[House Hearing, 109 Congress]
[From the U.S. Government Printing Office]


 
               USING OPEN-SOURCE INFORMATION EFFECTIVELY

=======================================================================

                                HEARING

                               before the

                     SUBCOMMITTEE ON INTELLIGENCE,
                        INFORMATION SHARING, AND
                       TERRORISM RISK ASSESSMENT

                                 of the

                     COMMITTEE ON HOMELAND SECURITY
                        HOUSE OF REPRESENTATIVES

                       ONE HUNDRED NINTH CONGRESS

                             FIRST SESSION

                               __________

                             JUNE 21, 2005

                               __________

                           Serial No. 109-22

                               __________

       Printed for the use of the Committee on Homeland Security
                                     
[GRAPHIC] [TIFF OMITTED] TONGRESS.#13

                                     

  Available via the World Wide Web: http://www.gpoaccess.gov/congress/
                               index.html


                    U.S. GOVERNMENT PRINTING OFFICE
24-962                      WASHINGTON : 2007
_____________________________________________________________________________
For Sale by the Superintendent of Documents, U.S. Government Printing Office
Internet: bookstore.gpo.gov  Phone: toll free (866) 512-1800; (202) 512�091800  
Fax: (202) 512�092250 Mail: Stop SSOP, Washington, DC 20402�0900012007


                               __________

?

                     COMMITTEE ON HOMELAND SECURITY

                 Christopher Cox, California, Chairman

Don Young, Alaska                    Bennie G. Thompson, Mississippi
Lamar S. Smith, Texas                Loretta Sanchez, California
Curt Weldon, Pennsylvania, Vice      Edward J. Markey, Massachusetts
Chairman                             Norman D. Dicks, Washington
Christopher Shays, Connecticut       Jane Harman, California
Peter T. King, New York              Peter A. DeFazio, Oregon
John Linder, Georgia                 Nita M. Lowey, New York
Mark E. Souder, Indiana              Eleanor Holmes Norton, District of 
Tom Davis, Virginia                  Columbia
Daniel E. Lungren, California        Zoe Lofgren, California
Jim Gibbons, Nevada                  Sheila Jackson-Lee, Texas
Rob Simmons, Connecticut             Bill Pascrell, Jr., New Jersey
Mike Rogers, Alabama                 Donna M. Christensen, U.S. Virgin 
Stevan Pearce, New Mexico            Islands
Katherine Harris, Florida            Bob Etheridge, North Carolina
Bobby Jindal, Louisiana              James R. Langevin, Rhode Island
Dave G. Reichert, Washington         Kendrick B. Meek, Florida
Michael McCaul, Texas
Charlie Dent, Pennsylvania

                                 ______

 SUBCOMMITTEE ON INTELLIGENCE, INFORMATION SHARING, AND TERRORISM RISK 
                               ASSESSMENT

                   Rob Simmons, Connecticut, Chairman

Curt Weldon, Pennsylvania            Zoe Lofgren, California
Peter T. King, New York              Loretta Sanchez, California
Mark E. Souder, Indiana              Jane Harman, California
Daniel E. Lungren, California        Nita M. Lowey, New York
Jim Gibbons, Nevada                  Sheila Jackson-Lee, Texas
Stevan Pearce, New Mexico            Bob Etheridge, North Carolina
Bobby Jindal, Louisiana              James R. Langevin, Rhode Island
Dave G. Reichert, Washington         Kendrick B. Meek, Florida
Charlie Dent, Pennsylvania           Bennie G. Thompson, Mississippi 
Christopher Cox, California (Ex      (Ex Officio)
Officio)

                                  (II)

                            C O N T E N T S

                              ----------                              
                                                                   Page

                               STATEMENTS

The Honorable Rob Simmons, a Representative in Congress From the 
  State of Connecticut, and Chairman, Subcommittee on 
  Intelligence, Information Sharing, and Terrorism Risk 
  Assessment.....................................................     1
The Honorable Zoe Lofgren, a Representative in Congress From the 
  State of California, and Ranking Member, Subcommittee on 
  Intelligence, Information Sharing, and Terrorism Risk 
  Assessment.....................................................    23
The Honorable Christopher Cox, a Representative in Congress From 
  the State of California, and Chairman, Committee on Homeland 
  Security.......................................................     3
The Honorable Bennie G. Thompson, a Representative in Congress 
  From the State of Mississippi, and Ranking Member, Committee on 
  Homeland Security..............................................     4
The Honorable Charlie Dent, a Representative in Congress From the 
  State of Pennsylvania..........................................    31
The Honorable Bob Etheridge, a Representative in Congress From 
  the State of North Carolina....................................    30
The Honorable Jane Harman, a Representative in Congress From the 
  State California...............................................    39
The Honorable James R. Langevin, a Representative in Congress 
  From the State of Rhode Island.................................    33
The Honorable Daniel E. Lungren, a Representative in Congress 
  From the State of California...................................    28
The Honorable Loretta Sanchez, a Representative in Congress From 
  the State of California........................................    37
The Honorable Curt Weldon, a Representative in Congress From the 
  State of Pennsylvania..........................................    35

                               WITNESSES

Dr. John C. Gannon, Vice President for Global Analysis. BAE 
  Systems, Information Technology:
  Oral Statement.................................................     5
  Prepared Statement.............................................     8
Mr. Eliot Jardines, President, Open Source Publishing, Inc.:
  Oral Statement.................................................    11
  Prepared Statement.............................................    13
Mr. Joe Onek, Senior Policy Analyst, Open Society Institute:
  Oral Statement.................................................    18
  Prepared Statement.............................................    18

                             For the Record

Prepared Statement of the Honorable Sheila Jackson-Lee, a 
  Representative in Congress From the State of Texas.............    40


               USING OPEN-SOURCE INFORMATION EFFECTIVELY

                              ----------                              


                         Tuesday, June 21, 2005

                  House of Representatives,
                    Committee on Homeland Security,
                  Subcommittee on Intelligence, Information
                    Sharing, and Terrorism Risk Assessment,
                                                    Washington, DC.
    The subcommittee met, pursuant to call, at 10:10 a.m., in 
Room 210, Cannon House Office Building, Hon. Rob Simmons 
[chairman of the subcommittee] presiding.
    Present: Representatives Simmons, Cox, Weldon, Lungren, 
Pearce, Dent, Thompson, Lofgren, Sanchez, Harman, Jackson Lee, 
Etheridge, Langevin, and Meek.
    Mr. Simmons. [Presiding.] The Subcommittee on Intelligence, 
Information Sharing, and Terrorism Risk Assessment of the 
Committee on Homeland Security will come to order.
    Today, the subcommittee meets to examine how open-source 
information can most effectively be used to help strengthen the 
Department of Homeland Security's information analysis and 
intelligence production responsibilities.
    Open-source information, by its very nature, is 
unclassified, publicly available information that any member of 
the public can lawfully obtain. Open-source information may be 
used in an unclassified context without compromising national 
security or intelligence sources and methods, thereby lending 
itself to the Department of Homeland Security's mission to 
share information with state, local and tribal governments and 
private sector personnel, many of whom do not hold security 
clearances.
    Open-source intelligence, or OSINT, is produced from open-
source information, can help to inform the Department of 
Homeland Security's partners and customers. For example, DHS on 
a daily basis produces the open-source infrastructure report to 
critical infrastructure owners and operators. And while this 
report is limited in scope and sources, it is an effective way 
to help ensure that critical partners on the same page with 
regard to threat and vulnerability information.
    I believe that the Department of Homeland Security and the 
U.S. government need to do more to create open-source products 
and integrate open-source information into the DHS analytical 
product. Both the 9/11 Commission and the WMD Commission 
recognized this in their reports, and each recommended that 
more be done with open sources.
    Open-source information can be the critical foundation for 
the all-source intelligence product, a key to ensuring that our 
intelligence efforts are well-targeted and our intelligence 
analysis is well-informed across the board.
    In a rapidly changing post-9/11 world, intelligence 
collection and analysis must be flexible enough to respond 
quickly to meet the demands of intelligence users. Open-source 
material is collected and reported continuously around the 
world. It is current and readily available. A comprehensive 
open-source capability provides the tools to find that 
information quickly and cheaply in a format that is 
unclassified and easily shared. This can be an important tool 
in defending the homeland.
    We are pleased to have with us today three witnesses.
    The first is Dr. John Gannon, who currently serves as vice 
president for Global Analysis at BAE Systems, Information 
Technology. Dr. Gannon joined BAE Systems after serving as 
Staff Director of the House Homeland Security Committee.
    In 2002-2003, he was a team leader in the White House 
Transitional Planning Office for the Department of Homeland 
Security and previously served in the senior most analytical 
positions in the intelligence community, including chairman of 
the National Intelligence Council and assistant director of 
Central Intelligence for Analysis and Production.
    Last year, President Bush awarded him the national security 
medal, the country's highest intelligence award.
    Welcome, Dr. Gannon.
    Our second witness is Mr. Eliot Jardines, president of Open 
Source Publishing, Incorporated and former publisher of Open 
Source Quarterly, a professional journal for open-source 
intelligence practitioners. Internationally recognized as an 
authority on open-source intelligence, he has twice received 
the Golden Candle award for open-source excellence at open 
source symposiums.
    Our third witness is Mr. Joe Onek, a security policy 
analyst at the Open Society Policy Center. In this capacity, he 
provides counsel on issues of civil liberties and 
constitutional law. Mr. Onek first joined the government as a 
clerk to Chief Judge David L. Bazelton, of the District of 
Columbia circuit, and Supreme Court Justice, William J. 
Brennan.
    In the Carter administration, he served as a member of the 
White House Domestic Policy staff and then as Deputy Counsel to 
the President. In the Clinton administration, he served as 
Principal Deputy Associate Attorney General and Senior 
Coordinator for Rule of Law in the State Department.
    In the public interest world, he serves as an attorney and 
then director of the Center for Law and Social Policy and is a 
senior counsel and director of the Liberty and Security 
Initiative and the Constitution Project.
    I want to thank all three of our witnesses for being here 
today. We look forward to your testimony.
    And at this point now I would like to recognize the ranking 
member of the subcommittee, the gentlewoman from California, 
Ms. Lofgren, for any statement she might wish to make.
    Ms. Lofgren. Thank you, Mr. Chairman. I will be brief and 
submit my full statement for the record.
    I do look forward to Mr. Negroponte's impending report on 
whether or not an open-source intelligence center or some other 
approach is the best way to ensure that open-source information 
is effectively leveraged by our intelligence agencies. And I do 
believe and agree that this hearing is important today to focus 
in on that issue.
    Information sharing, as we know, is key to our efforts to 
protect America from terrorism, but while open-source 
information will undoubtedly contribute to our overall 
objective of promoting effective information sharing, I believe 
that this subcommittee must also consider the civil liberties 
and privacy implications of this and other new intelligence 
resources.
    As Mr. Onek has noted in his prepared testimony, it seems 
likely that the intelligence community will use data mining of 
open-source materials in order to target terrorists who may be 
living and working among us, and that does raise issues 
relative to privacy, to profiling, and whenever there is 
profiling, there is the risk of actually missing terrorists 
because the terrorists know probably better than we do what 
profile to adopt to avoid being identified.
    So I look forward to the testimony of all three of the 
individuals, and, specifically, as we move forward, I am eager 
to work with you in making sure that while we protect our 
nation from terrorism, we also protect our citizens from Big 
Brother.
    And I yield back.
    Mr. Simmons. I thank the gentlelady for her opening 
statement.
    I note that the chairman of the full committee has just 
arrived, and I would be happy to yield time to the chairman.
    Mr. Cox. Thank you, Mr. Chairman.
    I would like to welcome our witnesses and look forward to 
hearing their testimony.
    I want to thank you for holding this hearing on this topic.
    It is rather obvious that we should be using all of the 
open-source information that we can get. It is not obvious how 
to go about that or the degree to which the way that we have 
approached this over a period of years has kept up with or has 
not kept up with the pace of change in the production of 
information. There simply is more information now available 
than ever before, and what to do with it and how to harness it 
and how not to overlook the obvious become key questions.
    Giving the American taxpayer value for money obviously 
requires using information from open source whenever possible, 
but the new idea here is simply to ask the question whether the 
United States government is effectively using the information 
that is most available to help solve the national security 
problems that are the most pressing.
    We have a large government structure that was erected 
during the Cold War. We are trying constantly to keep it 
updated, but how much, this hearing is asking, how much of what 
we have got by way of existing infrastructure is left over from 
those different priorities and that different world, and how 
much has changed, how much have we changed already to make sure 
that we are tapping all of the resources that are available to 
us?
    I would not be the first Californian to observe that gold 
is gold, whether it is found lying in a streambed or in 
sweltering heat deep beneath the surface of the earth. It would 
in fact be a real stretch to suggest that with respect to 
certain whole fields of studies, such as risk assessment or 
microeconomics, which homeland security is very much concerned 
with these days if the U.S. government could even compete with 
private sector expertise and outside sources in terms of either 
quality or currency. That kind of information is critically 
important to meeting the mission of the Department of Homeland 
Security, particularly its Directorate of Information Analysis 
and Infrastructure Protection.
    It would be equally absurd to suggest in noting its 
historic underappreciation that open-source information is a 
panacea, that it should be segregated from information acquired 
from clandestine sources in a separate entity or agency 
dedicated solely to its collection analysis, a sort of Federal 
Bureau of Found Objects. That is exactly the sort of 
intelligent-specific balkanization that the Homeland Security 
Act seeks to remedy by requiring the IAIP directorate to 
generate comprehensive analysis of terrorist threats and U.S. 
vulnerabilities in order to produce overall risk assessment.
    The key is to bring all the available information, 
regardless of its origin or source, together for comprehensive 
and expert analysis and then of course to get that information 
to people who need it in real time so that we can act upon it. 
That was the ultimate lesson of September 11.
    I want to add that it is a particular pleasure today to 
welcome back John Gannon to the committee, our former Staff 
Director who worked so hard for 2 years to create what is now 
this Permanent Standing Committee on Homeland Security. I look 
forward to his perspectives, as I always have, as well as to 
the testimony of our other witnesses.
    Again, Mr. Chairman, thank you very much for scheduling 
this important hearing.
    Mr. Simmons. Thank you, Mr. Chairman, and for taking time 
at what I know is a very busy time for you.
    The Chair now recognizes the Ranking Member of the full 
committee, the gentleman from Mississippi, Mr. Thompson, for 
any statement or comments he might wish to make.
    Mr. Thompson. Thank you very much, Mr. Chairman, Ranking 
Member, Chair of the full committee.
    Dr. Gannon, glad to see you. There is life after Capitol 
Hill.
    [Laughter.]
    The other witnesses, we are glad to see you too.
    I am glad that we are holding a hearing on the critical 
issue of open-source information and how the intelligence 
community can best leverage it in the fight against terrorism. 
Open-source information, when properly assembled and analyzed, 
can provide some of the most strategic, tactical and 
operational data imaginable in order to obtain an ever-
evolving, near real-time picture of terrorists' plans.
    The 9/11 Commission, the Intelligence Reform Act, the WMD 
report and our committee's own past authorization bill all can 
develop effective open-source information initiatives. I look 
forward to the release of the report from the Director of 
National Intelligence about whether our nation needs an open-
source intelligence center to centralize and coordinate the use 
of open-source information by the intelligence community.
    That said, I am very concerned about the implication that 
the mining of open-source information will have for civil 
liberties and privacy. Emerging technologies are giving both 
the government and the private sector increasing precise ways 
of harvest very specific information. Not all of this 
information is about foreign governments and terrorist groups. 
Some of it is about ordinary people, like you and me. Our 
government cannot take a casual approach to open-source 
gathering.
    In an effort to create a homeland security strategy that 
protects and strengthens our freedoms, our government cannot 
become an entity that whimsically violates our constitutional 
liberties and freedoms through surveillance and data mining 
that trace our every action and utterance.
    Let me say that as a young college student in the sixties, 
I was one of those individuals that got a file created because 
I attended a speech given by Martin Luther King, Jr., and I am 
very concerned about the fact that I was generated and 
considered something other than a patriot by hearing a speech 
from Dr. King.
    Open-source information is a resource that must be tapped 
to bolster the security of our nation. Information sharing is 
absolutely necessary to the defense of our nation. The mining 
of open-source information offers exciting possibilities to 
protect us from terrorists, but it also raises real risks.
    I look forward to the testimony of our panelists today so 
that we can establish for this committee a formal policy on 
open-source information.
    I yield back.
    Mr. Simmons. Thank you, Mr. Thompson, for that statement 
and very much appreciate your perspectives on this important 
issue.
    Other members of the committee are reminded that they can 
submit opening statements for the record.
    And, again, we are pleased to have a distinguished panel of 
three gentlemen before us here today.
    Let me remind the witnesses that their entire written 
statement will appear in the record, and we would ask that you 
try to limit your oral testimony to no more than 5 minutes. 
There will be a clock in front of you there. In that way, we 
can guarantee that members will have maximum opportunity to ask 
questions and engage in a dialogue.
    That being said, the Chair now recognizes Dr. Gannon for 
his testimony.

