[Senate Hearing 111-211]
[From the U.S. Government Publishing Office]
S. Hrg. 111-211
PROTECTING NATIONAL SECURITY AND CIVIL LIBERTIES: STRATEGIES FOR
TERRORISM INFORMATION SHARING
=======================================================================
HEARING
before the
SUBCOMMITTEE ON TERRORISM,
TECHNOLOGY AND HOMELAND SECURITY
of the
COMMITTEE ON THE JUDICIARY
UNITED STATES SENATE
ONE HUNDRED ELEVENTH CONGRESS
FIRST SESSION
__________
APRIL 21, 2009
__________
Serial No. J-111-15
__________
Printed for the use of the Committee on the Judiciary
U.S. GOVERNMENT PRINTING OFFICE
54-241 PDF WASHINGTON : 2010
-----------------------------------------------------------------------
For sale by the Superintendent of Documents, U.S. Government Printing
Office Internet: bookstore.gpo.gov Phone: toll free (866) 512-1800; DC
area (202) 512-1800 Fax: (202) 512-2104 Mail: Stop IDCC, Washington, DC
20402-0001
PATRICK J. LEAHY, Vermont, Chairman
HERB KOHL, Wisconsin ARLEN SPECTER, Pennsylvania
DIANNE FEINSTEIN, California ORRIN G. HATCH, Utah
RUSSELL D. FEINGOLD, Wisconsin CHARLES E. GRASSLEY, Iowa
CHARLES E. SCHUMER, New York JON KYL, Arizona
RICHARD J. DURBIN, Illinois JEFF SESSIONS, Alabama
BENJAMIN L. CARDIN, Maryland LINDSEY O. GRAHAM, South Carolina
SHELDON WHITEHOUSE, Rhode Island JOHN CORNYN, Texas
RON WYDEN, Oregon TOM COBURN, Oklahoma
AMY KLOBUCHAR, Minnesota
EDWARD E. KAUFMAN, Delaware
Bruce A. Cohen, Chief Counsel and Staff Director
Nicholas A. Rossi, Republican Chief Counsel
------
Subcommittee on Terrorism, Technology and Homeland Security
BENJAMIN L. CARDIN, Maryland, Chairman
HERB KOHL, Wisconsin JON KYL, Arizona
DIANNE FEINSTEIN, California ORRIN G. HATCH, Utah
CHARLES E. SCHUMER, New York JEFF SESSIONS, Alabama
RICHARD J. DURBIN, Illinois JOHN CORNYN, Texas
RON WYDEN, Oregon TOM COBURN, Oklahoma
EDWARD E. KAUFMAN, Delaware
Bill Van Horne, Democratic Chief Counsel
Stephen Higgins, Republican Chief Counsel
C O N T E N T S
----------
STATEMENTS OF COMMITTEE MEMBERS
Page
Cardin, Hon. Benjamin L., a U.S Senator from the State of
Maryland....................................................... 1
prepared statement........................................... 49
Kyl, Hon. Jon, a U.S. Senator from the State of Arizona.......... 6
prepared statement........................................... 85
WITNESSES
Baird, Zoe, president, Markle Foundation, and Co-Chair, Task
Force on National Security in the Information Age, New York,
New York....................................................... 3
Fredrickson, Caroline, Director, Washington Office, American
Civil Liberties Union, Washington, D.C......................... 11
Gorton, Hon. Slade, former U.S. Senator from the State of
Washington, and Member, Markle Foundation Task Force on
National Security in the Information Age, Seattle Washington... 7
Manger, J. Thomas, Chief of Police, Montgomery County, Maryland,
and Chairman, Legislative Committee, Major Cities Chiefs
Association, Rockville, Maryland............................... 8
QUESTIONS AND ANSWERS
Responses of Zoe Baird to questions submitted by Senator Feingold 26
Responses of Caroline Fredrickson to questions submitted by
Senator Feingold............................................... 30
Responses of J. Thomas Manger to questions submitted by Senator
Feingold....................................................... 35
SUBMISSIONS FOR THE RECORD
Baird, Zoe, president, Markle Foundation, and Co-Chair, Task
Force on National Security in the Information Age, New York,
New York, statement............................................ 37
Center for Democracy & Technology, Leslie Harris, President and
Chief Executive Officer, Washington, D.C., letter.............. 52
Fredrickson, Caroline, Director, Washington Office, American
Civil Liberties Union, Washington, D.C., statement............. 55
Gorton, Hon. Slade, former U.S. Senator from the State of
Washington, and Member, Markle Foundation Task Force on
National Security in the Information Age, Seattle Washington,
statement...................................................... 73
Manger, J. Thomas, Chief of Police, Montgomery County, Maryland,
and Chairman, Legislative Committee, Major Cities Chiefs
Association, Rockville, Maryland, statement.................... 88
PROTECTING NATIONAL SECURITY AND CIVIL LIBERTIES: STRATEGIES FOR
TERRORISM INFORMATION SHARING
----------
TUESDAY, APRIL 21, 2009
U.S. Senate,
Subcommittee on Terrorism and Homeland Security,
Committee on the Judiciary,
Washington, D.C.
The Subcommittee met, pursuant to notice, at 2:35 p.m., in
room SD-226, Dirksen Senate Office Building, Hon. Benjamin L.
Cardin, Chairman of the Subcommittee, presiding.
Present: Senators Cardin and Kyl.
OPENING STATEMENT OF HON. BENJAMIN L. CARDIN, A U.S. SENATOR
FROM THE STATE OF MARYLAND
Chairman Cardin. Good afternoon, everyone. Let me welcome
you all to the first hearing of the Terrorism and Homeland
Security Subcommittee of the Judiciary Committee for the 111th
Congress.
First, I want to acknowledge and thank Chairman Leahy for
allowing me to chair this Committee and to convene this
Subcommittee. This Subcommittee has a proud tradition. I know
that Senator Kyl will be joining us shortly, who is the Ranking
Republican member. But the leadership on this Subcommittee
under Senator Feinstein and Senator Kyl has established, I
think, a record for our Subcommittee to follow. I just want to
acknowledge that up front that I very much rely upon the
leadership of Senator Feinstein and Senator Kyl in going
through the agenda that we hope to handle in our Subcommittee.
We have several issues that we will be taking up. Of
course, today we are going to be starting with, I think, the
most important responsibility we have, and that is the security
of our country, and whether we are getting the maximum
information, intelligence information to keep the people of
this Nation safe.
This Subcommittee will also have to deal with the PATRIOT
Act. Several provisions of the PATRIOT Act will expire this
year, and Congress will need to consider extending those
provisions or modifying them. I intend for this Subcommittee to
play an active role in that regard.
We also have the detainee issues, those that will be
leaving Guantanamo Bay, and we will be reviewing with the
administration how they intend to deal with the detainees.
We will be dealing with passport fraud. The GAO report
recently showed some weaknesses in our system, and we will be
taking that issue up. We will be dealing with cyber security,
biological research security, in which I have a direct interest
in Maryland, considering it was breached in my own State;
encryption policies, espionage laws. So we have a full agenda
for our Subcommittee. But today we start with what I think to
be one of the most important functions of Government, and that
is to keep our people safe. We want to make sure that we have
the best intelligence information against the threats of
terrorism and the tools that are appropriate for the collection
of reliable intelligence information.
I think it is our responsibility to make sure that we have
the proper use of resources. After all, these are scarce
resources that are taxpayer dollars, that we get reliable
intelligence information that can be shared with those who can
keep us safe, and that we have the protections for civil
liberties. That is our obligation, and that is what we are
looking to do.
As a result of the attack on our country on September 11th,
the agencies that are responsible for intelligence have been
reorganized, and we now have a Department of Homeland Security.
We have a Director of National Intelligence. We have a National
Counterterrorism Center. And the question is: Is this the right
mechanism, the right structure to make sure that we get the
most reliable information to keep our Nation safe?
There have been major issues raised about sharing of
information, whether we are sharing the information in the most
effective way. The Department of Justice has the Joint
Terrorism Task Force, which I have worked with in my own State,
and is that the best way in order to share information? Are
there more effective ways to get information back and forth to
keep people safe?
