Tuesday, April 18, 2006

Information Sharing—GAO Report

The Government Accountability Office [hereinafter GAO] has issued a report on the United States’ information-sharing policies and abilities. The GAO’s study was spurred by “a number of initiatives to improve information sharing [which] have been called for, including the Homeland Security Act of 2002 and … the Intelligence Reform and Terrorism Prevention Act of 2004.”[1] It examined the status of current efforts “to establish government-wide information sharing policies and processes” as well as the “universe of sensitive but unclassified designations used by … 26 agencies.”[2]

It found that “the nation still lacks governmentwide policies and processes to help agencies integrate the myriad of ongoing efforts … to improve the sharing or terrorism-related information that is critical to protecting our homeland.”[3]

The GAO discovered that the agencies “are using 56 different sensitive but unclassified designations (16 of which belong to one agency) to protect information that they deem critical to their missions—for example, sensitive law or drug enforcement information or controlled nuclear information.”[4] Such a large number of different designations suggests a lack of a clear strategy to coordinate efforts when it comes to investigating . In fact, most of the designations are made in the absence of “governmentwide policies or procedures that describe the basis on which an agency should assign a given designation and ensure that it will be used consistently from one agency to another.”[5] This creates confusion for agency, and as a result, “more than half the agencies reported challenges in sharing such information.”[6]

The real meat of the review is the agency-by-agency analysis of information designations found in Appendix II.[7] The Department of Agriculture, for example, uses the designation “Sensitive Security Information,” and it is used for unclassified information of a sensitive nature, that if publicly disclosed could be expected to have a harmful impact on the security of Federal operations or assets.[8] There are no policies or procedures for specialized training for designators, but there is a systematic review process.[9] The Department of Commerce has five agency-wide designations, and three of its bureaus have specialized designations within the department. Some agencies, such as the Department of the Interior, the Small Business Administration, and the Department of Veterans Affairs, has no agency-wide designations.

The GAO recommends that the Director of National Intelligence [hereinafter DNI] must assess progress, address barriers, and propose changes; the DNI counters by refusing to comment on the proposal, “indicating that the subject matter is outside GAO’s purview.”[10] According to the DNI, the report was “very broad,” that it “addresses a number of intelligence-related issues,” and thus, based on the Department of Justice’s previous advisement that “the review of intelligence activities is beyond the GAO’s purview,” it would not comment.[11] The GAO, suffice to say, disagrees.


[1] GAO, (Apr. 17, 2006. (PDF) [hereinafter Highlights]
[2] Id.
[3] Id.
[4] Id.
[5] Id.
[6] Id.
[7] GAO, Appendix II (p. 34) (Apr. 17, 2006. (PDF) [hereinafter Report]
[8] Id.
[9] Id.
[10] Highlights, supra note 1.
[11] Report at 29.

posted by McNabb Associates, P.C. @ 10:53 AM