Site Map

REPORT OF THE JOINT INQUIRY INTO THE TERRORIST ATTACKS OF SEPTEMBER 11, 2001

YOU ARE REQUIRED TO READ THE COPYRIGHT NOTICE AT THIS LINK BEFORE YOU READ THE FOLLOWING WORK, THAT IS AVAILABLE SOLELY FOR PRIVATE STUDY, SCHOLARSHIP OR RESEARCH PURSUANT TO 17 U.S.C. SECTION 107 AND 108. IN THE EVENT THAT THE LIBRARY DETERMINES THAT UNLAWFUL COPYING OF THIS WORK HAS OCCURRED, THE LIBRARY HAS THE RIGHT TO BLOCK THE I.P. ADDRESS AT WHICH THE UNLAWFUL COPYING APPEARED TO HAVE OCCURRED. THANK YOU FOR RESPECTING THE RIGHTS OF COPYRIGHT OWNERS.

officials check visa applicants or U.S. arrivals against lists of suspected terrorists and other undesirables.  With respect to suspected terrorists, the TIPOFF database is populated principally through the submission of names from the CIA.  Crucially, however, without CIA input, these officials cannot do their job -- and even terrorists known to the CIA will be able freely to acquire visas and be granted entry if the CIA has neglected to share their names with TIPOFF.

Alarmingly, this is apparently precisely what happened for years, because CIA was unwilling to share more than a small fraction of its information about suspected terrorists with State and INS.  Based upon clear internal guidance on December 11, 1999, the CIA was required to pass to the TIPOFF program the names of all persons it suspected of being terrorists [24] Before September 11, however, the Agency did not consistently do this.  Instead, it often provided the names of suspected terrorists to TIPOFF if the CIA already had information indicating that the terrorist planned to travel to the United States. [25]  Because of the practical impossibility of knowing the personal travel plans, in advance, of every suspected terrorist in the world, this inevitably meant that the CIA withheld hundreds or perhaps thousands of names from the TIPOFF database -- names of persons who were thus free to obtain U.S. visas and walk through INS booths without notice.  Indeed, even though it signed an explicit Memorandum of

_______________

24 CIA Office of Congressional Affairs Liaison Officer Gary Dionne, unclassified telephonic communication to SSCI Minority Counsel Christopher Ford (December 9, 2002).  The text of the December 11, 1999 guidance, however, is still classified.

25 CIA officials have informed SSCI staff that this occurred because State Department officials felt overly burdened with having to process all the names.  Their account, however, is not consistent with the State Department complaints about CIA practice recorded by the JIS.  See, e.g., JIS written statement presented to SSCI/HPSCI joint hearing (September 20, 2002), at 15.  In any event, it is clear that the "rules of the road" involved the CIA passing comparatively few names in violation of its own rules: by no one's account were the 1999 guidelines actually consistently followed as written.

35

Understanding (MOU) in January 2001 with the FBI, NSA, and State Department on watchlist procedures, State Department officials have complained to the JIS that the CIA still did not share many of its terrorism-related Critical Intelligence Report (CIRs) with the TIPOFF program in the months leading up to the September 11 attacks. [26]

What's more, the CIA apparently did not take its watchlisting responsibilities very seriously even when it did see fit to pass some names to TIPOFF. According to the JIS, the CIA provided its employees no training in this regard. [27] Indeed, one CIA official from the Counterterrorism Center's special cell devoted to tracking Al-Qa'ida told the JIS that he didn't feel that his organization needed to worry about whether anyone watchlisted Al-Qa'ida terrorists. [28] The CIA, therefore, apparently neither trained nor encouraged its employees to follow its own rules on watchlisting -- embodied in the December 1999 guidance -- and they clearly did not do so. [29]

_______________

26 JIS, written statement presented to SSCI/HPSCI joint hearing (September 20,2002), at 15.

27 JIS, written statement presented to SSCl/HPSC[ joint hearing (September 20, 2002), at 7-8.

28 JIS, written statement presented to SSCI/HPSCI joint hearing (September 20, 2002), at 8.

29 Strangely, to judge from the testimony given in Joint Inquiry hearings by JIS representatives, the JIS does not seem ever to have discovered that the CIA had "hard" guidance in place requiring such watchlisting. The CIA, however, has now provided me with a copy of its classified December 1999 guidance.

36

Nor, despite repeated inquiries about watchlisting standards, did the CIA apparently ever disclose the existence of this guidance to the JIS. As the JIS has recounted, "[w]e were told that there was, at the time, no formal system in place at the CTC for watchlisting suspected terrorists."30 This, however, was not true. As noted above, the CIA's December 1999 guidance specifically provided watchlisting standards -which were often ignored. By failing to provide this information to the JIS, the CIA thus managed to keep the fact that it violated its own rules out of the formal report of the Joint Inquiry.

_______________

30 JIS, written statement presented to SSCI/HPSCI joint hearing (September 20, 2002), at 7.

37

The magnitude of the CIA's watchlisting failures and the potential impact of this information-hoarding upon our country's preparedness for terrorist attack may be seen in the contrast between the CIA's pre-September 11 performance in this respect and its performance after the attacks. Within a month after September 11, the CIA provided more than 1,500 CIRs to TIPOFF that had it had previously withheld. The State Department reported a 455 percent increase in the number of names CIA provided during the months after the attacks -with the total provided rising from I, 761 during the three months before September 11 to 4,251 in the three months afterwards. [31] But for the shock of September 11, these thousands of potential terrorists would presumably still be free to obtain visas and enter the United States without anyone asking any questions, thanks to the CIA's apparent belief that only it can be trusted with its information. As it turns out, two of the September 11 hijackers did precisely this.

(2) The al-Mihdhar and al-Hazmi Story

What such watchlisting problems can mean in practice is illustrated by the failures of the CIA and FBI in dealing with Al-Qa'ida-affiliated terrorists Khalid al-Mihdhar and Nawafal- Hazmi. Their story is ably recounted by in the body of the JIS report, but its highlights are worth repeating here. Al-Mihdhar and al-Hazmi attended a terrorist meeting in Kuala Lumpur, Malaysia, in early January 2000. [32] This meeting was known to -and surveiled by -the CIA, which already knew that al-Mihdhar possessed a multiple-entry visa permitting him to travel to the United States. The National Security Agency (NSA) also independently possessed information linking al-Hazmi to AI- a'ida. Neither the CIA nor NSA, however, saw fit to

_______________

31 JIS, written statement presented to SSCI/HPSCI joint hearing (September 20,2002), at 15.

32 JIS, written statement presented to SSCI/HPSCI joint hearing (September 20,2002), at 5.

38

provide their names to the TIPOFF database. [33] There is apparently some confusion over whether the CIA told the FBI anything about al-Mihdhar and al-Hazmi. CIA e-mail traffic reviewed by the JIS, however, suggests that the CIA did brief the FBI in general terms. The CIA, however, still did not bother to tell the FBI that al-Mihdhar had a mllltiple-entry visa that would allow him to enter the United States. [34]

_______________

33 JIS, written statement presented to SSCl/HPSCI joint hearing (Sep1ember 20, 2002), at 6.

34 JIS, written statement presented to SSCI/HPSCI joint hearing (September 20, 2002), at 6- 7.

39

In early March 2000, the CIA learned that al-Hazmi had arrived in Los Angeles on January 15. Despite having just learned of the presence in this country of an Al-Qa'ida terrorist, the CIA told no one about this. The internal cable transmitting this information, in fact, contained the notation: "Action Required: None, FYI." [35] This information came at the height of the U.S. Intelligence Community's alarm over Al-Qa'ida's "Millennium Plot," and al-Hazmi's arrival had occurred at about the same time the CIA knew that Al-Qa'ida terrorist Ahmed Ressam was also supposed to have arrived in Los Angeles to conduct terrorism operations. [36] Still, however, the CIA refused to notify anyone of al-Hazmi's presence in the country.

