Guardian, an FBI system for sharing counterterrorism information, suffers from numerous data integrity and management problems, according to a recent Inspector General’s (IG) report. As a result of spotty oversight and noncompliance with internal rules, the report concluded that Guardian consistently holds inaccurate, outdated, and incomplete records. Out of the records the IG examined, 61 percent did not comply with the FBI’s internal standards. Moreover, the report found the overwhelming majority of threat information held in Guardian had no nexus to actual terrorism.
The report’s conclusions have significant implications for civil liberties. There is an increasing trend towards sharing information among federal, state, and local law enforcement and intelligence agencies. One outcome of the trend is a huge influx of baseless threats into databases designed to aid terrorism investigations; these records then require analysis to ensure they are accurate and relate to credible threats. Yet the IG report indicates that FBI officials repeatedly fail to follow rules intended to make the system more reliable. The potential for false inferences and mistakes is amplified when systems like Guardian share information that is inaccurate or outdated with multiple agencies, some of which doubtlessly have less stringent safeguards than those of the FBI.
Guardian is an automated system the Bureau developed to collect, store, and assign responsibility for follow-up on terrorism-related tips and reports. Employees of the FBI and other government agencies, including the Department of Defense, can query Guardian to gather intelligence. The FBI’s Counterterrorism Division (CTD) set internal procedures for using Guardian. In this report, the IG for the Department of Justice audited the FBI’s oversight and implementation of these policies.
The IG report found that CTD’s procedures are often not followed. Of the examined records, 30 percent were incomplete, hampering the accuracy and search capability of Guardian’s records. Timeliness of records also affects accuracy, and the IG report discovered that 28 percent of low-priority threats were not assessed during the 30-day period established under the CTD criteria. This indicates that potentially baseless threat reports lay unresolved in the system longer than necessary, increasing the risk that users could take action based on unfounded suspicions.
CTD policies also require an FBI supervisor to review each threat or suspicious incident and determine whether the threat was adequately addressed or whether the record required an update. Yet in 12 percent of the examined incidents, supervisors did not perform the review, and supervisors had delegated this responsibility to a non-supervisor in three of the six field offices tested. This weakens critical oversight and quality assurance of Guardian records, further increasing the likelihood of sharing information that is inaccurate and out of date.
As the IG report noted, information sharing depends on the accuracy, timeliness, and completeness of circulated data. The ramifications of getting it wrong can be devastating to the individual whose civil liberties are violated. This has happened before. In 2002, Maher Arar was erroneously identified as a terrorist and deported to Syria, where he was imprisoned and tortured for nearly a year. The mistake arose after Canadian police shared faulty intelligence with American authorities, resulting in Arar’s placement on a watch list and subsequent arrest. After Arar’s release, the Canadian government concluded there was no evidence linking Arar to terrorism. The inquiry that followed issued a report criticizing the sharing of raw intelligence that had not been analyzed for accuracy, and blamed poor police oversight for failing to flag the information as unreliable prior to sharing it. These are precisely the issues and risks presented by information sharing systems like Guardian.
Bogus Threat Data Increases Civil Liberties Risk
The problems of inaccurate data are compounded when that data is shared over time. The longer information remains in the system prior to being addressed, the greater the risk that the information will be shared before it is vetted for accuracy. Similarly, a lead or threat should be removed from the system once it is addressed and found to be baseless. Otherwise, the person who is the subject of the record will continue to come up when agencies search for terrorists, even though that person has no link to terrorism. This endangers not only civil liberties, but also undermines national security because it can divert law enforcement resources away from more credible threats.
The widely accepted Fair Information Practices (FIPs) advise deleting untimely data and correcting incomplete or inaccurate data. The FIPs are a set of internationally recognized information privacy safeguards that underpin the privacy laws and policies of many entities. FBI employees run counter to the FIPs’ principle of accuracy when they fail to complete records prior to sharing, when supervisors do not properly oversee shared records, or when old data languishes in the Guardian database.
On the positive side, it must be noted that the IG report described the Guardian system as a significant improvement over the FBI’s past efforts in information tracking. In its response to the report, the FBI expressed agreement with the report’s findings and stated it was working to meet the IG’s recommendations. The recommendations should be met quickly, prior to expanding the agencies’ information sharing practices.
The IG’s report comes at a time that information sharing is poised to surge. A companion system to Guardian called "E-Guardian" is slated to become operational in late 2008. E-Guardian will share unclassified information with more than 18,000 agencies, including state and local law enforcement entities, and will allow them to submit terrorism tips to the FBI. In addition to E-Guardian, the Information Sharing Environment (ISE) program will also increase the flow of information between federal, state, local, and tribal authorities. The ISE will share data related to terrorism, criminal intelligence, and suspicious activity in general. The ISE is scheduled for implementation in summer of 2009.
The problems associated with the FBI’s Guardian system offer a glimpse of the challenges facing a huge new crop of data recipients under E-Guardian and the ISE. Both systems could exacerbate the data integrity problems of Guardian by encouraging state and local police to rely on fallible information. Before the new systems are made operational, the problems identified in Guardian need to be resolved. Effective oversight and data quality measures are crucial safeguards if civil liberties are to be meaningfully preserved in an era where government authorities regard intelligence gathering and sharing as the key to sound policing.