Add files using upload-large-folder tool

markdown/misc/achieve.md

@@ -0,0 +1,108 @@
+Achieve and Maintain Cyberspace Superiority Command Vision for US Cyber Command
+
+## Us Challenge In Cyberspace Superiority In The Physical Domains In No Small Part Depends On Superiority In Cyberspace.
+
+Military superiority in the air, land, sea, and space domains is critical to our ability to defend our interests and protect our values. Achieving superiority in the physical domains in no small part depends on superiority in cyberspace. Yet we risk ceding cyberspace superiority. As the *2018 National Defense Strategy* explains, adversaries are increasingly capable of contesting and disrupting America's society, economy, and military. This is in part because of our growing reliance on cyberspace. Adversaries direct continuous operations and activities against our allies and us in campaigns short of open warfare to achieve competitive advantage and impair US interests. The cyberspace domain that existed at the creation of US
+Cyber Command (USCYBERCOM) has changed. Our adversaries have exploited the velocity and volume of data and events in cyberspace to make the domain more hostile. They have raised the stakes for our nation and allies. In order to improve security and stability, we need a new approach.
+
+## We Can Influence And Shape Adversary Behavior Through Persistent, Integrated Operations.
+
+As the nation's cyber warriors, USCYBERCOM operates daily in cyberspace against capable adversaries, some of whom are now near-peer competitors in this domain. We have learned we must stop attacks before they penetrate our cyber defenses or impair our military forces; and through persistent, integrated operations, we can influence adversary behavior and introduce uncertainty into their calculations. Our forces must be agile, our partnerships operational, and our operations continuous. Policies, doctrine, and processes should keep pace with the speed of events in cyberspace to maintain decisive advantage. Superior strategic effects depend on the alignment of operations, capabilities, and processes, and the seamless integration of intelligence with operations. Now we must apply this experience by scaling to the magnitude of the threat, removing constraints on our speed and agility, and maneuvering to counter adversaries and enhance our national security. This document is a roadmap for USCYBERCOM to achieve and maintain superiority in cyberspace as we direct, synchronize, and coordinate cyberspace planning and operations to defend and advance national interests in collaboration with domestic and foreign partners. As a Unified Combatant Command, we will demonstrate our resolve against cyberspace threats. We will unify cyberspace operations. We will secure networks, platforms, and data. We will expand the military options available to national leaders and operational commanders.
+
+This document supports the *2018 National Defense Strategy* by posturing USCYBERCOM to counter increasingly aggressive competitors and builds on the Commander's Vision, *Beyond the Build: Delivering Outcomes through Cyberspace*
+(June 2015).
+
+## Strategic Context
+
+The security of the United States and our allies depends on international stability and global prosperity. The spread of technology and communications has enabled new means of influence and coercion. Adversaries continuously operate against us below the threshold of armed conflict. In this "new normal," our adversaries are extending their influence without resorting to physical aggression. They provoke and intimidate our citizens and enterprises without fear of legal or military consequences. They understand the constraints under which the United States chooses to operate in cyberspace, including our traditionally high threshold for response to adversary activity. They use this insight to exploit our dependencies and vulnerabilities in cyberspace and use our systems, processes, and values against us to weaken our democratic institutions and gain economic, diplomatic, and military advantages.
+
+Cyberspace threats are growing. They transcend geographic boundaries and are usually trans-regional in nature. States possess resources and patience to sustain sophisticated cyber campaigns to penetrate even well-protected networks, manipulate software and data, and destroy data, computers, and systems. Russia, China, Iran, and North Korea invest in military capabilities that reduce our military's competitive advantages and compromise our national security. Some of these states have demonstrated the resolve, technical capability, and persistence to undertake strategic cyberspace campaigns, including theft of intellectual property and personally identifiable information that are vital to our defenses. Disruptive technologies will eventually accelerate our adversaries' ability to impose costs. Aggressive non-state actors like terrorists, criminals, and hacktivists pose lesser threats than states but can still damage our military capabilities and critical infrastructure, as well as endanger American lives. Violent extremist organizations, such as the Islamic State of Iraq and Syria, al-Qaida, and affiliated groups, are destabilizing whole regions, attacking our global interests, and endangering our homeland and citizens around the world. These groups use cyberspace to promote their ideology, inspire followers, and control operations that threaten our allies and us. Organized criminal groups provide cover for states and terrorists, and possess significant capabilities to steal data and disrupt government functions. Hacktivists work to expose classified information or impair government services. These malicious cyber actors frequently pose threats that law enforcement and diplomatic means cannot contain without military assistance.
+
+## Adversaries Operate Continuously Below The Threshold Of Armed Conflict To Weaken Our Institutions And Gain Strategic Advantages. Operating Environment
+
+Cyberspace is a fluid environment of constant contact and shifting terrain. New vulnerabilities and opportunities continually arise as new terrain emerges. No target remains static; no offensive or defensive capability remains indefinitely effective; and no advantage is permanent. Well-defended cyber terrain is attainable but continually at risk. Adversary offensive activities persist because opportunity costs are low, and accesses, platforms, and payloads can remain useful for extended periods.
+
+## In Cyberspace, Well-Defended Terrain Is Continually At Risk And Adversary Offensive Activities Persist.
+
+The underlying technologies and protocols of cyberspace enable both legitimate and malicious activities. Adversaries exploit and weaponize vulnerabilities to steal wealth and intellectual property, manipulate information, and create malicious software capable of disrupting or destroying systems. The constant innovation of disruptive technologies offers all actors new opportunities for exploitation. In this dynamic environment, the United States must increase resiliency, defend forward as close as possible to the origin of adversary activity, and persistently contest malicious cyberspace actors to generate continuous tactical, operational, and strategic advantage. We achieve success by seizing the initiative, retaining momentum, and disrupting our adversaries' freedom of action.
+
+## National Policy Framework
+
+As the *2018 National Defense Strategy* emphasizes, our ability to prevail in strategic competition requires the seamless integration of all instruments of national power. US cyberspace operations can make positive contributions to diplomatic power by providing fast, temporary, and reversible sanctions or communicating discreetly to the adversary. Cyberspace capabilities are key to identifying and disrupting adversaries' information operations. They facilitate overmatch of adversary military capabilities in all domains, expanding options for our decision makers and operational commanders, and producing integrated effects. Insights and threat information gleaned from operating in cyberspace can make key elements of economic power more resilient and defensible.
+
+## Cyberspace Operations Can Make Positive Contributions To Our Diplomatic, Information, Military, And Economic Levers Of Power.
+
+Whole-of-government approaches for protecting, defending, and operating in cyberspace must keep pace with the dynamics of this domain. We should not wait until an adversary is in our networks or on our systems to act with unified responses across agencies regardless of sector or geography. We cede our freedom of action with lengthy approval processes that delay US responses or set a very high threshold for responding to malicious cyber activities. Our adversaries maneuver deep into our networks, forcing the US government into a reactive mode after intrusions and attacks that cost us greatly and provide them high returns. This reactive posture introduces unacceptable risk to our systems, data, decision-making processes, and ultimately our mission success. The Department of Defense (DOD) is building the operational expertise and capacity to meet growing cyberspace threats and stop cyber aggression before it reaches our networks and systems. We need a policy framework that supports and enables these efforts.
+
+                  Achieve and maintain superiority in the
+                  cyberspace domain to influence adversary
+                  behavior, deliver strategic and operational
+                  advantages for the Joint Force, and defend
+                  and advance our national interests.
+VISION
+
+## Whole Of Government Efforts Must Keep Pace With This Dynamic Domain. Superiority Through Persistence We Will Operate Seamlessly, Globally, And Continuously.
+
+Superiority through persistence seizes and maintains the initiative in cyberspace by continuously engaging and contesting adversaries and causing them uncertainty wherever they maneuver.* It describes how we operatemaneuvering seamlessly between defense and offense across the interconnected battlespace. It describes where we operateglobally, as close as possible to adversaries and their operations. It describes when we operatecontinuously, shaping the battlespace. It describes why we operateto create operational advantage for us while denying the same to our adversaries. Cyberspace is an active and contested operational space in which superiority is always at risk. We sustain strategic advantage by increasing resiliency, defending forward, and continuously engaging our adversaries. Increased resiliency reduces our attack surface at home, anticipates adversary actions, and increases flexibility in our response. Defending forward as close as possible to the origin of adversary activity extends our reach to expose adversaries' weaknesses, learn their intentions and capabilities, and counter attacks close to their origins. Continuous engagement imposes tactical friction and strategic costs on our adversaries, compelling them to shift resources to defense and reduce attacks. We will pursue attackers across networks and systems to render most malicious cyber and cyber-enabled activity inconsequential while achieving greater freedom of maneuver to counter and contest dangerous adversary activity before it impairs our national power.
+
+WE SUSTAIN STRATEGIC ADVANTAGE BY
+INCREASING RESILIENCY, DEFENDING FORWARD, AND CONTINUOUSLY ENGAGING OUR
+ADVERSARIES.
+
+Through persistent action and competing more effectively below the level of armed conflict, we can influence the calculations of our adversaries, deter aggression, and clarify the distinction between acceptable and unacceptable behavior in cyberspace. Our goal is to improve the security and stability of cyberspace. This approach will complement the efforts of other agencies to preserve our interests and protect our values. We measure success by our ability to increase options for decision makers and by the reduction of adversary aggression.
+
+## Commander's Intent
+
+Our purpose is to achieve cyberspace superiority by seizing and maintaining the tactical and operational initiative in cyberspace, culminating in strategic advantage over adversaries. Our efforts will increase our freedom of maneuver, create friction for adversaries, and cause them to shift resources to defense. We will erode their belief that hostile activities in cyberspace against the United States and its allies are advantageous. We will meet the 2018 National Defense Strategy's mandate to hold adversaries accountable for cyber-attacks.
+
+## We Will Prepare, Operate, And Collaborate With Commands, Services, Departments, Allies, And Industry.
+
+USCYBERCOM will contribute to our national strategic deterrence. We will prepare, operate, and collaborate with combatant commands, services, departments, allies, and industry to continuously thwart and contest hostile cyberspace actors wherever found. We will attract new partners and strengthen ties with critical mission partnersparticularly the Defense Information Systems Agency (DISA), the National Security Agency (NSA), and the rest of the Intelligence Community. We will enable and bolster our partners. We will share our insights in order to anticipate evolving cyberspace threats and opportunities. We will keep policymakers and commanders apprised of cyberspace threats, the operating environment, and changes needed in policies and processes to achieve superiority. We will execute our new responsibilities that accompany elevation to a Unified Combatant Command, emphasizing mission and operational outcomes and enhancing the readiness of the nation's cyberspace military forces.
+
+We are one cyber enterprise.
+
+## The Following
+
+We empower our workforce.
+
+## Principles
+
+We champion integrated, scalable solutions.
+
+## Guide Us Cyber
+
+We compete by employing a long-term,
+campaign mindset.
+
+## Command
+
+We are risk aware, not risk averse.
+
+## Imperatives
+
+The following imperatives support this guidance. Our imperatives are mutually supporting, with success in one enhancing success in the others. They dictate what we must do in order to retain the initiative in cyberspace. Attaining and sustaining these imperatives creates uncertainty for our adversaries and makes them hesitate to confront the United States. We must identify obstacles to achieving our goals, develop and implement plans to overcome those obstacles, and establish meaningful metrics to gauge our progress.
+
+IMPERATIVE 1: **Achieve and sustain overmatch of adversary capabilities.** Anticipate and identify technological changes, and exploit and operationalize emerging technologies and disruptive innovations faster and more effectively than our adversaries. Rapidly transfer technologies with military utility to scalable operational capabilities. Enable our most valuable assetsour peoplein order to gain advantages in cyberspace. Ensure the readiness of our forces.
+
+IMPERATIVE 2: **Create cyberspace advantages to enhance operations in all domains.** Develop advantages in preparation for and during joint operations in conflict, as well as below the threshold of armed conflict. Integrate cyberspace capabilities and forces into plans and operations across all domains.
+
+## Imperatives
+
+PRINCIPLES
+ONE ENTERPRISE
+EMPOWERED WORKFORCE
+IMPERATIVE 3: Create information advantages to support operational outcomes and achieve strategic impact. Enhance information warfare options for Joint Force commanders. Integrate cyberspace operations with information operations. Unify and drive intelligence to support cyberspace operations and information operations. Integrate all intelligence capabilities and products to improve mission outcomes for the Joint Force and the nation.
+
+IMPERATIVE 4: **Operationalize the battlespace for agile and responsive maneuver.** Facilitate speed and agility for cyberspace operations in policy guidance, decision-making processes, investments, and operational concepts. Ensure every processfrom target system analysis to battle damage assessment, from requirements identification to fielded solutions, and from initial force development concepts to fully institutionalized force-management activitiesaligns to the cyberspace operational environment.
