[House Hearing, 108 Congress]
[From the U.S. Government Publishing Office]



 
  FACILITATING AN ENHANCED INFORMATION SHARING NETWORK THAT LINKS LAW 
    ENFORCEMENT AND HOMELAND SECURITY FOR FEDERAL, STATE, AND LOCAL 
                              GOVERNMENTS

=======================================================================

                                HEARING

                               before the

                SUBCOMMITTEE ON TECHNOLOGY, INFORMATION
                POLICY, INTERGOVERNMENTAL RELATIONS AND
                               THE CENSUS

                                 of the

                              COMMITTEE ON
                           GOVERNMENT REFORM

                        HOUSE OF REPRESENTATIVES

                      ONE HUNDRED EIGHTH CONGRESS

                             SECOND SESSION

                               __________

                             JULY 13, 2004

                               __________

                           Serial No. 108-254

                               __________

       Printed for the use of the Committee on Government Reform


  Available via the World Wide Web: http://www.gpo.gov/congress/house
                      http://www.house.gov/reform





                 U.S. GOVERNMENT PRINTING OFFICE

98-119                 WASHINGTON : 2004
_________________________________________________________________
For sale by the Superintendent of Documents, U.S. Government Printing 
Office Internet: bookstore.gpo.gov Phone: toll free (866)512-1800; 
DC area (202) 512-1800 Fax: (202) 512-2250 Mail: Stop SSOP, 
Washington, DC 20402-0001





                     COMMITTEE ON GOVERNMENT REFORM

                     TOM DAVIS, Virginia, Chairman
DAN BURTON, Indiana                  HENRY A. WAXMAN, California
CHRISTOPHER SHAYS, Connecticut       TOM LANTOS, California
ILEANA ROS-LEHTINEN, Florida         MAJOR R. OWENS, New York
JOHN M. McHUGH, New York             EDOLPHUS TOWNS, New York
JOHN L. MICA, Florida                PAUL E. KANJORSKI, Pennsylvania
MARK E. SOUDER, Indiana              CAROLYN B. MALONEY, New York
STEVEN C. LaTOURETTE, Ohio           ELIJAH E. CUMMINGS, Maryland
DOUG OSE, California                 DENNIS J. KUCINICH, Ohio
RON LEWIS, Kentucky                  DANNY K. DAVIS, Illinois
JO ANN DAVIS, Virginia               JOHN F. TIERNEY, Massachusetts
TODD RUSSELL PLATTS, Pennsylvania    WM. LACY CLAY, Missouri
CHRIS CANNON, Utah                   DIANE E. WATSON, California
ADAM H. PUTNAM, Florida              STEPHEN F. LYNCH, Massachusetts
EDWARD L. SCHROCK, Virginia          CHRIS VAN HOLLEN, Maryland
JOHN J. DUNCAN, Jr., Tennessee       LINDA T. SANCHEZ, California
NATHAN DEAL, Georgia                 C.A. ``DUTCH'' RUPPERSBERGER, 
CANDICE S. MILLER, Michigan              Maryland
TIM MURPHY, Pennsylvania             ELEANOR HOLMES NORTON, District of 
MICHAEL R. TURNER, Ohio                  Columbia
JOHN R. CARTER, Texas                JIM COOPER, Tennessee
MARSHA BLACKBURN, Tennessee          BETTY McCOLLUM, Minnesota
PATRICK J. TIBERI, Ohio                          ------
KATHERINE HARRIS, Florida            BERNARD SANDERS, Vermont 
                                         (Independent)

                    Melissa Wojciak, Staff Director
       David Marin, Deputy Staff Director/Communications Director
                      Rob Borden, Parliamentarian
                       Teresa Austin, Chief Clerk
          Phil Barnett, Minority Chief of Staff/Chief Counsel

   Subcommittee on Technology, Information Policy, Intergovernmental 
                        Relations and the Census

                   ADAM H. PUTNAM, Florida, Chairman
CANDICE S. MILLER, Michigan          WM. LACY CLAY, Missouri
DOUG OSE, California                 STEPHEN F. LYNCH, Massachusetts
TIM MURPHY, Pennsylvania             ------ ------
MICHAEL R. TURNER, Ohio

                               Ex Officio

TOM DAVIS, Virginia                  HENRY A. WAXMAN, California
                        Bob Dix, Staff Director
                 Chip Walker, Professional Staff Member
                         Juliana French, Clerk
            Adam Bordes, Minority Professional Staff Member



                            C O N T E N T S

                              ----------                              
                                                                   Page
Hearing held on July 13, 2004....................................     1
Statement of:
    Hughes, Lieutenant General Patrick, Assistant Secretary for 
      Information Analysis, U.S. Department of Homeland Security; 
      Russell Travers, Deputy Director and Associate Director for 
      Defense Issues, Terrorist Threat Integration Center; and 
      Willie Hulon, Deputy Assistant Director, Counterterrorism 
      Division, Federal Bureau of Investigation..................     7
    Lynch, Gerard, chairman, Regional Information Security 
      Systems Policy Board; Mark Zadra, chief of investigations, 
      Florida Department of Law Enforcement; and Suzanne Peck, 
      chief technology officer, government of the District of 
      Columbia...................................................    60
Letters, statements, etc., submitted for the record by:
    Clay, Hon. Wm. Lacy, a Representative in Congress from the 
      State of Missouri, prepared statement of...................    45
    Hughes, Lieutenant General Patrick, Assistant Secretary for 
      Information Analysis, U.S. Department of Homeland Security, 
      prepared statement of......................................    10
    Hulon, Willie, Deputy Assistant Director, Counterterrorism 
      Division, Federal Bureau of Investigation, prepared 
      statement of...............................................    32
    Lynch, Gerard, chairman, Regional Information Security 
      Systems Policy Board, prepared statement of................    62
    Peck, Suzanne, chief technology officer, government of the 
      District of Columbia, prepared statement of................    90
    Putnam, Hon. Adam H., a Representative in Congress from the 
      State of Florida, prepared statement of....................     4
    Travers, Russell, Deputy Director and Associate Director for 
      Defense Issues, Terrorist Threat Integration Center, 
      prepared statement of......................................    17
    Zadra, Mark, chief of investigations, Florida Department of 
      Law Enforcement, prepared statement of.....................    73


  FACILITATING AN ENHANCED INFORMATION SHARING NETWORK THAT LINKS LAW 
    ENFORCEMENT AND HOMELAND SECURITY FOR FEDERAL, STATE, AND LOCAL 
                              GOVERNMENTS

                              ----------                              


                         TUESDAY, JULY 13, 2004

                  House of Representatives,
   Subcommittee on Technology, Information Policy, 
        Intergovernmental Relations and the Census,
                            Committee on Government Reform,
                                                    Washington, DC.
    The subcommittee met, pursuant to notice, at 3 p.m., in 
room 2154, Rayburn House Office Building, Hon. Adam Putnam 
(chairman of the subcommittee) presiding.
    Present: Representatives Putnam, Turner, and Clay.
    Staff present: Bob Dix, staff director; John Hambel, senior 
counsel; Ursula Wojciechowski, professional staff member; 
Juliana French, clerk; Felipe Colon, fellow; Kaitlyn Jahrling, 
intern; Adam Bordes, minority professional staff member; and 
Jean Gosa, minority assistant clerk.
    Mr. Putnam. A quorum being present, this hearing on the 
Subcommittee on Technology, Information Policy, 
Intergovernmental Relations and the Census will come to order. 
Our deepest apologies for us running an hour late because of 
votes, but that is the nature of this business.
    Good afternoon and welcome to the subcommittee's hearing 
entitled ``Facilitating an Enhanced Information Sharing Network 
that Links Law Enforcement and Homeland Security for Federal, 
State, and Local governments.'' This hearing will address the 
initiatives and strategies being implemented to enhance 
information sharing capabilities between Federal, State and 
local law enforcement agencies and homeland security 
activities. There are many examples of direct and indirect 
links between criminal activity and terrorist-related activity. 
Accordingly, law enforcement agencies at all levels of 
government should have effective collaborative capabilities for 
information sharing.
    The need to coordinate the efforts of Federal, State, and 
local governments for homeland security is now well understood. 
September 11th highlighted the increasing risk of terrorist 
attacks on U.S. soil. Consequently, Federal, State and local 
governments recognized the need to effectively unify efforts to 
enhance homeland security by employing the unique contribution 
at each level a government can make on the basis of its 
capabilities and knowledge of its own environment. U.S. 
intelligence and law enforcement communities continuously 
assess both foreign and domestic terrorist threats to the 
United States. In October 2001, Congress passed the USA Patriot 
Act, to improve the sharing of information between the 
intelligence and law enforcement communities.
    Information sharing and coordination among government 
organizations are essential to producing comprehensive and 
practical approaches to combating threats. Having information 
on threats and actual incidents experienced by others can help 
an organization identify trends, better understand the risk, 
and determine what preventive measures should be implemented. 
In addition, comprehensive, timely information on incidents can 
help Federal and nonFederal analysis centers determine the 
nature of an attack, provide warnings and advise on how to 
mitigate an imminent attack. Also, sharing information on known 
terrorists and criminals can help secure our Nation's borders.
    There is clear, compelling, and documented evidence to 
support the notion that there are instances of a direct link 
between criminal activity such as drug trafficking, illegal 
gambling, and money laundering whose primary beneficiaries are 
terrorist organizations. Cutting off funding sources and 
interrupting the linkage that supports the threat activity will 
contribute to a more secure America.
    Another critical issue in developing effective analysis and 
warning capabilities is to ensure that appropriate intelligence 
and other threat information, both cyber and physical, are 
received from the intelligence and law enforcement communities. 
For example, there has been great public debate regarding the 
quality and timeliness of intelligence data shared between and 
among relevant intelligence law enforcement and other agencies. 
Today we will not focus on the rear-view mirror or dwell on 
past breakdowns in the process of gathering or sharing 
information. Today's hearing seeks to address this matter in 
the unclassified space, with knowledge that there's an 
enormously valuable and important component of information 
sharing managed and conducted in the classified space. 
Regardless of source, it is important that relevant information 
be available to appropriate decisionmakers to enhance our 
prevention efforts in the law enforcement and homeland security 
communities on behalf of protecting our citizens from foreign 
and domestic threats. We need only to be reminded of the sniper 
tragedy in the Washington area during the fall of 2002 to 
reflect on the intrinsic value of such collaboration.
    During this hearing, we will examine the efforts and 
progress achieved in developing secure, reliable, and 
interoperable information sharing networks that facilitate a 
comprehensive real-time information sharing capability that is 
dependable and respects privacy. The subcommittee will seek a 
better understanding of how improved collaboration and 
communication will enhance two-way flow of information between 
Federal, State and local law enforcement entities. With the 
threat environment that exists in the world today, it is 
increasingly important that cross-agency and intergovernmental 
collaboration is effective and efficient. Accordingly, the 
subcommittee will explore progress and obstacles to achieving 
the most successful implementation of a strategy for 
information sharing related to law enforcement and homeland 
security.
    We have a very distinguished panel of witnesses today and I 
look forward to their testimony and the opportunity to explore 
these matters in greater detail. Today's hearing can be viewed 
live via Webcast by going to reform.house.gov and clicking on 
the link under live committee broadcast.

    [The prepared statement of Hon. Adam H. Putnam follows:]

    [GRAPHIC] [TIFF OMITTED] 98119.001
    
    [GRAPHIC] [TIFF OMITTED] 98119.002
    
    [GRAPHIC] [TIFF OMITTED] 98119.003
    
    Mr. Putnam. At this time, I would yield to the gentleman 
from Ohio for any opening statements he may have. You are 
recognized for 5 minutes.
    Mr. Turner. Thank you, Mr. Chairman. I want to congratulate 
you on your efforts to continue the review of the issues of 
technology and how it plays an important role in homeland 
security. So much of the work we have had in front of us has 
been an ascertainment of areas in which we need to bolster the 
ability for agencies to work together both in information 
sharing and just in basic communications, so I appreciate your 
focus on this issue.
    Mr. Putnam. Thank you very much. And we will insert Mr. 
Clay's statement for the record at the appropriate time.
    At this time, we will move directly into testimony. If the 
first panel would please rise for the administration of the 
oath and anyone accompanying who will be providing answers.
    [Witnesses sworn.]
    Mr. Putnam. All the witnesses have responded in the 
affirmative, and we will move to testimony. As you know, you 
have a light panel on your desk indicating the 5-minute time 
restraints, and the bulk of your statement will be inserted 
into the record.
    Our first is Lieutenant General Patrick Hughes, U.S. Army, 
retired, the Assistant Secretary for Information Analysis with 
the Department of Homeland Security. General Hughes assumed his 
current duties on November 17, 2003. He was formerly president 
of PMH Enterprises, LLC, a private consulting firm specializing 
in intelligence, national security and international relations. 
He retired from the U.S. Army on October 1, 1999 after more 
than 37 years of military service beginning as an enlisted 
soldier and combat medic in January 1962. His last Active-Duty 
assignment was Director of the Defense Intelligence Agency, a 
position which he held for 3\1/2\ years. Other positions 
included Director of Intelligence, J2, Joint Staff and DIA, 
Director of Intelligence J2 U.S. Central Command, and 
Commanding General of the U.S. Army Intelligence Agency. We 
appreciate the work that you have done for this Nation and you 
are recognized for your opening statement.