 STATEMENT OF JOHN GANNON, VICE PRESIDENT FOR GLOBAL ANALYSIS, 
              BAE SYSTEMS, INFORMATION TECHNOLOGY

    Dr. Gannon. Mr. Chairman, it is a particular pleasure to be 
back here, and I would like to take the opportunity right off 
the bat to congratulate this full committee for its work in 
passing an authorization bill, I know what an achievement that 
is, and also for passing the first responder bill. I think a 
demonstration of how constructive this committee has been and 
how bipartisan, really, the approach has been to these critical 
national security problems.
    I did submit a statement for the record, and I will very 
quickly just summarize the five points that I made there. And, 
really, these points come out of my own career in intelligence 
over an almost 25-year period.
    The first point I make is that the intelligence community's 
interest in open source goes back, I think, to the very 
beginning to the community itself. As an analyst, I often 
consulted with outside experts. We had, as many of you know, 
the Foreign Broadcast Information Service, which provided us 
with daily press and media reports and also translations of 
those reports and did a fabulous job over my career in 
supporting our analysis.
    Those were the days, of course, when we were dealing 
primarily with a single strategic threat from the Soviet Union, 
very much a closed society where it was very difficult to find 
value added in open source, but I think we did a commendable 
job of it.
    One point I would emphasize, however, about that era, 
really sort of prior to the mid-1980s, was that we were 
dealing, I think, in a very different environment where the 
expertise and the information was pulling from the outside into 
the community. We really did see ourselves in the community as 
the center of gravity on information and expertise. So I have 
described the open source as kind of a frosting on our cake.
    Things changed dramatically, really a major paradigm shift, 
in the mid-1980s, and I had the responsibility of bringing the 
first computers into the Office of European Analysis in the 
mid-1980s--five Delta DATAS. I mean, just to demonstrate how 
the world has changed, those five computers were put up in 
offices where analysts linked to specialists who handled them. 
The analysts did not have them at their own desks.
    It used to take me in that period about 14 days to get a 
newspaper from the Caribbean and Latin America where I was 
covering, and policymakers were quite willing to wait for me to 
finish my analysis and fulfill the very large information gaps 
with my judgments and my expertise.
    Three issues I think changed dramatically the environment 
in which we worked in the community. First of all, was of 
course the information revolution itself where in a period of a 
very few years we had computers at every analysts' desk, and 
the analysts became quite adept, particularly the new entrants 
of that labor force, in dealing with the computer information 
technology world.
    I talked about taking 14 days to get a newspaper to me when 
I started as an analyst. Today, every newspaper virtually in 
the world is available to every analyst in the intelligence 
community before the people in the country in which the 
newspaper is produced get up and read it. We have gone from an 
information scarcity environment to an information glut 
environment, and the community has struggled to manage that 
glut through the development, first of all, by using technology 
developed, analytic tools and software that enable us to make 
sense of all that information.
    But also we had the geopolitical change with the collapse 
of the Soviet Union, which brought again from an environment of 
a single strategic threat to multiple threats, multiple 
conflicts, issues where open source was essential for us to 
understand that range and complexity involved in those issues. 
And that challenge continues today.
    And, finally, the homeland security challenge of more 
recent years brought not only a whole range of new issues for 
us to deal with where open source is a critical contributor but 
also brought us a whole new set of customers in the state and 
local governments and the private sector, people who need to 
have some form of intelligence support to do the frontline work 
or undertake the frontline responsibilities that we say they 
have.
    We did in the 1980s have an organization called the 
Intelligence Community Open Source Program Office, and what I 
would point out about this is I think perhaps there are 
different judgments about the success or failure of that 
office, but I think, to one degree, it failed to adequately 
recognize the overwhelming nature of the information change 
that had taken place.
    COSPO I think treated open source as another INT. It 
treated open source as it treated signals intelligence, 
measurement and signature intelligence, human intelligence, as 
one more INT when in fact we had seen a dramatic shift in the 
whole center of gravity of information and expertise outside 
the intelligence community into the open source world. So what 
COSPO, I think, was doing, as I saw it, was trying to take the 
ocean and putting in a swimming pool.
    We were challenged in the intelligence community to face 
the fact that on the issues that we were dealing with, from the 
collapse of the Soviet Union onward, were issues where the 
expertise to deal with them and a lot of the information to 
deal with them was outside the intelligence community, and we 
need multiform strategies to deal with that, including the use 
of technology and also getting our analysts, frankly, to move 
outside the community, engage with experts who have expertise 
and information in their heads, which really never gets 
translated into collection systems.
    The third critical point I would make is that we discovered 
with more and more use of technology to help us deal with the 
information flow, that expertise of our analysts actually 
became more important. When you are dealing with a flood of 
information, having people who really know the issues, who can 
extract information or interpret information and analyze it, 
you are required to have more and more senior people how really 
do know the issues.
    And I will tell you, as I went down to a principals meeting 
to deal with some of these complex issues in the White House, 
at the end of the day, whatever technology had been brought to 
bear on our aggregating and analyzing information, I wanted a 
human being who knew what he or she was talking about. It is, 
in the end, I think about people.
    The fourth point I would make is about structure. I do not 
think there is any quarrel here or anywhere really in the 
community about the importance of open-source information and 
about the fact that the intelligence community is behind the 
curve and has been for some time in exploiting open-source 
information.
    But how we structure a solution I think is a matter of 
debate, and from my own experience I am clearly on the side of 
opposition to new structures, particularly open source 
directorates, and I am much more in favor of a distributed 
model that puts technology in the hands of all analysts so that 
they can use open-source information. Whether a signals 
intelligence analyst, a human intelligence analyst, they all 
need open source, so you cannot separate it out as a separate 
discipline, in my judgment.
    So I think we have to pursue an aggressive approach, 
bringing technology to bear for the benefit of analysis but not 
structured in a way that separates open source from the clear 
need to integrate open source with classified information.
    And the final point I would make is I think from the days 
of the Transition Planning Office and the incorporation, I 
think, of a lot of the original discussions into the Homeland 
Security Act, it was recognized that the Homeland Security 
Department would be uniquely positioned to be a broker of 
information on critical issues with regard to homeland 
security. The biothreat, for example, the Homeland Security 
Department would be in touch with HHS, it would be in touch 
with John's Hopkins University, University of Pittsburgh, 
Stanford, places that have repositories of real expertise in 
bioscience and the biothreat and would be better positioned 
than in fact an intelligence agency would to bring that 
expertise together, to be the go-to agency for the U.S. 
government.
    But I would also emphasize, and my own conviction is that, 
the Department of Homeland Security, while it has a particular 
role to play in the open-source area, it must have, I think, a 
fully capable and robust intelligence unit that has full access 
to the intelligence community and is a full player in that 
community.
    [The statement of Dr. Gannon follows:]

                Prepared Statement of Dr. John C. Gannon

    Good morning, Mr. Chairman, and members of the subcommittee. It is 
a special pleasure for me to participate in this hearing with members 
and staff with whom I was privileged to work closely in the recent 
past, and to discuss intelligence issues, with which I have been 
involved for most of my professional life. The subject of this hearing, 
the effective use of open-source information, is a priority issue today 
not just for homeland security but for the whole intelligence and law-
enforcement communities.
    Intelligence and law-enforcement officers must do their best to 
present a complete picture, to integrate classified and unclassified 
information in the story they tell. Open-source information is today 
more important than ever in getting that story right. The Department of 
Homeland Security, in my view, should play a pivotal role in brokering 
open-source information and in leveraging expertise outside the IC. 
But, to do this effectively, it also must be a key player in the 
classified world. In today's intelligence business, you cannot have one 
without the other. Intelligence should identify and fill critical gaps 
that cannot be addressed by open sources.

                Let me summarize the five points I will make this 
                morning:
        1. Open-source exploitation in the IC is as old as the 
        Community itself. We have always sought open-source information 
        and selective engagement with outside experts to deepen our 
        analysis and to drive collection priorities. The Foreign 
        Broadcast Information Bureau (FBIS) provided excellent coverage 
        of foreign media during my career. For most of the Cold War 
        period, however, much of our focus was on the closed societies 
        of the Soviet Union, in which there was a scarcity of reliable 
        or useful open-source material to be had. And our open-source 
        effort was directed toward bringing unclassified information 
        into our classified environment, which was the center of our 
        analytic universe.

        2. The open-source challenge has increased exponentially over 
        the past twenty years for at least three key reasons. First, 
        the revolution in information technology has transformed the 
        world of both the intelligence analyst and consumer from an 
        information-scarcity environment to an information-glut 
        environment. Second, the post-Soviet geopolitical 
        transformation and the technology revolution have opened closed 
        societies and introduced new, complex regional and 
        transnational issues that more often than not require--as a top 
        priority--heavy doses of real-time open-source information. 
        And, finally, the emergence of homeland security as a national 
        priority has introduced new analytic issues, new collection 
        targets, and a whole set of new intelligence consumers among 
        state and local governments and the private sector.

        By contrast with the Cold War period, the center of gravity for 
        expertise on many of these issues is outside the IC. We need 
        new strategies to get this information, including state-of-the-
        art analytic tools and far-sighted policies that encourage our 
        analysts to get away from their desks to engage with outside 
        experts. Today, this is all a work in progress.

        3. The information revolution, paradoxically, has increased the 
        demand for expert analysts in the IC. Technology is an 
        indispensable enabler for the IC analyst inundated with 
        information. But it is no substitute for human expertise. It 
        takes IC experts to extract the best data from today's fast-
        moving information flow and to identify the sharpest outside 
        experts for consultation. This is a dynamic process, which aims 
        to get the President, his top advisers, and the Congress the 
        best answer possible information on any national security 
        question--by uniting technology and brainpower and by 
        integrating classified and unclassified information.

        4. I believe that the creation of new, large open-source IC 
        structures, such as an open-source directorate at CIA or any 
        other agency including DHS, would be a step in the wrong 
        direction. The challenge for all our analysts today is to 
        integrate, as never before, the classified and unclassified 
        environments. All-source analysts and single-INT analysts 
        (e.g., human intelligence, geospatial intelligence, signals-
        intelligence, measurement-and-signature intelligence analysts, 
        etc.) all need open-source information to make their 
        contributions to the story being told and to understand where 
        there are collection gaps that they might be able to fill.

        OPINT (open-source) analysts, who increasingly staff IC 
        operations centers and selective substantive teams, are skilled 
        technically to exploit open sources. They serve the cause of 
        integration, not of division between classified and 
        unclassified information. An open-source directorate, in my 
        view, would likely complicate this needed integration and 
        further strain resources already stretched by excessive 
        structure in the IC.

        5. The Information Analysis (IA) component of DHS serves a 
        Secretary with major responsibilities for prevention of 
        terrorism against the homeland, for protection of our critical 
        infrastructure, and for ensuring that we are able to respond 
        effectively if an attack should occur. The Secretary of 
        Homeland Security, as I (and the Homeland Security Act of 2002) 
        see him, is a key player on the President's national security 
        team, who is uniquely positioned by be an invaluable open-
        source collector but still needs a fully capable intelligence 
        unit to address his critical priorities and to levy his 
        sensitive collection requirements on the IC. There should be, 
        in my opinion, a direct relationship between the 
        responsibilities assigned to the Secretary and the quality of 
        the intelligence organization dedicated to support him.

          This should not require a bureaucratic empire. Senior 
        expertise on homeland issues is far more important than the 
        numbers of intelligence analysts in DHS. But IA must be able to 
        compete in hiring such senior officers. I believe that IA could 
        be effective as a relatively small intelligence unit if it has 
        effective outreach within the IC, across the USG, and beyond to 
        the first-responder community. But it must have adequate 
        facilities and infrastructure and full connectivity with other 
        IC agencies. IA, in short, must be a recognized and respected 
        player in the classified domain. IA must be seen an equal 
        partner with the other fourteen members of the IC. It must have 
        the resources and authorities to play this role. Anything less 
        will perpetuate the unsatisfactory situation we face today.

