no issue more 
critical than information management to this effort, and there 
is no weakness that has traditionally been greater in 
government, particularly in the Justice Department and law 
enforcement, than information management. So the steps taken 
seem to be ones very much in the right direction.
    I am not sure that I am in a position to know whether it is 
working or not, maybe no one is at this point.
    Chairman Schumer. You have been aware of all the turf 
problems when you were there.
    Mr. Terwilliger. Yes, painfully.
    Chairman Schumer. And do you think that the advent of 9/11 
and a new person, who seems a fairly capable fellow who has 
done this in the private sector and other places very well, 
would be enough?
    Mr. Terwilliger. No. I think that they both will be 
important reasons for things to change, but there are systemic 
issues that will get in the way of accomplishing what Mr. Hitch 
and the Attorney General and others are setting out to do--how 
the government procures technology, how it designs it, how it 
uses it. All of those are systemic issues that giving someone 
license and authority are simply not going to be sufficient to 
solve.
    The biggest problem, in my view--and I will just confine my 
remarks to the Justice Department for the time being--in 
information management is that every agency wants to own the 
solution. If it is not an idea that has been homegrown and 
developed by that agency, then largely it is not a good one. 
There is precious little attention to how the use of that 
information may affect the functions and responsibilities of 
other components.
    Chairman Schumer. In the model that we have seen, doesn't 
Mr. Hitch have the ability to say, okay, even though this was 
developed by FBI, INS, you have to use that system.
    Mr. Terwilliger. Yes, I hope so. And I guess I would, to 
quote another famous American, say: I trust his testimony, but 
I would verify that that will happen.
    Chairman Schumer. Right.
    Dr. Anderson or Dr. Light, either one?
    Mr. Anderson. My perspective as an outside observer is that 
there is a far greater awareness clearly among those in 
government that this is important. I think that within 
departments, there has been some progress made, but it is 
between departments where the problem still exists.
    There is all kinds of great technology out there that will 
allow you to address this problem, but there is not any 
technology that is going to influence the willingness of people 
to contribute to input the system.
    You can appoint an information czar, but I am not convinced 
that even though they may have the legal authority that it is 
going to make a lot of difference.
    I think that this is truly a function of leadership. You 
have got to get the leaders involved in trying to change the 
cultures of their organizations such that they can work 
department to department and between multiple agencies of 
government that would have to try and solve this problem.
    Chairman Schumer. Do you think an Office of Homeland 
Security with Cabinet authority, budget authority and statutory 
basis could do that?
    Mr. Anderson. I think it would be a good start. I am 
convinced at this point that the strategy is going to point in 
that direction. I think that to the extent that you can reduce 
the number of agencies or at least consolidate a number of 
those agencies in one department, it is probably a step in the 
right direction. But a word of caution there relates to the 
primary missions of these agencies.
    If you look at Customs, they are a revenue-generating 
agency, second only to Internal Revenue. So that function is 
going to have to be accounted for in any organizational 
structure or any organizational reform.
    The Coast Guard has a deepwater mission. There are a lot of 
other missions non-homeland-security-related that are going to 
have to be accounted for.
    That said, the most important concern at this point is 
homeland security. So you deal with that problem first, and 
then resolve the secondary tertiary missions after the fact.
    Chairman Schumer. Dr. Light.
    Mr. Light. I have watched the chief information officer 
concept develop over the last 12, 14 years. The first CIO was 
created in the Department of Veterans' Affairs back in 1988.
    It is a slender reed on which to build a policy for 
integrating information. These offices are staffed by talented 
individuals, but 80 percent of their expenditures now are 
contracted out, and they are primarily concerned with systems.
    This augmentation of the CIO's office in Justice with a 
policy function is a novel departure from prevailing practice. 
We will just have to see how it works. I would rather see it as 
a higher level within the agency and combining both systems and 
policy.
    Chairman Schumer. Each of you had sort of different 
recommendations, but similar and not as grand, I guess, as the 
Office of Homeland Security. There could be an addition to it, 
obviously.
    Mr. Terwilliger is a chief counterintelligence officer at 
the White House, and I believe Dr. Light said let's build this 
deputy director for management who could help coordinate a lot 
of this. I take it both of you feel that that is necessary, but 
not sufficient.