The Department of Homeland Security has their Fusion
Centers. I think we need to evaluate whether they are working
as appropriately as we think they should.
Have we overcome the bureaucratic obstacles to get
information to those who can prevent a terrorist attack? That
is a question I hope our witnesses will deal with during the
course of this hearing.
We know that the Maryland State Police were involved in a
14-month investigation of peace groups in my State who
protested against the use of capital punishment in a very
lawful way. There appears to be no reason whatsoever that that
investigation should have taken place. We know information was
made available to Federal intelligence agencies. The question
is: Do we have adequate protection for privacy and civil
liberties in our system? Are we doing the right oversight?
Congress passed a law providing for a privacy and civil
liberties oversight board in 2007 that has not been appointed
yet. Should that board be appointed now? Should we move forward
on those issues?
I hope these would be issues that we will take up during
the course of this hearing. The 9/11 Commission concluded that,
``The choice between security and liberty is a false choice,''
quoting from the report, ``as nothing is more likely to
endanger Americans' liberty than the success of a terrorist
attack at home. Our history has shown us that insecurity
threatens liberty. Yet if our liberties are curtailed, we lose
the values that we are struggling to defend.''
I think the 9/11 Commission got it right. I think that is
the balance that we are trying to achieve in protecting the
security of the people of our country and protecting the civil
liberties which are the values of our Nation.
I hope that today's hearing will help Congress and the new
administration work together to figure out the most effective
way to organize our intelligence-gathering capacities and
establishing better guidelines for privacy and civil liberties.
Well, we are very proud to have a very distinguished panel
of experts who I hope can help us sort through what we need to
do.
Zoe Baird serves as the President of the Markle Foundation
and also served as the Co-Chair of the foundation's Task Force
on National Security in the Information Age. Her task force
issued a March 2009 report on the subject of today's hearing
entitled: ``Nation at Risk: Policy Makers Need Better
Information to Protect the Country.''
Of course, it is a pleasure to welcome back former Senator
Slade Gorton to the U.S. Senate, to the Judiciary Committee,
former Senator from the State of Washington, who has a very
distinguished record in the U.S. Senate and served as a member
of the Markle task force and also as a member of the 9/11
Commission.
We will also hear from J. Thomas Manger, the Chief of
Police of Montgomery County, Maryland. I have worked with Chief
Manger, and I thank him very much for his work in law
enforcement. He represents the largest jurisdiction in the
State of Maryland and one of the most diverse jurisdictions, I
think, in our Nation. He certainly knows a lot about how these
issues affect local law enforcement. Chief Manger also serves
as the head of the legislative committee for the Major Cities
Chiefs Association.
Our final witness will be Caroline Fredrickson, who is the
Director of the Washington Office of the American Civil
Liberties Union. I want to thank the American Civil Liberties
Union for working closely with us in trying to make sure that
we are asking the right questions and that Congress exercises
its responsibility of oversight.
I was just checking the protocol of swearing in the
witnesses because I have never sworn in a former Senator
before. But the tradition of the Judiciary Committee is for the
witnesses to take the oath, so if you would all stand. Do you
affirm that the testimony you are about to give before the
Committee will be the truth, the whole truth, and nothing but
the truth?
Ms. Baird. I do.
Mr. Gorton. I do.
Chief Manger. I do.
Ms. Fredrickson. I do.
Chairman Cardin. Thank you. We will start with Ms. Baird.
STATEMENT OF ZOE BAIRD, PRESIDENT, MARKLE FOUNDATION, AND CO-
CHAIR, TASK FORCE ON NATIONAL SECURITY IN THE INFORMATION AGE,
NEW YORK, NEW YORK
Ms. Baird. The real breach of protocol is probably to have
me testify ahead of Senator Gorton, but as a member of our task
force, he has graciously suggested that as co-chair of it, I
should start. Thank you very much for having us, and I am
really grateful to all the staff who is here. It is such a
wonderful showing of interest on the part of the staff.
Senator Gorton and I, in addition to both coming from
Washington State, have had the privilege of working together on
the Markle Task Force on National Security in the Information
Age, which I have co-chaired with Jim Barksdale, the former CEO
of Netscape. The Task Force has been made up of a lot of
experts on national security from every administration since
the Carter administration, civil liberties advocates, and
experts on information technology. We have worked since 9/11 to
try to work our way through the challenging questions of how
the country can use information in order to better protect us
against threats to national security while at the same time
preserving traditional civil liberties and privacy interests.
Our recommendations were adopted very substantially by the
9/11 Commission and have been part of both intelligence reform
laws that have been passed by Congress--the original
Intelligence Reform Act and then the law that was passed that
was H.R. 1 and became the intelligence reform law a couple of
years ago.
The principal thing I would encourage you to take away from
this hearing--and it is apt that you are starting your hearings
with this topic--is that our country will not be able to
address any of the threats your Subcommittee intends to take up
unless we have the best information and we are able to use that
information effectively to understand those threats; and to use
that information in a way that builds public confidence in the
Government; and in the Government's understanding of its
constraints as well as its powers.
So with that overview of what this is all about, I would
say that our Task Force, after working in the 7 years since 9/
11, concluded in our report that we just put out that,
unfortunately, this Nation still cannot connect the dots. We
have been very fortunate that we have not had another major
terrorist incident since 9/11, and a lot of that is due to good
work by the Government. But we still are unable to really know
what we know, and certainly we are unable to know what we know
adequately.
And, in addition, this Nation is still at risk because we
do not have the governmentwide privacy policies that we need.
Those policies are very important to have the public confidence
in the Government's development of intelligence against these
new threats we face, whether they be terrorism or energy
security or cyber security. While they are important for public
confidence, the privacy and civil liberties policies that are
needed governmentwide are also critical to empower Government
officials, because, by and large, most Government employees do
not want to do something that is wrong, and they do not want to
be up here in front of you explaining to you why they did what
they did that looks wrong.
So there is a great deal of reluctance to act on the part
of the intelligence community and law enforcement officials as
well, if they do not have clear guidance. So both to achieve
our objectives of obtaining and using the information that we
need to provide national security and to ensure the protection
of privacy and civil liberties, we need governmentwide policy
guidelines on privacy and civil liberties. This is a very
important area for your Subcommittee to encourage the
administration and to provide continuing guidance.
We made in our report four principal recommendations on how
to achieve this. I will go through these very briefly, and then
obviously I am very happy to answer any questions you have.
First of all, we encourage you to press the administration
and your colleagues in Congress to give priority to this. It is
critical that we are able to connect the dots. We need to get
information sharing right with good policies for privacy and
civil liberties, and we are concerned that this has been
languishing and that we may have lost our focus. And as I say,
nothing else you want to achieve, whether it is cyber security
or border security or anything else you want to achieve, can be
achieved without good information so that policymakers can make
good decisions.
Second, we really have encouraged two elements of
information sharing that require more focus and may be of
interest to you. One is the concept of discoverability. Our
task force does not believe in creating large centralized data
bases. We believe that information should stay with those who
collect it and who can keep it accurate enough and up to date.
That is a privacy protection as well as a protection to make
sure that the information we use is the best information that
we have; that is not out of date; that it has not been
discredited. But it needs to be discoverable, so whether it is
someone in the Maryland State Police who needs to find out if
anyone else has information on a particular subject, or whether
it is a CIA analyst, people need to find information. They do
not need all the content. No one needs all the content. But
they need electronic directories. Information needs to be
tagged. Even paper directories are better than what we have now
so that people can find out who else is working on a problem,
who else might have information.