Critical Importance of Open Source
    Open-source information today is indispensable to the production of 
authoritative IC analysis. It increasingly contains the best 
information to answer some of the most important questions posed to the 
IC. Media reports, once the open-source mother lode, are now are just a 
small portion of the take, which comprises a vast array of documents 
and reports publicly retrievable but often difficult to find in today's 
high-volume, high-speed information flow. Open sources provide vital 
information for the policymaker, who today is much better informed than 
in the past because of his or her easy and timely access to 
information, which, in turn, strengthens a firm demand for ``on-time'' 
delivery of analysis. Accessing, collecting, and analyzing open-source 
information, in short, is a multifaceted challenge that can only be met 
with a multi-front response or strategy that engages both people and 
technology in innovative ways.
    During the Cold War, covering the globe for the IC was largely a 
Soviet-centric enterprise. The Soviet Union was the single-strategic 
threat we faced. Today, global coverage entails the responsibility to 
assess diverse, complex, and dispersed threats around the world. In 
addition to traditional intelligence concerns--such as the future of 
Russia and China; international terrorism, narcotics, and proliferation 
of weapons of mass effect; and political turmoil in Indonesia or civil 
conflicts in Africa--the new environment features many nontraditional 
missions. The IC now provides intelligence about peacekeeping 
operations, humanitarian assistance, sanctions monitoring, information 
warfare, and threats to our space systems. Many of these missions are 
operationally focused, requiring growing proportions of the analytic 
and collection work force to function in an ad hoc crisis mode.
    Clandestinely derived intelligence is as valuable as ever, but, in 
my recent experience, open source information now dominates the 
universe of the intelligence analyst, a fact that is unlikely to change 
for the foreseeable future. The revolution in information technology 
and telecommunications has fundamentally transformed the globe that the 
IC covers, the services that it provides to consumers, and the 
workplace in which its people function. While it is as important as 
ever to protect our sensitive sources and methods, it is more important 
than in the past to integrate the best information from all sources--
including unclassified--into IC analysis.

         Information abounds. Twenty years ago, current and 
        reliable information on the Soviet Union, Central Asia, and 
        other corners of the world was scarce, foreign newspapers took 
        weeks to arrive at an analyst's desk, and policymakers were 
        willing to wait days or even weeks for a paper on their issues. 
        Today, the information is here and now in abundance, 
        policymakers want it in real time, and intelligence 
        requirements are much sharper and more time sensitive. The 
        Washington-based analyst can send a message and get a response 
        from a post in a remote country faster than it used to take to 
        exchange notes by pneumatic tube with counterparts in the same 
        IC building. Technology may make our jobs easier, but it does 
        not feel that way. We are all working much harder.

         Governments are losing control. Governments have less 
        and less capacity to control information flows. International 
        terrorists, narcotraffickers, organized crime groups, and 
        weapons proliferators are taking advantage of the new 
        technologies, bypassing governments or seeking to undermine 
        them when governments try to block their illegal activities. As 
        al-Qa'ida demonstrated in planning 9/11, tech-savvy terrorists 
        are adept at exploiting our technology for their nefarious 
        purposes. Non-state actors are likely to be using laptop 
        computers, establishing their own Web sites, and using 
        sophisticated encryption. In the years ahead, these enhanced 
        capabilities will raise the profile of transnational issues 
        that are already high on the IC agenda. In this environment, 
        open-source information will continue to be essential to our 
        understanding of these groups and how they operate.

Solutions
    Technology is a major part of the answer to the magnitude of the 
open-source challenge, but it is no substitute for the other essential 
component: skilled people. The IC must provide the analytic tools 
needed to assess and exploit the vast amount of information available, 
and it must invest more in people, whose expertise is crucial for 
prioritizing, interpreting, and analyzing this information. The greater 
the volume of information to assess, the stronger must be the expertise 
to evaluate it. In this context, DHS, as a top priority, must recruit 
and retain the necessary in-house expertise and develop the external 
partnerships to speak authoritatively on threats to the homeland--as 
the Homeland Security Act of 2002 requires of it.
    Today, cognitive analytic tools are continuously under development 
in both the private sector and the government to facilitate management 
of the information glut, enhancing the IC's ability to filter, search 
and prioritize potentially overwhelming volumes of information. These 
tools do not discriminate between classified and unclassified 
information. They help the analyst to draw the best information from 
all sources into an integrated, high-quality analytic product.

                 Clustering lets analysts exploit the most 
                useful data sets first, as well as to recognize 
                meaningful patterns and relationships, thereby helping 
                the IC perform its warning function.
                 Link Analysis helps to establish relationships 
                between a known problem and known actors and to detect 
                patterns of activities that warrant particular 
                attention.
                 Time-series analysis can enable analysts to 
                track actions over time so that unusual patterns of 
                activity can be identified.
                 Visualization and Animation allow analysts and 
                consumers to see extensive and complex data laid out in 
                dynamic and easily understandable formats and models.
                 Automated database population is designed to 
                free analysts from the tedious and time-consuming 
                function of manually inputting information into 
                databases, reducing the potential for errors and 
                inconsistencies.
    One of the strongest and most consistent demands from IC analysts 
is ability to search and exploit both classified and unclassified 
information from a single workstation. The Community is making progress 
on this. It also is developing better ways to standardize information 
and tag it using metadata--or reference information--to make it easier 
to search, structure, and enter information into data bases.
    Geospatial intelligence provides an excellent example of how 
today's skilled analysts--the same analysts in one place or on one 
team--are routinely integrating both classified and unclassified 
information in their path-breaking work. They take high-quality 
orthorectified (three dimensional to scale) imagery and superimpose on 
it both classified intelligence and vital unclassified information, 
which creates a complete picture of a terrain, site, facility, or 
densely populated urban area. Such an integrated picture is 
operationally useful as well as informative for all consumers.
    A good example of the all-source analytic process is the National 
Intelligence Council's Global Trends 2015 project of 2001 and its 
follow-up this year, Mapping the Global Future, which resulted from 
months of close collaboration between IC analysts and experts from the 
USG, academia, and the private sector. The disposition of outside 
experts to collaborate with the IC has never been greater. This 
collaboration or integration of effort should be encouraged as a model 
for dealing with the complex issues on today's intelligence agenda. The 
goal, again, is to deliver the best product from all sources.

IA's Future
    The US Intelligence Community today is much more than an espionage 
service. It constitutes the world's biggest and most powerful 
information-based business, collecting and analyzing both clandestinely 
derived and open-source information. To do its job well, the IC should 
be on the leading edge of open-source exploitation so that it will have 
the best information to inform its analysis and so that it can 
surgically target our clandestine collection systems on critical 
information gaps. The IC's comparative advantage over other 
information-based enterprises is that its clandestine collection has 
the potential to add significant value to all source-analysis--to the 
benefit of US National Security.
    To function effectively as a member of today's IC, an agency must 
play fully in both the classified and unclassified arenas. This is not 
a numbers game. It is about having adequate facilities, infrastructure, 
analytic expertise, IC connectivity, and authority to fully support the 
agency's mission. The Department of Homeland Security has a vital 
mission to protect America. It should have its own intelligence 
organization capable of supporting that mission.

    Mr. Simmons. Thank you very much, Dr. Gannon.
    Now, the Chair recognizes Mr. Jardines.

STATEMENT OF ELIOT JARDINES, PRESIDENT, OPEN SOURCE PUBLISHING, 
                              INC.

    Mr. Jardines. Good morning, Chairman Simmons, Congresswoman 
Lofgren, members of the subcommittee. I thank you for the 
opportunity to participate in this hearing.
    I am Eliot Jardines, president of Open Source Publishing, a 
private firm that does open source exploitation support for the 
U.S. government.
    Over the past 14 years, my career as an open-source 
intelligence practitioner has provided me with an opportunity 
to understand the significant contributions which the open-
source intelligence discipline, or OSINT, can bring to the 
Department of Homeland Security.
    From Peal Harbor to the September 11 terrorist attacks, 
intelligence failures have largely resulted not from a lack of 
information but rather from an inability to disseminate that 
information effectively.
    In looking at the nature of the first responder community, 
it is apparent that timeliness and flexibility of open-source 
intelligence is particularly useful. Due to its unclassified 
nature, OSINT can be shared extensively without compromising 
national security.
    Not only can these OSINT products be disseminated to 
inspectors at a port of entry, they can also be provided to 
state and local law enforcement. In fact, OSINT products could 
be disseminated to the full complement of first responders, 
such as fire fighters, EMTs, university police departments, 
hospitals and even private security firms.
    Intelligence support to the homeland security community 
below the federal level is largely non-existent due to 
classification issues. The way I see it, either we provide top-
secret security clearances to all chiefs of police, fire chiefs 
and sheriffs in the country or we provide them with some means 
of gaining access to open-source information.
    In the event, God forbid, of another terrorist attack, it 
is these local responders who will be called upon to put their 
lives on the line. Do we not owe it to them to at least provide 
them some form of intelligence support?
    How do we go about providing this support? First of all, 
OSINT must be effectively incorporated into the DHS all-source 
analysis process. This can only be achieved by changing the 
prevailing mindset that classification is a measure of quality. 
The highly classified intelligence report is no better or more 
important than one of lower classification. Its classification 
is only indicative of the degree of damage done to national 
security should sources and methods be compromised.
    Secondly, we must establish OSINT as an equal partner with 
the traditional intelligence discipline. This is achieved by 
providing the infrastructure necessary to acquire, process, 
analyze and disseminate open-source intelligence. It is 
essential that a formalized means exists for the exploitation 
of OSINT.
    The third recommendation is to develop a cadre of highly 
skilled open-source analysts and library professionals to 
provide tailored open-source intelligence support at DHS.
    Fourthly, in order to effectively incorporate OSINT into 
the DHS analytical process, we must redefine that process. The 
traditional linear intelligence cycle is more a manifestation 
of bureaucratic structure than a description of the open-source 
exploitation process.
    In its recent book entitled, ``Intelligence Analysis: A 
Target-centric Approach,'' Dr. Robert Clark proposes a more 
target-centric, iterative and collaborative approach which 
would be far more effective than our current traditional 
intelligence cycle.
    Lastly, OSINT should establish a streamlined contracting 
process to enable cost-effective outsourcing of OSINT 
requirements and commercial content procurement.
    The effective dissemination of open-source intelligence by 
DHS is also essential to our national security. One 
recommendation is to provide all DHS entities with access to 
the Open-Source Information System, or OSIS. Operating at the 
``for official use only'' level, OSIS has provided the 
intelligence community with access to open-source analytical 
products and commercial content since 1994. Rather than 
reinventing the wheel with a separate system, DHS should be 
encouraged to use this network and explore the possibility of 
OSIS accounts for all police and fire chiefs.
    I understand the subcommittee has particular interest in 
examining whether the Department should establish its own open-
source intelligence agency. Both the 9/11 Commission and the 
Weapons of Mass Destruction Commission have recommended that 
the Director of National Intelligence consider establishing an 
OSINT agency or center. I believe it would be a mistake for DHS 
to rely solely on a DNI center to fulfill its OSINT 
requirements. DHS should establish its own OSINT agency or 
center to ensure that its unique needs are met.
    In summation, I believe open-source exploitation can 
provide timely, accurate and actionable intelligence for the 
Department of Homeland Security, most importantly, at minimal 
cost.
    Thank you.
    [The statement of Mr. Jardines follows:]

                Prepared Statement of Eliot A. Jardines

    Chairman Simmons, Congresswoman Lofgren, and members of the 
Subcommittee, I thank you for the opportunity to participate in this 
hearing. I am Eliot Jardines, President of Open Source Publishing, 
Incorporated, a private firm which specializes in providing open source 
intelligence support to the US military, the intelligence community and 
federal law enforcement. Open Source Publishing has provided open 
source exploitation, analysis and training for federal agencies since 
its inception in 1996.
    Over the past fourteen years, my career as an open source 
intelligence practitioner and educator has provided me with an 
opportunity to understand the significant contributions which the open 
source intelligence discipline, or OSINT, can bring to the all-source 
intelligence analysis process. With that said, I am also keenly aware 
of the limitations of this discipline which should not be viewed as a 
panacea, but rather a highly effective component of the intelligence 
toolkit.

The Value of OSINT for Homeland Security
    From Peal Harbor to the September 11th terrorist attacks, 
intelligence failures have largely resulted not from a lack of 
information, but rather the inability to effectively disseminate that 
information or intelligence. In looking at the nature of the homeland 
security and first responder communities, it is apparent that open 
source intelligence is particularly useful. Due to its unclassified 
nature, OSINT can be shared extensively without compromising national 
security.
    The flexibility and timeliness of open source intelligence is 
particularly salient for the Department of Homeland Security because it 
provides a means by which critical intelligence can be acquired and 
disseminated without the encumbrances imposed by classification. As an 
example, during the mid-1990s I was a member of a team which conducted 
an assessment of how the US Customs Service collected, analyzed and 
disseminated intelligence. We soon discovered that it was incredibly 
difficult to disseminate classified information to the tactical level.
    Highly classified messages or analytical products underwent a 
sanitation process which tended to remove important details. The end 
result was intelligence reports which were too general or broad to be 
of much use. An attempt to disseminate highly classified documents down 
to the port of entry level, resulted in the discovery that few if any 
personnel at that level had the requisite clearances. In other 
instances, the necessary security infrastructure was unavailable. In 
one memorable instance, we discovered that a port of entry was able to 
receive classified faxes, but did not have approved facilities for 
storage of classified data. The net result was that the classified fax 
was generally left off. In the rare instances classified faxes were 
received, they were promptly shredded as no approved means of 
classified storage was available. With that said, the Customs Service, 
now the Bureau of Customs and Border Protection, has made dramatic 
improvements regarding disseminating intelligence. The CPB's Office of 
Intelligence under the leadership of Roy Surrett, has in many ways set 
the standard for responsive intelligence support.
    However, given the largely unclassified nature of open source 
intelligence products, the aforementioned issues of clearances and 
security infrastructure are irrelevant. Not only can these OSINT 
products be disseminated to inspectors at a port of entry, they can 
also be provided to state and local law enforcement. In fact, OSINT 
products could be disseminated to the full compliment of first 
responders such as firefighters, EMTs, university police departments, 
hospitals and private security firms. Consider for a moment what a 
paradigm shift that would represent.
    Intelligence community support to the homeland security community 
below the federal level is largely non-existent due to classification 
issues. The way I see it, either we provide Top Secret security 
clearances and the necessary communications and storage capabilities 
for every single chief of police, sheriff and fire chief in the 
country, or we invest a far smaller amount to establish a robust OSINT 
capability. In the event, God-forbid, of another terrorist attack upon 
the homeland, it will be the local first responders who will be called 
upon to put their lives on the line. Do we not owe it to them to at 
least provide some intelligence support?