  STATEMENTS OF LIEUTENANT GENERAL PATRICK HUGHES, ASSISTANT 
SECRETARY FOR INFORMATION ANALYSIS, U.S. DEPARTMENT OF HOMELAND 
   SECURITY; RUSSELL TRAVERS, DEPUTY DIRECTOR AND ASSOCIATE 
   DIRECTOR FOR DEFENSE ISSUES, TERRORIST THREAT INTEGRATION 
     CENTER; AND WILLIE HULON, DEPUTY ASSISTANT DIRECTOR, 
   COUNTERTERRORISM DIVISION, FEDERAL BUREAU OF INVESTIGATION

    General Hughes. Thank you very much, Mr. Chairman and 
Congressman Turner and other distinguished staff of the 
subcommittee.
    I am privileged to appear before you today to discuss the 
current status of the progress being made by the Department of 
Homeland Security to coordinate efforts to achieve common 
goals. In this case, we are focused on information sharing and 
collaboration. Information sharing is becoming more common 
throughout the Federal, State, territorial, tribal, major city, 
local and private sector environment in which DHS interacts. 
However, we have not yet completed the mechanisms to engage in 
information sharing nor have we fully developed the systemic 
methodology necessary to fully achieve our collaborative goals. 
We are working toward that end as rapidly as we can.
    Our goal is to effectively, efficiently, and 
synergistically pass and receive information in all of its 
forms for the benefit of the U.S. Government, our nonFederal 
constituents and DHS entities. In order to achieve this goal, 
we must build an architecture with technical and procedural 
transparency and interoperability wherever possible.
    However, the most significant impediments to information 
sharing are not technological. They are legal and cultural and 
evolve both policy and procedure. In response to these and 
other challenges, DHS has established an Information Sharing 
and Collaboration Center which will achieve improvements in 
these areas. The primary means of interdepartmental, 
interagency, and intersector communication, intersector 
communication being two way, that DHS will use is the Homeland 
Security Information Network, otherwise known as HSIN. The 
service system and capabilities that form the larger network 
are on the way to being fielded throughout the State and 
territorial constituency with plans to expand that fielded 
element to all other partners and associates as soon as 
possible.
    Given our imperative to provide support and assistance to 
State and local officials, it is no longer sufficient to have 
vertical and horizontal linkage just with some of the 
participants. The Nation must achieve a fully collaborative 
environment through which homeland security officials, law 
enforcement, first responders, and decisionmakers can fully 
interact, across traditional boundaries, seamlessly and 
effectively to deal with issues of terrorism and response to 
terrorism and other emergency conditions.
    I would like to inform you at the present time, including 
our participation in the newly constructed Homeland Security 
Interactive Operations Center, we in DHS at the Office of 
Information Analysis, which I am privileged to head, have the 
following connectivity: standard telephone; secure telephones; 
facsimile of all kinds; wideband encrypted NSTS, or gray phone; 
courier service; standard Internet connectivity; open-source 
information system and NIPRNet connectivity; SIPRNet 
connectivity; joint worldwide intelligence communication system 
linkage; secure VTC capability; and many software and hardware 
tools which collectively affords us access to virtually every 
communication and information sharing level and capability that 
we need to fully engage in the intelligence function.
    We have liaison officers with online access to the CIA, to 
the Terrorism Threat Integration Center, TTIC, to the National 
Security Agency, to the National Geospatial Agency, DOD, and 
especially to the Federal Bureau of Investigation. All of those 
liaison officers have access to their automated systems of 
their organizations. We are fully integrated into the national 
government meeting mechanism. We are making steady progress to 
connect to the Homeland Security Information Network.
    We can do the job now and do it well. We seek to continue 
to make progress to more fully realize the goals we have set 
for broad and unfettered access to as much information as 
possible in the shared context to secure our homeland.
    Mr. Chairman and members of the subcommittee, this 
concludes my prepared statement. Thank you very much.
    Mr. Putnam. Thank you very much, General Hughes.
    [The prepared statement of General Hughes follows:]
    [GRAPHIC] [TIFF OMITTED] 98119.004
    
    [GRAPHIC] [TIFF OMITTED] 98119.005
    
    [GRAPHIC] [TIFF OMITTED] 98119.006
    
    [GRAPHIC] [TIFF OMITTED] 98119.007
    
    Mr. Putnam. Our next witness is Mr. Russell Travers. Mr. 
Travers is serving as TTIC Deputy Director and the Associate 
Director for Defense Issues. Mr. Travers manages the 
government-wide information sharing initiative, TTIC's red 
team, and knowledge-development efforts in the maintenance of 
the USG's terrorists' identities' data base. He is responsible 
for TTIC's interaction with DOD's analytic efforts focused on 
terrorism. Formerly he was the Deputy Director for Policy 
Support at the Defense Intelligence Agency and responsible for 
intelligence support to the Office of Secretary of Defense, 
managing activities of the Defense intelligence officers and 
overseas liaison officers, administering special access 
programs and organizing agency support to homeland defense. He 
received his B.A. in government from the College of William & 
Mary and his J.D. from George Washington. Welcome to the 
subcommittee.
    Mr. Travers. Mr. Chairman, members of the subcommittee, I 
am pleased to be here today to discuss TTIC's role in 
information sharing. I will summarize three areas from my 
written statement: first, TTIC's access to information; second, 
TTIC information sharing initiatives; and third, an important 
qualifier about what information sharing can and can't do.
    First, our access. TTIC is an integration center, and by 
DCI directive we are to have unfettered access to terrorist 
threat-related information. For the last 14 months we have been 
working with the community to achieve that all-encompassing 
access. With our recent move to a new facility, TTIC analysts 
can now access up to 21 networks from across the relevant 
communities. That number will soon grow to at least 26. To give 
you some perspective on what that means, I am a Defense 
Department assignee to TTIC. At my desk, I can access the CIA 
operational traffic related to terrorism. At my desk, I can 
access FBI case files related to international terrorism. We 
have come a very long way. To be sure, we are still working 
some access issues, and our CIO is intently focusing on how we 
handle assimilation of data and the ability to efficiently 
search across the holdings from so many diverse networks. But 
the progress over the past 14 months has been exceptional.
    The second issue I want to address relates to a number of 
TTIC initiatives associated with information sharing. 
Importantly, by DCI directive our mandate is to work 
information sharing at the Federal level, and so I will focus 
on horizontal information sharing. However, we are posturing 
ourselves to support the FBI and DHS with their critical 
vertical information sharing responsibilities and I will be 
happy to address some of those initiatives during Q and A.
    With regard to horizontal information sharing, TTIC has 
established a program office to implement the March 2003 
information sharing memorandum of understanding. This office is 
working with our community partners in the full range of 
impediments associated with information sharing: originated 
control information, third agency rule, no double standard, 
terror lines and so forth. The community can detail progress 
across the board, I believe. For instance, pure terrorism 
reporting has grown by a factor of 6 since before September 11.
    In terms of the technical advances to share terrorism 
information, TTIC's CIO has been leading community efforts. In 
August of last year, we launched the TTIC online Web site which 
is populated with terrorism-related information. This highly 
secured capability can reach virtually the entire structure of 
the Federal Government, hosting over 2,800 users. TTIC Online 
reaches all traditional Intelligence Community terrorism 
analytic elements, but also FBI headquarters, all JTTFs, 
Department of Homeland Security, the military commands and 
numerous other organizations that have a need for terrorism 
threat information: the Departments of Interior and 
Agriculture, for example.
    The success of TTIC Online can be seen by a comparison with 
the analogous capabilities that existed in September of 01. The 
user base is six times greater. Five times as many 
organizations participate. The average number of document hits 
per week has grown by 500 times. And the total repository of 
documents has grown from 1 to 3.5 million. Just over a month 
ago, TTIC deployed a SIPRNet version of TTIC Online. This has 
the potential to dramatically increase situational awareness 
for those tens of thousands of individuals involved in the war 
against terrorism but don't have access to the Top Secret 
Network.
    Moreover, to help support vertical information sharing, 
TTIC will be deploying a sensitive but unclassified presence of 
TTIC Online on the open-source information system network.
    I hope it is apparent that TTIC is taking a very aggressive 
approach to improving information sharing across the 
government. And while we are second to none in espousing the 
importance of information sharing, I do want to close with a 
few cautionary words:
    First, information sharing has become a bit of a bumper 
sticker; everybody supports it, but few appreciate the 
complexities of implementing it. There are almost invariably a 
complicated mix of technical security, policy, and legal issues 
associated with sharing information. Source sensitivity is 
real. Operational considerations do exist. Privacy matters do 
pertain. And the technical capabilities of government networks 
vary widely. There are always going to be impediments and 
reasonable people can and do disagree.
    Second, I am increasingly concerned with something that 
could be called effective information sharing. As we see the 
explosion of networks and Web sites, organizations can post 
their data and legitimately say they have shared their 
information. Whether anyone on the other end knows it is there 
and reads it is an entirely different matter.
    Third, information sharing is not and will never be a 
panacea. If we don't have a basic terrorism analytic business 
process right and have an established critical mass of analytic 
talent, we can pass information all over the government and 
still not connect the proper dots. Indeed we could face the 
prospect of being wrong faster. Terrorism is an extraordinarily 
difficult analytic problem and the key is having long-term 
expertise available to sort through the reams of information, 
much of which is inaccurate, contradictory, or utterly 
irrelevant. This in no way demeans the importance of 
information sharing, merely to point out that information 
sharing is necessary but not sufficient.
    Thank you for your time. TTIC looks forward to continuing 
to work with the subcommittee and I will be happy to answer any 
questions.
    Mr. Putnam. Thank you very much.
    [The prepared statement of Mr. Travers follows:]
    [GRAPHIC] [TIFF OMITTED] 98119.008
    
    [GRAPHIC] [TIFF OMITTED] 98119.009
    
    [GRAPHIC] [TIFF OMITTED] 98119.010
    
    [GRAPHIC] [TIFF OMITTED] 98119.011
    
    [GRAPHIC] [TIFF OMITTED] 98119.012
    
    [GRAPHIC] [TIFF OMITTED] 98119.013
    
    [GRAPHIC] [TIFF OMITTED] 98119.014
    
    [GRAPHIC] [TIFF OMITTED] 98119.015
    
    [GRAPHIC] [TIFF OMITTED] 98119.016
    
    [GRAPHIC] [TIFF OMITTED] 98119.017
    
    [GRAPHIC] [TIFF OMITTED] 98119.018
    
    [GRAPHIC] [TIFF OMITTED] 98119.019
    
    [GRAPHIC] [TIFF OMITTED] 98119.020
    
    Mr. Putnam. Our third witness is Mr. Willy Hulon. Mr. Hulon 
is the Deputy Assistant Director of the Counterterrorism 
Division at the Federal Bureau of Investigation. He began his 
career as an FBI Special Agent in September 1983. In July 2001, 
Mr. Hulon was designated Chief Inspector for the FBI. In 
October 2002, Director Mueller appointed Mr. Hulon as Special 
Agent in Charge of the FBI's Detroit Division. In his capacity, 
he worked closely with the Detroit JTTF and oversaw a wide 
range of investigations.
    Delighted to have him here today to discuss all of the 
FBI's information sharing initiatives and welcome you to the 
subcommittee, and you are recognized for 5 minutes.
    Mr. Hulon. Good afternoon, Chairman Putnam, Ranking Member 
Clay, and members of the subcommittee. Thank you for inviting 
me to speak to you on the information sharing issues that face 
the Federal Bureau of Investigation and members of the 
intelligence and law enforcement communities.
    The terrorist threat of today poses complex challenges. 
Today's terrorists operate seamlessly across borders and 
continents. Aided by sophisticated communications technologies, 
they finance their operations with elaborate funding schemes 
and patiently and methodically plan and prepare their attacks. 
To meet and defeat this threat, the FBI must have several 
critical capabilities. First, we must be intelligence driven. 
To defeat the terrorists, we must develop intelligence about 
their plans and use that intelligence to disrupt those plans. 
We must be global. We must continue our efforts to develop our 
overseas law enforcement options, our partnerships with foreign 
law enforcement and intelligence services, and our knowledge 
and expertise about foreign cultures and terrorists adversaries 
overseas. We must have networked information technology 
systems. We need the capacity to manage and share our 
information effectively. Finally, we must remain accountable 
under the Constitution and the rule of law. We must respect 
human rights and civil liberties as we protect the American 
people.
    The FBI has an information and intelligence sharing 
strategy. The strategy recognizes that we have a responsibility 
to the Nation to disseminate information broadly, that we will 
share information by rule and withhold by exception, and the 
sharing is cross-community in nature. The FBI will protect 
sources and methods by separating what needs to be shared from 
how the information was obtained. Our strategy is implemented 
through both collaborative initiatives and information system 
connectivity initiatives both on a national scale and in local 
projects. Collaborative initiatives bring together personnel 
and processes in a common setting to facilitate information 
sharing through each agency's information systems. Information 
system connectivity initiatives share data electronically by 
combining the respective agency's data technologically in some 
form.
    As local and regional collaborative intelligence centers 
are being established across the country, the FBI has been 
asked to take an active role in building the intelligence 
processes in these initiatives. Through our field intelligence 
groups in each field office, we are contributing personnel, 
intelligence process development, information access and 
funding. To further strengthen our collaborative efforts with 
both local and national benefits, we have established an 
intelligence reporting capability in each of our joint 
terrorism task forces through the assignment of field 
intelligence group personnel. We can ensure that terrorist 
threat information collected by the JTTFs is quickly 
disseminated to all who need it to protect the country.
    On a national scale, the Law Enforcement National Data 
Exchange, or NDEX, is being developed by the FBI as the 
principal nationwide system for sharing criminal incident 
report data to link law enforcement interests and enhance law 
enforcement strategic planning. NDEX prototypes are being 
tested now and we are seeking new Department of Justice policy 
for Federal crime reporting to match local and State crime 
reporting. Other examples of national intelligence and 
information sharing systems are Law Enforcement Online, or LEO, 
and the Homeland Security Information Network. The FBI is using 
LEO to post and disseminate a variety of intelligence products 
to State and local police as well as to publish its 
intelligence priorities. We are working closely with DHS to 
support its mission by collaborating on information and 
intelligence sharing on DHS information networks.
    The FBI supports and participates in local and regional 
information sharing projects such as LINX in Seattle, WA, which 
was conceived by the Naval Criminal Investigative Service. LINX 
is an innovative example of an initiative to integrate 
disparate law enforcement information into a single data 
warehouse with the latest analytical tools to produce valuable 
intelligence that will help prevent terrorism and other crimes. 
Other examples are the upstate New York Regional Intelligence 
Center and the California State Warning Center.
    Thank you again for inviting me to speak to you today on 
the information sharing issues that face the Federal Bureau of 
Investigation and other members of the intelligence and law 
enforcement communities. It will be my pleasure to answer any 
questions you may have at this time.
    Mr. Putnam. Thank you very much.
    [The prepared statement of Mr. Hulon follows:]
    [GRAPHIC] [TIFF OMITTED] 98119.021
    
