U.S. Department of Justice Global Justice Information Sharing Initiative Annual Report 2011

Transcription

1 U.S. Department of Justice Global Justice Information Sharing Initiative Annual Report 2011 Introduction Never before has America s need for justice information sharing been more compelling. The absence of this capability, however, has plagued practitioners for decades. While broad-scale exchange has yet to be achieved, claims that the problem has gone unaddressed are unwarranted. The U.S. Department of Justice s (DOJ) Global Justice Information Sharing Initiative (Global) 1 Advisory Committee (hereafter, GAC or Committee) exists to make recommendations and support the chief law enforcement officer the U.S. Attorney General. With the support and guidance of the Bureau of Justice Assistance (BJA) and DOJ, the GAC has concentrated its diverse expertise on challenges and opportunities for justice and public safety information sharing. Since 1998, members of this Federal Advisory Committee representing justice and public safety communities at all levels of government have actively advocated information sharing while safeguarding citizens constitutional rights. Global is aimed at facilitating the appropriate availability of information and is truly a national effort. Background Global: Leading the way getting the right information to the right people, in the right place, at the right time. Vision Statement of the Global Advisory Committee Mission and Guiding Principles Enhanced information sharing is essential for effective justice and public safety business operations on many levels: It facilitates the best possible decision making by arming executives with complete and current facts, and it saves program managers and technologists the increasingly shrinking resources of time and effort, allowing practitioners to do what has become a routine demand doing more with less. In the justice and public safety arenas, comprehensive and timely access to data and the ability to analyze and share that information is often the linchpin between prevention and immediate response or devastation. Consider post-hurricane Katrina, when the response was significantly hampered by a lack of information on the ground, or, perhaps most vividly, the communication failures of 9/11, when firefighters and police responding to the same crisis, in the same location, were unable to receive and share critical information as tragedy unfolded around them. Add the increasing, evolving complexity of justice-related scenarios from responding to pandemics to collaborating with new partners such as the transportation and hospitality industries in the fight against terrorism and the communication proposition can seem overwhelming. While these high-profile events underscore the necessity of justice-related information sharing, the effective commission of routine justice business processes, such as court adjudication and sentencing or carefully planned prisoner reentry into our neighborhoods and communities, is Page 1 of 17

2 grounded in the same imperative: getting the right information to the right person in the right place at the right time. As the Federal Advisory Committee to America s chief law enforcement officer, the U.S. Attorney General, on standards-based, justice-related information sharing, the U.S. Department of Justice s (DOJ s) Global Justice Information Sharing Initiative (Global) through its Global Advisory Committee (GAC), with support and guidance from the Bureau of Justice Assistance (BJA) has responded to this charge with a range of valuable solutions at no cost to colleagues in the field. Chartered in 1998 by former U.S. Attorney General Janet Reno, the Global Initiative was carefully structured to function as a unique collaboration of justice leaders. Today, Global is respected as the preeminent voice of local, state, and tribal governments helping shape the nation s information sharing solutions. Through a structured and in-depth collaborative process, which is a unique Global hallmark, the members of the GAC have developed and supported numerous groundbreaking advances that have proven invaluable in overcoming information sharing obstacles. The guiding principles of the GAC are to: Support the goals of the U.S. Attorney General and DOJ by promoting an inclusive environment, bringing together representatives from the entire justice, public safety, and first responder communities to address and make recommendations to overcome the barriers to justice information sharing across agencies, disciplines, and levels of government. Facilitate information sharing among local, state, tribal, and federal law enforcement agencies large or small through the exploration and promulgation of the most promising methods for developing and sharing critical intelligence data. Support the development and implementation of standards that facilitate seamless exchange of information among justice, public safety, and first responder communities. Provide information that supports sound business decisions for the planning, design, and procurement of cost-effective, interoperable information systems. Identify concepts that leverage existing infrastructure, capabilities, and functionality. Support constitutional values and individual rights by ensuring the accuracy and security of justice information and the implementation of appropriate privacy safeguards. GAC recommends the adoption of privacy and information quality policies that promote the responsible collection, handling, management, review, and sharing of personally identifiable information. Acknowledge that while there is a strong national consensus that improved justice-related information sharing is critically important, there is a commensurate desire to protect individuals privacy. The GAC operates in accordance with Federal Advisory Committee Act (FACA) provisions and convenes twice a year in Washington, DC. In 2011, the GAC met on April 20 and October 13. Meetings are announced in the Federal Register, and members of the public are welcome as observers. GAC Structure: Membership, Leadership, and Working Groups GAC members represent key organizations from local, state, tribal, federal, and international justice and public safety and include agency executives and policymakers, automation planners and managers, information practitioners and, most important, end users. This last group distinguishes GAC as a committee: its members remain actively dedicated to information Page 2 of 17

