Browse Content by Topic:
How 9/11 Has Changed Law Enforcement Intelligence Analysis
Author: Steve Serrao and Dale Peet
Copyright: 9-1-1 Magazine, Feature Content
For Americans, 9/11/2001 is one of those dates that is burned forever into the national consciousness. Everyone who was alive then and old enough to be aware of what occurred that terrible day remembers where they were when they heard the news.
As the nation struggled to understand how something like 9/11 could occur on American soil, information came to light about breakdowns in information sharing between law enforcement agencies that might have helped prevent it. Predictably, there was a heated outcry to fix those breakdowns in order to protect our citizens from similar threats in the future.
So, what has been done since those dark days to improve information sharing and law enforcement intelligence analysis? Actually, quite a bit. New initiatives and new tools are available to reduce threats to our security not only from terrorists but also organized crime, street gangs and others.
Unfortunately, not all law enforcement agencies are taking advantage of them. That’s why it bears taking a deeper look at these tools and initiatives, to show how they can help fulfill the mission laid out in the Preamble to the United States Constitution – especially the part about insuring domestic tranquility and providing for the common defense.
Shortly after 9/11, many law enforcement agencies placed great emphasis on capturing information from more sources and storing it in newly established data repositories. Information such as Tips & Leads, Organized Crime Intelligence, Counter-terrorism Intelligence and data gathered from social media and other Internet sources were highly sought-after.
Recently, that thinking has shifted. Rather simply gathering and storing information, agencies have become equally interested in setting up information management systems that can mine existing data repositories more effectively, helping them take better advantage of the large number of records they have been gathering for many years.
This post-9/11 drive toward capturing data and implementing better intelligence management systems has been aided by several larger initiatives, which have helped create a framework for nationwide cooperation between law enforcement agencies at every level.
One of the biggest and most well-known initiatives is the National Data Exchange, popularly knows as N-DEX. Launched by the FBI in 2008, N-DEX is a national system that enables law enforcement agencies to share non-intelligence information, such as Records Management System (RMS) much more easily. Enabling this type of information-sharing assists in catching criminals. It also helps prevent crimes and terrorist attacks by identifying trends and patterns.
Another major change since 9/11 is the creation of the Nationwide Suspicious Activity Reporting Initiative (NSI), which encourages citizens to report on suspicious activities (such as individuals learning to fly jumbo jets but skipping the part about how to land them) and law enforcement agencies at the local, state, tribal and regional levels to share suspicious activity reports (SARs) with one another to enhance investigations and analysis. A related initiative is the FBI’s eGuardian system which is focused on terrorism-related suspicious activity.
Prior to NSI and eGuardian, these types of Tips and Leads would often be buried in the incident reports found in RMS or CAD systems, or may not have even been entered into them. Either way, this valuable information that could help paint a more complete picture of potential threats wasn’t available to terrorist, gang or drug investigative units. But now, the information is being vetted by trained personnel and shared between agencies more easily.
A third major initiative has been the creation of regional intelligence fusion centers, which collect information from all available sources, vet it, analyze it in order to identify trends, patterns and threats that may indicate planned or ongoing criminal or terrorist activity, and share it among all concerned parties. The information comes from (and goes out to) federal, state, regional, local and tribal agencies. So far, about 70 DHS-recognized fusion centers have become operational since 2004.
Fusion centers act as command centers for regional threats. They excel in their ability to analyze information using a combination of advanced tools and analysts with specialized training. These centers attempt to address the fact that clues related to criminal activity often remain undiscovered when they are isolated in separate, disconnected law enforcement databases.
By bringing the data into one place or making it accessible on one software platform where analysts can connect the dots, these regional fusion centers provide a more complete picture that is greater than the individual pieces of evidence. These centers help to answer the question “if we had all the pieces, why didn’t we see 9/11 coming?” That alone is enough reason for local law enforcement agencies to connect with their regional fusion centers.
