DNI flips the switch on a single sign-on tool for sharing sensitive information.
This story has been updated.
Law enforcement officials nationwide now have the ability to search multiple sensitive databases, including spy agency intranets and homeland security suspicious activity reporting – with a single login.
The breakthrough in interconnectivity is expected to close information gaps that, among other things, have contributed to the rise in homegrown terrorism and school shootings.
"Let's say you have a lone-wolf incident or an active-shooter incident, where you need to be able to securely share information in a timely way. With a single sign-on capability, there is no wrong door," Kshemendra Paul, program manager for the Information Sharing Environment at the Office of Director of National Intelligence, said during an interview. "If you have an account, you can get to the virtual command center that the fusion center may be using – in a very direct way."
It took about three years to tear down silos without eroding privacy controls.
"In many cases, the data sources have different access requirements – so you can do a federated query that goes across the multiple sources, but with controlled access," Paul said Thursday.
That means some users still will be blocked from seeing certain information.
"For example, to access criminal intelligence information you have to have special training around privacy, civil rights and civil liberties," Paul said. So, for users without that training, some search results will be out of reach, he said.
"It's always a balance between sharing and safeguarding," Paul said. "We are increasing security by introducing more consistent identity proofing and the ability to enforce policies to control access to information."
The databases now accessible through a single sign-on include the Homeland Security Information Network, a key exchange between state-run intelligence fusion centers and the federal government, as well as the Justice Department's Regional Information Sharing Systems, which tracks local crime and gang activity.
Also available are the intelligence community's internal networks, collectively described as "Intelink," and the FBI's Law Enforcement Enterprise Portal, the gateway to background check data, facial recognition tools and other criminal records. The four networks are each labeled sensitive but unclassified.
Many of the systems are not searchable through a single query – yet. But that's the next step.
Right now, querying Intelink will retrieve some results from the law enforcement portal, but it's not possible, for instance, to bring up hits across all four networks with one search entry.
The new arrangement is expected to save taxpayer money over the long run. "What we're doing here isn't building something new," Paul said. "We're interconnecting existing systems. That’s a really cost-effective way to go."
That streamlining, however, could expedite the flow of false or protected information that harms innocent people, some privacy advocates said in reaction on Friday.
“These systems often include unreliable information about supposedly suspicious activity that is protected by the First Amendment and entirely innocuous,” American Civil Liberties Union attorney Hugh Handeyside. “Law enforcement officials have themselves raised privacy concerns about these systems. Making that information available to more people, with greater ease, erodes our privacy while doing nothing to make us safer.”