    Mr. Terwilliger. Yes, I think that is right. Just to be 
clear, I would not recommend putting the intelligence function 
for counterterrorism in the White House. I would put it out 
somewhere in an agency that is dedicated to that task, whether 
it is an existing agency or whether it is--and I would frankly 
prefer to see a new agency dedicated to that function in one 
form or another. There is, frankly, a model among some of our 
allies for that type of thing.
    I think we will quickly recognize, if we do not already, 
that what we are doing now is not enough.
    Chairman Schumer. By the way, is there a model for a 
country that does this better? Obviously, we are probably the 
largest with the number of people, the amount of money spent, 
responsibilities.
    Mr. Terwilliger. Yes.
    Chairman Schumer. But is there a smaller country that does 
a better job of this that we should look at, on intelligence, 
information sharing particularly when it comes to intelligence.
    Mr. Terwilliger. You put your finger on the biggest problem 
we have, Mr. Chairman, and that is just the size of the problem 
and the breadth of the information we have to deal with. But in 
terms of conceptual models, when you talk to the people who are 
really experts in this and the professionals, they point, as 
much as it may strike some as odd to say so, to some of our 
European allies such as France, who at times appear not to have 
been totally supportive of some of the things we are doing in 
counterterrorism, but when they had a problem with terrorists 
who were threatening to blow up their symbols of democracy, 
they empowered their domestic security agency--I have worked 
with them in my days at the Justice Department--they are very 
effective. And they created a small cadre of very special 
investigating magistrates, who are the equivalent of our 
prosecutors, to be totally focused on terrorism and gave them 
extraordinary investigative authority.
    Chairman Schumer. Were they geographically--I mean, was one 
for Paris, one for Marseilles?
    Mr. Terwilliger. That is a good question that I do not know 
the answer to. But the point is I think that the danger of 
giving these extraordinary powers to law enforcement in general 
is that they then become available for a lot of problems that 
have nothing to do with terrorism. Conversely, if that is where 
we talk about reposing the power, we may not give them the 
authority they need to get the job done out of that very 
concern.
    Chairman Schumer. Dr. Light, I had asked you also about 
this deputy director for management, which is necessary, but I 
take it you would say hardly sufficient.
    Mr. Light. It's a pivot point to note that we have serious 
problems in the presidential appointments process. I have a 
colleague behind me who would be very disappointed if I did not 
make some segue here to argue for presidential appointee 
reform.
    I am a strong supporter of putting a statutory base under 
the Office of Homeland Security. I think that is essential.
    Chairman Schumer. One final question, and then I will turn 
to Jeff. Each of you has pointed out that even if we were to do 
that, you would still have many of these barriers and it would 
take a long time and you all have years of experience either 
doing this or studying it. And so let me go back to the 
question I asked I think it was the first panel.
    What about this idea to make this--I understand that you 
need more than technology. But if you have a technological 
direction, a lot of the other things fall by the wayside. So 
what about this idea of a single computer, a supercomputer, 
that Ellison model that says all our intelligence information 
is shared on this one thing, and everybody--it is not their 
only computer, but that has all their intelligence. If you 
require them to input the information and then the selected 
agencies have access to it, it makes information sharing--it 
overcomes a lot of the cultural barriers, technological 
barriers, turf issues, et cetera.
    So I think it is more than just a technology. In a sense, 
it is sort of a tool to overcome the age-old barriers that each 
of you has very aptly pointed out. There is a privacy issue, 
obviously, but I am not sure that is dispositive.
    The final question is each of your views on that.
    Mr. Terwilliger. I think that is a good vision. The answer 
probably is not--and I know you do not intend it to be as 
simple as you say, just technology or a computer.
    This is a problem that is not new. This is just a different 
subject matter to which it applies. We had this problem when 
Senator Sessions and I were at the Justice Department with drug 
intelligence.
    And our solution, one of which I frankly spilled a lot of 
blood internally within the Administration over, was to create 
a fusion intelligence center, to have a computer system where 
information from all the agencies that had drug-related 
intelligence would fuse. It has worked to a certain degree, but 
it only works as well as someone forces people to contribute to 
the knowledge base that is in that system. I think that the 
system without the authority--frankly, the authority of the 
President over it--that you must contribute this kind of 
information to that knowledge base, will not solve the problem. 
So I think it is going to take both.
    Chairman Schumer. What if you had the authority?
    Mr. Terwilliger. If you have the authority, yes, because we 
have to remember where we are trying to go here. We are trying 
to find out what our enemy is up to here and stop them before 
they do it. The ability to do that will follow naturally from 
having the information.
    Chairman Schumer. Dr. Anderson.
