Friday, April 30, 2010

Deepwater Horizon Catastrophe

The drill rig explosion and oil seepage may well rival Katrina Hurricane and its impact IMO. Follow news at Gulf of Mexico-Transocean Drilling Incident for best coverage. If you have trouble finding site let me know.

I posted and it was published a letter to the editor of the NATURAL HAZARDS OBSERVER concerning an article in the fall 2008 issue. The letter was published in the January 2009 Observer which is available on-line from the Center for Natural Hazards, Boulder Colorado or me. The letter concerned the Exxon-Valdez Accident and the Stafford Act.

If I was President I would already have declared an EMERGENCY under the Stafford Act pursuant to Section 501(b) of that statute. One thing we know after almost 18 months of this Administration it is not agile in its response to events.

Thursday, April 29, 2010

The Disaster Law List

A disaster law list was developed several years ago by Professor Dan Farber, J.D. at Berkeley. The Berkeley law librarian Dean Rowan also was a key player and I believe administers the list. Over the past several years I have contributed various items I believe were of interest to the list. To join the list go to:https://calmail.berkeley.edu/manage/list/listinfo/disaster_law@lists.berkeley.edu

See also: announcement has been added in the "Disaster Law" site at bSpace (https://bspace.berkeley.edu/portal)
Subject: Joining the Diaster_Law list



I also sent a fairly long note as to my philosophy for my participation on the list to both DANs.
I repeat that statement here. Some have found my contributions tedious and uninformative but some have praised my efforts. Perhaps the eye of the beholder. Whatever here was my statement as to why I participate in that list.
E-mail sent July 17, 2007
"Dean! I have looked over and thought about your thoughtful response on the endgame for the site for several days. First, accept my suggestions for just what they are since I really deep down do believe let a thousand flowers bloom when it comes to academic research. And let it be firmly stated, I am probably an academic wannabe but not really an academic. I was a reactionary for 34 years in EM and am hoping to contribute in some small measure to future generations knowing that the issues I worked in life will not disappear because "mother nature does NOT grant variances" and apparently the deranged or ideologues don't either.

First, I do like to stay behind the scenes largely due to my belief that there is always a faster gun out there. Basically I am chicken. But starting in the late 80's while still at FEMA I became one of the principal national security lawyers in FEMA (actually I had a clearance for 27 of 34 years including Army duty). I always felt that how the largest or certainly the oldest and richest democracies handled EM was a key in many cases to whether our democracy and others even survived. I still believe that. I also believe that EM is a civil function, and while 95% of the world lets the military do its response, it almost never does well mitigation, prevention, preparedness, or recovery. It clearly does provide a gloss of authoritarian control that might, and I really do mean "might" be helpful in some circumstances.

Second, the whole of EM is truly multidisciplinary which is why I am so interested in the lawyers understanding what the research and academic community is discovering or has discovered. You have to understand when I went to law school there was no National Security Law Course (I suggested the development of that curriculum to Peter Raven-Hansen and Stephen Dycus in the mid-to late 80's and their text is now in its third or fourth edition.) John Basset Moore at my law school U.VA saw it as an international issues (which in part it is) while my whole experience was that it had huge domestic impacts for our democracy. I did help Peter and Stephan with the first two editions of the book and interestingly they were very concerned I might be fired for helping them even informally. You can see the climate of fear is not new in Washington. I am or was a second generation civil servant and saw even as a child the devastation wrought on the bureaucracy and Washington by the McCarthy era.

Finally, I am dedicated fully to the principle that the law is the real difference in our society from many others and is definitely not a "Crystal never changing" or whatever the quote was. I kept posted in my office and made new young lawyers read Clarence Darrow's letter to a young law student suggestion that a more suitable profession than law be followed because the system was only designed to protect the corporate elite of American. Of course I have spent my life trying to personally refute that adage.

To the point, for your site, there are a number of other sites that do well what they do. Such as MIPT.org or the Secrecy Archive of the Federation of American Scientists. There is however much left to do. Long term I am trying to develop documents and materials on the just shy of one month of FEMA's 24 years as an independent agency. It had multiple cultures and I have jointly authored an exploration of one of them, the HAZMAT culture. I have yet to cover a number of others, including disaster policy and operations, national security concerns, civil defense, flood insurance and flood plain management (mitigation), and fire culture among others. it is my intention to work on analysis of this period for the rest of my life while helping others to the extent possible in the meantime.

I firmly believe that a legal but multidisciplinary site is really needed. While my focus is FEMA what needs to be understood is that the legal architecture and systems underpinning EM are not well understood. FEMA was chronically understaffed and under funded in its almost 24 years and I continue to document what I call the WAR ON FEMA once it became part of DHS. The staffing and funding was barely adequate for a collaborative and coordination agency and certainly not a fully operational agency that would be the federal 911. Yet oddly that may be what the public expects. There is a open and current threat which has been repeated over the years to give the EM mission to DOD. I was in many high level meetings between FEMA, DOD, and DOJ where FEMA was the shock absorber between those two agencies, and only by voting with a DOJ oriented to law and democracy did the "right" answer come forth. This then is the guidance that I would suggest for the web site. Promotion of law and democracy. No other site focuses on those issues and it is also a comparative law issue of interest to both other existing democracies and those countries that hope to become democracies. In many many meetings I would point out that the Constitution was not waivable in any circumstance and believe it or not many many prominent high ranking lawyers or at least those with legal training believed otherwise. I still remember a speech by then Deputy National Security Adviser Sandy Berger stating on the record that the administration could do whatever it wanted despite what the law or Constitution stated. Also Federal programs are not designed for efficiency and effectiveness they are political solutions and the days are long gone in Washington when someone or some group sat down to try and figure out what should be the nation's policy. Now it is issue focused and this is so that groups can choose sides. The political scientists have analyzed this phenomenon and it is briefly discussed in my articles.

Basically, my most important job in FEMA, even though I ran its litigation for most of decade, was to train its heirarchy and the heirarchy of other federal agencies in the basics of the Constitution and what authority they did have to help the people of the United States in an emergency. One of my favorite cases to cite was Little v. Bareme 1803.

I am implying and you can infer from this lengthy note that I think you have a wide open path to become a leading if not the leading web site on law, emergency management, homeland security and democracy. I have high hopes for that and encourage you to the maximum extent possible. The documents I have sent DAN probably confused him as to why I even sent them but my point has been to show that there is a system and history to much of what lead up to Katrina for example, but it is not available to lawyers and scholars now.

Again, the basics are definitely not settled. An example, is that once Presidential discretion has been exercised to declare a disaster or emergency under the Stafford Act is the rest of the operation totally discretionary or does equal protection of the laws and due process make the relief efforts more of an entitlement.

Another what is federal authority to bypass the states in disaster recovery or is the primary duty to restore a "republican form of government" in the states and go from there. I used to upset FEMA regional directors by telling them the priority should be to restore a governor and his/her operations even before restoring a non-operational administrative unit known as a FEMA region.

At any rate, regards and I really really appreciate your consideration of this comment in the "end game" for the site."

Wednesday, April 28, 2010

Warning, Notification, and Alerting

Long long ago I was treated to watching expert witnesses on direct and cross-examination explain the technical differences between warning, notification and alerting. Each has its own research findings and milieu. Much to my surprise shortly after 9/11/01 an elaborate public-private partnership was created, substantially federally funded to develop a National Warning Strategy which is in fact available and was issued in 2004. That document is available several places including me.
When I found out about the PPWC (Partnership for Public Warning Commission) I wrote a long letter to the head of that organization whose name at the moment is forgotten telling him of the various research materials available. He called to thank me and I ended up forwarding several boxes of materials on the concept of warning. Apparently some of my ideas appeared without attribution in the final National Strategy document. AOK with me.

One of the documents that I forwarded I still have and now provide for the blog readers. I think most will find it interesting and comparing with the National Strategy arguably documents that we (the US) does not really have a warning strategy. Perhaps it is the eye of the beholder.

Here is the document furnished the Partnerhip:

LEGAL REFERENCES TO WARNING, THREATS, AND PUBLIC INFORMATION
IN THE ROBERT T. STAFFORD ACT (CODIFIED AS CHAPTER 68 OF TITLE 42 OF THE U.S. CODE)

SUBCHAPTER II -- DISASTER PREPAREDNESS ASSISTANCE

DISASTER WARNINGS
(42 U.S.C.§5132)

§202.

(a) The President shall insure that all appropriate Federal agencies are prepared to issue warnings of disasters to State and local officials.

(b) The President shall direct appropriate Federal agencies to provide technical assistance to State and local governments to insure that timely and effective disaster warning is provided.

(c) The President is authorized to utilize or to make available to Federal, State, and local agencies the facilities of the civil defense communications system established and maintained pursuant to §611(d) of the Act [42 U.S.C. §5196(d)], or any other Federal communication system for the purpose of providing warning to governmental authorities and the civilian population in areas endangered by disasters.

(d) The President is authorized to enter into agreements with the officers or agents of any private or commercial communications systems who volunteer the use of their systems on a reimbursable or nonreimbursable basis for the purpose of providing warning to governmental authorities and the civilian population endangered by disasters.

SUBCHAPTER IV -- MAJOR DISASTER ASSISTANCE PROGRAMS

GENERAL FEDERAL ASSISTANCE
(42 U.S.C. §5170a)

§402. In any major disaster, the President may ---
. . . . . .

(3) provide technical and advisory assistance to affected State and local government for -
. . . . . .

(B) issuance of warnings of risks of hazards; . . .

ESSENTIAL ASSISTANCE
(42 U.S.C. §5170b)

§403 (a) In General. Federal agencies may on the direction of the President, provide assistance to meeting immediate threats to life and property resulting from a major disaster, as follows:
. . . . . .
(3) Work and Services to Save Lives and Protect property. Performing on public or private lands or waters any work or services essential to saving lives and protecting and preserving property or public health and safety, including ---
. . . . . .
(F) warning of further risks and hazards;

(G) dissemination of public information and assistance regarding health and safety measures;

(H) provision of technical advice to State and local governments on disaster management and control; and
(I) reduction of immediate threats to life, property, and public health and safety.


EMERGENCY COMMUNICATIONS
(42 U.S.C. §5185)

§418. The President is authorized during, or in anticipation of, an emergency or major disaster to establish temporary communications systems and to make such communications available to State and local government officials and other persons as he deems appropriate.

TITLE VI -- EMERGENCY PREPAREDNESS
SUBTITLE A -- POWERS AND DUTIES
§611(d) Communications and Warnings.
The Director may make appropriate provision for necessary emergency preparedness communications and for dissemination of warnings to the civilian population of a hazard.
. . . . . . .
§611(g) Public Dissemination of Emergency Preparedness Information.
The Director may publicly disseminate appropriate emergency preparedness information by all appropriate means.

Federal Civil Defense-Crisis Relocation

In some ways President James Earl Carter helped defeat the civil defense buildup under President Ronald Reagan. How and why? Specifically the crisis relocation program established by President Carter.
I believe I have already posted my notes for an undelivered speech to the Stephenson Institute in NOLA last February. Here are the critical document URLs for which I believe Carter presaged the collapse of the buildup under Reagan when hosting areas for evacuees protested crisis relocation. Judge for yourself.

prm-32 is here:


http://www.fas.org/irp/offdocs/prm/prm32.pdf


pd-41 is here:


http://www.fas.org/irp/offdocs/pd/pd41.pdf

FEMA and Presidential Transitions

Somehow I believe that in reconstructing events baseline documents have some value. For each Presidential transition from the departing President to the arrival of the new President the transitions have become increasing sophisticated and thus the briefing books handed to the new "team" have some interest to me.