Then the second concept that goes with that we believe is
authorized use. In the last intelligence reform law, the law
asked the administration to advise us--because they never held
hearings on our concept of authorized use, but they put it in
the bill anyway--whether this is something Congress should
adopt. This really needs to be dug into more, because the
authorized use concept basically says that if you want to get
access to information, the rules have to say that you are
authorized for your mission, for your need, for the predicate
that you articulate, the purpose you articulate for why you
want to have access to the information. And then if you meet
those tests, you can get access to the information in a way
that we can audit against it. So later, in a review of whether
someone was appropriately looking at information, you can go
back and audit whether it was an appropriate authorization,
whether they indeed articulated a predicate that was related to
their mission. And this is very important because the old
classification systems do not really work well anymore. We
cannot get collaboration between the Justice Department and the
CIA if the only principles we have for what defines what
information people have access to are classifications. It is
too crude, and it is not oriented toward the current threats.
So that is the second area of focus. The first is
leadership, making this a priority; the second is developing
the notions of discoverability and authorized use.
The third are the governmentwide privacy policies which I
have talked about already.
And then the fourth area of recommendations that we have
made are related with what I would sum up by saying, ``Old
habits die hard''; that both Congress and the administration
need to find ways to encourage people to come into the modern
age, to encourage people to change their work habits, to become
collaborative, to understand that agency lines are not written
around the current-day problems that we face. And that can be
through setting metrics, through expectations Congress has for
the executive branch, through awards, rewards for employees who
get it right. But that cultural issue of how do you change old
habits is one that really deserves attention, and my guess is
something that you are looking at in other areas of reform that
you want to see as well.
Thank you very much.
[The prepared statement of Ms. Baird appears as a
submission for the record.]
Chairman Cardin. Thank you for your testimony.
Senator Kyl, of course, is now here. I just wanted to point
out, Ms. Baird, that one of the reasons that we--I never make
excuses for my fellow Senators, but there is a major bill
signing this afternoon on the Volunteers Act with Senator
Kennedy and President Obama, and I know that there are members
of the Judiciary Committee that are at that bill signing. So I
just really wanted to point that out to the witnesses. I know
some of the members of this Committee had that conflict, and
that is where they are this afternoon.
I want to give Senator Kyl a moment. I said before you
came, I thank you and I thank Senator Feinstein for your
leadership on this Subcommittee. You have established a
bipartisan record of putting our Nation's security first on
dealing with terrorism in the work of this Subcommittee. It is
a model that I intend to follow, and I personally want to thank
you for the work that you have done, both as Chairman and
Ranking Member of this Committee. And we hope to follow in that
tradition.
STATEMENT OF HON. JON KYL, A U.S. SENATOR FROM THE STATE OF
ARIZONA
Senator Kyl. Mr. Chairman, thank you. I will just put my
opening statement in the record but return the thanks. It has
been wonderful working with Senator Feinstein. We have been
both Chairman and Ranking in turn, and there has never been
anything partisan about our activities. It has always been
focused on how to protect our constituents and fellow citizens.
You have been very helpful in the same vein in organizing
this hearing and others, and so it is really a pleasure to work
on a Subcommittee like this where that is the attitude that
prevails, and I thank you very much. And my sincere apologies
to everyone. From time to time you cannot get exactly where you
need to be on time, and I very much apologize. I will catch up
on the reading here and not make any further statement, but
thank you all.
Senator Gorton, it is great to see you again.
[The prepared statement of Senator Kyl appears as a
submission for the record.]
Chairman Cardin. Senator Gorton?
STATEMENT OF HON. SLADE GORTON, FORMER UNITED STATES SENATOR
FROM THE STATE OF WASHINGTON, AND MEMBER, MARKLE FOUNDATION
TASK FORCE ON NATIONAL SECURITY IN THE INFORMATION AGE,
SEATTLE, WASHINGTON
Mr. Gorton. The Markle Task Force on National Security in
the Information Age is now some 7 years old and has issued
three reports on that subject, the latest of which focuses on
information sharing and the vital importance of appropriate
information sharing at all levels of government toward our
national security.
At one level, I have good news, Mr. Chairman and Senator
Kyl. We are not asking you for any new laws. We believe that
the two statutes that were passed pursuant to the
recommendations of the 9/11 Commission, which in turn depended
significantly on the Markle Commission's earlier reports, are
sufficient to do the job. The problem is in their
implementation. The problem is in a very slow-moving
bureaucracy which takes a long time in changing its habits. And
we want a major change in habit. We have lived for generations
on a basis of sharing intelligence on a need-to-know basis. We
think the philosophy ought to be ``need to share,'' with the
burden being on those who would not share rather than the other
way around.
The 9/11 Commission reported on ten lost operational
opportunities to derail the 9/11 attacks. Now, we cannot say
that any one of them or even all of them would absolutely have
done so, but we had ten chances that were missed, and every one
of them involved a failure to exchange, to share information
which was in the possession of one Government agency or
another. And so the current Markle Task Force report, which you
have and which you and your staff have read, says that even 7
years after 9/11, our Nation is still at risk. We need better
information to defend the homeland.
I am sure that Chief Manger is going to report that it is
much easier today to share information upwards from his level
than it is downwards from the national level to the law
enforcement agencies that are on the front line of our defense.
And that is only one example of where we have not done the job
exactly right.
We have a couple of very specific requests directed more at
the administration than they are here at the Congress. The
first one is that the program manager for the information-
sharing environment be lodged in the White House. That seemed
to be at the present time something of a bureaucratic morass
somewhere in the Intelligence Committee. In the White House,
that officer would have the ability to see to it that
information is shared appropriately.
And, second--and you mentioned this yourself, Mr. Chairman,
in your opening remarks--these two statutes have set up a
privacy board which is not yet appointed and in being. We also
believe that while the Obama administration has started very
well in setting out a philosophy for privacy, it needs to
enforce a uniform policy on all of the agencies of Government,
and it needs to make that policy enforceable, not just a set of
suggestions.
Finally, I want to express a real admiration for the two of
you and for your Subcommittee in one very important matter. You
are not going to get very much publicity or political credit
for doing the kind of oversight job that needs to be done.
Success breeds complacency, and we have now gone 7\1/2\ years
without a terrorist attack in the United States--partly due to
better laws and better enforcement, even though they are still
inadequate. And that means that people are paying attention to
other matters, and that complacency, in my view, is the cause
of the great risks that we run at the present time.
So you need to be on the forefront of harassing and talking
to people in the administration and getting them to do their
jobs right in a way that is probably not going to bring you
very much credit. But if you do it right, you will see to it
that that 7\1/2\ years of no attacks on the United States will
be many, many more years in the future.
[The prepared statement of Mr. Gorton appears as a
submission for the record.]
Chairman Cardin. Thank you, Senator Gorton. I appreciate
that very much.
Chief Manger?
STATEMENT OF J. THOMAS MANGER, CHIEF OF POLICE, MONTGOMERY
COUNTY, MARYLAND, AND CHAIRMAN, LEGISLATIVE COMMITTEE, MAJOR
CITIES CHIEFS ASSOCIATION, ROCKVILLE, MARYLAND
Chief Manger. Chairman Cardin, Ranking Member Kyl, I
appreciate the invitation to be here this afternoon speaking on
behalf of the Major Cities Chiefs of Police, which represent
the 56 largest police departments in the United States.
I am pleased to report that the relationships and
information sharing between and among Federal, State, local,
and tribal police has never been better. But we were coming
from a time when it was not very good. So the rest of the story
remains that there is still a great deal more to do to fully
engage the more than 18,000 law enforcement agencies in this
country as full partners in the quest for homeland security.
Federal agencies, despite their ever-improving efforts,
have still yet to completely leverage the vast resources of our
Nation's police and sheriffs.
Since September 11, 2001, the FBI and the Department of
Homeland Security--and all other agencies included in the
intelligence community--have made tremendous progress in
incorporating State, local, and tribal law enforcement into the
national effort to protect our homeland.
But as with any effort so monumental, any effort that has
achieved progress so quickly, we need to take a good, long look
at what has been created and make certain that what we have is
what we intended. Keep what is working and build on it,
eliminate duplicative efforts, and fix what is not working as
it should.
The areas of oversight for this Subcommittee are far-
reaching and critical. But because my time here is limited, I
want to focus on just a limited number of topic areas. I will
focus on the role of local law enforcement in homeland
security; several systems in place to facilitate the exchange
of information; establishing and maintaining safeguards for
everyone's privacy and civil liberties; and, finally, some
shortcomings from the perspective of local law enforcement.