    Mr. Anderson. I agree completely. I would like to say, 
though, that there are no 100 percent solutions in this 
environment.
    Chairman Schumer. In this area, we would settle for 50 
percent.
    Mr. Anderson. Senator, I think that is the most important 
point. We need to do what we can do now. If we can address 60 
percent of the containers that are coming into the country, we 
need to do that. The airport analogy is a great one because any 
one of us goes to an airport, we are all treated the same way. 
But the bottom line is, through some simple identification 
means and methods, we could probably reduce that number to 30 
or 40 percent. And how much better would we be in scrutinizing 
that percentage of the entire population? A lot better.
    So we do what we can do now. And to the extent that we can 
get people to input a central system, we ought to do it, but I 
do not think we are going to get 100 percent willingness and 
ability, short of forcing agencies of government to contribute.
    Chairman Schumer. Last word, Dr. Light.
    Mr. Light. It is kind of a ``Field of Dreams'' phenomenon, 
isn't it? I mean, if we build it, will it come? And the answer 
is that I think that if you build an integrated system and you 
put authority behind it, I think we will probably do better 
than 50 percent, less than 100 percent. It is part of a broad 
attack on this particular problem, which has an asymmetry to 
it. We do not know where the next attack will come from. All we 
can do is be prudent and use due diligence to respond.
    So if it can be built and it does not cost every last penny 
in our coffers, I would say let's try.
    Chairman Schumer. Jeff.
    Senator Sessions. Thank you.
    Chairman Schumer. I thank all of you.
    Senator Sessions. It is very interesting and a great 
discussion.
    The best example I know of, of really uniting behind a 
concept, was when your former Mayor, Rudy Giuliani, was 
Associate Attorney General, he declared that we did not want 
Federal agencies in Washington setting the policy of every one 
of the offices in America, that each region would meet and set 
their priorities. And it caused quite a stir, because the FBI 
thought they should decide what their priorities were. So did 
DEA, and so did Customs.
    But because the President said, we are going to do it, and 
Rudy Giuliani's drive and vision, he just overcame the 
bureaucracy. And it just happened.
    And it is still out there functioning. I do no think quite 
as well. I think the agencies have sort of stovepiped since 
then. But for a glorious time there of several years, there was 
real unity within Federal law enforcement.
    If you create a new Cabinet position, there is just one 
more Cabinet position. That Cabinet position cannot order the 
Attorney General or the Secretary of Treasury or the Secretary 
of Transportation to do anything. It is ultimately the 
President.
    So I do not think we should dismiss entirely what is 
happening now with Mr. Ridge, because I think that what the 
President essentially said was, ``This needs a lot of time, a 
lot of personal attention. There are a lot of bureaucratic 
problems out there. I want to be personally engaged in it, but 
I cannot personally do everything, so I am choosing somebody I 
trust to be engaged in it, to advise me. All of this is an 
Executive Branch function, and they are to come to me and we 
will make sure that things happen.''
    The way I understand what Mr. Ridge has done and does do, 
is he meets with agencies where there is a dispute--like you 
used to do, George--within the Department of Justice, but he is 
doing it within the whole government.
    He says, ``Well, having heard all this, I think Treasury, 
you should give it up to Justice.'' And they say, ``No, we are 
not going to do it. You do not have any legislative 
authority.'' And what does Mr. Ridge say? ``Well, let's just go 
meet with the President, and we will talk about it.'' Well, 
then the agency heads say, ``Well, maybe we need to settle this 
thing. We really do not want to go to the President, bickering 
over some jurisdictional matter.'' And things do happen that 
way.
    So a good, strong leader, who has the personal confidence 
of the President, could even in some ways be more effective 
because he is known to speak directly to the President of the 
United States. If he is given one more Cabinet head, I am not 
sure that would have as much clout in this area.
    It is a complex deal, and I can remember the battles over 
intelligence within the Department of Justice--just brutal 
sometimes.
    I would say, you mentioned, Dr. Light, and I know Mr. 
Panetta did, and I am sorry I did not have time to question 
him, but there is a lot of power in the OMB, within the 
Administration. In other words, if an agency asked for money to 
start their intelligence system and another agency is asking 
for money to do theirs, and the President has to submit a 
budget, and he picks the one he wants. Could you explain the 
power of OMB and how that could be a vehicle for eliminating 
duplicity and creating some coherence in our government?