Here is the URL for the Transition Book for the George W. Bush Presidency to the Barack H. Obama Presidency for FEMA and we will be discussing the evolution of this documents over time on this blog.

My guess is that many appointees and employees of FEMA have never seen this document before. And as always it has NO identification of authors or contractors who supported its production.

My good friend Steve Afergood of the Federation of American Scientists was good enough to scan it and give it a URL. So many thanks Stever for this and other courtesies you have extended to me over time. And of course your Secrecy Archive is helping to preserve our American democracy (Republic)! So thanks for that also.

The URL is as follows:

http://www.fas.org/irp/agency/dhs/fema/transition2009.pdf

Delegations to the Independent FEMA

Presidential Executive Orders Specifically Delegating Program, Function, or Activity Legal Authority to the Independent Executive Branch FEMA
Prior to Incorporation Into DHS on March 1, 2003
[Note some of these EOs listed also delegate to
other Executive Branch Organizations]





Carter Administration:

1. Executive Order 11988 of May 24, 1977, as amended, Floodplain Management, 3 CFR, 1977 Comp., p. 117, 42 U.S.C. §4321 note p.191. (See 44 CFR Part 9)

2. Executive Order 12127 of March 31, 1979, Federal Emergency Management Agency, 3 CFR, 1979 Comp., p. 376. (Implements Reorg. Plan No. 3 of 1978)

3. Executive Order 12148 of July 20, 1979, as amended, Federal emergency management, 3 CFR, 1979 Comp., p. 412. (Implements Reorg. Plan No. 3 of 1978)

4. Executive Order 12241 of September 29, 1980, National Contingency Plan [Radiological Emergencies], 3 CFR, 1980 Comp., p. 282. (Note-Source of FRERP).

Reagan Administration:

1. Executive Order 12472 of April 3, 1984, Assignment of national security and emergency preparedness telecommunications functions, 3 CFR, 1984 Comp., p.193. (See 47 CFR Part 201)

2. Executive Order 12580 of January 23, 1987, as amended, Superfund Implementation, 3 CFR, 1987 Comp., p. 193 (Note: Amended by E.O. 12777 of October 18, 1991, and further amended by E.O. 13016 of August 28, 1996). (See 40 CFR Part 300, currently under revision).

3. Executive Order 12656 of November 18, 1988, Assignment of Emergency Preparedness Responsibilities, 3 CFR, 1988 Comp., p. 585. (See also 47 CFR Part 201)

4. Executive Order 12657 of November 18, 1988, Federal Emergency Management Agency Assistance in Emergency Preparedness Planning at Commercial Nuclear Power Plants, 3 CFR, 1988 Comp., p. 611. (See 44 CFR Part 352)

Bush Administration:

1. Executive Order 12673 of March 23, 1989, Delegation of Disaster Relief and Emergency Assistance Functions, 3 CFR, 1989 Comp., p. 309. (See 44 CFR Part 206)

2. Executive Order 12699 of January 5, 1990, Seismic Safety of Federal and Federally Assisted or Regulated New Building Construction, 3 CFR, 1990 Comp., p. 269.

3. Executive Order 12742 of January 8, 1991, National Security Industrial Responsiveness, 3 CFR, 1991 Comp., p. 309.

Clinton Administration:

1. Executive Order 12919 of June 3, 1994, National Defense Industrial Resources Preparedness, 3 CFR, 1994 Comp., p. 901. (See 15 CFR Part 700, 44 CFR Parts 321- 336)

2. Executive Order 12941 of December 1, 1994, Seismic Safety of Existing Federally Owned or Leased Building, 3 CFR, 1994 Comp. , p. 955.



[Executive Orders serve to delegate legal authority, provide legal interpretation, and provide policy guidance. When issued specifically pursuant to express statutory authority Executive Orders have the force and effect of federal law.]

INTEL

If you wish to find the defining document for the intelligence collection, analysis, and dessimination by the federal government look no further than E.O. 12333. The text can be found at: http://www.fas.org/irp/offdocs/eo/eo-12333-2008.pdf
It is fascinating to me that this order has not been amended since the arrival of the Obama Administration given the many inherent flaws in the organizational construct of the INTEL community and its systems and process.
Disclosure: Not my favorite subject even though officially a battalion S-2 for over a year in FRG during late 60's during the Cold War. And not ever a member of the formal INTEL community. But I did grow up and lived for many years in Arlington County, VA and knew throughout my life people who became or once were station chiefs for the CIA including several forced into retirement by the book published by Frank Snepp.

But I was asked to be interviewed by the 9/11 Commission staff and did so for approximately five hours. The thrust of my testimony was my concern with so-called information sharing and how the career bureacracy used the non-statutorily derived "need-to-know" doctrine to protect themselves and their organization from needed cooperation and collaboration with others. This sentiment I am sure is not and was not exclusively mine and the Commission's final report does discuss the problems with information sharing. That stated where does this issue stand now and what is the context for FEMA post-Katrina and post PKEMA of 2006.
When FEMA was created a number, probably too many IMO, of the senior officialdom that entered FEMA had the notion that somehow they would be running new and secret organizations that would be created after the execution of a SIOP by the Soviet Union. Although I had most of the critical clearances FEMA could grant I never found any evidence that such new organizations would be created and in fact that was not the approach I took in many many classified exercises and briefings of high-rank DOJ and DOD officials. The closest that any plan or plans came were PLAN D and OTHER THAN D which have been mentioned previously in/on this blog.
Interestingly, President Reagan's first FEMA Director did ask the General Counsel for an opinion as to whether FEMA was part of the formal INTEL community? The answer drafted by me was NO but every agency had a right under E.O. 11030 to submit a draft new or revised Executive Order to the President at any time. Thus,the Director was free to draft an amendment to E.O. 12333 or its predecessor to add FEMA to the roster. Understanding that FEMA might lose more than it would gain this was never done. FEMA did have a large contingent of officials with CIA clearances to raw INTEL data and I constantly opposed this as being risky for two reasons. First the quality of the personnel in FEMA and second the fact that there was no "need-to-know" any data that might risk exposure of collection methods for personnel of FEMA.
It should also be understood that the National Security portfolio in the Office of the General Counsel, FEMA was not officially mine until July 1, 1985, so I was somewhat of a late comer to that aspect of FEMA's portfolio. By that time NSDD-188 had been issued and it had been made very clear to FEMA that it had NO role in National Security Policy development, formulation, or implementation, and in fact a number of major Reagan Administration officials wanted FEMA to be put out of business. This had occurred for several reasons but largely because of the lack of skills and competencies of those handling the Department of Justice and the egos and hubris of its officialdom in the runup and provision of security to the LA Olympics. Confusingly the long-term effort to draft a comprehensive revision to E.O. 10490 (1969) had also irritated DOJ and that irritation was also expressed by proposed FEMA amendments to the Disaster Relief Act of 1974, Public Law 93-288, which would have limited the President's authority under that statute. Typically FEMA's left hand and right hand never quite could be coordinated even on the most important issues. It was at this point that I was assigned two important interface missions with DOJ who knew me from my years of running FEMA litigation as the Associate GC for Litigation. And if not for other things, for bringing DOJ what was then the largest civil suit ever filed for money damages in 1980 involving the NFIP and its operations in S. Louisiana. The first role was to be the primary legal interface on the redrafting of E.O. 10490 which ended with the issuance of E.O. 12656 discussed elsewhere on this blog. And the second role was to be the COTR for a formal IAA/Contract with DOJ to review and update materials in the President's football dealing with civil agency roles in various crisis situations.
Going back to INTEL and its role in FEMA, let's be very clear that INTEL is not part of the FEMA mission but it is in fact one of the primary reasons DHS was created and in particular to work the civil liberty, privacy, tradeoffs with collection, analysis, and dessimination of domestic intelligence. Thus, back to "need-to-know" doctrine and how that is policed, interpreted, and processed in DHS generally and with respect to FEMA.
I was always the proponent that FEMA did not have to have all of its personnel with a window into the National Security world. And that at best it needed a small staff with appropriate clearances that could provide the National Security world with insights as to FEMA capabilities and operations. In many ways that occurred under Director James Lee Witt who was ordered by President Clinton to focus on the FEMA natural hazards role and thus largely left dormant the interface with the National Security Community which proved awkwards after the bombings at the WTC in 1993 and the Murrah Building in 1995.
FEMA lost the capability to create SAPs in the Bush 41 era, perhaps largely because a very senior official called me and asked what I thought about the issue and stated that FEMA did not need that authority and that part of the problem was FEMA not knowing exactly which programs were theirs and which were the province of other Executive Branch organizations. The subject of polygraphing led to my being asked by the highest polilitical ranks in FEMA if FEMA should adopt polygraphing, used frequently in the INTEL community and COMSEC world. I stated absolutely not and gave my reasoning. I was also asked if FEMA employees or officials could ever be officially (legally) subjected to polygraphing and of course answered yes but only when FEMA employees and officials were participants in the programs of other Executive Branch organizations and their participation had been specifically approved by the Director FEMA. It should be noted that whatever else occurred FEMA never adopted any official positon or doctrine on polygraphing during my tenure. Did it happen? Perhaps! Was it legal? Perhaps!

My point in discussing any of this is that FEMA is largely a grant making administrative agency and has limited technical skills or knowledge which is in fact what is required in the world of INTEL.

I also found from time to time that officals and employees that I believed might well have important roles in various crisis situations often lacked appropriate clearances. I do know that lack of clearances did adversly impact certain FEMA involvement in a number of situations in my time--1979-1999!

Oddly under DOJ guidance then in effect, all of my litigation staff had full background investigations as did I and therefore when it came time for necessary clearances they all were able to rapidly obtain them when necessary. This BI need was nothing more than refinements of suitablilty requirements and not because of their need as litigation specialists to have access to classified information although that did occur from time to time.

As to E.O. 12333 it will be of interest to see if amendments suddenly appear to this order under the Obama Administration.

Governing by Executive Order

As the struggles in Congress appear to continue throughout the 111th Congress as it passes the first third of its second session [the 112th Congress will convene in January 2011 after this fall's elections] it must certainly be under consideration by the Obama Administration that the instaneous fix of issuance of Executive Orders becomes more appealing. There are legal studies and excellent analysis of the Executive Order function and its impact available but none are really recent. The most famous exercise of governance by Executive Order was when President Truman tried to seize the steel mills through an Executive Order during the Korean War. That effort was repudiated by SCOTUS and Justice Jackson raised the question and answered it negatively as to whether the President had any implied powers. That discourse and others of course is what led to the infamous DOJ/OLC opinions during the GWOT [Global War on Terror] which was a war never declared by Congress.
Perhaps as a present to each incoming President, NARA [the National Archives and Records Administration] should have completed an update and review and integration of all extant Executive Orders incorporating all changes issued or other modifications such as repeal by Congressional action [this has happened only once to my knowledge and involved an E.O. concerning the National Defense Stockpile function which was assigned by the President under Reorganization Plan No. 3 of 1978 and its implementing Executive Orders and then reassigned partially elsewhere in the fall of 1979 when FEMA had barely opened its doors]and Congress and FEMA were confused about what had happened. So Congress revoked the critical EO reassigning the functions and the President issued an entirely new order assigning the function management function to DOD. What FEMA did with 5 FTE DOD now does and has done so since 1980 with over 100 FTEs. Of course the theory does float around that FEMA was designed to house programs that the White House really wanted to be as dormant as possible, or is the correct word "doormat" meaning FEMA's role in the Executive Branch.
Back to substance however. President William Jefferson Clinton promulgated an Executive Order that mandated that replacement workers could NOT be hired when unionized employees went out on strike under federal contracts. That Executive Order was determined to be null and void and have been issued with no basis in law by the United States Court of Appeals for the District of Columbia. No petition for rehearing or request for certiorari was filed by the Clinton Administration, largely due to fear that the decision would be upheld and Presidential authority further delimited.
Of course to my mind the greatest exercise of an implied power by a President was President's acquisition of the Louisiana Territory so this saga is not yet done.
None the less, the Obama Administration could do a real service by having the one-time consolidated version of extant Executive Orders issued in 1989 as President Reagan left office updated. There is an Executive Order on Executive Orders which is EO 11030. It makes for an interesting read.
My point however will be summarized by the fact that three current Executive Orders, two of which have been amended cite the repealed/lapsed Federal Civil Defense Act of 1950, Public Law 920 of the 81st Congress as at least partial authority for their issuances. Whatever legal determines it seems at a minimum they should be reviewed formally to determine if this repeal has any significance on their structure or even existence. While I doubt any would be significantly compromised the search for new authority to cite, not just implied Presidential authority could prove quite interesting.

