Hendon Publishing - Article Archive Details
What's Changed in Law Enforcement Intelligence Analysis Since 9/11?
Having hit the 10-year mark since the 9/11 attacks, one might ask, “What has really changed in law enforcement since those dark days?” Have we improved our ability to protect the country from similar threats in the future? Has law enforcement intelligence analysis improved? The short answer is that new initiatives and new tools are giving us a powerful advantage, but not all law enforcement agencies take advantage of them. Let’s take a look at the issues and draw some conclusions.
In the aftermath of 9/11, many law enforcement agencies sought to establish new data repositories to capture information, such as Tips & Leads, Organized Crime Intelligence, Counter-terrorism Intelligence, and even Web-based and electronic document open-source data. There was a strong focus on collecting new and previously unknown information.
Recent years have seen a shift in thinking. Quite a few agencies are equally interested in setting up information management systems that can mine existing data repositories they have been populating with records for many years. This post-9/11 drive toward capturing data and implementing better intelligence management systems has been dramatically helped by some big initiatives. These initiatives have helped create a framework for national cooperation between law enforcement agencies.
The Big Initiatives
In 2008, the FBI launched N-DEX (National Data Exchange), a criminal justice information-sharing platform. N-DEX is a national system that enables law enforcement agencies to share non-intelligence information, such as RMS data much more easily. Such information-sharing aids in catching criminals as well as identifying trends and patterns to help prevent crimes and terrorist attacks.
One of the most relevant changes since 9/11 is the creation of the Nationwide Suspicious Activity Reporting Initiative (NSI), which encourages law enforcement agencies at the local, state, tribal and regional levels to share suspicious activity reports (SARs) with each other to enhance investigations and analysis. A related initiative is the FBI’s eGuardian system, which is focused on terrorism-related suspicious activity.
In the pre-SARs days, these types of Tips and Leads would get lost in the incident reports found in RMS or CAD systems, or may never have been entered into the computer systems at all. As a result, this valuable information often was not available to terrorist, gang or drug investigative units. But now with NSI and eGuardian, the information is being shared and is being vetted by trained analysts and law enforcement personnel. Since 9/11, our citizens are also more aware they can report activity of a suspicious nature – such as people who are taking jumbo jet flying lessons but never bothering to learn how to land. Also, home-grown radicalization efforts can be identified by friends, neighbors and co-workers of radicalized individuals who notice strange behaviors or hear unusual things. Both NSI and eGuardian provide a system of capturing those suspicious activity reports. As law enforcement agencies leverage these data sharing initiatives, it is important to push the data to these systems without the need for entering this data twice, reducing the time required to participate. Analysts and investigators are best served by a single log-in platform that can search across these different systems from a single interface. These are good considerations to bear in mind as technology is planned for accessing NSI and eGuardian.
Of course, another big collaborative initiative has been the creation of regional intelligence fusion centers. Fusion centers collect information from all available sources, including federal, state, regional, local and tribal agencies, vet the information, analyze it in order to identify trends, patterns and threats that may indicate planned or ongoing criminal activity or terrorism, and most importantly share the information among all concerned parties. Since 2004, nearly 70 DHS-recognized fusion centers have become operational.
Fusion centers act as command centers for regional threats and excel in their ability to perform analysis with advanced tools and trained analysts. These centers attempt to address the fact that clues related to criminal activity often remain undiscovered in disconnected law enforcement databases. These regionally focused centers bring the data into one place or make it accessible on one software platform where analysts can connect the dots. Much of the rationale for developing these centers comes from the post-9/11 realization that we knew a lot about the terrorists, but the data points were scattered in local municipalities and didn’t raise any red flags in isolation. For this reason, local LE agencies should all be connected with their regional fusion centers.
