Entries Tagged "national security policy"

Page 55 of 61

America's Newfound Love of Secrecy

Really good Washington Post article on secrecy:

But the notion that information is more credible because it’s secret is increasingly unfounded. In fact, secret information is often more suspect because it hasn’t been subjected to open debate. Those with their own agendas can game the system, over-classifying or stove-piping self-serving intelligence to shield it from scrutiny. Those who cherry-picked intelligence in the run-up to the Iraq war could ignore anything that contradicted it. Even now, some members of Congress tell me that they avoid reading classified reports for fear that if they do, the edicts of secrecy will bar them from discussing vital public issues.

Real secrets—blueprints for nuclear weapons, specific troop movements, the identities of covert operatives in the field—deserve to be safeguarded. But when secrecy is abused, the result is a dangerous disdain that leads to officials exploiting secrecy for short-term advantage (think of the Valerie Plame affair or the White House leaking selected portions of National Intelligence Estimates to bolster flagging support for the Iraq war). Then disregard for the real need for secrecy spreads to the public. WhosaRat.com reveals the names of government witnesses in criminal cases. Other Web sites seek to out covert operatives or to post sensitive security documents online.

Back in 2002 I wrote about the relationship between secrecy and security.

Posted on June 27, 2007 at 6:58 AMView Comments

The U.S. Terrorist Database

Interesting article about the terrorist database: Terrorist Identities Datamart Environment (TIDE).

It’s huge:

Ballooning from fewer than 100,000 files in 2003 to about 435,000, the growing database threatens to overwhelm the people who manage it. “The single biggest worry that I have is long-term quality control,” said Russ Travers, in charge of TIDE at the National Counterterrorism Center in McLean. “Where am I going to be, where is my successor going to be, five years down the road?”

TIDE has also created concerns about secrecy, errors and privacy. The list marks the first time foreigners and U.S. citizens are combined in an intelligence database. The bar for inclusion is low, and once someone is on the list, it is virtually impossible to get off it. At any stage, the process can lead to “horror stories” of mixed-up names and unconfirmed information, Travers acknowledged.

Mostly the article tells you things you already know: the list is riddled with errors, and there’s no defined process for getting on or off the list. But the most surreal quote is at the end, from Rick Kopel, the center’s acting director:

The center came in for ridicule last year when CBS’s “60 Minutes” noted that 14 of the 19 Sept. 11 hijackers were listed—five years after their deaths. Kopel defended the listings, saying that “we know for a fact that these people will use names that they believe we are not going to list because they’re out of circulation—either because they’re dead or incarcerated. . . . It’s not willy-nilly. Every name on the list, there’s a reason that it’s on there.”

Get that? There’s someone who deliberately puts wrong names on the list because they think the terrorists might use aliases, and they want to catch them. Given that reasoning, wouldn’t you want to put the entire phone book on the list?

Posted on March 26, 2007 at 2:05 PMView Comments

U.S Terrorism Arrests/Convictions Significantly Overstated

Interesting report (long, but at least read the Executive Summary) from the U.S. Department of Justice’s Inspector General that says, basically, that all the U.S. terrorism statistics since 9/11—arrests, convictions, and so on—have been grossly inflated.

As summarized in the following table, we determined that the FBI, EOUSA, and the Criminal Division did not accurately report 24 of the 26 statistics we reviewed.

“EOUSA” is the Executive Office for United States Attorneys, part of the U.S. Department of Justice.

The report gives a series of reasons why the statistics were so bad. Here’s one:

The number of terrorism-related convictions was overstated because the FBI initially coded the investigative cases as terrorism-related when the cases were opened, but did not recode cases when no link to terrorism was established.

And here’s an example of a problem:

For example, Operation Tarmac was a worksite enforcement operation launched in November 2001 at the nation’s airports. During this operation, Department and other federal agents went into regional airports and checked the immigration papers of airport workers. The agents then arrested any individuals who used falsified documents, such as social security numbers, drivers’ licenses, and other identification documents, to gain employment. EOUSA officials told us they believe these defendants are properly coded under the anti-terrorism program activity. We do not agree that law enforcement efforts such as these should be counted as “anti-terrorism” unless the subject or target is reasonably linked to terrorist activity.

There’s an enormous amount of detail in the report, if you want to wade through the 80ish pages of report and another 80ish of appendices.

Posted on February 23, 2007 at 7:13 AMView Comments

CYA Security

Since 9/11, we’ve spent hundreds of billions of dollars defending ourselves from terrorist attacks. Stories about the ineffectiveness of many of these security measures are common, but less so are discussions of why they are so ineffective. In short: much of our country’s counterterrorism security spending is not designed to protect us from the terrorists, but instead to protect our public officials from criticism when another attack occurs.

Boston, January 31: As part of a guerilla marketing campaign, a series of amateur-looking blinking signs depicting characters in the Aqua Teen Hunger Force, a show on the Cartoon Network, were placed on bridges, near a medical center, underneath an interstate highway, and in other crowded public places.