Tuesday, April 27, 2010

What Happened to Floodplain Management

The concept of floodplain management meaning the human adjustment to the natural processes of the meterology and hydrology of the flood plain is largely attributed to the Thesis of Dr. Gilbert F. White, PhD in Geography at the University of Chicago. [See http://www.colorado.edu/hazards/gfw ] Calling for other approaches rather than structural approaches to riverine flooding such as dams, levees, and channelization of rivers to improve the efficiency of drainage flows, Dr. White launched a lifetime effort that was largely dedicated to the mission of flood plain management although as his biography demonstrates had many other achievements including the Presidency of Swathmore College.
After proposed rulemaking in April 1975 and over a year of collecting comments and hold public hearings, the Federal Insurance Adminstration adopted a final rule reflecting Congressional mandates and program experience with the then relatively new federal flood insurance program. The first policy had been issued in June 1969 in Monroe County Florida.

Perhaps that policy being issued for a coastal structure was indicative that a program well designed for inland/riverine flooding would have to accomodate far different scientic and technical issues. That stated, it is a principle of the statutes governing the NFIP that no insurance should be provided for any type of flooding that is not identified using the best scientific and technical information. Thus, definition A-2 should be removed from the policy and in addition the original application for insurance returned to including the statement that any property insured in violation of a state or local flood plain management ordinance or restriction would be void ab initio. This restriction was removed from the policy application over my strong objection in the early 80's and never reinstated. It was one reason why I determined to cease being one of the principal lawyers for the NFIP which I had been since July 1, 1974. These small reforms could assist greatly in returning the program to compliance with Congressional statutory intent and abrogate failed efforts to treat the program as a de facto insurance program utilizing insurance principles. The federal government is the "underwriter" of the program and determines both what risks will be covered and the price for coverage of those risks. It is erroneous and pure fiction that the private business of insurance is in fact the underwriter of the program. The program as currently administered is filled with conflicts of interests by those who benefit from it financially including insureds, and program participants. The NFIP really needs tough oversight and that would include the principal of "follow the money."

NSDD-66

[Editors note- While copied from the original several editorial highlights have been added to enhance emphasis. It should also be noted that this was the LAST Presidential Directive/ National Security Directive issued to provide guidance on Civil Defense prior to limited portions of the Federal Civil Defense Act of 1950, as amended, Public Law 920 of the 81st Congress, being incorporated into the Robert T. Stafford Disaster Relief and Emergency Assistance Act as a new Title VI. Essentially it mandates all-hazards preparedness and was reflected in a formal statutory amendment of the Federal Civil Defense Act of 1950 by Public Law 103-160 in 1993]

THE WHITE HOUSE
WASHINGTON
March 16, 1992


NATIONAL SECURITY DIRECTIVE 66

MEMORANDUM FOR THE VICE PRESIDENT
THE SECRETARY OF STATE
THE SECRETARY OF THE TREASURY
THE ATTORNEY GENERAL
THE SECRETARY OF COMMERCE
THE SECRETARY OF HEALTH AND HUMAN SERVICES
THE SECRETARY OF TRANSPORTATION
THE SECRETARY OF ENERGY
THE DIRECTOR OF THE OFFICE OF MANAGEMENT AND BUDGET CHIEF OF STAFF TO THE PRESIDENT
ASSISTANT TO THE PRESIDENT FOR NATIONAL SECURITY AFFAIRS
DIRECTOR OF CENTRAL INTELLIGENCE
CHAIRMAN OF THE JOINT CHIEFS OF STAFF
DIRECTOR OF THE FEDERAL EMERGENCY MANAGEMENT AGENCY
MANAGER, NATIONAL COMMUNICATIONS SYSTEM

SUBJECT: CIVIL DEFENSE (U)


POLICY

The United States will have a civil defense capability as an element of our overall national
security posture. The objective of the civil defense program is to develop the required capabilities common to all catastrophic emergencies and those unique to attack emergencies in order to protect the population and vital infrastructure. Civil defense can contribute to deterrence by denying an enemy any confidence that he could prevent a concerted national response to attack. (U)

The civil defense program will support all-hazard integrated emergency management at State and local levels. In so doing, the civil defense program will: (U)

1) Recognize and respect the primary responsibility of State and local governments to provide for the safety and well being of their citizens in emergencies other than national security emergencies. (U)

2) Provide a focal point within the Federal government to work with State and local governments on integrated multi-hazard response planning and operations to deal with the consequences of catastrophic emergencies. (U)

3) Continue to implement a policy of dual use of civil defense resources through the development and use of capabilities at Federal, State and local levels to perform emergency functions to respond to emergencies of all kinds including attack. (U)

4) Focus on the development, jointly with State and local governments, of the required capabilities common to all catastrophic emergencies and those unique to attack emergencies, thus ensuring that the use of civil defense funds is consistent with, contributes to, and does not detract from attack preparedness. (U)

5) Provide for the development of a civil defense infrastructure capable of expansion in a national security emergency involving the threat of all forms of attack on the United States which provide advanced warning. (U)

6) Utilize to the maximum extent the existing capabilities, facilities and resources of all appropriate departments and agencies of the Federal Government, in accordance with Executive Order 12656 and, with their consent, those of the States and political subdivisions thereof, and of private sector organizations and agencies. (U)

Disaster-specific programs such as hurricane or flood relief programs which may be incorporated into the civil defense program and which are currently funded within domestic discretionary accounts will continue to be budgeted in this manner. In addition, any equipment or programs not needed for the consequence management of national security emergencies will be funded within the domestic discretionary accounts.

IMPLEMENTATION

The program under the direction of the Federal Emergency Management Agency with the support of heads of the Federal Departments and agencies, and under the general policy guidance of the National Security Council, will include: (U)

1) Population protection capabilities, with the Federal Government providing guidance and assistance to enable State and local governments to effectively support the population in all catastrophic emergencies. (U)

2) State and local government crisis management capabilities to effectively
support the population in all catastrophic emergencies. (U)

3) Information to promote a clear understanding by the public of the civil defense program, all threats which may affect their localities and actions they should take to minimize their effects. (U)

4) Information to assist U.S. business and industry in taking measures to protect their work forces and physical assets in all catastrophic emergencies and encouragement of the private sector to make maximum use of private sector capabilities. (U)

5) Voluntary participation by citizens and institutions in community civil defense activities and emphasis on citizen protective actions. (U)

6) Plans for sustaining survivors, for restoration of critical life support capabilities, and to establish a basis for recovery. (U)

7) Definition of and an assessment of the base capability necessary to respond to emergencies that do not provide warning, and the development of those base capabilities which are common to all catastrophic emergencies and unique to attack. (U)

8) Plans for a civil defense surge from the base capability to the total required capability in a national security crisis involving the threat of attack. These plans should assume advanced warning, adequate time to conduct the surge, and the required base capability form which to surge. Total required capability is that operational capability necessary to protect the population and vital infrastructure through preparedness measures common to all catastrophic emergencies and unique to attack emergencies. (U)

The Department of Defense will support civil authorities in civil defense, to include facilitating the use of the National Guard in each state for response in both peacetime disasters and national security emergencies. Subject to the direction of the President and the Secretary of Defense, readiness of the armed forces for military contingencies will have precedence and civil authorities should not rely exclusively on military support. Federal military resources will be employed in civil defense missions only if State and Federal civil resources are not sufficient. Nothing in this directive alters or otherwise affects the chain of command for the armed forces established by the Constitution and laws of the United States. (U)

Nothing in this directive provides for any new Federal responsibilities which are now the responsibility of State and local governments. (U)

RECISSION

National Security Decision Directive 259, dated February 4, 1987, is rescinded. (U)


/signed/ George H.W. Bush

[Apparently some consideration was given to classification of this NSDD which is why each paragraph has a classification reference. FEMA argued that its state and local partners in Civil Defense would gain more understanding by the document remaining unclassified, as well as Congressional staffs and so it was. The issuance of this NSDD led Congress to mandate a report on civil defense capabilities never really addressed by FEMA. Instead it sent forth a report currently unavailable to this blogger that supported a rationale for better disaster response which oddly foreshadowed the failures of the federal response to Hurricane Andrew in August 1992. That report entitled Disaster Preparedness did however lead to the federal civil defense act becoming a statutory all-hazards statute in enactment of Public Law 103-160. Just about one year later that effort was made moot by the enactment of Public Law 103-337 largely repealing the FCDA of 1950] Thus, it is not true that NO legislative history exists of the wrap up in 1994 of the federal civil defense effort that began in 1950.
In a hurried meeting with a Presidential appointee I was given an opportunity to review the text of NSDD-66. I took the position that it was in fact and law weaker than the statute itself and should not be issued. Of course it was issued and its impact was to help end federal civil defense efforts.

The Importance of an Agency's No.2

Recently a friend ERIC HOLDERMAN on his blog DISASTER ZONE published a very important article about the importance of the number TWO (2) person in any EM agency. Well what about the fact that there are two Deputy Administrators in FEMA. Richard Serino and Tim Manning. The latter of course heads the National Preparedness Director and holds the title of Deputy Administrator for National Preparedness. This is not to be confused with the other direct report to Craig Fugate, the Administrator of FEMA, Richard Serino. Both of these men have outstanding education, training and experience and are worthy Number 2's. My question of course is whether a formal succession document has been prepared for what I will now refer to as the semi-independent agency FEMA, still housed in DHS. Its semi-independence is questionable but none the less a chain of succession approved by not just the Administrator but also Secretary DHS is necessary at all times in case the current Administrator is incapacitated or worsel. Basic COG [Continuinity of Government] planning, and it might surprise some to know that it was a civil defense mandate to the states long before the federal program, requires that a succession of up to (7) seven positions in any organization be identified. It would be of interest to see FEMA's succession document.
What may be of interest is that I was one among many that pushed based on the current law to have the President, not just a Cabinet Secretary, publish an Executive Order [in the Federal Register of course] establishing the chain of succession in each department. This is now done periodically and with name changes of positions and remember formal delegations are always to positions not to named individuals this does require considerable up keep.
And as a post-script please don't confuse Tim Manning's organization with Rand Beers completely independent of FEMA National Preparedness and Programs Directorate. Confusing? Well isn't that the DHS way?