Social media as a new resource
Something that has definitely changed in the years since 9/11 is how much more information is publicly available to law enforcement through the Internet and social media. Internet search tools, social networking sites and other technologies have grown considerably, which means investigators have a greater amount of publicly available information to use in learning about suspects and building a picture of their activities. Including information people publicly publish themselves in their own Web-based profiles.
This is especially true with social media. New commercially available analytics technologies can pore through social media data to uncover patterns and analyze sentiment. These tools can continuously monitor online and social conversation data to identify important topics and content categories. Predictive analytics can be used to identify a criminal threat as it develops, and allow law enforcement to intercede quickly, possibly preventing a crime or terrorist act from occurring.
Where improvement is still needed
After 9/11, most of the resources of law enforcement agencies at all levels was dedicated to counterterrorism efforts. Unfortunately, that meant taking away staffing from other specialized units such as gangs, organized crime, drug trafficking, etc. that focus on other overt threats.
In addition, as we travel around North America we still find police agencies that collect volumes of information without conducting the required analysis to incorporate it into their strategic responses. It’s understandable, because at one time or another we all experience the phenomenon of being overtaken by events. When that happens, even the most well-intentioned may let the strategic tasks take a back seat to the tactical requirements of the day. But good commanders can create structures and set workflows to ensure that a strategic focus is maintained.
Another issue that often comes up is the use of the technologies that are available. For example, some departments may not realize the value of mining CAD data.
There is a lot of specific information, such as names, dates, etc. that may not rate being entered into the official RMS but is still valuable. Some agencies are making their CAD data available and searchable to regional law enforcement. That’s a huge change since 9/11, when data was guarded more closely. But more agencies need to begin sharing.
Crime crosses physical and jurisdictional borders. This data integration will help fill gaps so investigators and analysts can discover previously-unseen links that help build a more complete picture. CAD data can reveal something as simple and critical as an address for a suspect
Leveraging the Information Sharing Environment
In the years following 9/11, government and industry have worked together to create the modern Information Sharing Environment (ISE), which gives investigators, analysts and others instant access to all the information obtained at many levels all over the country. Whether it’s a beat officer’s report of suspected gang activity at a particular street corner, a CAD report of an unmarked white van sitting outside a government building, a SAR about the unusual comings and goings at a home or some other seemingly isolated incident, having that information in a central repository is helping law enforcement fill in the missing pieces or spot patterns that would not otherwise be visible. This approach addresses some of the fundamental concerns raised by the 9/11 Commission Report.
A good example comes from the New Hampshire State Police (NHSP), which used data sharing to solve a case involving threatening letters being sent to one of the Governor’s offices.
As a matter of practice, they had been scanning regional and national intelligence bulletins into a document repository that used a single interface to search across many different data sources. They discovered that an individual from the Midwest had been sending out similar threatening letters across the country. Because of regional data sharing, and the use of sophisticated search tools, they were able to make a connection and locate the individual. It was an excellent example of intelligence-led policing.
Are we there yet?
Thanks to the concerted efforts to capture and share information, and to technologies that make it easier to find, law enforcement sophistication is far better than it was on that fateful day in 2001. The benefits have extended even to the foundation of law enforcement – the beat cop, whose situational awareness in the field has improved due to greater access to analysis resources and mobile search technologies.
Are we there yet? Have we reached the point where we have all the tools and initiatives we need to predict and intercede in crime? Of course not. But the last 10 years has seen marked improvement in that area. We can be proud of the efforts that have been made, and use them as building blocks to continue protecting the citizens we serve.
Captain Stephen G. Serrao (retired) is a former New Jersey State Police Counterterrorism Bureau Chief. He now serves as Director of Law Enforcement Solutions on the Memex Solutions Team at SAS (www.memex.com), the leading worldwide provider of intelligence management and data analytics solutions for law enforcement, military intelligence and commercial organizations.
Lieutenant Dale Peet (retired) is a 23-year veteran of the Michigan State Police and former commander of the Michigan Intelligence Operations Center, Michigan’s largest and primary fusion center for homeland security. He now serves as Principal Consultant to the Memex Solutions Team at SAS (www.memex.com).