Integrating OSINT into the DHS analytical process
    How then, do we go about providing this open source intelligence 
support? First of all, OSINT must be effectively incorporated into the 
DHS all-source analysis process. This can only be achieved by changing 
the prevailing mindset that classification is a measure of quality. A 
highly classified intelligence report is no better or more important 
than one of lower classification, it is only indicative of the degree 
of damage done to national security should its inherent sources and 
methods be compromised.
    Secondly, we must establish OSINT as an equal partner with human 
intelligence (HUMINT), signals intelligence (SIGINT), imagery 
intelligence (IMINT) and measurement and signatures intelligence 
(MASINT). This is achieved by providing the infrastructure necessary to 
acquire, process, analyze and disseminate open source intelligence. It 
is essential that a formalized means exist for the exploitation of 
OSINT. Of particular importance is the establishment of an open source 
intelligence requirements management system. Having a requirements 
management system in place would allow DHS to identify its standing and 
ad hoc intelligence collection requirements, as well as what entity or 
activity would be responsible for fulfilling those needs.
    For too long, open source exploitation has been delegated as merely 
an additional duty for intelligence analysts. This is simply a 
ridiculous notion. No one would seriously propose that intelligence 
analysts be required to collect their own signals or imagery 
intelligence. However, that is precisely what we do with open source 
intelligence. The third recommendation for effective integration of 
OSINT, is to develop a cadre of highly skilled open source analysts and 
library professionals to work along side traditional intelligence 
analysts in order to provide tailored OSINT support to the DHS 
analytical process. Likewise, these analysts could fulfill an analyst 
helpdesk function fulfilling ad hoc requirements for DHS entities and 
the first responder community. It is vital that these OSINT positions 
be given the importance they deserve and that they not devolve into 
convenient placeholders for personnel awaiting security clearances.
    Fourthly, in order to effectively incorporate OSINT into the DHS 
analytical process, we must redefine that process. We must begin by 
redefining the traditional linear intelligence cycle which is more a 
manifestation of the bureaucratic structure of the intelligence 
community than a description of the intelligence exploitation process. 
In his recent seminal work on the issue, Intelligence Analysis: A 
Target Centric Approach Dr. Robert M. Clark describes the traditional 
intelligence cycle as one that, ``defines an antisocial series of steps 
that constrains the flow of information. It separates collectors from 
processors from analysts and too often results in ``throwing 
information over the wall' to become the next person's responsibility. 
Everyone neatly avoids responsibility for the quality of the final 
product. Because this compartmentalized process results in formalized 
and relatively inflexible requirements at each stage, it is more 
predictable and therefore more vulnerable to an opponent's 
countermeasures.'' \1\
---------------------------------------------------------------------------
    \1\ Clark, Robert M. (2004). Intelligence Analysis: A Target-
Centric Approach. Washington, DC: Congressional Quarterly Press, 15.
---------------------------------------------------------------------------
    Dr. Clark goes on to propose a more target-centric, iterative and 
collaborative approach which is far more effective than the traditional 
intelligence cycle. In Clark's target-centric approach, the process is 
a resilient one in which collectors, analysts and customers are 
integral and accountable. Redefining the analytical process is a 
lengthy discussion which exceeds the time constraints of this hearing. 
I would however, commend Dr. Clark's book to the Subcommittee for 
further consideration.
[GRAPHIC] [TIFF OMITTED] T4962.001

    The final way to integrate OSINT into analytical activities at DHS 
is to establish a streamlined and specialized contracting process to 
enable outsourcing of OSINT requirements and commercial content 
procurement. Centralizing the procurement of commercial content such as 
databases, periodicals or commercial imagery for all of DHS would 
result in a dramatic cost savings which could in turn, be used to fund 
further OSINT efforts or content procurement. While centralizing 
content procurement, DHS must ensure the process is flexible and 
responsive enough to meet time sensitive or ``unusual'' requirements.
    At Open Source Publishing, we are frequently asked by our customers 
to acquire individual books or maps which typically do not exceed 
$50.00 in cost. The conventional government procurement process for 
such small purchases requires a disproportionate outlay of personnel 
resources and the death of innumerable trees. In particular, the 
restrictions and paperwork surrounding the use of government credit 
cards (IMPAC cards) deserves much attention. Very useful in supporting 
OSINT efforts would be the establishment of a DHS blanket purchase 
agreement (BPA) to allow any DHS entity to acquire OSINT related 
products and services in a simple and cost effective manner.
    If such a blanket purchase agreement becomes reality, particular 
care should be given to insure that the standard practice among the 
large government contractors of charging exorbitant pass-through fees 
be kept to a minimum. One particularly effective approach is to award 
the BPA to a number of prime contractors who would be required to 
disclose all pass-through percentages and ``management fees'' upfront 
to subcontractors interested in using the contract vehicle. In order to 
insure the success of such an effort, it is essential that the all too 
common ``raping and pillaging'' by prime contractors be minimized. The 
procurement of a $50.00 book should not require a $10.00 pass-through 
fee and $200.00 in management and administrative charges by the prime.

Disseminating OSINT
    The effective dissemination of open source intelligence within the 
Department of Homeland Security and the first responder community is 
essential to our national security. As mentioned previously, many 
intelligence failures are a result, not of faulty analysis, but rather 
the inability to disseminate intelligence or information in a timely 
manner. No other department in our government is more reliant on 
effective information dissemination to fulfill its mission than DHS. 
Therefore, the unclassified nature of open source intelligence greatly 
enhances its prospects for wide distribution, and as such should be 
regarded as a key within DHS.
    One recommendation to assist DHS in improving its OSINT 
dissemination efforts, is to provide all DHS entities with access to 
the Open Source Information System (OSIS). Operating at the For 
Official Use Only level, OSIS has provided the intelligence community 
with access to open source analytical products and commercial content 
since 1994. Rather than re-inventing the wheel, DHS should be 
encouraged to coordinate its efforts with the Intelink Management 
Office which manages OSIS. Another recommendation would be to allow all 
police and fire chiefs access to the homeland security related 
resources on OSIS. This dramatic expansion of access for first 
responders can be accomplished by simply leveraging the OSIS network's 
existing infrastructure. While additional OSIS funding would be 
required, the cost would be dramatically less than creating such a 
network from scratch. This arrangement also facilitates collaboration 
among the first responder community via the OSIS network's 
collaboration tools and training resources, again at little additional 
cost.

Should DHS Establish an OSINT Agency?
    I understand the Subcommittee has a particular interest in 
examining whether the Department should establish its own open source 
intelligence agency. Both the 9/11 Commission and the Weapons of Mass 
Destruction Commission have recommended that the Director of National 
Intelligence consider establishing an OSINT agency or center. It is my 
feeling that it would be a mistake for DHS to rely solely on a DNI 
OSINT center to fulfill homeland security related OSINT requirements. 
While capable of providing some degree of support, the DNI's OSINT 
center could not be as responsive to the unique needs of DHS and the 
first responder community as a specialized OSINT agency or center would 
be.
    Indicative of the need for specialized OSINT support, the 
Department of Defense's Open Source Council recently recommended the 
establishment of a DoD OSINT Program Office to better support the 
unique needs of warfighters and Defense decision makers. While in 
general I am no fan of establishing new agencies or centers, in this 
case the unique requirements of the homeland security community 
warrants just such an action. I think just about anyone would agree 
that it is a stretch to think that a single OSINT agency or center 
could adequately provide for all the needs of such widely divergent 
agencies like DHS, DoD and the Department of State.

Conclusion
    In summation, I believe open source exploitation can provide 
timely, accurate and actionable intelligence to the Department of 
Homeland Security as well as the first responder community, 
particularly at the state and local level. Effective use of OSINT at 
DHS requires first of all, a change of perspective regarding the value 
of intelligence--which is not determined by its classification level. 
Secondly, it requires viewing OSINT as an equal partner in the all-
source analysis process. Thirdly, OSINT should be conducted by highly 
skilled analysts and practitioners, not merely the uncleared. Fourthly, 
effective OSINT exploitation requires a complete reevaluation of the 
traditional intelligence cycle which is largely ill-suited to the 
demands of the Global War on Terror. Lastly, effective OSINT requires a 
flexible means of outsourcing and content procurement.
    In terms of effective dissemination of OSINT within DHS and the 
first responder community, it is imperative that DHS not reinvent the 
wheel but rather leverage existing capabilities such as the Open Source 
Information System. Finally, it is my belief that the Department of 
Homeland Security should establish its own OSINT agency or center to 
meet the unique needs of its constituents. I thank the Subcommittee for 
its consideration of my testimony.

    Mr. Simmons. Thank you very much, Mr. Jardines, for that 
very concise and timely presentation. Thank you.
    And now the Chair recognizes Joe Onek for his testimony.

  STATEMENT OF JOE ONEK, SENIOR POLICY ANALYST, OPEN SOCIETY 
                           INSTITUTE

    Mr. Onek. Mr. Chairman, Ranking Member Lofgren, members of 
the subcommittee, I thank you for giving me the opportunity to 
testify this morning.
    In recent years, the government's authority and capability 
to collect and share open-source information about Americans 
has grown enormously. I think we all recognize the potential 
benefits of collecting that open-source information in order to 
protect our country, but at the same time this collection of 
information raises a variety of privacy and civil liberties 
issues, and the concerns that it raises is reflected, for 
example, in the controversy over section 215 of the Patriot 
Act, the so-called library records provision, and to proposals 
about administrative subpoenas.
    But in my limited time this morning, I would like to focus 
on another concern, what I would call a civil rights concern, 
and it is that the danger that if our systems work as well as 
we hope they will work, the information that the government 
gathers and shares will be used in ways that unfairly 
discriminate against Muslim Americans.
    Although only a miniscule number of Muslim Americans are 
involved in any form of terrorism, it is obvious that the 
government's expanded information gathering and data mining 
systems will focus on Muslim Americans. Even if they do not 
single out Muslim Americans directly by name or religious 
affiliation, Muslims will appear disproportionately on the 
government's computer screens because they are the people who 
are most likely, naturally and innocently, to visit or 
telephone or send money to places like Pakistan and Iraq.
    Inevitably, government officials will learn more about 
Muslim Americans than about other Americans. Many Americans, 
for example, whether we like it or not, employ undocumented 
workers in their homes and businesses. Many Americans do not 
fully report their earnings from tips to the IRS. But the 
Americans who may be caught doing these things and subject to 
prosecution may disproportionately be Muslim.
    Similarly, there are millions of persons in the United 
States who are violating the immigration laws. Their offenses 
range from illegal entry to failure to notify authorities of an 
address change. Again, Muslim violators will be caught and 
subjected to deportation in far greater percentages than other 
violators.
    Now, at first blush, there may be seen no problem at all 
with prosecuting or deporting persons who have violated the 
law, but our nation's legal and moral values require equal 
application of the law. When, for example, there are stretches 
of highway where virtually everyone exceeds the speed limit, it 
is not permissible for the police to stop and ticket only or 
primarily those speeders who are African American.
    My concern is that the new information gathering and data 
mining systems will often deliberately focus on persons who are 
likely to be Muslim, and therefore it is necessary to address 
the unequal application of the laws that will inevitably 
follow.
    And I am therefore going to make what I understand is a 
provocative proposal. I am going to propose that information 
gathered for antiterrorist purposes not be used against 
individuals except in proceedings that directly relate to 
terrorism or other very, very serious crimes. Unless this 
restriction is imposed, criminal and immigration laws will be 
disproportionately applied against Muslim Americans. This 
unfairness will breed discontent in the Muslim community and 
will undermine the fight against terrorism.
    It is important both that our country and be seen by the 
world as fair to Muslim Americans and that it enlists the full 
cooperation of the Muslim community in antiterrorism efforts. 
These objectives can only be met if Muslims in this country 
believe the government is treating them fairly.
    And this proposal does not mean that anybody will be 
granted immunity for criminal activity or amnesty. The 
government remains free to bring criminal or immigration cases 
provided that it does not use information generated by 
antiterrorist data mining systems in cases not involving 
terrorism or other similar violent crimes or serious crimes.
    This limitation may require some segregation of 
information, it may impose some burdens on government, but 
these burdens are a small price to pay to ensure fairness to 
all Americans and to strengthen the fight against terrorism.
    And, interestingly, and I will close on this note, and I 
think you are familiar with this, the federal government is 
currently implementing a somewhat similar immunity program 
under the Homeland Security Act. Section 214 of the Act 
provides that companies, such as nuclear power plants, that 
voluntarily disclose to the government critical infrastructure 
information concerning their vulnerabilities to terrorism are 
guaranteed that the government will not use that information 
against them in any civil action. And this is so even though 
the disclosed information may indicate that the company is not 
complying with various safety or environmental laws and is thus 
subject to severe civil penalties.
    Congress made the determination in the Homeland Security 
Act that granting companies this limited immunity served 
important national security interests, and I believe national 
security interests are also served by providing limited use 
immunity to people caught up in our antiterrorism data mining 
efforts.
    Thank you.
    [The statement of Mr. Onek follows:]