    [GRAPHIC] [TIFF OMITTED] 98119.022
    
    [GRAPHIC] [TIFF OMITTED] 98119.023
    
    [GRAPHIC] [TIFF OMITTED] 98119.024
    
    [GRAPHIC] [TIFF OMITTED] 98119.025
    
    [GRAPHIC] [TIFF OMITTED] 98119.026
    
    [GRAPHIC] [TIFF OMITTED] 98119.027
    
    [GRAPHIC] [TIFF OMITTED] 98119.028
    
    [GRAPHIC] [TIFF OMITTED] 98119.029
    
    [GRAPHIC] [TIFF OMITTED] 98119.030
    
    [GRAPHIC] [TIFF OMITTED] 98119.031
    
    [GRAPHIC] [TIFF OMITTED] 98119.032
    
    Mr. Putnam. Mr. Clay, do you have a statement you would 
like to place in the record?
    Mr. Clay. I do, Mr. Chairman. And I will forego reading if 
we can get right into the questions and I ask that my remarks 
be inserted into the record.
    Mr. Putnam. Without objection, your opening statement will 
be inserted into the record and you are recognized for 5 
minutes of questioning.
    [The prepared statement of Hon. Wm. Lacy Clay follows:]
    [GRAPHIC] [TIFF OMITTED] 98119.033
    