3 sharing precisely because they continue to be producers, consumers, and administrators of crucial justice-related data. Membership Committee membership reflects the fundamental tenet that the entire justice-interested community must be involved in information exchange. Member agencies are as follows: Administrative Office of the U.S. Courts American Association of Motor Vehicle Administrators American Correctional Association American Probation and Parole Association Association of State Correctional Administrators Conference of State Court Administrators Criminal Intelligence Coordinating Council Criminal Justice Information Services Advisory Policy Board Executive Office for United States Attorneys Federal Bureau of Investigation Criminal Justice Information Services Division International Association of Chiefs of Police International Association of Chiefs of Police Division of State and Provincial Police International Association of Chiefs of Police Indian Country Law Enforcement Section INTERPOL Washington Major Cities Chiefs Association National Association for Court Management National Association of Attorneys General National Association of Counties National Association of State Chief Information Officers National Center for State Courts National Conference of State Legislatures National Council of Juvenile and Family Court Judges National Criminal Justice Association National District Attorneys Association National Governors Association National Legal Aid & Defender Association National Sheriffs Association Nlets The International Justice and Public Safety Information Sharing Network SEARCH, The National Consortium for Justice Information and Statistics U.S. Department of Homeland Security U.S. Department of Justice Leadership The GAC chair and vice chair are elected biennially (most recently, fall 2010) by fellow committee members. The current GAC Chair is Mr. Robert Boehmer, Director, Institute for Public Safety Partnerships, University of Illinois at Chicago, representing the National Criminal Justice Association (NCJA). The current GAC Vice Chair is Mr. Carl Wicklund, Executive Director, American Probation and Parole Association (APPA), representing APPA on the Committee. Elections for the succeeding GAC leadership term will occur in fall Page 3 of 17

4 The GAC Executive Steering Committee (GESC) consists of the GAC chair and vice chair, working group chairs, and four at-large GAC representatives. The at-large representatives are nominated and elected by the GESC. The GESC has the responsibility to: Provide advice to the Designated Federal Official (DFO) regarding areas of priority and recommended research and prepare advisory recommendations for the approval of the GAC. Upon approval of advisory recommendations, the GESC forwards them to the Assistant Attorney General and the U.S. Attorney General (or the designated appointee). Schedule meetings and develop GAC meeting agendas with the approval of the GAC chair and the DFO. Solicit suggestions for additional technical, professional, and administrative assistance to effectively and adequately address areas of need to support DOJ activities. The GESC meets immediately before biannual GAC meetings to prepare for the larger gatherings, consult with federal officials, and conduct executive business in support of the Initiative. In 2011, these pre-gac meeting events were held on April 19 and October 12. GESC members convene two additional times a year (winter and summer) specifically to strategize for ongoing GAC activities and future courses of action. In recognition of Global s fundamental tenet of collaboration and support of complementary efforts at all levels of government, the GESC purposefully coordinates these strategic planning meetings with partner events (for example, on August 3 in conjunction with the NCJA s Annual Conference). This provides Global leaders with the opportunity to visibly exhibit the ideals of justice community esprit de corps through on-site participation, networking, and promulgation of Global resources, as well as to leverage time, travel, and financial resources. The GESC also conducts business via conference calls and , as necessary. Working Groups GAC working groups and councils comprise committee members and other subject-matter experts, expanding GAC s knowledge and experience. These groups are formed around timely issues affecting justice information sharing and meet as often as necessary. During 2011, the following working groups engaged in the following targeted areas. Global Infrastructure/Standards Working Group The Global Infrastructure/Standards Working Group (GISWG) was formed to facilitate broadscale data exchange by developing and adopting an architecture and standards that enable transparent integration of disparate systems. This working group recommends a framework that assists government entities in establishing an operational environment, enabling the sharing of justice, public safety, and first responder information within the guiding principles of the GAC. GISWG identifies strategies and tactics that will implement that framework, which will be designed to identify those critical components programmatic and technical necessary to develop and maintain a sound justice information sharing architecture. Global Intelligence Working Group and Criminal Intelligence Coordinating Council The Global Intelligence Working Group (GIWG) and the Criminal Intelligence Coordinating Council (CICC) are charged with advising and providing recommendations to the U.S. Attorney General on issues relating to advancing the use of technology, standards, and collaboration between agencies/organizations in the area of criminal intelligence. The GIWG and CICC serve Page 4 of 17

