Facebook Icon   Linkedin Icon   Twitter Icon   YouTube Icon




"This is a Partnership with America"
By Ed Peaco
 
Disaster Medicine

NSI Director Thomas O'Reilly: I understand that you had a good visit to New Jersey.

IHS: Yes, indeed. Major Souchek rolled out the red carpet for us. We had a tremendous experience there. I'd like to start by continuing with the thread of discussion from New Jersey. Could you tell me about your role in creating the ROIC there in Trenton?

O'Reilly: In my capacity as Administrator for the Department of Law and Public Safety in the post-9/11 era, using my background in fusion center issues, and other national emergency management perspectives, we engaged and developed a new emergency management facility for the state of New Jersey. The Colonel of the State Police—and there is only one other state, Michigan, that's like this—serves both as the emergency management director as well as the superintendent of the state police operation. In most states, it's a separate FEMA-like organization. So as we were developing a new emergency management center (EOC), it just seemed very logical, assuming we could get the funding, to collocate those functions together. And for all intents and purposes, the fusion center, with its steady 24/7 flow of information, would be at the front end of any emergency, as well as developing information that would help both from an all crimes perspective and receiving information from the federal government concerning terrorist threats and adding value to that by seeing the information percolating up from the cities and other communities, and then kind of massaging that and producing a product that's relevant to the 580 municipalities within the state of New Jersey.

In 2001, 2002, 2003, there was an avalanche of information coming from the feds to the states, and unfortunately—and this is nobody's fault, it's just a matter of maturity—most of the information would be generic, such as "there is a threat in the Northeast." And it got a little better when we got a threat against mass transportation in the Northeast, but not a whole lot of additional information. So, after a while, it was like crying wolf in terms of we would spend a million dollars a week deploying troopers to critical infrastructure to protect it against a generic threat. So as things got a little better, we found out that the threat would be against transportation—I'm just using this as one example—and then can we leverage the fusion center to identify the mass transportation hubs? Are they Newark, Penn Station, and Trenton? Would it be the tunnel under the Hudson River from NYC to Newark? So the people could be deployed in the event of a threat with a little more specificity, and in addition, the fusion center role is to gather information from local police, from local communities, as it relates to suspicious activity to further pinpoint the risk.

But going back to my role, basically as we were building the emergency management center, myself, working with originally Colonel Dunbar, then Colonel Fuentes, teamed up and went to the legislature, went to the state treasurer, got some additional funding in order to add the fusion center process ultimately to the EOC process. And subsequently, we were also able to add the public safety answering points for the cellular 911. So you had, No. 1, situational awareness because the cellular 911 calls were being answered at that building. No. 2, you had the analytical capacity of the fusion center, as well as the watch commander issues there, to take information, add value to it, make it relevant to New Jersey, as well as collect additional information from the ground, so to speak, and add value to the New Jersey product, as well as passing it up to the federal entities, such as DHS (Department of Homeland Security) and JTTF (Joint Terrorism Task Force). Then, finally, if those prevention mechanisms—i.e. the phone notice, the intelligence of the fusion center—were not successful, and the event still occurred, then you had the ability to respond from a command and control perspective, running the response and recovery effort out of the EOC.

So in many ways, it was one-stop shopping. From an economic point of view, it leveraged the similar types of resources, so they didn't have to be repetitive. As we built the building out, there were other design functions that just seemed very logical, like the press room in the front, inside to notify the public of a threat, whether it's a potential terrorist attack, or a tornado, or a hurricane coming. So, we ended up getting the funding and convincing the state legislature to pass the appropriation, and the rest is history in terms of design of that building and the way you saw it the other day.



IHS: I can see now, from your explanation, perhaps why you became the logical choice for NSI Director. Do you think of New Jersey as a template?

O'Reilly: Yes, New Jersey is a template, but not the only template. I think the beauty of what we do, with the 72 fusion centers and the NSI, is that it allows us to have a certain degree of standardization. In the case of the NSI, we're standardized on the data model in terms of needing a national information exchange model. We're standardized on the behaviors, the privacy policies, and the definition as to possible nexus to terrorism, in order to share that information.

But the beauty of it is that it still allows us flexibility so that we respect and can accommodate the unique needs of each of the 72 jurisdictions, the 50 states, and the 22 Urban Area Security Initiatives Operations (UASI). A good example is Minnesota. Their legislature has a conservative policy as to sharing information that identifies individuals in police databases. So in that case, it's what you call, PII, Personally Identifying Indicators, and in the Minnesota case, they still participate in the NSI, but they control their database locally. … And so, Minnesota can play in that space, but they can still adhere to their state's requirements by being able to blank out certain fields that we have set up as personally identifying fields.



IHS: Major Souchek said he was observing a shift in the way fusion centers are structured, that they began with more local emphasis and now are becoming more uniform. Do you have a view on that?

O'Reilly: Actually the way they began, in many ways, was as a conduit for information coming from Homeland Security and the FBI in order to have one focal point—so the governors, the mayors, and state police colonels could be advised, because in 2001 and 2002, the information was coming in to multiple entry points. It also helped, in a more economic fashion, to utilize resources, so that if the target was potentially a Newark railroad station, and the Newark Police Department had already deployed 10 extra cops to patrol it, then the State Police knew that they did not have to go.