+
+IMPERATIVE 5: **Expand, deepen, and operationalize partnerships.** Leverage the talents, expertise, and products in the private sector, other agencies, Services, allies, and academia. Rapidly identify and understand cyberspace advances wherever they originate and reside. Increase the scope and speed of private sector and interagency threat information sharing, operational planning, capability development, and joint exercises. Enable and bolster our partners.
+
+## Risk Mitigation
+
+The approach described in this document entails two primary risks. The first concerns the employment of a high-demand, low-density maneuver force. The prioritization of highly capable states and violent extremists means the Command will devote comparatively fewer resources and less attention to other cyber actors. The Command will seek to mitigate this risk indirectly by increasing resiliency in DOD systems against all threats in order to render most malicious activity inconsequential, and directly by sharing intelligence and operational leads with partners in law enforcement, homeland security (at the federal and state levels), and the Intelligence Community. The second risk is diplomatic. We recognize that adversaries already condemn US efforts to defend our interests and allies as aggressive, and we expect they will similarly seek to portray our strategy as "militarizing" the cyberspace domain. The Command makes no apologies for defending US interests as directed by the President through the Secretary of Defense in a domain already militarized by our adversaries. To the maximum extent possible, we will operate in concert with allies and coalition partners. We will also explain to oversight entities and the public the nature of threats in cyberspace, the threatening conduct of our adversaries, the limitations of passive defenses, and our scrupulous regard for civil liberties and privacy. Mitigation of these primary risks will occur in parallel with the Command's assumption of unified combatant command status and, if directed, its conditions-based approach to termination of the current dual-hat command relationship with the NSA. Regardless of whether, when, or how the "dual hat" terminates, however, we will adopt a comprehensive risk management approach to maintain synergy between operational objectives and the intelligence required to inform and sustain effective cyberspace operations.
+
+## Implementation
+
+This guidance informs our operations, structure, and resource requirements. The Functional Campaign Plan for Cyberspace operations (FCP-CO) constitutes the implementation plan for this guidance. The FCP-CO is a living document requiring regular updates to reflect changes in priorities, doctrine, capabilities, and the operating environment. The FCP-CO Assessment is the process for assessing implementation, and for discovering, validating, and approving changes to drive continuous improvement. The USCYBERCOM Chief of Staff will oversee the assessment function, and all campaign plan assessments are to be reported to the USCYBERCOM Commander. The key to  success is execution, and everyone has a part in this effort. Each Service cyber component, Joint Force headquarters, and staff directorate should embrace this guidance, communicate it to the workforce, work to implement it, and ensure all personnel understand their role and functionsall the while providing direct feedback on the effectiveness of its execution.
+
+This Page Intentionally Left Blank

markdown/misc/bis-ap.md

@@ -0,0 +1,405 @@
+# Issues Related To The Bureau Of Industry And Security's Budget And Responsibilities For International Treaty Implementation And Compliance Bureau Of Industry And Security
+
+Final Briefing No. IPE-19463
+October 2008
+Office of Audit and Evaluation UNITED STATES DEPARTMENT OF COMMERCE
+The Inspector General Washington, **D.C.** 20230
+
+ .*"
+    OF%+
+{ !@!
+       $ *
+
+October 7,2008
+
+The Honorable Daniel K. Akaka
+Chairman
+Subcommittee on Oversight of Government Management,
+ the Federal Workforce, and the District of Columbia
+Committee on Homeland Security and Governmental Affairs
+SH-605, Hart Senate Office Building
+Washington, DC 205 10
+
+Dear Senator Akaka:
+
+My office has completed the review that you requested on June 9,2008. You asked that
+we investigate budget management practices in the Bureau of Industry and Security (BIS)
+related to international treaty implementation and compliance activities. We met with
+your staff on September 30,2008, to present the results of our review.
+
+To summarize our findings, conference report language accompanying the FY 2006
+appropriations bill stated that the funding previously spent on international treaty
+implementation and compliance activities could now be spent on "national security
+related programs." Based on this language, BIS started funding other programs with the
+funding previously dedicated to the Treaty Compliance Division. With regard to the
+Chemical Weapons Convention attache being curtailed from his posting in The Hague,
+this action was taken by BIS management due to what it described as budget constraints.
+We found that funding was available, but was used instead by BIS for other national
+security programs. Finally, we found that the electronic system to compile the U.S.
+Additional Protocol (AP) declaration would not have been ready in time to accept the
+first round of submissions from U.S. industry in late 2008 even if spending on the project
+had continued. The development of the system had not been well managed-it
+                                                                          was only
+35 percent complete in January 2008 when BIS stopped any further work on it.
+Reverting to a paper-based process for the AP declaration is inefficient, but in speaking
+to all the agencies involved in AP implementation, none of them felt'it would have any
+impact on the submission of the initial AP declaration to the International Atomic Energy
+Agency.
+
+We have enclosed a copy of our briefing and an identical letter has been sent to Senators
+Biden and Lugar. If you have any questions, please feel free to contact me at (202) 482-
+4661 or Lisa Allen, Deputy Assistant Inspector General for Inspections and Program
+Evaluations, at (202) 482-5422.
+
+Sincerely,
+
+          ' /
+Todd J. Zinser
+
+Enclosure UNITED STATES DEPARTMENT OF COMMERCE
+The Inspector General Washington, **D.C.** 20230
+--
+October 7,2008
+**N OF *co%* "
+%-,C
+
+The Honorable Joseph R. Biden, Jr.
+Chairman
+Committee on Foreign Relations
+SD-439, Dirksen Senate Office Building
+Washington, DC 205 10-6225
+
+Dear Senator Biden:
+
+My office has completed the review that you requested on June 9,2008. You asked that
+we investigate budget management practices in the Bureau of Industry and Security (BIS)
+related to international treaty implementation and compliance activities. We met with
+your staff on September 30,2008, to present the results of our review.
+
+To summarize our findings, conference report language accompanying the FY 2006
+appropriations bill stated that the funding previously spent on international treaty
+implementation and compliance activities could now be spent on "national security
+related programs." Based on this language, BIS started funding other programs with the
+funding previously dedicated to the Treaty Compliance Division. With regard to the
+Chemical Weapons Convention attach6 being curtailed from his posting in The Hague,
+this action was taken by BIS management due to what it described as budget constraints.
+We found that funding was available, but was used instead by BIS for other national
+security programs. Finally, we found that the electronic system to compile the U.S.
+Additional Protocol (AP) declaration would not have been ready in time to accept the
+first round of submissions from U.S. industry in late 2008 even if spending on the project
+had continued. The development of the system had not been well managed-it
+                                                                          was only
+35 percent complete in January 2008 when BIS stopped any further work on it.
+Reverting to a paper-based process for the AP declaration is inefficient, but in speaking
+to all the agencies involved in AP implementation, none of them felt it would have any
+impact on the submission of the initial AP declaration to the International Atomic Energy
+Agency.
+
+We have enclosed a copy of our briefing and an identical letter has been sent to Senators
+Akaka and Lugar. If you have any questions, please feel free to contact me at (202) 482-
+4661 or Lisa Allen, Deputy Assistant Inspector General for Inspections and Program
+Evaluations, at (202) 482-5422.
+
+Sincerely,
+
+Todd J. Zinser
+
+Enclosure UNITED STATES DEPARTMENT OF COMMERCE
+The Inspector General Washington, D.C. 20230
+
+          OF %+
+d !$f \
+     ep
+ %.- s
+
+                                                                                                                                           - --
+October 7,2008
+
+The Honorable Richard G. Lugar
+Ranking Member
+Committee on Foreign Relations
+SD-439, Dirksen Senate Office Building
+Washington, DC 205 10-6225
+
+Dear Senator Lugar:
+
+My office has completed the review that you requested on June 9, 2008. You asked that
+we investigate budget management practices in the Bureau of Industry and Security (BIS)
+related to international treaty implementation and compliance activities. We met with
+your staff on September 30,2008, to present the results of our review.
+
+To summarize our findings, conference report language accompanying the FY 2006
+appropriations bill stated that the funding previously spent on international treaty
+implementation and compliance activities could now be spent on "national security
+related programs." Based on this language, BIS started funding other programs with the
+funding previously dedicated to the Treaty Compliance Division. With regard to the
+Chemical Weapons Convention attach6 being curtailed from his posting in The Hague,
+this action was taken by BIS management due to what it described as budget constraints.
+We found that funding was available, but was used instead by BIS for other national
+security programs. Finally, we found that the electronic system to compile the U.S.
+Additional Protocol (AP) declaration would not have been ready in time to accept the
+first round of submissions from U.S. industry in late 2008 even if spending on the project
+had continued. The development of the system had not been well managed-it
+                                                                          was only
+35 percent complete in January 2008 when BIS stopped any further work on it.
+Reverting to a paper-based process for the AP declaration is inefficient, but in speaking
+to all the agencies involved in AP implementation, none of them felt it would have any
+impact on the submission of the initial AP declaration to the International Atomic Energy
+Agency.
+
+We have enclosed a copy of our briefing and an identical letter has been sent to Senators
+Akaka and Biden. If you have any questions, please feel free to contact me at (202) 482-
+4661 or Lisa Allen, Deputy Assistant Inspector General for Inspections and Program
+Evaluations, at (202) 482-5422.
+
+Sincerely,
+
+Todd J. Zinser
+
+Enclosure
+
+# Briefing For U.S. Senate Requesters
+
+Issues Related to the
+Bureau of Industry and Security's
+Budget and Responsibilities for
+International Treaty
+Implementation and Compliance
+
+## Background
+
+- The President's Budget Request for FY 2008 included $78.78
+million to fund BIS programs. Both the House and Senate marks were at this same funding level.
+- On December 18, 2007, the consolidated appropriations act
+passed, which included a $72.85 appropriation for BIS.  This was approximately 8 percent less than the President's request.
+- In May 2008, Congress approved a $2.1 million transfer from
+other Commerce accounts to BIS.  According to BIS management, this additional funding enabled it to fill key management positions and avoid rolling staff furloughs.
+- On June 8, 2008, Senators Akaka, Biden, and Lugar
+requested that the Commerce OIG review several decisions BIS made as a result of the cut to its FY 2008 budget.  The OIG agreed to address the questions listed on the next slide.
+
+## Senate Questions
+
+(1)
+Since 2006, what has the "inspections and other activities related to
+national security" (Category B) subset been spent on?  Has money from that subset been spent on areas other than international treaty responsibilities?
+(2)
+What is the history of the Commerce/BIS attache to the Organization for
+the Prohibition of Chemical Weapons (OPCW)?  How did it come about and how was the position funded? What was BIS' rationale for pulling the attache from The Hague?
+(3)
+What is the status of compiling the United States' Additional Protocol (AP)
+declaration?  What is the deadline for filing the declaration?  Will the deadline be missed and if yes, why?  What are BIS' specific responsibilities regarding the AP declaration?
+(4)
+What funding has been directed to creating an electronic system to
+compile the necessary data for the AP declaration and what is the status
+of the system? What are the consequences of stopping work on the
+system and returning to a paper system? Was a cost-benefit analysis completed before making this decision?
+(5)
+Was a cost-benefit analysis made before moving the Treaty Compliance
+Division from Rosslyn, Virginia into the main Commerce building?
+
+## Findings: Category B Spending
+
+-
+The "inspections and other activities related to national security" subset
+(Category B) of the base BIS appropriation first appeared in the FY 1998
+Commerce, Justice, State appropriations act.  This exact language, to describe the Category B funds, has been in every appropriations act since.
+[Note: The FY 1998-2008 history of BIS' base appropriation and the Category B subset is included as an Appendix to this briefing.]
+-
+Prior to FY 2006, Category B funds were primarily used to fund BIS'
+international treaty implementation and compliance programs, which were housed in the Treaty Compliance Division (TCD).
+-
+In FY 2006, the Category B funding increased from $7.2 million to $14.77 million. The conference report stated that these funds were for "national
+security related programs." Based on this language, BIS began to fund other national security related programs, in addition to TCD, with Category B funds, including:
+- Office of Strategic Industry and Economic Security, - Office of Technology Evaluation, - Overseas export control attache program, - End-use check program, and - Seized computer evidence recovery program.
+
+## Findings: Category B Spending
+
+-
+The FY 2008 President's Budget submission did not specifically list an amount to be
+spent on international treaty compliance activities.  The FY 2006 and FY 2007 President's Budget submissions stated that $7.2 million was dedicated to BIS' Performance Goal 2"Ensure U.S. Industry Compliance with the Chemical Weapons Convention."
+-
+Our analysis found that BIS obligations for TCD's international treaty programs declined by about $200,000 in FY 2006.  More significant reductions occurred in FYs 2007 and 2008.
+
+Fiscal
+Year
+Total TCD Obligations,
+Including Overhead
+Percentage Decline
+Over FY 2005 Baseline
+2005
+$5,736,529
+NA
+2006
+$5,510,514
+4%
+2007
+$3,596,193
+37%
+20081
+$3,277,822
+43%
+
+1: OIG estimate of full year, based on figures as of August 31, 2008 (11 months of FY).