5 as advocates for local law enforcement in their efforts to develop and share criminal intelligence for the promotion of public safety and the security of our nation. This working group provides guidance and advice in connection with the implementation and refinement of the GIWG/CICC-facilitated National Criminal Intelligence Sharing Plan (NCISP or The Plan ) and Fusion Center Guidelines. (Global groups supported the development of these hallmark resources in partnership with a number of intelligence partners representing different levels of government.) This goal is supported by the Criminal Intelligence Coordinating Council (CICC), inaugurated in June 2004, whose members advocate for local law enforcement in its efforts to develop and share criminal intelligence for the promotion of public safety and the security of our nation. The GIWG and CICC work to ensure that every chief, sheriff, and law enforcement and homeland security executive understands the role his or her agency plays in the development and sharing of information and intelligence. The Global Initiative, the intelligence community, and the larger justice landscape in which the GIWG/CICC serves and operates are dynamic entities and environment. As such, this mission will likely evolve as efforts continue toward implementation of the Information Sharing Environment Implementation Plan and the Guideline Reports, per the Intelligence Reform and Terrorism Prevention Act of 2004, as well as the National Strategy for Information Sharing. State, local, and tribal law enforcement agencies are expected to be affected by the impending changes and will need guidance and assistance. Global Outreach Working Group The Global Outreach Working Group (GOWG) dedicates the entire focus of its endeavors to supporting Global s mission to facilitate broad-scale sharing of justice and public safety information by promoting standards-based electronic information exchange, providing the justice community with timely, accurate, complete, and accessible information in a secure and trusted environment. Awareness is implicitly a Global strategic goal in support of this mission, because the best GAC resources are only as good as their utility to and use by the justiceinterested community. Awareness is the first step in adoption of Global recommendations and, by extension, support for and promulgation of the Global Initiative. GOWG efforts are focused in two distinct (and sometimes overlapping) directions promoting the good works of the Initiative to the larger justice community ( outreach ), and also ensuring GAC participants are fully informed not only about Global activities, but also about their roles and responsibilities as members of the Committee ( inreach ). GOWG members concentrate on delivering outreach and inreach assistance in an institutionalized and consistent manner, elevating previously ad-hoc Global communications activities to a systematic process. Global Privacy and Information Quality Working Group The Global Privacy and Information Quality Working Group (GPIQWG) was formed by BJA because of the growing need to address information privacy as affected by advancing technological capabilities. Indeed, privacy may become one of the most important technology issues of the twenty-first century. This working group makes recommendations to the U.S. Attorney General on issues regarding the adoption of privacy and information quality policies by justice system participants. These policies promote the responsible collection, handling, management, review, and sharing of (personal) information about individuals. The GPIQWG: (1) assists government in ensuring that personal information will not be inappropriately disseminated or misused; (2) ensures that Page 5 of 17

6 there are safeguards against the collection and use of inaccurate information particularly when the information is disseminated in open environments such as Internet-based systems; and (3) improves the reliability of criminal records in an integrated electronic system. Global Security Working Group The Global Security Working Group (GSWG) was formed in recognition of the fact that the security of the justice information exchange enterprise is only as strong as its weakest link. Of particular importance is the enhancing of data security across trusted justice information systems and networks, developing best practices based on industry standards, and creating an awareness of the criticality of security for the exchange of data. The working group s focus is based on justice practitioners needs, industry direction, and key collaborative initiatives from the other Global working groups. GSWG members acknowledge the importance of determining effective security guidelines for legacy systems, as well as for the new and enhanced systems to which they are joined. This working group enables the trusted sharing of justice information by recommending best practices for security guidelines, technologies, and procedures. This goal encompasses exploration and recommendations regarding resources on wireless security, security architecture, and Web services security. Also, standards and architectures need to be identified that allow practitioners to acquire and migrate to the technologies and policies that provide secure interoperability. To that end, GSWG contributes ideas that further review gap analysis, risk mitigation, and implementation studies of technology standards and implementations. 2011: Year in Review The following table illustrates some of the primary information sharing problems addressed by Global in 2011 and includes the research steps taken, recommendations made, products developed, and examples of real-world applications (or outcomes ) for these Global initiatives. Page 6 of 17

7 Information Sharing Problem Intelligence Capability: Many of the 18,000 law enforcement agencies lack guidance regarding the development and implementation of an intelligence capability. The Criminal Intelligence Coordinating Council, in partnership with the Global Intelligence Working Group, has developed a cadre of products to assist agencies in establishing this capability. Research Steps Recommendations Coordinated CICC and GIWG meetings, conference calls, and Webinars to develop recommendations for the development and implementation of an intelligence capability Leveraged the DOJ, FBI, and DHS initiatives to ensure that the recommended solutions are coordinated with all relevant law enforcement entities Reviewed current research and literature Collaborated with subject-matter experts Vetted resulting products with the appropriate law enforcement entities Products 10 Simple Steps to Help Your Agency Become Part of the National Intelligence Sharing Plan Interagency Threat Assessment and Coordination Group Intelligence Guide for First Responders Law Enforcement Intelligence: A Guide for State, Local, and Tribal Law Enforcement National Criminal Intelligence Sharing Plan Navigating Your Agency s Path to Intelligence-Led Policing Why Law Enforcement Agencies Need an Analytical Function Provide valuable guidance towards systematically sharing law enforcement information among federal, state, local, and tribal law enforcement agencies large or small Assist state, local, and tribal law enforcement, firefighting, homeland security, and appropriate private sector personnel in accessing and understanding federal counterterrorism, homeland security, and weapons of mass destruction intelligence reporting Support related policy in law enforcement agencies Provide a blueprint to help agencies establish criminal intelligence sharing policies, procedures, standards, technologies, and training Provide guidance regarding the implantation of the intelligence-led policing framework Outcomes The CICC and GIWG have distributed the products to law enforcement agencies throughout the United States via the following mechanisms: o Publishing documents o o Posting online at Collaborating with law enforcement professional organizations, such as the International Association of Chiefs of Police and the Major Cities Chiefs Association, to bring these resources to their members These resources are recognized throughout the law enforcement community as the defining standards for all implementations of intelligence Page 7 of 17