So, I think that the fusion centers have a dual purpose, and each one is a little different in terms of how this mix occurs. There is certainly the functionality, in terms of homeland security—they have played a critical role as outlined in the 2007 National Strategy for Information Sharing as well as several other documents that the White House has issued. And in addition, the role in terms of dealing with localized crime and localized police emergency issues has emerged, and that's becoming a very critical role for New Jersey. Now with the layoffs that are occurring in the police departments, the fusion centers are assuming that data analysis role for many of the larger cities, as well as the smaller cities. And there's actually a partnership within the International Chiefs of Police Association, which is representative of smaller and mid-size police departments, working to partner the fusion centers with those police departments to help them, particularly in these times of tough economic needs.

So it's a mix of homeland security and, pardon the cliché, hometown security, regardless of what the public safety threat is. The threat may be coming from overseas, in terms of people sitting in caves in Afghanistan or other places. Or that threat could be coming from the woods in Michigan—as you may be aware, they locked up 12 guys in Michigan who were part of a militia, who were going to kill a police officer, in order to attract more police officers at his funeral so they could shoot more police officers, which is another threat of a domestic nature. Or it's a threat from people who are violent extremists in animal rights, or abortion, or other types of things, where we've seen bombs detonated in abortion clinics, or violence exhibited against pharmaceutical companies.

But the beauty of it is now, on the basis of the Global [Global Justice Information Sharing Initiative] tools that I mentioned to you before, we have certain standard or certain baseline capabilities that we are trying to work at the state and local level so everybody has—I won't call them standards, in the sense that everybody is a cookie cutter, but they all have an analytical component. As an example, they all are engaged with the Nationwide SAR Initiative. They all have a privacy policy, but within that privacy policy is the flexibility to customize it to their particular needs, their particular statutes, and operational considerations. So, although there is a network of 72 fusion centers, and there are some core standards to ensure interoperability, all use the National Information Exchange Model, or NIEM, as a data model again, not only for NSI, but for other communications. And there are certain fundamental things that are just good government, and good public safety, like a good privacy policy and a good analytical policy. There's no standard that says everyone has to have five analysts who are doing homeland security work, and everybody has to have two analysts who are assigned to gangs and guns, or something of that nature. This is a local or state determination, though. Hopefully that's clear.



IHS: What else does the NSI do that we need to know about besides develop and support fusion centers?

O'Reilly: Well, right now the NSI has a comprehensive program that goes from a data model to aggressive training where we are trying to have outreach to all 800,000 police officers in the country to provide them with a front-line video of training. It's 15 minutes, and it might be worth your viewing it. [The NSI] is associated with fusion centers, it's associated with the street cops, the local cops, it's associated with the public, with If you see something, say something, the DHS Secretary's program, and it's associated with all the critical infrastructure in the country. In addition, we have three sources of information: cops, the public at large, and those people who are protecting the critical infrastructure or high value targets, such as chemical plants, such as dams, such as nuclear reactors, such as maritime facilities. So in that sense, we touch a lot of different things.

In addition, we are also working in terms of using the shared space solution and the NIEM solution to develop other critical public safety priority issues. We are about a month away from issuing a gang standard for information exchange. Right now there are about five different gang databases out there nationwide, and most of them will not talk to each other because they were developed with different proprietary software. NIEM, being somewhat of a middleware type of solution, overcomes that, as well as again trying to standardize the vocabulary and standardize the protocols, but still allowing that flexibility that each of the states needs.

We are also looking at human trafficking, and things like gun trafficking, as other areas that we may become involved in, so we have a homeland security role vis-à-vis counterterrorism and fusion centers, but we have a much broader public safety role that's emerging as part of our core role as the Bureau of Justice Assistance in the Department of Justice (BJA), where we are housed. The BJA interacts with state and local law enforcement as well as providing federal funding to those entities.



IHS: It also appears that the NSI may very well evolve because, as I understand it, the rollout of fusion centers is expected to be completed within the next year. What's next?

O'Reilly: There are a couple of things next. You are right; we are trying to have all the fusion centers completed within the next year. And there's some interest in expediting this because, as we see from the terrorist threats from around the country in the last 12 months, whether it was Dallas last week, or Times Square, or Detroit, or Portland, Oregon, with the Christmas tree issue, that these incidents of terrorism occurring on American soil have quadrupled in the last 12 months. Then you have the Somali issue up in St. Paul, where people are allegedly going overseas to fight and then coming back is also a concern. What's next is moving to provide more robust analytical tools that will allow the analyses to be done at both the fusion center level and the DHS and FBI level, and take advantage of both open source as well as intelligence type information in order to better protect the homeland.

