<<

. 23
( 53 .)



>>



attacks of September 2001 could have been averted if government
agencies had been more effective in sharing information about poten-
tial threats. There were other possible diagnoses of the events that
led to September 11, such as the unwillingness of political leaders to
bear the cost of tightening security before the attacks. The empha-
sis on weaknesses in information sharing had the advantage of pin-
ning responsibility for the failure to deter the attacks on bureaucratic
pathologies rather than indifferent leadership.
Having said this, there was substantial evidence that the secu-
rity and intelligence community had failed to share information fully,
and that its capacity to “connect the dots” and see the looming threat
had been compromised. Federal agencies (said the Joint Congres-
sional Inquiry into September 11 in its 2002 report) “did not bring
together and fully appreciate a range of information that could have
greatly enhanced its chances of uncovering and preventing Usama
Bin Ladin™s plan to attack these United States.”47 The Central Intelli-
gence Agency had not shared leads with the Federal Bureau of Inves-
tigation. Regional of¬ces of the FBI had not shared information about
investigations of related terrorist threats. The CIA and FBI both failed
to warn the Immigration and Naturalization Service that newly dis-
covered al Qaeda associates should be added to its border watch list.3
In 2004, the 9/11 Commission reached a similar conclusion: Most of
the “missed opportunities” to thwart the 2001 attacks arose because
of the failure of federal agencies to share information.48
New awareness of the United States™ domestic vulnerabilities also
led to complaints about the federal government™s limited efforts to
share information with state and local of¬cials. In the months fol-
lowing the attacks, mayors and police chiefs criticized the FBI and
newly appointed homeland security staff for their unwillingness to
trust state and local agencies with details about investigations and
potential threats.49 (A study of the New York Police Department™s
response to the World Trade Center attacks by McKinsey & Company
found that it undertook “minimal intelligence sharing with federal
agencies” before September 11.50 ) The federal government™s capacity
to coordinate with public health agencies and emergency responders
in lower levels of government, and the capacity of state and local
agencies to exchange information laterally, was similarly weak.
Governmental failures in information sharing were contrasted
with the presumed strengths of al Qaeda itself. The terrorists “worked

140
Opaque Networks


together,” wrote the journalist John Miller, who had tracked al Qaeda
for a decade. “That was one of the terrorists™ great strengths. . . . They
shared critical tactical information across units.”51 Al Qaeda seemed
to be structured as an “all channel” or “full matrix” network, in which
each cell was able to communicate easily with all others. This “all
channel data ¬‚ow” made al Qaeda more agile and resilient. To ¬ght the
terrorists, government agencies would have to learn from its exam-
ple. Sharing information with partners in the terror-¬ghting network
would have to become the norm.52
The need for improved communication between agencies soon
became one of the mantras of reform. The 9/11 Commission urged
federal agencies to develop a “decentralized network model” in
which information would be “shared horizontally” across agency
boundaries.53 Federal homeland security of¬cials called informa-
tion sharing one of the “four foundations” of improved security, and
promised to build

. . . a national environment that enables the sharing of essential
homeland security information. . . . Information will be shared
˜horizontally™ across each level of government and ˜vertically™
among federal, state, and local governments, private industry, and
citizens. With the proper use of people, processes, and technology,
homeland security of¬cials throughout the United States can have
complete and common awareness of threats and vulnerabilities
as well as knowledge of the personnel and resources available to
address these threats.54

“Sharing information,” Homeland Security Secretary Tom Ridge told
governors in August 2003, “is at the heart of what we do as a
country.”55
Information sharing requires a set of ground rules on the han-
dling of sensitive information. One response to the new demand
for better networking in the months following September 11 was
an adaptation of the rules already established for the circulation of
classi¬ed national security information. In March 2003, the Bush
administration amended the executive order that governs the clas-
si¬cation system so that it could accommodate information relating
to homeland security concerns.56 The list of agencies with authority
to classify information was also broadened to include some “ such as
the Department of Health and Human Services, the Department of