Monday, April 26, 2010

VLG Technical Note--2010-4-26

The exact source of the term "National Security Emergency" is probably impossible to definitively resolve. Here is my best shot. There was a suggestion of the term in the creation of the EMERGENCY PREPAREDNESS MOBILIZATION BOARD created by Presidential Memorandum under President Ronald Reagan. This multi-agency board was designed to analyze the efforts of the civil agencies to mobilize for national needs in various crisis situations. The effort was forshadowed by a classified and unclassified study by FEMA mandated by President Carter and his national security advisor to determine impacts of a large-scale natural disaster-specifically a S. CALIFORNIA earthquake on the National Security of the US. This had been kicked off when the President and his NSC advisor were flying over Mt. St. Helens in May 1980 and both started speculating on the national security impacts of such a large scale event. While I know longer possess the unclassified version I believe it was numbered FEMA M&A 10.
At any rate, the REAGAN memo was followed by issuance of NSD-47 in 1982 the text of which has been made previously available on this blog and elsewhere.
Then in 1984, the issuance of E.O. 12472 for the first time gave that level of authority to the NCS [National Communications System] which had been operating since the Kennedy Administration under the authority of a Presidential memorandum. Thus, the term "National Security Emergency" was now in official use and although undefined had made its debut in an Executive Order.
In the long struggle to issue a revision to E.O. 10490 (1969) giving the assignments for the civil agencies in the world of civil response and crisis management, E.O. 12656 was issued in November 1988, just after the election of George H.W. Bush. That order while technically amended twice, once for no real reason since the amendment repeated something already in the order, it still exists. When issued it purported to define the term "National Security Emergency" but did so in a largely elliptical fashion rendering it meaningless.
That E.O. [12656] by its own terms is an adminstrative EO and does not actually convey any operational authority. Nor were the assignments made by it every properly funded. Yet, it does again utilize the mysterious term "National Secuiryt Emergency" which appears no where in the US Code and therefore in theory escapes the procedures of the National Emergencies Act of 1976 and other attempts by Congress to delimit Executive Branch emergency authority. There were once over 400 statutes that had "National Emergency" triggers and that number has now declined to about 100. Few of these statutes really vest much additional authority in the President that would justify declaration of a "National Emergency" and since much of the modern Presidency is devoted to making sure that no one really understands what it is doing (especially Congress) in the crisis management and national security realm [probably so that the national security priesthood and its military component can continue to erode Constitutional government] that effort by Congress has largely failed.
Still at the end I believe a comprehensive update of E.O. 12656, now 23 years old would be a good thing.

National Security Emergency Preparedness

[This document is NOT copyrighted and may be used or cited or any purpose]


Technical Bulletin 2009-3
July 2009-Revised

A Brief History of the National Response Framework (NRF)

One of the interesting areas of potential academic research is the development and background of the National Response Framework (NRF) issued final in January 2008 and supplemented by a Biological Incident Annex in September 2008. The NRF supersedes the National Response Plan (NRP) issued final in April 2005 about 4 months before Hurricane Katrina. The NRP was mandated by the Homeland Security Strategy of 2002, the Homeland Security Act of 2002, the Reorganization Plan submitted on November 25, 2002, to implement the creation of the Department of Homeland Security, and HSPD 5 &8. HSPD (Homeland Security Presidential Directives) 5 and 8 implement the mandates. The NRP superseded the Federal Response Plan (FRP) issued initially in May 1992 and revised and reissued in 1999.

In reality the foundation for an all-hazard civil response plan with military support had been in evolution since before the administration of President Ronald Reagan. One key element of the evolution of the all-hazards plan concept had been FEMA’s insistence on providing a separate National Security Emergency Plan throughout the early Reagan Administration. Interestingly during the first 10 years of FEMA existence, the natural disaster response elements in FEMA opposed any formal plan or planning. Only the statutory mandate of the National Earthquake Reduction Act in 1977 had led to a national earthquake response plan published in 1997.

This technical bulletin explains why the effort eventually was directed to incorporating into what became the Federal Response Plan issued in May 1992 civil response elements for National Security Emergencies. Tragically, the FRP’s formal adoption was less than 120 days prior to landfall of Hurricane Andrew in late August 1992. Neither training nor documentation on the FRP had been produced in time for response to Hurricane Andrew. And controversy enveloped FEMA as to whether it had even been triggered. Again, in 2005 the NRP’s adoption was less than 5 months prior to Hurricane Katrina and again training and implementation documents had not been accomplished.

The concept of a National Security Emergency Plan as developed by National Security Council staff as early as 1983 was derivative of early planning efforts mandated by the Federal Civil Defense Act of 1950, Pub.L 81-920, (hereinafter FCDA). President Eisenhower, when the Deputy Army Chief of Staff for Plans and in charge of war planning, has been attributed with the saying “Planning is everything but the plan is nothing.” A comprehensive recent discussion of civil emergency planning appears in “Facing the Unexpected-Disaster Preparedness and Response in the United States,” Kathleen J. Tierney, Michael L. Lindell, and Ronald W. Perry, Joseph Henry Press, Washington, D.C. (2001). A less complete version of the history of Civil Defense and Emergency Preparedness was published by DHS in 2007. It is certain that planning, and the coordination and cooperation to produce a plan has been identified as a key element of preparedness. It is significant that planning alone is not equivalent to preparedness, which also includes the elements of logistics, personnel, equipment, training and exercises.

A very brief background discussion of federal planning efforts for both mobilization of resources and response to domestic disasters and emergencies as well as preparedness for large-scale events may be helpful.

On April 17, 1952, President Harry S. Truman in E.O. 10346 mandated that each federal department or agency should cooperate with the Federal Civil Defense Administration to prepare plans for providing its personnel, materials, facilities, and services during the existence of a Civil Defense Emergency (a term used in the FCDA). It should be noted that authority for declaration of a Civil Defense Emergency lapsed in 1974. The plans were to be designed to include continuity of department and agency operations and coordination of such arrangements with other national, state, and local civil defense plans. No consolidated emergency response plan appeared until 1958, the initial National Civil Defense Plan (really a preparedness plan and not a response plan), and then with final issuance of a document signed by President Lyndon B. Johnson in 1964 under the auspices of the Office of Emergency Preparedness (originally, the Office of Emergency Management in WWII, and then the Office of Emergency Planning (1958-61), and the Office of Emergency Preparedness (1962-73). The 1964 Plan assigned responsibilities to all the Federal departments and agencies without indicating what budget or resources were to be applied (a defect that still plagues the National Response Plan today.)

It should be noted that so-called Continuity of Government (COG) and resource mobilization plans were segregated by both funding and legal authority for their conduct as early as 1953. [No specific law or Executive Order mandates these functions although Section 404 of the National Security Act of 1947, as amended comes close and in addition the implication of such planning underlies the Defense Production Act of 1950, as amended.] For a discussion of COG planning see Paul Bracken, Command and Control (Yale University Press, 1983). Additional civil government mobilization, including standby legislation (primarily the titles of the FCDA that lapsed in 1953 and the Defense Production Act of 1950) was incorporated in classified Plan D and “Other than D” to address nuclear attack related emergencies. These plans were never signed off by the President approval or Department of Justice formal review for legality. Telecommunications planning was also separately addressed as early as 1962. For a list of planning assignments as of 1962 see E.O. 11051 of September 27, 1962.

Resource mobilization planning for a coordinated federal response was energized when on December 17, 1981, the President through the Assistant to the President for National Security Affairs signed a memorandum establishing the Emergency Preparedness Mobilization Board (hereinafter EMPB). This action was taken in response to a Memorandum for Edwin Meese, III, and Counselor to the President from Frank C. Carlucci, Deputy Secretary of Defense and Louis O. Guiffrida, Director of FEMA, dated May 26, 1981.

Two National Security Decisions (NSDD 30 “Managing Terrorist Incidents” April 10, 1982 and NSDD 47 “Emergency Mobilization Preparedness” July 22, 1982) were soon issued that established several fundamental principles. First in the event of threatened or actual terrorist attacks lead agencies were designated as responsible, principally State for international terrorism, Justice for domestic terrorism, and FEMA for response to actual events. Second, the principal was established that even natural disasters could impact national security, and a single system was required for the national security community and its assets to respond. NSDD 47 in particular identified a large catastrophic earthquake (the placement of the principal research, development, and manufacturing capability of the nation for the technology sector in California was the specific catalyst) as potentially damaging national security. It therefore concluded that a single response system was necessary and empowered the Emergency Preparedness Mobilization Board [EMPB] to design such as system. By 1985, in NSDD 188 the EMPB was disestablished having completed a plan of action. It should be noted that the Los Angeles Olympics had energized the Department of Justice in the assigned lead role in domestic terrorism and DoJ was increasingly anxious to assert that role. The DoJ had created a concept called “Law Enforcement Emergencies” that was incorporated into the Omnibus Crime Control Act of 1984 and is presently implanted in 28 CFR Part 65. Unfortunately, DoJ has not sought funding for implementation of that concept in annual appropriations requests.

In a memorandum dated September 15, 1987, signed by Frank C. Carlucci, Secretary of Defense, on behalf of the National Security Council, the President directed implementation of a national security emergency plan to replace obsolete plans and update standby documents, specifically draft Executive Orders, for various emergencies.

Because of differing coordination systems and mandates, on January 19, 1988, with Presidential approval, the Domestic Policy Council (after 15 months of effort) adopted a National System for Emergency Coordination (NSEC) to provide timely, effective, and coordinated assistance to States and local governments in extreme catastrophic technological, natural or other domestic disasters of national significance.

The NSEC created functional groups in (1) communications; (2) economic affairs; (3) energy; (4) human services; (5) transportation; and other functions as needed. Confusingly, after establishing functional assignments, the system then adopted a lead
Agency approach as follows:

(1) Natural Disasters-FEMA;
(2) Health or Medical-DHHS;
(3) Terrorism (less Airborne Hijacking)-DOJ;
(4) Accident at licensed nuclear power plant-NRC;
(5) Nuclear Weapon, reactor facility accident-DOD or DOE (“owner”);
(6) Environmental-EPA;
(7) Transportation-DOT;
(8) Economic disruption-Treasury;
(9) Telecommunications-OSTP/NCS.

A system of appointment of a FCO (Federal Coordinating Officer) was also adopted with the FCO to be from the lead agency.

On April 27, 1988, the Assistant to the President for National Security Affairs, Colin l. Powell, assigned seven national security priorities to the civil agencies with the third highest priority the preparation of a National Security Emergency Plan to encompass both mobilization and response. In a memorandum to the President on June 27, 1988, the Secretary of Defense committed to full DOD support to the civil emergency planning process, including mobilization, continuity of government (the role of the President as Chief Executive (civil authority) as juxtaposed with that of Commander-In-Chief (military), and when assigned DOD support to civil agency response planning.

On June 27, 1988, the same day that the Secretary of Defense was pledging renewed cooperation in NSEP (National Security Emergency Preparedness Planning) to the President, the Assistant to the President for National Security Affairs, Colin L. Powell, directed that an analogous system for responding to large-scale emergencies that could adversely affect national security be created. The Powell memorandum directed that a National Security Emergency Plan be created with a functionally oriented structure as a companion approach to the Plan for a Federal Response to a Catastrophic Earthquake (adopted in 1987 and predecessor to the Federal Response Plan) that had been mandated in the Earthquake Hazards Reduction Act of 1977.

Until the promulgation of E.O. 12656, “Assignment of Emergency Preparedness Responsibilities” on November 18, 1988, [superseding EO 11490 (1969) efforts to create a National Security Emergency Plan continued. At that point the assignment of lead and support functions to the departments and agencies in the Order led to substantial fragmentation of various planning efforts and the hope of unified NSEP died. Interestingly, when offered the lead role on “terrorism” in EO 12656, DoJ insisted instead on being in a support role to other agencies.

It should also be noted that on November 23, 1988, DOD was authorized by statute to act on behalf of the President for a period of up to 10 days when a disaster is imminent (prior to declaration) in the Robert T. Stafford Disaster Relief and Emergency Assistance Act, Pub.L.100-707. Of some interest is the DOD but not FEMA was mentioned in the original enactment of the Stafford Act [it should be noted that the Stafford Act modified and supplemented the Disaster Relief Act of 1974, with both codified at 42 U.S.C. Sections 5121 et seq.) Perhaps of some interest is that multiple efforts to amend the Stafford Act to specifically cover acts of terrorism have not succeeded.

