Glenn A. Fine
Inspector General, U.S. Department of Justice
Senate Committee on Homeland Security and Governmental Affairs
“Watching the Watchlist: Building an Effective Terrorist Screening System”
October 24, 2007
* * * * *
Creation of the TSC
The TSC’s Role in the Watchlist Process
The OIG’s June 2005 Audit of the TSC
The OIG’s September 2007 Follow-up Audit on TSC Operations
Ongoing Reviews of Watchlist Nomination Process
Mr. Chairman, Senator Collins, and Members of the Committee on Homeland Security and Governmental Affairs:
I appreciate the opportunity to testify before the Committee on the development and status of the terrorist watchlist screening system. For the past several years, the Department of Justice Office of the Inspector General (OIG) has examined the work of the Terrorist Screening Center (TSC), which is a multi-agency effort administered by the Federal Bureau of Investigation (FBI). Created in 2003, the TSC integrates U.S. government terrorist watchlists into a consolidated database and provides 24-hour, 7-day a week responses to federal, state, and local governments to assist in screening for individuals with possible ties to terrorism. Prior to the establishment of the TSC, the federal government’s terrorist screening system was fragmented, relying on at least a dozen separate watchlists maintained by different federal agencies.
In June 2005, the OIG issued its first audit of the TSC’s operations. Our 2005 audit found that the TSC had made significant strides in becoming the government’s single point-of-contact for law enforcement authorities requesting assistance in identifying individuals with possible ties to terrorism. However, we also found weaknesses in various areas of TSC operations, including that the TSC had not ensured that the information in the consolidated terrorist watchlist database was complete and accurate.
In September of this year, we completed a follow-up review examining the TSC’s progress in improving its operations and addressing certain recommendations in our 2005 audit. Our follow-up review found that the TSC had continued to make progress in several important areas. For example, the TSC had enhanced its efforts to ensure the quality of watchlist data, had increased staff assigned to data quality management, and had developed a process and a separate office to address complaints filed by persons complaining that they are included on the terrorist watchlist by mistake.
Yet, we also determined that the TSC’s management of the watchlist continues to have significant weaknesses, and that the data in the watchlist database was not complete or fully accurate.
Thus, while the TSC is a critical participant in the government’s counterterrorism effort and TSC employees deserve credit for creating a consolidated watchlist, weaknesses remain in the TSC’s operations and watchlisting process. These weaknesses can have enormous consequences. Inaccurate, incomplete, and obsolete watchlist information can increase the risk of not identifying known or suspected terrorists, and it can also increase the risk that innocent persons will be stopped or detained. For these reasons, we believe it critical for the TSC, and the agencies providing information for inclusion in the consolidated watchlist database, to further improve the accuracy of the data and their efforts to remove inaccurate information.
In this statement, I provide further details on these conclusions. First, I briefly provide background on the operation of the TSC. I then summarize the findings of the two OIG reports on the TSC’s operations. Finally, I note for the Committee ongoing reviews by our office and other Inspectors General in the Intelligence Community that are further examining the watchlist nomination process.
Prior to the establishment of the TSC, the federal government relied on many separate watchlists maintained by different federal agencies for screening individuals who, for example, apply for a visa, attempt to enter the United States through a port-of-entry, attempt to travel internationally on a commercial airline, or are stopped by a local law enforcement officer for a traffic violation.
Homeland Security Presidential Directive-6 (HSPD-6), signed on September 16, 2003, required the creation of the TSC to integrate the existing U.S. government terrorist watchlists and provide 24-hour, 7-day a week responses for agencies that use the watchlisting process to screen individuals. HSPD-6 mandated that the TSC achieve initial operating capability by December 1, 2003.
Following the issuance of HSPD-6, the Attorney General, the Director of Central Intelligence, and the Secretaries of the Department of Homeland Security (DHS) and the Department of State entered into a Memorandum of Understanding (MOU) describing the new TSC organization and the level of necessary cooperation, including the sharing of staff and information from the four participating agencies. The MOU stipulated that the Director of the TSC would report to the Attorney General through the FBI. As a result, the FBI administers the TSC, although the Principal Deputy Director of the TSC must be an employee of the DHS.
