Unverified Reports of Terror Threats Linger
Pentagon Faults 1% of Database Entries

By Walter Pincus
Washington Post Staff Writer
Tuesday, January 31, 2006

Pentagon officials say their newest intelligence agency, the Counterintelligence Field Activity, is finding "irregularities" in about one of every 100 reports of suspicious activity that were entered into its database of possible terrorist threats to Defense Department personnel or facilities.

Pentagon officials began reviewing how CIFA managed what are known as Talon reports after revelations that the agency kept in its database information on Americans who were carrying out peaceful demonstrations against the war in Iraq at military bases and recruiting offices.

The Talon system encourages civilians and military personnel to report on activities they consider suspicious. Reports that are determined not to represent a security threat are supposed to be purged from the database within 90 days, but some information on protesters and other innocent Americans has been kept for more than a year.

The Pentagon considers "irregularities" to be reports involving people or groups that have remained in the database too long -- more than 90 days -- without being verified as representing real threats. In some cases, the review has shown they should not have been included in the first place.

Defense officials declined to say how many Talon reports have been placed in the CIFA database, known as Cornerstone, or the number of improperly kept reports identified so far in the ongoing review.

At a May 2004 hearing before the House Permanent Select Committee on Intelligence, Carol A. Haave, then deputy undersecretary of defense for counterterrorism and security, said that "more than 5,000 Talon reports have been received and shared throughout the government" in the program's first year of operation. At that rate, about 12,500 Talon reports would have been filed during the approximately 2 1/2 years the program has existed.

David A. Burtt II, director of CIFA, said in a recent interview that the number of Talon reports is classified and that he was unaware of Haave's testimony. But he said that cleansing of the database is "still going on" and that the irregularities were occurring in about 1 percent of the Talon reports. At that rate, a database of 12,500 reports would yield problems in about 125 reports.

Talon is a Defense Department-wide program instituted in May 2003 that captures raw, non-validated information about suspicious activity or potential terrorist threats to department personnel or facilities that were reported by military personnel, their families or other citizens. The unverified Talon reports were passed on to base commanders and CIFA analysts, who added them to Cornerstone. The information also is made available to other intelligence agencies inside and outside the Pentagon, including Northern Command (Northcom), the Defense Department command in Colorado Springs responsible for homeland security.

The Pentagon's surveillance of war protesters in the 1960s and 1970s led to congressional investigations, and to laws and rules aimed at restricting Defense Department domestic intelligence operations.

In December, news organizations revealed that Talon reports on antiwar protesters, some more than a year old, had turned up on the unclassified database maintained by Northcom, which prompted Stephen Cambone, the undersecretary of defense for intelligence, to order the review of Talon procedures.

"There was no intention to do anything illegal or improper" when the reports of suspicious activity were made, said Robert W. Rogalski, who replaced Haave. "These were young men and women trying to defend defense facilities . . . trying to do the right thing," he said.

Burtt said his staff members now review every Talon report that comes in. Those concerning demonstrators "are out altogether . . . and we are double-checking all the others," he said during a recent interview at his Crystal City office.

Burtt and Rogalski defended the Talon program, which they said provides a centralized way to gather information on possible terrorist threats that come in from citizens, security guards and others, forming a sort of neighborhood watch around defense facilities.

"We are looking for dots concerning terrorism," Burtt said, citing several instances where Talon reports led to investigations of potential terrorist threats.

Kate Martin of the Center for National Security Studies, a civil liberties advocacy organization, emphasized that even if the improperly held Talon reports are removed from CIFA's database, they still could be held in databases of other intelligence agencies unless they too are purged.

A Pentagon spokesman said he did not know how many other intelligence agencies picked up the questionable Talon reports from CIFA's Cornerstone database and put them in their own databases. Northcom's analysts included the questionable Talon reports in their Joint Protection Enterprise Network, an "official use only" database that allows authorized subscribers, including local and state law enforcement agencies, to immediately share anti-terrorism and force-protection data.

View all comments that have been posted about this article.

© 2006 The Washington Post Company