We have already stressed the importance of intelligence analysis that can draw
on all relevant sources of information. The biggest impediment to all-source
analysis-to a greater likelihood of connecting the dots-is the human or systemic
resistance to sharing information.

Information Sharing

The U.S. government has access to a vast amount of information. When databases not usually thought of as "intelligence," such as customs or immigration information, are included, the storehouse is immense. But the U.S. government has a weak system for processing and using what it has. In interviews around the government, official after official urged us to call attention to frustrations with the unglamorous "back office" side of government operations.

In the 9/11 story, for example, we sometimes see examples of information that could be accessed-like the undistributed NSA information that would have helped identify Nawaf al Hazmi in January 2000. But someone had to ask for it. In that case, no one did. Or, as in the episodes we describe in chapter 8, the information is distributed, but in a compartmented channel. Or the information is available, and someone does ask, but it cannot be shared.

What all these stories have in common is a system that requires a demonstrated "need to know" before sharing. This approach assumes it is possible to know, in advance, who will need to use the information. Such a system implicitly assumes that the risk of inadvertent disclosure outweighs the benefits of wider sharing. Those Cold War assumptions are no longer appropriate. The culture of agencies feeling they own the information they gathered at taxpayer expense must be replaced by a culture in which the agencies instead feel they have a duty to the information-to repay the taxpayers' investment by making that information available.

Each intelligence agency has its own security practices, outgrowths of the Cold War. We certainly understand the reason for these practices. Counterintelligence concerns are still real, even if the old Soviet enemy has been replaced by other spies.

But the security concerns need to be weighed against the costs. Current security requirements nurture overclassification and excessive compartmentation of information among agencies. Each agency's incentive structure opposes sharing, with risks (criminal, civil, and internal administrative sanctions) but few rewards for sharing information. No one has to pay the long-term costs of over-classifying information, though these costs-even in literal financial terms- are substantial. There are no punishments for not sharing information. Agencies uphold a "need-to-know" culture of information protection rather than promoting a "need-to-share" culture of integration.¹⁵

Recommendation: Information procedures should provide incentives for sharing, to restore a better balance between security and shared knowledge.

Intelligence gathered about transnational terrorism should be processed, turned into reports, and distributed according to the same quality standards, whether it is collected in Pakistan or in Texas.

The logical objection is that sources and methods may vary greatly in different locations. We therefore propose that when a report is first created, its data be separated from the sources and methods by which they are obtained. The report should begin with the information in its most shareable, but still meaningful, form. Therefore the maximum number of recipients can access some form of that information. If knowledge of further details becomes important, any user can query further, with access granted or denied according to the rules set for the network-and with queries leaving an audit trail in order to determine who accessed the information. But the questions may not come at all unless experts at the "edge" of the network can readily discover the clues that prompt to them.¹⁶

We propose that information be shared horizontally, across new networks that transcend individual agencies.

• The current system is structured on an old mainframe, or hub-and-spoke, concept. In this older approach, each agency has its own database. Agency users send information to the database and then can retrieve it from the database.
• A decentralized network model, the concept behind much of the information revolution, shares data horizontally too. Agencies would still have their own databases, but those databases would be searchable across agency lines. In this system, secrets are protected through the design of the network and an "information rights management" approach that controls access to the data, not access to the whole net-work. An outstanding conceptual framework for this kind of "trusted information network" has been developed by a task force of leading professionals in national security, information technology, and law assembled by the Markle Foundation. Its report has been widely discussed throughout the U.S. government, but has not yet been converted into action.¹⁷

Recommendation: The president should lead the government-wide effort to bring the major national security institutions into the information revolution. He should coordinate the resolution of the legal, policy, and technical issues across agencies to create a "trusted information network."

• No one agency can do it alone. Well-meaning agency officials are under tremendous pressure to update their systems. Alone, they may only be able to modernize the stovepipes, not replace them.
• Only presidential leadership can develop government-wide concepts and standards. Currently, no one is doing this job. Backed by the Office of Management and Budget, a new National Intelligence Director empowered to set common standards for information use throughout the community, and a secretary of homeland security who helps extend the system to public agencies and relevant private-sector databases, a government-wide initiative can succeed.
• White House leadership is also needed because the policy and legal issues are harder than the technical ones. The necessary technology already exists. What does not are the rules for acquiring, accessing, sharing, and using the vast stores of public and private data that may be available. When information sharing works, it is a powerful tool. Therefore the sharing and uses of information must be guided by a set of practical policy guidelines that simultaneously empower and constrain officials, telling them clearly what is and is not permitted.

"This is government acting in new ways, to face new threats," the most recent Markle report explains. "And while such change is necessary, it must be accomplished while engendering the people's trust that privacy and other civil liberties are being protected, that businesses are not being unduly burdened with requests for extraneous or useless information, that taxpayer money is being well spent, and that, ultimately, the network will be effective in protecting our security." The authors add: "Leadership is emerging from all levels of government and from many places in the private sector. What is needed now is a plan to accelerate these efforts, and public debate and consensus on the goals."¹⁸