Since fiscal year (FY) 2004, the participating agencies have shared responsibility for funding and staffing the TSC. For FY 2007, the TSC had a budget of approximately $83 million and a staffing level of 408 positions.
When a law enforcement or intelligence agency identifies an individual as a potential terrorist threat to the United States and wants that individual watchlisted, the source agency nominates that person for inclusion in the consolidated watchlist maintained by the TSC. As additional information is obtained that either enhances the identifying information or indicates that the individual has no nexus to terrorism, the record should be updated or deleted.
The TSC shares the information contained in its Terrorist Screening Database by exporting or sending data “downstream” to other screening systems, such as the State Department’s Consular Lookout and Support System (CLASS), DHS’s Interagency Border Inspection System (IBIS), the Transportation Security Administration’s (TSA) No Fly list, the FBI’s Violent Gang and Terrorist Organization File (VGTOF) within its National Crime Information Center (NCIC) system, and others. Watchlist information is then available for use by U.S. law enforcement and intelligence officials across the country and around the world.
Law enforcement or intelligence personnel routinely encounter individuals as part of their regular duties. For example: (1) DHS agents of the U.S. Customs and Border Protection agency examine individuals at various U.S. ports-of-entry and search IBIS to determine if a person can be granted access to the United States, (2) State Department officials process visa applications from non-U.S. citizens wishing to visit the United States and search CLASS to determine if the individual should be granted a U.S. visa, and (3) state and local law enforcement officers query the FBI’s NCIC system to review information about individuals encountered through the criminal justice system. These databases and lists contain terrorist watchlist records to assist screening agents in identifying persons that the U.S. government has determined are known or suspected terrorists.
When a name appears to be a match against the terrorist watchlist, requestors receive a return message through their database informing them of the preliminary match and directing them to call the TSC. When a call is received, TSC staff in the 24-hour call center assist in confirming the subject’s identity.
These matches may be actual watchlist subjects, individuals misidentified to a terrorist identity, or someone mistakenly included on the watchlist. In responding to such a call, TSC Call Center staff search the consolidated database and other databases to determine if a terrorist watchlist identity match exists.
Records within the consolidated watchlist database also contain information about the law enforcement action to be taken when encountering the individual. This information is conveyed through “handling codes” or instructions – one handling code for the FBI and one for the DHS. The FBI’s handling codes are based on whether there is an active arrest warrant, a basis to detain the individual, or an interest in obtaining additional intelligence information regarding the individual. DHS handling instructions provide screeners with information on how to proceed with secondary screening of the individual.
Between the TSC’s inception in December 2003 and May 2007, the TSC has documented more than 99,000 encounters for which its call center was contacted. TSC data shows that 53.4 percent of these calls were determined to be a positive match to a terrorist watchlist identity in the consolidated database. In those cases, the TSC contacted the FBI, which is responsible for initiating any necessary law enforcement action. In 43.4 percent of the encounters, it was determined that the individual did not match the watchlisted identity. In the remaining 3.2 percent of the encounters, the TSC Call Center staff could not definitively determine if the match was positive or negative and therefore forwarded these calls to the FBI.
Since creation of the TSC in December 2003, the number of records in the consolidated watchlist database of known or suspected terrorists has significantly increased. According to TSC officials, in April 2004 the consolidated database contained approximately 150,000 records. It is important to note that because multiple records may pertain to one individual, the number of individuals in the database is fewer than the total number of records.
TSC data indicate that by July 2004 the number of records in the consolidated database had increased to about 225,000, representing approximately 170,000 individuals. In February 2006, the TSC reported that the database contained approximately 400,000 records. Most recently, information we obtained from the TSC indicates that the consolidated database contained 724,442 records as of April 30, 2007. According to the TSC, these records relate to approximately 300,000 individuals.
In June 2005, the OIG issued an audit of the TSC’s operations. As mentioned previously, the OIG review found that the TSC had made significant strides in becoming the government’s single point-of-contact for assistance in identifying individuals with possible ties to terrorism. The TSC began operating as the nation’s centralized terrorist screening center by the mandated December 1, 2003, date. Several months later, the TSC began using a terrorist screening database that contained consolidated information from a variety of existing watchlist systems.
