TEARING DOWN THE STOVEPIPES

In order to secure local communities and the nation, the public’s protectors must be able to collect, organize, evaluate and disseminate information effectively. It is through this process that information becomes intelligence.

Intelligence — information that has meaning and relevance — is the first line of defense to identify and defeat threats.

The old saying, “If I only knew then what I know now” should be updated to “If I only could use the information that I have.” There is no shortage of information: Today’s computerized world stores more data about individuals, locations, vehicles, organizations, businesses, groups and criminal activity than ever. However, the information is of little value unless it can be readily accessed and processed into intelligence.

In the world of public safety, enormous amounts of information are collected and entered into thousands of law enforcement agencies’ legacy databases. The data in these “stovepipes,” or information silos, is not tied to other systems, and integrating it has tended to be financially impractical or politically restricted.

In today’s interconnected world, public safety officials at all levels of government are at last attempting to establish standards and protocols to share information about criminal activity.

Extensible Markup Language (XML) has become the standard for data sharing for government and industry. New XML data dictionaries are being created to provide common definitions of exchanges among users. The Global Justice XML Data Model is the standard being widely deployed by government agencies at all levels for inter-organizational communication and data sharing that will span the spectrum of law enforcement, judicial, correctional, and related bodies.

This article will examine several current initiatives focusing on the integration of criminal justice information.

National criminal databases

National databases such as the National Crime Information Center (NCIC) are already in place to archive and provide access to data concerning fugitives, missing and wanted persons and vehicles, criminal histories, and stolen property. Sometimes, sharing criminal information involves entering the data into separate databases, such as the Violent Criminal Apprehension Program (VICAP), a nationwide data information center designed to collect, collate, and analyze crimes of violence — specifically murder. The FBI provides the VICAP database software free to state and local law enforcement agencies. The program has been embraced by many large and small agencies nationwide.

Unfortunately, no national database exists for sharing information among criminal justice agencies concerning the criminal activity and information contained within law enforcement incident reports.

National initiatives

Several large-scale efforts are working to develop criminal justice integration standards. Successful integration of data depends on the development and adoption of accepted standards. Following are descriptions of some of these:

Other national programs

There are a number of other national integration efforts, including:

Intelligence data sharing

Sharing of information about individuals or groups involved in criminal activities is very limited. In fact, a survey conducted by the Major Cities Chiefs Association revealed several problems:

(Source: National Criminal Sharing Plan — Oct 2003 — Office of Justice Programs — U.S. Dept. of Justice — GLOBAL Justice Information Sharing Initiative)

U.S. Department of Justice

In February, 2004 the U.S. Attorney General created the Justice Intelligence Coordinating Council to coordinate intelligence sharing among Justice Department components. The federal government designated the six Regional Information Sharing Centers Systems (RISS) to share information with state and local law enforcement. RISS was linked to LEO (Law Enforcement On-Line), the FBI’s information sharing system, to form RISS/LEO. The system is being used to provide security information to be distributed quickly to users through a new Internet-based Alert System.

A new project called ATIX-RISS Anti-Terrorism Information Exchange recently began testing in several states running across the RISS/LEO system. This plan grew out of the recommendations of the GLOBAL Justice Information Sharing Advisory Committee (GAC).

U.S. Department of Homeland Security (DHS)

Since DHS’ inception in early 2003, it has been developing and implementing a national security communications net. The DHS communication net is designed to provide threat analysis and intelligence information among the component agencies of the DHS and to state and local agencies.

The net has three components, JRIES (Joint Regional Information Exchange System), HSDN (Homeland Security Data Network), and HSIN (Homeland Security Information Network).

JRIES is a secure network and a suite of applications currently operating at the sensitive but unclassified (SBU) level. Participants currently include approximately 100 organizations, including federal agencies, states, municipalities and other local government entities, with a significant law enforcement user base. Participating entities have a certified counterterrorism mission. Approximately 1,000 users currently have access to the system. JRIES’s collaboration tools are used for threat analysis and provide real-time links to the DHS Operation Center.

HSDN is a private secure network for the sharing of information among the 22 DHS agencies. HSIN is the primary network for sending alerts and sharing information in emergency situation between DHS and all states, 50 major urban areas and five territories.

In October 2004, the Department of Homeland Security launched the Office of Interoperability and Compatibility (OIC). As part of the Science and Technology directorate, OIC will oversee public safety interoperability programs currently spread across Homeland Security. These programs address critical interoperability issues relating to public safety and emergency response, including communications, equipment, training, and other areas as needs are identified.

State initiatives

In 1997 the Commonwealth of Pennsylvania created a secure virtual system online environment to share criminal justice information among participating agencies.