141
Blacked Out


Agriculture, and the Environmental Protection Agency “ that tradi-
tionally were not counted within the national security community.57
By early 2004, roughly 3,000 state and local of¬cials had been given
the security clearances needed to receive classi¬ed information from
the federal government.58
Many observers saw these developments simply as more evidence
of the Bush administration™s bent toward secretiveness. There was
truth to this, but it also neglected the extent to which new security
threats were causing a qualitative change in the classi¬cation system
itself. The system “ built to accommodate information ¬‚ows among
U.S. national security bodies and with the national security agen-
cies of other countries “ was being domesticated, to permit the ¬‚ow
of a broader range of information among a wider range of federal,
state, and local of¬cials. By domesticating the classi¬cation system,
transparency might actually be improved for those of¬cials who had
an appropriate clearance and a “need to know” the information con-
tained within the system.
However, the improved ¬‚ow of information came at a price: the
extension of the disclosure restrictions already embedded within the
classi¬cation system. Under federal classi¬cation rules, state and
local of¬cials are prohibited from declassifying or disclosing clas-
si¬ed information without the approval of the agency that classi¬ed
the information. As part of the clearance process, these of¬cials must
sign a nondisclosure agreement that reminds them of the penalties
for the release of information without federal approval.59 The agree-
ment asserts that shared classi¬ed information remains the property
of the federal government, and must be returned to the federal gov-
ernment on its request “ a legal gambit intended to further reduce the
risk of disclosure under state and local laws.60 (The probability that
information will be accessible under federal law is also dramatically
reduced once it has been classi¬ed.)
These restrictions on disclosure might seem less problematic if
we believed that the individuals responsible for determining whether
information should be classi¬ed were limiting themselves to cases
where disclosure seemed likely to cause real harm. Unfortunately
there was little evidence that this was the case. In August 2004 the
Deputy Undersecretary of Defense for Counterintelligence and Secu-
rity, Carol Haave, estimated that perhaps 50 percent of all classi¬ed


142
Opaque Networks


information was improperly classi¬ed.61 There are strong incentives
for federal of¬cials to classify information and few checks to ensure
that their discretion to classify is not overused.
Other programs aimed at improving information ¬‚ows put a sim-
ilar emphasis on the need to prevent the disclosure of information to
actors outside the network of government agencies. One of the most
prominent of these efforts was the creation by the Federal Bureau of
Investigation of dozens of new Joint Terrorism Task Forces (JTTFs).
JTTFs are investigative teams established by ¬eld of¬ces of the FBI
that include personnel from the FBI, other federal agencies, and state
and local law enforcement agencies. The ¬rst JTTF was established
in New York City in 1980. In the late 1990s, federal concern about
terrorist threats led to quick growth in the number of JTTFs “ from
eleven in 1996 to twenty-nine in March 2001. After September 11, all
FBI ¬eld of¬ces established a JTTF, as did ten smaller FBI of¬ces. By
2004, over eighty task forces were in operation.62
After 9/11, JTTFs were frequently presented as one of the fed-
eral government™s most important techniques for sharing information
with state and local law enforcement agencies. The head of the FBI™s
new Information Sharing Task Force told Congress in 2002 that JTTFs
“have proven to be one of the most effective methods of unifying fed-
eral, state and local law enforcement efforts to prevent and investi-
gate terrorist activity by ensuring that all levels of law enforcement
are fully bene¬ting from the information possessed by each.”63 The
Bush administration™s 2002 National Strategy for Homeland Secu-
rity, and the Joint Congressional Inquiry™s report on the September
11th attacks, also presented JTTFs as a major tool for information
sharing.64
Discovering the terms on which information is shared within a
JTTF has not been a simple matter. The rules that regulate the ¬‚ow
of information are contained in a memorandum of understanding
that is signed by each local police department and the FBI, but these
MOU™s “ like many international agreements on information sharing “
are rarely made routinely available. The Los Angeles Police Depart-
ment, like other major police forces, declined in 2003 to release its
MOU, arguing that disclosure might “result in a penalty or corrective
action” by the FBI.65 The Colorado chapter of the American Civil Lib-
erties Union resorted to litigation to obtain a copy of the JTTF MOU