8 Information Sharing Problem Training Guidelines: Training to support the role and responsibilities of intelligence analysts has often been inconsistent. The CICC and GIWG have worked to provide timely, standards-based training guidelines to intelligence analysts that support the goals and objectives of Global and reinforce the priorities of DOJ. Research Steps Recommendations Coordinated CICC and GIWG meetings, conference calls, and Webinars to develop recommendations for the development of analytical training guidelines and products Leveraged existing research and literature Collaborated with subject-matter experts to develop timely, standards-based training products Vetted resulting products with the appropriate law enforcement entities Products Analyst Toolbox Common Competencies for State, Local, and Tribal Intelligence Analysts Law Enforcement Analysts Certification Standards Law Enforcement Analytic Standards Provide analysts with information on the tools they need to effectively and efficiently perform their duties and produce useful intelligence products Identify common analytic competencies that should be exhibited by state, local, and tribal intelligence analysts working in fusion centers or similar analytic law enforcement entities Assist in instituting standards for the intelligence analysis process to ensure that intelligence products are accurate, timely, factual, and relevant, while also recommending implementation of policy and/or action(s) Develop standards that explain the requirements of agencies to adopt the minimum standards for intelligence-led policing in order to support the development of sound, professional, and analytical products Outcomes The CICC and GIWG have distributed the products to law enforcement agencies throughout the United States via the following mechanisms: o Publishing documents o o Posting online at Collaborating with law enforcement professional organizations, such as the International Association of Chiefs of Police and the Major Cities Chiefs Association, to bring these resources to their members These resources are recognized throughout the law enforcement community as the defining standards for intelligence analysts Page 8 of 17

9 Information Sharing Problem Protect Privacy: State, local, and tribal (SLT) justice entities (e.g., law enforcement, fusion centers, courts, corrections, prosecution/defense, and probation/parole) must ensure that privacy, civil rights, and civil liberties protections policies are in place and that procedures are followed for the personally identifiable information that they collect, store, access, and share, as well as for First Amendment-protected events and activities. Research Steps Recommendations Specialized ad-hoc task teams were appointed for the purpose of product development or revision to foundational products. These were populated with privacy professionals from GPIQWG or the CICC s Privacy Committee, depending on the product, as well as subject-matter experts (SMEs) from the field with unique expertise in the topic Leveraged the DOJ, DHS, and ISE-based privacy standards implemented in the DOJ/DHS Fusion Process Privacy TA effort to revise the SLT-focused privacy policy template for use by the broader justice community Products were vetted, reviewed, and approved through their respective working group processes Situational awareness to the Global Advisory Committee (GAC) regarding public protests, as well as to DOJ s P/CL Office Piloted First Amendment products through the New Jersey State Police Extensive research of existing documents, guidelines, and related Web sites Utilized Webinars, conference calls, and online virtual collaboration Web sites for product review and refinement Vetted products through appropriate constituents and Global partners Products The following Global products were developed to support each of the unique steps in a justice entity s privacy effort. While most are designed for the broader justice community, some are tailored for law enforcement or for handling criminal intelligence, tips/leads, and SAR information. Though several were completed in 2010, in 2011 each were featured in an online roadmap format at and in print via the Global Privacy Resources booklet to help users understand which products to use when and for what purpose. Products are listed according to their use and purpose according to the Privacy Program Cycle steps as follows: STEP 1: Educate and Raise Awareness 1. Executive Summary for Justice Decision Makers: Privacy, Civil Rights, and Civil Liberties Program Development (revised, 2011) 2. 7 Steps to a Privacy, Civil Rights, and Civil Liberties Policy (revised, 2011) 3. The Role of Law Enforcement at First Amendment Events reference card (new, 2011) SLT entities are guided to follow the steps established in the Global Privacy Program Cycle to fully ensure that privacy protections are in place and implemented agencywide. The Global Privacy Program Cycle is a roadmap for which, how, and when to use any of the suite of Global and DOJcollaborated privacy resources available. Entities are encouraged to follow the natural progression of steps in the Global Privacy Program Cycle outlined below and use the Global privacy resources designed for each step: 1. Educate and Raise Awareness 2. Assess Agency Privacy Risks 3. Develop Privacy Protections Policies 4. Perform a Policy Evaluation 5. Implement and Train 6. Conduct an Annual Review This information is available online at and in print. Outcomes The following is a sampling of the numerous outcomes of the development and distribution of the above-described products: By March 31, 2011, as part of a three-year DOJ/DHS-supported Fusion Center Privacy TA effort, all 72 of the designated fusion centers had finalized privacy policies in compliance with DHS requirement to be at least as comprehensive as the ISE Privacy Guidelines. Each of the 72 centers used the Global Fusion Center Privacy Template listed in Step 3, above. The Indiana Data Exchange (IDEx) statewide information sharing system utilized all of the Global privacy products, as well as received on-site privacy technical assistance from Global Privacy TA providers, to develop a comprehensive privacy, civil rights, and civil liberties privacy policy for their statewide IDEx justice information sharing project. Late in 2011, South Dakota s statewide justice information system, SD Connect, began strategy and planning meetings with Global Privacy TA providers to develop a SD Connect Privacy Policy (completed in February 2012) utilizing the Global Privacy Resources described above. Page 9 of 17

