Corralling Domestic Intelligence
Standards in the Works for Reports of Suspicious Activity

By Walter Pincus
Washington Post Staff Writer
Friday, January 13, 2006

The Bush administration is trying to set standards for how government agencies collect and maintain reports of suspicious activity because of concern that the agencies may be keeping inappropriate information on Americans while working to thwart terrorism with more extensive domestic intelligence, according to officials.

A number of departments have set up systems to encourage employees and others to file suspicious-activity reports, or SARs, to protect their facilities and personnel from attack. The National Counterterrorism Center, which by law has primary responsibility for analyzing terrorism-related intelligence, is trying to bring some order to that system, officials said.

Currently, the reporting varies in type and specific purpose from agency to agency, and information is collected in one form or another in data systems by the Pentagon, the FBI, the CIA, and the departments of State, the Treasury and Homeland Security.

How that information is handled and shared among intelligence agencies has become a matter of heightened concern after recent revelations that a Pentagon agency inappropriately kept reports in a database about people and groups that had protested the war in Iraq. Yesterday, Sen. Dianne Feinstein (D-Calif.) wrote Defense Secretary Donald H. Rumsfeld to express concern and ask him for answers about the Counterintelligence Field Activity agency, or CIFA.

Officials hope that imposing common procedures for collecting and keeping information will reduce the chances for abuse.

"One of our objectives certainly is to weed out rubbish and other stuff that shouldn't make its way into suspicious-activity reports in the first place," a senior counterterrorism official said of the NCTC effort. "In many instances the threshold for reporting is low, which makes it extremely difficult to evaluate some of this information," said the official, who spoke on the condition of anonymity because of the sensitivity of the issues.

A spokesman for Director of National Intelligence John D. Negroponte said the NCTC, which is under his control, was "playing the primary role in seeking to establish common standards" and added: "There are various suspicious-activity reporting systems, and it is NCTC's role to improve and coordinate the way they are done."

The government's increased emphasis on collecting domestic intelligence has raised concerns among civil liberties advocates and members of Congress, who cite abuses during the Vietnam War years. Congressional investigations in the 1970s uncovered evidence of unauthorized wiretapping, domestic surveillance, infiltration of peace groups and the creation of files on thousands of Americans. The findings led to laws restricting the government's ability to spy on and keep information about U.S. citizens.

Feinstein's letter focused on the Pentagon's Talon system, in which civilians and military personnel are encouraged to report activity they consider suspicious around defense installations. The reports are fed into a database managed by CIFA, a three-year-old agency whose budget and size are classified.

Last month, Pentagon officials acknowledged that the reports included information on peace activists and other apparently innocent people, including some who protested military recruiting at the University of California at Santa Cruz.

Defense Department spokesman Bryan Whitman said in December that reports about protesters and others who were not a threat should have been purged from the database but were not. The undersecretary of defense for intelligence, Stephen A. Cambone, ordered a review, still underway, to identify any information "that might be improperly stored in the database," Whitman said.

Richard A. Falkenrath, a senior fellow at the Brookings Institution and former deputy homeland security adviser at the National Security Council, said suspicious-activity reports from various agencies were sometimes passed to senior officials before they had been checked out and verified or disproved.

"The reporting of incidents, who heard what and how it was reported, was unbelievably diverse and would reach the White House by many different paths, many idiosyncratic," Falkenrath said. He said it was "logical" that the NCTC now "should set standards for collecting that information."

Talon is not the only system that contains unverified SARs.

The FBI has a classified system called Guardian that carries urgent, initial reports about suspicious acts, according to one bureau official.

He described it as an automated database used "to track and monitor terrorism threats and suspicious activity from the initial reporting to its final resolution." One example, he said, involved individuals seen taking pictures of a nuclear power plant who jumped in their car when approached for identification.

"In all cases it is up to the reporting agent to follow up on suspicious activities and if a report clears it up, it is taken out of the database," the official said. "There has to be a resolution," which Pentagon officials acknowledged did not happen with Talon reports.

The State Department has a system called the Security Incident Management and Analysis System, which carries reports of suspicious activities from overseas embassies and other diplomatic facilities.

And the Treasury Department has a program for filing SARs related to unusual transfers of funds, which has focused primarily on terrorism threats since 2001.

In June 2004, the acting Treasury inspector general, Dennis S. Schindel, told a House committee that "the SAR database sometimes lacked critical information or included inaccurate data."

View all comments that have been posted about this article.

© 2006 The Washington Post Company