Better sharing is (maybe) on its way
The current state of information sharing
The demarcation line that separates the way government shares information within and between agencies is clearly Sept. 11, 2001. Though attitudes had been shifting before then, the shock of the terrorist attacks on the American mainland introduced a whole new level of awareness and urgency. The before-and-after pictures are stark contrasts.
It’s nevertheless taking time for change to happen. Traditional views of data ownership have been difficult to overcome, complex policy and regulatory changes were needed, and there were stumbles along the way – not least the infamous Wikileaks dump of sensitive State Department memos – that threatened progress.
But things have now reached the point where at least partial victory can be declared.
“In my opinion, there is little question that our government now operates on a “need to share” basis much more than it did 10 years ago,” said Sen. Joseph Lieberman (ID-Conn), chairman of the Senate Committee on Homeland Security and Governmental Affairs, at the beginning of a hearing on information sharing held the day after the 10th anniversary of the Sept. 11 attacks.
He highlighted the difference between the current and former “need to know” culture by describing the lines of information sharing between the Drug Enforcement Administration in Texas and Mexico, the FBI and eventually the U.S. Attorney General’s office that stymied an assassination attempt on the Saudi Arabian ambassador to the U.S.
Lieberman called that a “stunning outcome of brilliant information sharing,” and evidence of the kind of game-changing force that information sharing can exert.
Speaking at the same hearing, John McLaughlin, the distinguished practitioner in residence at the Paul H. Nitze School of Advanced International Studies at Johns Hopkins University, said there were three specific positive trends that could be picked out: The desire and willingness now to share information, even though there are still “parochial pockets” of people who don’t understand the benefits; the fact that capabilities for sharing have improved, though mostly within agencies; and a much improved policy foundation for access to and sharing of data.
Pushing against those, however, are what he called “countervailing” trends, such as the increasing volumes of data, periodic breakdowns in government security, and the fact that broader policy, procedure and law have been slow to keep up with the challenge.
“Looking to the future,” McLaughlin said, “there is no chance that this is going to get easier.”
There’s no doubt that the technology is there to allow sharing to happen, according to Dan Diiulio, director of engineering for General Dynamics Information Technology’s Navy/Air Force Systems Division. The problem for organizations is in identifying the data they want to share, and then enforcing how it’s shared.
The biggest challenge for organizations is in knowing which data types are important to them, and then figuring out how they fit into the network and with their clientele, he said.
Nowhere are the conflicts involved in better information sharing more evident than in the intelligence community. Tasked with producing better and more actionable data on what actual and potential US adversaries are planning, it’s been working on a more effective way to securely share information between its own members as well as with overseas partners.
One focus is on doing more to both tag data and ensure that the people who are authorized to receive it are properly identified, said James Clapper, Director of National Intelligence (DNI).
It’s sort of counterintuitive, he told the audience at a Center for Strategic and International Studies (CSIS) seminar in January 2012, but by having a greater identity management and greater and improved labeling, tagging and cataloguing of data, that promotes greater sharing.
“If you can be sure that the information that you’re sharing is actually going to the authorized recipient, that actually is an inducement to do more sharing,” he said.
This and other changes that herald a move to what Clapper called a “new architecture” for data sharing are still works in progress, but are nevertheless necessary advances to provide the ability to share data and information more broadly within the intelligence community, which Clapper said “is still a challenge for us.”
One way the Federal Bureau of Investigation is trying to improve at least it’s internal sharing of information is through what it calls domain awareness, whose goal is to provide a greater context and “a more-informed sense of the environment” in which various threats arise. That in turn should lead to information that allows the FBI to better align its resources to counter those threats.
Expanding this domain awareness should improve both the breadth and understanding of threats, the FBI said in its 2011 National Information Sharing Strategy, and “position FBI professionals to more effectively share information and (have a) positive impact on national security.”
That and other changes to the way the FBI organizes and shares its information could be key to the eventual success of the Bureau’s new $450 million Sentinel case management system, it’s first all-digital system and one that’s expected to greatly enhance the way FBI agents collaborate and “connect the dots” on investigations.
There’s no doubt the ability to share information has improved greatly over the past decade. The explosion of mobile devices and the global reach of social media such as Facebook and Twitter provide access that simply didn’t exist on Sept. 11, 2001.
The legislative and policy infrastructure is also coming together. The Intelligence Reform and Terrorism Prevention Act of 2004 set the baseline requirements for information sharing, and various executive orders over the past couple of years has formed the regulatory basis for sharing both classified and unclassified information.
Agencies have been acting on that to come up with specific rules. In March 2012, the Department of Homeland Security issued an 88-page document that describes the guidelines for secure handling and sharing of information between agencies, which DHS Secretary Janet Napolitano confirmed with an implementing directive on March 9.
How all of this eventually comes together –- if it comes together – will dictate how successful government overall will be in improving its information sharing. GDIT’s Diiulio, for one, believes there’s still a long way to go in them working through the cultural and behavioral contexts of how they share the information, as well as with all of the governance aspects of that.
“I believe the technology is available to facilitate better information sharing,” Diiulio said. “But that’s only a third of the complete package that’s needed.”