    Mr. Light. In theory, the budget requests move up from the 
bottom of that agency and eventually reach a decision point 
where somebody, a program associate deputy, would basically 
say, there is a conflict here, or we need to integrate.
    I think where Governor Ridge has had his greatest influence 
has been affecting the movement of budget information regarding 
the homeland security function.
    Currently within OMB, there is nobody per se who integrates 
across the various program associate program levels to say, 
okay, here is the homeland security issue. That goes all the 
way up to the Director's office, which would be Mitch Daniels, 
and one assumes that he looks at every budget request through 
the lens of what is the total for homeland security.
    Senator Sessions. But I guess the point is, assuming you 
had it staffed properly, that is traditionally thought to be 
the spot where duplications in organizations get fixed. Is that 
right? Or at least it has that potential.
    Mr. Light. On information technology, there is no question 
that Congress has given OMB responsibility for integrating and 
modernizing our computer systems. No doubt about it whatsoever. 
We have the Office of Federal Procurement Policy within OMB, 
which has been responsible for streamlining the way we purchase 
technology. The deputy director for management is theoretically 
responsible for convening the council of CIOs from around 
government.
    I mean, this all is supposed to happen within OMB. But you 
know, it is a moving process, and if you do not get the 
attention to it, and if you do not focus on it, we do not get 
the result we want.
    Senator Sessions. Mr. Terwilliger, sometimes OMB does not 
catch it, or maybe it is below their radar screen. Do you 
remember the duplication between ATF and FBI over forensic 
analysis of firearms? To me, that was a classic unfortunate 
event when two Federal agencies were competing around the 
country, trying to get their system chosen throughout the 
country.
    Mr. Terwilliger. That is true. And as you know, Senator 
Sessions, there have been a number of those. When the FBI was 
developing automated fingerprint identification, one of the 
Treasury agencies started a program to do that. In fact, 
Attorney General Barr and I at one point tried to create a law 
enforcement technology council and budgetary function with the 
blessing of OMB. Every law enforcement agency in the 
government, including our own, objected to it.
    But I think that those experiences have to be put in a 
proper perspective. What we are really grappling with here is 
that we have never had this particular issue before, at least 
since 1812. And if we had this problem at the beginning of the 
19th Century, we would call the Army and ask them to go take 
care of it. That is not, for a number of reasons, a very good 
idea right now.
    So what we are really talking about is, how do we deal with 
a pernicious, serious threat to the security of the homeland of 
the United States? The President has chosen to create a 
domestic analog to the NSC. But the NSC largely--I have sat at 
the table in the situation room of the deputies committee of 
the NSC--and the NSC largely has a policymaking function, and 
then the agencies at the table carry that policy out, and that 
policy carries the President's authority.
    I think what we are talking about in terms of the tasks 
that involve homeland security, it does certainly involve 
policy, but it is much more than that, particularly when it 
comes to information management, consequences management, and 
preemption of attack.
    Senator Sessions. Mr. Chairman, we tend to blame the 
Executive Branch, but a lot of these things are congressionally 
created. We have said, ``Secret Service, you have this 
jurisdiction. You have this authority.'' ``Coast Guard, you 
have this authority by law.'' So Mr. Ridge--or whoever is in 
charge of trying to work this--has got to utilize existing 
agencies, unless we intend to do the most monumental 
reorganization of agencies the government has ever seen, and 
maybe that is not a bad idea.
    Chairman Schumer. Everyone talked about turf in the 
Executive Branch--something unheard of in the Congress.
    [Laughter.]
    Senator Sessions. Well-said.
    So I mean probably the best way to do this thing is to make 
sure that the Border Patrol agent, the Customs agent on the 
docks, the DEA agent who may be monitoring an international 
smuggling organization, the FBI agent who is doing 
counterintelligence in organized crime and those kind of 
things, probably we are going to be stuck with this solution, 
making sure that they are moving relevant information promptly 
to the right places when it is uncovered in the course of their 
work, and perhaps giving each one of them some expanded 
additional duties with regard to homeland security, enhancing 
that as a priority of theirs.
    So then how do you at the top fix that? Do you try to 
create a separate Cabinet agency that basically is going to be 
dealing with all the other Cabinet secretaries and their 
subordinate units? Or does the President try to have his 
personal coordinator to try to coordinate? Do you have any 
comments on that?
