Fusion Center

The U.S. Department of Justice and the U.S. Department of Homeland Security collaborated to develop a comprehensive set of guidelines for developing and operating fusion centers. The guidelines are outlined in a report entitled “Fusion Center Guidelines—Developing and Sharing Information in a New Era.”


“Guideline 8: Develop, publish, and adhere to a privacy and civil liberties policy” states that constitutional rights, civil liberties, and civil rights are protected throughout the intelligence process, and says:


In order to balance law enforcement’s ability to share information with the rights of citizens, appropriate privacy and civil liberties policies must be in place.


Privacy and civil liberties protection should be considered in the planning stages of a fusion center. As systems are designed, analysis should be made and protections should be developed for personally identifiable information to ensure its protection.


DOJ’s Global Justice Information Sharing Initiative (Global) has developed the Privacy Policy Development Guide and the Privacy and Civil Rights Policy Template for Justice Information Systems to aid justice practitioners with developing or revising an agency’s privacy policy.


Following these guidelines in developing civil liberties polices are not just suggested by these guidelines. Charles Allen, Under Secretary for the DHS Office of Intelligence and Analysis, had this to say during testimony before a DHS Subcommittee on Intelligence, Information Sharing, and Terrorism Risk Assessment:


The Global Justice Fusion Center Guidelines published by DHS, DOJ, and participating state and local governments require fusion centers to create policies to protect the civil liberties of our citizens. Fusion centers have to adhere to these guidelines in order to receive Federal grants.


So what is the Privacy and Civil Rights Policy Template for Justice Information Systems? The document’s introduction states:


The atrocities of September 11, 2001, brought into focus the need to greatly improve our methods of gathering and sharing information on terrorists, criminal activities, and the individuals and organizations likely involved. It also highlighted the need to do so in an efficient manner, one that did not waste time and resources gathering irrelevant information, duplicating information already collected, or gathering information about people unlikely to be involved in illegal activities.


One element of a more robust information gathering and sharing system is an up-to-date and comprehensive policy protecting individuals’ privacy, civil rights, and civil liberties. Improved public safety does not have to come at the expense of these rights. Rather, public safety is further enhanced when individuals are sufficiently comfortable with the integrity of justice information system operations and therefore are willing to cooperate with and support them.



Section B – Elements of a Basic Internal Operations Policy, is intended provide detailed guidance on developing an operations policy protecting privacy and civil liberties. Section B.4.10 discusses what information may be sought or retained. B.4.10(b)-(c) state:

(b) This agency will not seek or retain information about an individual or organization solely on the basis of religious, political, or social views or activities; participation in a particular organization or event; or race, ethnicity, citizenship, place of origin, age, disability, gender, or sexual orientation.


Subsection (b) states that the agency will not seek or receive any information about an individual or organization just because of the individual’s or organization’s political or religious views or because an individual participated in a particular association or event. Doing so would violate state, tribal, territorial, and federal laws about freedom of religion and association and equal protection. For example, information could not be collected and kept about individuals solely because they belonged to a particular church or had participated in a particular demonstration.


(c) This agency will not seek or retain information about the political, religious, or social views; participation in a particular organization or event; or activities of any individual or his or her race, ethnicity, citizenship, place of origin, age, disability, gender, or sexual orientation unless such information is:

1.

Relevant to whether an individual or organization has engaged in, is engaging in, or is planning a criminal (including terrorist) activity;


Subsection (c) prohibits an agency from collecting specific types of information about an individual or organization. The types of information that cannot be retained relate to protected activities, such as religion, political affiliation, and membership in an association.


MIAC states in its’ posted privacy policy, under Information:


In fulfilling its public safety role, MIAC may actively seek, analyze, disseminate and retain information that is based on criminal predicate, reasonably suspected terrorism nexus, or that which negatively impacts public safety. Such information must be relevant to investigation, prosecution, and/or mitigation of genuine public safety incidents. In order to provide law enforcement, public safety and other affected agencies with useable strategic intelligence, MIAC may also engage in research toward that end.


MIAC will not seek or retain information about individuals or organizations based solely on religious, political, or social views and/or activities.


Both the Privacy and Civil Rights Policy Template for Justice Information Systems and MIAC’s own privacy policy appear to explicitly forbid collecting information about individuals and organization just because of the viewpoints expressed by those individuals or organizations. Adhering to these policies impacts a fusion center receiving federal grand funding.


B.5 addresses information quality, and B.5.00(a) states:


(a) The agency will make every reasonable effort to ensure that information sought or retained is:

(1) Derived from dependable and trustworthy sources of information;

(2) Accurate;

(3) Current;

(4) Complete, including the relevant context in which it was sought or received and other related information;

Subsection (a) (4) addresses the “completeness” of the information. For information to be most useful to law enforcement, criminal intelligence, and justice communities—as well as others responsible for public protection, safety, or health—the full context must be collected and retained. This includes the context in which the information was obtained as well as seeking and retaining the whole story.