Law enforcement's role in uncovering and disrupting
terrorist activities is well documented. Sergeant Robert Fromme
from the Iredell County (North Carolina) Sheriff's Office saw
two men enter a discount tobacco shop with over $20,000 cash in
a plastic grocery bag. These men came into the shop almost
daily buying many cartons of cigarettes. Fast-forward several
years and a long-term Federal investigation later, and the ATF
and FBI indicted 26 individuals who were using the proceeds
from a cigarette-smuggling operation to fund a terrorist group
based in Lebanon. A suspicious activity noted by local law
enforcement, appropriately documented and legally investigated,
results in a terrorist operation being shut down.
This type of story is repeated over and over again because
of the relationships and information-sharing mechanisms in
place within the Nation's law enforcement community.
I think everyone would agree that the key lesson that 9/11
taught us is that law enforcement is more effective when
relationships, protocols, and information exchange systems are
established and in place before a crisis strikes.
The national Suspicious Activity Report System--or SARS--is
an effort still in its infancy that needs to be invested in and
allowed to grow.
The SARS process has directly enhanced the ability of local
police to protect our communities from violent crime including
terrorism. And, most important, the SARS process can and will
be done in a manner that protects the privacy, civil liberties,
and civil rights of all.
The two greatest values of SARS are: one, the ability to
connect events that in the past would never have been
connected; and, two, it is a nationwide initiative that for the
first time is providing consistent criteria and consistent
training to all law enforcement personnel.
We are training our first responders how to identify
behaviors associated with terrorism-related crime and providing
them the training they need to distinguish between those
behaviors that are reasonably associated with criminal activity
and those that are not.
No police chief wants his officers involved in
confrontational interactions with people engaged in innocent,
constitutionally protected behavior.
Not every person wearing baggy pants is a gang-banger and
not every person videotaping the Washington Monument is a
terrorist.
Public safety is not enhanced and homeland security is not
increased by filling data bases with information about people,
organizations, and activities that have no nexus to criminal
activity or terrorism.
I firmly believe that the SARS system can operate with
strong protections for privacy and civil liberties while it
provides the Nation's best practice for information sharing
among law enforcement agencies. JTTFs and fusion centers can
also operate effectively with these protections. From a local
perspective, involvement in the JTTFs and fusion centers
remains the most effective way to stay on top of the latest
terrorist threat information.
Unfortunately, one of the harshest realities remains that
only if a police agency is capable of assigning someone to the
local JTTF, or a state or local fusion center, that agency is
likely to get its most timely threat information that it can.
Those agencies that cannot assign folks to those JTTFs and
fusion centers are still likely to get their most timely threat
information from the media.
The Montgomery County Police Department, like many large
police agencies, has the resources to assign our own personnel
to the FBI's JTTF and two fusion centers in this region. We
have assigned personnel to the Maryland Coordination and
Analysis Center, the MCAC, and the Washington, D.C., Regional
Threat and Analysis Center.
While there is some overlap in the intelligence and threat
information we receive from these three operations, at any
given time one center will have information that is of interest
to Montgomery County that the other two do not have. By virtue
of our proximity to the Nation's Capital, it is best that we be
plugged into all three sources. It is staff intensive and
highlights the importance of Federal funding of intelligence
analysts that work for the State and local agencies.
Another area that has been a long-term issue is the need
for a nationwide system for Federal security clearances. DHS
has been very accommodating for sponsorship of security
clearances, and the FBI likewise has sponsored clearances for
police officials that have membership in the JTTF. Constant
promotions, retirements, and transfers make it very difficult
for the FBI and DHS to keep up.
While the Major Cities Chiefs and Major County Sheriffs
applaud the FBI and DHS for their willingness to provide
clearances, there has been little progress in accomplishing a
process for reciprocal acceptance of those clearances to access
systems and conduct briefings. Refusal by one Federal agency to
routinely accept the clearances issued by another is a
disruptive policy that contradicts information sharing and
threatens our progress toward realizing the goals of the
Committee. The chiefs and the sheriffs ask for your help to
resolve this issue once and for all.
Another issue involves the sharing of some information with
the JTTFs. While fusion centers allow law enforcement agencies
to share information generally, there is a problem when the
information goes through the vetting process at the JTTF. If
the FBI decides to enter the information into the Guardian
system for further investigation by the JTTF, the information
immediately becomes classified, thus limiting access to the
information.
So if, for example, a Guardian lead is investigated
involving fraudulent identifications, and it is later
determined that the individuals involved have no nexus to
terrorism, the lead is then closed by the JTTF. Local police,
however, may be interested in working the case from a local
crime perspective--an identity theft case. Unfortunately, the
information gathered by the JTTF remains classified and often
unavailable to local police. These issues require continued
work between the FBI and local authorities.
Let me summarize. SARS is working. Let's find a way to get
it fully implemented around the Nation--the training, the
accountability, and the technology.
Fusion centers are working. Let's ensure safeguards are in
place to protect our civil liberties and that all centers are
equipped to combat both crime and terrorism. Done legally and
done effectively, these centers have been responsible for the
arrests of bank robbers, criminal street gang members, money
launderers, and terrorists. The cases were made because
multiple jurisdictions quickly linked crimes, patterns, and
individuals involved in criminal wrongdoing. The value of
fusion centers is the information they put out to all
stakeholders.
Every local police or sheriff's department has the
particular mission of protecting neighborhoods--protecting
communities from crime and terrorism. Cops on the street are
uniquely positioned to receive and document information from a
variety of sources that could assist the Federal Government in
maintaining our homeland security.
We have systems in place to facilitate the sharing of that
information. Let's make sure all agencies are plugged in. We
have systems in place to facilitate the sharing of that
information. Let's ensure effective analytic capability so that
we do not go down the wrong road.
These systems are in place to facilitate the sharing of
that information. Let's establish safeguards so that
information is used appropriately and hold people accountable.
We have systems in place to facilitate the sharing of that
information. Fund these systems and allow them to mature and
improve. It will make our neighborhoods safer and our homeland
more secure.
Thank you.
[The prepared statement of Chief Manger appears as a
submission for the record.]
Chairman Cardin. Thank you very much, Chief Manger.
Ms. Fredrickson.
STATEMENT OF CAROLINE FREDRICKSON, DIRECTOR, WASHINGTON OFFICE,
AMERICAN CIVIL LIBERTIES UNION, WASHINGTON, DC
Ms. Fredrickson. Thank you very much, Chairman Cardin,
Ranking Member Kyl, for holding this very important hearing.
We all agree, clearly, from this panel that law enforcement
has a legitimate need to share lawfully collected information
regarding terrorism and other criminal activity in an effective
and efficient manner. But we should also all agree that
increasing the Government's authority to collect and
disseminate personally identifiable information about Americans
can pose significant risks to our privacy and civil liberties.
Last year, as Senator Cardin mentioned, the ACLU of
Maryland exposed an extensive Maryland State Police spying
operation that targeted at least 23 non-violent political
advocacy organizations based solely on the exercise of their
members' First Amendment rights. The Maryland State Police
spied on an array of political and religious organizations,
including religious groups like the American Friends Service
Committee, immigrants rights groups like CASA of Maryland,
human rights groups like Amnesty International, anti-death
penalty advocates like the Maryland Citizens Against State
Executions, and gay rights groups like Equality Maryland. None
of the Maryland State Police reports from these operations
suggested any factual basis to suspect these groups posed any
threat to security. Not surprisingly, no criminal activity was
discovered during these investigations, some of which lasted as
long as 14 months. Despite this lack of evidence, the Maryland
State Police labeled many of these activists ``terrorists,''
distributed information gathered in the investigations widely
among law enforcement and intelligence agencies, and uploaded
the activists' personal information into a Federal drug
enforcement and terrorism data base.
The Department of Homeland Security was also involved,
collecting and disseminating e-mails from one of the peace
groups to assist the State police spying operation. From a pure
information-sharing perspective, things were working well. But
the sharing of such erroneous and irrelevant information
provided no security benefit to the people of Maryland and only
undermined the credibility of State and Federal intelligence
systems.
