menu

Border Watchlisting a Decade after 9/11

Here’s a summary from the Center for Immigration Studies Watchlisting report, released on Monday.

The tedious process of watchlisting and making watchlists available to our frontline border and aviation operators is the most important tool our nation has to curtail attempted “legitimate” terrorist travel — meaning, those terrorists who seek to use our border and aviation system to enter the United States. The 9/11 Commission recommended significant changes to watchlisting, including merging 11 disparate watchlists into one base list. Today, this single list is simply termed the “Terrorist Watchlist.” The entity recommended to accomplish this goal was, and now is, the National Counterterrorism Center (NCTC). The Commission’s focus on watchlisting addresses — in part — findings of fact of missed watchlist opportunities of (at least) two 9/11 hijackers who were known to the CIA in March 2000, but whose entry into the United States was never communicated to the border, aviation, or other members of the intelligence community until August 24, 2001.

This Backgrounder seeks to provide a historical perspective on watchlisting since 9/11 as it relates to the border and aviation communities, clarify how watchlisting works, and provide findings of facts and recommendations to solve remaining issues. The goal is to help improve watchlisting to make it accurate, efficient, and thorough for the right customers in real time.

Findings

  • The 9/11 Commission recommendations to consolidate terrorist watchlisting and the analytic institutions responsible for creating and maintaining the Terrorist Watchlist are, for the most part, implemented. The NCTC is responsible for creating the Terrorist Identities Data Mart (TIDE), while the Terrorist Screening Center, run by the FBI, culls and sorts for those individuals who meet a “reasonable suspicion” standard. These individuals are listed on the “Terrorist Watchlist.” It is this list that feeds the more specific border and aviation watchlists to which traveler names are submitted to today.
  • The pronounced example of the Christmas Day Bomber’s ability to board a plane in 2009 with a still-valid U.S. visa despite being known to the intelligence community seemed, on the surface, to replicate the deep-seated problems with watchlisting — including the intelligence community’s lack of information-sharing with the border and aviation frontline operators — related by the 9/11 Commission. That assumption is inaccurate; the authorities, relationships, and operations are in place to get watchlisting right. Instead, what is lacking are technology, clear standard operating procedures, and implementation of other 9/11 Commission recommendations. These gaps create vulnerabilities that widen quickly when multiplied out over vast quantities of data. The good news? We can fix them.

Recommendations

  • To improve watchlisting, the intelligence community needs complete information access in real time. Privacy and security issues have kept the intelligence community from allowing analysts to acquire all source information across the foreign/domestic divide quickly and efficiently as highlighted by the 9/11 Commission. The problem to date has been, in part, that technology to secure data on the one hand, and make sure users who need it have access to it, has been lacking. That is no longer the case. Technical solutions such as “cloud computing” and dynamic encryption keys are now available to store data together but protect it by source, type, and value, for example. These technical solutions need to be piloted and incorporated into NCTC and TSC operations as soon as possible. To ensure a more accurate watchlist, biometrics, including digitized facial images and fingerprints, need to be fully incorporated into watchlisting. A name-based system remains too easy to game, and too easy to misidentify legitimate travelers.
  • “Person-centric” traveler histories were recommended by the 9/11 Commission and enacted into law, but still have not been implemented by the Department of Homeland Security. The travel and immigration histories of all foreign-born travelers, including biometrics, should be easily available for analysis by the NCTC and TSC. This will also allow foreign persons applying for benefits to have their information held over time, minimizing fraud on the one hand while easing processing of new benefits sought because information will not need to be re-populated, as caching now does for Internet websites. Where privacy issues exist, these can be written into the information-sharing rules up-front.
  • Law enforcement data obtained from abroad by Immigration and Custom Enforcement Visa Security Units conducting terrorist investigations of visa applicants abroad need to be incorporated into watchlist analysis. Congress needs to prioritize the VSU expansion, and give DHS visa revocation authority.
  • The United States must do what it can to keep European Union agreements in place pertaining to Passenger Name Records; these records are absolutely essential to assuring accuracy of matching watchlist information to relevant aviation travelers.
  • All visa holders and visa waiver participants should have their information vetted at least every two years, and every time they seek to travel to the United States. Right now, visa waiver travelers are subject to higher security thresholds than many visa holders from countries not friendly to the United States. Applying a standardized approach avoids profiling, establishes security away from our borders, and enables real-time vetting where derogatory information develops after visa issuance. Eventually, with cloud technology, vetting could be done in real time, on a daily basis if necessary, for all visa holders.
Janice Kephart writes on border and identity security and programs, especially as they pertain to terrorist travel, as well as leadership and organizational issues at DHS. Kephart is founder of the Secure Identity and Biometrics Association (SIBA). Read More