1 / 15

Nationwide Suspicious Activity Reporting (SAR) Initiative IJIS Institute Winter Briefing

Nationwide Suspicious Activity Reporting (SAR) Initiative IJIS Institute Winter Briefing. Nationwide SAR Initiative (NSI).

Download Presentation

Nationwide Suspicious Activity Reporting (SAR) Initiative IJIS Institute Winter Briefing

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Nationwide Suspicious Activity Reporting (SAR) InitiativeIJIS Institute Winter Briefing

  2. Nationwide SAR Initiative (NSI) • Purpose: To establish a unified approach at all levels of government to gather, document, process, analyze, and share information about terrorism- related suspicious activities • Responds directly to the Intelligence Reform and Terrorism Prevention Act of 2004 requiring the Program Manager, Information Sharing Environment (ISE) to provide “a decentralized, distributed, and coordinated environment” for sharing of terrorism-related information • Responds to the direction of the National Strategy for Information Sharing (October 2007) to establish a “unified process for reporting, tracking, and accessing [SARs]” for federal, state, local, and tribal entities • Ensures that terrorism-related SARs are made available to federal, state, and local law enforcement agencies and state and major urban area fusion centers • Integrates state, local, and tribal law enforcement agencies’ SAR processes into a nationwide standardized and institutionalized effort

  3. What Makes an Activity Suspicious? • A citizen observes or reports to law enforcement authorities that something is alarming, out of the ordinary, or “just not right” • Law enforcement or government official observes something • Based on training or experience to recognize behaviors and indicators that are associated with a criminal activity associated with terrorism • Knowledge of laws and regulations • Interactivity with other agencies • Studies and research done on activities leading to crimes and terrorist acts (e.g., LAPD, NCTC, FBI)

  4. What Is the SAR Process? • A grassroots effort • Involves the gathering, processing, reporting, analyzing, and sharing of suspicious activity • Focuses on what law enforcement agencies have been doing for years—gathering information regarding behaviors and incidents associated with crime and establishing a process whereby information can be shared to detect and prevent criminal activity, including that associated with domestic and international terrorism

  5. State, Local, Tribal LE Agency Involvement Is Critical • SAR process will assist local efforts to identify emerging crime, including terrorism • Each agency’s internal SAR process can be tailored to the needs of its city and state but should be based on general standards that provide interoperability and the sharing of information • Each agency’s internal SAR process, once developed, can be incorporated into the nationwide SAR capability and will support efforts to protect our nation from terrorist attack • Build upon community policing advancements • Harness the more than 800,000 full-time sworn law enforcement officers in the United States • Without the support and participation by local, state, and tribal agencies, the amount of valuable terrorism-related SARs in the ISE would be limited (e.g., Oklahoma City bombing, Japanese bomber case, New Jersey Fort Dix plot case)

  6. Implementation Challenges for the NSI • How to institutionalize law enforcement processes to ensure that a SAR has been legally gathered and is determined to have a potential nexus with terrorism-related criminal activity • How to ensure that citizen privacy and civil liberties are protected • How to implement common ISE-SAR business processes that can be accomplished within an agency’s existing procedural and legal framework to gather, process, analyze, and report behaviors and events that are indicative of criminal activity • How to establish effective guidance and feedback mechanisms between local, state, tribal and federal agencies to communicate risks and results • How to provide comprehensive and uniform training to all participants in the SAR process: Front-line Officers, Analysts, Executives • How toleverageinformation exchange standards and existing technology, where possible, to securely share terrorism-related SARs across the ISE

  7. Defining a Comprehensive ISE-SAR Process Frontline law enforcement personnel (federal, state, local, and tribal) trained to recognize behavior and incidents indicative of criminal activity associated with terrorism. Community outreach plan implemented Federal agencies produce and make available information products to support the development of geographic risk assessments by state and major urban area fusion centers Observation and reporting of behaviors and incidents by trained law enforcement personnel during their routine activity State and major urban area fusion centers, in coordination with local and federal officials, develop information needs based on risk assessment State and major urban area fusion centers, in coordination with local and federal officials, develop risk assessments Supervisory review of the report in accordance with departmental policy National coordinated information needs on annual and ad hoc basis Nationwide SAR Cycle In major cities, SAR reviewed by trained counterterrorism expert Authorized ISE participants access andview ISE-SAR SAR made available to fusion center and/or JTTF At fusion center or JTTF, a trained analyst or law enforcement officer determines, based on information available, knowledge, experience, and personal judgment, whether the information meeting the ISE-SAR criteria may have a terrorism nexus ISE-SAR posted in an ISE Shared Space Determination and documentation of an ISE-SAR Suspicious Activity Processing Steps Planning Analysis and Production Dissemination Reevaluation Gathering and Processing