By this point, both al-Mihdhar and al-Hazmi -both terrorists known to the CIA -were living in San Diego under their true names. They signed these names on their rental agreement, both used their real names in taking flight school training in May 2000, and al-Mihdhar even used his real name in obtaining a motor vehicle identification card from the State of California.37 In July 2000, al-Hazmi even applied to the INS for an extension of his visa, sending in this application using both his real name and his current address in San Diego (where he would remain until that December).38 INS, of course, had no reason to be concerned, since the CIA had

_______________

35 JIS, written statement presented to SSCI/HPSCI joint hearing (September 20, 2002), at 7; see also generally CIA officer, written statement presented to SSCI/HPSCI joint hearing (September 20, 2002), at 3.

36 JIS, written statement presented to SSCI/HPSCJ joint hearing (September 20, 2002), at 8 & 10.

37 JIS, written statement presented to SSCI/HPSCI joint hearing (September 20, 2002), at 8.

38 JIS, written statement presented to SSCI/HPSCI joint hearing (September 20,2002), at 8-9.

40

withheld the two terrorists' names from TIPOFF. Nor did the FBI have any reason to look for them -- e.g., by conducting a basic Internet search for their names or by querying its informants in Southern California -- since the last it had heard from CIA was that these two terrorists were overseas.

The CIA's failure to watchlist al-Mihdhar and al-Hazmi became even more alarming and inexplicable in January 2001, when the CIA discovered that the Malaysia meeting had also been attended by a suspect in the USS Cole bombing. This presumably made the two terrorists even more interesting to the CIA -and their known presence in the U.S. even more dangerous, by confirming their linkages to Al-Qa'ida operational cells -but the CIA still did not bother to inform TIPOFF. This failure was particularly damaging because al-Mihdhar was overseas at the time: putting his name on the watchlist would have enabled INS agents: to stop him at the border. [39]

Even when given the opportunity to tell the FBI -in face to face meetings -about the presence of these two terrorists in the United States, the CIA refused. At a meeting in June 200l with FBI officials from the New York Field Office who were working on the USS Cole case, a CIA official refused to tell them that al-Mihdhar and al-Hazmi had come to the United States. [40]

Meanwhile, Khalid al-Mihdhar was in Jeddah, Saudi Arabia, and applied for a new U.S.

_______________

39 JIS, written statement presented to SSCI/HPSCI joint hearing (September 20, 2002), at 9; see also CIA official, written statement presented to SSCI/HPSCI joint hearing (September 20, 2002), at 4; Michael Rolince. written statement presented to SSCI/HPSCI joint hearing (September 20, 2002), at 2.

40 JIS, written statement presented to SSCI/HPSCI joint hearing (September 20,2002), at 2] ; see also id. at 10.

4I

visa in June 2001. The State Department officials who took this application appear to have followed procedures and checked his name against their CLASS database, which incorporates TIPOFF watchlist information. Because CIA continued to refuse to put the name of this Al-Qa'ida terrorist into TIPOFF, however, no CLASS "hits" occurred, and al-Mihdhar was given a visa and returned to the United States unmolested in July. [41]

_______________

41 JIS, written statement presented to SSCI/HPSC] joint hearing (September 20, 2002), at 10.

42

The CIA only decided to watchlist al-Hazmi and al-Mihdhar in late August 2001, by which point they were already in the United States and in the final stages of preparing for the September 11 attacks. [42] By this point, tragically, it was too late for the FBI - hamstrung by its own investigative regulations - to stop them. Although the FBI scrambled in late August and early September to locate the two terrorists in the United States, [43] it denied itself the services of any of its own agents assigned to criminal work and refused even to conduct a basic Internet search that would have revealed al-Hazmi and al-Mihdhar living under their true names in San Diego. (According to testimony from an FBI agent in New York who conducted just such an Internet search after the September 11 attacks, finding al-Mihdhar's address "within hours." [44]) It also denied itself any assistance that could have been obtained from Treasury officials in tracking down al-Mihdhar and al-Hazmi through their credit card or banking transactions. As it turned out, however, on September 11, 2001, the two men boarded American Airlines Flight 77, and helped fly it into the Pentagon.

(3) The "Phoenix Memo "

The affair of the FBI Electronic Communication (EC) sent by the Phoenix field office to FBI Headquarters in order to warn officials about potential dangers from AI-Qa'ida-affiliated individuals training at U .S. flight schools, also illustrates the tremendous difficulty our

_______________

42 JIS, written statement presented to SSCI/HPSCI joint hearing (September 20, 2002), at 10; see also Rolince, supra, at 3.

43 JIS, written statement presented to SSCI/HPSCI joint hearing (September 20, 2002), at 11.

44 FBI Agent from New York Field Office, testimony before joint SSCI/HPCSI hearing (September 20,2002), available from Federal News Service (response to question from Senator Shelby).

43

Intelligence Community has had with sharing information and "connecting the dots" - particularly where the FBI is concerned.

The FBI special agent in Phoenix who sent the EC to headquarters on July 10, 2001, addressed his memorandum to the Usama bin Laden Unit (UBLU) and the Radical Fundamentalist Unit (RFU) within the Bureau's counterterrorist organization. Headquarters personnel, however, decided that no follow-up was needed, and no managers actually took part in this decision or even saw the memorandum before the September 11 attacks. [45] The CIA was made aware of the Phoenix special agent's concerns about flight schools, but it offered no feedback [46] despite the information the CIA possessed about terrorists' interest in using aircraft as weapons. Nor did the new FBI officials who saw the Phoenix EC at headquarters ever connect these concerns with the body of information already in the FBI's possession about terrorists' interest in obtaining training at U.S. flight schools. [47] The full contents of the "Phoenix Memo" have yet to be made public, but it is astonishing that so little was made of it, especially since it drew readers' attention to certain information already in the FBl's possession suggesting a very specific reason to be alarmed about one particular foreign student at an aviation university in the United States. [48]

_______________

45 JIS, written statement presented to SSCI/HPSCI joint hearing (September 24,2002), at 2.

46 JIS, written statement presented to SSCl/HPSCI joint hearing (September 24, 2002), at 6.

47 JIS, written statement presented to SSC]/HPSCI joint hearing (September 24, 2002), at 11-13.

48 FBl Special Agent in Phoenix, Arizona, electronic communication addressed to Radical Fundamentalist Unit et al. (July 10,2001 ), at 5. The FBI declined to declassify any more specific an account of this information.