    [GRAPHIC] [TIFF OMITTED] 98119.034
    
    Mr. Clay. Thank you, Mr. Chairman. I would like to start 
with Mr. Hughes. Does DHS plan to replace existing systems with 
a new national communications infrastructure? And if so, what 
are the specific milestones for implementing a national 
infrastructure?
    General Hughes. To the best of my knowledge, we do not have 
any intent to replace what you have referred to there, sir, as 
the national communications infrastructure. We plan to use it 
and ride upon it, connect using the capabilities that exist now 
and those that come in the future. But the Homeland Security 
Information Network does not duplicate most of that structure. 
It merely rides upon it.
    Mr. Clay. Mr. Hughes, let me ask you about TSA. Are we 
safer in our airports now since September 11 with TSA? Do they 
have the adequate information in order to be able to detect 
what probably shouldn't be on an airplane?
    General Hughes. Yes, we are safer. And they do have 
information that tips them off to persons that we call persons 
of interest. It happens many, many times every day that persons 
who have come to our attention through intelligence or other 
information channels are sent to the Transportation Security 
Agency screeners and to the Customs and Border Protection 
officers that man the points of entry. TSA, itself, as you know 
is not an armed law enforcement organization, but Customs and 
Border Protection, Immigration and Customs Enforcement and the 
Federal Bureau of Investigation and local police, of course, 
take care of the law enforcement portion of that activity.
    Mr. Clay. I notice that in some airports TSA interacts with 
private security companies.
    General Hughes. That is true.
    Mr. Clay. How does that work?
    General Hughes. I think it is a cooperative association 
where some of the functions of screening passengers for their 
documentation especially--I will use as an example when you get 
into a line at the airport to approach the TSA screening point, 
you have to present a photo identification and your ticket in 
order to pass into the screening point, and often those persons 
are local security people who have been contract hired to 
perform that function. But the function of screening the 
individual, their carry-on luggage and person, is the TSA's 
function.
    Mr. Clay. I thank you for that explanation.
    Let me ask a question of the entire panel and we can start 
with Mr. Hulon. It seems to me that the goals for information 
sharing among stakeholders are well established, but the 
emergence of new threats make determining what our domestic or 
international threats are less clear. Are the stakeholder 
agencies such as DOJ, DHS and DOD working on methods to refine 
their determinants for what constitutes domestic or 
international-related incidents?
    Mr. Hulon. Yes, sir. Actually, Federal law enforcement is 
working collectively to identify those threats as we develop 
the intelligence. I think the thing that is really key is that 
through various relationships that are established specifically 
at the State and local level with the JTTFs, that information 
is passed to the appropriate local agencies so that we can take 
the right precautionary action to either disrupt or to gain 
additional information in regards to the potential threat.
    Mr. Travers. Yes, sir. I believe TTIC is a manifestation of 
exactly the phenomena about which you speak. We are represented 
with partner agencies to include the three you mentioned and we 
have 16 organizations within TTIC. And our job is to bring 
together threat information whether it is collected 
domestically or abroad. So we are precisely attentive to that 
problem with a blurriness between domestic and foreign threats.
    General Hughes. I think, first of all, Mr. Hulon's 
characterization is one that I would certainly agree with and 
certainly Mr. Travers, that this is a cooperative group effort 
and it is largely about human beings. It is largely about 
identifying persons who have for some reason come to our 
attention, and then processing them appropriately.
    In order to do that every day, we have to engage in some 
form of interaction. Quite often it is at a meeting, or sending 
a message to each other alerting one or another agency involved 
in this process about those people of interest. And that is 
working well, however it is not perfect. And frankly, it is 
about as dynamic as the traveling public who comes to America 
and travels inside America is. It is a very large body of 
activity and human beings to deal with.
    Mr. Clay. Thank you. Mr. Travers, since TTIC is not 
actually under the domain of the CIA or FBI, can its efforts to 
break down the barriers for information sharing between the two 
agencies be successful over the long term of its operation, and 
has TTIC had any managerial or strategic disagreements with its 
participating agencies on how to pursue its mission or goals?
    Mr. Travers. Two part question. With regard to information 
sharing barriers, I believe that we have enjoyed extraordinary 
success working with our partners across the government. As I 
suggested in my statement, none of these issues, at least in 
our view, lends itself to an easy fix. They have multiple 
components. There are, as suggested, source sensitivities, 
operational considerations, and there is always a balance; and 
we work with our partner organizations on a daily basis to 
break down the institutional barriers that exist and we have 
enjoyed substantial success.
    With regard to disagreements, I think it's fair to say that 
there is ambiguity in TTIC's mission relative to many other 
terrorism analytic organizations' missions across the 
government. I believe that is to be expected. We are dealing 
with organizations, departments, and agencies that go back to 
the National Security Act. We are dealing with some that go 
back to September 11. The government is not of one mind on 
precisely how best to sort this out, and so we are working 
through that on a daily basis.
    Mr. Clay. Just as a followup, my concern would be that we 
would not gum up the works to the point that it would hamper 
our ability to apprehend someone or to point out the real 
threat or to just make law enforcement that more ineffective. I 
mean that would be my concern, and hopefully----
    Mr. Travers. TTIC has no operational responsibilities. I 
don't believe you would find any of our operational partners 
has gummed up the works.
    Mr. Clay. Thank you for your response. And thank you, Mr. 
Chairman.
    Mr. Putnam. Thank you, Mr. Clay.
    Last couple of weeks, the press has reported on a number of 
DHS initiatives to promote information sharing--including the 
expansion of the HSIN, which was launched in February--to the 
Secret level and the upgrading of the new Homeland Security 
Operational Center to promote information sharing.
    With these and other efforts underway, how does the 
Department envision itself promoting information sharing 
between levels of government? And how far a reach does the DHS 
plan to have, and what role or other law enforcement agencies 
pulling in that?
    General Hughes. I need to correct something about the 
information there. We have not yet secured the Homeland 
Security Information Network to the Secret level. It is our 
attempt to do so by December of this year. But we put the first 
part of the Information Network Online at the Sensitive but 
Unclassified level. And we do pass law enforcement Sensitive 
but Unclassified information over that system. But the Secret 
classification will have to come in the next few months.
    Our intent is to connect to all States and we are now 
connected to all 50 States to the governance level, either the 
State Governor's Office or the Homeland Security Office, or 
both, to all territories and possessions. And I believe we have 
one or two of those remaining. But generally we are connected. 
We intend to connect to many counties, if not all; all major 
cities; some municipalities which are complex organisms like 
themselves, like Los Angeles and Los Angeles County. New York 
would fit in that category, too. We would at some point connect 
to the tribal organizations, especially those that have 
administrative burdens on the borders of our country with 
Canada and Mexico. And last if not least, we intend to extend 
the Homeland Security Information Network into the private 
sector, especially to those companies and business 
organizations which have a nexus to their work ethic and 
national or homeland security.
    Mr. Putnam. Let me ask each of you to answer this. Who 
determines what information is passed along the chain and who 
determines to whom it is passed? Is that TTIC's responsibility? 
Who makes that decision ultimately? And I want to begin with 
the FBI.
    Mr. Hulon. It would depend on the nature of the 
information. But there are various systems in place to pass 
information. At the FBI, we have an Office of Intelligence that 
is basically responsible for assimulating and working with the 
other Federal agencies as well as State agencies with the 
collection and analysis of that information. Depending on the 
nature of that information as far as what it entails, what the 
threat might be or what the intelligence value of that 
information is, decisions will be made on where it goes.
    For example, if it is threat-related information that 
impacts a certain jurisdiction, then that information would go 
directly through the FBI and the other agencies that are 
involved to the appropriate law enforcement agencies at the 
level that they could effect whatever action that needs to be 
taken. And that information will be passed, say, to a JTTF, 
say, in Jacksonville, Florida. If there was information that 
impacted Jacksonville, Florida, that information would come 
into the FBI and come into the appropriate headquarters entity 
and then be disseminated to our appropriate channels down to 
that field office and go to the field intelligence group that 
we have there that is responsible for assessing that 
information, and then it would be disseminated to the 
appropriate JTTF members or the appropriate law enforcement 
agency that should get that information.
    Mr. Putnam. Mr. Travers.
    Mr. Travers. TTIC is not a collection organization. I have 
to distinguish between raw material and analyzed product. To 
the degree we receive products from the collection 
organizations, be they FBI, DHS or NSA or CIA, we will make 
that material as broadly available as the collector will allow 
us. If there are originator control restrictions, then, that 
may in fact restrict the amount of information that can go on a 
TTIC Online, for example. But to the degree we can make it 
available, we make it available as broadly as we can. Our 
finished products will be the same in that some product will be 
limited for very narrow audiences at the most senior levels of 
the government, but in general what we try to do is make 
information as broadly available across the Federal structures 
as possible.
    Mr. Putnam. General.
    General Hughes. I think first, I think both answers are 
correct and bear on DHS. I would like to give you two other 
perspectives. Some information has to be sensitively applied, 
and so the answer to the question who makes this determination, 
the answer I think should be given as leadership often has to 
make that determination. We decide very specifically at the 
leadership level, and sometimes the Secretary will decide where 
information goes and who it goes to and how it goes. And that 
would be the exception rather than the rule. But we often find 
ourselves dealing with exceptional information which if it 
didn't go to the right place at the right time, may have an 
unintended effect or consequence. That is especially true of 
our constituency, much like the FBI's. It is broad throughout 
the country. But in our case, it is not to Federal officials 
who are of longstanding experience in the intelligence and law 
enforcement system, but instead to persons who might have even 
a year or two of fairly spotty experience in handling federally 
originated information. So this is, once again, I think the 
point was made earlier, it is a complete organism.
    The last point I would like to make is that we are 
beginning now--and I think the FBI and DHS have set the 
standard here but others are doing this to, as frequently as we 
can, where it is appropriate, act jointly. Indeed, Mr. Hulon 
and I have recently acted jointly to inform local officials 
about various circumstances. And that communication mechanism, 
whether it is by secure telephone or open telephone or message 
or however it's done, gives added weight and importance and 
perhaps motivation to those we communicate with about the 
information. It's up to us to put it in the right context. But 
that joint effort from the Federal Government speaking together 
in some ways or collectively is vital to making this 
information meaningful and clarifying it to the respondents and 
people who receive it.
    Mr. Putnam. Let me followup on that. TTIC does not generate 
information, you disseminate it. That's the point you wanted to 
make earlier, correct?
    Mr. Travers. We do not collect information. We do have 
analysts who will pull together all source products and 
disseminate those.
    Mr. Putnam. If there is information about a potential event 
in a given city, what I'm really getting at, there are dozens 
of Federal and State law enforcement agencies that would 
immediately be involved. Where do you stop? You know, if you 
take Mr. Hulon's example of something in Jacksonville, you only 
do the city of Jacksonville, or do you do the county or 
surrounding counties, particularly if the airport for that city 
is in a different county? What point does it stop?
    And we can get into this with the second panel, when we 
have some of our State and local representatives, but it is the 
most common complaint is that folks still aren't getting the 
information. But when you look at the number of agencies only 
in the Federal Government that might have an interest in that 
piece of information and then to extrapolate it down to the 
boots in the alley, is there a technological system for 
disseminating that information or does it boil down to a 
judgment call by a human being?
    Mr. Travers. If that is directed to me, just a point of 
clarification. I don't deal with State and local organizations. 
I pass my information to the Bureau and to DHS, and they are 
much more intimately involved in the vertical information 
sharing, so over to them.
    Mr. Hulon. I can respond to that. Actually, it is twofold. 
We have networks that we can use, such as inlets, if we have a 
general message to get out, say if we are reporting something 
relative to threats or trends that all of law enforcement 
should be on the lookout for, general information, that could 
go out over the inlets and that is available to all law 
enforcement. Anybody can go on that's in law enforcement and 
get on to the inlets.
    Mr. Putnam. They could. You make them aware that 
information is posted that they ought to go read more about? Is 
that the way that it works?
    Mr. Hulon. With inlets, though, you would have a local law 
enforcement agency, a State agency. There are dispatchers 
monitoring the inlets. They would see that and pull it off and 
it would go to the appropriate person in that department. If we 
have something more specific, say to a general area, like a 
city or surrounding counties, you know, if that information 
should go to the city and the surrounding counties, we will 
make a judgment call that this information needs to be in this 
general area or this region, and we would make the 
notifications primarily for the FBI through our law enforcement 
networks which would be the JTTFs, which is what we rely on. 
And we have a lot of agencies that are involved in the joint 
terrorism task forces.
    And what happens on the field level--and I can kind of 
speak to that--we would make those notifications based on other 
associations that we have in that law enforcement community, 
whether that would be with the sheriff's association, police 
chief's association or whatever. And that is one mechanism we 
can use to put general information out to the entire law 
enforcement community: you should be on the look out for this.
    If it's threat information that's relative to an 
investigation or something we need to disrupt, then, of course, 
that information decision will be made on who does this 
information need to go to so we can effectively disrupt this 
operation or conduct this investigation without compromising 
it. And decisions have to be made there. And those are human 
decisions that, you know, basically the field office agent in 
charge is responsible for and we have networks to really 
facilitate that.
    And we talk about networks and we talk about IT systems, a 
lot of it depends on what we have in place, and that is a 
collective effort of law enforcement. You see it a lot when you 
get outside the D.C. area where you have State and local 
agencies working together, you have various associations, you 
have various law enforcement head working groups where there is 
a constant exchange of information.
    Now, could there be times where something might fall 
through the cracks and one particular agency might not get 
informed of some general information? That could in fact 
happen, but for the most part, it is really the relationships 
and the liaisons that are established among all the law 
enforcement that really helps to facilitate a lot of this 
information getting out.
    Mr. Putnam. In a post September 11 world, if one of your 
agents in Detroit made an observation, they had a hunch that 
was backed up by some facts that there was an unusual interest 
in flight schools, how would someone in Pahokee, Florida, where 
another flight school was, know that someone halfway across the 
country had made an observation that was relevant to them?
    Mr. Hulon. That information, say coming from Detroit, would 
go through the Detroit field office and make its way back 
through FBI headquarters to the Office of Intelligence where 
the information is assessed, assimilated, shared with the 
components of the Office of Intelligence which has participants 
from all the other agencies; all that information would be put 
back together to bring it into some type of understanding of 
this is a potential threat or this is a trend we should be 
aware of.
    And that is where sometimes TTIC will come in because they 
would have access to that information. We might have someone 
put an analytical piece together that would go out at TTIC or 
could go out in the form of an intelligence bulletin from the 
FBI. And the FBI intelligence bulletins are disseminated 
through LEO Law Enforcement Online where we have several 
thousand police agencies access that information that are 
members of that network to where they can get that information 
off. So information would be disseminated that way.
    Mr. Putnam. At what point would TTIC be involved?
    Mr. Hulon. When the information comes back to headquarters, 
TTIC would have access to that information also. And it could 
be a collaborative effort where this would be shared with TTIC. 
And they could work along with the other intelligence agencies 
to put together an analytical piece.
    Mr. Putnam. How long are we talking about? From the time 
this report is filed until the time that other law enforcement 
agencies around the country have the opportunity to pick up on 
it, how much time has elapsed?
    Mr. Hulon. It depends. And another way this could work also 
is information coming back to headquarters. It could go out as 
an intelligence requirement where we would disseminate this 
from the Office of Intelligence to State and local agencies 
where we have intelligence requirements that go out, to ask 
them to report certain information or be on the lookout for 
certain information. If you have that backed up through the 
FBI, it could go out through those channels. A lot of it 
depends on the nature of the information.
    Mr. Travers. I would concur with that entirely. TTIC would 
have instantaneous access to that information given that many 
of our analysts have access to FBI Net. It becomes part of the 
analytic grist mill that is occurring amongst the various 
intelligence organizations dealing with terrorism analysis and 
then is put out as a product, and then the organization that's 
responsible for vertical information sharing to push it down in 
the various ways that Willie talked about.
    Mr. Putnam. Let me approach this from a different angle. A 
telephone number is found in a cave in Afghanistan. How long 
does it take before that telephone number is in all these data 
bases that it then becomes actionable, or an address is 
discovered? How long between the time that some marine picks it 
