Nationalwide Suspicious Activity Reporting Initiative

The Nationwide Suspicious Activity Reporting (SAR) Initiative (NSI) is a program of the United States Government used to collect and share reports of suspicious activity by people in the United States. The Nationwide SAR Initiative (NSI) builds on what law enforcement and other agencies have been doing for years — gathering information regarding behaviors and incidents associated with criminal activity — but without the customary restrictions on collecting data on individuals in the absence of reasonable suspicion or probable cause. The program has established a standardized process whereby SARs can be shared among agencies to help detect and prevent terrorism-related criminal activity. This process is in direct response to the mandate to establish a “unified process for reporting, tracking, and accessing [SARs]” in a manner that rigorously protects the privacy and civil liberties of Americans, as called for in the 2007 National Strategy for Information Sharing (NSIS). Reports of suspicious behavior noticed by local law enforcement or by private citizens are forwarded to state and major urban area fusion centers as well as DHS and the FBI for analysis. Sometimes this information is combined with other information to evaluate the suspicious activity in greater context. The program is primarily under the direction of the US Department of Justice.

Background
Suspicious activity is defined in the ISE-SAR Functional Standard (ISE-SAR FS) Version 1.5 as “observed behavior reasonably indicative of pre-operational planning related to terrorism or other criminal activity.” It is important to note that the NSI is a behavior-focused approach to identifying suspicious activity. Factors such as race, ethnicity, national origin, or religious affiliation are NOT considered as factors that create suspicion (except if used as part of a specific suspect description). The behaviors outlined in the ISE-SAR FS were identified by subject-matter experts; validated through implementation in the Los Angeles, California, Police Department and the application of ten years of State and Local Anti-Terrorism Training (SLATT®) Program experience; and then adjusted based on input by privacy advocacy representatives. At the completion of this process, in May 2009, the ISE-SAR FS was published, with the entire SAR process anchored on behaviors of suspicious activity, not ethnicity, race, or gender.

The NSI is currently being implemented through a partnership between the national network of fusion centers and key federal agencies that will coordinate with law enforcement officers in their states. This partnership spans the spectrum of customized technology solutions and includes training and the development of comprehensive privacy, civil rights and civil liberties policies at both the federal and fusion center levels. This approach also provides for a decentralized process that respects the state’s unique requirements but maintains national standards that permit the interoperability of information exchanges and the consistent application of a privacy framework, and is consistent with the allocation of responsibilities to the 72 designated State and major urban area fusion centers.

On December 17, 2009, the U.S. Department of Justice was named the Executive Agent to establish and operate the Program Management Office (PMO) for the NSI, taking on responsibility for coordinating existing resources and managing additional support to further develop and deploy the NSI. In March 2010, the PMO was established within the Bureau of Justice Assistance. This interagency office, led by senior staff from the Bureau of Justice Assistance, Department of Homeland Security (DHS), and Federal Bureau of Investigation (FBI), also coordinates closely with other federal, state, local, and tribal partners.

The goal of the PMO is to facilitate the implementation of the NSI across all levels of government, and assist participating agencies to adopt compatible processes, policies, and standards that foster broader sharing of SARs, while ensuring that privacy and civil liberties are protected in accordance with local, state, and federal laws and regulations. Primary functions of the Program Management Office include advocating on behalf of the NSI, providing guidance to participants at all levels, and coordinating various efforts within the NSI. Given the criticality of privacy and civil liberties issues, the PMO works collaboratively with, and is supported by, the DOJ Privacy and Civil Liberties Office.

NSI Training
To ensure that the behavior-focused approach that is outlined in the ISE-SAR Functional Standard is institutionalized, the NSI created a multifaceted training approach designed to increase the effectiveness of federal, state, local, and tribal law enforcement professionals in identifying, reporting, evaluating, and sharing pre-incident terrorism indicators to prevent acts of terrorism. There are currently three briefings/trainings available through the NSI PMO, with several others under development: Law enforcement executives play a vital role in ensuring that the SAR process is not only successfully implemented but effectively supported. The SAR Executive Briefings focus on executive leadership, policy development, privacy and civil liberties protections, agency training, and community outreach. Fusion centers, law enforcement professional associations, and additional entities conduct these types of briefings in a variety of venues. Ensuring that SARs are properly reviewed and vetted is critical to promoting the integrity of information submitted; protecting citizens’ privacy, civil rights, and civil liberties; and successfully implementing the SAR process. The SAR Analytic Role Training focuses on the evaluation of SARs to identify behaviors that may be associated with pre-incident terrorism planning and the process for sharing terrorism-related SARs nationwide. Through this curriculum, analysts and investigators are trained to recognize terrorism-related pre-incident indicators and to validate—based on a combination of knowledge, experience, and available information—whether the behavior has a potential nexus to terrorism and meets criteria for submission. The training is delivered in an eight-hour workshop format. Frontline law enforcement personnel are trained to recognize behavior and incidents that may indicate criminal activity associated with terrorism. Their routine duties position them to observe and report suspicious behaviors or activities. The SAR Line Officer Training focuses on the critical role line officers have in the effective implementation of the SAR process by identifying and documenting suspicious activity. To efficiently deliver training to a large number of line officers in a timely manner, this training is delivered through a 15-minute CD that has been posted to several online/distance-learning formats.
 * Executive Briefing
 * Analytic Training
 * Line-Officer Training

Privacy, Civil Rights, and Civil Liberties Protections
NSI program administrators claim they are aware of the importance of protecting the personal privacy, civil rights, and civil liberties of all Americans, and in response have developed and implemented a comprehensive NSI Privacy Protection Framework that is required for agencies at all levels of government prior to participation in the NSI. Participating agencies must have an approved privacy policy that specifically addresses the SAR process; applies the protections outlined in the ISE-SAR Functional Standard (Version 1.5) and the ISE Privacy Guidelines; and participate in each of the three training programs described above. The NSI PMO also requires that participating fusion centers have policies that address how the center incorporates applicable state laws, agency rules, and regulations into the sharing of terrorism-related SAR information.