  8. Overall Progress to Date • Responding to the National Strategy for Information Sharing-issued direction to establish a “unified process for reporting, tracking, and accessing [SARs]” for federal, state, local, and tribal entities (October 2007) • Developed and issued ISE-SAR Functional Standard (January 2008) • Integrated all ISE-SAR activities into a Nationwide SAR Initiative (NSI) • Major City Chiefs Association (MCCA) project • DoD Force Protection components • FBI eGuardian and DHS participation • Defined the top-level business processes and information flow based upon state, local, and tribal practices agencies in Los Angeles, Boston, Chicago, etc. • Developed the NSI CONOPS • Established an ISE-SAR Evaluation Environment and technical infrastructure to test ISE-SAR concepts and objectives and evaluate outcomes

  9. Progress to Date (continued) • MCCA, IACP, and BJA are developing training for frontline personnel, senior officers, investigators, and analysts to . . . • Recognize indicators (incidents, behaviors, and modus operandi of individuals and organizations) of criminal activity associated with terrorism • Safeguard privacy and civil liberties • Standard Privacy Guidelines and Templates have been developed and distributed to a assist LE agencies adopt best practices • Operational SAR-EE capabilities have been deployed in New York, Florida, Virginia, D.C • Ten addition SAR-EE sites planned by May 09

  10. What is the ISE-SAR Evaluation Environment? • The ISE-SAR Evaluation Environment (ISE-SAR EE) was established in 2008 to provide an operational technical infrastructure to enable • Operational testing of Common Terrorism Information Sharing Standards (CTISS) and NIEM data exchange standards, • Identification of best practices (training, analysis, privacy, technology) • Evaluation of business and technical performance measures /outcomes. • Per PM-ISE guidance and the IRTPA of 2004, the ISE-SAR EE represents a distributed and decentralized solution to allow agencies to locally hold and control SAR data and yet make data easily and securely accessible (viewable) by other authorized agencies. • This local repository of suspicious activity reports having a “potential” nexus with terrorism is referred to as an ISE “Shared Space” and collectively as the ISE Shared Spaces. • SAR data in the ISE Shared Spaces is accessible via secure CUI networks by authorized users using a federated search / query tool hosted at www.ncirc.gov

  11. Conducting a Federated SAR Search Secure Networks (HSIN Intel, LEO, RISS) Federated Search (www.ncirc.gov) Federal Servers (eGuardian DHS) ISE Shared Spaces

  12. Sharing SAR Information Fusion Center Department Approval JTTF OPTION 1 REQUIRING IMMEDIATE ACTION eGuardian OPTION 2 Fusion Center LEO S A R Department Approval Shared Spaces Federated Search OPTION 3 NATIONAL SAR INITIATIVE

  13. Want to Learn More About the NSI? The primary source for information about the NSI is at the PM-ISE website: www.ise.gov/pages/sar-initiative.html Specific documents in suggested reading order: • Fact Sheet: Nationwide Suspicious Activities Reporting Initiative • Fact Sheet: Suspicious Activity Reporting (SAR) Functional Standard for the Information Sharing Environment • NSI Concept of Operations • Information Sharing Environment (ISE) Functional Standard (FS) Suspicious Activity Reporting (SAR) Version 1.0 • ISE-SAR Evaluation Environment Segment Architecture • Fact Sheet: Initial Privacy and Civil Liberties Analysis of the Information Sharing Environment‐Suspicious Activity Reporting (ISE‐SAR) Functional Standard and Evaluation Environment • Initial Privacy and Civil Liberties Analysis

  14. What does this mean to you? Despite the fact that there have been no actual terrorist attacks within the United States since 9/11, there is a growing sense that the risk is increasing. • Commission on the Prevention of WMD Proliferation and Terrorism (Dec 08) “The United States can expect a terror attack using nuclear or more likely biological weapons before 2013” • The Mumbai, India attack brought terrorism back into focus The Nationwide SAR Initiative will involve new processes, policies, training initiatives and public outreach. Technology will play a major role in providing the enabling infrastructure to support improved information sharing and agency collaboration. Over time, Case Management systems, Records Management systems, CAD systems, Analytics and Modelingsystems, etc, will all need modifications to support SAR information exchange standards beingtestednow. Whilefundingstreams are uncertainatthis point, if the Commisionis correct, that situation could change veryquickly and earlypositioningwillpay off.

  15. Questions? David LewisSenior Policy Advisor, BJA(202) 305-5618David.P.Lewis@usdoj.gov Don Sutherland SAR Proj Manager, IJIS (703) 726-2167 Don.Sutherland@ijis.org Thomas O’ReillySenior Policy Advisor, BJA(202) 353-8590Thomas.O’Reilly2@usdoj.gov

More Related