It soon became evident that both for natural disasters and national security emergency events, a functional approach indicated substantial overlap in planning and plans. A concept implied in NSDD 47 in 1982. Because of progress in turning the Earthquake Plan into a Natural Hazards Response Plan (eventually the Federal Response Plan) the concept of a separate NSEP was dropped. (Separate COG and telecommunications plans remain, while Mobilization (resource preparedness) plans for the civil agencies with the exception of those under Defense Production Act authorities have lapsed (under both Clinton and George W. Bush administrations).

Sunday, April 25, 2010

National Emergency Powers

For the last time before his retirement, Mr. Harold Relyea of the CRS published an update to his report on National Emergency Powers. Prompted in part by the debate and discussion leading to passage and signing into law of the National Emergency Act of 1976, a procedural not a substantive statute, the President now asserting some form of authority pursuant to a declared National Emergency must publish and Executive Order and indicate which statute he is asserting authority under and why. That report is available on both OPEN CRS and from this blogger.

In addition, the first and only collection of laws triggered by National Emergencies was published by a Congressional Committee in 1962. I find that document helpful in determining what emergency authority historically has been asserted by past Presidents. That document is also available from this blogger.

Perhaps one of the major exceptions to the National Emergency Act of 1976 is the declaration of emergency provision of the Robert T. Stafford Disaster Assistance and Emergency Relief Act Public Law 100-707 as amended. I believe that authority should also be covered by the procedures of the National Emergency Act of 1976.

Personnel Security Clearances

In the first Bush administration FEMA was wracked with tension over the granting and withdrawal of personnel security clearances. Both the Human Resources staff and the Personnel Security staff were largely untrained and inexpert in the administration of the system required by Title 5 of the Code of Federal Regulations and Executive Order 10450. The latter dated from President Eisenhower's decision to allow the head of each Executive Branch organization to be the final arbiter of who got or did not get a clearance and who would lose their clearance. Ducking the responsibility he vested authority in the head of each department or agency. This decision was precipitated by the case of Dr. Robert Oppenheimer, PhD physicist who is largely credited with being key to development of the atomic bomb. Lewis Strauss, a non-technical person who then headed the AEC ordered an administrative hearing that resulted in Dr. Oppenheimer losing certain clearances, but not all. The MSM thinks he was totally denied access to sensitive classified information which is incorrect. This old Executive Order badly needs updating. What many don't understand is that personnel security is a two step process. First the collection of personal background information, looking for derogatory information, and then second adjudication of that information to determine the granting or withdrawal of a clearance. Oddly government contract employees get a full adjudicatory hearing while civil servants do not.
Back to FEMA! The controversy in FEMA arose over giving gays and lesbians security clearances. A so-called Blue Ribbon panel was named to investigate the process and culture in FEMA. Their report is available at the following URL and I strongly urge all involved in the business of granting, denying or holding a clearance to read it.


The URL is as follows:

Trefry Report—
http://www.fas.sgp/library/trefry.pdf

I also highly recommend the book "Secrecy" by deceased US Senator Daniel Patrick Moynihan.

Saturday, April 24, 2010

Testimony of Dan Prieto

From time to time I will totally plagerize and publish from classics of analytical thinking on both HS and EM that illuminated policies or issues for me. Here is one them that will be four years old in September. I don't always agree with DAN but this piece was brilliant. I have engaged in several comments on HLSWatch.com over last several days on the definition of HS and believe this testimony nails it.

Here goes:

Written Testimony Before the

United States Senate
Committee on Homeland Security and Government Affairs

"Homeland Security:
The Next Five Years"

Daniel B. Prieto
Senior Fellow and Director
Homeland Security Center
The Reform Institute

September 12, 2006


Chairman Collins, Senator Lieberman, and distinguished members of the Committee on Homeland Security and Governmental Affairs, thank you for inviting me to testify before you today. My name is Daniel Prieto. I am Director of the Homeland Security Center at the Reform Institute. Previously, I was Fellow and Research Director of the Homeland Security Partnership Initiative at the Belfer Center for Science and International Affairs at the Harvard University Kennedy School of Government.

My testimony today reflects my own views and analysis and does not reflect the official position of any institution with which I am affiliated.

Introduction

Since 9/11, homeland security in the US has, in large part, been an attempt to organize but not necessarily to optimize domestic assets and activities to detect, prevent, respond to, and recover from high-consequence events -- either terrorist induced or natural. There are also a number of related international components, including military action against terrorist groups; overseas intelligence and law-enforcement cooperation, and programs to detect and interdict threats among travelers, emigrants and cargo before they arrive in the United States.

Setting aside military operations, our homeland security efforts over the first five years since 9/11, have centered on five significant areas of activity: creating new law and policy; creating new organizations; developing new strategies and plans; implementing new “consensus” programs (e.g. CT-PAT, US-VISIT, PCII); and pursuing innovative but controversial programs (e.g. NSA domestic surveillance, use of commercial data for terrorism-related analysis as with TRIA and SecureFlight).

These activities face the following major challenges over the next five years.

1. Adaptation to a changing threat environment.
2. Management. We need to strengthen the management of our new homeland security organizations, in particular DHS. Failure to do this will make America less safe by leaving DHS a weak institution lacking in credibility and challenged to carry out its mandate.
3. Doctrine. Homeland security strategy documents since 2001 have provided tactics, methods and processes, but have failed to articulate strategy and doctrine that provide clear guidance for implementation and goals by which we can measure progress.
4. Engaging citizens and the private sector. To date, we have not done nearly enough to educate the public or to engage the resources and goodwill of the private sector.
5. Technology. While the U.S. is the envy of the world when it comes to technology, the federal government struggles to implement important homeland security technology projects and to transfer important commercial and mass-market technologies into the homeland security realms.
6. Coming to consensus on controversial intelligence and information sharing programs. We must reach consensus on intelligence and information sharing programs that unnecessarily force a choice between security and liberty. Failure to do so undermine government credibility, threatens the security of the country, and undermines core social values.

The Changing Threat

Looking at the threat environment, the world has not stood still since 9/11 Two major factors will pose significant new challenges over the next five years.

First, nuclear proliferation threats will increase, especially from Iran, North Korea, and Pakistan.
Second, the terrorist threat is evolving and may look quite different five years from now. AL Qaeda Central is weaker today, but it is stronger as an inspirational movement to cells that are increasingly independent, self-starting and home-grown. This is exemplified by the perpetrators of the London transit bombings and the thwarted London airline plot. Furthermore, the speed of radicalization has accelerated. Wars in Iraq and in Lebanon provide grievances that make recruitment to radical Islamist groups easier. The proliferation of new media outlets and terrorists’ use of the internet increase exposure to inciteful materials and training. Finally, like Afghanistan was for Bin Laden in the 1980s, Iraq provides a theater for the next generation of terrorist leaders to train, make connections, and build reputations.

Homeland Security Management

In the next five years, it is critical to stabilize and strengthen new homeland security organizations, especially the DHS. DHS represents a large-scale merger of many agencies in addition to a number of start-up activities. The ability of DHS to manage the integration of these efforts and ensure that the whole of DHS is greater than the sum of the parts relies on a strong and experienced management cadre and the creation of a unified culture. There has been less emphasis on rationalization of authorities and programs, functions and activities. The U.S. Government Accountability Office (GAO) rated the management challenge facing the department as “high risk” and noted that the successful transformation of a large organization takes from five to seven years. In the private sector, large scale mergers take 3-5 years or longer to work out. In a much less dynamic government environment, GAO’s estimate of 5-7 years may even be conservative.

The birth of DHS has not been easy. For its successes, it has suffered significant failures and missteps, which in my view have seriously damaged its credibility. Even though the largest natural disaster in US history by geographical impact (almost 90,000 square miles impacted) Katrina was its lowest moment, but it has been beset by a number of public missteps on critical infrastructure protection, grant funding, financial management, contract management, and technology; the repeated and frequent missing of Congressional deadlines; high turnover among senior staff; limited expertise among professional staff; difficulty in creating a professional cadre in important areas due to large-scale outsourcing of key strategy and integration tasks to outside contractors and an over-reliance on detailees who maintain loyalty to their home organizations; and general problems of coordination between DHS’ left and right hands.
Ineffectiveness or immaturity has led to the subsequent devolution of key functions that DHS inherited only a few years ago. DHS has increasingly spun off, shed, or had its responsibilities diminished in such areas as intelligence and information fusion, critical infrastructure protection, and post-disaster housing and health. In the most recent federal personnel survey, DHS employees ranked their organization at or near the bottom on nearly every measure of effectiveness. DHS is often viewed by other departments -- Justice, State, and DOD -- as second rate organization with second rate people. It also cannot be known as a second-career bureaucracy, of the many factors that destroyed effectiveness and efficiency in predecessor organizations such as the former Office of Emergency Preparedness in the 1960’s. It has the legal authority now to hire expertise from non-US experts under provisions of the preparedness title of the Robert T. Stafford Disaster Relief and Emergency Assistance Act (42 U.S.C. Sections 5121 et seq). Development of new human resources must be accomplished.


DHS is falling behind, and the window of opportunity to get things right may be closing. While DHS has made progress in rationalizing many basic operations, too much of DHS lacks strong management and adequate coordination. In the next five years, DHS must resolve key management issues, cease being an umbrella organization, and become a unified enterprise. Perhaps political leadership in DHS could better reflect administration and Congressional policy if they were fewer and more skilled and senior.

If DHS fails to create synergy among many entities it inherited and to mature into a more effective organization, we will be worse off as a country. If it continues to receive highly critical reviews from its own inspector general and unflattering portrayals in the press, if its employees continue to suffer from low morale and confidence in their agency, if it continues to spin off or shed key functions with which it was entrusted, and if its fails to improve its reputation among counterparts at other agencies, then the DHS risks becoming the DMV of the federal government, widely viewed as inefficient and ineffective. Worse yet, criticism of DHS becomes self-fulfilling: the more negatively viewed the organization is the less effective it becomes.

Presentation of these facts is not meant to be an indictment of DHS. DHS is not responsible for the social and historical milieu it inherited but is responsible for what it does with it. Many of the problems were to be expected in a merger integration exercise as large and complex as DHS. My point in raising them is to ask that this committee do all it can to shepherd the maturation of DHS. It may be necessary to read between the lines when senior DHS officials state that they have all the resources and capabilities they need, rosy scenarios which may be borne of political expediency and pride. It also may be necessary to moderate a growing desire to withhold or cut funding to DHS as a punitive measure. To the extent that DHS’ shortcomings stem from under-resourced or structurally weak management, the better solution would be to address the root of the problem.

To do this, key CxO level positions must be given greater power and more resources. The Chief Financial Officer (CFO), the Chief Information Officer (CIO), and the Chief Procurement Officer continue to lack effective department-wide authority. Some changes under Secretary Chertoff have helped, in particular increasing the power of the Deputy Secretary. But an organizational chart that gives the Deputy Secretary 22 direct reports, while failing to fully leverage the CxO positions does not make sense. Creation of a Policy Office and an Office of Strategic Plans are also significant steps in the right direction. Nonetheless, management control and integration of DHS, in my view, remain far too weak.