up in the bottom of the cave in Afghanistan until the time that 
it winds up--let's say it is a Detroit area code, and ends up 
on one of his agent's desk--how much time elapses?
    Mr. Travers. It is going to depend on the medium in which 
we get that telephone number, and I think I would rather talk 
about this in closed session, if we could, but it's going to 
move its way back to Washington and be made available. But it 
could be some period of time, or maybe very little period of 
time, in terms of the amount of effort that goes into getting 
that number out of whatever the mechanism is in which we 
recovered it. I will need to talk to you about that off line, 
sir.
    Mr. Putnam. We will do that, because it is the key to your 
existence. I mean, the whole point of TTIC is to rapidly 
assimilate and then analyze and disseminate information to guys 
like Mr. Hulon in Detroit when things are being discovered or 
heard or overheard or whatever. Let me move onto the next 
question.
    The volume of information that all three of your 
departments or agencies generate, how much are we talking about 
here so that the average FBI agent, the average police chief in 
a medium-sized city, or the average intelligence law 
enforcement officer in a major police department, are they just 
being covered up in threats all day every day? Are there e-
mails coming in every hour on the hour? Is that something that 
is condensed into a weekly bulletin? If you take all this data 
that's out there, how much information does it become when it 
reaches the end of the pipe?
    General Hughes. I will go ahead and start. First, this kind 
of refers in part to the previous discussion. I think this is a 
collective attempt here--we're trying to get specific 
information to the right place, not every piece of information 
every place. I believe that moderates the effect, the larger 
effect of so much information. But I don't know of a good way 
to characterize the volume except to say that it is large and 
it is growing, because we are now getting information from the 
civilian population here in the United States as well as from 
the traditional law enforcement and security organizations and 
from the Federal Government's activities.
    That large body of information is representing a much 
larger influx of information at some level, that I would 
imagine that there are still some police departments, some 
homeland security elements and others, who don't get too much 
information. And to be honest with you, that may be a function 
and part of who they are and where they are. It is just some 
places are much more active than others.
    If you went to the New York City Police Department, let me 
tell you, the information flow is large but probably not as 
large as they would like. I think they would like to have more; 
at least that is what they tell me. So I don't think there is 
an answer.
    Mr. Putnam. Mr. Clay.
    Mr. Clay. Mr. Hughes, since September 11, funds have gone 
to States and localities to improve emergency response 
planning. Many of these funds request the States to submit an 
emergency preparedness plan. For example, the Office of 
Domestic Preparedness is requesting the States submit a 
statewide strategic plan for fiscal year 2004 funds. Can you 
tell us what DHS is doing to ensure coordination among other 
Federal agencies that request emergency preparedness plans?
    General Hughes. I know we give the agencies and 
organizations that submit those plans as much help as we can 
with regard to the preparation of them. I would say probably 
not a happy constituency out there. I know there are complaints 
about the application of these funds, but it is frankly, quite 
difficult to do on a basis that makes everyone happy.
    But I am not sure if I understood your question exactly 
beyond help to prepare the plan. Once we get the plan, we try 
to administer it appropriately with the other agencies in 
government here in Washington.
    Mr. Clay. That was the question. I thank you for that 
answer.
    Mr. Travers, although TTIC is funded through several 
agencies' budgets, are there specific resource allocation 
concerns that Congress needs to be concerned in order for the 
TTIC to fulfill its objectives?
    Mr. Travers. No, sir, I don't believe so. We are funded out 
of the community management account for operations and 
maintenance and our building and so forth and our personal 
services are handled, given that we are assignees. DIA 
continues to pay my salary. We are working a memorandum of 
agreement with all of the partner organizations to ensure 
adequate manning of TTIC, and I believe we are in good shape.
    Mr. Clay. According to recent GAO studies, there are still 
more than 12 Federal agencies with more than nine different 
watch lists, and that doesn't include the CIA. Further, the GAO 
cites that in spite of congressional direction, information 
sharing remains inconsistent and limited. What role is DHS 
claiming to make information sharing more seamless among 
Federal agencies?
    Mr. Travers. Asking me about DHS?
    Mr. Clay. You are familiar with their operation, like you 
are familiar with yours. How is information seamless among the 
agencies?
    Mr. Travers. Let me use the watch list example, then, if we 
go back to that. TTIC has responsibility under HSPD 6 with 
maintaining an all source data base for the U.S. Government on 
all known and suspected terrorists. So all sources of 
information, be they from the Bureau, DHS, CIA, FBI comes into 
TTIC.
    We maintain the data base on known and suspected terrorists 
that is available to the community. Under HSPD 6, we then 
provide to the Terrorist Screening Center unclassified data 
elements so they can make those available to any screening 
opportunities that occur, be they in the United States or 
external. So it is a vast simplification of what occurred in 
the period leading up to September 11.
    Mr. Clay. How do citizens who may show up erroneously on a 
list, how do they address that?
    Mr. Travers. This data base will for the first time have 
U.S. persons in it. We are being assigned 15 FBI officers to 
maintain the U.S.-person portion of that data base, and 
electronic communication will come in to TTIC. If an 
investigation is started up on a U.S. person, if it is 
determined that person is no longer under investigation, we 
will get an electronic communication in to ensure that we pull 
that person out.
    Mr. Clay. All of the lists from all of the agencies.
    Mr. Travers. For U.S. persons particularly. So we are very 
attentive to that.
    Mr. Clay. OK. Thank you for that answer.
    Mr. Hulon, from your perspective, has the establishment of 
the TTIC aided in the information sharing practices between 
agencies, or is interagency coordination still inadequate?
    Mr. Hulon. I think there's always room for improvement. 
However, I would like to state that I think, today, after 
September 11, we are much better off than we were in the past, 
because what we have is, collectively, you have a lot of 
agencies coming together and actually, really making efforts to 
share information, just like some of the cross-designations, 
when we talk about the various agencies having representatives 
at other agencies, shops. Like in my division, in the Counter 
Terrorism Division at the FBI, the associate deputy director is 
from an intelligence agency that works with us.
    So, I think, collectively, we are really pulling together 
to make sure that we are sharing information better. We are 
looking for ways that we can do it that doesn't violate any 
laws, that doesn't violate any privacy acts, and things of that 
matter. And I think, with TTIC, what they are doing, like has 
been reported, they are taking this information and going to a 
lot of public-source information and putting together 
analytical pieces that go out to the law enforcement and 
intelligence communities that assist and enhance our abilities 
to look at information overall. So I think, collectively, we 
are moving down the road, and we are going to get where we need 
to be.
    Mr. Clay. And you are comfortable that the coordination is 
there and that the information is valid and good?
    Mr. Hulon. Yes, sir, I am confident that we are really 
working toward that. We have made a lot of improvements in the 
last 2\1/2\ years.
    Mr. Clay. I thank you for your response and thank the panel 
for your response.
    Thank you.
    Mr. Putnam. Thank you.
    Mr. Travers, you mentioned in your opening statement that 
information sharing is not just a bumper sticker, and I think 
that's well put. I mean, it's terribly complicated, and the 
more you peel the onion, the more layers there are as we get 
through this.
    I believe you also were the one who said that technical 
capabilities vary between the agencies who need to be talking 
to each other? And since this is the tech subcommittee, let me 
peel that onion a little bit.
    Mr. Hulon, the FBI is notorious for having lousy computer 
systems. Has your technology improved post September 11? Do you 
now have the tools that you need, whether it's in an office in 
Detroit or here at the headquarters, to be able to send and 
receive information in the 21st century?
    Mr. Hulon. First of all, I would like to maybe make a 
disclaimer. I am not a real technical person. However, I do 
know that the FBI technical systems are not quite where they 
should be.
    Efforts are being made to improve those systems. However, 
we are continuing to work through the problem. So, actually, I 
am just not the best person to really get into the technical 
aspects of the systems themselves.
    Mr. Putnam. General, is that a problem? I mean, if you look 
at all the agencies that used to be on their own and that are 
now just under DHS and add to that all of the other agencies 
that DHS needs to be listening to or talking to, how 
frequently, I mean, you pointed out correctly that legal and 
cultural barriers are the biggest problems, but how often is 
technology the problem?
    General Hughes. I think it's kind of a different question, 
if I may rephrase it. Technology is what it is, and if we had 
the best technology the world can provide, we wouldn't have 
that kind of problem.
    It is true that some agencies are more technologically 
advanced than others, but the FBI and TTIC and DHS sitting 
here, we probably have different variations on the theme of 
technological capability. But I personally believe that they 
could, all of us could, interact, given the decision to do so. 
That's my view.
    My personal viewpoint--I don't think I should speak for DHS 
here--is that what prevents us from doing that is making a 
decision to do it, and that's my personal view. I guess like 
you, sir, I am a creature of the automation system I have at 
home. And the only impediment I can see to interaction with 
virtually the world is someone deciding not to interact with 
me.
    Mr. Putnam. So, are all of the agencies now at a 
technological point of equivalence that everyone is now 
adequate, everyone has the tools they need to send and receive 
the information on an interagency basis?
    General Hughes. No. I don't think I should go that far. 
Once again, some agencies and some organizations are behind, 
technologically.
    Mr. Putnam. And who is? Who is ahead, and who is behind?
    General Hughes. I don't think it's appropriate for me to 
answer your question, because I would have to characterize 
organizations specifically to talk about things that I may not 
fully understand. I can look you in the eye and tell you that 
the Department I represent is technologically advanced. We are 
capable of interacting on every level.
    Mr. Putnam. You as the Department of Homeland Security?
    General Hughes. That is correct.
    Mr. Putnam. And everyone that got folded up inside of you 
is now technologically advanced and capable of communicating 
technologically?
    General Hughes. No.
    Mr. Putnam. Well, then, who is you?
    General Hughes. Actually, I speak for myself, and my 
organization here. The intelligence side of the house is very, 
very good, very, very capable.
    But some other administrative developments are not--
elements are not, and some other organizational elements may 
have organizational shortcomings in this regard.
    But, once again, I hasten to tell you, the technology is 
there. It may not have been installed or it may not have been 
acquired for installation, but it can be, and, in my view, it 
should be.
    Mr. Putnam. Well, in my view, it should be, too, but you 
won't tell me where I am supposed to do it.
    General Hughes. Well, I will be glad to talk about DHS, if 
that will help you.
    Mr. Putnam. That will. That's a start.
    General Hughes. Inside the Department of Homeland Security, 
the organizations that were folded in under the large DHS 
umbrella include the U.S. Secret Service, the U.S. Coast Guard, 
the former Bureau of Customs, the former Department of 
Immigration and Naturalization, the Federal Protective Service, 
the Federal Air Marshals and some other organizational 
entities. Each of those has their own system.
    Not every part of that system is compatible or fully 
interoperable, because it is composed of a set of legacy 
systems that were designed some years ago, perhaps even as long 
as 10 years ago, and other parts of that system are newly 
provided. They are newly engineered into this amalgam.
    So, across the Department of Homeland Security, we need 
to--and we are, we have a program to do this, which I 
mentioned, the information sharing and collaboration program, 
which is a formal effort to normalize for purposes of 
interoperability and compatibility, across the organization, 
internal to DHS.
    With regard to our external communication, the Homeland 
Security Operation Center, and the information analysis element 
that I had, those two organizations between them do not have 
any compatibility problems with anyone else; we could make it 
work.
    Mr. Putnam. Well, that's all. That's fantastic. That's what 
we are after. I mean, the title of this hearing is, 
Facilitating Information Exchange, and we need to know where, 
where the information exchange is working particularly well, 
and where it's not. And we had a number of hearings prior to 
September 11th that pointed out an awful lot of problems in 
communications, and I don't think they went away immediately, 
but I would like to know that we are on some plan to make them 
go away.
    And that's just within the Department of Homeland Security, 
not to mention the new monsters that have been created since 
then, in addition to the DHS, like TTIC, and certainly the 
radical transformation that's going on in the FBI, both 
culturally and in terms of the scope of their responsibilities.
    So, that's why we are picking that scab, is because we are 
trying to get to the bottom of this to try to figure out what 
we can do to improve this thing.
    And, you know, I know everybody suits up and goes to work 
every day trying to figure out new ways to protect the American 
people. We just want to know if you have the tools you need to 
do it. That's where we are going with this.
    General Hughes. I think that's an admirable goal. And, 
speaking for my organization--not others--you have done a good 
job of providing us with both money and technical capability to 
do the job. We have taken advantage of it.
    Mr. Putnam. Let me ask a final question as a segue into our 
second panel. Any or all three of you would certainly be 
welcome to answer. How much good, actionable information do you 
receive from the bottom up? We have spent most of this time 
talking about how effectively you pass along your tips down to 
local law enforcement. How much good stuff is coming back up 
the pipe?
    Mr. Hulon.
    Mr. Hulon. Mr. Chairman, I can speak to that, solely 
reflecting back on my former duty as the agent in charge in 
Detroit. We do get a lot of information coming up, and a lot of 
it might be relative to preoperational type surveillances or 
suspicious-type activity that's reported back up to the FBI 
from some police officers on the street. You know, they might 
see something that seems out of the ordinary. And because of 
the relationships that are established in the field offices, 
between the FBI, State and local law enforcement agencies, as 
well as other agencies, that information is provided back to 
that police department's intelligence bureau, if they have one, 
or directly to someone in investigations who might be 
associated or affiliated with the JTTFs.
    That information comes into the JTTFs. It goes to the 
intelligence components in the field offices for immediate 
action if it's necessary, and then, of course, then, it can be 
channeled back to headquarters, FBI headquarters, and goes to 
the Office of Intelligence to be assimilated in the total 
overall intelligence, as being gathered and analyzed. So, it 
does come back up, too. I can't really quantify that for you, 
though, but there are situations where it does happen.
    Mr. Putnam. General Hughes.
    General Hughes. I think, once again, I think Russ Travers 
didn't answer, because he is not in that category. But we 
receive quite a lot of information--it's a growing body of 
information--from local input. But it is not as good as it can 
be or will be in the future.
    Part of that issue is the fielding of connectivity, and the 
case of the Homeland Security is slightly different from the 
FBI's in that we are not dealing just with the law enforcement 
mechanism or the security mechanisms who usually do have good 
communications, mechanisms, even if it's interpersonal. We are 
dealing with a new body and a broader body of individuals, down 
to the citizen level.
    We are getting reports from individual citizens who note 
something suspicious. They communicate that to the appropriate 
authority. Quite often, it's law enforcement. But, whatever the 
mechanism, whatever the authority they communicate it to, that 
is now finding its way, often in parallel, to the Federal 
Bureau of Investigation or other Federal law enforcement like 
ATF or DEA or somebody like that and to the Homeland Security 
headquarters, and that's, I think, a very good thing. That will 
improve and grow over time as we develop the mechanisms to 
interact with these people, and they understand their role, 
too.
    And I would hasten to add to the explanation that Secretary 
Ridge, on several occasions now, and in his most recent 
pronouncement, has noted the importance of an aware and 
involved citizenry who begins to pass this kind of information 
to local authorities, and then local authorities pass it to 
State and Federal authorities. And in a digital, interactive 
environment, when the information gets into the digital system, 
unless we, by some policy or procedural mechanism limit it, it 
will appear everywhere.
    It will appear kind of, sort of, let's call it 
ubiquitously, throughout the digital interactive system, and 
that's, I think, our goal. That's what we would like, so that 
everyone has this information, knows about the problem or the 
issue and then follows up on it or acts on it according to 
their own responsibilities.
    Mr. Putnam. Very good. Thank you very much.
    Again, I apologize for the fact that we were an hour late 
beginning. I want to thank all three of you gentlemen for the 
work that you do and for the time that you have taken to 
prepare for this hearing and joining us today. Your information 
was very helpful, and we will be following up with you in a 
closed-door session to pursue some of the other lines that we 
were unable to pursue in this environment. So thank you very 
much.
    The subcommittee will stand in recess for a couple of 
moments while we set up the second panel.
    [Recess.]
    Mr. Putnam. The subcommittee will reconvene.
    If our second panel of witnesses will please rise for the 
administration of the oath.
    [Witnesses sworn.]
    Mr. Putnam. I would note for the record that all of the 
witnesses responded in the affirmative. We will move 
immediately to their testimony.
    Our first witness is Mr. Gerard Lynch. Mr. Lynch serves as 
chairman of the Regional Information Security Systems Center 
Directors Association and is currently the executive director 
of the Middle Atlantic Great Lakes Organized Crime Law 
Enforcement Network. Formerly, Mr. Lynch served as counsel to 
the New Jersey State Commission of Investigation where he was 
in charge of the Organized Crime Unit for the State of New 
Jersey. While serving as counsel, Mr. Lynch helped create and 
organize the MAGLOCLEN Concept, later serving as the 
association's secretary, vice chairman and chairman. During his 
tenure with the commission, Mr. Lynch worked on the 
infiltration of organized crime in the casino, construction, 
trucking and boxing industries.
    You are a busy man.
    Mr. Gerard Lynch. Yes, sir.
    Mr. Putnam. Welcome to the subcommittee. You are recognized 
for 5 minutes.