+
+-
+Our analysis indicates that BIS did not spend $7.2 million on TCD's programs during
+the past several years. However, determining the exact amount of obligations that should be allocated to TCD would require a detailed cost allocation audit, which was beyond the scope of this analysis.
+-
+According to BIS management, despite the reduced spending on TCD's programs, all CWC inspections have been completed on time and all declarations have been submitted on time.  Additionally, BIS is also helping industry meet its obligations under the CWC and completed two requested site assistance visits in FY 2008.
+
+## Findings: Cwc Attache
+
+- The Organization for the Prohibition of Chemical Weapons (OPCW),
+located in The Hague, The Netherlands, has the mission of monitoring the implementation of the CWC Treaty, which entered into force in 1997.
+- The United States maintains a permanent on-site delegation to the
+OPCW, which is currently led by Ambassador Eric M. Javits.
+- Presidential Decision Directive/NSC-70 (1999) states the Department
+of Commerce shall "provide members of the U.S. Delegation to the OPCW, including an Alternate Permanent U.S. Representative to the OPCW, who will be resident in The Hague."
+- BIS, the Commerce bureau with the lead on CWC implementation,
+sent the first CWC attache to The Hague in September 1999.
+- Other than a brief, two-month period in 2005, when the incumbent
+attache unexpectedly resigned, the position had been continually filled until August 2008.
+- BIS paid for the CWC attache position with Category B funds.
+
+## Findings: Cwc Attache
+
+- In February 2008, BIS management decided to curtail the
+assignment of the attache due to budget constraints.  Because many of the costs to keep the attache and his family in The Hague for FY 2008 had already been paid, it was decided to curtail his assignment on/about July 15, 2008. The attache's 3-year posting was due to finish in October 2008, so he was effectively curtailed 3 months early.
+- There were no significant cost savings in FY 2008 resulting from this
+decision. BIS reported to us that it made the decision out of concern for its FY 2009 budget situation. Specifically, BIS would have had to commit funds (e.g., housing, school, overhead expenses, etc.) to the State Department in FY 2008 in order to keep the attache in The Hague for FY 2009. However, BIS did not believe it was prudent to do this given the continuing uncertainty of the bureau's budget and the likelihood of a lengthy continuing resolution due to the Presidential election and a new Administration.
+
+## Findings: Cwc Attache
+
+-
+According to BIS management, they have committed to filling the vacant
+CWC attache position as soon as sufficient funding becomes available. Based on our analysis, the decision not to fund the CWC attache was a management decisionCategory B funding was available but BIS chose to spend those funds on other national security programs.
+-
+BIS management also told us that they will send staff to key CWC meetings,
+as funds permit. For example, they are sending a staffer to the CWC Executive Council meeting in The Hague in October 2008.
+-
+In late August 2008, we spoke to Ambassador Javits who expressed concern
+about the effectiveness of the U.S. delegation to the OPCW without the Commerce CWC attache. Specifically:
+- The U.S. has some momentum after a successful CWC Review
+Conference in April 2008.  This Conference is held once every 5 years and it spawned a number of opportunities to negotiate changes to the treaty that the U.S. either proposed or supports.  Thus, the Ambassador expected that the remainder of FY 2008 and FY 2009 would be a very busy period for the delegation.
+- Many of the opportunities involve addressing shortcomings in the treaty
+related to the commercial chemical industry.  The State attache and DOD attache will do their best to represent U.S. industry interests, but without the assistance of a knowledgeable Commerce attache who is intimately familiar with the U.S. chemical industry, the Ambassador fears U.S. influence during negotiations on industry-related issues will decrease significantly.
+-
+There is currently no "deadline" for filing the first Additional Protocol (AP)
+declaration because the U.S. has not deposited its instrument of ratification of the AP with the International Atomic Energy Agency (IAEA).
+-
+According to BIS officials, the President has indicated that he would like to
+do so before the end of his term.  Thus, the interagency working group (State, Defense, Energy, Commerce, the Attorney General, and the Nuclear Regulatory Commission) is working to have all necessary requirements completed by December 31, 2008.
+-
+Once the instrument of ratification to the AP is deposited, the first U.S.
+declaration under the AP will be due to the IAEA in 180 days.
+-
+There are five key requirements that must be met before the President can deposit the instrument of ratification to the AP.  Three have been completed:
+(1)
+Ratificationthe U.S. signed the AP to the U.S./IAEA Safeguards on
+June 12, 1998, and the Senate provided its advice and consent, with two conditions, on March 31, 2004.
+(2)
+Enactment of Implementing Legislationon December 18, 2006, the President signed the United States Additional Protocol Implementation Act (Public Law 109-401).
+(3)
+Issuance of an Executive Orderon February 5, 2008, the President signed an Order directing the responsible agencies to issue regulations and take other necessary actions to implement the *Act* and meet U.S.
+obligations under the AP.
+- The final two requirements that must be met before the President
+can deposit the instrument of ratification to the AP are:
+(4)
+Issuance of Agency Regulationsby the Departments of Commerce (for provisions of the AP affecting U.S. industry and others not regulated by the NRC), Defense, and Energy, and by the NRC.
+(5)
+Certification of Senate Conditionsthe President must certify that the two conditions added by the Senate, involving national security exclusions and site vulnerability assessments of locations with direct national security significance, will be met within 180 days after the deposit of the instrument of ratification.
+- Status of Commerce's Implementing RegulationsBIS issued its
+draft AP implementing regulations on July 25, 2008. The 30-day comment period closed August 25, 2008. BIS plans to issue the final regulation by late October or early November 2008.  Entities subject to the regulation must declare their civil nuclear fuel-cycle activities to BIS within 30 days of the final AP regulation being issued.
+- Status of Other Agencies' Implementing
+RegulationsThe regulations that must be issued by Defense, Energy, and NRC are either (1) on target to be issued in time to support the President depositing the instrument of ratification prior to leaving office or (2) do not have a bearing on the President being able to make the deposit.
+- Status of Certifying the Senate's Two Conditions
+Because the work to meet the conditions has just begun, it is unclear when the Secretaries of Defense and Energy will be able to provide the President with the necessary assurances that the two Senate conditions can be met.
+- Once the instrument of ratification is deposited, the National
+Security Presidential Directive (NSPD) 57 states that BIS will be responsible for:
+- (U) Combining the civil nuclear fuel-cycle related filings it
+previously received (in the 30-day period after the publication of its final AP implementing regulations) with the filings from Defense, Energy, and the NRC to form the
+basis for the initial U.S. declaration.
+- (U) Providing IAEA inspectors with complementary access
+to declared commercial locations and obtaining necessary administrative warrants for IAEA inspector complementary access.
+- This second responsibility won't start until sometime after
+the initial declaration is filed with the IAEA.
+
+## Findings: Ap Reporting System
+
+- Starting in 2004, BIS began developing the Additional Protocol
+Reporting System (APRS), an electronic system to collect declarations from both industry and government filers subject to the AP and compile them into an overall U.S. declaration for submission to the IAEA. BIS estimated it would take about 2 years and $2.0 million to develop and complete APRS.
+- In January 2008, BIS management stopped development of
+APRS due to budget constraints.  TCD was directed to revert to a paper-based system for collecting declarations and compiling the overall U.S. declaration for submission to the IAEA. BIS did not do a cost-benefit analysis of reverting to a paper-based process.
+- Approximately $1.6 million had been expended on APRS at the
+point development was halted.
+- Even if BIS had continued development of APRS in its existing
+design, and had sufficient funds to do so, the system would not have been ready in time to accept the first round of declarations in late 2008.
+
+## Findings: Ap Reporting System
+
+- In February 2008, the BIS Chief Information Officer brought in an
+outside consultant to provide a technical assessment of APRS and determine whether the development effort could be salvaged. The consultant found that the overall project was only 35 percent complete and much of the necessary lifecycle management documentation was non-existent.
+- The consultant recommended that APRS be abandoned in favor of a
+new design that would be in compliance with BIS' security, architecture, and lifecycle management requirements.
+- BIS management acknowledges that reverting to a paper-based
+process for the AP declarations is inefficient. But, they are confident the initial U.S. declaration, as well as subsequent declarations, will be submitted on time and in the format required by the IAEA.
+- We spoke to cognizant officials at each of the agencies involved in
+the AP implementation and they all told us that a paper process for AP declarations is laborious and cumbersome. However, they do not believe it will impact the initial IAEA submission.
+
+## Findings: Tcd Move
+
+- According to BIS management, the decision to move TCD from
+Rosslyn, Virginia, to the main Commerce building in May 2008 was largely driven by the FY 2008 budget situation. However, BIS reportedly had been contemplating such an action for the past few years given TCD's shrinking space requirements.
+- No formal cost-benefit analysis of this decision was done.
+However, BIS did provide us with some rough calculations that
+showed consolidating TCD into existing BIS space in the main Commerce building ($140,024 annual cost) would be less expensive than continuing to rent separate space in Rosslyn ($261,423 annual cost). The cost of vacating the Rosslyn space and moving personnel and equipment to the main Commerce building was $26,200.
+- According to BIS management, some savings were also realized
+from eliminating TCD's separate IT-support contract and bringing that work under the BIS Chief Information Officer's IT-support contract.
+
+## Appendix: Bis Appropriations Fys 1998-2008
+
+Fiscal
+Year
+Base BIS Appropriation3
+Category B1 Subset of
+Base BIS Appropriation
+1998
+$43,900,000
+$1,900,000
+1999
+$52,231,000
+$1,877,000
+2000
+$54,038,000
+$1,877,000
+2001
+$64,854,000
+$7,250,000
+2002
+$68,893,000
+$7,250,000
+2003
+$74,653,000
+$7,250,000
+2004
+$68,203,000
+$7,203,000
+2005
+$68,393,000
+$7,200,000
+2006
+$76,000,000
+$14,767,000
+20072
+$75,393,000
+$14,767,000
+2008
+$72,855,000
+$13,627,000
+
+1: Category B is for "inspections and other activities related to national security."
+
+2: Figures obtained from the Department, instead of applicable Public Law, due to full
+year continuing resolution.
+3: Does not include any rescissions, carryover, recoveries, or transferred funds.
+Note:  Between FYs 1998 and 2002, BIS was also provided funding in its base appropriation for its work toward CWC implementation. The high amount was $3.4 million in FY 2000.

markdown/misc/bowman.md

@@ -0,0 +1,150 @@
+Reprinted from INTELLIGENCER:
+Journal of U.S. Intelligence Studies.
+Winter/Spring 2003, Vol. 13, no. 2, pp. 13-18.
+Copyright (c) 2003
+Association ofFormer Intelligence Officers.
+
+## Some-Time, Part-Time And One-Time Terrorism
+
+errorism is an ancient weapon, but one with many faces. In our lifetimes we've seen terrorism perpetrated by nations at
+
+Mr. Bowman currently serves in the Senior
+Executive Service of the Federal Bureau of
+Investigation. The thoughts expressed here
+do not necessarily represent those of the FBI.
+However, some of the matters discussed herein
+are grafted from public testimony of the author
+presented on behalf of the FBI on July 31, 2002
+before the Senate Select Committee on Intel-
+ligence. For the underlying facts presented in
+that testimony, the superb group of Intelligence
+Operations Specialists at the FBI are to be
+credited.
+ T
+
+war. We've seen it generated by environmental, animal and human rights activists. Terrorism is commonly used as a coercive tactic by so-called freedom fighters, and we've seen nations use remotely controlled terrorist surrogates to cause anonymous mayhem in other nations.1 Today, al Qaeda is probably the most visible face of terrorism. This is a face that represents yet another facet of the terrorist threatone more lethal than we've seen in the past, one that operates at a distance, and, importantly, one less homogenous than that which we've seen before.
+
+All that suggests a threat difficult to counter, and indeed it is, but not an impossible one. Despite their successes in the past few years, there have also been significant defeats.2 We may fear the ability of terrorist to operate at large and at will, but terrorists operate at one inherent and significant disadvantage. When they attack, they emerge and are exposed to attack, potential capture and/or intelligence and law enforcement investigation. Accordingly, the threat al Qaeda poses will be eliminated in due course as its members continue to be tracked down one-by-one.3 Usama bin Laden (UBL) is not ten feet tall, he's a mere mortal and al Qaeda members are relatively few in number. Still, the Western world should take care not to think that the disruption, or even the demise of al Qaeda will eliminate the terrorist threat that al Qaeda brought to American shores. It won't, and the reasons are vexingly simple. Since the 9/11 attacks it has become increasingly evident that many are willing to commit acts of anti-Western terrorism whether sponsored by a terrorist group or acting alone.
+
+The world today hosts a very large number of malcontents who dislike the West in general and the United States in particular. Radical Muslims have taken great care to de-legitimize the West, portraying Westerners as infidels who corrupt their culture and invade their lands. By portraying the United States and westerners in general as illegitimate interlopers and infidels, they assume the role of the down-trodden and imbue themselves with a righteousness that legitimizes their violent behavior.4 Of course, enmity of an underclass toward a powerful elite is a repetitive fact of history, but the reaction of this underclass transcends historical experience.
