Information Sharing in 2011 and Beyond: Remaining Challenges and Opportunities

This summer, the CSIS Homeland Security and Counterterrorism Program begins its second annual year-long series on information sharing in security and counterterrorism, sponsored by IBM. Last year’s events examined information sharing from a range of perspectives. Among the topics explored was the role of information sharing in federal, state, and local counterterrorism cooperation; in national border security efforts; and in the use of new technologies by government and the private sector.

This year’s series begins as the Obama administration drafts the National Information Sharing Environment Strategy, which builds on the October 2007 National Strategy for Information Sharing. The formulation of a new strategy document is coming at an appropriate time given the 10th anniversary of the September 11 attacks. 9/11 catalyzed sweeping legislation—particularly the 2004 Intelligence Reform and Terrorism Prevention Act—that changed the way government agencies share terrorism-related information. In the spirit of those reforms, the updated national strategy will, in the words of the Program Management Office for the Information Sharing Environment, seek to embrace “the totality of terrorism related-information sharing” (http://www.ise.gov/national-information-sharing-environment-strategy). At the same time, though, the new strategy document and larger information sharing regime will have to grapple with recent criticism that expanded sharing has gone too far. Such criticism has been propelled by WikiLeaks’ illegal disclosure of hundreds of thousands of classified U.S.
government documents in 2010. Especially troubling was the release of several hundred thousand State Department cables, which were allegedly accessed by a U.S. Army private serving in Iraq—an individual whose narrow, tactical responsibilities should not have necessitated such broad access to sensitive diplomatic information.

In the aftermath of last year’s leaks, the Departments of Defense and State, along with other federal entities, took swift action to close the most glaring technical and policy loopholes that allowed such a massive document disclosure. The Defense Department, for instance, limited the ability of individuals to use removable media like compact discs to remove data from classified networks. The Defense Department also expanded the use of Public Key Infrastructure (PKI) credentials to improve the identification of users who access sensitive networks and data.

These types of reforms represent important progress in the Obama administration’s ongoing efforts to refine the country’s approach to security-related information sharing. In addition to such discrete initiatives, it will also be important to accelerate a more general, strategic dialogue about the need for policy to drive technology, instead of the other way around. Ambassador Patrick Kennedy, undersecretary for management at the State Department, zeroed in on this issue during Senate testimony in March:

The post-9/11 mindset was focused on providing technical solutions to information sharing problems. As a result, technical experts were asked to develop solutions to the barriers inhibiting information sharing. The post-WikiLeaks environment reminds us that technology is a tool to execute solutions but is not in itself the answer. Simply put, we must more consistently sort out what we share before determining how we share it. Connecting systems and networks may provide the means to share information, but we must still manage and share the content in the most appropriate way (http://www.ise.gov/sites/default/files/TestimonyKennedy20110310.pdf).

Kennedy’s exhortation dovetails with frequent comments from leaders in private industry, who during last year’s CSIS series on information sharing often spoke of the need for government to more clearly define requirements for new technologies.

These sorts of remarks underscore a critical point about the need for an integrated approach to information sharing. If the past several years have been about the basics of information sharing—changing bureaucratic cultures, developing the appropriate technological infrastructure, laying the legal groundwork—then the next few years will be about better synthesizing the policy, technological, and legal dimensions of the sharing regime. The new National Information Sharing Environment Strategy presents the Obama administration with an opportunity to do just that.

Rick “Ozzie” Nelson is director of the Homeland Security and Counterterrorism Program at the Center for Strategic and International Studies in Washington, D.C. This commentary is part of the program’s second annual year-long series on information sharing in security and counterterrorism, sponsored by IBM.

Commentary is produced by the Center for Strategic and International Studies (CSIS), a private, tax-exempt institution focusing on international public policy issues. Its research is nonpartisan and nonproprietary. CSIS does not take specific policy positions. Accordingly, all views, positions, and conclusions expressed in this publication should be understood to be solely those of the author(s).

© 2011 by the Center for Strategic and International Studies. All rights reserved.