10 STEP 2: Assess Agency Privacy Risks 1. Guide to Conducting Privacy Impact Assessments for State, Local, and Tribal Justice Entities (revised, 2011) STEP 3: Develop Privacy Protections Policies 1. Privacy, Civil Rights, and Civil Liberties Policy Development Guide for State, Local, and Tribal Justice Entities (Privacy Guide) (revised, 2011) 2. Privacy, Civil Rights, and Civil Liberties Policy Development Template for State, Local, and Tribal Justice Entities (SLT Privacy Template) (revised, 2011) 3. Fusion Center Privacy Policy Development: Privacy, Civil Rights, and Civil Liberties Policy Template (Fusion Center Privacy Template) (2010) 4. Law Enforcement Guidelines for First Amendment-Protected Events; Recommendations for First Amendment-Protected Events for State and Local Law Enforcement Agencies (new, 2011) 5. The Protection of Privacy, Civil Rights, and Civil Liberties in the Use of Social Media by Law Enforcement in Intelligence and Investigative Activities guidance document (new draft, 2011) STEP 4: Perform a Policy Evaluation 1. Policy Review Checklist (new, 2011) STEP 5: Implement and Train Implement 1. Implementing Privacy Policy in Justice Information Sharing: A Technical Framework (2007, pilot in 2011) 2. Privacy, Civil Rights, and Civil Liberties Compliance Verification for the Intelligence Enterprise (2010, field use in 2011 fusion center evaluations) Train 3. The Importance of Privacy, Civil Rights, and Civil Liberties Protections in American Law Enforcement and Public Safety (Line officer training video) (new, 2011) 4. Suspicious Activity Reporting Line Officer Training CD (new, 2011) STEP 6: Conduct an Annual Review 1. Policy Review Checklist (new, 2011) More than 3,000 law enforcement First Amendment event reference cards were distributed for working demonstrations. Copies of appropriate products were distributed to the 72 designated fusion centers as well as to relevant law enforcement entities. Page 10 of 17

11 Information Sharing Problem Privacy in Biometrics: As justice entity use of biometric technology expands, it is critical that justice agencies ensure that their policies and procedures for the collection, quality, retention, use, analysis, and sharing of biometric information address both privacy, civil rights, and civil liberties protections as well as information quality. Research Steps Recommendations Ad-hoc task teams appointed with GPIQWG privacy experts and biometric SMEs (fingerprint, iris, DNA, and familial DNA searching experts) Global Privacy TA providers completed field research through a case study with the Colorado Bureau of Investigation to develop their familial DNA searching privacy policy. Research was used to develop a Global familial DNA searching privacy template for all justice entities. Extensive research of existing documents, guidelines, and related Web sites Vetted biometric products through FBI CODIS, FBI Biometric Center of Excellence, NIJ, crime lab directors, as well as DOJ GPIQWG member review and approval Products The following are privacy biometric products developed by Global: Privacy and Information Quality Risks: Justice Agency Use of Biometrics (new, 2011) An Introduction to Familial DNA Searching for State, Local, and Tribal Justice Agencies: Issues for Consideration (F-DNA Issue Paper) (new, 2011) Privacy Principles of Familial DNA Searching: Privacy, Civil Rights, and Civil Liberties Policy Development Template (F-DNA Privacy Template) (draft, 2011) Justice agencies using biometrics should ensure that they have policies to address privacy, civil rights, and civil liberties, as well as information quality (IQ). Entities are guided to perform an evaluation of the privacy and IQ risks associated with biometric use using Global s biometric privacy and IQ assessment frameworks. Entities considering implementing familial DNA searching must be aware of the key privacy issues associated with justice use of this forensic technique. Entities that are implementing familial DNA searching should draft a privacy policy for this capability. Outcomes The following are outcomes of the development of the above products: Completed a privacy policy case study with the Colorado Bureau of Investigation (CBI) familial DNA search capability now the only state to have a privacy protections policy covering familial DNA searching. Arizona Forensic Science Advisory Committee and the Springfield, Illinois, Crime Lab have both requested and distributed printed copies of the F-DNA Issue Paper. Illinois State Police articulated interest in developing a privacy policy, using the F-DNA Privacy Template, once it is available in print (2012). Since the debut of Global F-DNA products, these states have implemented or are actively pursuing the implementation of familial DNA searching: Virginia, Texas, West Virginia, Pennsylvania, Oklahoma, Wyoming, Illinois, and Florida. These are anticipated to utilize the Global F-DNA products. Page 11 of 17