+
+What renders terrorism a crisis in the twentyfirst century is the fact that never before have so few possessed such an unpredictable capability to cause catastrophic harm on a global scale. In large measure, that capability stems from the technological progress that we've all witnessed in our lifetimes. How many of us today do not have cell phones and e-mail accounts?5 Who of us has not transferred money electronically? How easy is it quickly to transit multiple time zones, crossing borders with but a cursory inspection of travel documents?6 Never had demolitions or chemical/biological warfare training? Not to worry, the Internet has all the information you need to know. However, technology does not explain all; another era and events in another part of the world are key to understanding both the phenomenon and the complexity of fighting the brand of terrorism that al Qaeda brought to our shores.
+
+## Afghanistan
+
+During the decade-long Soviet/Afghan conflict, anywhere from 10,000 to 25,000 Muslim fighters representing some forty-three countries put aside substantial cultural differences to fight alongside each other in Afghanistan. The force drawing them together was the Islamic concept of "umma" or Muslim community. In this concept, nationalism is secondary to the Muslim community as a whole. As a result, Muslims from disparate cultures trained together, formed relationships, sometimes assembled in groups that otherwise would have been at odds with one another and acquired common ideologies. They were also influenced by radical spiritual and temporal leaders, one of whom has gained prominence on a global scaleUsama Bin Laden.
+
+Following the withdrawal of the Soviet forces Afghan war in large measure for his logistical support to the resistance. He financed recruitment, transportation and training of Arab nationals who volunteered to fight alongside the Afghan mujahedin. The Afghan war was clearly a defining experience in his life. In a May, 1996 interview with Time Magazine, UBL stated: "in our religion there is a special place in the hereafter for those who participate in jihad. One day in Afghanistan was like 1,000 days in an ordinary mosque."7 many during the Soviet-Afghan conflict, he was a wealthy Saudi who fought alongside the mujahedin. In consequence, his stature with the fighters was high during the war and he continued to rise in prominence such that, by 1998, he was able to announce a "fatwa" (religious ruling) that would be respected by far-flung Islamic radicals. In short, his fatwa stated that it is the duty of all Muslims to kill Americans: "[I]n compliance with God's order, we issue the following fatwa to all Muslims: the ruling to kill the Americans and their allies, including civilians and military, is the individual duty for every Muslim who can do it in any country in which it is possible to do it."
+from Afghanistan, many of these fighters returned to their homelands, but they returned with new skills and dangerous ideas. They now had newly-acquired terrorist training because guerrilla warfare had been the only way they could combat the more advanced Soviet forces. They also returned with new concepts of community that had little to do with, and perhaps even denied nationalism. Those concepts of community fed naturally into a fierce opposition to the adoption, or even the toleration of western culture. As a result, many of the Arab-Afghan returnees united, or reunited, with indigenous radical Islamic groups they had left behind when they went to Afghanistan. These Arab- Afghan mujahedin, equipped with extensive weapons and explosives training, infused radicals and already established terrorist groups, resulting in the creation of significantly better trained and more highly motivated cells dedicated to jihad.
+
+Feeding the radical element was the social fact that was signed as well by a coalition of leading Islamic militants to include Ayman Al-Zawahiri (at the time the leader of the Egyptian Islamic Jihad and later UBL's deputy), Abu Yasr Rifa'i Ahmad Taha (Islamic Group leader) and Sheikh Fazl Ur Rahman (Harakat Ul Ansar leader). The fatwa was issued under the name of the International Islamic Front for Jihad on the Jews and Christians. This fatwa was significant as it was the first public call for attacks on Americans, both civilian and military, and because it reflected a unified position among recognized leaders in the radical Sunni Islamic community. In essence, the fatwa reflected the globalization of radical Islam and revealed the fact of a terrorist network of extremists that has been evolving in the murky terrain of Southwest Asia. Those extremists use radical views of Islam to justify terrorism. Al Qaeda is but one facet of this network.
+
+this occurred in nations where there was widespread poverty, unemployment and little popular control of government. The success of the Arab intervention in Afghanistan was readily apparent, so when the Afghan fighters returned home they discovered populations of young Muslims who increasingly were ready and even eager to view radical Islam as the only viable means of improving conditions in their countries. Seizing on widespread dissatisfaction with regimes that were brimming with un-Islamic ways, regimes that hosted foreign business and foreign military, many young Muslim males became eager to adopt the successful terrorist-related activities that had been successfully used in Afghanistan in the name of Islam. It was only a matter of time before these young Muslim males began to seek out the military and explosives training that the Arab-Afghan returnees possessed. In turn, the incipient fanaticism bred in Afghanistan provided a platform for a charismatic leader to step into a patriarchal role to urge terrorism against the West.
+
+other terrorist organizations, it also functions through some of the terrorist organizations that operate under
+
+## Usama Bin Laden
+
+Usama bin Laden gained prominence during the Although bin Laden was merely one leader among Bin Laden was not alone in issuing this fatwa. It
+
+## Al Qaeda
+
+Although Al-Qaeda functions independently of its umbrella or with its support, including: the Al-Jihad, the Al-Gamma Al-Islamiyya (Islamic Groupled by Sheik Omar Abdel Rahman, better known as the "Blind Sheik" and later by Ahmed Refai Taha, a/k/a "Abu Yasser al Masri"), Egyptian Islamic Jihad, and a number of jihad groups in other countries, including the Sudan, Egypt, Saudi Arabia, Yemen, Somalia, Eritrea, Djibouti, Afghanistan, Pakistan, Bosnia, Croatia, Albania, Algeria, Tunisia, Lebanon, the Philippines, Tajikistan, Azerbaijan, the Kashmiri region of India, and the Chechen region of Russia. Al-Qaeda also maintained cells and personnel in a number of countries to facilitate its activities, including in Kenya, Tanzania, the United Kingdom, Canada and the United States.
+
+By networking with other groups, Al-Qaeda proposed to work together against the perceived common enemies in the Westparticularly the United States which Al-Qaeda regards as an "infidel" state that provides essential support for other "infidel" governments. Al-Qaeda responded to the presence of United States armed forces in the Gulf and the arrest, conviction and imprisonment in the United States of persons belonging to Al-Qaeda by issuing fatwas indicating that attacks against U.S. interests, domestic and foreign, civilian and military, were both proper and necessary. Those fatwas resulted in attacks against U.S. nationals in locations around the world including Somalia, Kenya, Tanzania, Yemen, and now in the United States. Since 1993, thousands of people have died in those attacks.
+
+## The Training Camps
+
+With the globalization of radical Islam well begun, the next task was to gain adherents and promote international jihad. A major tool selected for this purpose was the promotion of terrorism training camps that had long been established in Afghanistan. It is important to note, that while terrorist adherents to what we have come to know as al Qaeda trained in the camps, many others did as well. For example, according to the convicted terrorist Ahmed Ressam, representatives of the Algerian Armed Islamic Group (GIA) and its offshoot the Salafi Groups for Call and Combat (GSPC), HAMAS, Hizballah, the Egyptian Islamic Jihad (EIJ) and various other terrorists trained at the camps.
+
+Ressam, who was not a member of al Qaeda and, therefore, may not have fully accurate knowledge, also reports that cells were formed, dependent, in part, on the timing of the arrival of the trainees, rather than on any cohesive or pre-existing organizational structure. As part of the training, clerics and other authority figures advised the cells of the targets that are deemed valid and proper. The training they received included placing bombs in airports, attacks against U.S. military installations, U.S. warships, embassies and business interests of the United States and Israel. Specifically included were hotels holding conferences of VIPs, military barracks, petroleum targets and information/technology centers. As part of the training, scenarios were developed that included all of these targets.
+
+Ressam, who, again, was not a member of al Qaeda, has stated that the cells were independent, but were given lists of the types of targets that were approved and were initiated into the doctrine of the international Jihad. Ressam explicitly noted that his own planned terrorism attack did not have bin Laden's blessing or his money, but he believed he would have received UBL's support had he asked for it. He did state that UBL urged more operations within the United States.
+
+## The International Jihad
+
+In the 1970s, and even in the 1980s, terrorism centered on hierarchical organization with chains of command. Many had identifiable leaders who personified the group. For example, the German Red Army was more commonly known as the Baader-Meinhof group, so called for their leaders, Andreas Baader and Ulrike Meinhof. Today's terrorist tends to be networked, but not necessarily grouped. Formal ties are increasingly less common, and that is a logical outgrowth of the evolution of terrorism from being primarily motivated by politics to being primarily motivated by religion or ideology. Networking has proved to be an extremely effective experiment in cooperation by Islamic extremists.8 Especially when using the Internet, it permits a degree of anonymity, diffused command and control, a small footprint and even support for terrorism on a part-time basis if desired.
+
+destroy America, her agents, and her allies! Cast them into their own traps, and cover the White House with black.9 Ali Khameine'i, in 1998, said "The American regime is the enemy of [Iran's] Islamic government and our revolution." There are many other examples, but the lesson to be drawn is that al Qaeda is but one faction of a larger and very amorphous radical antiwestern network that uses al Qaeda members as well as others sympathetic to al Qaeda's ideas or that share common hatreds.
+
+It seems reasonable to conclude that the suicide carries the theme from Islamic radicals that expresses the opinion that we just don't get it. Terrorists worldwide speak of jihad and wonder why the western world is focused on groups rather than on the concepts that make them a community. One place to look at the phenomenon of the "international jihad" is the web. Like
+
+## ... Al Qaeda ...Militants Are Linked By Ideas And Goals, Not By Organizational Structure. The Intent Is Establishment Of States Ruled By Islamic Law And Free Of Western Influence...
+
+hijackers of September 11, 2001 took advantage of networking, staying below the radar screen and merging with American society. One even reported a theft to the police. What we know of them today does not support a theory centered on a traditional terrorist organization, but it does support a theory of networked radicals supported by al Qaeda. It is also reasonable to conclude that they acted in support of the 1998 fatwa which, in turn has proved to be eloquent evidence of the international jihad. During 1997 UBL described the "international jihad" as follows:
+"The influence of the Afghan jihad on Azzam.com, offers primers including "How Can I Train Myself for Jihad," which is available in more than a dozen languages. Traffic on this site,increased 10-fold following the attacks, according to a spokesman for the site. Founded in 1996, Azzam Publications was named for a mentor to Osama bin Laden. The "flavor" of the site is evident from the spokesperson's description of its goal to provide news of jihad and stories about martyrs.10
+
+the Islamic world was so great and it neces-
+sitates that people should rise above many of
+their differences and unite their efforts against
+their enemy. Today, the nation is interacting well
+by uniting their efforts through jihad against
+the U.S. which has in collaboration with the
+Israeli government led the ferocious campaign
+against the Islamic world in occupying the holy
+sites of the Muslims...[A]ny act of aggression
+against any of this land of a span of the hand
+measure makes it a duty for Muslims to send a
+sufficient number of their sons to fight off that
+aggression."
+
+In May of 1996, UBL gave an interview in
+
+is far less a large organization than a facilitator, some-
+times orchestrator, of Islamic militants around the
+globe. These militants are linked by ideas and goals,
+not by organizational structure. The intent, taken at
+face-value, is establishment of a state, or states ruled
+by Islamic law and free of western influence. Bin
+Laden's contribution to the Islamic jihad is a creature
+of the modern world. He has spawned a global net-
+work of individuals with common, radical ideas, kept
+alive through modern communications and sustained
+through forged documents and money laundering
+
+which he stated "God willing, you will see our work on the news..." The following August the East African embassy bombings occurred. That was bin Laden speaking, but it should be remembered that the call to harm America is not limited to al Qaeda. Shortly after September 11 Mullah Omar said "the plan [to destroy America] is going ahead and God willing it is being implemented..." Sheikh Ikrama Sabri, a Palestinian Mufti, said in a radio sermon in 1997, "Oh Allah, Information from a variety of sources repeatedly many other groups, Muslim extremists have found the Internet to be a convenient tool for spreading propaganda and helpful hints for their followers around the world. Web sites calling for jihad, or holy war, against the West are not uncommon.
+
+One of the larger jihad-related Internet sites, The lesson to be taken from this is that al Qaeda activities on a global scale. While some may consider extremist Islam to be in retreat at the moment, its roots run deep and exceedingly wide.
+
+In the final analysis, the International Jihad move-
+
+## ...The Challenge To Prevent Terrorism From The Unaligned Terrorist Is Perhaps The Greatest Challenge Gven To Law Enforcement And Intelligence...