    Mr. Terwilliger. Senator, if I may just make an 
observation? You have several times brought your perspective of 
how decisions here in Washington affect how the people we are 
depending on in the street do their jobs. One of the things 
from talking to some of those people since 9/11 that I think is 
critically important for the Congress to bear in mind and deal 
with is, we have to give them the clear and unambiguous legal 
authority for what we ask them to do.
    Right now, I think there are law enforcement agents and 
others out in the field doing things that they have been asked 
operationally to do that they are not sure they really have the 
authority to do, or at least there is uncertainty. That is not 
fair to them, and it is not very efficacious in the long term.
    Senator Sessions. And that is our responsibility as 
Congress to give them that legislative authority.
    All our agencies are limited, Mr. Chairman. They are given 
jurisdiction over certain kinds of crime and only those kinds 
of crimes. And sometimes that does impede their ability to 
reach their maximum effectiveness.
    Mr. Light. I suspect that what we are going to end up with 
a border control agency and a statutory adviser for Homeland 
Security. I suspect that is where this confluence of debate is 
heading, that we do not have the wisdom to put together a 
Cabinet department just yet, but there is this old saying that 
if it ain't broke, don't fix it, and then, if it ain't broke, 
don't break it.
    Well, you have a couple of agencies under this Committee's 
jurisdiction that are pretty badly broken, and you are going to 
have to do something. The INS problems are going to lead 
inevitably towards reorganization. Where does that take us in 
terms of a border control agency? And on the other side, we 
want a strong policy adviser who is allowed to testify before 
Congress.
    I do not know what the shape is going to be, but I would 
put money on that particular outcome sometime later this year.
    Chairman Schumer. But we are not sure that would deal with 
the information sharing, which is, to me, at least, the most 
important one of them all.
    Mr. Light. And I think that you, the Subcommittee here, 
should be working on the tasking on this particular issue. It 
is a fundamentally important question that you are raising in 
this hearing, and it is one that is not being worked anywhere 
else in this conversation that I know of.
    If you can come up with that supercomputer or you can come 
up with that answer, put it in a bill and get it through. 
Nobody is working this issue with diligence.
    Chairman Schumer. Because we are all divided, too. We had 
Justice and all of their agencies, but there are lots of 
others.
    Senator Sessions. And we have legislation. We have at least 
four or five bills now with different ideas about how to 
organize this thing. So there are a lot of different ideas out 
there.
    Sooner or later, we have to be realistic and do something 
that makes a big step forward, which I believe we can do. I do 
not think that anybody would disagree that, if we focused on 
it, we can make a large improvement from our current status.
    Mr. Anderson. I do not think this really, Senator, should 
be viewed in general terms any differently than the way we view 
national security. We have a number of different Cabinet 
secretaries with very clearly defined responsibilities, and 
departments with very clearly defined functions. They 
coordinate through the National Security Council and there is a 
National Security Advisor. It would seem to me that we should 
have the equivalent on the homeland security side and at least 
one Cabinet secretary, who consolidates potentially the border 
responsibilities, which seem to be at this point our most 
critical vulnerability.
    But it would seem in general, and certainly this is far 
more complex and involves far many more agencies, but the 
national security apparatus would probably be, in my view, a 
good starting point for the way to approach this problem 
organizationally going forward.
    Chairman Schumer. Jeff has a few more questions. I have a 
12 o'clock appointment, so I am just going to excuse myself, 
thank the witnesses, and let Jeff continue to chair the hearing 
and close it.
    Senator Sessions. Thank you, Mr. Chairman, for your 
leadership.
    Chairman Schumer. I really appreciate it. It was really 
excellent, and it is getting us thinking.
    Senator Sessions. It is important for us to be thinking 
about this.
    I am inclined to think the National Security Council 
adviser model may be the right approach, too, Mr. Anderson. In 
other words, this would be a person that answers directly to 
the President. It today coordinates international matters, and 
advises the President from the multiplicity of sources of 
information that come in. A good bit of information comes in 
outside of the State Department, so State should not be the 
only person advising the President on foreign policy issues. So 
you could do that for homeland security.
    Would the three of you like to briefly just comment on that 
model as a potential? You already have, Mr. Anderson. Would the 
other two like to comment on that?
    Mr. Light. The analogy is often made between the Office of 
Homeland Security and the NSC. I think there are some areas 
where the analogy is appropriate, and other areas where it is 
not.
    The Office of Homeland Security has a public face to it 
that the NSC and the National Security Advisor do not. Governor 
Ridge has a dissemination and a public awareness function, a 
coordination function, that is fairly significant, and I think 
leads us more towards thinking of him as we would the Director 
of OMB or the international trade representative or the drug 
czar. But I think that takes us a somewhat different direction.
