DHS creates intel fast lane for select analysts

In the Department of Homeland Security's annual data mining report issued last month to Congress, the agency touted 2015's improvements while noting the big target of instant data-sharing across systems is still out of reach because of interoperability issues. As a workaround, DHS has come up with a kind of special access account for a select group of analysts focused on time-sensitive threats to the homeland.

The DHS Data Framework, meant to help link disparate DHS databases in support of the "One DHS" policy goal, entered an initial operational phase in April 2015, but One DHS remains a work in progress.

"The existing architecture of DHS databases […] is not conducive to effective implementation of the 'One DHS' policy," the privacy report noted, explaining that feds still must check multiple DHS databases manually as they perform immigration checks, anti-terror research and other tasks. The DHS architecture, the report notes, "requires personnel to log on and query separate databases in order to determine what information DHS systems contain about a particular individual."

The Electronic System for Travel Authorization is the only system currently offering "near-real-time data transfer" into the framework, the report said.

The report also noted DHS is bypassing the agency's established data access controls to identify terror threats. The agency has a "critical need" to "perform classified queries on its unclassified data," with the aim of rapidly identifying individuals supporting ISIS, al Qaeda and other terror groups. The report notes that the identification of potential foreign fighters is a "uniquely time-sensitive purpose." To that end, DHS set up a class of special "approved users" who can tap into travel databases on an expedited basis, and more data from the unclassified to the classified domain.

The framework will power searches of individuals, characteristics and trends. Seven datasets had been approved for framework inclusion as of September 2015, the report noted, while the goal is to have 20 in by the end of 2016.

DHS has set up a steering group to help provide governance of the nascent framework.

The report also noted the successful completion of a 2015 pilot for the U.S. Customs and Border Protection's (CBP) Analytical Framework for Intelligence, which enabled agents to see "Secret" and "Sensitive But Unclassified" data on a single screen.

CBP's Intranet-based Automated Targeting System continues to standardize information on individuals and cargo entering and exiting the U.S. , the report said, and should be capable of "auto-conditionally approv[ing]" Trusted Traveler applications by the second quarter of 2016.

Throughout the report, DHS provided anecdotes, rather than high-level statistics, to demonstrate the apparent effectiveness of its data mining activities. The report also noted in several places that individuals are not solely targeted for extra scrutiny based on data mining; final calls stem from the "judgment and expertise" of DHS employees.

While nobody is getting flagged or investigated solely based on what algorithms tag in a database, DHS asserts, machine input helps make the job of guarding ports and borders easier, especially as those databases get better at sharing information.