                   Prepared Statement of Joseph Onek

    Mr. Chairman, Ranking Member Lofgren and members of the 
Subcommittee. Thank you for giving me the opportunity to testify this 
morning on issues related to the government's access to open-source 
information.
    As the Subcommittee well knows, since 9/11 Congress has enacted 
many provisionsz--in the Patriot Act, the Homeland Security Act and the 
Intelligence Reform legislation--authorizing or requiring federal 
agencies to collect and share more information about Americans. At the 
same time, new technologies are making it easier for government 
agencies to gather, store and analyze information. These developments 
have raised a variety of concerns.
    Many Americans, I believe, have a visceral unease about the fact 
that the government has the capacity to gather so much information 
about them. That unease explains the powerful opposition to the Defense 
Department's Total Information Awareness Program. It also explains the 
opposition to section 215 of the Patriot Act--the so-called library 
records provision. I . myself agree that section 215 should be amended 
as proposed in the SAFE Act to prevent fishing expeditions by 
government officials and keep their focus properly on information 
relating to agents of a foreign power. I also believe that the 
government must do a better job of explaining its information 
collecting and sharing practices. Recently, for example, the Department 
of Homeland proposed to exempt one of its systems of records from the 
requirements of the Privacy Act. Its notices explaining the request 
were so opaque that it was difficult to understand what records were 
involved and why the exemption was appropriate.
    Another development that, according to public opinion polls, is 
raising concerns about privacy is the proposal to authorize 
administrative subpoenas in national security investigations. The 
Senate Select Committee on Intelligence has reported out legislation 
granting the government administrative subpoena power under the Foreign 
Intelligence Surveillance Act (FISA). Administrative subpoenas are now 
used in many types of investigations, and the government asks why they 
shouldn't also be used by the FBI in the fight against terrorism. But, 
as I testified before the Senate Intelligence Committee, the government 
ignores some very crucial facts.
    First, administrative subpoenas are typically used for discrete 
purposes and to obtain limited types of records. But here the subpoenas 
would be seeking records relating to foreign intelligence and 
terrorism. The range of activities that relate foreign intelligence and 
terrorism is enormous and, therefore, there is virtually no limit to 
the type of records the FBI will be able to subpoena. The FBI will seek 
financial records, employment records, transportation records, medical 
records and yes, sometimes, library records. The collection of this 
massive array of records creates special problems. Inevitably, FBI 
investigations will sweep up sensitive information about innocent, law-
abiding people. How do we assure this information is not abused? The 
FBI will also sweep up information about people who have nothing 
whatsoever to do with terrorism, but who may have committed other 
infractions, both minor and major. What will the FBI do with this 
information? These are not problems that arise with the ordinary use of 
administrative subpoenas.
    There is a second crucial difference between the ordinary use of 
administrative subpoenas and the new proposal. In the proposed 
legislation, the FBI's subpoenas must be kept completely secret 
whenever the FBI says that national security requires non-disclosure. 
This means that a record holder who receives a subpoena that is 
overbroad or impinges on first amendment rights will not be able to 
complain to the press, Congress or the public.
    This is not an insignificant disadvantage. Just last year, a 
federal prosecutor in Iowa served grand jury subpoenas on Drake 
University and members of the university community in connection with a 
peaceful antiwar forum. The university community protested loudly, the 
press took up the controversy, and the subpoenas were promptly 
withdrawn. This cannot happen when the subpoenas are secret.
    If subpoenas covering a vast array of records are going to be 
served in secret, there must be additional safeguards. The most obvious 
safeguard is prior judicial approval, such as is provided, however 
inadequately, in Section 215 of the Patriot Act. We should not permit, 
for the first time in our history, the massive use of secret subpoenas 
that have not been approved by a judge.
    I recognize that the proposed legislation provides record holders 
with the opportunity to challenge any subpoena in federal court. But 
this opportunity is no substitute for prior judicial approval. Third 
party record holders will generally have no incentive to undertake the 
burdens of a federal court challenge, and the secrecy provisions 
further reduce the likelihood of a challenge. If, for example, a 
hospital receives a subpoena for a massive number of medical records 
and the subpoena is made public, the medical staff and patient groups 
might pressure the hospital to file a challenge. There will be no such 
pressure with a secret subpoena. Thus, there will be little judicial 
supervision of the FBI's use of secret subpoenas.
    The FBI should be required to obtain a court order when it seeks 
access to business records. As already noted, I believe the current 
standards for issuing such orders, as set forth in Section 215 of the 
Patriot Act, should be tightened along the lines suggested by the SAFE 
Act. But in any event there must be a requirement for judicial 
approval. Such a requirement imposes a salutary discipline on the 
government. It forces the government to think through and describe, in 
the words of Deputy Attorney General Corney, the ``meaningful, logical 
connection between the record sought and the subject of the 
investigation.'' If the government believes that obtaining a court 
order is too slow in certain circumstances, it should propose special 
procedures for emergency situations.
    In addition to the general unease about increased government 
collection of information, there are some highly specific concerns. 
Civil libertarians are worried that the government might misuse the 
information it gathers to attack and intimidate critics and opponents. 
The memory of J. Edgar Hoover's efforts to destroy the reputation of 
Martin Luther King lives on. And, just recently, there have been 
allegations that the White House leaked information about a CIA agent 
in order to punish her husband for criticizing certain policies of the 
Administration.
    These privacy and civil liberties concerns deserve serious 
attention. But this morning I would like to focus on another concern--
the danger that the government will use the information it gathers and 
shares in ways that unfairly discriminate against Muslim Americans.
    Although only a miniscule number of Muslim Americans are involved 
in any form of terrorism, it is obvious that the government's expanded 
information gathering and data-mining systems will focus on Muslim 
Americans. Even if such systems do not single out Muslims Americans by 
name or religious affiliation, Muslims will appear disproportionately 
on the government's computer screens because they are the people most 
likely (naturally and innocently) to visit, telephone and send money to 
places like Pakistan and Iraq. Inevitably, government officials will 
learn more about Muslim Americans than about other Americans. Many 
Americans, for example, employ undocumented workers in their homes and 
businesses. Many ``harbor'' out of status immigrants (often close 
relatives) by giving them a place to stay or finding them an apartment. 
Many do not fully report their earnings from tips to the IRS. But the 
Americans who will be caught doing these things, and subjected to 
prosecution, will disproportionately be Muslim.
    Similarly, there are millions of persons in the U.S. who are 
violating the immigration laws. Their offenses range from illegal entry 
to failing to notify authorities of an address change. Again, Muslim 
violators will be caught and subjected to deportation in far greater 
percentages than other violators.
    At first blush, there may seem to be no problem with prosecuting or 
deporting persons who have violated the law. But our nation's legal and 
moral values require equal application of the laws. When, for example, 
there are stretches of highway where virtually everyone exceeds the 
speed limit, it is not permissible for the police to stop and ticket 
only (or primarily) those speeders who are black. The new information 
gathering and data-mining systems will often deliberately focus on 
persons who are likely to be Muslims, and therefore it is necessary to 
address the unequal application of the laws that will inevitably 
follow.
    I propose, therefore, that information gathered for anti-terrorist 
purposes not be used against individuals except in proceedings that 
directly relate to terrorism or to other violent crimes. Unless this 
restriction is imposed, criminal and immigration laws will be 
disproportionately applied against Muslim Americans. This unfairness 
will breed discontent in the Muslim community and undermine the fight 
against terrorism. It is important both that our country is seen by the 
world as fair to Muslim Americans and that it enlist the full 
cooperation of the American Muslim community in anti-terrorist efforts. 
These objectives can only be met if Muslims in this country believe the 
government is treating them fairly.
    This proposal does not mean that anyone will be granted immunity 
for criminal activity or amnesty for immigration violations. The 
government remains free to bring criminal or immigration cases against 
Muslim Americans, provided that it does not use information generated 
by anti-terrorist data-mining systems in cases not involving terrorism 
or violent crime. This limitation will require some segregation of 
information and impose some burdens on the government. But these 
burdens are a small price to pay to ensure fairness to all Americans 
and strengthen the fight against terrorism.
    Interestingly enough, the federal government is currently 
implementing a somewhat similar immunity program in accordance with the 
Homeland Security Act of 2002. Section 214 of the Act provides that 
companies such as nuclear power plants that voluntarily disclose to the 
government critical infrastructure information concerning their 
vulnerabilities to terrorism are guaranteed that the government will 
not use that information against them in any civil action. This is so 
even though the disclosed information may indicate that the company is 
not complying with various laws regulating safety or the environment 
and is thus subject to severe civil penalties. Congress made the 
determination in the Homeland Security Act that granting companies this 
limited use immunity served important national security interests. As I 
have argued, national security interests are also served by providing 
limited use immunity to people caught up in our anti-terrorism data-
mining efforts.
    Whether or not you agree with my analysis, I am sure you do agree 
that the government's increasing authority and capacity to gather 
information about Americans requires congressional attention. Recently, 
the President named his nominees and appointees to the new Privacy and 
Civil Liberties Oversight Board, and I hope the Board will soon address 
the questions I have raised this morning. But, in the end, it is up to 
Congress to assure that the government obtains the intelligence it 
needs without violating the civil liberties and civil rights of the 
American people. Thank you.