NSI Privacy Protection Framework
The NSI requires each site to consider privacy throughout the SAR process by fully adopting the following NSI Privacy Protection Framework prior to NSI participation:
 * Privacy policy: The adoption and implementation of an approved privacy policy that contains ISE-SAR privacy protections that are in compliance with required provisions contained in the ISE-SAR Privacy, Civil Rights, and Civil Liberties Protection Policy Template or the Fusion Center Privacy Policy Development: Privacy, Civil Rights, and Civil Liberties Policy Template. It is important to note that an NSI program requirement exists that requires sites to have a policy developed and adopted prior to the interstate sharing of ISE-SARs.
 * ISE-SAR Functional Standard: The application of the most current version of the ISE-SAR FS, which reinforces constitutional standards, including the protection of rights guaranteed by the First Amendment and limitations on the use of certain factors—including race, ethnicity, national origin, or religious affiliation—in the gathering, collecting, storing, and sharing of information about individuals. The standard also includes reliability indicators, included as a result of input from privacy advocates. The functional standard, through the use of Information Exchange Package Documentation (IEPD), allows the originating agency to include or not include fields that contain personal information based upon the agency’s rules and policies.
 * Privacy training: The delivery of privacy training, through which the ISE-SAR FS is effectively communicated to personnel with responsibilities in the ISE-SAR arena, ensures the proper application of this standard. Furthermore, to expedite privacy policy development and implementation, it is strongly recommended that NSI sites have access to the services of a trained privacy officer who is available to provide ongoing advice and assistance regarding the protection of privacy, civil rights, and civil liberties. Three levels of training have been developed for the NSI, all of which include privacy materials. The NSI training levels are chief executive, analyst investigator, and line officer.

SAR Vetting Process
A key aspect of the NSI is the SAR vetting process. Before an agency can move SARs from the agency systems to the ISE, two forms of vetting must occur. Supervisors who initially receive a SAR from law enforcement officers, public safety agencies, private sector partners, or citizens must initially review the SAR to determine whether it has a nexus to terrorism and whether it includes the behaviors identified in the ISE-SAR FS. Trained analysts must then analyze the SAR against the behaviors identified in the ISE-SAR FS. Throughout the vetting process, privacy, civil rights, and civil liberties are vigilantly and actively protected through the training that analysts receive and through the system attributes that are a part of the NSI.

Community Outreach
The success of the NSI largely depends on the ability of law enforcement agencies to earn and maintain the public’s trust, which is accomplished through a transparent process that addresses the concerns of citizens and by engaging collaboratively with advocacy groups. To support a fusion center’s efforts to interact with its community, as well as local law enforcement, the NSI Program Management Office (PMO) led the development and participation in the Building Communities of Trust (BCOT) initiative</I>. This initiative is designed to assist fusion centers in engaging community leaders in a dialogue about the center’s functions, including the SAR process, the NSI, and the need for interaction with community leaders. Outreach to advocacy groups has served an essential role in shaping the NSI Privacy Protection Framework and will continue to play an important role in the NSI as it moves forward.

System Attributes
In addition to multiple levels of SAR review by trained personnel, there are system attributes that support privacy protections for the gathering, collection, storage, and sharing of SAR information, such as:
 * Improved data standards for information sharing using the National Information Exchange Model (www.niem.gov).
 * Leveraging existing secure systems, networks, and resources, such as the Regional Information Sharing Systems®, Law Enforcement Online, the Homeland Security Information Network, the National Criminal Intelligence Resource Center (www.ncirc.gov), and the Federal Bureau of Investigation’s eGuardian system.
 * Built-in design privacy protections, such as user authentication, “investigative purposes only” disclosures upon log-in, articulated investigative reason for accessing the system, clearly stated “for official law enforcement use only” warning before system access, and audit logs for capturing search transactions.
 * Formatting in accordance with the ISE-SAR FS’s IEPD format, which includes the application of privacy fields.

Compliance Verification
The U.S. Department of Justice’s (DOJ) Global Justice Information Sharing Initiative Criminal Intelligence Coordinating Council developed the Privacy, Civil Rights, and Civil Liberties Compliance Verification for the Intelligence Enterprise</I>, which is a compliance verification document, for the purpose of assisting intelligence enterprises in complying with all applicable privacy, civil rights, and civil liberties protection laws, regulations, and policies while sharing appropriate intelligence and information needed to safeguard America.

Criticism
Under the program, a wide variety of data has been collected on tens of thousands of Americans who have not been accused of committing a crime. Reports of suspicious behavior noticed by local law enforcement, or even by private citizens, are forwarded to the program, and profiles are constructed of persons who are merely under suspicion, without any firm evidence or reasonable suspicion that a crime is being committed. It has been described as "a vast domestic spying network to collect information on Americans". According to the American Civil Liberties Union, the program's fusion centers "raise very serious privacy issues at a time when new technology, government powers and zeal in the "war on terrorism" are combining to threaten Americans' privacy at an unprecedented level."