12 Information Sharing Problem Fusion Center Support and Guidance: Coordinating and aligning fusion center policies and procedures across the national network of fusion centers is a critical issue for the justice community. These efforts seek to ensure that these centers remain an effective and efficient mechanism to exchange vital information, while maximizing resources, streamlining operations, and improving the ability to fight crime and terrorism by analyzing data from a variety of sources. Research Steps Recommendations Collaborated with other federal agency partners (FBI, DHS, ODNI, PM-ISE, ATF, and others), as well as fusion center leaders to prioritize and develop training and technical assistance for fusion centers Held Global Advisory Committee and Working Group meetings to vet, review, and approve recommendations and products Researched current issues impacting fusion centers Ensured that every fusion center has access to the collaboratively developed products Provided input to the federal government in its efforts to develop and share criminal intelligence Recommended a framework for implementing and ensuring the longevity of the standards-based intelligence plan, training and technology coordination, outreach and education, and resource coordination Products The following Global products were developed to support the coordination and alignment of fusion center policies and procedures and to assist centers in complying with the National Criminal Intelligence Sharing Plan and Baseline Capabilities for State and Major Urban Area Fusion Centers. While most products are designed for fusion center use, some are applicable to the larger law enforcement and justice community. Fusion Process Program Communications and Outreach Guidebook Health Security: Public Health and Medical Integration for Fusion Centers, An Appendix to the Baseline Capabilities for State and Major Urban Area Fusion Centers; Health Security Public Health and Medical Integration for Fusion Centers Guidebook Integrating Critical Infrastructure and Key Resources Protection Capabilities Into Fusion Centers Development and Implementation Considerations Guidebook Fusion Centers: Enabling Information Sharing Between the Federal Government and State, Local, Tribal, and Territorial Partners video Customized tri-folds regarding fusion center DHS/DOJ Fusion Process Technical Assistance Program and Services Fusion Center (including multiple training and technical assistance offerings) Continue to support the unprecedented federal agency partnership with fusion centers through the provision of collaborative meetings, issue-resolving focus groups, training, and technical assistance Develop a series of resources to support the mission of fusion centers and other related initiatives, including the development of analyst standards In collaboration with DHS, create a robust training and technical assistance program for fusion centers Work to deliver the training and technical assistance offerings Develop general outreach and awareness products for fusion centers Work to integrate nontraditional information sharing partners (e.g., health, fire, and EMS) into the fusion center effort Outcomes The following are outcomes of the development of the above products in FY2011: Twenty-three fusion centers requested the Fusion Centers: Enabling Information Sharing Between the Federal Government and State, Local, Tribal, and Territorial Partners video to support their operational requirements. Four fusion centers were provided with customized tri-fold brochures regarding their centers. These brochures were used by the fusion centers to promote awareness of the fusion centers purpose and goals within their communities. DHS/DOJ Fusion Process Technical Assistance Program and Services were offered to all 77 designated fusion centers and by March 31, 2011, 72 had approved privacy policies. Peer-to-peer pilot evaluations, followed by on-site formal center evaluations, were performed at several fusion centers across the country using the Privacy, Civil Rights, and Civil Liberties Compliance Verification for the Intelligence Enterprise. Copies of appropriate products were distributed to the 77 designated fusion centers as well as to relevant law enforcement entities. Resources were used to integrate nontraditional information sharing partners into the fusion center effort in a consistent manner across the national network of fusion centers. Page 12 of 17

