Too Many Dots to Connect
The Christmas Day attack has exposed a broader systemic failure in the entire post-9/11 approach to intelligence: the “over collection” of information. It is leading, once again, to an ever-expanding bureaucracy of stovepiped analysts disconnected from real threat activity. In one of many cringe-inducing situations since 12/25, the Skeptical Bureaucrat recently highlighted this painful exchange between "senior State Department officials" and the press during a briefing following the release of the Department's Security Review of the Christmas Day attack
SENIOR STATE DEPARTMENT OFFICIAL: -- the interview. As far as being anything else, no, I don’t think there was – I don’t think the not knowing that he didn’t have a visa, not reporting that – and the report says that. It says: “A determination to revoke his visa, however, would have only occurred if there had been a successful integration of the intelligence by the CT community, resulting in his being watch-listed.” So --
QUESTION: So even if he was he was spelled – even if it was spelled right and you knew he had a visa, he still wouldn’t have been – it still wouldn’t have been revoked?
SENIOR STATE DEPARTMENT OFFICIAL: That’s correct.
There is more Q&A here, but the exchange gives you an idea of the complexity of the failure. Numerous embarrassing anecdotes leaked over the past two months -- from a CIA analyst waiting on a picture to some $12/hr contractor "misspelling" Abumutallab's name – expose an ungovernable system devoid of imagination and will.
Marc Ambinder noted that within the intelligence community (IC),
There had been plenty of discussions about Yemen, and the U.S. was clearly concerned about the fertile soil there for extremism -- but no policy maker seems to have taken the intelligence about AQAP's intentions seriously enough to significantly alter counterterrorism policies regarding AQAP's ability to threaten the U.S
That, however, is always the failure when an intelligence failure occurs, in the United States or in any country in the world. Bureaucratic, moribound intelligence organs focusing on major threats (USSR, Israel), fail to see the emerging threats in front of them (Hizbullah, Al-Gama'a al-Islamiya). Even the suggested solutions appear to be conventional: better training, more information sharing, the application of “structured methods,” etc.
Yet a broader problem is hinted at in this January 27th post at Govexec.com:
The National Counterterrorism Center does not have enough analysts to comb through the thousands of pieces of terrorism-related information it receives every day, even though a plan to cut millions of dollars from its budget has been reversed, NCTC Director Michael Leiter told House lawmakers on Wednesday… Each day, the NCTC receives more than 5,000 pieces of terrorist-related information and reviews 5,000 names of suspected terrorists, Leiter said.
There is a broader systemic failure in the entire post-9/11 approach to intelligence: the over-collection of information. In the rush to find and “connect” dots after 9-11, the focus of information collection became too broad, encompassing too many sources, and offering little direct authority for possible response. The result is disparate points of information get caught up in the cogs of bureaucratic processes disconnected from any reason to act.
Information collection on such a vast scale – 5000 pieces of information per day, according to NCTC officials -- is a sign of systemic weakness. It shows an inability to pinpoint current and emerging threats at their source, and to focus analytical capability at those known threats. Instead, analysts sit a desk each working day, reading thousands of pieces of “information” that have little or no connection to real threat activity. In this environment, conventional wisdom becomes the most intellectually expedient answer to policy maker’s demands.
The answer lies in redirecting collection toward real-world threats, not disparate dots of disconnect information. This may seem like a "too-easy" solution, but I am not making policy proposals. I'm calling for more effective ways of gathering the information we need to protect ourselves. A career's worth of experience tells me we're on the wrong track. If we were better prepared in Yemen, then we would have never missed Abumutallab, regardless of how a $12/hr data entry clerk spelled his name.
If you’re interested, I expand on this post at my other blog.
February 10, 2010 at 19:59
Reader Comments (1)
There's no doubt that there is too much information to effectively analyze. Frankly, this is not an especially new problem—even at the height of the Cold War, with collection resources sharply focused on the USSR and other key peer opponents, technical collection (especially of COMINT) was already rapidly outstretching human analytical capacities. With the collection net expanding and the targets more diffuse, it is inevitably more of a problem.
Is this a problem of "moribound intelligence organs focusing on major threats (USSR, Israel), fail to see the emerging threats in front of them (Hizbullah, Al-Gama'a al-Islamiya)." Not necessarily—one could fill rooms with the number of Western IC folks directly or indirectly working on Hizbullah. The collection issues here are substantial, and throwing additional resources at the issue doesn't necessarily return large incremental gains in quality intelligence.
Is there no value in connecting dots? In an era where threats may emerge from small cells with only partial connections to more organized networks, it is essential to do some "dot-driven analysis" as well as the more strategic focus that Marisa is suggested. Whether the current balance is appropriate, of course, is another issue.