44

(4) Missed Opportunities

Altogether, the al-Mihdhar/al-Hazmi and "Phoenix EC" stories suggest both the potential of sophisticated information-sharing and good information-empowered analysis and the dangers of jailing properly to "connect the dots." It is impossible to know, of course, whether the September 11 plot could have been disrupted -or at least significantly delayed -had the FBI and CIA acted properly in sharing and understanding information available to them. The evidence, however, suggests a number of pregnant "what ifs";

  • If the CIA had been willing to share its information about al-Mihdhar and al-Hazmi with consular and INS officials through the TIPOFF program, one or both of them might have been apprehended upon entering or reentering the United States after their Malaysia meeting.
  • If the CIA had informed the FBI when it first knew that al-Mihdhar and al-Hazmi were in the United States -and the FBI had permitted itself to do common-sense things like use the Internet -these two terrorists might have been located at their home in San Diego (or in flight school in the area) long before the September 11 attacks. Surveillance of them might have led the FBI to other hijackers, or to operational cell leaders, or their deportation might have disrupted the plot.
  • If the FBI had been able to "connect the dots" between the Phoenix EC and the body of information already in the FBI's possession about terrorist interest in U.S. flight schools -and information held by the Intelligence

45

  • Community about terrorists' interest in using aircraft as weapons -it might have been better able to investigate Zacarias Moussaoui and obtain information on some of the other September 11 hijackers from information in Mouassaoui's computer and in his personal effects.
  • If the FBI had understood the full significance of the Phoenix EC in light of this other information, they might have begun to conduct the follow-up work recommended by the Phoenix special agent. In May 2001, the FBI had already briefly considered opening an investigation upon one of the individuals named in the EC, but this was dropped when it was discovered he was out of the country at the time. Had the Phoenix EC spurred serious follow-up by FBI Headquarters, however, this individual's name might have been added to the TIPOFF watchlist -leading investigators right to him upon his subsequent return to the United States. Restarting the aborted investigation of this individual would likely also have led the FBI to his radical fundamentalist flight school classmate in Arizona, September II hijacker Rani Hanjour. [49]

The September 11 story, therefore, should be an object lesson in the perils of failing to share information promptly and efficiently between (and within) organizations, and in the need to ensure that intelligence analysis is conducted on a truly "all-source" basis by experts permitted to access all relevant information -no matter where in the Intelligence Community it happens to reside.

_______________

49 JIS, written statement presented to SSCI/HPSCI joint hearing (September 24, 2002), at 10.

46

B. Pervasive Problems of Information-Sharing

That effective information-sharing and truly all-source analysis should have been such a scarce commodity in counterterrorism work during the months and years leading up to September 11 -years during which the Director of Central Intelligence supposedly believed the U.S. Intelligence Community to be "at war" with Al-Qa'ida and made fighting it his highest priority -- is a testament to the recurring problems of agency parochialism and information- hoarding. Even Community-wide attempts to "fix" the problem of information- haring, such as the DCI's ongoing development of the computerized Intelligence Community-Wide System for Information Sharing (ICSIS), simply replicate the problem. ICSIS will be built around a series of agency-specific electronic "shared spaces" accessible to users of the system, but populated only with such information as each agency sees fit to permit others to see. [50] ICSIS will, in other words, presumably speed access to what agencies are willing to share, but it will do nothing to address broader issues of their unwillingness to permit experts from other intelligence agencies any window upon the data-streams the monopolization of which is the source of each host agency's bureaucratic power. [51]

_______________

50 It is not even clear that ICSIS will meet the Community's needs even on its own terms. In January 2001, the NIMA Commission report recommended that NIMA begin building a new information- management system essentially from scratch, notwithstanding ICSIS planned deployment over the next ten years. See Dr. Robert C. Norris, written statement presented to joint SSCI/HPSCI hearing (October 1, 2002), at 4.

51 The culture of information-holder control is formally enshrined most obviously in the "originator control" (ORCON) classification caveat, which requires that anyone given access to a certain piece of information not reveal it to anyone else without explicit permission from its originating agency. According to FBI official Michael Rolince, the ORCON caveat made it very difficult for the FBI to pass intelligence information to criminal investigators in terrorism cases, "even for lead purposes," because the originating agency (frequently the CIA) would refuse to allow it. See Michael Rolince, written statement presented to joint SSCI/HPSCI hearing (September 20, 2002 ),

47

_______________

at 4. According to the JIS, ORCON rules present a major problem to efficient information-sharing, because they impose upon sharing arrangements a cumbersome and lengthy case-by-case adjudication process. See JIS, written statement presented to joint SSCI/HPSC] hearing (October 1, 2002), at 6. Our Joint Inquiry also discovered this to be the case, encountering frequent delays allegedly because of the necessity of clearing ORCON transmittals to Congress.

In travels and discussions with U.S. Allies currently engaged in helping us fight the war against terrorism, SSCI Members and staff have heard many complaints that the U.S. classification caveat "no foreign" (NOFORN) has also unnecessarily impeded information-sharing. Even our closest military allies have privately complained about what they describe as the unnecessary and reflexive use of the NOFORN caveat by U.S. officials. This has frequently resulted in U.S. intelligence officers stamping "NOFORN" on information provided to them by those same allies, denying these contributors to our war and intelligence efforts the ability to see the intelligence products we make out of their information. The Intelligence Committees attempted to draw attention to this "NOFORN problem" in § 831 of the Fiscal Year 2003 Intelligence Authorization Bill (Public Law 107-306), which requires that the DCI and the Secretary of Defense report to Congress on the impact of NOFORN practices upon allied intelligence-sharing relationships.

48

Such information-hoarding thus goes deeper than simply being "'policy," often reaching the level of simple reflex. For instance, the FBI for years monopolized the processing of information obtained from surveillance under the Foreign Intelligence Surveillance Act (FISA) - even though it fell hopelessly behind in processing FISA "raw data" and accumulated vast backlogs of untranslated tapes that were of no use to anyone. Thus also does the NSA insist that only its employees can be trusted with handling "raw" signals intelligence (SIGINT) data under the standards prescribed by U.S. Signals Intelligence Directive (USSID) 18. And the CIA's Directorate of Operations usually refuses even to let CIA analysts see its own operational cable traffic.

Reading the DCI's authority to protect intelligence "sources and methods" as barring the disclosure of source information not simply to the public or to U .S. adversaries but also to anyone else in the u.s. Intelligence Community, the CIA has proven unwilling to permit others a window upon the context that source information can occasionally provide. CIA information- hoarding is hardly a problem unique to the al-Mihdhar and al-Hazmi story. The CIA also refused requests by U.S. Navy intelligence officers to turn over highly relevant information about the source of an intelligence warning that might have prompted the Navy to direct the USS Cole away from Yemen in October 2000.

