Carrie Cordero on Questions to Ask After the Boston Attacks

By Wells Bennett
Sunday, April 28, 2013, 3:00 PM

Carrie Cordero, Georgetown’s Director of National Security Studies and a former Justice Department official, writes in with this piece on the Boston attacks and possible improvements to our approach to counterterrorism:

If the recent news reports are accurate (a leap of faith, but a necessary one for present purposes), then DNI Clapper's recent statement that "the dots were connected" is a little hard to take, given the outcome. Perhaps Boston proves what many in the business believe--that 100% success is simply not possible. But, given the changes to the law, bureaucratic structures and billions of dollars spent on counterterrorism efforts since 9/11, it seems reasonable to ask questions about whether the current system needs improvement. Given the facts that are out there to date, here are some questions those behind the closed committee doors might want to think about asking:

·         What is the process for closing an FBI preliminary investigation, and was that process followed? The answer to the first part is not complicated---it is contained in Attorney General Guidelines and accompanying internal FBI procedures. Whether the process was followed will take further inquiry.

·         More importantly, does closing a national security investigation require only a staff-level administrative determination, or is there a coordination requirement---with headquarters, and/or with relevant interagency partners? Is a coordination requirement feasible, or would it grind the system to a halt? Are cases opened and closed in a timely way? Are there bureaucratic disincentives for keeping cases open? For example, was this preliminary investigation kept open for the initial year allowable? Was it extended further in accordance with AG guidelines?

·         Were the requirements for a full investigation met at any point during the course of the investigation into Tamerlan Tsarnaev's activities? Did the preliminary investigation reveal additional facts regarding a threat he might pose, beyond the original information or allegation reportedly provided by a foreign government?

·         At any point in the process, is the opening and closing of investigations under-lawyered? Over-lawyered?

·         Was the interview of Tamerlan Tsarnaev that was reportedly conducted by the FBI coordinated with the Intelligence Community before or after the interview took place? If so, did thought and coordination go into asking the right questions? Sending a knowledgeable interviewer? If not, should it have been? If not, is this level of coordination unreasonable to expect? To think about?

·         Does NCTC have the legal authority to access all the information it needs? Over the years, NCTC has worked with the Department of Justice and the Intelligence Community to slowly gain access to specific agency information and datasets. As of 2013, is there still counterterrorism-related information that NCTC does not have, that it might need to fulfill its mission?

·         How many analysts--across the IC and within each agency--spend much of their time writing strategic level reports versus working on operational matters and specific cases? Is it too much? While strategy is important, operational case work is critical. It would be interesting to know if we're too heavy on big thinking and too short on case work.

·         Did budget cuts due to sequestration play any role in reducing or affecting the physical security support by federal agencies at the marathon?

·         Did DHS intelligence analytic components have a role to play in collating information known about Tamerlan Tsarnaev? Should they have? If not, should DHS reduce its analytic corps and redirect resources to other core functions?

·         Are community-wide analytical sharing mechanisms/platforms being used? Were they used in this case?

·         Is joint duty in the IC being implemented robustly and effectively? Are the agencies sending their best and brightest to NCTC? How is the IC balancing managing daily crises with monitoring routine cases?

·         Is legislation needed to extend the so-called "lone wolf" provision of FISA that enables electronic surveillance of individuals engaged in international terrorism but not affirmatively connected to an international terrorist organization, to U.S. persons? (This is a moot point in the Boston case if there was no predicate for a full investigation, but it is relevant to efforts to prevent future "self-radicalized" terrorists.)

And finally (for now), here's the big picture community cultural question: are there too many rules, procedures, processes, administrative consequences, offices, and people involved in this work at this point, and, above all, too much reliance on secure email and electronic communications, that those doing counterterrorism work are missing a critical ingredient: sitting around the table with colleagues, shouting across the cubicles, and, basically, talking to one another? Sometimes it takes a particular combination of knowledge, experience, gut feeling, willingness to press an issue, or perseverance to set up that seven-participant Secure Video Teleconference (and have it work!) to discuss a particular case that can make the difference. Have we bogged down the system with too much reliance on databases and so many layers of management, rules, procedures, protocols and processes that no one picked up the phone to their counterparts and said, "hey, what do you think of this guy?" Or, maybe, there was just no there, there.