In recent years the ACLU has uncovered substantial evidence
that domestic intelligence powers are being misused at all
levels of government to target non-violent political activists.
In addition to the Maryland State Police investigations, the
ACLU of Colorado and the ACLU of Northern California uncovered
widespread illegal spying by Federal, State, and local
officials. ACLU Freedom of Information Act litigation revealed
Joint Terrorism Task Force investigations targeting peace
activists in Pennsylvania and Georgia, and Department of
Defense intelligence operations targeting anti-military and
anti-war protestors from around the country.
The ACLU has produced two reports warning of problems at
intelligence fusion centers, so we were not surprised when
intelligence products written by fusion centers in Texas,
Missouri, and Virginia targeted a wide variety of political and
religious groups. And a well-publicized assessment published by
DHS this month warned that right-wing extremists might recruit
and radicalize ``disgruntled military veterans.'' And a DHS
contractor's report smeared environmental organizations like
the Sierra Club, the Humane Society, and the Audubon Society as
``mainstream organizations with known or possible links to eco-
terrorism.''
Abusive intelligence reports that share misleading
information about the ideologies and activities of non-violent
activists do nothing to improve security and only undermine
public support for law enforcement. While effective and
efficient information sharing among law enforcement agencies is
an important, and critical goal, intelligence activities that
target political dissent as a threat to security lead only to
misguided investigations that violate rights, chill free
expression, and waste the time and resources of our security
agencies.
Frederick the Great warned that those who seek to defend
everything defend nothing. Guidelines and regulations that
require law enforcement officers to have a reasonable factual
basis to suspect illegal behavior before collecting and
distributing personally identifiable information help curb this
abuse and focus finite police resources where they belong--on
criminal activity.
Congress has an obligation to examine and evaluate all
Government intelligence and information-sharing programs
regularly and withhold funding from any activities that are
unnecessary, ineffective, or prone to abuse.
We do not have to choose between security and liberty, and
I think it was in the Markle report that said this is not a
zero sum game. Security and liberty both support each other.
But in order to be effective, intelligence activities need to
be narrowly focused on real threats, tightly regulated, and
closely monitored. We look forward to working with this
Subcommittee to establish and enforce reasonable standards that
protect both privacy and security.
Thank you.
[The prepared statement of Ms. Fredrickson appears as a
submission for the record.]
Chairman Cardin. Well, once again, let me thank all four of
our witnesses. I found your testimony very helpful.
Senator Gorton, let me start, if I might. You said
something which I agree with, and that is, it looks like our
primary responsibility of this Committee is going to be
oversight. We have passed a lot of laws, and there is a lot of
authority, and it is a matter of getting it right. But much of
it is administrative more so than passing any new laws.
Then, Ms. Baird, you pointed out something that I found
interesting, and that is, rather than sharing the information
directly by transferring it to different data banks, as I
understood your testimony, you are saying that the collector
agency should maintain it, keep it current, and then make it
accessible for those who have use for that type of information.
That would certainly have handled one of our major concerns in
Maryland. We were concerned in Maryland not only with what the
Maryland State Police did, but the fact that they made that
information available to a Federal data bank, and we were
concerned that it was then being used extensively in a Federal
data bank when it should not have been in a Federal data bank
to start off with.
My question basically is: How does one access the
information if they do not know it exists? If you are doing a
criminal investigation or you stop someone, and if you do not
have access within your data bank to that information through
appropriate sharing, how do you get timely access to
information that allows you to deal with a terrorist threat?
Mr. Gorton. We came up with an analogy, the analogy to a
public library and the card catalogue and the old-fashioned way
of footing that. And under that kind of system, the gathering
agency would not publish it to every other agency by any means,
but it would have a short and anonymous index to the subject
matter, something of that sort. That would be available to the
other agencies, and then if another agency was in that subject
matter, they could seek through appropriate means to get a hold
of the entire bed of information that--the entire bed of
information itself. Just as, you know, you do not go to a
public library and wander up and down the aisles hoping that
you will find a book on the subject that you want; you look in
the card catalogue which has that very brief summary.
This is one way of keeping the information anonymous, not
spreading it willy-nilly to every potential reader by any
stretch of the imagination, but at least telling the searcher
who is looking for a particular subject that something on the
subject exists.
Chairman Cardin. But let me just give you an example. Chief
Manger is investigating some criminal enterprise in Montgomery
County that may very well be local, or it could very well be
connected to terrorist activities. How would he know that the
individuals that are participating in this activity are of
interest to the collectors of intelligence information
nationally as potential terrorists?
Mr. Gorton. If he came up with a particular name, I think--
and I am going to let Zoe correct me on this, if she wishes to
do so--about which he had reasonable grounds to feel might be
of national interest or some such thing, presumably he would be
able to find out whether or not the Federal Government had
information on that individual or on the type of the activity
in which he was presumably engaged.
Is that an accurate description, Zoe?
Ms. Baird. Yes, I think that is fair, and I think the point
is twofold: One, he has to be able to articulate why it is he
thinks this person is connected to terrorism, and he will be
accountable for that. But, secondly, the rules that need to be
written are rules which would say in passing that information
along to the relevant Federal agencies, say the FBI, does he
need to pass on the name, or should he pass on the character of
the activity that he is seeing to see if it might be related to
other activity that the FBI is concerned about?
Obviously, if a local police officer has hard information
or reasonable suspicion that someone is engaged in a terrorist
activity, they know what to do today. That is, you know, an
area that is pretty well worked out. But what we are talking
about is the use of intelligence information where the piece of
information one individual has does not tell the whole picture.
So you need to be able to ensure that that information gets
connected up with other people who might have other pieces of
information. And we could go back to the 9/11 story. You know
all those stories about the bits of information the FBI had,
the bits of information the CIA had, and how those dots were
not connected.
In fact, in our first report we showed how you could have
identified all 19 terrorists from publicly available
information, but terrorists are probably a little smarter.
Those terrorists were using the same addresses, even the same
frequent flyer numbers.
But the key answer to this is that we need the
governmentwide policies, and this is an area where you could
call in the agencies to account to you what are the policies
that they are using to answer these questions. How does a local
police officer know, with care, how to share information with
other agencies?
Chairman Cardin. Here is my concern. I do not know whether
the local law enforcement has enough dots to connect, and they
may very well need to access the national data bank in order to
get the missing dot that makes the connections.
Chief Manger, does this work the way----
Ms. Baird. If I could add one more comment before you
respond, because this may help in your response.
Chairman Cardin. Sure.
Ms. Baird. Take the scenario where, at the Federal level,
we have picked up information abroad that terrorists are
looking at the possibility of major terrorist attacks on
shopping centers--Mall of America, for example. There needs to
be a way for the national apparatus, even short of an actual
threat warning, to inform local police that they should be
observing shopping centers, and if they see information that is
suspicious, there is a place where that can be brought together
with what the foreign intelligence is. But there is no need for
the local police officer to know the details of the foreign
intelligence, and there is no need for everyone involved in
that information-sharing exercise to know the names of the
people who are being observed.
Chairman Cardin. And I think that is probably handled
through the Joint Terrorism Task Force and the fusion centers;
that if there is a reason for concern, that information should
get to law enforcement through those mechanisms. But my concern
is if there is not a red flag nationally about a problem that
would warrant notifying Montgomery County, but Montgomery
County has part of a scenario but not everything, how does it
fill in the blanks without having greater access than I think
you would normally give the local law enforcement to be able to
check that information?
Ms. Baird. The local law enforcement officer, if he is
concerned about something he is seeing in a shopping center,
should have a directory which says these are the other people
who have been looking at threat warnings related to shopping
centers, talk to them, create an ad hoc group that is going to
discuss what the problem is what they are observing. And that
is what we hope the overall information-sharing exercise will
encourage, is the forming of groups that share information
based on identifying that others are working a similar problem.