    Mr. Terwilliger. I think, Senator Sessions, that at least 
the President intended to mirror in many respects the NSC model 
and the NSC adviser's model in creating the current Office of 
Homeland Security and Governor Ridge's position. But because 
there is no one else to do a lot of the other things that go 
with the issue and the tasks of homeland security, I think that 
office has been inundated with responsibility that goes well 
beyond anything we would expect in the national security arena 
for the National Security Advisor to do.
    So it may very well be that we will always need that kind 
of function, a domestic security adviser at the White House. 
The question remains whether we need something else in addition 
to that. There are two ways to go about that.
    Senator Sessions. Well, you could put those within existing 
agencies.
    Mr. Terwilliger. Exactly. Or you can create some new 
agency, which would mean taking some functions from other 
agencies.
    When I was Deputy Attorney General, I would attend the 
TREVI ministers conference, which is the G-7 nations 
international organization to deal with terrorism and 
immigration. And most of my counterparts at those meetings were 
from the ministry of the interior in the European nations, for 
example. Their chief legal officers do not function as our 
Attorney General does. They do not run the police. They do not 
handle internal security. That is in a separate ministry.
    We have just evolved in a different way. It may be that, 
given time, I think--I am not advocating for or against this--
it just may be that given time and maturity, that the idea of 
having someone of Governor Ridge's authority under presidential 
order as a domestic analog to the National Security Advisor may 
work.
    The question that I have about that is whether we have the 
time to let that mature, given the threat that we are facing.
    Senator Sessions. Dr. Light, just briefly, you mentioned 
the distinction between the National Security Advisor and the 
drug czar. Are you aware of their legislative powers and how 
they are different, and why one might be preferable to the 
other?
    Mr. Light. The drug czar, as well as the international 
trade rep, are subject to Senate confirmation, which I think is 
important. The drug czar has some certification authorities 
regarding budgets. I think if we look at the drug czar and say, 
you know, ``Gee, how successful has that been in the war on 
drugs?'' I am not sure we would all say that is the model. But 
you look at the international trade rep and the OMB Director 
and other Executive Office of the President's positions, and 
there is that legal basis for action.
    I am reminded here that, you know, the Office of Homeland 
Security is currently responsible for the homeland security 
advisory system, which alerts the American public to the level 
of threat. But again, we are in a situation where the adviser 
himself cannot come before Congress to explain why it is that 
we are in one level of threat or another.
    I agree with my colleague here that a lot of 
responsibilities have flowed into this office that have gone 
there because there is no place else to go, in a sense.
    Senator Sessions. Any other thoughts on that subject?
    Well, it is a difficult matter, how to organize this 
government. As a United States Attorney, you represent the 
United States Government, and I used to have a little phrase. 
It would say something like: ``Here are the agencies; the 
United States of America is one. It can only speak with one 
voice.''
    But the agencies become so independent over the years that 
they think that they have a right to do policies contrary to 
another agency's policies and conflict with them and fight with 
them. But they have no authority to do that. They were created 
to be part of one government, and when you get to court, there 
is only one position the United States can take.
    So it always has taught me a lesson that there is only one 
goal for our agencies, and that is to serve the United States' 
interest. And how we do it is very difficult.
    I remember writing Associate Attorney General Rudy Giuliani 
a wonderful letter I spent days writing, telling him that he 
should merge not DEA with FBI, but merge ATF with DEA. ATF and 
DEA--that would be a perfect match. And he said ``It cannot be 
done.'' I said ``why?'' And he said, ``Well, that is Treasury 
and Justice. We cannot even merge people within Justice. How 
are we going to get the Secretary of Treasury's agency to merge 
with Justice?'' That was a lesson for me in how a bureaucracy 
works and how difficult it is to overcome.
    Thank you very much for your insight. We have to continue 
to wrestle with this. I thank Senator Schumer for his 
leadership in calling this hearing. I know, having suffered as 
he did in New York--the pain of all of that--he feels a 
particularly strong mission to make sure that we do everything 
we can to make sure that does not happen again.
    If there is nothing else, we will stand adjourned.
    [Whereupon, at 12:18 p.m., the hearing was adjourned.]
    [Submissions for the record follow.]