    Mr. Simmons. Thank you very much.
    I would like to make a comment and then I have a couple of 
questions, and my colleagues will all have questions as well.
    It is my understanding from reading Mr. Jardines testimony 
that his recommendation is not unlike the recommendations that 
we had in the recent weapons of mass destruction report that 
there be somewhere in our government a center of excellence for 
open-source intelligence. In the case of the WMD report, it 
would be at the Central Intelligence Agency, but I think 
history has shown that they have not responded to that 
opportunity, at least in years past.
    I guess my view is that such a center of excellence could 
reasonably be located with the Department of Homeland Security 
for several reasons. One, it could be incredibly useful in 
their infrastructure vulnerability reports because much of that 
information is publicly available from either state or local 
entities or private enterprises here in the United States.
    But, secondly, by creating such a center of excellence, you 
develop expertise within the discipline and then those 
individuals who are expert in the discipline can be placed out 
in the intelligence community in all-source analysis 
facilities, just as a photo interpretation, for example, has a 
center of excellence at NPIC, signals intelligence has a center 
of excellence at the National Security Agency, and at various 
times in our history the clandestine service of the CIA has 
been a center of excellence for human-source intelligence.
    So it seems to me that there is some value in that model.
    But let me raise what I think is a fundamental question 
when it comes to open source. I have here aerial photographs of 
the Natanz Uranium Enrichment Facility in Iran. These are 
incredibly detailed photographs. Normally, you would not see 
these except in a classified environment. But in the case of 
these photographs, they were taken by the Space Imaging 
Organization, which is an open-source organization.
    The value of these open-source products is that if there is 
an issue relative to Iran and its nuclear activities, you can 
share these photographs and you can share these images with the 
American people. So their government is not simply making 
statements and then saying, ``Trust me, we have the secret 
information that shows this to be the case.'' You can actually 
show the American people what it is that concerns us around the 
world and possibly or potentially show the American people what 
concerns us here.
    Dr. Gannon made a very interesting statement, that 
governments are losing control. In other words, governments are 
no longer the sole proprietors of information collection and 
analysis. And I think that is a good thing. I think that is 
good for democracy. I think that brings more people into the 
process, and I would be interested if any of our three 
witnesses would wish to comment on that analysis.
    Mr. Jardines. Well, I guess as a practitioner in the open-
source arena and as someone who has been at the tail end, 
someone who has needed that open-source material and for most 
of my 10 years in the military, both on active duty and in the 
reserves, I was outside the Washington Beltway. In D.C., we 
have great resources at all levels of classification, but as 
you move out beyond that boundary, those resources dry up 
pretty quickly. And I think that the idea of setting up an 
OSINT center that would drive the acquisition of open-source 
information and centralize that is an important model.
    In part, in the past, with the Community Open-Source 
Program Office, it was not successful primarily because it 
really was not viewed by the rest of the community as a 
community entity. The leadership and most of the infrastructure 
was the Foreign Broadcast Information Service, and it simply 
was not accepted as a communitywide effort.
    Given that the Department of Homeland Security is a fairly 
new infrastructure entity within the intelligence community, I 
think a lot of those long-standing antagonisms between various 
intel agencies do not exist, and I think it would be far better 
received if an OSINT center were in the Department of Homeland 
Security.
    Mr. Onek. Let me just comment. In a related point, the 
chairman pointed out the importance of open-source information, 
and obviously people in a community, for example, have 
tremendous interest in information about, let's say, a nearby 
nuclear power plant or a nearby chemical plant, and they 
obviously are concerned with safety and environmental factors, 
and in general I think they deserve to know as much as possible 
in order to assess the safety of their neighbor, of their 
neighboring entity.
    Now, of course, since 9/11, there has been concern that 
that same information, which is useful to the community, might 
also be useful to terrorists. So we have had to look more 
closely at it, and I am not suggesting that that is wrong but 
we have to make sure that we do not overdue it; that is, we do 
not overclassify and we do not make it impossible for people in 
the community who have an obvious need to understand facilities 
in their backyard do not get a chance to see information.
    And so that is I think the dilemma that you face as you try 
to make more and more information or keep more and more 
information open source, but I do believe that it is a dilemma 
that we should meet head on and try to err whenever we can on 
the side of openness.
    Dr. Gannon. I am just sort of speaking for the working 
analyst. If I were to take either the image you showed me or 
other imagery and actually take orthorectified imagery, which 
can be made into three-dimensional presentation, there is a 
capability really to have accuracy with regard to elevations 
and setbacks. For the homeland security purposes, we can do an 
urban area where actually you will have an accurate sense of 
actually how high things are, what the line of sight is, what 
the line of fire is.
    Tremendous capability there, but in order to build those 
kinds of models, which are extremely useful not just to inform 
policymakers but also for operational reasons, the analyst 
today sits in a classified environment with superb imagery. You 
can take the classified information we have and put it in that 
to add to that model, but, invariably, the analyst is also 
forced to get a lot of unclassified information to finish it.
    So my single point I want to keep making here is I think 
the intelligence world today is about integrating the 
classified and unclassified information into a superior product 
for the benefit of our country.
    Mr. Simmons. Thank you very much.
    Ms. Lofgren?
    Ms. Lofgren. Thank you.
    I think, clearly, we are already making use of open-source 
information, but as I was listening to the testimony I was 
recalling the debate about 30 years ago about what should be 
collected by the government and what should not be, and there 
was a discussion at that time about whether police departments 
should be allowed to keep files that basically consisted of 
newspaper clippings. And I thought at the time, well, if it is 
in the newspaper, anybody can read it, what is the problem with 
that? And that was, I thought, a sound view.
    But as technology has moved forward, the ability to compile 
and amass and integrate information has changed the whole 
dynamic of what can be found out about people, and I do not 
know that there is an obvious answer to that issue, but I think 
we need to spend some time sorting through that, because 
Americans really have a very strong sense of, ``Leave me alone. 
My private life is my private life. I should have the right to 
that.'' That is a very American attitude, and I think it is 
that attitude that fuels objection to the Matrix Program and to 
other programs. So I think we need to think through how this 
open-source dilemma or opportunity meshes with that.
    The issue of discrimination has been raised, and I think 
that is a serious one, and we need also to prospectively think 
about that.
    And, finally, we need to think about the implications of 
collecting data that is out in the open, amassing it and then 
using it for a purpose that is not to protect Americans from 
terrorism but to prosecute in the criminal arena.
    And if you think about Americans are starting to understand 
what is out there. Every time you buy something, there are 
cameras on every corner, there are cameras at every stop light, 
every time you go on your fast pass, there is information 
created. I mean, ID tags are going to connect where you go and 
what you buy. It is all out there in the open to the point 
where you could know what every American is doing most of the 
time. You add that in with the satellite imagery that is 
available. I mean, Google now has a program where you can 
really see what is going on place by place.
    And the question I have really for each of the witnesses 
is, what recommendations do each of you have for how we might 
put procedures in place that would be respectful to the privacy 
expectations of Americans, what procedures we might consider to 
avoid the discriminatory impact from the compilation and 
amassing of this information and also what procedures should we 
consider putting in place that would avoid whatever intrusions 
exist being used for a more mundane purpose as opposed to 
protect the nation from terrorism purpose, really to avoid 
handing on a platter to a police department for a garden 
variety criminal prosecution?
    I wonder if you have thoughts, each of you, on those 
questions.
    Mr. Onek. Well, I certainly have some thoughts, which I 
gave. I really think that when you look at it there are really 
two ways. One is, are there going to be or should there be 
certain limitations on the collection side, on the front end? 
And that I think is what the current debate about section 215 
of the Patriot Act or the I think forthcoming debate about 
administrative subpoenas is about. What can you collect? How do 
you make sure that the government is not engaging in fishing 
expeditions and so on?
    And then there is, I guess, what I was trying to speak 
about earlier, the backend. After you have collected the 
information, after you have determined that certain information 
should be collected and you have collected it, are there any 
protections you can put on it? First of all, can you make sure, 
and this is more mundane but important, can you make sure that 
only the right people have access to it within the government? 
And there, there are technological fixes, including audit 
trails and so on which can make sure that unauthorized people 
for their own purposes do not get access to the information. 
And that I think we can do, and that is probably not 
controversial.
    Then you get to the more difficult issue is how do you 
assure that the information is not misused, that it is not 
misused, for example, by governments to attack political 
opponents, as in the days of J. Edgar Hoover and Martin Luther 
King, or that it is not used in a way that, although maybe 
people do not intend it, ends up being like selective 
enforcement or discriminatory. And I think we do have to, and 
which is the reason I did raise it this morning, I do think we 
have to begin to think about that last issue.
    I think it is very hard to do, frankly, and I have talking 
to law enforcement people. I am not suggesting it is easy, but 
I do think it is necessary to try to do if we are going to be 
true to our values and if we are going to show in good faith to 
Muslim Americans here and to the world that we are trying to 
differentiate between terrorists and Muslims, and that was the 
point of my oral testimony today.
    Ms. Lofgren. I know time is short but if Dr. Gannon or Mr. 
Jardines have comments, I would--
    Dr. Gannon. I have a quick comment. I started my 
intelligence career in 1997 in the shadow of the Church-Pike 
hearings, and I was instructed very clearly that information 
from any source, open or clandestine, that dealt with U.S. 
citizens we did not deal with it. There were very clear 
policies about reporting on and analysis of issues involving 
U.S. citizens, and it was not just a matter of clear policies. 
I believe I was held accountable for those polices, and I also 
believed that my bosses, my leaders were being held accountable 
for them.
    So the point I would make to you in terms of 
recommendations, I think this does have to become a leadership 
and accountability issue that is distributed throughout the 
intelligence business and, again, not just isolated in some 
unit that is deemed to have the responsibility for this. I 
think it really does have to--it is like security itself: The 
protection of U.S. citizens and information involving them has 
to be the business of every analyst and every collector in the 
business. And I think that can be done, I think it was done 
throughout my career.
    Mr. Jardines. If I could just add a couple comments here. I 
would like to clarify what we are talking about. Open-source 
intelligence is defined as publicly available information. I 
keep hearing collection from my colleague. Open sources are not 
collected, they are acquired, which means someone else collects 
the information, edits that information and disseminates. The 
intelligence community is merely a secondhand user of that 
information.
    So when the congresswoman was mentioning traffic cameras 
and those kind of things, all of those fall outside the scope 
of open-source intelligence. Gaining access to those kinds of 
cameras or credit reports that would go through the 
traditional--
    Ms. Lofgren. Right, but if I could clarify my point, that 
aggregation and distribution, because of technology, is already 
occurring. And so we are at a point where if we set policies, 
we can actually have a very large impact. Google is in my 
district and the googlization of the world is occurring. We are 
just at the beginning really of where we are going to be, and 
the opportunity to set a framework for how we are going to 
respect the privacy rights of Americans is unique, and we ought 
not to pass it by.
    And I appreciate the gentleman and the chairman's 
indulgence for my being over time.
    Mr. Simmons. Absolutely. And thank you for the questions.
    The Chair now recognizes the distinguished chairman of the 
full committee, Mr. Cox.
    Mr. Cox. Thank you, Mr. Chairman.
    I want to focus on the findings and recommendations of the 
Silberman-Robb Commission, the Commission on the Intelligence 
Capabilities of the United States Regarding Weapons of Mass 
Destruction. This is a big, fat report that has been available 
to us in open source only since March 31, two and a half 
months, and I am very, very pleased we have the opportunity in 
this subcommittee to dive into a piece of it.
    The Silberman-Robb Commission recommended the creation of 
an open-source directorate within the CIA.
    Dr. Gannon, you in your testimony disagree with that 
recommendation. My first question to you is, why? Should there 
be an open-source directorate somewhere else at DHS or is this 
an inherently bad idea?
    Dr. Gannon. Well, I think, in my view, we have a functional 
problem; that is, that analysts are not using open source 
enough, and we, once again, want a structural solution to a 
functional problem.
    So my view is that all analysts, all-source analysts or 
imagery analysts or signal analysts, they are all now in a 
position where they need open-source information to interpret 
their own collection contributions. And then analysts, the all-
source analysts, need all-source information more than ever in 
order to produce the best analysis that they can.
    So it has to be, in my judgment, a distributed model that 
gets the technologies out to all those analysts so that they 
can avail themselves of the best information, and creating any 
kind of a center which is deemed to be the all-source center is 
concentrating, not distributing. So I think there is a danger 
that you would be creating structure there that in fact would 
impede the kind of integration of classified and unclassified 
information that I think is absolutely essential and I think is 
the trend in the community today.
    Mr. Cox. The Silberman-Robb Commission said, ``We believe 
part of the problem is analyst resistance; in other words, the 
analysts do not want to use open-source information. We believe 
that part of the problem is analyst resistance, not lack of 
collection.'' And so another of their recommendations was that 
we, the United States government, and specifically the CIA, 
train some of the new analysts specifically in the uses of open 
sources and then, in the parlance of the report, they would be 
evange-analysts and go out and encourage other people to get 
with it and use new technologies and so on.
    This, they believe, would also address another problem, a 
more fundamental problem, and that is the intelligence 
communities, and here they are not speaking just of the CIA, 
surprisingly poor feel for cultural and political issues in the 
countries that concern policymakers most. So they see open 
source as one means of getting people culturated in the target 
areas of their investigation.
    Do you agree, Dr. Gannon, with those two assessments: 
First, that there is analyst resistance to using open-source 
information, and, second, that there is a pervasive problem in 
the intelligence community in the form of a lack of feel for 
cultural and political issues in the countries that 
policymakers are concerned about?
    Dr. Gannon. I think the commission did a superb job in its 
investigation side. I think some of the recommendations, in 
this one especially, I think the commission is going to end up 
being human like the rest of us, making an effort to improve 
the situation but I do not think recognizing adequately the 
baseline in the community right now. I think it is a mixed bag.
    All of the analytic programs in the intelligence community 
are actually embedded in collection-dominated organizations. So 
both the collection perspective, the clandestine collection 
perspective, and the security environment does create, I think, 
impedance to the aggressive use of open-source information. So 
there are some structural issues there to deal with.
    But in fact there are many models. I cited the geospatial 
imagery, but I did distribute a copy of the Global Trends 2015 
exercise where for 18 months our analysts dealt with outside 
experts where they asked the question, what are the threats 
going to be to the United States, where is the best information 
and best expertise to deal with it. And they integrated that 
over an 18-month period into the report that is before you.
    So I think there are some best business practices for the 
use of open source.
    But, again, my point is, I want to change the behavior of 
those analysts, not change structures. And to change the 
behavior I think you have to impose on leadership the 
responsibility to get them the technology that will access 
open-source information and enable those analysts also through 
leadership to get out of the community so they can speak with 
folks outside.
    I will cite one case when I was chairman of the National 
Intelligence Council where we did an estimate on Iran and we 
were trying to deal with the political turmoil in Iran, and 
when I got the draft before me I realized that we did not have 
a single analyst in that intelligence community that had ever 
been to Iran.
    So what do you do about this? I do not think an open-source 
directorate was going to help me there. What we did was we 
asked the question, who is in Iran? Who does know the ground 
truth there. And we worked with allies and broke tradition and 
actually brought some allies to work with us to stimulate the 
kind of debate you need with regard to the change that was 
taking place there.
    So those kinds of things are happening, but my point is, I 
want systems and leadership that is going to drive those 
analysts to change their behavior so they do use open source 
more, and I do not see how the structure of an open-source 
directorate does that.
    Mr. Cox. Mr. Chairman, my time has expired.
    Mr. Simmons. Thank you, Mr. Cox.
    The Chair now recognizes the distinguished Ranking Member 
of the full committee, Mr. Thompson.
    Mr. Thompson. Thank you very much, Mr. Chairman.
    I was trying to get some information. I am glad you said 
that, Dr. Gannon.
    There was an AP story yesterday that one of the heads of 
the Counterterrorism Department at the FBI said that you really 
did not have to have any experience in terrorism or anything to 
run the Department, and I am glad to see somebody at your level 
that would say that you absolutely have to have that kind of 
experience if you really want to get a good product. And I was 
just trying to make sure we get that in the record, because 
some of us disagree with that statement.
    Mr. Onek, for the last 6 months, there have been security 
breaches in a lot of commercial databases--ChoicePoint, 
LexisNexis, Time-Warner, CitiGroup and over the weekend 
MasterCard--where personal information of hundreds of thousands 
of Americans have been compromised.
    Should we be concerned that some of this open source, if 
not properly safeguarded, can cause a threat to us as a 
country?
    Mr. Onek. Well, I think that what you are talking about 
raises a somewhat different concern, because you are talking 
about information that is in the hands of commercial entities 
and not in the hands of government, and I think there are 
different sets of problems. I think the major concern with the 
information that is in the private hands are things like 
identity theft and the problems that that pose. And, obviously, 
that is a very different concern than the concern you have when 
information is in the hands of government.
    ChoicePoint cannot prosecute you, it cannot deport you. It 
can, I suppose, defame you if it wanted, but it usually does 
not have any motive to do it because it is a profit-making not 
a political or partisan entity. So I do not wish to make light 
about the problems that have just been revealed about the lack 
of security, because I know the problems that they can cause 
for individuals, and it can happen to any of us at any moment, 
but I do think that the issue of government information is a 
different issue and I think ultimately a more serious issue.
    Mr. Thompson. Well, Mr. Jardines, you are one of those 
private folk who gather information that sometimes can, for 
whatever reason, become compromised. What safeguards have you 
as a profession instituted so that this information you gather 
is not falling into the hands of potential terrorists or what 
have you?
    Mr. Jardines. In general, I cannot speak for the overall 
industry but in terms of what we at Open Source Publishing do, 
we maintain systems with robust security features. Our focus is 
primarily foreign intelligence issues, so we do not focus that 
much on U.S. persons information. But it certainly is a real 
issue.
    As someone who knows just how much information is publicly 
available out there, it scares me to death what is out there, 
but the reality is this is something that if it is truly open-
source information, what we do is the same thing that any 
member of the general public could do.
    Does it bother me that you can go to Google and type in my 
telephone number and pull up my address and a map to my house 
and a picture of my house? Yes, it does. Is there anything I 
can do about that? I do not think so. If the committee would 
like to do something about that, that would be wonderful.
    But at this point, I feel like we are arguing--it is the 
same as arguing, ``Gee, the roads are publicly available and 
there is the threat of some level of abuse by the fire and 
police departments, so therefore we need to regulate how the 
fire and police departments drive their vehicles on our public 
roads. The reality is the information is already out there. It 
is not being collected by the government; it is already out 
there.
    And so while I certainly, as an Hispanic, am very, very 
sensitive to the issue of profiling, there are steps in place 
and if we need to add some sort of civilian oversight board, 
then that is great. But my biggest concern is for that police 
chief or that fire chief who has to respond to these kind of 
events should have some degree of foreknowledge about what the 
possible risks are to him, and at this point we have decided, 
well, we cannot give him a clearance so let's just ignore him 
completely.
    Mr. Thompson. Thank you, Mr. Chairman.
    Mr. Simmons. Thank you, Mr. Thompson.
    The Chair now recognizes the gentleman from California, Mr. 
Lungren.
    Mr. Lungren. Thank you very much, Mr. Chairman.
    I have got to take some of my time responding to some of 
the bankshot criticism of section 215, which of course is not 
the subject of this hearing but there has been some things said 
on the record that at least I have to respond to.
    Let's at least make clear what we are talking about in 
section 215 of the Patriot Act. It requires a federal judge to 
find that the requested records are sought for. That is the 
relevancy standard. For an authorized investigation to obtain 
foreign intelligence information not concerning a United States 
person or protect against international terrorism or 
clandestine intelligence activities. Some of us believe this 
involves greater judicial oversight than a grand jury subpoena 
where a grand jury subpoena is typically issued without any 
prior involvement by a judge.
    Section 215 orders are also subject to greater 
congressional oversight than our grand jury subpoenas. 
Statutorily, every 6 months, the AG must fully inform the House 
and Senate Intelligence Committees concerning all requests for 
the production of tangible things, whether from library or 
anyplace else. There is no comparable provision for the 
oversight of grand jury subpoenas.
    I am also informed that another section of the law requires 
informing the Judiciary Committees of the House and the Senate. 
There is also specific language in section 215 which provides 
that an investigation under this section shall ``not be 
conducted of a United States person solely on the basis of 
activities protected by the First Amendment to the Constitution 
of the United States.''
    I bring this up only because I keep hearing a recitation of 
criticism of section 215, and we ought to at least know what it 
is we are talking about, and, unfortunately, that is not the 
subject of this hearing and we do not have the time to go into 
it, but I needed to take some of my 5 minutes to at least put 
that on the record.
    This is serious business, I know we all understand that, 
but it also shows that the proper regulation against abuses is 
the oversight by the Congress. That is why the statute is set 
up. The Judiciary Committee has had 12 hearings thus far. We 
have submitted hundreds of questions, written questions, to 
which we have received responses from the Justice Department.
    And in the area of collection or utilization of open-source 
documents, as in anything else, the proper place to make sure 
it is not abuse is right here, the Congress. That is why some 
of us think that the oversight that we are conducting is 
appropriate, necessary and ought to be even more robust than it 
has been in the past.
    I would like now to ask a question of Dr. Gannon. This goes 
to the question of changing the culture and so forth. 
Intelligence communities are somewhat insular, you admit. It is 
difficult to change that culture. And what I would like to know 
is whether or not when going to open-source data, do we need to 
ensure that there is a possible governmental/private 
partnership? That is, will we run the risk that when we look to 
open sourcing that the intelligence community is going to 
create its own matrix, its own way of getting it, rather than 
take advantage of those private sector operations that are 
already out there mining this information?
    And are these private organizations--private industry, 
academic institutions, and so forth--sufficiently capable of 
processing that open-source information in such a way that they 
can give it to the intelligence community so those analysts can 
do their work?
    Dr. Gannon. I do think reliance on those organizations is 
inadequate for the intelligence community. I think that the 
system works best when there is a real partnership, just as you 
are suggesting, between the analyst dealing with the classified 
world and then the open-source world where they tackle a 
problem together so that they are developing analysis that is 
continuously integrating the classified with the unclassified.
    And I will assert, in my four years as chairman of the 
National Intelligence Council, their willingness to disposition 
of outside sources of expertise, and this means everybody from 
Wall Street to the aerospace industry to work with the 
intelligence community has never been more positive.
    I was never turned down by anyone, and usually the reason I 
asked them was that we sat down and said, ``Who has got the 
best answer to this question?'' Even on something like the 
annual report on the ballistic missile threat, we discovered 
that while a lot of that did rely on clandestine collections, 
in fact we could not do some of the technical analysis without 
going to the aerospace industry, and some of the economic 
analysis we needed to go to academia.
    So when we went out with a problem to the outside, we were 
able to develop the kind of partnerships. And when you work 
with them, as we did in Global 2015 over 18 months, you develop 
sustainable kinds of partnerships.
    I think the outside world there is a distrust of the 
intelligence community that can be broken down if you actually 
are able to show your partners the results of what you are 
doing. There is always a suspicion that when we ask for 
information the door slams and they never understand how it is 
used. And the private sector does not like to provide 
information on that basis. I think the community has to 
recognize we are in a new environment and we do have to have 
policies that allow us to share in a back and forth manner more 
than we have.
    Clearly, it is a partnership, but I think it is a 
partnership that begins at the very beginning of tackling 
serious national security issues. It is not something where you 
do yours and they do theirs and then you join at some place 
down the road.
    Mr. Simmons. I thank the gentleman.
    The Chair now recognizes Mr. Etheridge.
    Mr. Etheridge. Thank you, Mr. Chairman.
    Gentlemen, thank you for being here.
    As we talk about open-source gathering data, I think you 
heard from the committee the concerns as we gather that data 
really is in the minds of the public what we gather, from what 
sources, and certainly there is a risk environment out there 
today with all the sources we can pull it in from, especially 
as we look at open source.
    My question for each of you, as we look at the blurring of 
the line, especially when you are looking at open source versus 
the investigation of law enforcement, Mr. Onek you raised the 
issue of intelligence investigation, which does not have the 
same constraints, of course, as the legal law enforcement.
    And, Dr. Gannon, you touched on the issue that the CIA 
outside the United States if American citizens happens to be 
involved, that is off base.
    My question would be, as we view this, the issue of mining 
data. Basically, as you start to pull it in, and we have 
alluded to the fact that we may have to have constraints, talk 
a little bit more about this. Because as you start to pull in 
open source versus the other, eventually you get to the point 
