Изображения страниц

Senator FEINSTEIN. Mr. Chairman, if I may, after the four lead questioners, would it be your intention to recess for lunch?

Chairman GRAHAM. If the four lead questioners all take their full time, that would put us at approximately 1:00 or close thereto, so, yes, it would be my expectation that we do the lead questioners, break for lunch, reconvene at 2:30.

Senator MIKULSKI. Mr. Chairman, there is a vote at 12:15.

Chairman GRAHAM. The Senators will have to leave to accommodate that.

Congressman Bishop.

Mr. BISHOP. Thank you very much, Mr. Chairman. Let me thank all of our panelists for bringing very, very illuminating testimony to us this morning. Let me begin by saying the joint inquiry has established a number of things, including that the CIA and NSA possessed critically important information on two of the hijackers, Mihdhar and Hazmi, that was buried within the CIA's raw operations cables and the NSA's raw intercepts. Almost no one outside of these agencies was allowed to access these databases of raw HUMINT signals intelligence. CIA and NSA, the analysts, either did not see this information or concluded that it did not reach internal thresholds for reporting or did not appreciate the needs of other agencies for that information. Thus, critical information lay dormant for, in the most basic intelligence databases, over a period approaching two years.

I mentioned a moment ago that counterterrorism analysts outside CIA and NSA cannot access the databases. That is still true today. DOD, FBI, FAA, INS, State Department, none of the analysts at these agencies get to examine the information in these databases.

I am sure it will come as a shock to the public and even members of this joint inquiry that even the proposed Department of Homeland Security under the House version of the bill at least would not be guaranteed access to these databases.

Post-September 11 reviews have revealed over 1,000 CIA reports or cables that contained the names of hundreds of suspected terrorists that were not turned over to watch list agencies. Mihdhar and Hazmi were in all sorts of public and State and Federal databases prior to September 11 through which they could have been found had anyone thought to look.

The Department of Transportation never saw the Phoenix memo, and in hindsight asserts that the memo would have triggered action in DOT had it been passed to them. FBI agents handling the Moussaoui case and the Phoenix memo apparently knew nothing of the history of the Bojinko plot or the attempt by Algerian terrorists to slam a hijacked airliner into the Eiffel Tower in France.

I could go on and on in this vein, but there is a point that is clear. As Ms. Hill testified recently, first, while we cannot conclude that the plot could have been detected if more information had been shared, it is at least a possibility. Second, we obviously could have done much better at information-sharing and must do better in the future if we hope to succeed in foiling future attacks.

Our current mechanisms for information-sharing are human liaison and the exchange of written reports that reflect a filtering of

and the application of judgment to raw intelligence. September 11 proves that these mechanisms alone are inadequate.

As the prepared statements of several of our witnesses today make compellingly clear, broader access to raw intelligence is mandatory, and we must at the same time apply proven computer technology to sift through this massive and detailed data to find correlations, linkages and patterns that small numbers of humans cannot possibly discern. Computers also provide indelible institutional memory in contrast to human analysts who rotate from job to job.

Ambassador Taylor has told the staff that the main problem is not to gather more information, but rather to use the information and technology to mine what we already acquire. Governor Gilmore has advised us that we must link all the databases together. Admiral Wilson, the just-retired Director of DIA, insists that all-source analysts have to see all the data we collect, not just what the agency that collected it decides is important or relevant enough to disseminate. His assertion that the HUMINT and SIGINT databases contain a wealth of useful information that never gets examined is proven by the Mihdhar and Hazmi cases. The joint inquiry has spent an enormous amount of time and effort trying to understand why the intelligence on Hazmi and Mihdhar was not given to analysts and consumers.

What we all have to understand is that still today, very, very few counterintelligence analysts can get access to the databases that held the information on Hazmi and Mihdhar.

Admiral Jacoby, until recently the senior intelligence officer for the Chairman of the Joint Chiefs, insists that analysts, not collectors, must be the proprietors of raw intelligence data, including especially CIA's operations cables, NSA's SIGINT intercepts, and the FBI's terrorist investigatory information. Admiral Jacoby quotes the DCI himself on the need for a fundamental shift in culture and in practice.