Congress plays an important role in DHS management as well, acting in an equivalent capacity to a board of directors. The creation of permanent homeland security committees in both the House and Senate reflect an important step in streamlining Congressional oversight. But the failure of Congress to allow this Committee and the House Committee on Homeland Security to obtain effective oversight and input on key statutes vested in DHS prevents effective integration of DHS programs functions and activities. Non-germane programs to Homeland Security could remain with traditional oversight relationships. At least one-third (1/3) of DHS’s programs, functions, and activities are unrelated to homeland security. The GAO could help in identifying these authorities, programs, functions, and activities. They should not be lumped in the analysis of expenditures of DHS on homeland security or closely related activities. At the same time, Katrina provided a galvanizing event that has allowed Congress to be much more assertive on homeland security in this past year. Reports critical of the Katrina response and leadership as well as bills on ports, chemical security, border security, FEMA and FISA/domestic surveillance, and CFIUS all demonstrate growing Congressional leadership and assertiveness. A close examination of the recommendations of reports by the White House, GAO, Senate and House indicate the recommendations have often made repeatedly in the past and are not new to post 9/11 findings and efforts, just a new context. For example in the early 90’s the Senate considered a number of bills on domestic response based on its bipartisan report on federal disaster relief efforts during Hurricane Andrew. The failure to adopt these recommendations in the past, again this could be done by GAO, should be identified and used to guide future correction of problems. Funds to make these corrections should be provided. Some of these fixes are not expensive. Finally, homeland security efforts in this Congressional session appear both more bipartisan and bicameral.

While these are all steps in the right direction, more needs to be done to rationalize oversight and ensure that Congress provides increasing efficient, effective, and focused homeland security oversight. Also, technical amendments should be immediately adopted to substitute the Secretary DHS formally for all statutes vested in DHS that list some other federal officer except where the President is that official.

The Senate Homeland Security continues to lack jurisdiction over several key homeland security components, especially in the areas of transportation. The Senate and the House homeland security committees should have jurisdiction all counterterrorism elements of DHS.

Proposals

• Significantly strengthen DHS management directorate
• Continue to streamline Congressional oversight and fully empower Senate and House homeland security committees to have full oversight over DHS.


Doctrine

While over a dozen homeland security “strategy” documents have been produced since 2001, most of them are simply documents about tactics, methods and processes, and as identified by GAO most do not have a common analytical basis and focus and that makes for redundancy and overlaps and more important gaps in coverage. As such, they fail to articulate strategy and doctrine, which can guide implementation and provide goals against which activities and programs can be measured. As a result, too many programs end up being ad hoc, piecemeal and reactive, and they often lack clear links to a coherent whole. Tactics and stand alone programs must give way to comprehensive strategy and doctrine. This is particularly true in the areas of preparedness and critical infrastructure.

Preparedness

According to Paul McHale, Assistant Secretary of Defense for Homeland Defense, the United States should assume that we will continue to face traditional military challenges from nation-states and terrorists will attempt multiple simultaneous mass casualty CBRN attacks against the U.S. Homeland.

Based on such an assumption, the United States should develop a doctrine of homeland security preparedness not unlike prevailing U.S. military doctrine for most of the last 50 years. That doctrine required U.S. military forces to be prepared for two near-simultaneous wars in different theaters. A similar doctrine for homeland security would require the U.S. – DHS, other federal agencies, the National Guard, NORTHCOM and state and local entities – to be prepared to address two to three simultaneous high-consequence events, of the kind envisioned by the fifteen DHS National Planning Scenarios.

Once such a doctrine is established, it would have immediate ramifications for planning.

It would suggest, for example, greater and more specialized training for the National Guard, which has increasingly become the “Swiss army knife” of homeland security. The creation of National Guard “Special Forces” for homeland security would require Guardsmen to receive specific training against certain scenarios and that such specialization could occur on a regional basis, depending on event likelihood in a particular geography. For example:

DHS National Planning Scenario Geographically Based Training
Scenario 1: Nuclear Detonation – 10-Kiloton Improvised Nuclear Device National Capital Region, New York
Scenario 6: Chemical Attack – Toxic Industrial Chemicals New Jersey
Scenario 9: Natural Disaster – Major Earthquake California
Scenario 10: Natural Disaster – Major Hurricane Florida
Scenario 14: Biological Attack – Foreign Animal Disease (Foot and Mouth Disease) Texas, Missouri, Oklahoma, Nebraska

Improved training, greater specialization, a more sharply defined homeland security mission and free for-credit education at public state universities could provide a powerful incentive and improve recruiting, retention, and morale in the National Guard and Reserve. Training could also leverage existing DHS university centers of excellence, and provide meaningful joint training and cooperation with active military [NEST] teams and first responders.

A second implication of such a homeland security doctrine might be that NORTHCOM would also be in a better position to engage in 2-3 disaster scenarios if they had their own dedicated resources. They are currently only allocated 1,000 permanent personnel and $70 million. Compare that to DOD’s budget in 2004 of approximately $400 Billion and 1.4 million active duty personnel. Perhaps the domestic role of the National Guard should be more structured and formalized as part of support to NORTHCOM with extended deployments of Guard personnel to active duty positions in NORTHCOM. An outstanding report of the Defense Science Board on homeland defense and homeland security could be fully implemented. A Congressional mandate to expedite the rewriting of Executive order 12656, as amended, to integrate fully homeland security and homeland defense on an all-hazards basis would be helpful.

In addition, it would be valuable to increase the level of joint training and exercises between National Guard, NORTHCOM, and state and local officials to address specific scenarios. No course currently exists for State and local officials to explain to them how the Guard is activated, deployed or the decision taken to federalize or keep the GUARD in a non-federalized role in large scale domestic events. As a result much confusion exists witness the current arguments over allowing the statutory authority for GUARD deployments in large-scaled domestic emergencies where unique federal interests are implicated. It should be noted that at least a dozen major studies of the National Guard role in domestic events have been conducted in the last three decades, and virtually none of the recommendations adopted. Some of these were Congressionally mandated studies. Also there has been no attempt to address the issues raised by the approximately 15% of National Guard personnel that are State and local first responders.

Proposal Summary:
• Establish analog to military two-war doctrine for DHS, National Guard and Northcom
• Create National Guard Special Forces, providing specialized training against the fifteen DHS National Planning Scenarios
• Dedicate resources to Northcom

Critical Infrastructure Protection

The latest version of the National Infrastructure Protection Plan is based on progress in three areas: public-private partnership, information sharing, and risk-based prioritization. These are obvious, if important tactics, but they are only tactics. Our critical infrastructure protection efforts are inadequate for 10 key reasons.

First, DHS still lacks a strategy that meets the requirements of the Homeland Security Act. to [establish priorities, and recommend actions to protect CI, TBA]

Second, DHS assumed that the private sector would be the principal funder and implementer of its own security. That has not happened. In the next five years, Washington needs to step up to make sure that we protect critical infrastructure better. Congress must recognize that cost allocations for security and protective measures can be complicated, not necessarily just passed on to the consumer, and are certainly not trivial on their direct and indirect impacts on industries and other sectors of the economy.

Third, DHS was not granted new legal authorities, other than what it inherited from legacy offices, for security over vital critical infrastructure sectors. Pending legislation to grant DHS authority over chemical security, for example would be a step in the right direction, but addressing these gaps in authority have been slow coming and must be completed.

Fourth, DHS and the Congress, as well have fallen into a seeming political correctness over critical infrastructure, as if all sectors pose equal risks. They do not. We must come to consensus on which sectors are more important than others. HSPD-7 started in this direction when it put priority on CI, which if attacked would have WMD-like effects. Secretary Chertoff, also started in the right direction when he talked about the importance of risk based allocations for grant funding. But the failure to establish and articulate clear priorities has been evident in DHS’ miscues over the national critical infrastructure database and grant funding reductions to Washington, DC and New York.

Fifth, Prioritization of CI sectors should be based on
• Vulnerability and Consequence. What industries best provide the terrorist trifecta: bodies, theater, and economic impact.
• Company Ability to Address Vulnerability. Some industries are more capable of implementing significant security enhancements on their own and in the near term. The industries least able to protect themselves are those that exhibit low growth, low profit margins, tight cash flow, long-lived capital assets, which are difficult to retrofit or replace; and industries that are not tightly regulated and therefore lack a quick mechanism by which the government can mandate greater security.

Based on these criteria, the top priorities for critical infrastructure protection are chemical facilities; transportation including airlines, ports, mass transit, and hazmat transport; and energy, including oil, gas, and the electric grid. When these assets exist in concentrated geographic areas, they are of even greater importance.

Sixth,, it is my understanding that DHS has scaled back its CIP activities. If the Protective Services Division is no longer active, then DHS has rather reduced itself to the role of coordinating the activities of other federal agencies. This is a mistake, and in my view fails to carry out the intent of the Homeland Security Act.

Seventh, Congress is failing to use all available policy tools at its disposal to enhance the security of critical infrastructure. It has painted a false choice between private sector self-protection and business-harming regulation. The government has failed to creatively use tax policy to promote additional investments in security to the extent that it believes that industry, on its own, is not investing enough. Take for example the chemical industry. Often derided as negligent when it comes to security, major chemical manufacturers have spent $3 billion since 9/11 to enhance security, hardly evidence of negligence. If society believes that more security is warranted, the government should catalyze greater investment by providing tax incentives that make security projects more attractive. Had such tax breaks been provided soon after 9/11 the debate over inherently safer technologies within pending legislation would not be so heated, because, I believe, many more companies would have already pursued such projects.

Eighth, the recommendations of the President’s Commission on Critical Infrastructure Protection that issued its final report in the fall of 1997 have never been implemented. Perhaps a decade later that report and its recommendations should be comprehensively reviewed and updated. A critical defect of that report was its failure to identify system weaknesses, for example large-scale energy outages still provide test-beds for restoration of service priorities as do telecommunication outages. These are system wide issues not isolated sectors and impacts.

Ninth, of the recommendations in 1997 of the PCCIP was to explore fully the use of the Defense Production Act of 1950 and its application both to critical infrastructure protection and service restoration and priority issues. In conjunction with the Energy Policy and Conservation Act, these statutes should be comprehensively updated to deal with energy supply and outage issues and also restoration priorities. The 1982 Congressionally mandated opinion by the Attorney General on emergency energy authority should be updated. That opinion revealed that some Governor’s have more emergency energy authority than the President.

Tenth, the position of the key political CIP official in DHS should be upgraded and filled on a long-term basis perhaps a five or seven year term so that a distinguished and expert person could fill that role. That position as some others in DHS should be considered nonpartisan.
Proposal Summary:
• Quickly come to consensus on critical infrastructure priorities.
• Use all policy tools available, including mix of tax incentives, assistance in setting best practices, and smart regulation.
• Grant DHS sufficient authority where it is lacking, especially chemical security.

Engaging Society (1328)

Critical homeland security stakeholders outside of government – especially the general public and the private sector must be engaged much more fully. In 2002, the CSIS produced a study called “Civil Security” that is still a principal study of reasons why the public must be more closely integrated into homeland security efforts. Citizen Corps programs in DHS require more funding and direct political support.

Public Education

I have argued since 9/11 of the need to create a culture of preparedness. For this to happen, we need to view our citizens as a critical backbone of American strength and resilience. The federal government has struggled mightily to strike a balance between providing more information while fearing that more information will frighten the public or provide an advantage to our enemies. This debate should end. The more informed and self-reliant we are when the next disaster strikes, the better off we will be. Perhaps adopting and publicizing planning standards reflecting the difficulty in deploying federal assistance within the first 72 hours of an event or incident that results in Presidential declaration of emergency or disaster would improve public understanding that they are largely on their own in that time frame. Hopefully, federal assistance can be more timely, but funding and staffing to provide assistance within the first 72 hours is probably not politically feasible. So State and local governments must be able to operate during that initial time-frame to provide assistance. It should be noted on the record that few states actually engage other than as a financial pass-through in emergency preparedness and response. Perhaps that should be changed, or more emphasis placed on mutual aid and the Emergency Management Assistance Compact approved by Congress in 1992.
States should be mandated to do all that they can to protect their citizens and their property with as little federal assistance as possible.