+
+ment is comprised of dedicated individuals committed to establishing the umma through terrorist means. Many of these are persons who attended university together, trained in the camps together, traveled together, but whose relationships to each other are premised on individual commitment rather than on bureaucracy or hierarchy. The result is that not only Al Qaeda, but international terrorists without affiliation as well, remain focused on the United States as their primary target. The United States and its allies, to include law enforcement and intelligence components worldwide have had an impact on the terrorists, but they are adapting to changing circumstances. Investigation of individuals who have no clear connection to organized terrorism, or tenuous ties to multiple organizations, is increasingly difficult. At least when one searches for a needle in a haystack, the location of the haystack is a given. Not being associated with an organization that generates a larger footprint, the lone individual can effectively disappear, utilizing today's technology to maintain necessary contacts. The magnitude of the threat then multiplies with the number of "needles." In Israel, we see the difficulty of meeting terrorist threats even in a confined area. When the area we have to be concerned with is the entire world, the difficulty of countering the threat becomes incalculable, but counter it we must.
+
+## Meeting The Threat
+
+Many view the events of 9/11 as an intelligence failure. There have been reasonable and unreasonable arguments on both sides of that issue, but that is not a focus of this article. Nonetheless, those who criticize the intelligence community commonly proceed from the assumption that the Government should have been able to penetrate the terrorist organization that carried out those acts of destruction, or at least to have been able to analyze current events to predict the events. That sort of criticism turns a blind eye to the nature of the threat. The 9/11 hijackers were not an organization. Nor did they associate themselves overtly with al Qaeda, which sponsored them. And this proves the point! The larger threat is not al Qaeda, but the person who, while otherwise leading a normal life somewhere in the world, decides to become a terrorist. That is the proverbial needle in a haystack. That is the occasional, or the part-time, or the one-time terrorist on whom we have limited ability to focus intelligence efforts. The fundamental truth is that more than just haystacks will have to be sifted if we are to intercept the one-time terrorist who decides to become active. To detect and prevent individuals like the 19 hijackers presupposes a capability that may be developed, but one that must also include luck to be successful.
+
+Vulnerabilities are obvious; we are an open society with porous borders and uncountable rich targets to attract terrorists. We also have far-flung equities; military and diplomatic personnel, foreign-based businesses, missionaries and tourists all represent external vulnerabilities. Whether internal or external, the ability to guard and fortify these vulnerabilities is de minimis; therefore, this is a threat that must be countered, not one we can be satisfied to punish after a terrorist success. To counter the terrorist threat, we need to learn of terrorist plans, disrupt terrorist cells, take known terrorists off the street and attack terrorist strongholds. To be effective in any of these requires a robust flow of information. We have to collect, analyze, disseminate and use information effectively, which is even more difficult than it is trite.
+
+For example, if the purpose is to gather information on Hizballah there is a focus for the effort. If the purpose is to gather information on UBL, there is a focus for that effort. If, however, the purpose is to gather information to guard against the type of terrorism we now see to have developed since the end of the Soviet-Afghan War, there is, at best, an attenuated focus. We have learned, belatedly, that not all terrorism is organized and not all terrorists are members of terrorist organizations. Rather, there are terrorists leaders, terrorist facilitators, terrorist financiers and many, many disaffected individuals willing to commit acts of terrorism. While terrorist leaders will be associated in groups, the others may have no special affiliation to any terrorists organization - or they may have contacts with many.
+
+In Israel we've seen unaligned Muslims, including powers correctly understand the reasons for the limitations. Neither is incorrect, but both camps need to understand that we can, and will, accomplish what is needed within legal and social limits. Neither cry of "wolf" is appropriate. i
+
+1. The number of states sponsoring terrorism has diminished in 2. In a wide-ranging interview with CNN, FBI Director Mueller 3. Recently several significantly important al Qaeda members have
+promising youth with a future, both male and female, conduct suicide bombings on their own initiative with no more than logistical support from terrorist organizations. The 9/11 hijackers apparently enjoyed the fiscal and perhaps logistical support of al Qaeda,11 but there is no clear indication that they were other than a group of radicals who came together for a single terrorist event. This is the problem of the International Jihad. Terrorism today still bears elements of traditionalism, but it also is decidedly untraditional. The International Jihad signals the advent of the occasional, some-time or even the one-time terrorist. The contemporary terrorism threat, spawned largely out of Afghanistan, effectively seeded large areas of the world with potential terrorists. The training camps prepared the student, the merchant, and perhaps even the government official for terror-on-demand. Any of those who were trained, and any who might want to emulate might, at any time, decide to seek out an opportunity for martyrdom.
+
+The challenge to prevent terrorism from the
+
+4. Radical Islamists and Islamic movements have succeeded over 5. Like many other groups, Muslim extremists have found the
+unaligned terrorist is perhaps the greatest challenge ever given to the law enforcement (LE) and intelligence communities (IC). LE and IC are now required to look world-wide, including within the United States, for any number of those "needles." That will require more than just a collection effort, it will require that every agency of the U.S. Government perform its job with a view towards terrorism. More than that, it will require the Government to bring more "eyes on target" than ever before. The experience of a customs agent may be vital to understanding the information collected by the FBI. The analysis of Homeland Security may provide meaning to information collected by INS. Enforcement of laws unrelated to terrorism already have proved to be a necessary element of prevention.
+
+Sharing information will become vital for the
+
+6. Kathy Gannon,"Smugglers, Politicians And Spies Move Al- 7. Time "The Paladin of Jihad," May 06, 1996 8. See generally, Michael Whine, "The New Terrorism," from 9. See at www.io.com/~jewishwb/iris/archives/990.html 10. Karmon, supra, n.1. 11. Although there is no evidence to support the thesis, it seems
+future, but this is a task that will challenge more than collection and analysis. It will also challenge legal and social values, both domestic and international. There is no doubt but that this must be done and there is no doubt but that it can be done properly. Still, we need to be mindful of the domestic social values of this nation that brought about the Privacy Act, Freedom of Information Act and Executive Orders regulating the IC. We need to remember the terribly disruptive nature of the Church Committee and strive to avoid improprieties that could occasion another such debacle. Those who call for increased surveillance powers correctly understand the limitations placed, decades ago, on LE and IC organizations. Those who disapprove those increased
+
+## E  N  D  N  O  T  E  S
+
+recent years, primarily as a result of the "fall of the wall," and a firm U.S. stand against rogue states. See, Ely Karmon, "Intelligence and the Challenge of Terrorism in the 21st Century," a paper presented at the conference "A Counter-Terrorism Strategy for the 21st Century: The Role of Intelligence" at the Morris E. Curiel Center for International Studies of Tel Aviv University, November 1-2, 1998. stated, on December 14, 2002, that "tens of attacks, probably close to a hundred around the world" have been thwarted in
+the previous fifteen months. http://www.cnn.com/2002/ US/12/14/mueller.ap/index.html.
+been captured. Among those captured are Abu Zubaidah, al Qaeda's overall operational planner, Abd al-Rahim al-Nashiri, chief of operations in the Persian Gulf region and a key planner in the October, 2000 bombing of the USS Cole, and Ramzi bin al-Shibh, widely believed to have been an intended twentieth hijacker. See, e.g., Jerry Seper, "Senior al Qaeda chief in custody of U.S.," The Washington Times, November 21, 2002 (http://www.washtimes.com/upi-breaking/200221121- 035030-7529r.htm); "Pakistan say investigation into Bin al-
+Shibh arrest complete," http://www.usatoday/news/world/ 2002-09-16-bin-al-shibh x.htm; "Ramzi bin al-shibh," http:
+//www.infoplease.com/ipa/A0905807.html
+
+the past few decades in posing the idea that there is a global conspiracy ongoing against Islam as a religion, culture and way of life. Where this message succeeds, it is a short step to view terrorism and political violence as religious duties. See, e.g., Reuven Paz, "Radical Islamist Terrorism: Points for Pondering,"
+Internet to be a convenient tool for spreading propaganda and communicating at a distance. See, Stephanie Gruner and Gautam Naik, "Extremist sites under heightened scrutiny," The Wall Street Journal Online, October 7, 2001.
+
+Qaida, Taliban Fugitives In And Out Of Afghanistan," Associated Press, November 27, 2002. "If you have money you can go anywhere, without any problem," quoting Fazul Rabi Said Rahman, a former Taliban corps commander. the annual report of the Stephen Roth Institute for the Study of Contemporary Anti-Semitism and Racism at Tel Aviv University: Antisemitism Worldwide 2000/1.
+likely that they must also have had some support from a rogue state in order to gain experience on large commercial aircraft.

markdown/misc/bradley.md

@@ -0,0 +1,340 @@
+## Report Documentation Page
+
+Public reporting burden for this collection of information is estimated to average 1 hour per response, including the time for reviewing instructions, searching existing data sources, gathering and maintaining the data needed, and completing and reviewing this collection of information.  Send comments regarding this burden estimate or any other aspect of this collection of information, including suggestions for reducing this burden to Department of Defense, Washington Headquarters Services, Directorate for Information Operations and Reports (0704-0188), 1215 Jefferson Davis Highway, Suite 1204, Arlington, VA  22202-4302.  Respondents should be aware that notwithstanding any other provision of law, no person shall be subject to any penalty for failing to comply with a collection of information if it does not display a currently valid OMB control number.  PLEASE DO NOT RETURN
+YOUR FORM TO THE ABOVE ADDRESS.
+
+09-02-2004
+              FINAL
+
+## Intelligence, Surveillance And Reconnaissance In Support Of
+
+OPERATION IRAQI FREEDOM: CHALLENGES FOR
+RAPID MANEUVERS AND JOINT C4ISR INTEGRATION AND INTEROPERABILITY
+
+6. AUTHOR(S)
+
+Carl M. Bradley Paper Advisor (if Any):  CDR Alan Wall
+
+## 7. Performing Organization Name(S) And Address(Es)
+
+           Joint Military Operations Department Naval War College
+           686 Cushing Road Newport, RI 02841-1207
+
+## 9. Sponsoring/Monitoring Agency Name(S) And Address(Es)
+
+NUMBER(S)
+
+## 12. Distribution / Availability Statement Distribution Statement A: Approved For Public Release; Distribution Is Unlimited.
+
+13. SUPPLEMENTARY NOTES   A paper submitted to the faculty of the NWC in partial satisfaction of the requirements of the JMO
+Department.  The contents of this paper reflect my own personal views and are not necessarily endorsed by the NWC or the Department of the Navy.
+
+14. ABSTRACT
+                 While aircraft, Unmanned Aerial Vehicles (UAVs) and C4I systems played a critical role in the coalition's success against the Iraqi regime during *Operation Iraqi Freedom*, at the operational level of war, the C4I and airborne ISR assets experienced significant seams in their ability to provide timely, accurate, fused, and actionable intelligence to Strategic, Operational and Tactical users.  The key factors affecting the ability of ISR assets to support rapid maneuvers during OIF included compressed engagement times, incompatible and inadequate C4ISR systems, eleventh hour TTP and planning considerations, a lack of intelligence analysis tools, and Service unfamiliarity with the other Service ISR capabilities.
+
+
+ The operational commander can take several steps to stem the tide in significant ISR seams during OIF.  Foremost among them is to engage JFCOM (Joint Forces Command) in its role as the DoD's executive agent for joint interoperability and integration to support and sponsor joint exercises that focus on C4ISR training requirements in a joint environment.  Services must receive guidance through JFCOM to ensure future C4ISR systems are not procured in such a way to field stovepipe systems unable to function in a joint environment.  Finally, joint doctrine for ISR must be updated to discuss decision making tools necessary to support ISR operations during rapid maneuvers.
+
+## 15. Subject Terms Intelligence, Surveillance, Reconnaissance, Isr, Oif, Operation Iraqi Freedom
+
+| 16. SECURITY CLASSIFICATION OF:   |
+|-----------------------------------|
+| OF ABSTRACT                       |
+| 18. NUMBER                        |
+| OF PAGES                          |
+| 19a. NAME OF RESPONSIBLE PERSON   |
+| Chairman, JMO Dept                |
+| a. REPORT                         |
+| UNCLASSIFIED                      |
+| b. ABSTRACT                       |
+| UNCLASSIFIED                      |
+| c. THIS PAGE                      |
+| UNCLASSIFIED                      |
+| 22                                |
+| 19b. TELEPHONE NUMBER             |
+| (include area                     |
+| code)                             |
+| 401-841-3556                      |
+| Standard Form 298 (Rev. 8-98)     |
+
+# Naval War College Newport, R.I. Intelligence, Surveillance And Reconnaissance In Support Of Operation Iraqi Freedom: Challenges For Rapid Maneuvers And Joint C4Isr Integration And Interoperability By
+
+Carl M. Bradley Lieutenant Commander, USN
+A paper submitted to the Faculty of the Naval War College in partial satisfaction of the requirements of the Department of Joint Military Operations. The contents of this paper reflect my own personal views and are not necessarily endorsed by the Naval War College or the Department of the Navy.
+
+                                       Signature: _____________________________
+9 February 2004
+
+## Abstract
+
+
+While aircraft, Unmanned Aerial Vehicles (UAVs) and C4I systems played a critical role in the coalition's success against the Iraqi regime during *Operation Iraqi Freedom*, at the operational level of war, the C4I and airborne ISR assets experienced significant seams in their ability to provide timely, accurate, fused, and actionable intelligence to Strategic, Operational and Tactical users.  The key factors affecting the ability of ISR assets to support rapid maneuvers during OIF included compressed engagement times, incompatible and inadequate C4ISR systems, eleventh hour TTP and planning considerations, a lack of intelligence analysis tools, and Service unfamiliarity with the other Service ISR capabilities.  .