As the Senate and House Intelligence Committees have seen repeatedly, the Intelligence Community shares information poorly and reluctantly, at best. Especially since September 11, Community representatives have assured us on innumerable occasions that their coordination and information-sharing problems have been fixed: it has become their mantra that such cooperation is now "seamless" and "unprecedented." Even today, however, these sharing

49

arrangements consist principally of the assignment of agency personnel for reciprocal details at counterpart agencies (e.g., FBI personnel at the CIA, and CIA personnel at the FBI). (Nor is the CIA's CTC much of a 'joint" center in the military sense, since the overwhelming majority of its personnel are CIA employees. It was, and remains, a CIA organization.)

Such cross-detailing, as we have long known and as testimony before our Joint Inquiry hearings has made doubly clear, is at best "an imperfect response" to the information-sharing problem.

"The almost unanimous opinion among the detailing agencies is that host agencies still restrict access to information and limit the databases that can be queried by detailees from other agencies on grounds of personnel or information security, and intelligence policies." [52]

_______________

52 JIS, written statement presented to SSCI/HPSCI joint hearing (October], 2002), at 7.

50

Such detailees commonly bring special experience and contextual knowledge to their assignments that host-agency personnel may lack, but they are seldom fully trusted by their host agencies and are seldom, if ever, permitted to know as much as "real" agency employees. Moreover, even when detailees are given comparatively good access to host-agency information, they are almost invariably prohibited from passing it back to their home: organizations. This, for instance, is the fate of non-FBI officials assigned to the FBI-run Joint Terrorism Tracking Task Forces (JTTFs). [53] It is also that of DIA analysts cross-assigned to other IC agencies. [54] As Rear Admiral Lowell Jacoby recounted in testimony submitted to the Joint Inquiry, cross-assigned personnel are routinely denied "unfettered and unconditional access to all relevant. .. information" and are often not permitted to transmit to their home agencies what they are permitted to see. [55]

Today, the "seamless" and "unprecedented" information-sharing within our Intelligence Community remains built around personal contacts and such cross-details. According to FBI Counterterrorism chief Dale Watson, the FBI's arrangements with the CIA and with other U.S. Government agencies revolve principally around the "exchange of working level personnel and senior managers at the headquarters level." [56] This may represent considerable progress compared with what prevailed before September 11, but it is woefully inadequate to our intelligence needs in the 21st century.

_______________

53 JIS, written statement presented to SSCI/HPSCI joint hearing (October 1, 2002), at 7-8.

54 JIS, written statement presented to SSCI/HPSCI joint hearing (October 1, 2002), at 13.

55 RADM Lowell E. Jacoby, written statement presented to SSCI/HPSCI joint hearing (October], 2002), at 5.

56 Dale Watson, written statement presented to SSCI/HPSCI joint healring (September 26, 2002), at 4 &6.

51

C. The Future of Information-Sharing

(1) The Imperative of "Deep " Analyst Data-Access

The greatest contributions that intelligence analysis can make against vague, shifting, and inherently ambiguous transnational threats such as international terrorism lie in analysts' capacity to conduct "all-source fusion" of information -performing the classic task of assembling fragmentary information into actual or inferential "mosaics" and teasing useful "signals" out of the "noise" brought in by our wide-ranging means of intelligence collection. Problems of information-hoarding and dysfunctional sharing methodologies, however, restrict analysts' ability to apply their talent, training, and experience against intelligence targets in a truly all-source fashion. If they are to be expected to have success against such modern targets in the future, we will need to do a great deal to improve their ability to survey and draw patterns out of the masses of data that exist in discrete and carefully-guarded bundles throughout the Intelligence Community.

Intelligence collectors -whose status and bureaucratic influence depends to no small extent upon the monopolization of "their" information-stream -often fail to recognize the importance of providing analysts with "deep" access to data. The whole point of intelligence analysis against transnational targets is to draw patterns out of a mass of seemingly unrelated information, and it is crucial that the analysis of such patterns not be restricted only to personnel from a single agency. As Acting DIA Director Lowell Jacoby observed in his written testimony before the Joint Inquiry, "information considered irrelevant noise by one set of analysts may

52

provide critical clues or reveal significant relationships when subjected to analytic scrutiny by another." [57]

This suggests that the fundamental intellectual assumptions that have guided our Intelligence Community's approach to managing national security information for half a century may be in some respects crucially flawed, in that it may not be true that information-holders - the traditional arbiters of who can see "their" data - are the entities best placed to determine whether outsiders have any "need to know" data in their possession. Analysts who seek access to information, it turns out, may well be the participants best equipped to determine what their particular expertise and contextual understanding can bring to the analysis of certain types of data.

In this vein, the Military Intelligence Board has explicitly suggested that deep information-sharing will require a re-examination of traditional concepts of "need to know" -- although, not surprisingly, traditional collection agencies such as the CIA still contest this conclusion. [58] Rear Admiral Jacoby made the point firmly to our Joint Inquiry, writing that it should be the task of intelligence reformers

_______________

57 RADM Lowell E. Jacoby, written statement presented to SSCI/HPSCI joint hearing (October 1, 2002), at 4.

58 JIS, written statement presented to SSCI/HPSCI joint hearing (October 1,2002), at 12.

53

"to create a new paradigm wherein 'ownership' of information belonged with the analysts and not the collectors. In my opinion, one of the most prolonged and troubling trends in the Intelligence Community is the degree to which analysts - while being expected to incorporate the full range of source information into their assessments -have been systematically separated from the raw material of their trade." [59]

Sadly -- and dangerously -the result of this systematic separation is that "groundbreaking, innovative, true all-source analysis" has become "the exception, not the rule" in today's Intelligence Community . [60]

The imperative of "deep" analyst data-access is intertwined with another dynamic. For some time, our ability to analyze information has been falling increasingly behind the enormous volumes of information collected by our intelligence agencies. This imbalance between analysis and collection has been the subject of numerous SSCI hearings. It has important implications for the future of information- sharing within the Intelligence Community because it suggests that in addition to being empowered to conduct true "all-source" analysis, our analysts will also need to be supplied with powerful new tools if they are to work their analytical magic upon such large information volumes.

As Rear Admiral Jacoby has suggested, the challenge for intelligence reform is thus

_______________

59 Jacoby, supra, at 6.

60 Id

54

twofold: we must persuade information-holders to give analysts "deeper" and less conditional access to data than they have ever before enjoyed, and we must equip analysts with the tools needed to "mine" these data-streams for useful information.

"[W]e need to find a way to immediately and emphatically put the 'all' back into all-source analysis. ...If we expect analysts to perform at the level and speed expected in a counterterrorism mission environment characterized by pop-up threats, fleeting targets, and heavily veiled communication, they require immediate, on-demand access to data from all sources and the ability to mine, manipulate, integrate, and display all relevant information." [61]

As noted previously, making information accessible necessarily exists in some tension with keeping it secure - and some balance must always be sought between usability and security. I have come to the conclusion that our Intelligence Community, dominated by traditional collection agencies such as CIA and NSA that enjoy special status precisely because of the monopolization of "their" data- streams (e.g., HUMINT and SIGINT), has drawn this line in ways incompatible with our intelligence needs in the 21st century. I thus believe, with RADM Jacoby, that we must bring about a radical change in the access collection agencies give to all- source analysts, including all-source analysts from outside their own ranks.