On the other side of this position are the arguments that the imperative to protect sources and methods precludes wider access to raw data. NSA also insists that only people formally inside the SIGINT system can see raw signals intelligence due to the need to protect the privacy of U.S. persons. In the case of the FBI, there is the added concern about compromising legal proceedings and ongoing investigations.

I do not see why people outside the CIA should not be allowed to see sensitive HUMINT material provided that these people are subject to the same security standards as CIA employees are. The same is true for NSA. As for the concerns about protecting the privacy, U.S. persons, people outside of NSA can be trained and certified in NSA's so-called minimization procedures. With respect to the FBI, we hope that the PATRIOT Act has already provided the legal foundation to break down the inappropriate barriers to information sharing.

I hope that one of the strong recommendations of this joint inquiry is that all-source counterterrorism analysts must have direct access to intelligence databases and the ability to exploit those

I would like to ask Mr. Andre and Ambassador Taylor, in that order, to comment on what I have said, particularly with respect to protecting sources and methods, privacy and law enforcement sensitive information. I would also like to ask Mr. Andre this question: Has anything fundamentally changed since 9/11 in terms of who has access to the databases that contained information on Hazmi and Mihdhar?

Mr. ANDRE. Yes, sir, thank you. Thank you for the way you framed the issue. I couldn't have done it better myself. I am very passionate about the role of all-source analysts in this process and believe they have been undervalued and underemployed in this regard and to be properly employed they have to have access to more information.

Let me be clear on a couple of points that maybe are not as clear in our statements as they should have been-that is, Admiral Jacoby's as well as mine- and that is there is not now nor has there been a problem with the sharing of what is deemed to be threat information. Any information collector-I know of no instance where an information collector was anything less than very responsive and very responsible and disseminated that information widely with a sense of urgency.

So the sharing of information from our perspective falls more into the category of the Mihdhar-Hazmi information, which is sort of seemingly benign activities, deliberations, acquisitions, travel by people that wish us harm. It is that information that we wish to harvest.

We don't believe, as all-source analysts, that we have to get access to the source data. We understand completely the need to protect sourcing. We respect that. There are cases where we certainly would want the freedom to go back to the collector and get some evaluation of a source to help our analysts when they are evaluating that particular piece of evidence or those assumptions.

So it is the substantive data, not the circumstances of its collection that is important to us.

Much has fundamentally changed since 9/11. We have a different level of access to data from all of the organizations that you mentioned, CIA, FBI and NSA. Some of the inhibitions on us getting information reside with us. We have taken a lot of measures to change the way we do business so that the information provider can have a greater degree of confidence that we can be trusted with their data, and of course our job is to show them not only can we be trusted but we can add value to that information.

We have taken a real hard look at some of the documents that are used to tell us why we can't have certain information. For example, in the signals intelligence area, Executive Order 12333, I am not a lawyer, but I have had a team of lawyers look at it. That document is a very powerful document that compels sharing of information, not withholding information. We are very optimistic that things are in train to dramatically increase the level and type of information that is shared.

Ambassador TAYLOR. I think when I spoke to the staff on this matter I was reflecting on the time I spent on active duty with the United States Air Force as the head of its investigative organization, OSI, and in that position it became clear to me that our inves

tigative community, our counterintelligence community, indeed our counterterrorism community, needs to view information in a different light.

Investigators historically look at information as it relates to the case that they are working on, and that becomes their focus. It is how we are trained, it is how we focus for prosecution, arrests and so forth and so on. But it also became clear that there are nuggets of information in those investigations that affect more broadly our Air Force, and that one agent that is conducting that case cannot have the perspective to understand that without sharing that information more widely within the community.

Mr. BISHOP. Without analysts?

Ambassador TAYLOR. Not solely without an analyst, because analysis is one part of the challenge. The other part of the challenge is enabling others who are part of the reins of security that we have, for instance, the Customs officer in Seattle that stopped Ramzi Yousef, who is also a key person, not to do analytical work but to understand that this particular individual, someone in the U.S. government, knows something about this person that he or she needs to check out.