where it gets blended, and then you have got the real problem 
of trying to separate what is what as it relates to moving 
forward and moving this data.
    And I think this is where the American people really have 
some concerns, but at the same time we want to make sure we 
have the right data as it relates to protecting the American 
people from terrorism.
    Mr. Jardines. Well, the intelligence community already has 
a number of constraints on it with regard to open-source 
information. One item I would say is, unfortunately, we are not 
blending open-source information with the all-source analysis 
process. The Silberman-Robb Commission mentioned that analysts 
were resistant to use open-source information. What the 
Commission did not mention was that is because the community 
has made every effort to make it very difficult for them to get 
access to it.
    One of the three-letter agencies here in Washington, D.C. 
does not have Internet access for each analyst. That to me is a 
mind-blowing concept that we do not have that. Likewise, we do 
not even put unclassified data up on the classified networks in 
many cases because we are told, ``Well, the classified networks 
are for classified information.'' Yet, that is the analysts' 
operating environment.
    But I think there are constraints in place. I am not 
extremely familiar with the Department of Homeland Security's 
intelligence infrastructure, but they exist, and if those need 
to be looked at more carefully, I am certainly open to that.
    Mr. Etheridge. But then how do we get the open source 
available for use then?
    Mr. Jardines. In part, I think, as Dr. Gannon mentioned, 
making open-source resources available to the analysts.
    Where I would disagree with Dr. Gannon is in that I think 
we need an organization to provide that open-source information 
to the analyst. Sure, analysts can go out and do their own, but 
to say we do not need an organization to provide some level of 
vetted, analyzed open-source information is like saying all 
analysts should collect their own SIGINT or their own imagery 
intelligence. No one would recommend that because all-source 
analysts do not know how to do SIGINT, and they do not know how 
to do IMINT.
    The reality is if all-source analysts have the time and the 
expertise to do effective open-source exploitation, I would be 
standing in the unemployment line right now.
    Dr. Gannon. Mr. Jardines is right that I have been using 
open source more generically to really mean any information 
that is not classified, not simply information that you can get 
from the Internet. So, clearly, I am including in it 
information that through whatever means the government can get 
it, whether it is a subpoena or whatever, is non-classified 
information.
    So, for example, the records of my credit card purchases 
and so on and so forth. So I obviously have been talking here 
in a somewhat broader context, and I agree that there are 
certainly constraints on it. I think Congress is wrestling with 
it. It is wrestling, as Mr. Lungren pointed out, with the 215 
issue. I think there has been oversight, and really all I was 
trying to do is raise some issues that I think have not yet 
been looked at and to say that we are going to have to keep 
doing it.
    In a way, and I will stop in a second, my testimony 
presupposes the success of this committee and the government in 
assuring effective use of open source. I am sort of at the next 
stage. I am assuming you have succeeded, as I hope you will, 
and you have government officials who do have the ability to 
get their hands on this information, and I am saying, ``Okay, 
what protections do we need,'' because after all we all want 
them to be successful. Then when they are successful, what 
problems does it raise.
    Mr. Etheridge. Thank you, Mr. Chairman. I see my time has 
expired. Thank you.
    Mr. Simmons. Thank you.
    The Chair now recognizes Mr. Dent.
    Mr. Dent. Thank you, Mr. Chairman.
    My question to Dr. Gannon, how much danger is there that 
having the government communicate information uses open sources 
that it could reveal or perhaps or confirm the existence of 
classified information? Would the government be seen as 
confirming that classified information?
    Dr. Gannon. I think this has been an occupational hazard 
and timely memorial on the intelligence business, but it is an 
eminently manageable problem. I think we, for example--I recall 
the Congress told us that we needed to produce a declassified 
version of the ballistic missile report, and I would say 80 
percent of that was produced from clandestine sources. The 
community protested that it could not do it, Congress said, 
``You will do it.'' We did it, and I would say probably 80 
percent of the analysis was actually derived from clandestine 
sources could be declassified.
    My point to you is, I do not think this is as big a problem 
as you suggest. I think in dealing with the kind of hardship 
everybody was talking about, there is a benefit on both sides, 
that people who come from the outside who work with the 
intelligence community will assume that as we work a problem 
together, if there is classified information that would totally 
contradict a trend or a path that is your taking, the 
intelligence analyst would stop it.
    On the other hand, the intelligence analysts are benefiting 
tremendously from that outside infusion of expertise.
    But I think this is a manageable problem, and I think 
leadership within the intelligence and the policy community at 
times have been particularly sensitive about particular issues, 
and they have halted communication. But for the most part, I do 
not see this as a problem that is particularly worrisome.
    Mr. Dent. Thank you.
    Mr. Jardines, a few moments ago that you mentioned that you 
were frightened about some of the information you see in open 
sources. Specifically, what type of open source information 
frightens you the most and why?
    Mr. Jardines. There are a number of things that one would 
consider generally innocuous. For example, the newspaper, when 
you buy a house, publishes the fact of who bought the house and 
where it is located and how much it costs. I can take that 
information and then pull up additional information regarding 
tax assessment. I can get a sense of how big the house is. Once 
I have the lot number, I can go down to town hall and get the 
building permits, I can get copies of closing documents, which 
in many cases contain information about mortgages and what not, 
and we begin to put together information that someone who 
really wanted to spend the time and energy to figure that out 
or may want to do harm to you would have a fair amount of 
information available.
    Unfortunately, it is already out there. I cannot make the 
newspaper pull it back, but that is the world we live in. I do 
not like it, but there is going to be this level and much more 
coming, and I do not see that that is going to change. We have 
instance access to information and the ability to aggregate it.
    Mr. Dent. Are you or any of the panelists suggesting that 
there are any special privacy issues with the government 
distributing open-source information then? If that frightens 
you, should the government be judicious in how we disseminate 
that type of open-source information?
    Mr. Jardines. I think the fact that you are disseminating 
it, in my hope, we would be disseminating it down to a very 
diffuse level, down to local police departments. I do not see 
that that is going to be an issue, because someone would think, 
``Gee, if I am going to release this publicly, perhaps I should 
think about does this betray sources and methods, are we 
establishing a pattern here that talks about what we may be 
interested in?'' And, obviously, if there is some libelous 
information and what not, it is subject to public scrutiny. 
That is the thing about open source is we cannot hide it, it is 
unclassified.
    Mr. Dent. I see my time has expired. I was going to ask you 
to talk about the accuracy of this open-source information, but 
I guess I will have to leave that to one of the other 
questioners.
    Mr. Simmons. I thank the gentleman.
    The Chair now recognizes the gentleman from Rhode Island, 
Mr. Langevin.
    Mr. Langevin. Thank you, Mr. Chairman.
    Gentlemen, thank you for your testimony and for being here 
today.
    I guess I have a couple of questions. First, I would start 
out with I am a big believer that we need to use open-source 
intelligence more aggressively than what we have been on a very 
broad scale. And I am cognizant about, especially I am reading 
a book right now by our colleague, Mr. Weldon, who is very 
critical of our intelligence community and its failure to use 
open-source intelligence more aggressively.
    But I am also a believer that we should not be duplicating 
efforts. I think in government all too often we pass measures 
that are duplicative and not necessarily coordinating in 
nature. We do that as a feel-good measure and think we have 
fixed the problem and we have not necessarily done that.
    So my question is with respect to creating a new open-
source intelligence directorate, how would that be different 
from the work done by, for example, the National Intelligence 
Council? You can help educate me and the committee with how 
that would be complementary or duplicative if we were to do 
that.
    The other question that I have is, what role, if any, 
should the DNI play in coordinating the collection, analysis, 
production, dissemination of open-source intelligence? And what 
steps we should be taking in general to get the intelligence 
officers and analysts to use open-source intelligence resources 
more aggressively than they have in the past?
    If you could take those, I would be interested in hearing 
your response.
    Dr. Gannon. Well, I will start and you can help me by 
repeating your first question. I think the DNI has a critical 
role to play here. I think the DNI has--and I think we ought to 
give him the time. I think to interpret so many of the 
recommendations that have been made so that he can make the 
best judgments about how to proceed within the community.
    With regard to open-source information, I think he will 
have a deputy for open-source information, and it will be his 
responsibility to deal with dissemination issues and also deal 
with some of the privacy issues that have been expressed here. 
Because I think the issue on open source is not that we want to 
in any way impede the dissemination of open-source information. 
We want to certainly manage the way that it is used in the 
production of intelligence products, the way it is interpreted 
and particularly if it deals with U.S. citizens.
    I think there can be policies in place that will instruct 
analysts and hold them accountable for the way they use open-
source information. But I think the basic goal that I think 
John Negroponte will adopt is to encourage much more actively 
the use of open-source information to both put the systems in 
place, technology, the policies in place that will encourage 
that and then to hold his leaders accountable.
    And I think the test John Negroponte would want to apply 
with regard to any product that is produced in the intelligence 
community is not whether it may be right or wrong but did it 
avail itself of the best information available from all sources 
before we presented this intelligence to the President or his 
national security team?
    Mr. Langevin. If you do not have a separate open-source 
intelligence directorate somewhere, whether it is within DHS or 
under the DNI, how do you, in a sense, compare or test that 
collection or that analysis of data?
    Dr. Gannon. Well, I think there is a management structure 
dealing with the analysts in every one of the agencies of the 
intelligence community. I think they can be held accountable 
for the proper use and training in open-source areas. I think 
the risk of having an open-source directorate is that there is 
the impression that we have now centralized this priority or 
this function within a directorate where it really does need to 
be distributed and imposed as a responsibility through the 
analytic community.
    And I think there is a manager in the community now that it 
is recognized that we are not where we need to be on open 
source, and some of those managers, by the way, are dealing 
with problems with security and other sort of institutional 
resistance that is not just the analyst, it is embedding of 
these programs and sensitive collection-dominated 
organizations. So there is no analytic community that is 
organized apart from the collections community.
    So I think, again, on any intelligence product, again, I 
would not ask the question, is it right or is it wrong or 6 
months later I would not ask, was it right or wrong, I would 
ask, did it use the best information available from all 
sources, including open source? And that is an easy test 
because you could find the information that might have been 
better with regard to any particular issue.
    Mr. Langevin. Any members of the panel want to comment on 
that? And also getting to the question of how would the work of 
an open-source intelligence directorate be different from the 
work of, for example, the National Intelligence Council?
    Dr. Gannon. I think they are completely different 
functions, actually. The National Intelligence Council is a 
group of a dozen or so senior experts where it focuses first on 
expertise. A design goes back Director Colby back in 1973 when 
he established the System of National Intelligence Officers. 
What he wanted is prominent experts that could speak to him 
about issues that should matter for U.S. national security and 
then for him to the intelligence community so that they could 
drive the analytic priorities and the estimate of work that 
they did.
    I do think the open-source directorate is about being at 
the kind of leading edge of the technologies and methodologies 
for the use of open source and imparting that to the analytic 
community. It is not there to do substantive products. It is 
more with a resource and a technical know-how kind of 
organization.
    Mr. Simmons. The Chair now recognizes the gentleman from 
Pennsylvania, Mr. Weldon.
    Mr. Weldon. Thank you, Mr. Chairman, for holding this 
hearing, a very important hearing.
    And thank each of you for testifying.
    I want to walk my colleagues through a case study that I 
think is very appropriate for this hearing, and I want to take 
my colleagues back to 1999. I was then Chairman of the Defense 
Research Subcommittee. We were standing up information 
dominance centers for each of the services, and the information 
dominant center of the Army, called the LIWA, the Land 
Information Warfare Assessment Center, was headquartered at 
Fort Belvoir. They were also linked with SOCOM down in Florida, 
which was doing amazing work and using the same model that the 
Army was using. They were bringing together disparate systems 
of classified data, including open-source data, which the CIA 
was not using at that time, to understand emerging 
transnational threats.
    John Hamre was the Deputy Secretary of Defense, and I asked 
him to go down and look at this capability because I was 
increasing the funding for it and he did, and he said, ``You 
are right, Congressman.''
    We put together a brief, a nine-page briefing, which I 
would like to enter into the record.
    Mr. Simmons. Without objection, so ordered.
    Mr. Weldon. This brief in 1999 called for the creation of a 
national operations and analysis hub, the policymakers tool for 
acting against emerging transnational threats and dangers to 
U.S. national security. And the concept was to bring together 
33 classified systems managed by 15 agencies, including open-
source data to do massive data mining and using tools like 
Starlight and Spires and other cutting-edge software 
technologies to be able to give us the kind of information to 
understand emerging threats.
    John Hamre said, ``I agree with you, Congressman, and I 
will pay the bill. The Defense Department will foot the bill 
for this, and I do not care where the administration wants to 
put it, at the White House, the NSC, wherever, but you have got 
to convince the FBI and the CIA because they have a large part 
of this data.''
    So at John Hamre's suggestion, on November 4 of 1999, 
almost 2 years before 9/11, we had a meeting with the Deputy 
Directors of all 3 agencies. I went over the brief, and the CIA 
said, ``Well, Congressman, that is great, but we do not need 
that capability. We are doing something called CI-21, and we 
feel we have enough capability and we do not need that extra 
capability that you are talking about.
    Well, at the time, the Army and SOCOM, passed by General 
Shelton and General Schoomaker, who was Commander of SOCOM, 
were doing a classified program called, ``Able Danger,'' which 
has not yet been discussed in the open, and I do not know why 
the 9/11 Commission did not go into it, because Able Danger was 
focused on al-Qa'ida. Able Danger was a classified project of 
SOCOM and our Army looking at the cells of al-Qa'ida worldwide 
so that we would have actionable information to take out those 
cells.
    What I did not realize was that they had actually produced 
a chart until 2 weeks after 9/11.
    Now, Mike, unfold the chart.
    This chart was taken by me in a smaller form to Steve 
Hadley 2 weeks after 9/11. Now, it is difficult for my 
colleagues to see even though I have had it blown up.
    Hold it up, Mike.
    This chart identifies the major al-Qa'ida cells, and if you 
look to the chart in the center to the left, there is the 
picture of Mohammad Atta. What the military did in 1999 and 
2000 through the use of open-source data, and this is not 
classified what I am showing you, they identified the Mohammad 
Atta cell in New York and identified two of the other three 
terrorists.
    What I have since learned, and I have two--Mr. Chairman, if 
we want to do a classified hearing on this, I have two military 
personnel who will come in and testify who were involved with 
this. But SOCOM made a recommendation to bring the FBI in and 
take out the Mohammad Atta cell. And the lawyers, I guess 
within SOCOM or within DOD, said, ``You cannot touch Mohammad 
Atta, because he is here on a green card, as are the other two 
suspected terrorists. And they were also concerned about the 
fallout from WACO.
    So now we have obtained through an open-source capability 
that the CIA did not want to pursue, ``We do not need that.'' 
When I took this chart to Steve Hadley and opened it up in the 
White House he said to me, ``Congressman, where did you get 
this chart from?'' I said I got it from the military, special 
forces command of that Army.
    This is what I have been telling you we need to fuse 
together our classified systems. And Steve Hadley, the Deputy 
to the National Security Advisor, said, ``I have got to show 
this to the man.'' I said, ``The man?'' He said, ``The 
President of the United States.'' I said, ``You mean you do not 
have this kind of capability?'' He said, ``Absolutely not, 
Congressman.''
    So he took the chart and he gave it to the President of the 
United States.
    In 2003, George Bush announced the TTIC, the Terrorism 
Threat Integration Center. The TTIC is identical to what we 
proposed in 1999 but the CIA told us, ``Trust us. We know 
better. We know how to do this kind of capability. We know how 
to do this emerging threat.'' They did not produce that chart. 
It was done by military capabilities to the Army's Information 
Dominant Center and through special forces command, tasked by 
General Shelton and General Schoomaker.
    Now, to add further insult to injury, bring out the next 
chart. This is the capability that is now available but I have 
been told it is not capable of being produced through the NCTC, 
the National Counterterrorism Center.
    This is al-Qa'ida today worldwide. Every one of those 
little dots is a person or a cell, and every one of them are 
identified. This is a worldwide global depiction of where al-
Qa'ida is today, the key cells that are threatening us, their 
linkages to other nations, their linkages to terrorist attacks. 
This information is all obtained through open-source 
information. I have been told by the military liaison to the 
NCTC that the NCTC could not produce this today.
    Mr. Chairman, this is something that this subcommittee has 
to pursue is I have been told that at the NCTC we have three 
separate distinct entities and the stovepipes are still there. 
For the life of me I cannot understand why there is resistance 
among the people who are paid to do our intelligence to fuse 
together information to give us a better understanding of 
emerging threats. This comprehensive capability is now being 
pursued by naval intelligence under a new task force that I 
hope will be picked up by John Negroponte who I gave a brief to 
2 weeks ago.
    Open-source intelligence has been extremely valuable and 
can be extremely valuable. I am not convinced yet that we are 
there.
    Mr. Simmons. I thank the gentleman for his statement. I 
would request by unanimous consent that both charts be entered 
into the record of this hearing, and I would be happy to 
consult with the ranking members or members to have a follow-on 
discussion in closed session of this issue.
    Do any of the members wish to respond or shall we go to the 
last member, the distinguished gentlelady from California, Ms. 
Harman?
    I apologize. Ms. Sanchez?
    Ms. Sanchez. Thank you, Mr. Chairman.
    Mr. Simmons. I did not see you around the corner there.
    Ms. Sanchez. I know. These chairs get lower every week. I 
do not know why. Someone is playing a game on us or something.
    I actually have some questions. The first one will be to 
our former majority head staff to the committee, and, John, I 
just want you to know that at least I miss you. You have had a 
chance now to be on that side, you have had a chance to be on 
the inside during a very formative time here in particular with 
respect to this committee, and there have been a lot of things 
that we have done since 9/11 with respect to intelligence or 
just trying to get our arms around this whole issue of 
intelligence, including what we did making the directorate have 
some responsibility for open-source information.
    With what you know--I am sort of trying to pick your 
brain--with what you know, because when I look at what we 
thought we were doing after 9/11 with respect to homeland 
security, one, get intelligence, not making new intelligence 
but getting intelligence that exists and sort of coordinate it 
in a real-time fashion so we could thwart a terrorist action; 
the second thing, of course, trying to figure out how we put 
limited resources to fortifying those things which are 
important to our critical infrastructure; and, third, how do we 
respond if in fact an attack comes through?
    I want to get back to the first one, this whole issue of 
intelligence. I guess I would ask you, what do you think is the 
Department of Homeland Security's real niche in trying to 
figure out this whole issue of intelligence, given that now we 
have the intelligence czar position, et cetera. What do you 
think we should be looking at when we oversee the Department's 
look at intelligence?
    Dr. Gannon. First of all, I would say that from my 
perspective, having been on the Hill and the White House and 
the intelligence community, I think a lot of the actions taken 
after 9/11 were reactive kind of actions to improve our 
capability to stop a terrorist attack. And I think if you look 
at what we did on the foreign side by going after the 
terrorists where they were and what we tried to do 
domestically, we certainly did I think do a lot of damage to 
terrorist infrastructures abroad. We did certainly raise the 
costs of doing business for terrorists with what we did 
domestically. And we have not had a terrorist attack. So I 
think we can perhaps take some comfort in that.
    But I also think that both with regard to the Department of 
Homeland Security or the homeland security issue at large and 
intelligence, I think in either case we really developed a 
strategy, a kind of focused and resource-responsible strategy 
that will sort of protect us long into the future.
    And I think now with the appointment of John Negroponte and 
with Mike Chertoff in the Department, I think there is a real 
opportunity now to stand back and say, ``Look at all the things 
we have done. A lot of them did not turn out the way we thought 
we would.''
    I think within the intelligence I think we have had--I 
think our intention was to strengthen analytic capability, but 
in some cases I think we have stretched analytic resources to a 
point where I think we should take account of that fact. I 
think we have tried to streamline and to integrate 
accountability when in fact we have in many ways divided it. 
And I think as I have moved around the intelligence community, 
we have perhaps created so many new analytic units, that we are 
doing a lot more production than we are analysis. But I think 
that is all correctable.
    But I do think we should be now looking at, you said, a 
baselining of what we have done thus far and working together 
to translate this into strategy. And I would also emphasize 
from my experience I think it is critically important for the 
intelligence community of the executive branch and the Congress 
really to work together so that we are sort of working the same 
agenda, because there are all sorts of things that we can say 
are wrong.
    The question is, how do we want to measure success for John 
Negroponte over the next year or two? I think that really does 
depend on having a consensus on what are the priorities of 
things for us to do.
    And, really, the priorities are not about massive new 
structures and costly new programs, it is about fixing human 
intelligence, which has been a problem we have known for some 
time. That means getting the resources into the field and into 
strategic kinds of planning of human programs. Rebuilding the 
analytic capability, again, is something that does not depend 
on structure, it depends on putting resources there.
    So there are a number of issues that--there are really 
probably four or five issues that I would want--community 
training is another one. I think this has been an issue for 
some time where we can clearly do integrated training that 
would be to the benefit of the intelligence community.
    So I would like us to give John Negroponte the time and 
really work with him and show confidence in him and Mike Hayden 
and their teams so that we can sort of admit that we have not 
done everything right in recent years. We do want to get it in 
a strategic direction, but there really cannot be a strategy 
that will succeed unless it has the support of the White House, 
the intelligence community leadership and the Congress.
    So my answer to the Department of Homeland Security is I 
continue to believe, as I have all along, that if you have a 
Secretary of Homeland Security with the responsibilities that 
this one has and has under the Homeland Security Act and I 
suspect will continue to have for protecting America, first of 
all, preventing terrorism against the homeland, for protecting 
our critical infrastructure and for the quality of response 
that we have to a terrorist attack, that requires significant 
sustained intelligence support.
    So he has got to have at the end of the day, however we 
change the Homeland Security Act or however we narrow down or 
focus in what has to be I think a real assessment of what roles 
and responsibilities need to be across all these agencies, I 
think you have got to have a strong intelligence capability for 
this Secretary.
    Ms. Sanchez. Thank you, Doctor. And I see my time is up.
    I just want to say to Mr. Onek that I had a question about 
some of your concerns, and I will submit them for the record, 
because I am very interested in your ideas on the impact to the 
Muslim community in particular.
    Mr. Onek. Thank you.
    Mr. Simmons. The Chair thanks the gentlelady and now 
recognizes the distinguished Ranking Member of the House 
Intelligence Committee, Ms. Harman, from California.
    Ms. Harman. Thank you, Mr. Chairman. I want to say first 
that I think you and the Ranking Member, Ms. Lofgren, bring 
enormous experience and skill to this subcommittee's 
activities. I am proud to serve on it.
    And to our witnesses, whom I have known for many, many 
years, you all, but especially Dr. Gannon and Mr. Onek, have 
been there for the key fight, and you are resources that I hope 
not just we but those who lead our intelligence community will 
continue to call on. It is a pleasure to listen to you and to 
learn from you.
    Time is short, and I personally have to walk out of the 
door in about 3 minutes, so I just want to make a couple of 
observations. First, John Gannon just commented on the question 
I would have asked, which is how to measure success. I think 
that is a critical question. Joe Onek put a useful metric 
before us which is to consider the front end, the back end and 
then how to prevent misuse of the back end.
    But I really think what we can contribute and what you can 
contribute is a way to think about succeeding, not a way to 
think about criticizing but a way to think about succeeding. 
And I think it is frankly the question we also have to ask 
about our venture in Iraq, but that is not the subject before 
this committee. But if you have the answer to that, I would 
welcome it.
    So let me just comment that I hope as time proceeds we will 
think about this. I hope as Secretary Chertoff releases his 
review of the Department activities we will think about this. I 
hope as Negroponte ramps up the activities of the DNI we will 
think about this. Because the goal is not to rehearse old 
fights and certainly the goal is not to point out where we come 
up short, but the goal I think is to help good people in the 
field who are doing their darndest to produce accurate, 
actionable and timely intelligence get it right.
    And public sources are a big part of this getting it right, 
and we have ignored them at our peril, every one of you has 
said that. How we do the mix, whether we separate out public 
sources or integrate them in everybody's job, I kind of like 
your concept, John, that a structural response to an 
operational problem does not solve it, but, nonetheless, 
getting it right is what we should be after, and getting it 
right as we protect the privacy of Americans is what we should 
be after.
    So I apologize for not asking questions and running out the 
door, but I, again, Mr. Chairman and Ranking Member Lofgren, 
appreciate the fact that you have called this hearing and 
appreciate the content of this hearing. Thank you.
    Mr. Simmons. I thank you for your remarks and for bringing 
your talent and expertise to these important subjects.
    I do not believe that any members want to do a second round 
and so I would be prepared to close, and I simply want to thank 
our panelists for beginning this very important discussion on 
open-source information and open-source intelligence.
    I think this has been a tremendously educational 2 hours. I 
believe that there is a great opportunity to follow up on this, 
to bring in at some data, appropriate date, the Department of 
Homeland Security to see where they are in this area and as 
well to consider a closed session on the issues that Mr. Weldon 
raised.
    Again, if there are no additional comments from my 
colleagues, I would like to thank the panelists for their 
participation, and we stand adjourned.
    [Whereupon, at 12:00 p.m., the subcommittee was adjourned.]