Such analyst empowerment must be accomplished in ways that do not leave our secrets

_______________

61 RADM Lowell E. Jacoby, written statement presented to SSCI/HPSCI joint hearing (October 1, 2002), at 7.

55

unduly vulnerable to compromise. It is thus the challenge of reform not only to persuade recalcitrant information-hoarders into making their databases available to sophisticated analytical exploitation but also to ensure that the resulting information architectures are secure. There is no reason why appropriately cleared analysts should not be trusted with such information: they are no less patriotic, no less committed to protecting national security, and no less professional in their fields than the collection bureaucrats who would presume to deny them access. That said, of course, there is every reason to develop comprehensive security protocols and accountability systems to reduce the risk of espionage or accidental compromise that is to some degree inherent in any expansion of the universe of persons given access.

Fortunately, recent efforts to move forward in empowering analysts to conduct true all- source analysis provide reasons for confidence that a workable solution is possible. As the SSCI's Technical Advisory Group (TAG) -a nonpartisan group principally composed of expert private sector technologists and managers with the highest possible security clearances -has forcefully recommended, we must move forward into the realm of comprehensive databasing and data-mining now, and the technology we need is either in existence already or well on its way to development. As this technology advances, the TAG has suggested, agency resistance to such developments in the name of "security" is looking increasingly like a mere excuse:

"The technology of multi-level-security databases and computer systems is highly developed, and all that stands between the present moment and the operation of such a database in the National interest is political will." [62]

_______________

62 SSCI Technical Advisory Group, "TAG Findings-&-Recommendations Post-9/11," memorandum to Senators Bob Graham and Richard Shelby (April 3,2002), at 3.

56

(2) Faltering Steps Forward

In efforts to meet the analytical challenge of transnational terrorism, both the Department of Defense (DOD) and the Department of Justice (DOJ) have undertaken new experiments in all- source fusion aimed at the targets. At DOD, the Defense Intelligence Agency set up an organization it calls Joint Intelligence Task Force-Counterterrorism (JITF-CT). Established in the wake of the bombing of the USS Cole by Al-Qa'ida members in October 2000, and augmented by new assignments of personnel and resources after the September 11 attacks, JITF- CT aspires to provide its analysts with deep data access sufficient to permit real all-source fusion. According to RADM Jacoby, DIA's aim in establishing JITF-CT was to create a "stand-alone limited access data repository accredited to host the entire range of terrorism related information, regardless of source" -including not just "highly compartmented intelligence," but also "law enforcement information related to ongoing investigations or prosecutions, and security incident reporting sometimes catalogues as criminal, rather than terrorism activity ." JITF-CT seeks to "apply state-of-the-practice technological tools and expertise that enhance opportunities for 'analytic discovery."' [63]

The Attorney General established his own Foreign Terrorist Tracking Task Force (FTTTF) after September 11 in order to help develop "deep"-access data-mining techniques and apply these new methodologies to the formidable challenge of catching terrorists operating within the United States. FTTTF is co-located with the Pentagon's Joint Counterintelligence Assessment Group (JCAG, a.k.a. the Counterintelligence Field Activity, or CIFA), which

_______________

63 RADM Lowell E. Jacoby, written statement presented to SSCI/HPSCl joint hearing (October 1, 2002), at 2.

57

provides technical support. [64] As with JITF-CT, FTTTF/JCAG aspires to bring about great innovations in analyst access to and data- mining of disparate "all-source" data-streams.

The experience of these innovative analytical cells, however, is simultaneously encouraging and dispiriting. It is encouraging in that it shows a commendable interest in inter- agency information-sharing on something approaching -or at least aspiring to -a truly all- source basis, and enabled by state-of-the-art analytical tools. Nonetheless, it is also dispiriting in that the available evidence suggests that these organizations are experiencing some notable "pushback" by the traditional information-holders within the Intelligence Community. According to RADM Jacoby, for instance, JITF-CT and DIA are still being denied information by "those intelligence and law enforcement organizations that are the 'owners' or 'arbiters' of unshared information." "This is no small problem" as Jacoby emphasizes, for although the

_______________

64 JIS, written statement presented to SSCI/HPSCI joint hearing (October 1, 2002), at 15-16. 58

"un-shared information falls largely into the categories of background and contextual data, sourcing, seemingly benign activities, and the like. ..it is within these categories that the critical 'connecting dot' may well be found." [65]

The CIA has its own "all-source" fusion cell devoted to terrorist targets, in the form of the DCI's Counterterrorism Center (CTC). The CTC has performed this function for some years, and not without some success. Even CTC has had difficulty penetrating the veil of agency information-hoarding. Although as an operational arm of the CIA staffed principally by Directorate of Operations personnel, the CTC is denied far less information in CIA operational cables than organizations such as JITF-CT, it still encounters information-sharing problems in dealing with other organizations. In particular, timely and effective access to law enforcement information has been a traditional weakness at CTC, and the NSA has refused to permit the Center access to "raw" SIGINT data. Moreover, another weakness of CTC as an analytical fusion cell is precisely its operational focus: CTC plays a vital role in spearheading our country's campaign to disrupt and dismember terrorist cells overseas, but this necessarily means that it devotes less time to purely analytical work on terrorism than would otherwise be the case. Indeed, not unlike FBI analysts diverted to "operational" support to ongoing investigations (see below), CTC analysts apparently spend a great proportion of their time providing analytical support to CTC's ongoing operations.

_______________

65 RADM Lowell E:. Jacoby, written statement presented to SSCI/HPSCI joint hearing (October 1, 2002), at 5.

59

More than a year after September 11, there is still "no single agency or database or computer network that integrates all counter terrorism information nationwide." [66] And there is no center devoted entirely to counterterrorist analysis on a truly all-source basis. As former Representative Lee Hamilton emphasized in testimony before our Joint Inquiry, this is a significant unmet need within the Intelligence Community.

"We need a center in the government for all intelligence -foreign and domestic -to come together. There is currently no place in the government where we put together data from all of our domestic and foreign sources - the CIA, FBI, Department of Defense, Department of State, NSA, and other agencies." [67]

(3) Technological and Bureaucratic Empowerment

(a) "Total Information Awareness"

To help address the need for technological change to support the kind of analyst empowerment that our Intelligence Community needs, Dr. Robert Norris of the National Defense University and RADM Jacoby of DIA argued that the IC should take its cue from the private sector and move toward a common data format standard. Such a standard, they suggested, would allow data-interoperability -as opposed to system interoperability, which is much more

_______________

66 JIS, written statement presented to SSCI/HPSCI joint hearing (October 1, 2002), at 5.

67 Lee Hamilton, written statement presented to SSCI/HPSCl joint hearing (October 3, 2002), at 4.

60

challenging and is perhaps unattainable [68] --  across the Community, or even across the federal government as a whole.