+
+
+ The operational commander can take several steps to stem the tide of significant ISR
+seams experienced during OIF.  Foremost among them is to engage JFCOM (Joint Forces Command) in its role as the DoD's executive agent for joint interoperability and integration to support and sponsor joint exercises that focus on C4ISR training requirements in a joint environment.  Services must receive guidance through JFCOM to ensure future C4ISR systems are not procured in such a way to field stovepipe systems unable to function in a joint war fighting environment.  Finally, joint doctrine for ISR must be updated to discuss decision making tools necessary to support ISR operations during rapid maneuvers.
+
+
+
+## Introduction
+
+Operation Iraqi Freedom (OIF) was arguably the finest example of the U.S.
+
+military's ability to wage joint coalition air, ground, and naval operations to support the nation's National Security Strategy.  Marines and the Army rapidly maneuvered toward Baghdad from the Iraqi southern border in a coordinated land campaign against the Iraqi military that covered ground in one quarter the time it took to do so in the first Gulf War.
+
+Special Operations Forces (SOF) performed Combat Search and Rescue and destroyed missile systems capable of deploying Weapons of Mass Destruction (WMD).  Coalition air forces supported ground operations and carried out precision strikes against a vast array of targets in record time while ensuring air superiority over the country.  These US and coalition operations all have one common thread; Each of these missions and the forces performing them were supported by Command, Control, and Communications, Computers (C4), Intelligence, Surveillance and Reconnaissance (ISR) assets, and the professionals who manage them within the Combined Forces Commander (CFC).
+
+While these aircraft, Unmanned Aerial Vehicles (UAVs) and C4I systems played a critical role in the coalition's success against the Iraqi regime, at the operational level of war, the C4I and airborne ISR assets experienced significant gaps or seams with regard to their ability to provide timely, accurate, fused, and actionable intelligence to Strategic, Operational and Tactical users.1 These C4ISR challenges resulted from the extreme speed of maneuvers, incompatible and Service-unique C4ISR systems, distributed command structures, and the chasm between the huge amounts of raw information being collected by sensors and the OIF intelligence effort's ability to direct, collect, exploit, analyze, and disseminate fused intelligence products.
+
+## Background
+
+In just 21 days, the coalition removed Saddam Hussein and the ruling Ba'ath Party from power and decisively defeated Iraqi military forces.  Assigned ISR assets were capable of providing 24 hour intelligence collection coverage to support the CFC's operational and strategic objectives as outlined below:2
+
+- Defeat or compel capitulation of Iraqi forces - Neutralize regime leadership - Neutralize Iraqi TBM/WMD delivery systems - Control WMD infrastructure - Ensure the territorial integrity of Iraq - Deploy and posture CFC forces for post-hostility operations, initiating
+humanitarian assistance operations for the Iraqi people, within capabilities
+- Set military conditions for provisional/permanent government to assume power
+- Maintain international and regional support - Neutralize Iraq regime's C2 and security forces - Gain and maintain air, maritime and space supremacy
+
+The coalition planned for and waged war emphasizing mobility and speed, precision, and information dominance.  These characteristics were exhibited by the ISR assets employed by the U.S. and coalition forces and the amount of data collected.  Of the 1,801 aircraft used during OIF, 80 aircraft were dedicated to the ISR mission.  They included RQ-1 Predator and RQ-4 Global Hawk UAVs, EP-3, P-3C "Orion", U-2, E-8C Joint Surveillance Target and Radar System (JSTARS), and RC-135 "Rivet Joint" (collecting signals intelligence) aircraft, to name a few.3  They flew approximately 1,000 sorties and collected 3,200 hours of streaming video, 2,400 hours of SIGINT, and 42,000 battlefield images.4  The ISR effort was managed from the Combined Air Operations Center located at Prince Sultan Air Base (PSAB), Saudi Arabia, under the command of the Combined Forces Air Component Commander (CFACC), Lt. General T. Michael "Buzz" Moseley, USAF.
+
+Information alone does not constitute intelligence.  Prior to information being of use to commanders it must first undergo the basic intelligence cycle, which is accomplished in five phases: Planning and Direction, Collection, Processing and Exploitation, Production, and *Dissemination*.  While this review may seem elementary, the intelligence cycle is critical if intelligence professionals are expected to provide fused, timely, accurate, and actionable intelligence to commanders.  Knowledge of the intelligence cycle is also seminal to understanding the reason for those intelligence seams experienced during *OIF.*  All too often ISR collection activities in OIF were truncated from the full intelligence cycle, either by necessity or design, to support the rapid scheme of maneuver on the ground and in the air. This oftentimes resulted in perishable, inaccurate, incomplete, and untimely intelligence products.
+
+## Speed And Time - C4I
+
+
+Effective C4I systems ensure joint intelligence and total battlespace information awareness is provided to the warfighter through the use of common tactics, techniques, and procedures (TTPs).  These systems should also provide the warfighter with the flexibility to support any mission, at anytime, anywhere.  In OIF, C4I systems experienced significant seams while attempting to address these challenges.
+
+
+Admiral E. P. Giambastiani, Commander, U.S. Joint Forces Command, said it best:
+
+ "Where we fall short is when we're in a high-speed, fast-moving campaign,
+like this one was, where our forces are moving very rapidly.  The ability to be able to do effects assessments or battle damage in a rapid fashion lacks (sic)
+seriously behind the movement of our forces."5
+
+ His comment directly reflects the significantly compressed sensor to shooter timelines experienced during OIF, which ironically stems from our tremendously enhanced C4ISR capabilities since the first Gulf War.  The available intelligence assets brought to bear against the Iraqi regime and its military provided persistent around-the-clock surveillance of targets of interest, collecting information from the ground, air, and space.  For example, operational commanders at the Combined Air Operations Center (CAOC) often employed UAVs to cue other assets to find, fix, track, target, engage and assess time sensitive targets (TSTs) with speed and precision, thereby increasing the probability of kill while minimizing collateral damage and risk to manned aircraft.6  As the war started, SOF, Army, and Marine forces maneuvered towards Baghdad at a record pace.  By the commencement of air operations at A-hour on March 21, 2003, coalition air forces commenced air strike operations and flew over 1,700 sorties, and launched 504 Tactical Land Attack Cruise Missiles (TLAM) and Conventional Air Launched Cruise Missiles (CALCM) in a 24 hour period.7
+These strikes were aimed to destroy hundreds of targets.  One immediate effect these compressed engagement times had on operational commanders was to create a demand for a faster, more streamlined capability to deliver effects-based battle damage assessments (BDA) to decision makers for potential re-strike recommendations and Joint Intelligence Preparation of the Battlespace (JIPB) updates.  The immense number of targets, limited ISR assets, and insufficient personnel with BDA expertise, analytical tools, and sensor capabilities created a tremendous strain on the intelligence support architecture and prevented a thorough assessment of damage to the majority of targets.
+
+Methods for reviewing tactical aircraft weapon system video (WSV), for example, lacked the C4I systems and personnel expertise necessary to forward the WSV to the CENTCOM Joint Intelligence Center ( JICCENT) in Tampa, FL, for timely analysis and use by commanders. The WSV often arrived for analysis at JICCENT eight to ten hours after the aircraft completed its mission.  Once there, JICCENT lacked the requisite subject matter experts to quickly exploit the large number of WSV, thereby exacerbating the time delay of
+
+6  The CAOC identified 3 types of targets as TSTs: Leadership, WMD and terrorists.  Dynamic targets were fused BDA reports.8  Fusion of the thousands of aircrew Mission Reports (MISREPS)
+accompanying the WSV was also delayed.  As a result, the updates to the Common Operating Picture and Common Intelligence Picture (COP/CIP),9 necessary to provide decision makers with updated enemy and blue force dispositions, were behind schedule or did not occur. The exploitation and production, analysis, and dissemination processes were unresponsive to the operational speed of maneuver.
+
+The speed of maneuver had some negative impact on direction and collection efforts by CFACC collection managers as well.  As more targets of opportunity (those not scheduled for surveillance and reconnaissance) were rapidly re-tasked to airborne UAVs and other aircraft such as the U-2, collection managers had difficulty with the complex effort of tracking, prioritizing and synchronizing the collection of targets and known areas of interest.
+
+This huge effort required a collaborative tool to de-conflict asset tasking, priorities, and targets.  Analysts were often relegated to using spreadsheets as the speed of operations continued.  To add to these difficulties, targeteers worked without a master target database to track targets.10  Performing the required tasking, production, exploitation and distribution
+(TPED) tasks at a wartime pace without sufficient analytical tools resulted in imperfect such as Navy aircraft carriers at sea, for example. The FTP method mitigated bandwidth limitations aboard ship. The slow dissemination process was well documented prior to OIF and was never thoroughly addressed by intelligence and operational planners.
+
+analysis that had a domino effect on subsequent collection and targeting plans.11  Collection and targeting efforts were bogged down with overlapping and duplicative requirements and analysis.  One target, for example, could be tasked and imaged with 3 different ISR assets one day even though the previous day's imagery of the same target had yet to be exploited by imagery analysts and might already have satisfied the requirement.12
+While the commander's Priority Intelligence Requirements (PIRs) should drive the collection process as described in joint doctrine, it appears this was not always the case.  The collection effort was responding to the speed of maneuver on the battlefield. Notwithstanding this fact, the direction and collection process became deferential to tactical or time sensitive events as opposed to executing a synchronized and prioritized collection plan based on PIRs.  Statistics of ISR collection missions tasked against PIRs during OIF were not available. Yet CFACC ISR cell collection managers reported that reconnaissance requirements did not always align with operational needs because of the fast paced dynamic tasking necessary to support operations and the lack of collaboration tools required to track targets and collection efforts.13  Those "needs" are outlined in the PIRs.
+
+Interestingly, the highest percentage of apportioned CFACC missions, 50.7 percent, supported the Combined Force Land Component Commander (CFLCC) to defeat Iraqi ground forces and conduct security and stabilization operations.  Missions supporting the Combined Force Special Operations Component Commander (CFSOCC) were second with
+12.5 percent.  The CFLCC and CFSOCC mission percentages correlate with the military objectives as outlined above.  Unfortunately, the CFACC did not count apportionment percentages by mission for ISR assets, referring to ISR as "the cost of doing business." 14
+Those numbers would enable observers to match the missions with existing PIRs and better determine if assets were focused on the commander's intelligence guidance.
+
+
+Ironically, many of the events discussed are a direct consequence of advances in C4I
+systems that have increased the distances, network centric access, and obviously the speed through which information is transmitted and managed by commanders across all levels of war.  Video teleconferencing, satellite (Iridium) telephones, streaming video, the Internet, and multiple high speed data links all contributed to a more joint operation than coalition forces executed during the first Gulf War.  This connectivity was all the more critical when key OIF commanders and their supporting communications centers were separated by more than 7,000 miles, roughly the distances from CENTCOM's theater to the U.S. east coast.  Basing rights and political sensitivities within the theater also generated geographically distributed JFC component commanders.  The CAOC/CFACC operated out of Saudi Arabia while the CFLCC was headquartered in Kuwait.  CFSOCC and CFC commanded operations from within Qatar as the JFMCC coordinated maritime assets from Bahrain.  All needed to reachback to CENTCOM and Washington, DC during operations.
+
+
+These distributed command structures necessitated an increase in available bandwidth and enabled the high degree of decentralized C2.  Total bandwidth prior to OIF increased by
+
+596%, up to 783 Mb from 113 Mb, and the demand continued to far exceed available capacity in the AOR.  Commanders were demanding more bandwidth to manage the large amounts of data available to them. According to CAOC commanders, restricted bandwidth and communications capabilities limited the number of targets warfighters were able to engage during compressed engagement timelines.15
+
+In order to support remote TPED of Predator, Global Hawk, and U-2 ISR operations, the Defense Information System Agency activated circuits at a cost of over 3 million dollars.
+
+Remote sites in Nevada, California, and Virginia were used to process information from these sensors near real time while providing immediate feedback to the CAOC and other theater commanders.  The process was reasonably effective as ground stations were instrumental in warning commanders of Iraqi mobile missile threats identified through U-2
+and UAV imaging sensors. 16
+
+The distributed command structure of intelligence analysts and operations during OIF
+created a demand for bandwidth that could not be met. Some intelligence elements were dissatisfied with having to synchronize daily Battle Rhythms with analysts working 7,000 miles away.  Some analysts preferred face-to-face coordination as opposed to VTCs.  Poor data transmission, poor weather, and scheduling conflicts oftentimes prohibited successful VTCs.