What's next is looking at the all crimes perspective, because in many cases, the terrorism issue is not an isolated incident of terrorism. I will give you two examples: In Torrance, California, a couple of years ago, there were guys who got out of prison—three people who radicalized the prison, who started doing gas station robberies. They did a number of robberies and they finally got arrested. When they executed a search warrant on their dwelling, they found not only the tools of robbery in terms of automatic weapons and masks and things like that, but they also found a ton of terrorist-related literature. They found maps of the National Guard facility, maps of local synagogues, and the rudimentary makings of bombs. If you go to the East Coast, not too long ago, in South Carolina, there was a case of cigarette smuggling by Hezbollah, which was bootlegging cigarettes up to New York and to Detroit. And the investigation of that case proved that the proceeds were going overseas to buy firearms to fight in Afghanistan and Iran. If you go back to the West Coast, there are a couple of SARs that were discovered related to shoplifting. There were a couple of jurisdictions that had a rash of shoplifting where 30 people would go into a Walmart or a Target and clean off the shelves and then take off. Ultimately, as part of the knitting together of the SARs and the investigation, it also proved it was Hezbollah, in terms of working with the number of illegal aliens coming across the border, taking them in to do the shoplifting, and particularly focusing on products that have a high black market value and selling them for fundraisers for terrorist activities. The issue of crime—whether it's robbing gas stations, the smuggling of cigarettes, shoplifting, or other things—is all very complicated and all very interwoven into the potential terrorist/homeland security issues. So, the next step of moving beyond pure counterterrorism to some of the all crimes issues is a logical step, and it is certainly a step that is confronting the states right now, whether it's gang violence, firearms trafficking, or other things like that.



IHS: Is there anything else that you want to add at this point?

O'Reilly: Three things: One is that when you think of the NSI, it's anchored in behaviors; it's not anchored in the who. It's not Arab-looking males, in terms of a profiling issue. But it's specifically anchored in behaviors that have been researched through looking at over 500 terrorism cases, nationally and internationally, and identify the surveillance issues, the interactions with security guards, and the burglaries committed to test how soon the police respond. That's important, because that helps us address civil liberties and privacy rights in terms of pinpointing somebody because of their race, color, religion, or dress, and it moves it to the factual basis of using the behaviors as our factual principle. Also, those behaviors have to occur within or adjacent to a critical infrastructure or a high-value target. If those two elements occur, basically you have a SAR that has a potential nexus to terrorism.

Next, it takes some analytical effort to make a determination as to how real it is. If it's photography of a bridge, let's say, and an officer stops an individual because a citizen calls in, and that photographer took one or two pictures and explains to the officer that his grandfather built the bridge 30 years ago, or that he's an architecture student and he's doing a photo essay for a class project, and he only took one or two pictures, and everything kind of checks out, then the officer basically says, "Have a nice day, enjoy yourself." If when the officer rolls up and the guy is taking 30 pictures of the bridge, and he's been taking pictures that are obviously of the closed-circuit TV, of the security provisions, of the underpinnings of the bridge, and he has a very garbled explanation as to what he's doing, then that becomes a potential SAR issue; and the officer needs to ask the next question or questions to further review the circumstance. In some ways, it's what I call the tourism vs. terrorism test. Because we know in D.C., where I am right now, at this moment, there's probably thousands of people taking pictures of the White House and Union Station and the Washington Monument and various bridges or whatever. Obviously, they are not terrorists. Usually they are taking one or two tourism photographs and moving on. It's when you get somebody that's doing 40 pictures of Union Station and taking pictures of the track controls and stuff like that—where the cops are located—then that becomes an issue. So, behaviors are a critical issue, and where they are occurring is extremely critical. And then the issue of privacy policy is the third leg of this, in terms of making sure that everybody has a privacy policy before they are allowed to exchange information across state lines.

The second issue is that this is a partnership with America. And we need the participation of all communities, whether it's the various faith-based communities, the Somali communities, and people over here of various immigration statuses, etc. In order to cooperate with the law enforcement, in order to have an understanding that when they give information to law enforcement, that it will be used correctly and appropriately, consistent with civil liberties and privacy safeguards. I think that's important. The second aspect of this issue is that the information has to come from the police officers. So when a citizen sees something, the police officer is sensitized that he needs to ask the next question, because that hole in the fence may not be vandalism. It may be someone checking out how soon the police respond to that chain-link fence that is around a critical infrastructure. And we are doing that, working with a number of professional associations to reach out to all 800,000 police officers in America to provide them with that basic training. So, we need the public at large to be partners in this program. The issue is that nobody knows the community better than the people who are living in that community. I don't care whether it's who's trafficking drugs, who's selling guns, or who might be making a bomb in their basement type of thing. People know the anomalies, they know what's out of the norm, and they have to have that ability and confidence to report it to the police.

And finally, after all those collection processes work, we need to make sure, as the 9/11 Commission reports, that we connect the dots. And that's what the NSI does. It encourages the reporting, consistent with privacy policies and certain behavior standards, and then it provides the mechanism so that all 72 fusion centers, in conjunction with DHS and FBI, have the ability to connect the dots and make a determination that there is a threat to America before that threat gets operationalized.








Copyright © 2014 American Board for Certification in Homeland Security, CHS®. All Rights Reserved.
2750 East Sunshine St. Springfield, MO 65804   -  1 (877) 219-2519