"Interoperability at the data level is an absolutely necessary attribute of a transformed intelligence environment because it enables horizontal integration of information from all sources -not just intelligence -and at all levels of classification."69

_______________

68 Dr. Robert C. Norris, written statement presented to SSCI/HPSCI joint hearing (October 1,2002), at 10 (quoting LTG Peter Cuviello); see also id. at 7 (quoting Brig. Gen. Michael Ennis).

69 RADM Lowell E. Jacoby, written statement presented to SSCI/HPSCI joint hearing (October 1, 2002), at 8.

61

In this regard, RADM Jacoby suggested that the Community follow the commercial world in embracing eXtensible Markup Language (XML) was a way to ensure such data- interoperability. [70]

Interestingly, an ongoing project by the Information Awareness Office (IAO) of the Defense Advanced Research Projects Agency (DARPA) suggests that while such data- interoperability would be enormously useful, it may not be an absolute prerequisite for meaningful "deep access" data-mining within the Intelligence Community, the U.S. Government, or beyond. The SSCI has been following with great interest IAO's work on what it calls its "Total Information Awareness;' (TIA) project, for this project holds out the prospect of providing the technological tools to achieve radical analyst empowerment vis-a-vis the IC's entrenched information-holders.

_______________

70 Id

62

TIA aspires to create the tools that would permit analysts to data-mine an indefinitely- expandable universe of databases. These tools would not be database-specific, but would rather be engineered in such a way as to allow databases to be added to the analytical mix as rapidly as interface software could be programmed to recognize the data formats used in each new database and to translate queries and apply specific "business rules" into a form usable therein. Through this system, TIA hopes to enable an analyst to make search requests -either on a name-by-name basis or in order to apply sophisticated pattern-recognition software -to each among a "cloud" of remotely-distributed databases. Each analyst user would possess a complex set of individual "credentials" which would be embedded in each query and "travel" with that query through the database universe. These credentials would include information such as the user's access permissions and the specific legal and policy authorities under which each query has been conducted; they would tell the system what sorts of responses that user is permitted to get. [71] Even when the user did not have authority to see certain types of information, the system would be able to tell the analyst whether any data responsive to his query existed in any particular database, allowing him to submit a request for access to higher authority, [72] Information responsive to user queries would then be passed back through the system to an automated data repository, where it would be stored for analytical exploitation, [73]

_______________

71 The TIA project also contemplates a system of "selective revelation of information," whereby initial responses to a query would indicate merely the presence of responsive entries or patterns, Subsequent queries -and perhaps additional levels of authority -would be needed for the analyst to "bore deeper" into the data.

72 This helps analysts get avoid the "you don't know what you don't know" dilemma, yet without compromising particularly sensitive information to unauthorized individuals.

73 IAO officials have told committee staff that DARPA envisions the possibility of supporting analysts with semi-automated functions that would "learn" from the behavior of large numbers of other users on the system, "pushing" data out to users working on specific topics in ways loosely analogous to

63

The TIA approach thus has much to recommend it as a potential solution to the imperative of deep data-access and analyst empowerment within a 21st-century Intelligence Community. If pursued with care and determination, it has the potential to break down the parochial agency information "stovepipes" and permit nearly pure all-source analysis for the first time -yet without unmanageable security difficulties. If done right, moreover, TIA would be infinitely scalable: expandable to as many databases as our lawyers and policymakers deem to be appropriate. [74]

_______________

the way in which the software at Amazon.com recommends books to browsers based upon what other customers who selected a particular title also picked.

74 What's more, the TIA architecture is being designed to create elaborate audit trails upon the initiation of each query, These audit trails, which would be accessible to intelligence oversight organs, would be specially encrypted and secured against tampering, and would allow overseers to hold each accredited user accountable for activity undertaken within the system and information gleaned therefrom. Moreover, developing TIA will apparently not involve the use of any data from actual persons (e.g., information about real Americans). IAO plans to construct a "virtual" economy filled with huge numbers of "synthetic" personal transactions by millions of hypothesized people. A "red team" would develop and "carry out" attacks within this virtual environment, role- laying the parts of individual terrorists in order to create transactional trails, The software developers would then try to develop programs to identify these patterns of "terrorist" transactions, picking them out of the "noise" of the "synthetic" civilian transactions in which they will be embedded. This approach, DARPA hopes, will identify the best ways to identify real terrorists while minimizing the system's intrusion upon the transactional records of non-terrorists.

64

TIA promises to be an enormously useful tool that can be applied to whatever data we feel comfortable permitting it to access. How broadly it will ultimately be used is a matter for policymakers to decide if and when the program bears fruit, It is worth emphasizing, however, that TIA would provide unprecedented value-added even if applied exclusively within the current Intelligence Community -as a means of finally providing analysts deep but controlled and accountable access to the databases of collection and analytical agencies alike. It would also be useful if applied to broader U.S. Government information holdings, subject to laws restricting the use of tax return information, census data, and other information. Ultimately, we might choose to permit TIA to work against some of the civilian "transactional space" in commercially-available databases which are already publicly and legally available today to marketers, credit card companies, criminals, and terrorists alike, The point for civil libertarians to remember is that policymakers can choose to restrict TIA's application however they see fit: it will be applied only against the data-streams that our policymakers and our laws permit.

I mention TIA here at some length because it represents, in my view, precisely the kind of innovative, "out of the box" thinking of which I have long been speaking -and which Americans have a right to expect from their Intelligence Community in the wake of a devastating surprise attack that left 3,000 of their countrymen dead. It is unfortunate that thinking of this sort is most obvious in the Defense Department rather than among Intelligence Community leaders, and more unfortunate still that projects like TIA are likely to encounter significant resistance from the entrenched information-holders at the core of the traditional IC. Nevertheless, projects like this represent a bright spot in the Community's baleful recent history of counterterrorist information- sharing.

65

(b) Homeland Security Intelligence Fusion

Another bright spot is the potential for a fresh start that is presented by the new Department of Homeland Security. The Homeland Security bill signed by President Bush on November 25, 2002 contains provisions which I wrote specifically in order to help address these information-sharing problems within the Intelligence Community and between other federal agencies. Specifically, this new law makes it the responsibility of the Undersecretary for Information Analysis and Infrastructure Protection at the Department of Homeland Security to

"establish and utilize...a secure communications and information technology infrastructure, including data-mining and other advanced analytical tools, in order to access, receive, and analyze data and information in furtherance of the responsibilities under this section. ..." [75]

This language is complemented by the strong information-access provisions I also wrote into the bill. These provisions provide appropriately-cleared Homeland Security analysts with authority affirmatively to access (i.e., not simply to be given):

_______________

75 Public Law 107-296 (November 25, 2002), at § 201(d)(14).

66

"all information, including reports, assessments, analyses, and unevaluated intelligence related to threats of terrorism against the United States...that may be collected, possessed, or prepared by any agency of the Federal Government." [76]

Read together, as they were intended to be, these provisions provide statutory authorization for a radical new approach to counterterrorist information-sharing in which analysts are for the first time given the ability to conduct real "all-source" analysis and to "connect the dots" in order to protect our nation from terrorists.