Police mistook these signs for bombs and shut down parts of the city, eventually spending over $1M sorting it out. Authorities blasted the stunt as a terrorist hoax, while others ridiculed the Boston authorities for overreacting. Almost no one looked beyond the finger pointing and jeering to discuss exactly why the Boston authorities overreacted so badly. They overreacted because the signs were weird.

If someone left a backpack full of explosives in a crowded movie theater, or detonated a truck bomb in the middle of a tunnel, no one would demand to know why the police hadn’t noticed it beforehand. But if a weird device with blinking lights and wires turned out to be a bomb—what every movie bomb looks like—there would be inquiries and demands for resignations. It took the police two weeks to notice the Mooninite blinkies, but once they did, they overreacted because their jobs were at stake.

This is “Cover Your Ass” security, and unfortunately it’s very common.

Airplane security seems to forever be looking backwards. Pre-9/11, it was bombs, guns, and knives. Then it was small blades and box cutters. Richard Reid tried to blow up a plane, and suddenly we all have to take off our shoes. And after last summer’s liquid plot, we’re stuck with a series of nonsensical bans on liquids and gels.

Once you think about this in terms of CYA, it starts to make sense. The TSA wants to be sure that if there’s another airplane terrorist attack, it’s not held responsible for letting it slip through. One year ago, no one could blame the TSA for not detecting liquids. But since everything seems obvious in hindsight, it’s basic job preservation to defend against what the terrorists tried last time.

We saw this kind of CYA security when Boston and New York randomly checked bags on the subways after the London bombing, or when buildings started sprouting concrete barriers after the Oklahoma City bombing. We also see it in ineffective attempts to detect nuclear bombs; authorities employ CYA security against the media-driven threat so they can say “we tried.”

At the same time, we’re ignoring threat possibilities that don’t make the news as much—against chemical plants, for example. But if there were ever an attack, that would change quickly.

CYA also explains the TSA’s inability to take anyone off the no-fly list, no matter how innocent. No one is willing to risk his career on removing someone from the no-fly list who might—no matter how remote the possibility—turn out to be the next terrorist mastermind.

Another form of CYA security is the overly specific countermeasures we see during big events like the Olympics and the Oscars, or in protecting small towns. In all those cases, those in charge of the specific security don’t dare return the money with a message “use this for more effective general countermeasures.” If they were wrong and something happened, they’d lose their jobs.

And finally, we’re seeing CYA security on the national level, from our politicians. We might be better off as a nation funding intelligence gathering and Arabic translators, but it’s a better re-election strategy to fund something visible but ineffective, like a national ID card or a wall between the U.S. and Mexico.

Securing our nation from threats that are weird, threats that either happened before or captured the media’s imagination, and overly specific threats are all examples of CYA security. It happens not because the authorities involved—the Boston police, the TSA, and so on—are not competent, or not doing their job. It happens because there isn’t sufficient national oversight, planning, and coordination.

People and organizations respond to incentives. We can’t expect the Boston police, the TSA, the guy who runs security for the Oscars, or local public officials to balance their own security needs against the security of the nation. They’re all going to respond to the particular incentives imposed from above. What we need is a coherent antiterrorism policy at the national level: one based on real threat assessments, instead of fear-mongering, re-election strategies, or pork-barrel politics.

Sadly, though, there might not be a solution. All the money is in fear-mongering, re-election strategies, and pork-barrel politics. And, like so many things, security follows the money.

This essay originally appeared on Wired.com.

EDITED TO ADD (2/23): Interesting commentary, and a Slashdot thread.

Posted on February 22, 2007 at 5:52 AMView Comments

Homeland Security Pork

This article is a perfect illustrating of the wasteful, pork-barrel, political spending that we like to call “homeland security.” And to think we could actually be spending this money on something useful.

When the fire department in the tiny Berkshire hamlet of Cheshire needed a new fire truck, it asked Uncle Sam for a little help.

The response last month was stunning: a $665,962 homeland security grant.

The award was nearly 26 times the annual budget of the volunteer fire department in the town of 3,500. And the rub: The department is not allowed to spend it on a fire truck.

[…]

The town does have the Cheshire Cheese Monument, a sizable concrete sculpture of a cheese press commemorating a 1,450-pound cheese hunk given by town elders to Thomas Jefferson in 1801. But its value as a terrorist target is not readily apparent.

[…]

…Sweet said he might use some of the money to recruit high school students. Or he might put some of the windfall into a marketing campaign to lure volunteers to Cheshire.

“It’ll be on billboards, TVs, and radio stations, and that kind of stuff,” he said. “We’ll have to spend it wisely.”

How many times is this story being repeated across the country? I’m sure the town needs its fire truck, and I hope it gets it. But this is just appalling.

Posted on February 12, 2007 at 6:20 AMView Comments

1 53 54 55 56 57 61

Sidebar photo of Bruce Schneier by Joe MacInnis.