As of September 28, 2004 JNET is connecting more than 15,000 users; 54 counties; 56 state and federal agencies; more than 220 municipal police and 200 state police departments; and more than 500 District Justice Offices.

The JNET Office is involved in two national information-sharing efforts with the National Governors Association (NGA). One effort involves developing a national framework for Homeland security information sharing — the model is being endorsed and sponsored by the National Office of Homeland Security. The JNET model and governance structure will be used as a framework for the initiative.

Another effort, “The Middle Atlantic Justice Information Sharing Initiative,” was initiated, hosted and sponsored by the JNET Office (www.pajnet.state.pa.us). Representatives from seven surrounding states, the National Office of Homeland Security, Office of Justice Programs, National Governors Association, SEARCH and the National Criminal Justice Association are collaborating to share information among participating states as a pilot for a national integrated justice system. The JNET model and governance structure will be used as a framework for this initiative.

JNET is considered the most advanced state initiative and a national model for information sharing.

Regional initiatives

The most successful regional effort for sharing criminal justice information is the San Diego region’s Automated Regional Justice System (ARJIS), a complex criminal justice enterprise network used by 50 local, state and federal agencies in the region. ARJIS is chartered with supporting a regional Web-based enterprise network that uses technical and operational standards to build interfaces to criminal justice systems in the region. The ARJISNet secure intranet contains data on the region’s crime cases, arrests, citations, field interviews, traffic accidents, fraudulent documents, photographs, gang information and stolen property.

ARJISNet integrates more than 2,500 workstations and printers throughout the 4,265 square miles of San Diego County. There are over 10,000 registered and authorized users generating more than 35,000 transactions daily.

ARJIS (www.arjis.org) is also used for tactical analysis, investigations, statistical information and crime analysis. Officers and investigators also can request electronic notification when information is obtained by another agency or officer concerning an individual, location or vehicle. The critical success factor for ARJIS is the “single point of entry” to query all regional justice data.

ARJIS is currently collaborating with the National Institute of Justice (NIJ) to build new Web-based technologies to continue the support of the criminal justice community.

Barriers to integration

Some initiatives for information sharing have had only limited success due to legal and political concerns over privacy rights. One example is the Multistate Anti-Terrorism Information Exchange System (MATRIX).

Shortly after the Sept. 11, 2001, terrorist attacks, the Florida Department of Law Enforcement (FDLE) decided to improve the way it shared information. Working with an industry vendor it developed the MATRIX system.

MATRIX started as a way for law enforcement officials in Florida, Georgia, New York, Oregon and Pennsylvania to share data, but a handful of other states also were attracted to the project. By mid-2003 it had grown to encompass 13 states, accounting for about 50 percent of the U.S. population.

Using the Factual Analysis Criminal Threat Solution, the Web-based technology core of MATRIX, users can submit a query on a possible suspect or a criminal situation and get back a slew of related information within seconds. From a technological point of view, the system was a success. However, in late 2003, the American Civil Liberties Union (ACLU) started campaigning against MATRIX, claiming that law enforcement agencies could mine an array of personal information contained in the databases.

Stories began appearing in newspapers nationwide comparing MATRIX to the Total Information Awareness program, which was conceived by officials at the Defense Advanced Research Projects Agency as a way of tracking potential terrorists in the general population. Officials had to shelve the project after a public outcry over privacy implications.

Several participants dropped out after the ACLU’s campaign gathered momentum. Utah officials backed out because of privacy concerns after the governor and other state political leaders complained that they learned of the state’s involvement only through the media. Other states opted out of the program due to cost and considerations such as control over data.

Involvement in MATRIX is now down to five states: Connecticut, Florida, Michigan, Ohio and Pennsylvania. Law enforcement officials who use MATRIX are making adjustments. For example, they recently decided to move to a distributed database so that states would be able to control their own data, thus alleviating concerns about the security of data is moved to a central database.

Legal restrictions on the sharing of intelligence data have slowed the progress of several initiatives. The Criminal Intelligence Systems Operating Policies of 28 Code of Federal Regulations (CFR Part 23) and state laws in some cases prohibit agencies from participating in a data warehouse that commingles criminal and intelligence data or sharing local records with the federal government.

ABOUT THE AUTHOR

Neil Kurlander’s dual careers in public safety and technology span four decades. He is a lifetime member of the International Association of Chiefs of Police and currently serves on the association’s Communication and Technology Committee, and is vice president of public sector solutions for Asynchrony Solutions Inc., an information technology consulting firm. It specializes in middleware architecture, system integration and application development, including XML.