It was my hope with this legislation to begin to move our Intelligence Community, to paraphrase former DIA Director Thomas Wilson, beyond the realm of information "sharing" entirely, inasmuch as "sharing" connotes information ownership by the party that decides to share it, an idea that is antithetical to truly empowering analysts to connect all the right "dots." [77]

My views on this subject have been powerfully reinforced by the findings of the Joint Inquiry, which has recommended that Congress work diligently to ensure the success of the Homeland Security information analysis office - including ensuring that it gets "full and timely access to all counterterrorism-related intelligence information," including all the "'raw' supporting data" it needs. While it certainly remains in President Bush's power to stop his new

_______________

76 Id. at § 202(a)(1) (emphasis added).

77 See JIS, written statement presented to SSCI/HPSCI joint hearing (October 1, 2002), at 13 (citing VADM Thomas Wilson).

67

Homeland Security organization short of leading the way toward this new paradigm, it is my hope -and it was the inspiration behind my contributions to Title II of the Homeland Security bill and the recommendations of the Joint Inquiry -that he will use this historic opportunity to bring the U.S. Intelligence Community into the 21st century. I dearly hope that, recent press reports to the contrary, [78] the Administration will not squander the opportunity to make true all- source fusion finally work to protect Americans from terrorism.

(4) The Other Side of the Coin: Protecting National Security Information

_______________

78 See, e.g., Eggen & Mintz, supra, at 43.

68

In the context of information sharing, a quick word should also be said about the need to protect national security information from unauthorized disclosure. Those of us with regular access to highly classified information cannot help but be appalled by the frequency with which the publication within the Intelligence Community of enormously sensitive reports is quickly followed by sensationalistic press accounts of that very same information. The President, the Secretary of Defense, and other officials have all stated emphatically the dangers posed by the endemic culture of media "leaks" in modern Washington. As Attorney General Ashcroft has noted, "there is no doubt and ample evidence that unauthorized disclosures of classified information cause enormous and irreparable harm to the nation's diplomatic, military, and intelligence capabilities." [79] As we have learned during the course of this Joint Inquiry, our Intelligence Community's ability personally to track Usama bin Laden himself was lost in 1998 on account of a senior official's boasting to the media about a certain type of collection capability. We simply cannot hope to fight the war on terrorism with sustained success if we continue to see our intelligence activities and capabilities featured in the press as part of what Senator Pat Roberts has described as "the leak of the week."

Unfortunately, however, our current laws against disclosing classified information are far too weak, and investigations of leaks usually far too difficult, for prosecutors to have had any success in pursuing them. Indeed, in the last half-century, I am aware of only one non- espionage case in which someone was prosecuted for an unauthorized disclosure. The SSCI and HPSCI tried to address this issue in 2000 by placing a section in our Fiscal Year 2001 intelligence authorization bill that would have made it a felony for someone with authorized access to

_______________

79 Attorney General John Ashcroft, letter to Vice President Dick Cht:ney (October 15,2002).

69

classified information knowingly to disclose it to someone not authorized to receive it. [80] President Clinton, however, vetoed the bill.

Now that the war on terrorism has refocused us upon the potentially appalling consequences of our culture of leaks, the 108th Congress should take up and enact this legislation anew -and President Bush should sign it. Such anti-leaks legislation will become more important than ever as we move into the 21st century world of true "all-source" fusion and automated data-mining within the Intelligence Community. We should also bear continually in mind the admonition contained in the Joint Inquiry's recommendation to consider the degree to which "excessive classification" has impeded the IC's ability to handle the information- management responsibilities we ask of it. We must both punish leaks of information and ensure that the only information subject to classification is that which truly needs to be.

III. Intelligence-Law Enforcement Coordination

Another of the discouraging lessons of September 11 is the extent to which the United States' law enforcement agencies (LEAs) and its Intelligence Community (IC) still have not managed to work effectively with each other. Progress has been made in this regard since the terrorist attacks, thanks in large part to Congress' prompt passage of the USA PATRIOT Act of 2001 (Public Law 107-56). This remains an area, however, in which much improvement is

_______________

80 See S.2S07 (106th Congress, 2d Sess.), at § 303.

70

needed -- as well as sustained Congressional oversight to ensure that these agencies really do make cooperation part of their institutional culture over the long run.

A. FISA and Its Discontents

Much of the blame for the dysfunctional nature of pre-September 11 LEA/IC coordination can be traced to a series of misconceptions and mythologies that grew up in connection with the implementation of domestic intelligence surveillance (and physical searches) under the Foreign Intelligence Surveillance Act (FISA).81 Rigid and restrictive readings of FISA in the early and mid-1990s acquired with time the apparent legitimacy of long-presumed acceptance, and created a sterile and ultimately fallacious conventional wisdom that effectively - but unnecessarily -prevented meaningful LEA/IC coordination.

(1) Development of the "No Coordination " Myth

Much of the pre-September 11 problems with FISA can be traced to confusions associated with participants' understandings of the so- called "purpose test" embodied in the statute. Under FISA as it existed before 2001, a surveillance or search order could only be  obtained if, among other things, the government was able to certify -and a federal judge on the FISA court agreed -that "the purpose" of the undertaking was to collect foreign intelligence information.

_______________

81 18 U.S.C. § 1801 et seq.

71

Taking their cue from non-FISA caselaw setting forth the constitutional rules for warrantless intelligence surveillance, most courts interpreting FISA -and essentially all intra- Executive Branch officials who dealt with these matters -read FISA's "the purpose" language as imposing the requirement that the "primary" purpose of the requested surveillance or search be the collection of foreign intelligence. Warrantless surveillance cases such as Truong [82] arising out of activities undertaken before the passage of the FISA statute, had helped create what became known as the "primary purpose" test. Technically, the seminal "primary purpose" cases did not apply to surveillance conducted under FISA, a statute enacted by Congress in order to establish a special, court-overseen system of domestic intelligence surveillance and thus to replace the pre-FISA constitutional standard with a specified statutory one. Nevertheless, it did not take long for courts and commentators alike to interpret FISA as incorporating the pre-FISA "primary purpose" test.

As the FISA Court of Review ably explained in a recent landmark decision (and the first case ever heard by that appellate body established by the FISA statute in 1978), FISA itself imposes few, if any, restrictions upon intelligence/law enforcement coordination. Indeed, according to the Court of Review, the very idea that there exists a "dichotomy" between "criminal" and "intelligence" purposes was merely an unwarranted assumption that subsequent participants in the FISA process imagined into the law. [83] Nevertheless, in short order it had

_______________

82 United States v. Truong Dinh Hung, 629 F .2d 908 ( 4th Cir. 1980).

83 See Foreign Intelligence Surveillance Court of Review, In re: Sealed Case No.02-001 (November 18, 2002) [hereinafter "Court of Review Opinion"], at 18-19.

72

become the conventional wisdom of U.S. intelligence oversight law that FISA incorporated the "primary purpose" test -and thus that there must at some point be a limit to the permissible degree of "criminal investigative" involvement in electronic surveillance or physical searches84 under FISA.