Mr. Gorton. Let me give you a specific example, if I can,
from 9/11. I believe, from my memory, that FBI agents in
Phoenix, I think, discovered that a significant number of
people were taking flying lessons but only how to take off and
never how to land. Now, the same thing was going on with
Moussaoui in Minnesota. But even within the FBI, you know, if
the FBI agents in Phoenix had said, ``Is this going on
somewhere else?'' they would not have gotten the information
back. If both of them had known it, it might very well have
been that the FBI would have authorized going after a subpoena
for Moussaoui's laptop--you know, which it did not do.
Now, if that did not happen in the FBI, just imagine what
would happen if the Chief of Montgomery County had found people
doing the same thing and, pre-9/11, had asked the FBI if it
were going on anywhere else. He would have gotten a blank wall
from doing that.
But take those bits of information. No one needed to know
the names to begin with. The fact that there were people in
various parts of the country taking these peculiar types of
flying lessons might have been something that brought them
together to the point at which they all went forward to the
next step. It would have been--it could have been anonymous,
would have been anonymous in the original instance. But it did
not even happen within the FBI, much less between the FBI and
any local law enforcement agent.
Chairman Cardin. And I agree with you on scenarios that
should be shared. I still have a concern about local law
enforcement. With Senator Kyl's permission, I am going to give
Chief Manger a chance just to respond.
Chief Manger. Just a couple of reactions. The system that
has been described, you initially asked would that work. And I
guess the short answer is I am not sure. Ideally, if we can put
the guidelines in place and have them be consistent throughout
the country, I think that absolutely needs to be done. And I
will tell you an example.
We have gang data-bases that we use regularly, every day,
in Montgomery County where there are individuals and
information about specific gangs as well as specific
individuals in this data-base. There is a specific set of
criteria, and it has been--we have discussed it with the
community, I think even with the local chapter of the ACLU
knows our criteria of how someone can get entered into our gang
data-base. The information is scrubbed every so often, but I
bring this up because if one of my officers stops somebody for
running a stop sign and, you know, because we have the
computers in the cars, we just routinely make ``Wanted'' checks
on someone, you know, is that a bad thing? Now, all this person
has done is run a stop sign. But shouldn't that officer know
that this person is listed in the gang data-base and in the
information in the gang data-base, they were arrested a year
ago and they were carrying a gun? I think that is information
that is good for that officer to know.
Now, again, the officer can deal with the running of the
stop sign and that is it, but that is information that I
believe is necessary for my personnel to have.
If there are criteria for how someone gets into a data-base
and that criteria is agreed on and has protections in it, then
I think that it makes sense for that officer who, you know,
stops that individual for running a stop sign, if they are on a
terrorist watchlist or have some nexus to terrorism, I think it
is good that the Federal authorities are made aware that this
person ran a stop sign, just for their information. Now, is
that going to open up a case? No. But that kind of information
sharing could end up being useful. We do not know.
Another example. We had a case where a maintenance person
in an apartment complex called us and said, ``I have got a
suspicious activity. We have a group of men who have rented an
apartment. They pay their rent in cash at the end of every
month. We just had to go in to change the furnace filters. We
went in there. There is not a stick of furniture in this
apartment, but there are magazines. There are flight
instruction magazines in the apartment.''
They called us. Now, there is not a law that has been
broken. There is no law that says you have to have furniture in
your apartment. There is no law against subscribing to flight
instruction magazines. But what you have here is, in my view, a
situation that warrants further looking into.
You know, my folks are not equipped to do terrorism
investigations, but, you know, that kind of information needs
to be shared with the JTTF. And that is what it was. We turned
all the information we had over to the JTTF.
And so I think the key here is having a set of guidelines
for information. If information is in the data-base, then it
has already been scrubbed. It has already been verified as
being appropriate to be in a data-base. And if that is the
case, then we should be able to share it with anybody.
Chairman Cardin. Let me turn to Senator Kyl. We may come
back to this in the second round.
Senator Kyl. Thank you, Mr. Chairman. I am interested in
the same thing, so you are doing a good job of cross-
examination there.
Ms. Fredrickson, just on that last point, anything wrong
with the Chief's folks sharing with the Joint Terrorism Task
Force information that they came across, including, let's say,
the names of the people who leased the apartment, just as
something that they might want to look into?
Ms. Fredrickson. Well, I would like to go back to something
that the Chief said in his testimony, which I think puts us
exactly in the same place. He said that it is important to make
sure that the officers are looking at individuals or events
that are reasonably associated with criminal activity. And I
think this is an example similar to the running of the stop
sign.
What we have a problem with is what the Maryland State
Police was involved with----
Senator Kyl. OK. I heard you testify about that. But there
is no obvious criminal activity in the circumstance that he
discussed. In retrospect, knowing what we know about 9/11, you
know, a light bulb would go on in our mind. Pre-9/11, I am not
sure that your guy seeing that would have necessarily called a
joint task force, if it existed at that time.
Chief Manger. You are right.
Senator Kyl. I am just presupposing that.
Ms. Fredrickson. And I think this is why there is a need,
exactly what Ms. Baird also called for earlier, there is a need
for standards. There is a need for standards governmentwide. I
think we have a lot of different government entities--the
JTTFs, we have the fusion centers, we have a lot of different--
I am getting back to your----
Senator Kyl. Let me just interrupt you there. What kind of
a standard would be appropriate for the circumstance, just the
real-life circumstance that the Chief just talked about.
Ms. Fredrickson. Well, I think you have to be very careful
not to start putting people's names in data-bases if there is
not something some reason to believe that they are associated
with some criminal activity. I think bringing to Federal task
forces this paradigm, I think, again, to refer to what my
colleagues have said on this panel, you know, you have to
disassociate personally identified information from
circumstances----
Senator Kyl. But if I can interrupt you, how do you--some
three people rented an apartment that had only magazines in it.
Well, can you give us their names so we can see if they have
some previous terrorist activity? No, I cannot do that. I mean,
what good is the info that there was an apartment rented by
three people that had no furniture, but just a bunch of----
Ms. Fredrickson. Well, I would say that in most
circumstances, that information would probably not be
worthwhile, and you really do have to be careful about
putting--every time you discover an apartment with only
magazines, and you look at the people's names on those
magazines, and they go into a Federal terrorism data-base, I
think that is probably quite problematic.
Senator Kyl. Are you maybe jumping some--they go into a
Federal terrorist data-base. I think you are skipping one step.
The names are reported to someone who determines whether or not
they have any kind of information on them. Wouldn't there be a
standard before they are actually put into the data-base to try
to connect them? Chief, would that be the normal step that
would be taken?
Chief Manger. Yes. I think the key there is, you know, we
reported the information to the JTTF. I would be very
discouraged if the JTTF just took the names of those four
people that were on the lease and stuck them in the data-base.
What they need to do is an investigation at this point.
Senator Kyl. Right.
Chief Manger. And I think it is prudent to do that
investigation and then, based on the results of that
investigation, then determine whether those names should go in
the data-base or not.
Senator Kyl. Could I ask any of you--and maybe, Chief, you
are the one to answer this--what kind of information generally
is in the SARS data-base?
Chief Manger. It is suspicious activity reports, and it is
anything that has a nexus to terrorism. I mentioned that----
Senator Kyl. Is it terrorism only? Or could it be drug
running or----
Chief Manger. SARS is primarily for terrorism.
Ms. Baird. I could maybe jump in try to shed some light on
this in terms of the kinds of guidelines that are needed. The
circumstance that we do not want to miss is a situation where
the FBI in its Intelligence Unit, for example, has information
from the CIA that is causing it to look for terrorists who
might be living in Baltimore, and then to find that the local
police find this apartment, find the flight manuals, and we
have some other information which says that there is a
terrorist group that is trying to use airplanes to commit a
terrorist act.
The situation we do not want to be in is where that
information cannot be looked at as a whole by someone who is
analyzing the situation. On the other hand, we also do not want
to be in a situation where we are taking the names of people,
where we have no information at all that they have committed
any crime, and we are running them against law enforcement or
Federal data-bases.