                             For the Record

       Prepared Statement of the Honorable Sheila Jackson-Lee, a 
           Representative in Congress From the State of Texas

    Mr. Chairman and Ranking Member, I thank you for holding today's 
very important hearing on open-source information. I find it very 
timely, especially after my experience with the Committee on the 
Judiciary in analyzing ,the sections of the PATRIOT Act for 
reauthorization. As we pass legislation that facilitates the 
collection, storage, and use of intelligence information, it becomes 
more important to monitor the government's adherence to the fundamental 
Constitutional principles on which this nation was founded.
    Of particular concern to me is Section 215 of those provisions. 
Section 215 of the USA Patriot Act permits the government to scrutinize 
peoples' reading habits through monitoring of public library and 
bookstore records and requires bookstores and libraries to disclose, in 
secrecy and under threat of criminal prosecution, personal records of 
reading and web surfing habits. This harms freedom of thought, belief, 
religion, expression, press, as well as privacy.
    The Fourth Amendment of the Constitution protects Americans from 
unreasonable searches and seizures. However, several provisions of the 
Patriot Act authorize federal law enforcement to skirt the line of 
reasonableness. For example, section 206 of the Patriot Act ``amends 
FISA and eases restrictions involving domestic intelligence gathering 
by allow[ing] a single wiretap to legally 'roam' from device to device, 
to tap the person rather than the phone.''
    Also, the Act allows federal law enforcement to delay notifying 
subjects of sneak-and-peek searches, as long as notice is provided 
within a ``reasonable'' time. A sneak-and-peek search is one in which a 
law enforcement official searches the premises of a subject but delays 
the notification required by the Fourth Amendment until a later time. 
This type of delay is allowed when notification of the subject might 
have an `` `adverse result.' ''The ``reasonable'' time may be extended 
for" good cause.'' These expanded surveillance powers are especially 
troubling because of their apparent contravention of the Fourth 
Amendment's protection against unreasonable searches and seizures.
    As the body charged with exercising oversight over the homeland 
security-related aspects of intelligence-gathering, this hearing is of 
extreme importance relative to setting the parameters of privacy 
policies. One of my concerns relates to the proposed establishment of 
the Homeland Security Operations Center Database (HSOCD) and possible 
exemptions from the Privacy Act of 1974. I would hope that this 
prospect is not slated to take effect absent a sufficient number of 
hearings in committees of jurisdiction.
    Mr. Chairman and Madame Ranking Member, again, I thank you for your 
efforts..