Yet, while the TSC had deployed a consolidated watchlist database, the OIG report found that the TSC had not ensured that the information in that database was complete and accurate. For example, the OIG found that the consolidated database did not contain names that should have been included on the watchlist. In addition, the OIG found inaccurate or inconsistent information related to persons included in the database.
Due to its rapid start-up and the need for personnel with adjudicated security clearances, the TSC had been heavily dependent upon staff and supervisors detailed from participating agencies who generally worked at the TSC for only 60 to 90 days. Moreover, due to the temporary assignments of call center supervisors, the TSC had difficulty developing and implementing standard oversight procedures for call center personnel, and at times provided incorrect instructions to call center staff. This lack of sufficient training, oversight, and general management of the call screeners left the call center vulnerable to errors, poor data entry, and untimely responses to callers. We also found problems with the TSC’s management of its information technology, a crucial facet of the terrorist screening process.
The OIG report also concluded that the TSC needed to better address instances when individuals were mistakenly identified as a “hit” against the consolidated database (also referred to as misidentifications). Finally, the audit found that the TSC would benefit from formalizing its strategic planning efforts, enhancing its outreach efforts to inform the law enforcement and intelligence communities of its role and functions, and expanding its ability to assess the effectiveness and performance of the organization. The OIG report provided 40 recommendations to the TSC to address areas such as database improvements, data accuracy and completeness, call center management, and staffing. The TSC generally agreed with the recommendations and said it had, or would, take corrective actions.
In September 2007, the OIG issued a follow-up audit assessing the progress of the TSC in improving its operations. Our audit examined the TSC’s efforts to ensure that accurate and complete records were disseminated to and from the watchlist database in a timely fashion and the TSC’s efforts to ensure the quality of the information in the watchlist database. The review also examined the TSC’s process to respond to complaints raised by individuals who believe they have been incorrectly identified as watchlist subjects.
In conducting this audit, we interviewed more than 45 officials and reviewed numerous TSC documents. To evaluate the accuracy and completeness of the consolidated watchlist, we analyzed the consolidated database as a whole, and reviewed the number of records in the database and any duplication that existed within those records. We also tested individual records for accuracy and completeness, as well as the timeliness of any related quality assurance activities.
Overall, our follow-up audit found that the TSC had enhanced its efforts to ensure the quality of watchlist data, had increased staff assigned to data quality management, and had developed a process and a separate office to address complaints filed by persons seeking relief from adverse effects related to terrorist watchlist screening. In these areas, we credited the TSC for significant progress in improving its operations.
However, we also determined that the TSC’s management of the watchlist has significant continuing weaknesses. For example, our review revealed instances where known or suspected terrorists were not appropriately watchlisted on screening databases that frontline screening agents (such as border patrol officers, visa application reviewers, or local police officers) use to identify terrorists and obtain instruction on how to appropriately handle these subjects.
Even a single omission of a terrorist identity or an inaccuracy in the identifying information contained in a watchlist record can have enormous consequences. Inaccuracies in watchlist data increase the possibility that reliable information will not be available to frontline screening agents, which could prevent them from successfully identifying a known or suspected terrorist during an encounter or place their safety at greater risk by providing inappropriate handling instructions for a suspected terrorist. Furthermore, inaccurate, incomplete, and obsolete watchlist information increases the chances of innocent persons being stopped or detained during an encounter because of being misidentified as a watchlist identity.
Our review also found that, due to technological differences and capabilities of the various systems used in the watchlist process, the TSC still maintains two interconnected versions of the watchlist database. The TSC is developing an upgraded consolidated database that will eliminate the need to maintain parallel systems. However, in the meantime these two databases should be identical in content and therefore should contain the same number of records. Yet, we discovered during our review that these two systems had differing record counts.
We also found that the number of duplicate records in the TSC database has significantly increased. Multiple records containing the same unique combination of basic identifying information can needlessly increase the number of records that a call screener must review when researching a specific individual. In addition, when multiple records for a single identity exist, it is essential that the identifying information and handling instructions for contact with the individual be consistent in each record. Otherwise, the screener may mistakenly rely on one record while a second more complete or accurate record may be ignored. Furthermore, inconsistent handling instructions contained in duplicate records may pose a safety risk for law enforcement officers or screeners.