MIAC states in its’ posted privacy policy, under Quality Assurance:

MIAC will make every reasonable effort to ensure that information is derived from reputable sources, is accurate, reasonably up-to-date, and complete given the circumstances.


Under no circumstances will an analyst use information known to be erroneous, misleading, or unreliable.


The Privacy and Civil Rights Policy Template for Justice Information Systems addresses information gathering. The Fusion Center Guidelines also suggest standards for analytic products under Guideline 14: “Offer a Variety of Intelligence Services and Products to Customers”:


The National Criminal Intelligence Sharing Plan (NCISP) recommends that the agency chief executive officer and the manager of intelligence functions should “support the development of sound, professional analytic products (intelligence).” One way to accomplish this is to recommend that products meet substantive criteria. The International Association of Law Enforcement Intelligence Analysts’ (IALEIA) Law Enforcement Analytic Standards booklet provides standards for analysis that correspond to the intelligence process. It is recommended that analysts or individuals fulfilling the analytic function adhere to the standards outlined in the booklet.


The Law Enforcement Analytic Standards booklet lays out 25 standards for Analytic Products and Processes. Standard #15 pertaining to analytic accuracy corresponds with the information quality section of the above template:


An analytic product shall be an accurate representation of the data. In cases here exculpatory data has been found along with proofs, both should be included.


Likewise, it is important to note information that is in conflict with the hypothesis as well as that data which supports it. The best scenario is an analyst’s having few to no preconceived ideas about what occurred but letting the data tell what has occurred. The presence of exculpatory data may be critical to the decision-making process. Noting this information also allows the analyst to play “devil’s advocate” to view the occurrences from the target’s or defendant’s point of view.


So not only is it critical from a civil liberty protection perspective to seek and retain complete information, and it’s context, it’s advised from an analytic quality standpoint to include an accurate representation of both sides when preparing an intelligence document. MIAC’s privacy policy is silent on this point.


Both the Law Enforcement Analytic Standards and the Privacy and Civil Rights Policy Template for Justice Information Systems also deal with reliability of information.


Section B.4.30

At the time of retention in the system, the information will be categorized regarding its:

1.

Content validity;
2.

Nature of the source; and
3.

Source reliability.

The objective of categorization is to let subsequent users assess the extent to which they can rely on the information. The expectation is that when the information is first retained, it will be coded as to its content validity and source reliability. The section applies to law enforcement, criminal intelligence systems, and other systems in which the person reviewing the information needs to know about its validity and reliability.

Subsection (a) (3), source reliability, and addresses the consistency of the content validity of information obtained from a particular source over time.


And

1. 13. Evaluation Standard

Information collected from all sources shall be evaluated

and designated for source reliability, content validity,

and relevancy.


MIAC’s policy states:

All MIAC employees will ensure that information is verifiable, collected in a lawful manner, and lawfully disseminated. The limitations on the quality of the information will be noted if a source is of doubtful credibility.


The Modern Militia Movement report notes at the bottom: “The information herein may not be MIAC originated intelligence unless noted. Therefore the annotated originated agencies in the newsletter should be contacted for the sources and reliability of information.” The standards and guidelines above seem to indicate that MIAC is responsible for classifying sources for credibility and reliability, and that probably doesn’t mean to direct readers of the analysis to the source to ask them about their credibility. Regardless, the only agency noted as a source is the Southern Poverty Law Center:


The SPLC reports that between the Oklahoma City Bombing in 1995 and 2005 that roughly 60-rightwing extremist plots were uncovered.


Why are the cited only by acronym here? Because they’re mentioned earlier in the report as a potential victim of a Militia plot.


Now, my interpretation of these documents may very well be incorrect; after all, I’m basing that interpretation on a layperson read-through of the publicly available government documents that are presented as guidelines for fusion cells to follow.


The MIAC incident is not an isolated example of fusion centers pushing the boundaries of civil liberties and privacy.


Last year, Virginia passed a bill to exempt their fusion center databases from the Freedom of Information Act.


In February, a “Prevention Awareness Bulletin” was leaked from a Texas fusion center. The bulletin urges law officials to report on the activities of Islamic organizations, anti-war protests, and of activities such as “growing tolerance in the U.S.”.


In 2005 and 2006, Maryland fusion centers collected data from undercover surveillance of war protesters and death penalty advocates, whose names were placed in the Maryland State Police Database as ‘suspected of involvement in terrorism.’


The Northeast Ohio Regional Fusion Center, in a very patriotic looking brochure entitled “Terrorism Awareness – Seven Signs of Terrorism” urges citizens to contact law enforcement if they “observe people acting suspiciously.” What constitutes suspicious behavior? Using a camera, drawing diagrams, making notes on maps, researching bridge usage, monitoring a police radio frequency, or just not fitting in are potential signs of terrorism.

---