So the challenge is to place into the information technology system the ability for our analysts to get access to things that they need, but also to give to our first responders, to our security officers, to our INS border guards the information they need, which is not the same as the information that our analysts need. Our border guards need to know that Frank Taylor is a person of interest, and therefore we need to check him out. Our analysts may want to know a lot more about what Frank Taylor has done.

I believe information technology can help us to do this. There is a very real concern with sources and methods. We have to protect those sources and methods, because, without that, we will never have the information. But I don't think that is insurmountable in triaging the information and providing it in the appropriate channel with the appropriate classification to the people who need it to bring more clarity to the picture, the counterterrorism picture.

Mr. BISHOP. Thank you. Admiral Jacoby's statement for the record as well as the statement from the General Accounting Office stresses the difficulties posed by incompatible database structures and formats, a problem that afflicts all levels of government across the board.

This incompatibility makes it hard to share that across agencies or to conduct analysis across all of the government's diverse databases. The GAO and DOD statements explain that that is a viable alternative. The private sector has settled on a common data framework and a set of standards that allows full interoperability across organizations. This capability is as essential for industry in the electronic age as it is now for our government in the war on terrorism. But our government is way behind the private sector.

The commercial standard is called XML. Testimony before us today illustrates how important it is in the war on terrorism for the government to adopt this standard and to move quickly to convert our existing databases. Adoption of XML not only allows full data sharing, it also offers much more effective and efficient ways to

Here is another instance where I believe action by the two intelligence committees is warranted now. We could mandate adoption of XML and give the Intelligence Community a date certain by which it would need to have shifted over to the new standard.

Mr. Andre, how difficult would it be for DIA to shift over to the XML standard? Do you think that it is practical to insist that the Intelligence Community as a whole shift to this database standard and do it rapidly?

Mr. ANDRE. Yes, sir, thank you. Let me say a major investment that we have made in the Joint Intelligence Task Force for Combatting Terrorism is transitioning their entire data environment into an XML environment. We think it is exceptionally important for the reasons you pointed out.

One of the most important aspects of that is the ability to tag at the content level rather than at the record level. We believe that ultimately if, like the commercial sector, the Intelligence Community adopted the XML approach, that data-they don't have to reside in a single repository-we can have interoperability at the data level and really empower that data and be able to do things with it we can't today.

We are a pretty good test case in both the JET FTS and the J2 part of DIA, because we are also transitioning the J-2 part into a fully digital XML environment, changing the way we produce products, using, I might add, off-the-shelf commercial technology. It is not easy. It is painful. I guess the big question is, I think it is a lot simpler to sort of go from a standing start and say from this day on I am going to be in an XML world, rather than to say I have got 40 years worth of great big databases like the military integrated database and I have to convert all of that data, properly tag it. It will cost a lot of money, it will take a lot of time. But the end result will be certainly worth it.

Mr. BISHOP. Thank you. According to inquiries by our staff, the FBI contacted both the State Department's Bureau of Diplomatic Security and INS in August of 2001 about Hazmi and Mihdhar. Both agencies possessed information that would have helped locate the two suspects but the FBI asked for specific information and nothing more and expressed no particular urgency about finding them.

Both agencies claimed that they had ways of finding the two and could probably have done so if they had been asked. Could the State Department or INS witnesses please explain how their organizations could have located these two suspects and could they provide any insight on why the FBI did not explain why it was looking for them and why they didn't request help?

Ambassador TAYLOR. I will go first, Congressman. Certainly we were informed in August by a request from the FBI for visa records on both of those individuals, and that is a routine request that we get very frequently, and we responded to that request, as we often do, not asking the reason for the inquiry. The FBI runs thousands of investigations where that data is necessary.

Today that would not happen. We would ask that question, given the benefit of 20/20 hindsight.

In our responsibility to investigate visa fraud, we work with many data companies around the world to-around the country ac

« ПредыдущаяПродолжить »