  STATEMENTS OF GERARD LYNCH, CHAIRMAN, REGIONAL INFORMATION 
      SECURITY SYSTEMS POLICY BOARD; MARK ZADRA, CHIEF OF 
  INVESTIGATIONS, FLORIDA DEPARTMENT OF LAW ENFORCEMENT; AND 
   SUZANNE PECK, CHIEF TECHNOLOGY OFFICER, GOVERNMENT OF THE 
                      DISTRICT OF COLUMBIA

    Mr. Gerard Lynch. Thank you, Mr. Chairman. Mr. Chairman, it 
is indeed a pleasure to testify before this subcommittee. I am 
going to try to lead my 5 minutes----
    Mr. Putnam. Please pull the mic a little built closer to 
you so our reporter can be sure to pick it up.
    Mr. Gerard Lynch. OK, I'm sorry. I am going to lead it into 
how technology developed into the information sharing that we 
know today as the RISSNET. In the early 1970's, through the 
early 1980's, the way we shared information--and that's what 
the RISS system is all about--was through the telephone line. 
We would share information, talk to one another. The 
information would then be relayed back to the inquiring 
officer. If need be, we would telephonically contact each one 
of the six RISS centers across the country.
    Subsequent to that, we decided to seek approval from the 
Federal Government to give us the ability to electronically 
connect our systems together, and that became the RISSNET I 
system, and subsequent to that the RISSNET II system, where, 
when an agency then calls us up, we didn't have to call the 
other RISS centers; we would just do it over a wide area of 
network. It worked very well, but it was still behind the 
times.
    Shortly thereafter, we had a meeting in Baltimore, 
Maryland, where we discussed how we could possibly use the 
internet for technology exchange, and that's where we really 
blossomed into the system that we now know as the RISSNET 
system. The RISS system is comprised of about 7,000 law 
enforcement agencies on the RISSNET system. We have 
approximately 70,000 individuals that can use the system and 
use it well.
    The RISSNET provides secure connectivity and electronic 
access to law enforcement SBU information, encrypted e-mail, 
electronic collaboration and data bases known as RISSINTEL, 
successfully to all of the law enforcement agencies, criminal 
justice agencies, from the Federal, State and local and tribal 
agencies.
    We operate a current state-of-the-art technical 
capabilities and systems architecture that allows member 
agencies to interact electronically in a secure environment.
    We, the system and the architecture that we developed, was 
adopted and endorsed by the National Criminal Intelligence 
Sharing Plan, which was created not too long ago. When we 
decided to hook up the system, we were very successful, and 
then we started to look at other partners in order to avoid 
duplication.
    We were approached by the High Intensity Drug Trafficking 
Area Centers across the country, known as the HIDTAs, and their 
main goal was to see if they could talk to each other 
electronically, which they didn't have the ability to do at 
that point.
    Since RISS had at that point the only national 
communication system around the country, they approached us. 
And in order to avoid duplication and to save money, all of the 
HIDTA systems partnered with the RISS systems, and they are now 
today seamlessly working on the RISSNET systems. And each one 
of the HIDTA centers are connected. There are 16 node centers 
on as well as all 32 HIDTA centers around the country.
    And that's a partnership that has been working 
exceptionally well since its inception. Besides the 16 HIDTAs, 
we have 15 State law enforcement systems that have also hooked 
onto our system. And what we have done is basically started 
creating nodes, and a node is a system-to-system communication.
    In order to enable that to work out, we had to develop 
using the current technology, XML technology, which would allow 
system A to talk to system B. So, for instance, if you are 
going to hook up the Colorado State Police with the RISS 
system, we created this XML translator that allows the Colorado 
system to transfer information over the RISS system that's 
being requested by someone maybe down in Florida. So it has 
been working and working out well. And we were the first law 
enforcement entity to use the XML technology, and we used it 
very well.
    We are also have 16 HIDTAs that are hooked up. We have 93 
U.S. Attorney's offices around the country that are hooked up, 
the Criminal Division of Department of Justice, the EPIC Crime 
Lab Seizure System, law enforcement intelligence units across 
the country, the National White Collar Crime Center, The 
National Drug Pointer Index Center, the National 
Telecommunications System or NLETS, and the National Drug 
Intelligence Center.
    We are also in talks with the Postal Services, Postal 
Inspection Services, and with the Department of Defense ADNET, 
with the Open Source Network of CIA and also the Department of 
State's OpenNet Plus system, and these systems are coming on, 
as we speak, very, very rapidly.
    We also developed the RISS ATIX system to talk to the 
first-responder communities, the Governors across the State, 
the mayors, then the various critical infrastructures. And we 
have roughly 47,000 users of the RISS ATIX system, and we have 
RISS ATIX online. We can go into more and more of that, but we 
are very pleased with what the RISS system has developed to 
date.
    [The prepared statement of Mr. Lynch follows:]
    [GRAPHIC] [TIFF OMITTED] 98119.035
    
