A counterterrorism strategy that needs fewer dots
"Connecting the dots" is a lousy metaphor that creates unrealistic expectations. The phrase suggests that the only thing our intelligence analysts have to do is draw a line from the point labeled "1" to the point labeled "2" and so on, and soon they're looking at the unmistakable outline of a terrorist plot. In reality, though, the page is so crowded with dots that they almost touch. Most are irrelevant, and not a single one is numbered.
The clues that would have alerted authorities to the Christmas Day underwear bomber were buried under mountains of intelligence data. Gathering pertinent information is a challenge, but in this case that challenge was met. What the system failed to do was manage the data well enough for the right bits and pieces to be picked out.
It seems to me that as President Obama tries to minimize the possibility that the next Umar Farouk Abdulmutallab might succeed in blowing an airliner out of the sky, the focus shouldn't be on shuffling boxes around an organizational chart. It should be on finding a better way to inventory and collate what we already know.
Abdulmutallab's name was in a database maintained by the National Counterterrorism Center that lists 550,000 terrorism-related "entities." This is almost the same as being completely anonymous, since a list that long is hardly a practical tool -- and indeed, his inclusion didn't keep Abdulmutallab off that Detroit-bound flight or even flag him for enhanced screening. Being listed seems to mean little more than being listed.
The name of the list -- Terrorist Identities Datamart Environment, or TIDE -- is so comically bureaucratic that I can't help thinking of Monty Python's "Ministry of Silly Walks." But I digress.
What got Abdulmutallab's name on the list was a November visit to the U.S. Embassy in Nigeria by Abdulmutallab's father, Alhaji Umaru Mutallab. The respected banker was seeking help in finding his son, who he said had become radicalized, was associating with extremists in Yemen and could be dangerous.
The State Department was aware, institutionally, that Abdulmutallab had a multiple-entry visa to come to the United States. But there seems to have been no protocol mandating that information such as that given by the young man's father would prompt even close scrutiny of any current visa, let alone suspension or revocation.
And it turns out that last summer, the National Security Agency had intercepted communications indicating that the Yemen-based branch of al-Qaeda was planning some kind of attack -- and that a Nigerian was being readied to carry it out. Later reports suggested it might happen during the holiday season. All that is pretty vague -- there are a lot of Nigerians -- but knowing this in the context of the father's information would have made any analyst's hair catch fire.
Abdulmutallab paid cash for his plane ticket, which is supposed to be another red flag. Isn't this the kind of thing that airline computer systems should register, even in parts of the world where cash transactions are more common? And I wonder how many Nigerian nationals depart from Lagos for Detroit, via Amsterdam, without checking even one piece of luggage? Not many, I'll bet.
If this information had all been assembled in one place, it's clear that Abdulmutallab never would have been allowed on Northwest Flight 253. But I think we need to be realistic: Clues that are staring us in the face are always painfully obvious in hindsight. This was true after the Sept. 11, 2001, attacks. Novice pilots asking to be taught how to fly big jetliners, but not necessarily how to land them? A presidential daily brief titled "Bin Laden Determined to Strike in U.S."?
The National Counterterrorism Center was established in 2004 for the specific purpose of dot-connecting -- forcing the CIA, the NSA, the FBI, the State Department, military intelligence and other agencies to share what they know. But as those agencies gather more and more data, processing it inevitably becomes harder. The problem may not be that the system is improperly engineered but simply that it's grossly overloaded.
Do we need more analysts? Faster computers? Better software? Maybe all of the above. But I doubt we need to reshuffle the bureaucracy yet again -- and I doubt we need more information.
The very first task should be cutting that list of 550,000 "entities" down to a manageable size. The architect Ludwig Mies van der Rohe was right: Less sometimes really is more.