+
+
+While there is certainly a need for more bandwidth, C4I network users and planners need to better create resourceful C4I systems that limit the need for ever increasing bandwidth.  Bandwidth efficient C4I systems coupled with inventive TTPs can achieve that goal.  Elevated bandwidth is a double edged sword.  More and faster does not always equate to better.17  More information and intelligence reaches customers and decision makers in quicker time but this is effective only when TTPs and C4ISR systems are in place to support compressed decision cycles.
+
+## Joint Operations
+
+While it would appear that ISR assets in OIF performed in an ideal joint manner based upon the scale of operations and obvious demand for their capabilities, the Services continued to stovepipe information and subject matter expertise to their individual services.
+
+The 1st MEF, for example, deployed a MEF ISR command element to Camp Commando in Kuwait to support 1 MEF maneuvers.  This element performed invaluable JIPB in concert with the other Services, JICCENT, the National Intelligence Community (NIC) and a United Kingdom signals battalion, and provided timely targeting to support MEF operations.18 While this effort confirms the U.S. military's commitment to developing fused intelligence products across Services, agencies, and coalition partners, the point is moot to Navy Carrier Air Wings.  Lessons learned from the Navy's aircraft carrier-based Intelligence Centers (CVICs) reported a significant shortfall in ground intelligence products and IPB analysts necessary for Navy tactical aircraft to conduct combat air support for SOF forces in the north and ongoing operations in southern Iraq.19  As a temporary fix, some CVICs received augmentation in the form of Marine intelligence analysts.20  To fully integrate the ISR effort, JFC J2s and subordinate J2s need to ensure fused intelligence products and analysis are made available across all levels of war through a common network centric architecture that maximizes manpower and level of effort.
+
+Many ISR assets were successfully employed by the Services with minimal integration problems.  Available UAVs operated closely with SOF to find, fix, track, target, engage and assess C2 and SCUD missile threats in western Iraq.  Streaming video was sent to AC-130 "Spectre" aircraft to provide detailed targeting information in the engagement phase.
+
+The 1st MARDIV enjoyed tremendous C4I integration with the JSTARS, which provided near real time reporting on enemy ground unit locations and "no go" terrain thereby enabling units to maneuver deep into the enemy's battlespace.21  Marines also operated with Navy P-
+3C maritime patrol aircraft. The P-3Cs provided Marines with indications and warning surveillance of engaged friendly forces, and disposition of enemy forces ahead of them. Seams still existed between the Navy and Marine units, however.  Differences in communications suite capabilities required a Marine liaison officer (LNO) aboard the aircraft and intensive concept of operations planning.22  The inability to train with other units prior to the war was a common theme reiterated in many of the Service's lessons learned documents.
+
+## C4I Integration
+
+"The integrated common operating picture [COP] was a very powerful tool.
+
+Tracking systems were previously Service unique.  Workarounds were developed for OIF, but there is a need to develop one integrated, user friendly, C4I architecture that captures blue and red air, ground and maritime forces."23
+The workarounds General Franks alluded to above were the short term planning for the creation and maintenance of the COP/CIP that occurred just prior to commencement of the war.  Last minute planning resulted in inaccurate and absent threat Order of Battle (OOB) during the first phases of the war.  According to one CENTAF report, the CFACC began tracking enemy air, defensive missile, and long range surface-to-surface missile OOB just prior to the war without sufficient and mature TTPs to perform the mission. 24  Upon shifting to that mission during the eleventh hour, CFACC analysts discovered that the four C4I systems employed to create and update OOBs for the COP/CIP were incapable of providing interoperable interfaces for data transfer into the COP/CIP system.  As a result, the CFACC was forced to coordinate with JICCENT in Tampa, FL for JICCENT to receive a spreadsheet 2004].
+
+details shortfalls in imagery analysts necessary to exploit P-3C imagery for dissemination to operational and tactical units.
+
+23  Statement of General Tommy R. Franks, Former Commander US Central Command, Before the Senate Armed Services Committee, July 9, 2003.
+
+24 "CFACC ACCE Intelligence Preparation," Joint Universal Lessons Learned System No. 41436-94678, 13
+April 2003, [13 January 2004].
+
+every six hours that contained the necessary OOB information. The data was then manually entered by JICCENT into the master database to update the COP/CIP.  The issue produced confusion amongst other intelligence elements that were not informed of the changes in production and OOB responsibilities.  This last minute workaround is surprising when one considers that US and coalition intelligence elements had 12 years to develop TTPs and C2 relationships to ensure unity of effort. While military personnel were often transferred from the CAOC after a 6 month rotation, the existing CAOC and JFC intelligence organizations are codified in Joint doctrine and are not new.
+
+From the intelligence cycle perspective one thing seems certain, not all ISR assets arrived in theater with a TPED plan in hand to input information and intelligence into one COP/CIP in a time sensitive manner.  The existing MASINT (Measurement and Signals Intelligence) C4I structure, required production times, and necessary expert analysis, that did not support suitable COP/CIP input and display for MASINT data.   To address the shortfall, some individual analysts, many who enjoyed a personal or professional familiarity with one another prior to the operation, coordinated face to face or over secure communications circuits to pass data across components.  This TPED workaround was often referred to as the
+"Bubbas Network."25  These actions, while noble in effort, truncated the intelligence cycle and prevented proper intelligence dissemination to the proper units and decision makers. This was not the case for all intelligence disciplines.  The ELINT (Electronic Intelligence) TPED seems to have been the model to follow.  The ELINT data had a well formulated and mature TPED that allowed national, theater, and tactical ELINT information to flow into common displays in a timely fashion.
+
+## Recommendations
+
+
+The operational commander can take several steps to bridge the gaps resulting from the critical factors that limited their ability to provide timely, accurate, fused, and actionable intelligence to Strategic, Operational and Tactical users.  Foremost among them is to engage JFCOM (Joint Forces Command) in its role as the DoD's executive agent for joint interoperability and integration.  This role places JFCOM at center stage as a source for solutions to ensure C4ISR integration and training throughout the DoD.
+
+
+Joint exercises go far toward providing integration and training opportunities in a joint and coalition environment.  Unfortunately C4ISR has not received the attention necessary to contend with the challenges presented during joint operations.  Previous joint exercises have neglected C4ISR; treating it more as a support function to operations. Participating intelligence personnel were often culled from disparate units without regard to real-world training benefits, joint integration, and interoperability issues normally addressed to support ongoing or future operations.  Future exercises sponsored by JFCOM, such as Unified Endeavor, which concentrate on training future JTF commanders and their component intelligence staffs on C4ISR, can make certain the right force mix participates and trains for integrated operations in a joint environment.
+
+
+Although a significant step, joint exercises and training will benefit operational commanders more if the exercises are inculcated into the routine turnaround training cycles the Services use to manage unit deployment schedules.  An often heard phrase within military circles is *they train like they fight*.  In reality, the Services have few opportunities during normal training cycles to train and operate in a JTF or CJTF battlespace environment. Incorporating joint exercises and training into their routine training schedules will enable all Services to become more familiar with ISR capabilities and limitations.
+
+
+In concert with its joint exercise mission, JFCOM can also play a larger role in assuring interoperability and integration of DoD C4ISR systems by tracking the research and development (R&D) and procurement efforts Services pursue to design and purchase these systems.  As the central clearinghouse for Service C4ISR requirements, JFCOM can unite the Services so they work towards the same ends and no longer develop and purchase stovepipe systems that fail to pass the joint, integrated, and interoperable tests.  These steps will enable JFCOM to lay the foundation for a solid C4ISR roadmap that all Services, regardless of mission, can follow.
+
+
+ Current joint doctrine addresses the collection phase of ISR on the periphery only,
+with a cursory overview of how these assets support other TTPs or TST events.  Apart from
+existing classified documents,26 the most current dedicated ISR Joint Publication, JP-3-55, is
+over ten years old and provides only basic descriptions of the intelligence cycle.27  Future ISR
+joint doctrine can mature and develop through the implementation of previous operational lessons learned, and by exercising C4ISR TTPs and C4ISR systems during JFCOM
+sponsored joint exercises.  The resulting doctrine ought to include checklists, analytical and decision making tools, and C2 structures for JFCs to use as a template to support future fast paced ISR operations.  The development of updated ISR joint doctrine can provide JFCs with critical capabilities necessary to train forces and avoid the repetition of negative lessons learned discussed here.
+
+## Conclusions
+
+
+The C4ISR assets and systems employed during OIF were a crucial ingredient to the coalition's success.  Nevertheless, key factors impaired C4ISR assets and their systems from providing *OIF* commanders, across all levels of war, with timely, accurate, and actionable intelligence.
+
+
+The key factors affecting the ability of ISR assets to support rapid maneuvers during
+OIF included compressed engagement times, incompatible and inadequate C4ISR systems, eleventh hour TTP and planning considerations, a lack of intelligence analysis tools, and Service unfamiliarity with the other Service ISR capabilities.  A lack of interoperability between Service-unique C4ISR systems prevented the uninterrupted flow of information and intelligence across the intelligence cycle to warfighters.
+
+Speed of maneuver by air and ground forces, accompanied by compressed
+engagement times and persistent ISR assets, placed a significant strain on the ISR architecture.  Speed forced intelligence support components to streamline TPED methods.
+The inability of supporting intelligence elements to quickly respond to demanding
+
+operational requirements and rapid maneuvers was exacerbated by a lack of intelligence analysis tools to swiftly track and correlate large amounts of data.
+
+
+Eleventh hour TTPs and planning for C4ISR architectures created confusion and misunderstanding among JFC and subordinate intelligence components.  A shortage of experienced intelligence analysts delayed intelligence production, analysis and dissemination of time critical intelligence products.  Consequently, incomplete, inaccurate, and delayed OOB and COP/CIP products were forwarded to commanders for use as decision making tools. Joint operations, now, more than ever, rely on effective C4ISR systems and TTPs that can provide timely, accurate, and actionable intelligence to support rapid maneuvers across Service lines.
+
+
+
+ Bibliography
+
+ Baldwin, Al.  "I MEF ISR in OIF," Headquarters, U.S. Marine Intelligence Department
+Intelligence Community Newsletter, (June 2003): 9.
+
+ Biesecker, Calvin.  "Intelligence Network at Beale Demonstrates Advances in Battle Space
+Analysis," Defense Daily, 21 August 2003.  UMI-Proquest.  [16 January 2004].
+
+ ________.  "U-2 Spy Planes Were Crucial in Hunt for Iraqi Mobile Missile Launchers," C4I
+News, 21 August 2003.  UMI-Proquest.  [16 January 2004].
+
+ Boyne, Walter J.  Operation Iraqi Freedom: What Went Right, What Went Wrong, and Why,
+New York:  Tom Doherty Associates, 2003.
+
+"Carrier Intelligence Center (CVIC) Analytical Capabilities Against Ground Forces," Lessons
+Learned No. LLCC0-02988, 15 April, 2003.  Navy Lessons Learned Database. [13 January, 2004].
+CENTAF A2, "CENTAF A2 Warfighter Takeaways Brief ," OIF Lessons Learned
+Conference, 9th Air Force, 31 July 2003.  [13 January 2004].
+"CFACC ACCE Intelligence Preparation," Joint Universal Lessons Learned System No.
+41436-94678. April 13 2003.  [22 January 2004].
+ Coakley, Thomas P.  C3I: Issues of Command and Control.  Washington, DC: National
+Defense University Press, 1991.
+
+ Cook, Nick.  "ISR - Manned or Unmanned? Going Solo?" Jane's Defense Weekly, 19
+November 2003.  UMI Proquest.  [15 January 2004].
+
+ Cordesman, Anthony H.  The Lessons of the Iraq War: Main Report.  Eleventh Working
+Draft: July 21, 2003. July 2003.  <http://www.csis.org/features/iraq_instantlessons.pdf> [12 January 2004].
+
+"Dissemination of MPR ISR Products to Land and Sea Forces," Lessons Learned No.
+LLCC0-03270,  22 September 2003.  Navy Lessons Learned Database. [13 January,
+2004].
+ Garamone, Jim.  "Joint Ops Key to Lessons Learned From Iraq," Defense Link,  9 July 2003.
+<http://www.defenselink.mil/news/Jul2003/n07092003_200307095.html> [20 January 2004].
+
+ Haag, Jason L.  "OIF Veterans Discuss Lessons," Air Force Print News, 31 July 2003.
+<http://www.af.mil/news/story.asp?storyID=123005347>  [15 January 2004].
+
+ Hewish, Mark.  "Out of CAOCs Comes Order," Jane's International Defense Review, no. 36
+(2003): 22-27.
+
+ "Intelligence Database Management," Joint Universal Lessons Learned No. 41434-62689, 13
+April 2003. [22 January 2003].
+
+ "Intelligence Network at Beale Demonstrates Advances in Battlespace Awareness," Defense
+Daily, 219 (August 21, 2003): 1.
+
+"The Joint Common Operational and Common Intelligence Pictures (COP/CIP)," Lessons
+Learned No. LLCC0-03291.  5 May, 2003.  Navy Lessons Learned Database. [13
+January, 2004].