Tapping Open Source and Social Media
Another big difference since 9/11 is the significant increase in the amount of open source data that is being used by law enforcement. To be clear, privacy concerns remain paramount. This is publicly available information posted by individuals, such as tweets and blogs. Internet search tools, social networking sites, and other Web 2.0 technology tools have grown considerably in that time span and now investigators can learn a lot about a suspect and build a picture based on public information. Some of that data actually comes from information a person may publish in his/her own Web-based profile. New analytics technologies have become commercially available that can pore through social media data to uncover patterns and analyze sentiment. Social media analytics can continuously monitor publicly available online and social conversation data to identify important topics and content categories. Predictive analytics can be applied to this public information and be used to see a criminal threat develop, and allow law enforcement to quickly intercede to prevent a crime from occurring.
Some Room for Improvement
In the post 9/11 era, many police agencies in the U.S. dedicate a substantial amount of their resources to counterterrorism initiatives. Unfortunately, this sizable investment comes at the expense of properly staffing the other specialized units needed to determine other overt threats to their law enforcement environments (i.e. gangs, organized crime, drug trafficking). That needs consideration.
Also, as we travel around North America, we still find police agencies collecting volumes of information and – shockingly – not conducting the required analysis to incorporate this information into their strategic responses. It’s easy to understand because we all tend to get caught up in the tactical to-do lists of the day, and often well-intentioned strategic focus can take a back seat. Effective commanders set direction and can create structures and workflows to ensure a strategic focus is maintained.
Another area that needs improvement: Agencies need to integrate all the technology available. Many departments, for example, don’t realize the value of mining CAD data. There is a lot of specific information, such as names, dates, etc., that may not rate being entered into the official Records Management System (RMS) but is still valuable. Some agencies are making their CAD data available and searchable to regional law enforcement, and this is a big change since 9/11. But more agencies need to get on board! Crime crosses borders, and this data integration will help fill gaps so investigators and analysts can discover previously unseen links that help complete the picture. CAD data can reveal something as simple and critical as an address for a suspect.
Big Picture – Lots of Progress in Past 10 Years
Since 9/11, government and industry have worked together to create the modern Information Sharing Environment (ISE), giving investigators, analysts and others instant access to all the information obtained from all over the county, the state and even the nation. Whether it’s a beat officer’s report of suspected gang activity at a particular street corner, a Computer Aided Dispatch (CAD) report of an unmarked white van sitting outside a government building, a Suspicious Activity Report (SAR) about the unusual comings and goings at a home, or some other seemingly isolated incident, having that information in a central repository is helping law enforcement fill in missing pieces or spot patterns that otherwise would not have been apparent. This approach addresses some of the fundamental concerns raised by the 9/11 Commission Report.
To cite an example, the New Hampshire State Police (NHSP) used data sharing to solve a case involving threatening letters being sent to one of the Governor’s offices. As investigators searched for related incidents and reports, a similar case was revealed three states away. Fortunately, NHSP had been scanning regional and national intelligence bulletins into a document repository which was then able to be searched along with many other data sources using a single user interface. It turned out that an individual from the Midwest had been sending out similar threatening letters across the country. Only through regional data sharing, use of sophisticated search tools, and a focus on intelligence-led policing was the connection made and the case cracked.
In summary, law enforcement sophistication is tremendously better than it was on 9/11/01. For instance, the backbone of law enforcement, the beat cop, has seen improved situational awareness in the field thanks to mobile search technologies and access to analysis resources. There are great initiatives available to assist investigation, threat assessment, and new tools to help predict and intercede in crime. Is everything perfect? No. But 10 years after the biggest terrorist attack on our nation we can honestly say that we’ve answered the need to change, and we can be proud of our progress.
Captain Stephen G. Serrao is a former New Jersey State Police Counterterrorism Bureau Chief. He now serves as Director of Law Enforcement Solutions on the Memex Solutions Team at SAS, a leading worldwide provider of intelligence management and data analytics solutions for law enforcement, military intelligence and commercial organizations. Serrao can be reached at firstname.lastname@example.org.
Lieutenant Dale Peet is a 23-year veteran of the Michigan State Police and the retired commander of the Michigan Intelligence Operations Center, Michigan’s largest and primary fusion center for homeland security. He now serves as Principal Consultant to the Memex Solutions Team at SAS. Peet can be reached at email@example.com. Photos courtesy of Memex.
Published in Public Safety IT, Jan/Feb 2012
Rating : 7.0
Click to enlarge images.