So I would say that this is a very good example of the care
with which these guidelines need to be written because I would
think that in a circumstance like this, the local law
enforcement can say we got a report of this apartment, these
magazines, no reason to think anybody is involved with a crime,
but someone was suspicious about this. It is just like the
original stories of the time of 9/11 where the Attorney General
was talking about the need for the UPS truck driver who sees
something suspicious to be able to have someone to call, and
the magnificent op-ed written by a UPS truck driver in the New
York Times which said, ``I do not want to start becoming a law
enforcement officer and reporting on the people I see on the
street.'' Well, we have to figure that out as a country.
So what I would say is you need a place, a circumstance, a
guideline which says something that low level--an empty
apartment with some magazines lying on the floor--I would not
jump to the belief that that person is engaged in terrorism, or
we will have laws passed which say we cannot look at any
information, because that is not the country we live in.
Senator Kyl. Well, if I----
Ms. Baird. But we need to--if I could just finish, we need
to be able to have someone who might be looking for a terrorist
cell in that city, maybe even in that neighborhood, have some
suspicion brought to their attention without necessarily having
to identify the names, but the ability to go back and find out
those names if someone has a reason, can document a reason to
obtain them.
Senator Kyl. Well, with all due respect, a lot of police
work is based on hunches and suspicions, and this reminds me of
another suspicious activity that turned out to be a problem and
so on. And I think if you try to put too many restrictions on
what police officers can follow up--they are not accusing
anyone of a crime. They are not putting him into a data-base.
What they are doing is saying here are names of three guys on
magazines that we picked up under somewhat suspicious
circumstances to the Federal authorities, is there anything
about these three guys that you already know that might lead us
to want to follow it up? I see absolutely nothing wrong with
that. Do you? Ms. Baird?
Ms. Baird. Well, I think the really important part of what
you said is the police officer's knowledge of what is
suspicious. I think we have to honor that and certainly enable
that. But I think we also have to ensure that that
professionalism is carried through and that by opening up an
information-sharing environment and an intelligence role for
law enforcement officers, that we do not say to law enforcement
anything goes now, there are no rules. And that is the problem
we have had. And, quite frankly, it has been more an inhibition
on the law enforcement officers who want to participate in an
information-sharing environment because they are used to
following rules and laws, and they need the new rules and laws
that operate in the intelligence context, which is different
than the law enforcement context.
One of the reasons that the rules might be less stringent
in the intelligence context is that the way we act against that
information is to not take away someone's liberty by locking
them up. In other words, a law enforcement investigation brings
the power of Government behind it; whereas, an intelligence
investigation might not have the same consequences for an
individual.
Senator Kyl. So there could be different standards,
depending upon the nature of the investigation.
Ms. Baird. Right.
Senator Kyl. Thank you.
Chairman Cardin. Well, continuing this line, because I
think this is really the critical part, we are trying to get it
right on sharing of information. And it is interesting, I think
we might be drawing a distinction between information and
intelligence. If we gather too much information, we can clog
the system and violate privacy, make it very tempting to
violate privacy. If we do not collect enough information, then
good leads go--you do not follow them up. You do not deal with
what we should do to keep people safe.
Now, do not oversell the Maryland situation. The Maryland
situation, they did a full investigation. There was nothing
there. Nothing should have been forwarded to the Federal
Government. It was. It was wrong--violation clearly of laws and
privacy--and the Maryland Legislature has taken action. I have
not had a chance to review their statute. I know the summary of
it, and I would be curious. We can maybe talk later about how
effective you believe the Maryland Legislature will be. I am
also interested in Chief Manger's view as to what the Maryland
Legislature did.
But I think the challenge we have here, we need uniformity
on guidelines. We have got to know what the right rules are,
and they have to be enough to share information so that when
you get information that requires a follow-up for you to
complete an investigation, either you turn it over to the
appropriate agency to complete the investigation, or you
complete the investigation with access to information and
intelligence that have been gathered that you should be able to
get access to. That is what we are trying to achieve.
I am somewhat concerned about having to draw too many
conclusions locally before local law enforcement has access to
actionable intelligence information. And I know this is a
difficult balancing act, but I do have that concern. And I
think we are going to need to follow that up in more detail.
But, Chief Manger, I want to ask you a question because you
pointed out a real practical problem we have for local law
enforcement in getting information. We have the fusion centers.
We have the Joint Terrorism Task Forces. But if you cannot
either participate in that or you do not have the resources to
assign an intelligence officer to participate, your chances of
getting timely intelligence information may be lost.
So I look at some of our smaller law enforcement agencies
in Maryland who cannot afford to hire full-time intelligence
officers to participate in this and wonder how they get access
to information they need in order to participate in keeping our
communities safe from terrorism.
Chief Manger. That is the million-dollar question, and I do
not have the answer other than to say the FBI offers LEO, Law
Enforcement Online. That does provide some information to
anyone who gets an account. It is restricted to law enforcement
only, and you can get into that data-base and get some
information.
For instance, in the smaller jurisdictions within
Montgomery County, I try and maintain a very good dialog with
those jurisdictions so that when we get information about a
threat, we share that information. But, I mean, I cannot worry
about sharing it with the city of Frederick or, you know,
Hagerstown or somewhere else. So, you know, they are sort of at
the mercy of the agencies that are plugged in whether they get
that information in a timely manner. The fact is they usually
get it from CNN. That is where it ends up getting to them. By
that time, everybody has got it.
Chairman Cardin. Yes. Senator Gorton?
Mr. Gorton. Mr. Chairman, I would like to go back to
Senator Kyl's question, and I must tell you that sitting here
and listening to a question de novo, I do not believe that I
know the answer to that question in any highly positive
fashion. But I believe that is the very reason that we made our
recommendation that while this administration has taken a good
first step in coming up with information-sharing guidelines for
the Federal Government, it ought to make certain that those
guidelines are, one, mandatory and, two, you know, apply to all
of the agencies, because under those circumstances, people who
spend a lot of time thinking very carefully about the values on
either side of those questions will have thought them out, I
trust, with great care.
And then if we get this privacy board actually appointed
and in business, you know, there will be an entity, again, that
focuses, I think, very, very carefully on this kind of
question. Both the 9/11 Commission report and Ms. Fredrickson
in her testimony stated something that ought to simply be a
truism. We are not engaged in a zero sum game here in which
every enhancement of national security can only come because we
are limiting civil liberties or every attempt to validate civil
liberties is going to decrease our national security. The two
can work together. They can be self-reinforcing.
When I get asked a specific question like that, I just hope
there is someone who has thought about it more than I have in 5
minutes right here and can come up with a set of rules and a
set of policies that will make it work. And I believe that is
clearly possible, and that your function here as a Subcommittee
is to try to push the administration into doing that as
promptly and effectively as possible.
Chairman Cardin. Thank you.
Ms. Fredrickson, I wanted to give you a chance to respond
as to what you would urge us to look at on guidelines are our
highest priorities on protecting the legitimate privacy and
rights of our citizens.
Ms. Fredrickson. Well, we have a fuller set of
recommendations in the testimony we provided to the Committee,
but I think one of the important parts is to go to 28 CFR Part
23 and codify that regulation, which would establish a
reasonable suspicion standard for all criminal intelligence
information collection programs and limit dissemination absent
a legitimate law enforcement need.
I think it is very critical that there be standards that
are governmentwide, that will be clear for law enforcement and
will prevent the kind of surveillance based on First Amendment-
protected activities that we have seen not just in Maryland,
although that was one of the more recent examples, but across
the country.
Chairman Cardin. Under that guideline, would Chief Manger
be able to enter information concerning that apartment that he
observed?
Ms. Fredrickson. Well, I think there was a general
agreement that information would be entered into a data-base
without some kind of corroboration of actual criminal activity.
But whether there would be an ability to talk to fellow
departments and speak with the Federal Government about whether
or not there were similar activities that had been observed,
you know, I do not think that would be precluded at all.
Chairman Cardin. Senator Kyl?