13 Information Sharing Problem Reference Architecture: Many justice and public safety organizations do not possess sufficient resources to support the research, design, and implementation of information sharing programs. This issue becomes particularly important as practitioners seek to launch information exchange programs. To alleviate the multitude of issues related to this effort, it is critical that standards and processes be developed to minimize cost and maximize the opportunities for building these exchanges. Research Steps Recommendations Collaborated with subject-matter experts to identify the most current research, protocols, processes, and practices Researched similar solutions provided by industry and educational institutions Identified priority focus areas (i.e., exchanging warrant and disposition data to relevant justice partners in a safe, timely, and accurate manner) Held working group and specialized task team meetings to design and develop products Developed the Global Reference Architecture (GRA), which provides guidance for identifying, defining, implementing, and governing services to enhance justice and public safety through a service-oriented approach to information sharing Supported the provision of specialized training and technical assistance to demonstrate the benefit of implementing the identified solutions Products The Global Reference Architecture (GRA), a service-oriented reference architecture for justice and public safety information sharing, was developed to benefit the field by decreasing the time and effort necessary to develop and establish a service-oriented architecture. The GRA suite of products includes numerous policy-level documents as well as a multitude of service specifications and guidance documents designed to assist jurisdictions in implementing the GRA. Many of these products were developed and/or refined in 2011, including the following: 1. GRA Frequently Asked Questions 2. GRA Specification, Version GRA Web Services Service Interaction Profile, Version GRA ebxml Messaging Service Interaction Profile, Version GRA Guidelines for Identifying and Designing Services, Version GRA Execution Context Guidelines, Version GRA Reliable Secure Web Services Service Interaction Profile, Version GRA Framework, Version GRA Service Specification Guidelines, Working Draft Version GRA Service Specification Package, Working Draft Version GRA Information Sharing Enterprise Statement of Participation, Version GRA Information Sharing Enterprise Service-Level Agreement, Version 1.1 Support the Global Reference Architecture (GRA) as an information exchange solution designed to cut 80 percent of implementation time and costs for state and local justice agencies through the reuse of established promising practices in IT architecture and design. Outcomes The GRA is being utilized by justice and public safety entities around the country, including the CONNECT Project, which is a consortium of states implementing a new approach to interstate information sharing. Through the use of GRA, business services enable search and information exchange between portal and architecture leverages reusable infrastructure and security token services. Since adopting the GRA, the Commonwealth of Pennsylvania Justice Network (JNET) is well positioned to more quickly meet the needs of and provide value to its many business partners. The shared services and common GRA approach promotes interoperability across the JNET partnering agencies. For example, JNET utilized the GRA to create a consolidated warrant search capability to reduce the number of required warrant inquiries from three to one. As a result, each warrant search now saves approximately four minutes per offender by reducing the number of transactions and the manual time necessary to consolidate the results from the three separate data sources and systems. The agencies using this consolidated search can now redeploy 9,400 man-hours a year to perform other tasks. Page 13 of 17

14 Information Sharing Problem Federated Identity and Privilege Management: Achieving information sharing objectives requires that partners establish wide-scale electronic trust among the caretakers of critical information and those who need and are authorized to use that information. There is a need for interoperable security functions for authentication and privilege management to govern information exchange among cross-domain justice information sharing systems. Research Steps Recommendations Collaborated with subject-matter experts to identify the most current research, protocols, processes, and practices Researched similar solutions provided by industry and educational institutions Held working group and targeted task team meetings to develop solutions Developed the Global Federated Identity and Privilege Management (GFIPM) framework, a series of resources that address the specific information exchange issues faced by the justice community. Federated identity allows a user's roles, rights, and privileges to be communicated securely in the justice community and, in particular, to those who hold the information required to effectively safeguard our nation. Products The Global Federated Identity and Privilege Management (GFIPM) framework provides the justice community and partner organizations with a standardsbased approach for implementing federated identity and privilege management. Many of these products were developed and/or refined in 2011, including the following: 1. GFIPM Choosing the Right Federation 2. GFIPM Overview 3. GFIPM Document Map 4. GFIPM Governance Guidelines 5. GFIPM Operational Policies and Procedures Guidelines 6. GFIPM Implementation Guide 7. GFIPM Web Services Concept of Operations 8. GFIPM Terminology Matrix 9. GFIPM Metadata GFIPM Cryptographic Trust Model 11. GFIPM Federation Certification Practice Statement Template Ensure compatibility by collaborating with other key ongoing projects that cross domain boundaries, such as the National Information Exchange Model, the Office of the Director of National Intelligence, and the Law Enforcement Information Sharing Program Recognize the GFIPM as the recommended approach for the development of interoperable security functions for authentication and privilege management for information exchange among cross-domain justice information sharing systems Adopt the GFIPM: A Global Concept Activities and Progress Report as a recommended resource for the next steps and activities to further the utility of GFIPM for the justice community Encourage members of the justice community to consider the GFIPM as a potential building block to a layered security solution when authenticating uses among cross-domain organizations Outcomes The GFIPM has been adopted by numerous information sharing projects around the country, including the CONNECT Project, which is a consortium of states implementing a new approach to interstate information sharing. CONNECT utilizes the GFIPM to enable policy-driven, claims-based identification, authentication, authorization, and access control. The Indiana Data Exchange (IDEx) Project, Indiana Department of Homeland Security (IDEx), a 21-agency effort, includes local, state, and federal agency participation. The IDEx project used the broad range of Global solutions, including the Global Privacy Resources, the GRA, the GFIPM, and the National Information Exchange Model (NIEM). The initiative connects disparate justice and public safety systems data for enhanced decision making and increased public safety, leveraging existing investments. Through the IDEx Return on Investment (ROI) report, a comprehensive ROI study, IDEx exemplifies how a state can use federal support to initiate an effort that results in immediate and long-term cost savings and efficiencies. Page 14 of 17