143
Blacked Out


signed by the Denver Police Department.66 The University of Mas-
sachusetts at Amherst and the City of Spring¬eld, MA, also refused to
disclose their agreements to the ACLU after the Boston of¬ce of the
FBI warned that they had no authority to release “FBI property.”67
The FBI ¬nally released its template JTTF MOU in 2004.68 The
document showed that the FBI imposes strict controls on its JTTF
partners. Records for JTTF investigations are kept in an FBI ¬eld
of¬ce. Local police who are assigned to a JTTF agree not to disclose
sensitive information to non-JTTF members without the express per-
mission of the FBI, and may be required to sign nondisclosure agree-
ments by the FBI as well.69 (In addition, there is a more detailed ban
on discussions with the media unless approved by the FBI.) Local
of¬cers are sworn as federal marshals, making them subject to fed-
eral laws that prohibit the unauthorized disclosure of investigative
information.
The restrictions imposed by the FBI are so demanding that it lays
the initial proposition “ that the JTTF is an exercise in information
sharing “ open to question. There is no sense in which information
has been given to local authorities at all; the only local of¬cials who
handle JTTF information are those who have been deputized as fed-
eral employees, working on FBI ¬les under FBI supervision. It might
be more accurate to say that JTTFs extend the reach of the FBI by
incorporating state and local of¬cials into the FBI™s own structure.
From this point of view, the local police departments that balked at
releasing their MOUs understood the spirit of the exercise exactly:
They were not expected to exercise their own judgment about the
release of JTTF information.
The arrangement has the effect of enlisting local police forces in a
federally led security network while undercutting mechanisms tradi-
tionally used to maintain the accountability of local police forces. This
was a particular concern for the Colorado ACLU, which, in early 2003,
negotiated a settlement with Denver police following the revelation
that its intelligence bureau had systematically monitored the legal
activity of local protest groups. Weeks after the notorious “spy ¬les”
case was settled, a new question arose: Would local police assigned to
the Denver JTTF be bound by restrictions on surveillance just nego-
tiated with the ACLU?
Within months, the ACLU™s question proved to be more than hypo-
thetical. In November 2003, the New York Times, drawing on a leaked

144
Opaque Networks


FBI memorandum, reported that the agency appeared to have under-
taken a “coordinated, nationwide effort” to monitor protest activity
that enlisted local law enforcement of¬cials participating in JTTFs.70
The FBI™s new emphasis on monitoring, which it said was aimed at
deterring violent protests, was con¬rmed in another memorandum
leaked to the Times in August 2004.71 The in¬‚uence of the nation-
wide program was evident in Colorado, where the FBI acknowledged
that local police of¬cers assigned to the Denver JTTF were inter-
viewing activists about protests tied to the 2004 election.72 City of¬-
cials claimed that the ACLU™s 2003 settlement did not apply to the
JTTF,73 and the ACLU™s ability to determine precisely what local of¬-
cers were doing was undercut by the terms of the city™s agreement with
the FBI.
Concern about oversight of the JTTFs was not limited to non-
governmental groups. In April 2005, Mayor Tom Potter of Portland,
OR, announced that the city would withdraw from its partnership
with the FBI. Mayor Potter said that his main reason was the FBI™s
refusal to provide the mayor with the same security clearance given
to the two local police of¬cers participating in the task force. In Port-
land, the mayor is also police commissioner, and Potter said that
the FBI™s refusal would undercut the local government™s “oversight
process.”74
Another federal information-sharing initiative, the Joint Regional
Information Exchange System (JRIES), also imposed restrictions on
local of¬cials. JRIES was created in 2002 by the Joint Intelligence
Task Force, Combating Terrorism (JITF-CT), a unit of the Defense
Intelligence Agency. The JITF was established following the 2000
attack on the USS Cole as an “all-source intelligence fusion center
staffed, equipped, and directed to support an aggressive, long-term,
worldwide campaign against terrorism.”75 After the 9/11 attacks, the
JITF sought to create a domestic component to its information-
gathering network. By 2003, JRIES included ten state and local law
enforcement agencies and several federal defense and security agen-
cies, all of whom agreed to share information relating to terrorist
threats within the United States, including “strategic analysis” on
threats and “pre-incident indicator data.”76 In 2004, lead responsi-
bility for JRIES was moved to the Department of Homeland Security,
which announced its intention to expand the network to include all
¬fty states and ¬fty major urban areas.77

145
Blacked Out


As in the other cases, participation in JRIES is governed by a mem-
orandum of understanding between the state or local agency and the
lead federal agency. In 2003, major police forces such as the New

<<

. 23
( 53 .)



>>