Senator Kyl. Chief, one of the things you said was that we
need to make the SARS more broadly available, or words to that
effect. Two questions. How available? What exactly are you
talking about? And, second, what is keeping that from
happening? Which would lead us, obviously, to the third point,
which is how to make it happen.
Chief Manger. It is still a very new program, and each
individual police agency--and there are 18,000 police agencies
in this country--has to make the decision to hook into this.
And it takes technology, it takes, you know, funding, and some
departments--the Los Angeles Police Department has been a
pioneer, done a nice job at getting in there.
The Montgomery County Police is just getting plugged into
the SARS program, and it is a pilot agency for the State of
Maryland.
Senator Kyl. So it basically requires you to get the
funding to physically by computer tie your system into that
system so that your officers, or at least some of them, can
access that information.
Chief Manger. That is correct. And then also the key here
is having an analyst who knows what should go in and what
should not go in, and the training, the guidelines,
everything----
Senator Kyl. So this is interactive in the sense that your
guys can put stuff into it as well. They are not merely gaining
access to information somebody else has already put in.
Chief Manger. That is correct.
Senator Kyl. One reason I mention this is that yesterday
Senators Lieberman, McCain, and I held a hearing in Phoenix
about the drug cartel activity coming through Mexico and
spilling over into the United States. It is an awful situation,
and we asked the Phoenix police chief, for example, what to do
about it. He had several stories, and one of the points he made
was that they need to be able to get into the SARS system. I
did not ask him at that point, ``What do you need to do that?''
But they will stop someone on a traffic charge and then only
later find out that the car was owned by a drug dealer or had
been stolen or was operated by someone known to be a carrier
for the cartel or something of that sort. And so he was
lamenting the fact that they were not tied into it. So it is
primarily a matter of resources for local police to tie into
the system. Is that correct?
Chief Manger. That is correct.
Senator Kyl. Well, it is good to know that it is only
resources.
One of the questions that I had was this comment that, Ms.
Fredrickson, you made. You said the current method of homeland
security is an ``all crimes, all hazards'' approach. And I
would just like to know from the members of the panel, is that
OK? Or were you suggesting that that is a real problem?
Ms. Fredrickson. I was suggesting that is a problem because
it is wasting resources that should be focused on criminal and
terrorist activity.
Senator Kyl. But the example that the Subcommittee--in 2004
we had a Subcommittee hearing, and here is a quotation from the
testimony: ``Three of the 19 hijackers on September 11th were
stopped by State or local law enforcement officials in routine
traffic stops in the weeks leading up to the attacks on the
Nation. For example, on September 9th, 2 days before the
September 11th attack, Maryland State Police stopped Ziad
Jarrah for driving 90 miles an hour in a 65-mile-an-hour zone
in a rural section of I-95 near the Delaware State line. A
videotape of the stop shows the State trooper approaching the
car, obtaining the driver's license and registration, returning
to his patrol car for a radio check of the credentials. Jarrah,
who was on the CIA watchlist, was given a ticket and allowed to
go.'' And there are other similar situations.
Now, that is an example where if we had really applied the
``all crimes, all hazards'' approach, we might have been able
to identify him, is it not? And that would have been a good
thing, would it not?
Ms. Fredrickson. Well, what we were referring to in the
testimony was actually the examples that we discussed, which is
of law enforcement mistaking First Amendment-protected activity
for suspicious activity and using resources to track, for
example, in Maryland anti-death penalty activists or anti-war
activists or gay rights activists. That is what we are talking
about when we are talking about--the gathering of this kind of
information, the sharing of that kind of information with
Federal law enforcement and the clogging of the data-bases with
that irrelevant----
Senator Kyl. Well, if I could just interrupt, these are
your words, not mine, the ``all crimes, all hazards'' approach.
I interpreted that to mean that you had to have a crime, that
you are not just targeting free speech activity, but you have
to have a crime, first of all, and then see whether or not that
leads you to something else.
Ms. Fredrickson. Well, that is not what was intended in
that statement. It really is ``all hazards'' point of view, and
what we are saying is that there needs to be appropriate,
effective attention actually to crimes and to terrorist
activities.
Senator Kyl. So just the general proposition that when a
crime is committed, let's say a traffic stop, and then
something else is investigated or the data-base is accessed to
see whether this would lead to anything else, as a general
proposition that is not what you were criticizing, is that----
Ms. Fredrickson. No.
Senator Kyl. Anybody else on the panel want to refer to
that?
[No response.]
Senator Kyl. It seems to me that, just as a general
proposition--let me get your reaction to it--that while
guidelines are really important when you are investigating
these kinds of activities, you also need to be very careful
that you do not get into a situation analogous to the wall of
separation that existed before 9/11, where an arbitrary legal
standard prevented the sharing of data. And I can just see one
of the officers pulling out a manual about the size--I mean, if
you have ever seen a flight manual, they are about that thick--
and trying to figure, OK, now here is what happened, what can I
try to find out and where do I find it out? I mean, I think you
would all agree, would you not, that this has to be done in a
very usable way, and that argues against really complicated
legalese that is going to make it very difficult for the people
on the spot to be able to access the information in a quick and
profitable way. Ms. Baird?
Ms. Baird. Senator Kyl, if I could comment on that, in my
opening statement I made a statement I would like to reiterate,
which is that we need these guidelines not just to constrain
Government employees but to empower them, that there is a great
deal of uncertainty now about what people are authorized to do,
and so they are not doing it.
And the second comment I would make is that you are
absolutely right that this has to be very easy to understand
and you need to be able to walk around the building, stop
somebody in the hallway, and ask them the question and have
them be able to answer it. It has got to be that, you know,
real time that they know what the answer is of what they are
able to do. And we can help that with technology. We can
facilitate it by having automatic authorizations or approvals
of things that happen because a particular individual enters
their identification code and the reasons why they think they
need the information. So if we can get the technology systems
built as well as the policies written, we ought to be able to
facilitate this.
But the lack of adequately robust policies now is really
slowing things down more than the technology question, and if
anything, the technology is getting out ahead of the policies.
And so you are creating more and more ways that we might
collect or analyze information, but people are not using it or
do not know what they are empowered to do because they do not
have robust enough policies.
So I think you are absolutely right, the objective here is
not to write a rule book. You know, when I first went to work
as general counsel of the chairman, they handed me a 2-inch
thick glossary of terms of that industry, and I said, ``If I
have to learn this, I cannot do my job.'' You cannot weigh
people down with things that make it impossible for them to
understand what they have to do. But we do need these rules to
empower people so that they are not afraid to act because they
do not want to wind up here in front of you saying why they did
something without any real authorization that they can point to
to say that they were supposed to do it.
Mr. Gorton. I just want to emphasize my full agreement with
Zoe in that respect. In this report we say we want a paradigm
of need to share rather than need to know. And traditionally in
the Federal Government--on this point, I am speaking only of
sharing within the Federal Government--there have been great
penalties for the unauthorized sharing. And that is why you
absolutely had to prove you needed to know something before you
got it, and you did not know what you did not know so you could
hardly look for it.
We need a set of policies that is at least as encouraging
for the sharing of information with people and agencies that
have some reasonable access to it than there are penalties for
unauthorized sharing. And, again, you are absolutely right, it
has got to be clear. People have got to be confident in what
they are doing.
Chairman Cardin. Let me again thank the witnesses for their
testimony. As I said at the beginning, this is the first
hearing of this Subcommittee. It is intentional to be the first
hearing because I consider this to be our most important
responsibility in making sure that actionable intelligence
information is gathered in a way that is made accessible to
those who can prevent terrorist activities in our country. And
I think the comments that have been made about the laws are
adequate, provided that there is proper oversight and there are
clear guidelines, which we have not yet implemented in our
Government. So it is an issue that our Committee will clearly
be continuing to have interest in and conduct additional
oversight in these areas.
So, once again, let me thank our four witnesses for
participating in this hearing. The hearing record will remain
open for 1 week for any additional statements or questions, and
with that, the Subcommittee will stand adjourned. Thank you.
[Whereupon, at 3:55 p.m., the Subcommittee was adjourned.]
[Questions and answers and submissions for the record
follow.]
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