                       SUBMISSIONS FOR THE RECORD

                  Statement of Senator Patrick Leahy, 
                 U.S. Senator from the State of Vermont

    Today the Senate Judiciary Subcommittee on Administrative Oversight 
and Courts holds an important hearing on the sharing of information and 
the power of the Office of Homeland Security, and I thank Senator 
Schumer for his focused attention on this issue. The Judiciary 
Committee has a critical oversight responsibility to ensure that 
counterterrorism information is properly shared among Federal 
Government agencies and that homeland security functions are managed 
effectively. The apparent mission and authority of the Office of 
Homeland Security relate extensively and directly to the Department of 
Justice and to Federal law enforcement and border control operations 
for which the Judiciary Committee has legislative and oversight 
jurisdiction. Strong leadership is needed to bring together the 
necessary organizations, both within and outside the Justice 
Department, and design procedures, with adequate safeguards against 
abuse, for sharing information across agencies that have different 
missions, information technologies, policies and cultures.
    Policies for sharing counterterrorism information were among the 
most controversial issues during congressional consideration of the USA 
PATRIOT Act last year. There was wide agreement on the principle that 
unnecessary barriers to the sharing of intelligence and law enforcement 
information on international terrorism should be removed. At the same 
time, there was great concern that sensitive information, such as 
information derived from grand juries or surreptitious wiretaps, should 
not be shared without close supervision by Federal judges who have 
traditionally played an important role in overseeing the grand jury and 
electronic surveillance process. Another controversial issue was the 
scope of information sharing that would be permitted for purposes 
beyond counterterrorism.
    As enacted, in Section 203, the USA PATRIOT Act reduced but did not 
completely eliminate the role of the courts in the sharing of grand 
jury information. The Act also provided for the sharing of foreign 
intelligence information from criminal investigations for national 
security purposes beyond counterterrorism, but definitions and 
procedural safeguards were included in an effort to minimize the 
dissemination of ``foreign intelligence'' about lawful activities of 
United States persons and domestic groups acquired incidentally in 
criminal investigations. The new law, in Section 905, also requires law 
enforcement agencies to notify the Intelligence Community when a 
criminal investigation reveals information of foreign intelligence 
value.
    I noted upon passage of the USA PATRIOT Act that the Judiciary 
Committee has a responsibility to exercise careful and continuing 
oversight with respect to implementation of the information sharing 
provisions of the USA PATRIOT Act. On April 11, 2002, the Attorney 
General made an announcement on information sharing that directed ``the 
Assistant Attorney General for Legal Policy, in consultation with the 
Justice Department's Criminal Division, to draft for consideration and 
promulgation, procedures, guidelines, and regulations to implement 
Sections 203 and 905 of the USA PATRIOT Act in a manner that makes 
consistent and effective the standards for sharing of information, 
including sensitive or legally restricted information, with other 
Federal agencies.'' The Attorney General stated, ``Those standards 
should be directed toward, consistent with law, the dissemination of 
all relevant information to Federal officials who need such information 
in order to prevent and disrupt terrorist activity and other activities 
affecting our national security. At the same time, the procedures, 
guidelines, and regulations should seek to ensure that shared 
information is not misused for unauthorized purposes, disclosed to 
unauthorized personnel, or otherwise handled in a manner that 
jeopardizes the rights of U.S. persons, and that its use does not 
unnecessarily affect criminal investigations and prosecutions. The 
standards adopted will govern the coordination of information directed 
by this memorandum, and [sic] well as other voluntary or mandated 
sharing of criminal investigative information.''
    I welcome the Attorney General's assignment of responsibility for 
the drafting of these information sharing procedures, and I look 
forward to consultation by the Department of Justice with this 
Committee before rules are promulgated on such an important matter.
    Information sharing involves technology and cultural issues as well 
as policy considerations. Over the past month the full Judiciary 
Committee has held two hearings on the FBI that highlighted the 
weaknesses in the Bureau's information technology and security. On 
March 21, 2002, the Justice Department Inspector General described 
serious information management problems that contributed to the delay 
in producing documents in the Oklahoma City bombing case. On April 9, 
2002, Judge Webster discussed his Commission's report findings on 
information security flaws that helped make it possible for FBI Agent 
Robert Hanssen to commit espionage undetected. At both hearings, senior 
FBI officials described the challenges they face in designing and 
deploying new information technologies and management tools to meet the 
operational and security needs of the FBI.