_______________

84 Physical searches were not covered by the original FISA statute, being added to the law in 1995. (Before that point, therefore, physical searches still fell under the pre-FISA constitutional standards for warrantless surveillance.)

73

More importantly -and, as it turns out, far more perniciously -this half-imagined "purpose test" itself came to be interpreted extremely rigidly, in ways that in time came to be seen effectively to preclude any meaningful coordination between criminal investigators and intelligence personnel even in terrorism and espionage cases. As first discussed publicly in connection with a report on the Wen-Ho Lee affairs by the Chairman of the Senate Governmental Affairs Committee in 1999,85 and as subsequently detailed both in a General Accounting Office (GAO) study [86] and the declassified findings of a special Justice Department review -the Attorney General's Review Team (AGRT) headed by Assistant U.S. Attorney Randy Bellows, which produced the so-called "Bellows Report" [87] -DOJ attorneys adopted a

_______________

85 Fred Thompson & Joseph Lieberman, "Special Statement on "Department of Energy, FBI, and Department of Justice Handling of the Espionage Investigation into the Compromise of Design Information on the W-88 Nuclear Warhead" (August 5,1999), available at http://www.senate.gov/gov affairs/080599 china espionage statement.html (visited August 23, 2001).

86 General Accounting Office, Coordination Within Justice on Counterintelligence Criminal Matters is Limited (July 2001) [hereinafter "GAO Report"].

87 Attorney Genera1's Review Team, Final Report on the Handling of the Los Alamos National Laboratory Investigation (May 2000), declassified version [hereinafter "Bellows Report"].

74

hyper-restrictive, and legally unnecessary, approach to FISA applications. This approach, as was apparently intended, maximized the likelihood of FISA order requests being approved by the Foreign Intelligence Surveillance Court (FISC) and certainly minimized FISA "intrusions" upon American privacy. [88] It came at the cost, however, of prohibiting a great deal of useful and quite lawful information- sharing and coordination between intelligence and criminal investigators.

_______________

88 These debates, of course, came up with most vehemence in connection with proposed FISA surveillance or physical searches of the property of "United States persons" -that is, U.S. citizens, lawful permanent residents, or U.S. corporations, see 50 U.S.C. §§ 1801(i) (providing definition) - because FISA imposes special rules for dealing with U.S. persons, see id. at § 1801(a), 1804(a), & 1825(a). FISA surveillance and searches are much more easily available, under the statute, against non-U.S. persons such as foreign diplomats or facilities within the United States. See, e.g., id. at § 1802(a)(1) (permitting surveillance of premises exclusively controlled by a foreign power without need for court approval).

75

As best I have been able to piece these things together today - and in its recent decision on these matters, the FISA Court of Review (COR) disclaimed any real certainty about when these problems first arose [89] -the most damaging manifestations of this phenomenon came about after 1995, in the wake of the espionage prosecution of senior CIA officer (and Soviet mole) Aldrich Ames. Criminal and intelligence investigators in that case allegedly cooperated closely, so closely that lawyers within Attorney General Janet Reno's Justice Department apparently became convinced that they might "lose" the Ames case if defense counsel asked the trial judge to suppress evidence obtained by intelligence surveillance on the grounds that this collection had "really" been for criminal purposes.

As it turned out, Ames' guilty plea brought the case to a conclusion before this issue could be joined. Unsettled by the episode, Clinton Administration lawyers apparently concluded that they would in the future essentially prohibit coordination between criminal and intelligence investigators. The Attorney General issued special guidelines in July 1995 setting forth standards for information-sharing and coordination between FBI agents working on FISA cases or other intelligence investigations and attorneys in DOJ's Criminal Division. These guidelines did permit some cooperation, specifying standards for when the Criminal Division was to be

_______________

89 See Court of Review Opinion, supra, at 10 (suggesting that this dynamic may have begun "at some point during the 1980s").

76

notified of information. [90]

_______________

90 Attorney General Janet Reno, "Procedures for Contacts Between the FBI and the Criminal Division Concerning Foreign Intelligence and Foreign Counterintelligence Investigations," memorandum to Assistant Attorney General, Criminal Division, et al. (July 19, 1995).

77

As detailed by GAO, however, these guidelines were never really enforced within DOJ. With these guidelines standing, in effect, in abeyance, DOJ attorneys -- especially those within the Office of Intelligence Policy and Review (OIPR), which serves as the Department's "gatekeeper" on FISA matters -- were free to interpret FISA as banning essentially any contact between FISA investigators and the Criminal Division. As GAO and a special internal DOJ report have recounted, coordination on intelligence cases dropped off significantly after the guidelines were issued, and what contact was undertaken commonly occurred so late in the process as to be substantively useless. [91] According to some participants, meetings between FBI intelligence investigators and Criminal Division attorneys became "unproductive," and even "weird" and "surreal." The new restrictions imposed by OIPR prevented the FBI from obtaining "meaningful advice from the Criminal Division during an FCI (foreign counterintelligence) investigation," and impeded "the FBI's ability to do its job."92 In short order, OIPR attorneys turned the "primary purpose test" into a defacto "'exclusive' purpose" test.93 No FISA request was permitted to go forward if there was any meaningful coordination between criminal and intelligence investigative organs, and similar "no-coordination" standards were applied to all FCI and counterintelligence investigations. Denied any meaningful ability to coordinate actions between the LEA and IC spheres, the FBI developed a Byzantine system of parallel investigative tracks for working terrorism issues: "dirty" teams of intelligence investigators and "clean" teams of purely criminal-focused agents would work the same terrorist cases at the same time, "[y]et they rarely talk[ed] to each other." [94] This organizational allergy even to the most common-sense

_______________

91 See GAO Report, supra, at 14.

92 Bellows Report, supra, at 732-33.

93 See GAO Report, supra, at 14.

94 See, e.g., Robelio Suro, "FBI's 'Clean' Team Follows 'Dirty' Work of Intelligence," Washington

78

forms of counterterrorist cooperation become infamous after September 11: a "Wall" had been built between intelligence and law enforcement.

(2) Manifestations in the September 11 Intelligence Failure

Spurred by Congressional attention given to OIPR' s excessively restrictive approach to FISA during the Wen-Ho Lee affair -and by the scathing critique of that office offered in the Bellows Report -DOJ began to realize in the final months of the Clinton Administration that it had created a significant national security problem for itself. On January 21, 2000, Attorney General Reno promulgated some new "interim measures," but she failed to adopt new guidelines before leaving office. Revised formal guidance, however, was not forthcoming until set forth in August 2001 by Deputy Attorney General Larry Thompson.95 This clarified the rules for coordination between law enforcement and intelligence organs, emphasizing that notification of the Criminal Division is mandatory when information is developed that "reasonably indicate[s] that a significant federal crime has been, is being, or may be committed." [96]

_______________

Post (August 16, 1999), at A 13.

95 Deputy Attorney General Larry Thompson, "Intelligence Sharing," memorandum to Assistant Attorney General Michael Chertoff et al. (August 6, 2001).

96 Id at 2.

79

Go to Next Page