Fighting Decentralized Terrorist Threats

by Marc Hedlund

Related link: http://www.darpa.mil/iao/TIASystems.htm



Note: I originally wrote this in response to a thread on Politech about the Pentagon's TIA program. I've made a few edits.




The criticism I would make of Total Information Awareness (TIA) and
the Department of Homeland Security (DHS) in general is that they are
agressively centralized solutions to an agressively decentralized
problem. I would feel better about our government's efforts to fight
terrorism if I heard much more discussion of decentralized solutions,
and an economic and organizational plan that blended centralized and
decentralized approaches to the problems of terrorism. We need to talk about state and local solutions, not just Federal solutions.



The vast majority of discussion around government response to 9/11 has
framed the question as, "How can we change the Federal government to
prevent terrorist attacks?" The DHS is a Federal entity composed largely of
existing Federal entities. Its efforts, and likewise the Pentagon's
TIA proposal, have (in public discussion at least) been described as
aiming to ensure information is shared between sources, analyzed at a
single desk, and acted upon by a central enforcement agency. In other
words, these efforts aim to centralize information about potential
terrorist acts.



Certainly these are approaches worth using. The INS sending Mohammed
Atta a letter to his Florida address months after 9/11 can only
provoke a wish for a better head on the shoulders of our national
bureaucracy. But do we really believe that terrorists -- who
presumably have heard about the DHS -- will act in the future in any
way that would trigger DHS or TIA attention?



We know these terrorists are determined and willing to spend enormous
time and resources preparing a plan. Terrorist groups, we're told,
plant "sleeper cells" in our country years before an intended attack,
and these cells work strenuously to avoid detection or contact with
other cells. Assume that we go ahead with a TIA-type program, or even
just the DHS as planned, and that we are now able to monitor and
correlate border entries, large cash transfers, anomalous airline
ticket purchases, and whatever other data might alert a central
authority of terror plans. Does this really prevent terrorism? Do we
believe that no terrorist could ever enter the country without
creating a record, bring gold or drugs or something else to convert to
cash on the black market, buy a round-trip ticket rather than a
one-way ticket, and so forth? It seems obvious that even if
centralized data collection, analysis, and response help the problem,
they certainly do not solve the problem. A determined attacker -- as
the 9/11 attackers certainly were -- will do what it takes to avoid
TIA triggers.



Furthermore, is it really the best thing for the country for the FBI,
the CIA, and now the DHS to focus so intently on preventing terrorism
from Washington? I was taken aback to read in the November 21st New
York Times
that

...the [FBI]'s commitment to nonterrorism cases that were once
staples of the bureau dropped significantly in the months after the
Sept. 11 attacks. The number of agents working narcotics cases
dropped 45 percent, bank fraud cases dropped 31 percent and bank
robbery investigations dropped 25 percent, according to the Justice
Department figures, even though the number of reported crimes in
some cases went up.


I can only wonder what has happened to the CIA in parallel. The FBI
existed for good reason prior to 9/11 -- fought serious and difficult
crimes prior to 9/11 -- and yet it is now being criticized roundly for
not dropping its earlier priorities more quickly and completely.
(Senator Charles Grassley of Iowa was quoted in the same article as
saying, "Old habits die hard at the FBI.") We are debilitating the
prevention of crimes that not only still occur, but are increasing.
Who will take up fighting these crimes if not the FBI? Probably state
and local law enforcement.



Let's look at that for a moment. Prior to the Millenium celebrations,
a truck filled with bomb-making equipment was stopped at a ferry
crossing in Port Angeles, Washington, and this probably prevented a
serious attack. While the person who stopped the truck was a Federal
employee (a Customs Inspector), the reason for the stop was not a
centralized database nor an alert from a centralized agency. Instead,
the driver was stopped because he seemed suspicious. An individual
acted on a hunch, investigated, and stopped an attack. We should
learn from this, and we're not.



Rather than focusing exclusively on centralizing, we also need to concentrate resources on training local law enforcement officers
how to better spot and combat terrorism; that is, how to be more like
the Port Angeles Customs Inspector. Rather than sucking all possible
data sources into the Pentagon or the DHS, we could distribute
knowledge to the local -- far more numerous -- law enforcement
resouces who are far more likely to be able to prevent terrorism. How
do you interview someone seeking admission to the country, or to a
sports arena? What are the signs of lying that may be visible in
facial expressions or demeanor? What set of purchases might signal an
attempt to build a bomb? What are the little details a
carefully-trained eye might be able to piece into detection of a
terrorist? This is what I mean by a decentralized approach. Move the
effort to the more massive, more distributed, more intuitive body of
law enforcement coming into daily contact with the same terrorist
cells trying so hard to look normal. If sleeper cells lie dormant for
years, local police will very likely encounter at least one member of
the cell in that time. Don't we want those police officers to know
what questions to ask that might detect the cell?



We could be taking this approach, but we're not. We could be
improving the ability of local law enforcement to detect terrorism --
but instead we're degrading that ability, since we're shifting the
FBI's traditional crime-fighting work onto local resources. The one
method that has actually prevented a terrorist attack on US soil is
not being used, and is instead being inhibited. We are focusing on
centralizing intelligence and resources when instead -- or at least in
addition -- we should be decomposing, distributing, decentralizing.



I'm not suggesting, obviously, that the Federal government has no
role, nor a minimal role. Watch lists and signals intelligence and
data warehousing almost certainly are key tools for fighting
terrorism. But before we go too far in creating (or trying to create)
a grand unified database of all electronic transactions, maybe we
should think first about whether this is a problem best solved by
brute force data analysis, or a smart cop on the street.


1 Comments

anonymous2
2002-12-11 04:29:17
I'd love to know
Are there any Centralized terrorists? Surely it is essential to the operation of terrorism that it is decentralized?