The most persuasive recent arguments on this front come from Brian Jenkins of RAND in his new book, Unconquerable Nation:

“The best way to increase our ability as a nation to respond to disasters, natural or man-made, is to enlist all citizens through education and engagement, which also happens to be a very good way to reduce the persistent anxieties that afflict us. We have not done this…The federal government’s decision to tell citizens to go on living their lives, offering only the vague admonition to be vigilant, has “encouraged dependency,” rather than “promoting self-reliance… We need to aggressively educate the public through all media, in the classrooms, at town halls, in civic meetings, through professional organizations, and in volunteer groups. This means more than speeches in front of the American flag. The basic course should include how to deal with the spectrum of threats we face, from “dirty bombs” to natural epidemics, with the emphasis on sound, easy-to-understand science aimed at dispelling mythology and inoculating the community against alarming rumors and panic.”

Public Education Proposals

• Significantly increase funding for and visibility of ready.gov to serve as a well-recognized and leading portal for the public to access detailed and deep information on threats and preparedness.
• DHS should increase its activities to support education and outreach efforts by trusted public information outlets, including the Red Cross, state and local authorities, and media outlets.
• DHS should establish an advisory board, comprising scientists to ensure that materials are accurate and up to date, and experts on communications, sociology and psychology to ensure that materials are most effective at providing education that empowers the public.
• Public Education should not be confused with Emergency Public Information efforts and training, including the issuance of PARs (Protective Action Recommendations) to the Public. This is a highly technical area and should be better funded or information deficiencies alone can and have resulted in death and destruction.

Engage the Private Sector
In policy and strategy documents since September 11, 2001, the Administration and Congress have repeatedly stressed the critical importance of “public-private partnerships” to make the country safer. Five years after 9/11, such partnership is more hope than reality:

• The federal reorganization since 9/11 has raised the difficulty and transaction costs for the private sector to work with the federal government.
• Information sharing between government and the private sector remains stunted.
• Overall investment in private sector security initiatives has been modest.
• The federal government has failed to provide meaningful incentives or standards for securing critical sectors that pose the highest risk and where voluntary efforts have proven to be insufficient.
• The private sector has not been effectively integrated into response and recovery planning for major disasters, though some promising public-private initiatives have been piloted
• The protections of the Defense Production Act against anti-trust and other information sharing activities have not been fully explored as evidenced by little or no action taken since 1997 when the PCCIP final report was issued. That statute should be reviewed completely for its impact and usefulness on homeland security and homeland defense.

In short, the capabilities, assets, and goodwill of the private sector to bolster our homeland security remain largely untapped. We need to find a way forward for true partnering between the public and private sectors on homeland security.

In fixing these problems, it is important to bear in mind a few essential principles that can be used to identify what responsibilities should be met by the private sector, those that are the responsibility of government, and those that can be shared jointly. Policymakers should remember that the government is inevitably a major market player whose actions directly affect the ability of the private sector to invest more in security. For its part, the private sector is not just a target, but also an important source for information, assets, and capabilities that the government does not possess. Furthermore, policymakers should not overlook the fact that industry leaders possess a sense of patriotism and civic duty that can be harnessed to improve U.S. security. American companies are willing to commit their time, expertise, and resources to support the homeland security mission. The federal government must make a concerted effort to recognize and encourage such actions as part of a successful partnership between the federal government and the private sector.

Federal security efforts must be tailored to address specific vulnerabilities in individual sectors. Too often federal officials treat the private sector as if it were a single actor, yet the consequences of a terrorist attack on a critical sector vary widely by sector. Nonregulatory approaches are often preferable, but when voluntary efforts do not achieve adequate levels of security, lawmakers and regulators may need to take action. Furthermore, Washington must realize that government regulation is not always in conflict with the best interests of the private sector. In many instances, federal action can help to bound market uncertainties, making it easier for markets to work and for the private sector to make investment decisions. Federal standards would also help ease industry fears of liability should their security efforts be defeated by a terrorist attack.
To make America more secure, the federal government urgently needs to provide better leadership on homeland security issues and become a more active partner with the private sector.

Private Sector Proposals
• Washington needs to change its policy paradigm regarding the private sector, which, in effect, tells companies to protect themselves. On critical infrastructure issues, Washington needs to provide leadership, not followership.
• Washington must move beyond talking about the need to dramatically improve information sharing with the private sector and hold government officials accountable for actually doing it.
• DHS must strengthen the quality and experience of its personnel. One way to do this aid in this effort could be to establish a personnel exchange program with the private sector.
• Congress and the administration should work closely with industry to establish security standards and implement and enforce regulations where necessary and, especially, where industry is seeking standards and regulation.
• Congress should establish targeted tax incentives to promote investments in security and resiliency in the highest-risk industries.
• Congress should establish federal liability protections for companies that undertake meaningful security improvements.
• Homeland security officials should substantially increase the number of exercises for responding to catastrophic events. Private sector assets and capabilities should be fully integrated into these exercises, with a view to achieving deeper private sector integration into national and regional emergency response plans.
• Federal response plans should identify specialized supplies/capabilities that will be in short supply following certain types of terrorist incidents or high-consequence events, including vaccines, ventilators, electric transformers, laboratory capacity, and decontamination equipment. Washington should work with the private sector to ensure the availability of these supplies and capabilities.
• DHS should establish a federal awards program, modeled after the prestigious Malcolm Baldridge National Quality Awards program, which recognizes private sector achievement and innovation in homeland security.
• If the Executive Branch cannot do so, then Congress should intervene in the personnel security system to ensure that barriers to effective fungibility of security clearances is improved and perhaps should mandate that the revision of Executive order 10450 which guides the personnel security system but it woefully outdated should be revised or superseded.

America is the envy of the world when it comes to technology, but too many homeland security technology projects since 9/11 have faltered, from the FBI’s virtual case file and DHS Homeland Security Information Network to border security systems. We need to do better to use technology and innovation to protect America. This is true not only on next generation projects like CBRN detection, but also on migrating mass-market technologies like digital maps and online market places into the homeland security arena.

Outside of the military realm, the federal government is not good at managing technology projects. Too many in government still view IT as obscure work divorced from policymaking and far less important. As a result, it tends to treat the management of technology projects as an afterthought — rather than integral to good policymaking. In the 1990s, the private sector transformed itself by learning how to deploy advanced technology strategically. The federal government needs to catch up.

DHS S&T directorate faces significant challenges. Weak management and leadership, staffing problems, the absence of coherent long term strategy, and financial problems have lead to proposed cuts in its budget and calls for its reorganization.

Outside of S&T, homeland security technology efforts face challenges as well. We continue to face poor communications and information sharing among first responders, state and local emergency managers, and homeland security officials during disasters. Issues related to the interoperability of voice communications are well known and continue to receive significant attention.

One area that deserves much greater attention is providing better situational awareness to first responders and the public through digital maps.

Situational awareness requires a common geographic frame of reference for everyone involved that can be easily updated as event details become clear. What evacuation and supply routes are open, closed, or destroyed? Where are essential supplies, industrial facilities and oil, gas, electric and communications lines? Where are shelters, hospitals, and churches and are they full? In a real time terrorist event, such as a dirty bomb or chemical release, knowing whether to go east or west a few blocks can mean the difference between life and death.

As the mass market has rapidly adopted mapping products over the last 5-10 years -- online maps with satellite imagery and GPS-based systems in our phones and cars (think Mapquest, GoogleMaps, OnStar) – it is not acceptable for the men and women who protect the homeland to be stuck in the dark ages, nor the public they are tasked to help defend.

Military resources were called into action by DHS during the response to Katrina. But homeland security should not have to beg, borrow and steal from others when it comes to their situational awareness. First-rate digital maps should not be “in case of emergency break glass.” Such capabilities should be in the basic toolkit of homeland security professionals, and they should be readily shared with first responders and state and local officials.

Just as important is empowering the public with geographic situational awareness so they can better plan and make decisions at times of disaster. As we saw in New Orleans, the public is frequently on its own in the immediate aftermath of a disaster, and empowering individuals to create and share response plans with their families or co-workers remains a documented unmet need.

- All major print, online and broadcast media should agree on a single map strategy for informing the public before and during an emergency, eliminating duplication of efforts and ensuring as consistent and accurate of an information flow as is possible
- DHS could finance local “map czars” who are empowered to cut through the bureaucracy to decide what is presented on such maps, including rapidly changing information during a crisis.

Developing such map and situational awareness capabilities is critical, especially since DHS mass evacuation plans remain inadequate and "are an area of profound concern," with 9 out of 10 evacuation plans deemed inadequate.

Online Markets
Another area where technology should be used much more effectively is in inventorying and coordinating the supply and delivery of disaster response assets. Future disasters envisioned by the Department of Homeland Security -- attacks with chemical, biological, radiological and nuclear agents, natural disasters, bombings -- will all require specialized response resources, many of which the government will not be in apposition to supply. Federal, state and local governments should identify critical supplies and capabilities -- vaccines, ventilators, generators, electric transformers, laboratory capacity, decontamination equipment, logistics, transport, warehousing -- that they will need ahead of time.
According to a recent report commissioned by the White House after Katrina, the "Achilles' heel" of our national preparedness is the ability, among all those players, to identify critical supplies and resources before a disaster strikes and finding and delivering them quickly afterward.

Everyday technology, properly harnessed, can help address some of the most glaring deficiencies
identified by the White House study. Building an eBay-like system to match regional disaster-response needs with companies that can pledge assistance ahead of time or help out in real time would save dollars and lives. Properly built and maintained, it would ensure that the vast majority of private pledges and donations are put to good use, instead of going unused. It would allow state, local and federal governments to inventory available critical assets rapidly and would be much faster than relying on government bureaucrats to create a resource database on their own. Such a system would also serve as a focal point for cooperation between government, the private sector and NGOs. It would allow the establishment of significant cooperation, trust, and interaction in advance of the next disaster so that we are better prepared when the next disaster hits.

Technology Proposals:
• S&T:??
• Improve situational awareness by greatly expanding availability of digital imaging and mapping capabilities to homeland security professionals as well as to the public directly and via media outlets.
• Drive preparedness with internet based market mechanisms that make it easier to inventory and secure critical response assets from non-governmental actors

Intelligence and Information Sharing

We need to moderate the discussion around homeland security innovations that suggest a zero sum tradeoff between civil liberties and security. We can enhance civil liberties and security at the same time. But in order to do that, Congress and the courts need to reassert themselves. The White House should be more willing to engage Congress and the courts to ensure programs’ legitimacy. Reaching consensus on controversial programs would gurantee sustainability of important programs while giving the public comfort that the programs are well managed, subject to careful oversight, accountable. Failure to reach consensus on controversial programs weakens both our government and our security over the long term.

Using technology to fight terrorism makes sense, given the weakness of good-old-fashioned human spying to penetrate jihadist terrorist groups. What does not make sense is the failure of cooperation between the three branches of government. A failure to achieve consensus between the three branches of government threatens technology innovation to fight terrorism, thereby threatening the long-term security of the country.