    Today's hearing reminds us that the FBI cannot function in 
isolation from the rest of the Justice Department or from other Federal 
agencies. Other Justice Department components such as the Immigration 
and Naturalization Service, the Criminal Division, the Office of 
Intelligence Policy and Review, and the new Foreign Terrorist Tracking 
Task Force share responsibility for counterterrorism and homeland 
security and are at different stages in their development and use of 
information technologies. The appointment of Mr. Vance Hitch as new 
Chief Information Officer for the Department of Justice is a welcome 
opportunity for leadership that integrates the work of Departmental 
components internally and with other agencies. I encourage all elements 
of the Justice Department to work closely with Mr. Hitch to achieve as 
much collaboration as possible in the design of technologies and 
information sharing policies that achieve shared national 
counterterrorism and homeland security objectives.
    Many of those national objectives and required actions have been 
set out by the President in a series of policy directives based on the 
advice of Governor Ridge, with the support of the staff of the Homeland 
Security Office. Presidential decisions on homeland security are 
coordinated through interagency bodies chaired by Governor Ridge and 
his staff. Several witnesses today will testify as to the advantages 
and disadvantages of various legislative proposals to enhance or 
supplement the limited powers that Governor Ridge and his office 
currently have under Presidential directives.
    Whatever may be the legislative route, however, it is important to 
stress that the Department of Justice and law enforcement agencies 
generally have the principal domestic role in the operational 
implementation of the President's counterterrorism and homeland 
security policies. If any new Senate-confirmed positions are 
established to lead counterterrorism or homeland security organizations 
that directly and substantially affect Federal law enforcement, either 
in the White House office or in a new department or agency, the 
Judiciary Committee has the duty to ensure that the nominees are 
qualified to perform the functions of their office and to oversee their 
performance. In any event, this Committee, both through the work of the 
full Committee and the capable leadership of its subcommittee chairmen, 
will continue to monitor and engage in constructive and productive 
dialog with the Administration and Justice Department in this important 
work.
                               __________
                                     Department of Justice,
                                   Washington, DC., April 26, 2002.
Hon. Charles Schumer, Chairman,
Subcommittee on Administrative Oversight and the Courts,
Committee on the Judiciary,
U.S. Senate, Washington, DC.

    Dear Mr. Chairman: I am writing to clarify two statements that were 
made concerning the admission of Mohammed Atta and the issuance of 
Forms I-20 to Atta and Marwan Al-Shehhi during opening remarks at the 
April 17, 2002 hearing of the Senate Judiciary Committee, Subcommittee 
on Administrative Oversight and the Courts. I ask that you enter this 
letter into the hearing record.
    In your opening statement, you said that, ``since September 11, 
2001 every local, State, and Federal Government agency has been 
scrambling to repair the holes in our homeland defense,'' and cited 
``sending student visas to known terrorists'' as an example. On March 
19, 2002, before the House Committee on the Judiciary, Subcommittee on 
Immigration and Claims, Commissioner Ziglar testified that, contrary to 
some reports, the Immigration and Naturalization Service (INS) did not 
recently approve the applications for Atta and Al-Shehhi to change 
their non-immigrant status. Adjudication of Atta's change of status 
application took place on July 17, 2001, and adjudication of Al-
Shehhi's change of status application took place on August 9, 2001. 
What Huffman Aviation International School received on March 11, 2002, 
were file copies of paperwork originally prepared on behalf of Atta and 
Al-Shehhi. No new visas were issued and no new decisions were reflected 
in the documents sent to them.
    It has been acknowledged that prior INS procedures and contract 
terms for data entry and the mailing of student approvals were not 
effective or desirable--both have changed. Commissioner Ziglar has 
ordered that student notifications (I-20s) be mailed directly to the 
schools at the time of adjudication. In addition, INS procedures and 
the related contract have been modified to ensure that schools are 
promptly notified when a student enters the United States at a port-of-
entry.
    You also summarized your perception of the information-sharing 
problem by quoting Larry Ellison of Oracle, who said that, ``We knew 
that Mohammed Atta was wanted. We just didn't check the right database 
when he came into the country.'' As the Commissioner has testified, 
Atta was not the subject of a lookout or watch list at any time that he 
was admitted into the United States. Again, let me emphasize that the 
INS had no intelligence information that Atta was a potential 
terrorist.
    Thank you for the opportunity to explain this information to you. 
Please contact me if you have additional questions or concerns about 
this or any other immigration-related matter.
            Sincerely,
                                                  Joseph Karpinski,
                                 Director, Congressional Relations 
                                                and Public Affairs,
  