    [GRAPHIC] [TIFF OMITTED] 98119.036
    
    [GRAPHIC] [TIFF OMITTED] 98119.037
    
    [GRAPHIC] [TIFF OMITTED] 98119.038
    
    [GRAPHIC] [TIFF OMITTED] 98119.039
    
    [GRAPHIC] [TIFF OMITTED] 98119.040
    
    [GRAPHIC] [TIFF OMITTED] 98119.041
    
    [GRAPHIC] [TIFF OMITTED] 98119.042
    
    Mr. Putnam. Thank you very much. I appreciate your 
testimony and for your recognition of the clock. We will put 
all of your testimony in the record and get to the rest of it 
in questions.
    Mr. Gerard Lynch. Thank you.
    Mr. Putnam. Our second witness is Mr. Mark Zadra. Is that 
correct?
    Mr. Zadra. Zadra.
    Mr. Putnam. Zadra.
    Mr. Putnam. I am sorry, Mr. Mark Zadra.
    Mr. Zadra currently serves as chief of investigations for 
the Florida Department of Law Enforcement Office of Statewide 
Intelligence. In this role, Chief Zadra provides oversight for 
investigations, intelligence and business functions. This 
includes oversight of automated intelligence systems, the 
Counter Terrorism Intelligence Center, Financial Crime Analysis 
Center, Computer Crime Center, Investigative Intelligence 
Support and Publications.
    Chief Zadra provides administrative oversight of Florida's 
effort in the implementation of the MATRIX project. He also 
chairs the State of Florida Data Integration Committee, which 
functions to insure data interoperability and efficiency in 
data collection maintenance, analysis and dissemination. In 
addition, he insures coordination and consistency of 
intelligence components of Florida's seven Regional Domestic 
Security Task Forces.
    Welcome to the subcommittee. You are recognized.
    Mr. Zadra. Thank you, Chairman Putnam, and the staff and 
for the opportunity to speak with you today about some of 
Florida's efforts in conjunction with our local, State and 
Federal partners in information sharing across our State and 
Nation.
    Following September 11th and the horrific events of that 
day, it soon became quite apparent that local law enforcement 
in the State had a role in ensuring security in our Nation. 
State law enforcement representatives began meeting from all 
over the country to talk about how we could share the right 
types of information necessary to do that.
    Resulting from those discussions were the development of 
the MATRIX project, which stands for Multistate Anti-Terrorism 
Information Exchange. This project is to increase and enhance 
the exchange of terrorism and other criminal activity 
information among local, State and Federal agencies. The 
project is funded by two Federal grants, and it currently 
involves five States--Connecticut, Florida, Michigan, Ohio and 
Pennsylvania--four States, I would note, which are represented 
by members of your subcommittee. There are other agencies that 
are, States that are continuing to involve in discussions 
regarding joining.
    The funding was used to purchase hardware, software, 
communication support, to make each State a member of RISS, 
through a RISS node, also develop secure Web sites and for data 
integration efforts.
    There are three main objectives of the MATRIX project. One 
is connectivity. The other is Web-based access to data 
intelligence, and the third is factual data analysis. On the 
connectivity side, as Mr. Lynch had indicated, the RISSNET is 
used by all the MATRIX participants for all their secure 
connectivity. And it's graphically displayed there, the six 
RISS centers.
    Florida is a node directly to that. The importance to that 
is that the Criminal Justice Network within the State of 
Florida is a trusted, secure intranet which connects all of 
Florida's criminal justice agencies, over 1,000 of those. It 
provides e-mail services in a secure environment, the ability 
to have interagency files and image transfers and, as 
importantly, it allows access to all different types of 
applications that local agencies and State agencies make 
available over the CJNet. And some of those are displayed on 
the materials that have been provided to you.
    The second objective, as I mentioned, was Web-based access. 
And in that, we have, within each State, the desire is to be a 
secure Web site, and that would leverage existing systems that 
are already built. There's been too much time, money and effort 
placed into putting in systems; those do not need to be 
duplicated.
    You will see in the next slide, the Office of Statewide 
Intelligence, Florida Department of Law Enforcement. We do have 
a secure Web site, which allows us to provide law enforcement 
sensitive information to all of our local, State and Federal 
partners in the State of Florida.
    And regarding the first panel and the ability to push 
information, you will see, in the middle of that, the daily 
brief. That's something that we do every day. We provide a 
daily brief to all of our partners, including the Homeland 
Security Operation Center, about what is going on this day in 
Florida.
    The third objective was factual data analysis, and that is 
the ability to take information, which we discovered as a 
result of a specific investigation of September 11, where the 
data aggregators have commercially, public-available 
information. We discovered, when that can be dynamically linked 
with data that States collect and maintain--and those are 
drivers license and digital images, motor vehicle information, 
criminal history, sexual offender information, Department of 
Corrections, that when you combine that data, you can take what 
would be disparate data and make it very meaningful for law 
enforcement purposes.
    You will see displayed in the next slide, there is actual 
screen shots from the FACTS program, and it shows that we can 
produce information regarding subjects who are the subjects of 
criminal investigations, their relationships can be shown 
between individuals of that criminal organization as well as 
photo lineups and thosetype of things. The system has numerous 
security considerations in place.
    The MATRIX board, which may represent each State and 
oversees the activities of the MATRIX participant, they, as 
well, address the privacy concerns.
    And you will see graphically displayed there information 
that when each member signs on to the system, it again 
acknowledges again the purpose they are there and the 
guidelines that they are to operate under. It also requests the 
need to identify a case number and the type of activity that is 
being examined.
    The searches that are done within the FACTS application--
drivers license, vehicles, corporations, telephone directory 
assistance, property, deed, assessments, those types of 
things--it is used to investigate domestic security concerns as 
well as other types of domestic criminal activity.
    I would like to point out, too, the project has had a lot 
of misconceptions that have been attached to it. I would like 
to highlight just one or two of those. Primarily, the FACTS 
application does not do predictive analysis. It does not track 
or monitor individuals. It does not collect the types of 
information that I believe our citizens would be concerned 
about, such as their health records, where it is that they 
shop, their credit information and thosetype of things.
    Simply put, FACTS, within the MATRIX project, was designed 
simply to allow law enforcement investigators to work more 
efficiently, pulling information that they have always had 
access to, legally, and it's not unlike an internet search 
engine that you use to conduct internet searches. It is a tool; 
it is not a substitute for investigative work.
    Thank you, Mr. Chairman, for the opportunity to address 
you.
    [The prepared statement of Mr. Zadra follows:]
    [GRAPHIC] [TIFF OMITTED] 98119.043
    
    [GRAPHIC] [TIFF OMITTED] 98119.044
    
    [GRAPHIC] [TIFF OMITTED] 98119.045
    
    [GRAPHIC] [TIFF OMITTED] 98119.046
    
    [GRAPHIC] [TIFF OMITTED] 98119.047
    
    [GRAPHIC] [TIFF OMITTED] 98119.048
    
    [GRAPHIC] [TIFF OMITTED] 98119.049
    
    [GRAPHIC] [TIFF OMITTED] 98119.050
    
    [GRAPHIC] [TIFF OMITTED] 98119.051
    
    [GRAPHIC] [TIFF OMITTED] 98119.052
    
    [GRAPHIC] [TIFF OMITTED] 98119.053
    
    [GRAPHIC] [TIFF OMITTED] 98119.054
    
    [GRAPHIC] [TIFF OMITTED] 98119.055
    
    [GRAPHIC] [TIFF OMITTED] 98119.056
    
    Mr. Putnam. Thank you very much.
    Sorry, Ms. Peck. We saved the best for last.
    Ms. Peck. You did indeed.
    Mr. Putnam. Our third witness on the panel is Ms. Suzanne 
Peck. She is chief technology officer for the District of 
Columbia. Prior to her appointment, she served as the senior 
technology and operations executive for several Fortune 500 
companies. Ms. Peck is a recognized expert in the conception 
and implementation of large-scale technology operations.
    Her decade-long service as senior vice president, chief 
information officer of the Student Loan Marketing Association 
of Sallie Mae helped transform the $46 billion corporation into 
one of the Nation's largest wholesale credit providers.
    More recently, Ms. Peck was senior vice president of 
CoreStates Financial Corp. and chief executive officer of its 
$50 million technology startup subsidiary,
    Welcome to the subcommittee. You are recognized for 5 
minutes.
    Ms. Peck. Thank you.
    Good afternoon, Mr. Chairman. I am the District of 
Columbia's chief technology officer, leading the Office of the 
Chief Technology Officer, the central information technology 
and telecommunications agency of the District of Columbia 
Government. I am pleased to testify today on the District's 
leadership efforts in developing an enhanced information-
sharing network that links law enforcement and homeland 
security for multi-jurisdictional use.
    In the District, we have developed an integrated suite of 
information-sharing programs for local, regional and Federal 
public safety and domestic preparedness. This suite focuses on 
the exchange, transportation, presentation and coordination of 
important public safety and emergency preparedness data. And we 
are building this enhanced information-sharing network to be 
fully interoperable among District agencies, Federal agencies 
and regional and national municipalities.
    In the area of data exchange, we are building a public 
safety and criminal justice data sharing system that easily 
integrates this data using only open-standard components which 
can be easily and quickly replicated by other jurisdictions. 
This initiative is underway under the name of SHIELD, Securing 
the Homeland By Integrating Existing Local Data bases.
    SHIELD currently shares data among 14 District and Federal 
public safety criminal justice and court agencies and also 
shares this data with similar agencies in New York City, 
Pennsylvania, Maryland and Virginia. SHIELD provides access to 
available, unrestricted public safety and justice data through 
an interoperability partnership of independent city, State and 
regional information systems.
    Through secure internet access, SHIELD allows justice and 
homeland security officials across the region and the Nation to 
share incident information and to perform comprehensive public 
safety analyses in real time and to respond more rapidly with 
better-informed decisions in first-responder and terrorist 
situations.
    In the area of data transport, we are implementing 
broadband networks over which we are prepared to drive SHIELD 
shared-information data, both regionally and nationally.
    One network we are supporting uses the internet as the 
broadband transport network. We're implementing secure internet 
connections, using existing components, such as browsers, ISP 
connections and commerciallyavailable authentication tokens.
    Another network we are supporting is a pilot broadband 
public safety network in the 700 megahertz band that allows us 
to transport real-time video-streaming data from first 
responder incident sites to central command centers.
    A third transport initiative we are underwriting is the 
District's leadership of the Spectrum Coalition, a national 
coalition of cities, States and counties formed to advocate for 
national legislation that would permanently allocate spectrum 
in the 700 megahertz band to public safety so that States and 
cities throughout the United States would have sufficient 
reserved spectrum to support vital public safety wireless 
applications.
    A fourth key data network effort in which we are 
participating is the Capital Wireless Integrated Network, or 
CapWIN, a partnership among Maryland, Virginia and the District 
to develop an integrated transportation and criminal justice 
information wireless network.
    In the area of data presentation, we are enhancing the uses 
and usefulness of the justice and emergency preparedness data 
we share and transport to municipal and Federal colleagues by 
presenting that data in innovative ways. The District's DCSTAT 
system provides both nearly daily and real time capabilities to 
collect, organize, report, and map data for use by local, 
regional and Federal agencies in the national capital region 
and, by extension, the Nation. DCSTAT will enable local and 
Federal agency executives and program managers to merge spatial 
data, that is map data, with traditional public safety data to 
better predict and manage public safety emergencies in a 
geographic mapped context.
    In the area of data coordination, it's critical to 
effective homeland defense that first-responder and emergency 
management agencies coordinate data planning and deployment. 
Our Unified Communications Center, UCC, a 127,000-square-foot 
building on the East Campus of St. Elizabeths Hospital in Ward 
8, will consolidate, when opened in early 2006, District 
emergency communications and traffic management functions and 
our 911 emergency, 311 non-emergency, and 727-1000 citizen 
service call centers.
    But, in addition, the UCC will play a very key homeland 
defense role, serving as the Regional Incident Command and 
Control Communications Center [RICCC], for the 17 major 
jurisdictions in the national capital area. The RICCC will 
facilitate communication and coordination among local, State 
and Federal authorities for effective and timely response to 
regional and national emergencies.
    In summary, the initiatives I have just spoken about 
address the public safety, criminal justice and homeland 
security data sharing, transportation, presentation and 
coordination needs that are critical and urgent for the 
Nation's capital and for the Nation. We have designed our 
programs from inception to serve not only the District but 
national homeland defense as well. Each of the elements of the 
District's enhanced information-sharing network can be easily 
expanded to local, State, regional and Federal agencies to meet 
homeland defense needs on a national scale.
    And we look forward and, in fact, are already working with 
DHS and our county, State, regional and national partners in 
achieving this.
    Thank you, Mr. Chairman.
    [The prepared statement of Ms. Peck follows:]
    [GRAPHIC] [TIFF OMITTED] 98119.057
    