In addition, we found that not all watchlist records were being sent to downstream screening databases. Our testing of a sample of 105 watchlist records revealed 7 watchlist records that were not exported to all appropriate screening databases. As a result of the TSC’s failure to export all terrorist watchlist records to screening databases, watchlisted individuals could be inappropriately handled during an encounter. For example, a known or suspected terrorist could be erroneously issued a U.S. visa or unknowingly allowed to enter the United States through a port-of-entry. We discussed these records with TSC officials who agreed with our findings and began correcting these omissions.
Our review also found that the TSC did not have a process for regularly reviewing the contents of the consolidated database to ensure that only appropriate records were included on the watchlist. TSC officials told us that they would perform a monthly review of the database to identify records that are being stored in the database that are not being exported to downstream systems. We also believe it is essential that the TSC regularly review the database to ensure that all outdated information is removed, as well as to affirm that all appropriate records are watchlisted.
Our review determined that because of internal FBI watchlisting processes, the FBI bypasses the normal terrorist watchlist nomination process for international terrorist nominations and instead enters international nominations directly into a downstream screening system. This process is not only cumbersome for the TSC, but it also results in the TSC being unable to ensure that consistent, accurate, and complete terrorist information from the FBI is disseminated to frontline screening agents in a timely manner. As a result, in our report we recommended that the FBI and TSC work together to design a more consistent and reliable process by which FBI-originated international terrorist information is provided for inclusion in the consolidated watchlist.
We concluded that the TSC needs to further improve its efforts for ensuring the quality and accuracy of the watchlist records. We found that since our last report the TSC had increased its quality assurance efforts and implemented a data quality improvement plan. In general, we believe the actions the TSC has taken to improve quality assurance are positive steps. We also recognize that it is impossible to completely eliminate the potential for errors in such a large database. However, continuing inaccuracies that we identified in watchlist records that had undergone the TSC’s quality assurance processes underscore the need for additional actions to ensure the accuracy of the database.
For example, the TSC completed a special quality assurance review of the TSA’s No Fly list, which reduced the number of records on the list. Our review of a sample of records examined during of this special review process identified virtually no errors. In contrast, our examination of the TSC’s routine quality assurance reviews revealed continued problems. Specifically, we examined 105 records subjected to the TSC’s routine quality assurance review and found that 38 percent of the records we tested continued to contain errors or inconsistencies that were not identified through the TSC’s routine quality assurance efforts. Thus, although the TSC had clearly increased its quality assurance efforts since our last review, it continues to lack important safeguards for ensuring data integrity, including a comprehensive protocol outlining the TSC’s quality assurance procedures and a method for regularly reviewing the work of its staff to ensure consistency.
Our audit also expressed concerns that the TSC’s ongoing quality assurance review of the consolidated watchlist will take longer than projected by the TSC. At the time of our audit field work in April 2007, the TSC was continuing its efforts to conduct a record-by-record review of the consolidated watchlist and anticipated that all watchlist records would be reviewed by the end of 2007. However, the watchlist database continues to increase by more than 20,000 records per month and as of April 2007 contained over 700,000 records. Given this growth and the time it takes for the TSC’s quality assurance process, we believe the TSC may be underestimating the time required to sufficiently review all watchlist records for accuracy.
With regard to addressing complaints from individuals about their possible inclusion on the watchlist, we found that the TSC’s efforts to resolve complaints have improved since our previous audit. In 2005, the TSC created a dedicated unit to handle such matters. The TSC also helped to spearhead the creation of a multi-agency Memorandum of Understanding (MOU) focusing on watchlist redress (Redress MOU) and developed comprehensive redress procedures. Currently, frontline screening agencies such as the DHS and the State Department receive complaints from persons seeking relief related to the terrorist watchlist screening process. Matters believed to be related to a terrorist watchlist identity or to an encounter involving the watchlist are forwarded to the TSC. The TSC Redress Office conducts an examination of the watchlist records, reviews other screening and intelligence databases, and coordinates with partner agencies for additional information and clarification. The TSC determines if any records need to be modified or removed from the watchlist, ensures these changes are made, and notifies the referring frontline screening agency of the resolution. The frontline screening agency is then responsible for responding to the complainant.