The disclosures on NSA domestic surveillance should have come as a surprise to no one. The Administration has displayed remarkable consistency since 9/11 in its aggressive use of technology and data analysis to uncover terrorist plots. The recently revealed NSA program is only the latest instance of Administration efforts to use data mining and other technology techniques in the war on terror. A 2004 survey by the U.S. Government Accountability Office found 199 non-classified federal data mining projects, a number that would grow if classified projects were included. Many of these programs have raised little controversy. Cargo security programs analyze volumes of shipper and cargo manifest data. Companies as diverse as FedEx, Western Union and AOL have been helping the feds and law enforcement by allowing them to look at portions of their customer and subscriber data. Other experiments -- including the Defense Department’s Total Information Awareness (TIA) program and TSA efforts to use commercially-available consumer data in airline passenger screening – raised public outcry and privacy concerns and were shut down by Congress.
Using technology to fight terrorism makes sense, given the weakness of good-old-fashioned human spying to penetrate jihadist terrorist groups. What does not make sense is the Administration’s failure to work more closely with willing allies in both Congress and the courts on the design and implementation of efforts like the NSA program. The abiding perception that the White House is taking a largely go-it-alone approach not only threatens technology innovation to fight terrorism, but it also threatens the long-term security of the country.
Despite the fits and starts, the Administration’s persistence in using data analysis as a tool in the war on terrorism marks the recognition of a simple truth: traditional human spying is insufficient to the modern terrorist threat. America’s spies are short on Arabic language skills and the cultural knowledge and diversity that would allow them to infiltrate an increasingly decentralized jihadist movement. How, for example, would an American spy ever hope to penetrate a group like the home-grown London subway bombers?
If traditional spying is currently ill-suited to find terrorists and will take up to a decade to fix, then the growing use of data-analysis techniques to fight terrorism is valuable and legitimate. If human spies are hard pressed to find more terrorists needles in the global haystack, another way to find more needles is to examine larger data haystacks. Combining technologies that analyze communication content, communications traffic, and social networks has the potential to help protect Americans. The average American understands this. According to a poll right after the NSA story broke, 63 percent of Americans supported the NSA program.
At the same time, these programs are imperfect and risk the wrongful entrapment of innocent citizens along with legitimate terrorists. That risk is magnified to the extent that these programs are insufficiently embedded in law or implemented absent the robust involvement of Congress and the courts.
A failure to better involve Congress and the courts in new, meaningful ways to fight terrorism needlessly risks the security of everyday Americans. First, the risk of overreach, mistakes or abuse risk a backlash similar to the ones that killed TIA and TSA programs. Such a backlash risks an overreaction and conceivably slap restrictions on the ability of this and future presidents to fight the war on terror. That risk is exacerbated by the largely go-it-alone approach that has characterized the White House approach to NSA programs to date.
Furthermore, the lack of a crystal clear legal framework to govern the NSA program puts the careers of government intelligence professionals at risk. It makes intelligence officials more likely to mistakenly violate individual civil liberties and privacy laws, making them vulnerable to lawsuits and accusations of abuse. Guidelines, rules and procedures for the intelligence community must be developed in consultation with the other two branches of government, who must also play an explicit approval and oversight role. The lack of clear guidance on the treatment of terrorist detainees provides a cautionary tale.
To maximize the benefits of technology innovation against terrorism while minimizing the risks, the Administration must involve the courts and Congress to the greatest extent possible. A failure to do that needlessly risks American civil liberties, the careers of intelligence community professionals, and a backlash by the Congress and the courts that overly restricts the ability of this and future presidents to use technology creatively to keep Americans safe. Global terrorism is a 21st century threat, and we must use 21st century technologies to fight it. At the same time, we must not lose sight of an 18th century American innovation – a government of checks and balances where the whole is greater than the sum of the parts.
Proposal
• Do not wait for court resolution of constitutional issues.
• Seek rapprochement between Congress and White House and increased role for courts.

Information sharing

The President and the Congress have taken bold policy, legal and institutional steps to improve information sharing. New laws have been written, Executive Orders promulgated, and new organizations created. While the reforms undertaken are impressive, they are only a first step. On their own, they are sufficient neither to bring about the needed changes in behavior nor to build the technology systems that are needed to enable better sharing.

To ensure that policy reforms fully translate into changed behavior within critical agencies and departments, substantial leadership attention at the highest levels of government is necessary. These leaders, including the President and the Director of National Intelligence, need to identify the policies, rules, procedures, and incentives/disincentives that will promote information sharing and foster the creation of an environment of policies, business rules and technologies that will support it. Better policies, clearer rules, and more robust oversight for intelligence information makes all of us more secure both in our Constitutional rights and against terrorist threats.

Sharing information must become part of the DNA of our intelligence, national and homeland security, and defense communities. It must be woven into the fabric of department and agency cultures, bureaucratic behavior, and standard operating procedures for intelligence and law enforcement, into the education and training of government officials, and into the technology systems that these stakeholders use every day.

As an associate member of the Markle Foundation Task Force on Homeland Security, I strongly recommend that in the next five years the U.S. implement the recommendations of the Markle Foundation Task Force, including the innovative recommendations of this most recent report.

In particular, the Markle Task Force has recommended that the federal government:

• adopt an authorized use standard to protect civil liberties in the sharing and accessing of information the government has lawfully collected; this standard would replace existing outdated standards based on nationality and place of collection;

• take a “risk management” approach to classified information that better balances the risks of disclosure with the risks of failing to share information;

• create a government-wide dispute resolution mechanism to facilitate responsible, consistent, and lawful information sharing;

• develop tools, training, and procedures to enhance the use of the information sharing environment and its technological capabilities by line analysts and by senior officials;

• expand community-wide training, modern analytic methods, and new tools to enhance the quality of information sharing and analysis;

• encourage the use of new technologies such as anonymization, and the use of expert and data directories;

• employ immutable audit systems to facilitate both accountability and better coordination of activities within the information sharing environment; and

• create an Information Sharing Institute.

In addition to these proposals, I personally believe that there may be the need for comprehensive legislation governing the entire lifecycle of commercial data for terrorism-related purposes within the federal government. This is of particular importance as commercial data is increasingly being co-mingled with government data for the purposes of terrorism-related analysis. This use and sharing is currently governed by a raft of disparate rules, developed in a piecemeal manner piecemeal over time. Among many others, these include the Privacy Act and the E-Government Act, the Federal Information Security Management Act, the financial Modernization Act, and Patriot Act amendments to the Fair Credit Reporting Act. Add to this the recently finalized Protected Critical Infrastructure Information (PCII) regime. Potentially adding the data sharing and protection regimes contemplated in pending legislation for chemical security (S. 2145 and HR. 5695) and port security (S. 2459 and HR. 4954), and it quickly becomes apparent that these many rules create significant opportunity for confusion or conflict. Other contemplated legislation – for example, S. 3713 (Clinton); S. 1789 (Specter); HR. 5827 (Sweeney) – would all complicate the equation further.

At the end of the day, any attempt to harmonize or create a unified regime for the use and sharing of commercial data for terrorism-related purposes should provide be comprehensive and address government’s handling and management of data from “cradle to grave”: procurement, storage, use, ability to combine with other data, sharing within government and with government contractors, encryption, anonymization, dispute, and redress. At the moment all of the movement on these fronts is piecemeal, ad hoc, and uncoordinated. This creates lack of clarity, potential conflict, and reduces confidence in government to the extent data is mishandled, misused or leads to false positives that are difficult to redress or correct. This is unacceptable.

Conclusion

To ask are we safer automatically politicizes what should be non-partisan policy! Here is what I would say-What exactly has been accomplished in the five years since 9/11 and what still needs to be done? Also how do we calibrate the fact that gaps in accomplishments or gaps in identification of needs might lead to oversight of fundamental flaws in our approach to homeland security. For example, emergency communications interoperability is commonly identified but there is no real federally mandated lead such as under Exevutive order 12472 that created the NCS and its TSP system. Also, should the funding stream really follow the traditional post-world war II system essentially adding the States to the civil service by using them to implement federal grant programs in the Homeland Security arena. Of the 3400 county geographic jurisdictions in the US almost 5-600 are losing populations. The top 250 jurisdictions by population are the really key targets. Should their be dispersal of there key employees and assets under some trigger?
Should k-12 educational programs on individual and family preparedness be implemented?
Should new technologies get patents that include a discussion of how those technologies can be impacted from disruption? If this is the long-war should more effort be made to explain why their needs to be a partial mobilization of our society to deal with that fact? If ISLAM is just one of the breeding grounds for terrorism what revisions in intelligence or information sharing are necessary to protect us? Not that security clearances and need to know are still a major choke point with preventing integration of state and locals into the anti-terrorism counter-terrorism activity. Could the GUARD be utilized to somehow get around this issue by mandating that a GUARD liaison to each local jurisdiction of 250K population or more be adopted.

Should the system failure implications be incorporated into all federal lawmaking and rulemaking as in an EIS.

Many many more ideas and brainstorming could be done but I leave that to you!

Are we safer? At the five year anniversary of 9/11, the question is unavoidable.

In many ways the answer is yes. The U.S. has not been attacked again on U.S. soil. Our military has successfully degraded Al Qaeda Central and is cooperating successfully with allies to detect and thwart additional attacks. Our defenses at home are stronger. We embarked on the largest reorganization of the federal government since 1947, creating the Department of Homeland Security, the Directorate of National Intelligence, and Northcom. We have sought to improve information sharing – our ability to “connect the dots” -- with new laws and new institutions. We have sought to make it easier to find terrorists through the innovative use of technology and legal changes while at the same time seeking to protect civil liberties with a the creation of civil liberties boards and privacy offices. Airline security has been boosted. Private chemical manufacturers have invested $3 billion on greater security since 9/11. Nuclear plants have raised security to meet a higher level of design basis threat, required by the Nuclear Regulatory Commission [check]. Add to these measures a higher level of public awareness and precaution, and in many ways we are safer.

But in many ways, we are not safer.

The world has not stood still since 9/11. Nuclear proliferation will become an increasing problem and Al Qaeda is adjusting and evolving. At home, our homeland security efforts are still very much a work in progress. The emblem of our shortcomings is Katrina, with all of the significant gaps it exposed in our leadership, preparedness, coordination, and effectiveness to deal with even widely foreseen homeland security threats. We face other significant challenges going forward. DHS struggles mightily to meet the expectations that came with its creation. The DNI is finding its way, but early compromises limited its power from the outset. Chemical plants and ports are still not secure enough. Transit authorities can’t find enough money to implement desirable security measures. We lack a national consensus on priorities and our strategies are not robust, leaving us in a perennial state of reaction to the latest threat. A number of big-ticket homeland security technology projects have failed. Innovative programs to enhance security are forcing the tradeoff of liberty for security in an unnecessarily zero-sum game.

“Is it safe?” Dustin Hoffman’s answer to that question in the famous 1976 movie, The Marathon Man, was alternately “yes”… “no”… “it depends.” For every area of progress, significant gaps and vulnerabilities remain. Over the next five years, we must do more and do better.

In five years time, we should all hope to see:

1. A DHS that is a healthy and respected organization, equal to the task Americans expected of it when it was created.
2. A clear doctrine of national preparedness. National Guard Special Forces and a stronger NORTHCOM who train jointly to meet the threat of multiple simultaneous attacks or disasters.
3. A much better educated and empowered public on homeland security. When something happens, they are already well prepared and know where to go for the best and latest information.
4. Critical infrastructure is healthier as a result of a mixture of govt incentives, standards and regulations. Chemical facilities are more secure. The electric grid is less brittle. All forms of transportation, not just airplanes, are less vulnerable and attacks are more resilient/survivable. Security investments have improved the health and resiliency of critical infrastructure.
5. We are using technology better to enhance homeland security. S&T is a well-managed organization with a clear strategy and priorities. Homeland security The federal government is creatively
6. Civ lib/intell debate has reached equilibrium. Fed govt has greater authorities, but with greater power comes greater responsibility. Predicate rule has been relaxed as well as US Persons rule, but public is confident in judicial review, audit, accountability and redress [Markle]

Bill Gates has said that we always overestimate the change that will occur in [five] years and underestimate the change that will occur in 10. While we have made progress in the first five years, I am sure that many are frustrated by the pace of change and what we have not yet achieved. In the next five years, we have the opportunity – in fact, we have the duty – to make every effort to ensure that America is safer and more secure than we might even hope for today.