    [GRAPHIC] [TIFF OMITTED] 98119.058
    
    [GRAPHIC] [TIFF OMITTED] 98119.059
    
    [GRAPHIC] [TIFF OMITTED] 98119.060
    
    [GRAPHIC] [TIFF OMITTED] 98119.061
    
    Mr. Putnam. Thank you, Ms. Peck.
    I want to thank all of you for being here today and, in 
particular, for being here so long here today. We were an hour 
late starting, and you have been very patient, and fortunately, 
I am hopeful that we will be able to complete this without 
being interrupted by votes.
    But the award, I guess, for your resilience is that you get 
the last word.
    So my first question to each of you is to comment on what 
you heard in panel one and give us some sense if things are 
going well, not so well, and how you evaluate their 
observations from the Federal level on information sharing to 
prevent future terrorist acts, and where there may be some 
differences from your perspective at the State and local level.
    So, Mr. Lynch, I will let you begin.
    Mr. Gerard Lynch. Thank you, Mr. Chairman.
    I did listen very intently to the gentleman from the FBI as 
well as Homeland Security, and what they are saying, there is 
truth to it, although it was sometimes a little more difficult 
to get the information that we thought we would be getting 
sooner.
    But, with regard to the FBI, just before September 11, we 
were in discussions with the FBI about marrying their system, 
the LEO system, with the RISS system so that we could have the 
Federal entities also hooked up with the State and local 
entities system-wide, not individualized.
    And since September 11, that became a reality. We are still 
modifying it. We are still perfecting the relationship with the 
FBI and the LEO system, and we are very confident that's going 
to continue. We are getting the bulletins from the FBI that are 
needed to share among the 7,000 law enforcement agencies that I 
previously testified about, and we are getting them on a 
regular basis.
    We are also working very intently with the Department of 
Homeland Security. As a matter of fact, just yesterday, we had 
a meeting with the IAIP section of the Homeland Security to see 
if we could get some more seamless cooperation between the two 
entities. And we seem to be on that road, and the road, I 
think, is going to be leading to more and more cooperation and 
more and more sharing of information.
    In fact, on Monday, I have another meeting with the 
Department of Homeland Security, and the purpose of that is to 
work out ways that we can share information, use the systems 
that are out there, the existing systems, and get the 
information to the entire community.
    As you know, since RISS system has already developed RISS 
ATIX, we have been there for several years. Homeland Security 
is now getting into that field. And what we want to do is, once 
they are in it, we want to marry those two systems up. And we 
are in those discussions to make that occur.
    So we are cautiously optimistic that things are improving, 
and will continue to improve in the future.
    Mr. Putnam. Mr. Zadra.
    Mr. Zadra. Mr. Chairman, I believe that you would be 
pleased to hear from the State standpoint that things are 
greatly improved, as each of the gentlemen indicated.
    Probably would not be so pleased to hear, as was also 
indicated, that we are not there yet with everything that needs 
to be done. From the State's perspective, it's our belief and 
representative of our local agencies, that what we need the 
Federal Government to do is to help bring all of these systems 
together. As you can see, they have sprung up all across the 
Nation. There were existing systems before.
    What we don't need is to go to a desktop and have to go 
check 120 different systems from across the country to connect 
those puzzle pieces.
    What we need to do is to have the Federal Government, 
hopefully through the--was mentioned through the National 
Intelligence Criminal Sharing Plan, they indicated in their 
Criminal Intelligence Coordinating Council, which would be made 
up of representatives of the right organizations, to help us as 
a country come together, and so that we can take and integrate 
all of the existing systems, to leverage what we have and not 
take all of this funding that is going forward to the States 
and to the locals to build, again, disparate silos of 
information. So there is a lot of work that really needs to be 
done, and we would hope that the Federal Government would help 
with that.
    Also, I think it's critical that what we need the Federal 
Government to do, and all of the agencies that were represented 
here today, is we don't need to query their data bases. We need 
information pushed to us. We should not be where we have to 
make individual phone calls to all of them. So that information 
that TTIC is analyzing, it needs to be disseminated, and it's 
currently, how it's structure is now that it goes to the 
Federal Bureau of Investigation, which goes to their Joint 
Terrorism Task Forces or, first, to the intelligence center and 
then to the respective Joint Terrorism Task Force.
    Within Florida, we have seven regional district domestic 
task forces that have liaisons with each of the two JTFFs, and 
in fact, in two of our regions, they are co-located with them. 
So we depend a lot on Homeland Security for situation 
awareness. As there are events unfolding in Florida, we make 
notification to their command center. Likewise, they make 
notice to us and, through Jay Reeves, as incidents that are 
occuring, issues of concern across the country. On the 
intelligence side, we depend a lot on the intelligence coming 
from--internationally coupled with the domestic--from other 
areas of the country to funnel us from the FBI, in addition to 
the information and intelligence mechanisms from the Department 
of Homeland Security.
    Mr. Putnam. Ms. Peck.
    Ms. Peck. The District of Columbia is in the unique 
position, not only of being the Nation's capital, but of being 
the single municipality in the Nation which is a city, a county 
and a State. So the perspective I bring is of all three of 
those. And our perspective is that, finally, all terrorism is 
local.
    DHS, I think, is doing an extraordinary job at the Federal 
and national level, and the system that we bring to the party 
is a system that we have implemented for ourselves to make sure 
that all of our local public safety, criminal justice and court 
information is shared within the District; 14 criminal public 
safety and court entities in the District are now sharing their 
data for the first time ever in the history of the District.
    That system can be replicated through using commercially 
available components, in every municipality in the United 
States, and the funding for that replication can be taken from 
local funding. If, theoretically, every individual municipality 
in the State created only just their own local information-
sharing system, and brought that system to a national 
consortium, all they would need, in addition to that system, is 
a browser capability, an ISP, a secure ISP connection, and some 
authentication token so that integration would be the only 
additional expense to making all local information in the major 
municipalities in the United States available.
    What the District of Columbia is doing and believes very 
strongly in is that system, where we don't create monolithic 
new systems and structures of communications but take locally 
funded information-sharing systems in municipalities across the 
Nation, connect via commercial, secure internet connections and 
have data available in any kind of emergency preparedness or 
terrorist incident where any combination of city, States, 
counties across the Nation can converse with each other, local 
data availability.
    DHS then adds the component that each of these systems, 
local information systems, can also connect, as the gentleman 
from the FBI told you earlier, with NWCCC, with NCIC, with LEO, 
with HSIN, with all of the DHS systems and the Federal systems.
    But a system of local data-sharing across the United States 
does not have to be invented and implemented whole cloth. It 
already exists. We are proving that and have proved it in the 
District and have taken that system, already regionally, to the 
September 11 municipalities, to New York City, to Virginia, to 
Maryland and to Pennsylvania and have piloted data exchange of 
local information among all of those elements.
    Our next step in this system, in showing that every 
jurisdiction could build the system very quickly, and for very 
little marginal cost, is to do what the first panel--you 
queried the first panel about notification and alerts. The very 
next thing we are putting into place is that system, so that 
system, nationwide, of notifications on alerts would exist at a 
local level, and we are also going to the next production 
pilot. What we are doing is to connect the entire eastern 
seaboard and have them exchange information. From the Eastern 
Seaboard, it's just one easy step to the Nation.
    So the systems that we have built really are a pilot to 
show how to have local data available in any permutation and 
combination, available between and among localities across the 
Nation and available to DHS.
    So we look at DHS as the Federal information consortium, 
and we are looking at local municipalities and connecting local 
municipalities.
    Mr. Putnam. It sounds like what you just said, please 
correct me if I am wrong, is that if DHS would just get out of 
the way, you would have this thing done in a year or two?
    Ms. Peck. Local, there--no, what I am saying is, our 
focuses are different. The focus of DHS is Federal, national 
information. Our focus is in working with them, and we are 
working closely with them on these initiatives. And our focus 
is to have--when I say local information, DHS is not currently 
focusing on having local mug shots, local fingerprints, local 
criminal records, local incarceration records at a very, very 
detailed level. Those are the kinds of things we say, when 
terrorism occurs, are kinds of information you are very likely 
to need as well.
    And so we are, as I look at us, DHS's partner in helping 
get that information into the bundle without extraordinary 
expense, from scrap expense.
    We have simply shown how you can have all of that 
information made available at very little incremental cost; 
only integration is the incremental cost.
    Mr. Putnam. Mr. Zadra, MATRIX, a very innovative program 
that you have brought up to speed in Florida, does DHS have 
access to that, or do they have to go through you?
    Mr. Zadra. We are still awaiting a final policy decision 
from DHS. We have members of DHS, such as the Immigration, 
Customs, Enforcement representatives, within this State of 
Florida who are assigned to our Domestic Security Task Forces. 
They have access to the FACTS application, the MATRIX project.
    One complicating factor, Mr. Chairman, since this is under 
a pilot project and is funded by Federal grants, the 
information that's been provided to us is that Federal 
agencies, therefore, cannot benefit from the Federal funds for 
the position that it possibly could be supplanting 
congressional funding. That's a policy decision that's still 
being waited on.
    Within Florida, however, the Federal partners to our task 
forces, the State of Florida, our State legislature authorized 
additional funding for us to purchase additional licenses, if 
you will, for use by the task force members, and, therefore, we 
can provide those licenses to our Federal partners and not be 
in conflict with, perhaps, that policy decision.
    Mr. Putnam. Have you had an opportunity, post September 11, 
to take this thing out for a spin and really see how it works 
in a real live threat situation? Has there been an operation 
where there was either a threat or a situation that required 
you to really exercise the system that has grown up since 
September 11?
    Mr. Zadra. Respect to FACTS, sir?
    Mr. Putnam. Yes.
    Mr. Zadra. Yes, sir. Let me say that FACTS is utilized by 
the regional domestic security task forces with the subject of 
concern relating to criminal organizations involved in, 
perhaps, terrorist activities. So it is used every day by them.
    An actual incident that happened, that I was personally 
involved in, is we received a request from a Federal agency who 
had been advised that there were a certain number of 
individuals who were on their way to an airport within the 
State of Florida to bomb it. And they had partial descriptions 
of vehicles but no tag numbers. Some very suspicious 
circumstances regarding the individuals observed with those 
vehicles and the activities that they were involved in.
    The request to the State of Florida was to provide for 
them, if you will, the universe of those type vehicles that are 
registered in the State of Florida.
    Prior to being able to utilize FACTS, the ability to do 
that would have required an offline search through our 
Department of Motor Vehicles which, in the past, has taken 24 
to 48 hours to do. Within less than 2 minutes, we provided a 
list of--and the numbers, our round numbers of approximately 80 
of one vehicle and 70 of the other vehicle to them within 2 
minutes.
    The importance of that, however, is by dynamically 
combining the State-owned data, which is the vehicle 
registrants, the drivers licenses but, more importantly, the 
drivers license photographs, when that material was provided to 
the Federal agency, it had the list of all known vehicles that 
met that description within a 25-mile radius of where the 
incident was reported. It had the motor vehicle registration 
information, the address for each of those.
    But, more importantly, it had the drivers license 
photographs for those registered owners. And the Federal agency 
could go to their witness, provide this and ask that witness, 
do you recognize any of the following as that? Now, compare 
minutes to what really would have taken weeks or, I should say, 
days if not weeks of a table full of analysts and agents 
sorting through stacks of computer printouts, only then to find 
a vehicle that may match the description. But then have to go 
make a separate query to identify the registered owner, make a 
second query to then identify the actual drivers license 
photograph associated with that.
    Now, I will tell you that, in that particular circumstance 
that I just referenced, that it turned out to be a hoax, so you 
might ask me, why, Mr. Zadra, would you be discussing that as a 
success story? And I would say this, it's a success story from 
this standpoint, that every time it's used, it enhances the 
investigator's ability with respect to not only the hopeful 
successful conclusion of that investigative league, but 
timeliness is what's critical. And when you are talking about a 
weapons of mass destruction, it's the time, it's those minutes 
and seconds that count. So any time you utilize FACTS is a 
success story, in my personal view.
    And the other thing is that, if you think about this 
particular circumstance, of the hours that were saved by not 
having that table full of analysts and agents pursuing leads 
relating to a hoax--this all--there are numerous success 
stories, Mr. Chairman, regarding all types of criminal 
activity. And if I could mention one more to give you an idea 
of how successful of a tool it is.
    Within Florida, we had a 15-year-old female who was 
victimized by a sexual offender who was going around exposing 
himself to young females within the State. A call came from 
local law enforcement. And this one young female, there was an 
attempted actual abduction, so it went beyond just exposing 
himself to now attempted abduction. Fortunately, this young 
female was very heady, used good technique, was able to obtain 
a partial description of attack, observe the facial description 
of the individual and was able to escape from being abducted, 
provided that information to local law enforcement. The call to 
us was, ``We have a partial tag. We have a color of a vehicle. 
That's all we know. Is there anything you can do?''
    Within minutes, we provided a list of, because you can do 
what is referred to as a wildcard search within FACTS on a 
partial tag number. But, again, it brought back the registered 
owner of just a few vehicles now that met that within, again, a 
mile radius of that, where it was reported, and now, again, we 
had the photograph. It was shown to the victim, immediately 
identified the subject, and warrants were issued for its 
arrest. So that is how the system is used effectively in 
pursuit of not only terrorism investigations, which are 
certainly critical, but all types of criminal activity. What we 
had found was we developed a tool which obviously was brought 
about from the standpoint of and addressing counter terrorism 
efforts, but certainly, I don't think any of us would find, if 
we had a tool in our tool box that was multipurpose, that we 
would not utilize that tool for any other use.
    Mr. Putnam. Well, that's interesting that you are so 
willing to disclose that your search took 2 minutes, and TTIC 
was reluctant to disclose how long theirs took. I suspect, if 
it was as efficient as 2 minutes, they might have been more 
willing to disclose it in open forum. I think that is a perfect 
example of technology being utilized in a nonintrusive way to 
keep people safe, either from the traditional bad guys and as 
well as the, the new terrorist threat that's even greater in 
this post September 11.
    Are you satisfied with the level of coordination from the 
Federal level on these threats? And the example I would use is 
sort of a nontraditional example, but it's a big deal for 
Florida, and the example is the recent unrest and humanitarian 
crisis, actually, in Haiti, that for several days bordered on 
what could have been a massive migration to Florida. And in the 
middle of that, I can remember getting a briefing from the 
State Department on the preparations that were being made in 
anticipation of a refugee crisis.
    And my first question was, ``Are you, have you talked to 
Florida about this?'' and they said, ``Well, no, we haven't.'' 
Well, then I said, ``You don't have a plan if you are not 
talking to the people who are about to be on the shores, 
receiving thousands of people who are going to be in need of 
medical treatment and food and shelter and clothing and all of 
these things.'' And it really sort of set off a red light that 
they still don't get it.
    Are you satisfied with the level of coordination that 
exists on major, major efforts like that?
    Mr. Zadra. Mr. Chairman, I would say that I am encouraged 
to say I am completely satisfied, I do not think would be the 
case. There is room for improvement. Perhaps if it would make 
you feel better with respect to that Haitian situation, we were 
very well aware and were planning very diligently and were 
reaching out and we're involving our homeland security 
partners, the U.S. Coast Guard, the Maritime Intelligence 
Center out of south Florida.
    Fortunately within the State of Florida, we were the first 
State to engage in a very innovative project where we actually 
have 35 of our regional domestic security task force members 
who are cross-trained and designated and have detention and 
arrest authority for immigration issues with respect to 
domestic security.
    So we had in place not only with our local law enforcement, 
but also regional and domestic security task forces to have 
those representatives and members available to assist in that 
particular situation. We are continuing dialog and there is 
still a lot of work to be done to ensure that the State of 
Florida, particularly our local law enforcement, because as was 
mentioned, the issues always occur locally. So when you have 
boatloads of those that are migrating to our shores, they come 
to local jurisdictions as they pass through the international 
waters, obviously. But when they get to our shore, local law 
enforcement is the first to intervene. So we are working 
through and we are in the process of finalizing some training, 
which would be for those jurisdictions that line, particularly 
our south Florida coast line, where there would be specific 
individuals that would be trained and have the ability to do 
nothing else but to stop and detain and wait for the proper 
Federal law enforcement representatives to effectively deal 
with that situation.
    Mr. Putnam. Perhaps Ms. Peck or Mr. Lynch could comment on 
what cyber security assurances are in place to protect the 
sensitive information that is being transferred between 
jurisdictions, whether it is between the States and the Federal 
Government or between States.
    Mr. Gerard Lynch. I think the cyber security issue is being 
addressed by the law enforcement communities that are members 
of the RISS system. And not only do we put on trainings for the 
law enforcement community about cyber crime and how cyber crime 
is affecting the lives of the average citizens, but we are also 
posting on not only RISSLEADS, or RISSLIVE bulletin board 
incidences of cyber crime identity theft. We are finding out 
that more and more of these State and local agencies are 
becoming aware of the effect that cyber crime has had on the 
relationships of the citizens of this country. And we really 
looked at it as part of a major crime, whether it is narcotics 
trafficking or gang activity. Cyber crime is just as important, 
just as debilitating and just as an effective means of the 
criminals to perpetrate crimes on the citizens of this country. 
So we are up to date on that. We are looking constantly to ways 
that we can combat it and we will continue that training of our 
law enforcement personnel throughout the country to ensure that 
cyber crime does, in fact, become an entity.
    Mr. Putnam. In your organized crime work in New Jersey, had 
you ever come across an organized crime influence in cyber 
crime?
    Mr. Gerard Lynch. Such as identity theft?
    Mr. Putnam. No. I would kind of lump, unfortunately, 
identity theft into the more traditional basket of crimes. But 
utilizing cyberspace perhaps to affect infrastructure, bring 
confusion or affect perhaps local response capabilities or 
things like that.
    Mr. Gerard Lynch. The traditional organized crime members 
were not involved in that. That was not even--I don't think 
I've seen any indications that the traditional organized crime 
was involved in cyber crime to the effect that they want to 
disrupt the Internet and do something to shut down the 
communications, such as the banking industry. What we are 
seeing and what RISS has done is we have basically made our 
system very secure, so that when they had that last attack on 
the cyber community, we were being banged almost 20 to 30,000 
times an hour from Russia, from Belarus, from all the European 
countries, so it is a very severe thing.
    And if the private community does not pick up on it and 
constantly stay on top of it, they will be shut down as 
Citibank was done during the last cyber crime attack. We are 
aware of it and the member agencies are aware of it and we are 
doing everything to educate and see to it that the criminal 
information is not affected by it. And I am sure that homeland 
security will be doing the same thing. It is a very serious 
issue that could face us in a very dangerous way down the road. 
But I see it more and more being protected as we protect our 
system.
    Mr. Putnam. Sitting here listening to the different 
acronyms, MAGLOCLEN, RISS, MATRIX, FAX, CJNet, CRIMES, CLEAR, 
recognizing that it is always kind of a good thing to have your 
States or localities be the laboratories for innovation, have 
we reached the point that we are reinventing the wheel in 
different States? And is the technology mature enough that we 
really could be just replicating successful programs in other 
States instead of funding a bunch of new pilot programs?
    Mr. Gerard Lynch. There will always be regional interests 
for regional purposes that will be drafted, but we have been in 
constant contact with Members of Congress who appropriate 
funding for the RISS program or some similar programs. And what 
they have put in language now is language that would instruct 
those grant issuing agencies a directive that if they are going 
to be setting up any kind of a regional data base or regional 
telecommunications system that they use existing systems out 
there and they don't reinvent the wheel so that the existing 
systems can operate in a very effective manner. And that has 
been happening. Most of the technology that we have today can 
be developed so that it can marry most systems up.
    When we decided to hook up the U.S. attorney's offices 
nationwide so that we could give them secure e-mail and 
encrypted translation of information back and forth, it was 
done because we developed a system that would allow that. And I 
think that what we are seeing here is that systems are being 
developed such as the RISS system that allow other systems to 
seamlessly, if not transfer information, but at least talk to 
one another and we are seeing that. We in MAGLOCLEN oppose 
constant duplication, because not only does it affect law 
enforcement when they want to talk to other agencies and the 
systems don't talk to each other, but also it costs money when 
you are developing new systems.
    So when new systems are coming up and they are coming up--I 
don't think we can stop that--we want to make sure that if 
those systems come up, that they are compatible with the 
systems that are out there. And what I see in the future is 
that we are going to have a system of systems whether it's RISS 
system hooked up to the homeland security system, hooked up to 
RISS/LEO, there are many systems out there that will be able to 
communicate. Technology is not the issue. Policy is the issue.
    Mr. Putnam. Ms. Peck.
    Ms. Peck. I would absolutely concur with that. It is the 
position of DHS that they support a number of these State-based 
initiatives and that they follow these initiatives to the 
logical conclusion of the successful initiatives. So, you know, 
you plant your beans and you see which ones come up and which 
ones grow the highest and the best. So I think it makes a great 
deal of sense to support a number of State systems.
    We all come to more or less the same conclusion so if you 
look at MATRIX's technology and SHIELD's technology, we come to 
a single place that says let's not build it from scratch. Let's 
use components that already exist. We have used exactly the 
same kinds of components. The only place I think in which we 
differ and we both come from a place that says it's the local 
data that needs to be integrated into the national DHS system. 
I think the only place that we disagree knowing what I know of 
MATRIX is knowing what kind of data is included and how that 
data is used. But in terms of the technology and recognizing 
that we need to build very cost sensitive systems from existing 
components and not ask the national government to attach all 
local data on their expense, we need to ask localities to do 
that.
    We have come to exactly the same place. SHIELD's next focus 
is governments and national security and the security rules 
that will govern national data sharing and regional data 
sharing. So again, the technology can be easily replicated at 
very low costs and we need to have governance structures that 
say what kind of data, who is authorized to access that data 
and under what circumstances the data will be used and for what 
purposes, those kinds of governance, and the security rules as 
well in terms of the kinds of data and who has access to it. So 
it's those policy issues that are the things that we are 
looking at now and I am sure every other State-based system is 
looking at the same thing. The technology is the easy part, 
getting people to play together and to agree under which rules 
they play is much more focused now.
    Mr. Putnam. Thank you very much. And before we bring this 
to a close, I want to give all of you the opportunity to have 
any final comments, it is the least we can do after this long 
afternoon. Ms. Peck, we will begin with you and end with Mr. 
Lynch and we will bring this subcommittee hearing to close. Any 
final thoughts?
    Ms. Peck. I would like to thank you very much as chairman 
for the opportunity to highlight the leadership work that the 
District of Columbia has done in the area of local to national 
information sharing of public safety, criminal justice. Thank 
you very much for the opportunity.
    Mr. Putnam. Chief.
    Mr. Zadra. Mr. Chairman, I thank you for the opportunity to 
be here today and I applaud the efforts of this subcommittee. 
It is the leadership. And we need, speaking from a State and 
local perspective on bringing all this together. I concur with 
both the last statements of Ms. Peck and Mr. Lynch in that the 
technology is not the problem. We have all the systems there 
that really what we need.
    What we need to do is figure out how to connect them 
together. We need them not only regional strategies, we need a 
State strategy for each of our States so that each of the 
projects that they have within their major municipalities or 
sheriff's offices that they can bring those together from a 
State perspective, and as Mr. Lynch said, we will connect 
systems to other systems. I am 26-year member of the department 
of the law enforcement and been involved in criminal 
investigations for years. What I would like to see on my desk 
stop is instead of Mark Zadra having to query every police 
jurisdiction in the United States of America, I believe that we 
need a national index to where Mark Zadra could query a name 
and if nothing else, if it was just a pointer--because we are 
going to have to work through all of the security issues, 
policy issues, those are privacy issues that need to catch up 
to the technology, but we need, if nothing else, so I can 
connect those puzzle pieces.
    When you go to a store now and you buy a puzzle, you come 
home and it has a picture on the box and it tells you how many 
puzzle pieces are in there and you know they're all in that box 
and you can put your puzzle together. Law enforcement's problem 
is that we don't have the picture. We don't even know how many 
pieces there are and our pieces don't come in a box but are 
spread across the country. So each of those jurisdictions may 
have that puzzle piece that we need. We shouldn't have to go 
individually and make phone calls in the way that we used to do 
business 10 years ago, including just most recently prior to 
September 11. What we really need to do is collapse all those 
tools on our desk. We don't need to be a multitasking disorder.
    Having information is good, but what is important is making 
it meaningful to us and figure out whether that information 
fits that puzzle piece. What we would like to see and it needs, 
from the national perspective, and hopefully, this coordinating 
council can pull this off, but we need to be in a position that 
when I sit as investigator at my desktop, I need homeland 
security to be dealing with me and also me with them as to what 
is the situational awareness issues that are going on across 
our country as they are developing.
    We need to know about them so that when something happens 
in another State, we in Florida can take that and apply the 
same protective and necessary protective measures to our 
critical infrastructure that is the issue. The other thing we 
need to do is we realize everyday there are individuals that 
come into contact with our criminal justice agencies as what 
talked about in SHIELD, that information is sitting out there 
and being collected already in systems that are already 
existing.
    I need the ability to determine with a single query who and 
where have they come in contact with the criminal justice 
community, realizing that there are others that have a 
different type of job and that is intelligence. And 
intelligence really isn't intended to be shared at all levels 
with everyone in the criminal justice community or law 
enforcement. And this plan again speaks to that. We need the 
ability to hook up to those criminal intelligence systems as 
well.
    So again, I thank you for your what you're doing with your 
subcommittee because I think that is the leadership we need is 
to pull all of this together, someone to put their hands around 
it and assist us. We have 40,000 law enforcement officers in 
the State of Florida who everyday have eyes and ears that are 
trained on domestic security issues and those things do happen 
locally. And we need to make sure that not only are we 
capturing it but we are sending that information and making 
available to others that have a need for that as well. So 
again, thank you, sir.
    Mr. Putnam. Mr. Lynch.
    Mr. Gerard Lynch. Thank you, Mr. Chairman and thank the 
committee for bringing this to the forefront. I think that in 
the followup to the last statement, we are getting closer to 
that realm. If you saw where we were 2 years ago to where we 
are today, we are light years ahead of that, but yet we are 
still a long way from seeing total connectivity. What we have 
seen as we have seen with the RISS system is that our member 
agencies such as the Florida Department of Law Enforcement as 
well as New York City Police Department, are participating more 
and more because they are seeing a lot more advantages coming 
out of these systems out there.
    And with our RISSLive and our RISS ATIXLive, we are seeing 
a lot more of the agencies starting to talk real-time to each 
other on key issues, whether it is a fire marshal talking to a 
fire marshal across the country or a police officer talking to 
a fire marshal across the country, we are seeing the 
communities of interest marry each other. And we are seeing a 
very fruitful end to all of this. We have ventured into the 
first responder community and we have seen a lot of positive 
feedback from the electrical critical events individuals to the 
railroad associations to the trucking industry. They are now 
working together to share information to shore up our homeland. 
And not only are the eyes and ears of the local police 
department alerted, but now we have the truck drivers, the 
electrical meter readers knowing more about what is going on in 
this country as far as security and posting threat information.
    You know, the pilot program we have with the Department of 
Homeland Security on nuclear power plants is crucial that these 
pilot plans are developed and our country is much safer, when 
we see homeland security talking to the FEMA or the Federal 
management of each State and the local police departments and 
talking about suspicious activity around nuclear power plants.
    So I see a lot more happening, but we still have a long way 
to go. And I think we have to make sure that the systems that 
are out there are funded properly and moved forward and that 
these connections such as the NODE activity and the NODE 
connection with the Florida Department of Law Enforcement can 
be spread throughout the entire country. And maybe this 
committee might be a spear head in moving that forward. Again, 
I thank you.
    Mr. Putnam. Thank you very much. I want to thank all of our 
witnesses for your outstanding participation today. Your 
testimony is vital to helping us to better understand this 
issue and move toward solutions and better interoperability. 
Thank you for your patience and your willingness to wait us 
out. I want to thank the staff for pulling together an 
outstanding hearing, in particular one of our committee interns 
who we are losing, Kaitlin Jarling's last day and we appreciate 
the work that she has done on this hearing and a number of 
others this summer. In the event that there may be additional 
questions we did not have time for today, the record will 
remain open for 2 weeks for submitted questions and answers. 
Thank you all very much. Subcommittee stands adjourned.
    [Whereupon, at 5:25 p.m., the subcommittee was adjourned.]

                                 