15 Results and Success Stories Bridging agency boundaries, throughout all levels of government, Global creates collaboratively developed solutions that are beneficial to everyday justice work and cost-effective because they offer proven results that can be replicated across the nation. Global solutions have seen consistent adoption by justice and public safety jurisdictions across the country and internationally. Adoption of Global solutions has greatly helped support advancement in interoperability and the ability to better share information. An officer assigned to the case of two slain New York City detectives contacted the Philadelphia/Camden High Intensity Drug Traffic Area authorities to request information on two suspects. Using JNET, Pennsylvania s Justice Network, built on the work of the National Information Exchange Model (NIEM), which was developed from the work of the Global Standards Council partners, officials needed just a few hours, rather than days or weeks, to gather and forward information on the suspects, including dates of birth, social security numbers, fingerprints, photos, and vehicles. As a result, the two suspects were located and brought into custody. Global has been instrumental in the Nationwide SAR Initiative. Leveraging of Globalsupported tools and solutions including Global privacy policy resources, NIEM, Global Federated Identity and Privilege Management, Global Reference Architecture, and the Fusion Center Guidelines has expedited NSI implementation. Current efforts are directed toward establishing a national capacity for gathering, documenting, processing, analyzing, and sharing SARs in a behavior-based, evaluative approach grounded in known precursor activity. The SAR process focuses on what law enforcement agencies have been doing for years gathering information regarding behaviors and incidents associated with crime to connect the dots and establishes a standardized approach to sharing information, with the goals of detecting and preventing criminal activity, including information associated with domestic and international terrorism. Global Advisory Committee 2012 Future Activities In 2012, DOJ will continue to pursue its goals and objectives with support from the GAC by building on its achievements, leveraging existing resources, and continuing to help engage the entire justice community in the information sharing dialogue. Global recommendations are important for justice information sharing across all disciplines, at all levels of government. The GAC is charged with advising and providing recommendations to the U.S. Attorney General on advancing the use of technology, standards, and collaboration between agencies/organizations to ensure consistent policies and business rules and the continued successful pursuit of broad-scale, justice-related information sharing. In late 2011, in support of this charge, members of the GESC identified key issue areas and priority capabilities for Global attention: Page 15 of 17

16 Capability: Develop single-sign-on/federated query capabilities At a recent national conference of state, local, and tribal (SLT) law enforcement executives and information technology (IT) managers, this was the number one request. Capability: Leverage cloud solutions Applying cloud solutions provides maximum business agility while minimizing implementation and maintenance costs. Cloud solutions (whether public and/or private) also enable small justice organizations to gain business capabilities they otherwise could not afford and inherently support open standards and reuse. Capability: Develop and engage in shared services The use of shared services, such as regional or multiagency analysis or communications capabilities, can save agency resources while avoiding duplication. Shared services also can provide smaller agencies with resources they otherwise cannot afford. Issue: Ensure interoperability between law enforcement deconfliction systems Mutual aid and other partnership arrangements serve as methods of deconfliction. Standards are necessary to ensure that separate deconfliction systems are interoperable, with a single sign-on capability, to promote officer safety and strengthen law enforcement operations/investigations. Issue: Advance information sharing to support successful reentry of formerly incarcerated individuals According to the Bureau of Justice Statistics, more than half of the individuals released from incarceration will be in some form of legal trouble within three years; in California, rereleases recidivate at an even higher rate. To protect public safety and reduce recidivism, there is a renewed emphasis on supporting the success of reentry initiatives. Innovative pilot sites promote sharing of appropriate data related to formerly incarcerated individuals in a comprehensive case management approach across multiple domains. Partnerships: IT Initiatives DOJ looks forward to the ongoing support of GAC in integration activities. BJA has contributed greatly to the field by supporting the development of standards processes, privacy policy, information architecture, and outreach vehicles (e.g., the IT.OJP.GOV Web site). Facilitating Full Participation for All Disciplines To reach the full information sharing capability envisioned by DOJ, all disciplines involved in justice-related efforts including public safety constituencies must employ information technology among their members. Historically, some disciplines and communities have had difficulties in obtaining resources to acquire and implement appropriate information systems; for example, probation, parole, public defense, pretrial services, and Indian Country agencies. While not detracting in any way from other efforts, attention should be given to identifying and addressing the technological needs of these disciplines (and others) to enable them to be full participants in broad-scale justice information sharing. To continue capitalizing on the ideals of inclusiveness and strength through diversity, as an ongoing task committee members will scan the justice and public safety landscapes for unrepresented or underrepresented constituencies. When necessary, additional organizations will be nominated through BJA for GAC membership. Page 16 of 17