After 9/11, in the name of intelligence sharing to fight terrorism, 77 fusion centers popped up across the USA. We've seen increasingly disturbing you-might-be-a-terrorist-if lists, mixing innocuous behaviors labeled as allegedly suspicious with truly scary behaviors, which are all supposed to be reported, dumped into suspicious activity reports (SARs) and shared among intelligence agencies via fusion centers—that DHS has called 'centerpieces of the U.S. counterterrorism strategy.' We all know those lists are ridiculous; a two-year bipartisan Senate investigation into fusion centers agreed in a report stating that those intelligence hubs "often produced irrelevant" and "useless" intelligence reports. "Many produced no intelligence reporting whatsoever." It was also confirmed by a former fusion center chief, who said "There were times when it was, 'what a bunch of crap is coming through'."
The Department of Homeland Security has spent hundreds of millions of dollars on a network of 77 fusion centers and hailed them as "a major force multiplier in the counterterrorism enterprise." However, a fusion center report [PDF] published on Oct. 3 by the Senate Homeland Security and Governmental Affairs permanent subcommittee stated that the investigation "could identify no reporting which uncovered a terrorist threat, nor could it identify a contribution such fusion center reporting made to disrupt an active terrorist plot."
One chapter in the 141 page report is devoted to "DHS 'success stories' do not demonstrate fusion centers' value to counterterrorism efforts."
Another chapter on how-it-hindered counterterrorism cited an example of the "Russian 'cyberattack' in Illinois" where the hacker allegedly cracked into the utility control system. According to the red-alert fusion center report, the hacker "sent commands which caused a water pump to burn out." The Department of Defense said such cyberattacks would be treated as "acts of war" and the FBI launched an investigation. However, according to the report:
"In truth, there was no intrusion, and DHS investigators eventually concluded as much. The so-called "intrusion" from Russia was actually an incident of legitimate remote computer access by a U.S. network technician who was working while on a family vacation.
Almost no part of the initial reports of the incident had been accurate - not the fusion center report, or DHS's own intelligence report, or its intelligence briefing. The only fact they got right was that a water pump in a small Illinois water district had burned out.
That is just one of several examples. The Senate investigation found that:
claims made by DHS did not always fit the facts, and in no case did a fusion center make a clear and unique intelligence contribution that helped apprehend a terrorist or disrupt a plot. Worse, three other incidents examined by the Subcommittee investigation raised significant concerns about the utility of the fusion centers, and raised the possibility that some centers have actually hindered or sidetracked federal counterterrorism efforts.
Oh really? Let's follow the money—not that it's easy to do since no one seems to know exactly how much has been dumped into fusion centers. The Senate investigation revealed that in the Homeland Security's counterterrorism mission, it spent between $289 million and $1.4 billion in state and local fusion centers. They are primarily operated through grants provided by DHS' Federal Emergency Management Agency. However, FEMA officials say they have no mechanism in place to accurately account for the total amount of grant funding spent toward fusion center support. That's not the only confusion since one chapter is devoted to how some DHS-recognized fusion centers don't even exist!
A case study was conducted on some fusion centers that used DHS grant funds for what DHS called "must-have" basics for intelligence. Without constantly throwing dollar amounts at you, here's a tiny portion of what the federal money (your tax dollars at work) purchased. According to the Senate investigative report, fusion center funds were spent:
In Cleveland, Ohio, the fusion center spent $15,848 to buy the medical examiner "ruggedized Toughbook laptop computers." When asked why, the fusion center "responded that the laptops were for processing human remains in the aftermath of a mass casualty event in the Cleveland area."
In San Diego, fusion center funds bought:
But because that surveillance equipment was "simply too complicated for our customers to use," the San Diego "fusion center received other undercover surveillance devices," including:
Software, LCD monitors and computers would seem perhaps a reasonable intelligence sharing expense, but the San Diego fusion center purchased:
The D.C. fusion center ripped through $2.7 million in Homeland Security grants to upgrade:
But wait, it was not for the fusion center; it was purchased for the local cops. The LPR system was later dropped, in favor of buying:
That doesn't count the money spent on computers, laptops, LCD Status Boards, CCTVs or paying cellular provider fees.
Regarding "troubling" reports that some fusion centers may have violated the privacy and civil liberties of U.S. citizens:
DHS personnel "are prohibited from collecting or maintaining information on U.S. persons solely for the purpose of monitoring activities protected by the U.S. Constitution, such as the First Amendment protected freedoms of religion, speech, press, and peaceful assembly and protest.
The Privacy Act prohibits agencies from storing information on U.S. persons' First Amendment-protected activities if they have no valid reason to do so.
Yet of all those SARs because you might be a domestic terroist if, the Senate panel wrote, "The apparent indefinite retention of cancelled intelligence reports that were determined to have raised privacy or civil liberties concerns appears contrary to DHS's own policies and the Privacy Act."
After promising the condition of anonymity, NBC News spoke with a Homeland Security official who said "the department has made improvements to the fusion centers and that the skills of officials working in them are 'evolving and maturing'."
Not matured, after nine years and hundreds of millions, if not billions of dollars later? This was only a fraction of the 141-page Senate investigation report which basically concluded that fusion centers are filled with 'crap' suspicious activity reports that are not helping the counterterrorism mission one little bit, but that are violating Americans' civil liberties and privacy.
Like this? Here's more posts:
- Time to disable Java AGAIN: 1 billion at risk from newest critical Java bug
- Microsoft data center pollutes, then wastes millions of watts to avoid paying fine
- Feds Warn of Zombie Apocalypse! Buy emergency kit, but you might be a terrorist if...
- Apache fires at Microsoft over IE10's DNT privacy settings
- Smartphone snoop: Even when phone sleeps, digital assistant always eavesdrops
- ACLU: Electronic Spying Skyrocketed 64% Since President Obama Took Office
- Punch to user privacy as Twitter surrenders Occupy protester's tweets
- 'We will find you' marketing gone wild: Candy bars that guarantee stalkers
- Microsoft: Companies should pay Uncle Sam $10k per H-1B Visa to hire skilled foreigners
- IE emergency patch issued, but rumors fly that Microsoft knew about 0-day for 7 weeks
- Windows Phone 8 has 'baked-in cybersecurity goodness'
- Laptop fingerprint reader destroys 'entire security model of Windows accounts'
Follow me on Twitter @PrivacyFanatic
Ms. Smith (not her real name) is a freelance writer and programmer with a special and somewhat personal interest in IT privacy and security issues. Smith has a diverse background in information technology, programming, web development, IT consulting, and information security. She focuses on the unique challenges of maintaining privacy and security, both for individuals and enterprises. She has worked as a journalist and has also penned many technical papers and guides covering various technologies. Smith is herself a self-described privacy and security freak.
Smith is an independent contractor and is not affiliated with any vendor that makes or sells information technology.
Policy on comments: Respectful discussion is welcomed! However comments that use inappropriate language, consist of name calling or personal attacks, or include accusations of wrongdoing are not appropriate. Those comments will be deleted or edited