To test the TSC’s redress procedures, we selected 20 redress complaints received by the TSC between January 2006 and February 2007 and reviewed the corresponding files to determine if the TSC followed its redress procedures. We found that in each of the sampled cases the TSC complied with its redress procedures, including reviewing the applicable screening and intelligence databases, coordinating with partner agencies, and reaching appropriate resolutions.
However, we also noted that the TSC’s redress activities identified a high rate of error in watchlist records. The high percentage of records in the redress process requiring modification or removal points to deficiencies in the terrorist watchlisting process. We believe that the results of the TSC’s redress reviews are a further indicator that watchlist data needs continuous monitoring and attention.
In addition, we believe the TSC needs to address the timeliness of redress complaint resolutions. We reviewed TSC files and statistics for closed redress matters to examine the efficiency of redress reviews. This data revealed that it took the TSC, on average, 67 days to close its review of a redress inquiry. Our review of redress files indicated that delays were primarily caused by three factors: (1) the TSC took a long time to finalize its determination before coordinating with other agencies for additional information or comment, (2) nominating agencies did not provide timely feedback to the TSC or did not process watchlist paperwork in a timely manner, and (3) certain screening agencies were slow to update their databases with accurate and current information.
TSC officials acknowledged that it has not developed response timeframes for redress matters with its partner agencies. While the Redress MOU states that one of the goals of the redress process is to provide a timely review, the MOU does not define what constitutes a reasonable timeframe. Because the TSC is central to resolving any complaint regarding the content of the consolidated terrorist watchlist, we recommended that the TSC organize the U.S. government’s effort to develop timeliness measures for the entire watchlist redress process.
In addition, we found the TSC does not have any policy or procedures to proactively use information from encounters to reduce the incidence and impact of watchlist misidentifications. For example, the TSC could program its tracking system to automatically generate a quality assurance lead for the TSC to perform a review of watchlist records that have been the subject of a certain number of encounters with individuals that were not a positive match to the watchlist record. Moreover, the TSC’s strategic plan does not include goals or actions associated with reducing the incidence of misidentifications or the impact on misidentified persons other than that covered by a formal redress process. Considering that nearly half of all encounters referred to the TSC Call Center are negative for a watchlist match, we recommended that the TSC consider misidentifications a priority and develop strategic goals and policy for mitigating the adverse impact of the terrorist screening process on non-watchlist subjects, particularly for individuals who are repeatedly misidentified as watchlist identities.
In total, our report made 18 recommendations to further improve the TSC’s watchlisting process and the quality of the watchlist data. These recommendations include making further improvements to increase the quality of watchlist data; revising the FBI’s watchlist nominations process; and developing goals, measures, and timeliness standards related to the redress process. In response, the TSC agreed with the recommendations and stated that it would take corrective action.
The OIG is currently conducting a separate audit examining the watchlist nominations processes in the Department of Justice. This audit is examining the specific policies and procedures of Department components for nominating individuals to the consolidated watchlist. The audit also is reviewing the training provided to the individuals who are involved in the nominating process. The Department components we are reviewing include the FBI, the Drug Enforcement Administration, the Bureau of Alcohol, Tobacco, Firearms and Explosives, and the United States Marshals Service.
We are conducting this review in conjunction with other Intelligence Community OIGs, who are examining the watchlist nomination process in their agencies. The OIG reviews, which are being coordinated by the OIG for the Office of the Director of National Intelligence, include OIGs in the Departments of State, Treasury, Energy, Homeland Security, and others.
In conclusion, the TSC deserves credit for creating and implementing a consolidated watchlist and for making significant progress in improving the watchlist and screening processes. However, our reviews have found continuing weaknesses in some of those processes and in the quality of the data in the consolidated database. We believe i t is critical that the TSC further improve the quality of its watchlist data and its redress procedures. Inaccurate, incomplete, and obsolete watchlist information can increase the risk of not identifying known or suspected terrorists, and it can also increase the risk that innocent persons will be repeatedly stopped or detained. While the TSC has a difficult task and has made significant progress, we believe it needs to make additional improvements.
That concludes my statement and I would be pleased to answer any questions.