+ Knights, Michael.  "Iraqi Freedom' Displays the Transformation of US Air Power," Jane's
+Intelligence Review, v. 15, no. 5 (2003): 16-19.
+
+ Krepinevich, Andrew F.  Operation Iraqi Freedom: a First-Blush Assessment.   Washington,
+D.C., Center for Strategic and Budgetary Assessments, 2003.
+Moseley, Michael T.  "Operation Iraqi FreedomBy the Numbers," USCENTAF (United
+States Central Command Air Forces), Assessment and Analysis Division, April 30,
+2003. <http://www.globalsecurity.org/military/library/report/2003/uscentaf_oif_report_30ap
+r2003.pdf> [12 January 2004].
+
+ Murray, Williamson and Robert H. Scales. Jr.  The Iraq War: a Military History.  Cambridge:
+The Belknap Press of Harvard University Press, 2003.
+
+ Myers, Richard B.  "The New American Way of War," Military Technology,  June 2003.
+UMI-Proquest.  [16 January 2004].
+
+OIF Lessons Learned Conference, 9th Air Force, 31 July 2003.  [13 January 2004]
+
+ "Operation Iraqi Freedom (OIF) Lessons Learned." 1st Marine Division. May 2003.   <
+<http://www.globalsecurity.org/military/library/report/2003/1mardiv_oif_lessons_lear ned.doc>  [14 January 2004].
+
+ "Operations in Iraq: Lesson for the Future." December 2003.
+<http://www.globalsecurity.org/military/library/report/2003/iraqops_lessons_ukmod_dec03_index.htm>  [20 January 2004]
+
+ Paone, Chuck.  "AFMC, ACC Commanders to Mark CAOC-X Achievements."  8 June 2001.
+
+<http://www.hanscom.af.mil/hansconian/Articles/2001Arts/06082001-5.htm>  [25
+
+January 2004].
+
+ Sadler, Stephen R.  "Task Force ISR: Sea Power 21 in Action."  Unpublished paper, CNO
+Naval Intelligence Bulletin, 23 January 2004.
+
+ "Time Critical Targeting and Procedures." JULLS No. 41435035131, CENTAF-HQ USAF.
+13 April 2003.  [16 January 2004].
+
+U.S. Congress.  House.  "Statement by Admiral Edmund P. Giambastiani, Jr. Commander,
+United States Joint Forces Command and Supreme Allied Commander Transformation (NATO), Before the House Armed Services Committee, United
+States House of Representatives, October 2, 2003"  2 October 2003.
+<http://www.jfcom.mil/newslink/storyarchive/2003/pa100203.htm> [12 January
+2004].
+
+U.S. Congress. Senate.  "Statement of General Tommy R. Franks, Former Commander US
+Central Command, Before the Senate Armed Services Committee, July 9, 2003."  9
+July 2003.  <www.senate.gov/~armed_services/ statemnt/2003/July/Franks.pdf>  [12 January 2004].
+ U.S. Joint Chiefs of Staff.  Joint Tactics, Techniques, and Procedures for Joint Intelligence
+Preparation of the Battlespace, Joint Pub. 2-01.3.  Washington, DC: 24 May 2002.
+
+ ________.  Doctrine for Joint Operations, Joint Pub 3-0.  Washington, DC: 10 September
+2001.
+
+ ________.  Doctrine for Intelligence Support to Joint Operations, Joint Pub 2-0.
+Washington, DC: 10 September 2001.
+
+ ________. National Intelligence Support to Joint Operations, Joint Pub 2-02. Washington,
+DC:  28 September 1998.
+
+ ________.  Joint Intelligence Support to Military Operations.  Joint Pub. 2-01. Washington,
+DC: 20 November 1996.
+
+ ________. Doctrine for Reconnaissance, Surveillance, and Target Acquisition Support for
+Joint Operations (RSTA), Joint Pub 3-55.  Washington, DC: 14 April 1993.
+
+ Vego, Milan.  Operational Warfare.  Unpublished paper, U.S. Naval War College, Newport,
+RI, 2000.

markdown/misc/crowdsource.md

@@ -0,0 +1,466 @@
+# Fy2017 Final Report Power Of The People: A Technical, Ethical And Experimental Examination Of The Use Of Crowdsourcing To Support International Nuclear Safeguards Verification
+
+Zoe N. Gastelum Kari Sentz Meili C. Swanson Cristina Rinaudo Prepared by Sandia National Laboratories Albuquerque, New Mexico  87185 and Livermore, California  94550 Sandia National Laboratories is a multimission laboratory managed and operated by National Technology and Engineering Solutions of Sandia, LLC, a wholly owned subsidiary of Honeywell International, Inc., for the U.S. Department of Energy's National Nuclear Security Administration under contract DE-NA0003525.
+
+
+Issued by Sandia National Laboratories, operated for the United States Department of Energy by National Technology and Engineering Solutions of Sandia, LLC.
+
+NOTICE:  This report was prepared as an account of work sponsored by an agency of the United States Government. Neither the United States Government, nor any agency thereof, nor any of their employees, nor any of their contractors, subcontractors, or their employees, make any warranty, express or implied, or assume any legal liability or responsibility for the accuracy, completeness, or usefulness of any information, apparatus, product, or process disclosed, or represent that its use would not infringe privately owned rights. Reference herein to any specific commercial product, process, or service by trade name, trademark, manufacturer, or otherwise, does not necessarily constitute or imply its endorsement, recommendation, or favoring by the United States Government, any agency thereof, or any of their contractors or subcontractors. The views and opinions expressed herein do not necessarily state or reflect those of the United States Government, any agency thereof, or any of their contractors. Printed in the United States of America. This report has been reproduced directly from the best available copy.
+
+Available to DOE and DOE contractors from U.S. Department of Energy Office of Scientific and Technical Information P.O. Box 62 Oak Ridge, TN  37831 Telephone:
+(865) 576-8401
+Facsimile:
+(865) 576-5728
+E-Mail:
+reports@osti.gov Online ordering:
+http://www.osti.gov/scitech Available to the public from U.S. Department of Commerce National Technical Information Service 5301 Shawnee Rd Alexandria, VA  22312 Telephone:
+(800) 553-6847
+Facsimile:
+(703) 605-6900
+E-Mail:
+orders@ntis.gov Online order:
+https://classic.ntis.gov/help/order-methods/
+
+# Fy2017 Final Report Power Of The People: A Technical, Ethical And Experimental Examination Of The Use Of Crowdsourcing To Support International Nuclear Safeguards Verification
+
+Zoe N. Gastelum Meili C. Swanson International Safeguards & Engagements Sandia National Laboratories P. O. Box 5800
+Albuquerque, New Mexico  87185-MS1371
+Kari Sentz Christina Rinaudo Risk Analysis and Decision Support Systems Los Alamos National Laboratory P.O. Box 1663
+Los Alamos, NM 87545
+
+## Abstract
+
+Recent advances in information technology have led to an expansion of crowdsourcing activities that utilize the "power of the people" harnessed via online games, communities of interest, and other platforms to collect, analyze, verify, and provide technological solutions for challenges from a multitude of domains. To related this surge in popularity, the research team developed a taxonomy of crowdsourcing activities as they relate to international nuclear safeguards, evaluated the potential legal and ethical issues surrounding the use of crowdsourcing to support safeguards, and proposed experimental designs to test the capabilities and prospect for the use of crowdsourcing to support nuclear safeguards verification.
+
+## Acknowledgments
+
+This work was sponsored by the Office of Nonproliferation and Arms Control (NPAC, NA-24), Office of International Nuclear Safeguards Concepts & Approaches portfolio. Thank you to Melissa Einwechter for her support of this work. Tucker Boyce (formerly SNL) supported early research in support of this project and Laura Matzen (SNL) contributed to experimental design brainstorming.
+
+## Executive Summary
+
+This report reflects research conducted by Sandia National Laboratories (SNL) and Los Alamos National Laboratory (LANL) in assessing the feasibility of incorporating crowdsourcing to support international nuclear safeguards verification activities. The report was written in three parts, each part serving as a mid-term report on the evaluation of the use of crowdsourcing:
+
+
+Part 1 was led by LANL, and examines a taxonomy of crowdsourcing activities, breaking down into hierarchical structure related to purpose, players, type, motivation, and disclosures.
+
+Part 2 was led by SNL, and examines legal and ethical considerations of crowdsourcing activities in the context of international safeguards, examining from the perspectives of both collecting and using crowdsourced data.
+
+Part 3 was jointly written, with each lab developing its respective crowdsourcing for safeguards
+experiments. LANL experiments focused on expert communities, and the SNL experiments focused on non-experts. Each lab took a different perspective on administering the experiments, with SNL focusing on micro-tasks completed via online platforms, and the LANL team focusing on in-person engagement and gamification.
+
+## Nomenclature
+
+| Abbreviation   | Definition                         |
+|----------------|------------------------------------|
+| BOG            | Board of Governors                 |
+| CSA            | Comprehensive Safeguards Agreement |
+| FY             | Fiscal Year                        |
+| IAEA           | International Atomic Energy Agency |
+| LOF            | Locations Offsite a Facility       |
+| SDT            | Self Determination Theory          |
+| TOS            | Terms of Service                   |
+| VOA            | Voluntary Offer Agreement          |
+
+## Part I A Technical Examination Of The Use Of Crowdsourcing To Support International Nuclear Safeguards Verification Activities 1. Introduction To The Technical Examination Of The Use Of Crowdsourcing
+
+While crowdsourcing seems like a recent phenomenon, the idea of crowdsourcing has been around for hundreds of years. Starting in the late 1500s major European seafaring nations were offering large cash prizes to inspire a solution to finding longitude at sea. The prize that was finally claimed was posted by the British Parliament for what would be close to $20 million today after nearly two thousand sailors were lost when four British warships ran aground. The successful claimant was John Harrison, an English clockmaker for his marine timekeeper H4 in
+1759 [Sovel (1994)]. In the 19th century, US Naval Officer Matthew Fontaine Maury provided free wind and current charts to sailors on the condition of the return of standardized logs of their voyages so that he could collect the experience of different navigators in different seasons and different vessels traveling the same routes that could serve as guide to future navigators. [Pinsel (1981)] In the last decade, crowdsourcing has become an emergent technology because of the recognition of the value of human sourced data, analysis, or ingenuity and the coincidence with technological enablers such as the internet, mobile technology, social media, and ways to motivate crowds. Because of the enormous resources it can bring to wicked and data impoverished problems, crowdsourcing technology attracts many researchers in the safeguards community [Lee, Zolotova (2013); Hartigan, Hinderstein (2013); Gerami (2013); Hinderstein et al. (2014)]. We all come with the question of how might we leverage the power of the people in crowdsourcing for nuclear safeguards? In this midterm report, we explore how to design a crowdsourcing experiment that satisfies safeguards objectives and goals, protects nuclear industry professionals, crowd participants, and stakeholders and addresses the standards of quality necessary for safeguards verification.
+
+## 2. Crowdsourcing Safeguards
+
+We start with the high-level objectives of the International Atomic Energy Agency (IAEA) with regards to the implementation of safeguards. As summarized in [Board of Governors, IAEA (2014)], the generic objectives of safeguards are*:
+For States with [comprehensive safeguards agreements] CSAs:
+
+To detect any diversion of declared nuclear material at declared facilities or locations outside facilities where nuclear material is customarily used (LOFs)
+
+To detection an undeclared production or processing of nuclear material at declared facilities or LOFs; and
+
+To detect any undeclared nuclear material or activity in the State as a whole.
+For States with item-specific safeguards agreements:
+
+To detect any diversion of nuclear material subject to safeguards under the safeguards agreement; and
+
+To detect any misuse of facilities and other items subject to safeguards under the safeguards agreement.
+For States with [voluntary offer agreements] VOAs:
+
+To detect any withdrawal of nuclear material from safeguards in selected facilities or parts thereof, except as provided for in the agreement
+We can imagine this in terms of more specific detections such as discussed in [Hinderstein, Hartigan (2012)] looking for indicators of:
+
+Acquisition of or attempts to acquire specialized equipment
+
+Acquisition of or attempts to acquire materials through trade or diversion
+
+Transportation of specialized equipment and/or materials
+
+Production of fissile material
+
+Manufacturing of warhead
+
+Preparations for a nuclear test or missile launch
+
+Nuclear test or missile launch
+With the expansion of the use of nuclear technologies for peaceful purposes, the opportunities for diversion are increased and the challenge of distinguishing declared from undeclared activities becomes more arduous.
+
+## 3. Undertaking A Crowdsourcing Experiment
+
+We characterize this as a *crowdsourcing experiment* to highlight the meaningful commonalities between these activities: both involve aspects that are controlled and uncontrolled and the management, the outcomes, and positive and negative consequences are very much determined by the tensions between these two types of factors. Experimentalists call out these factors explicitly in design of a scientific experiment and accordingly, a crowdsourcing investigator should carefully consider what is controllable and uncontrollable in the experimental setting and the range of possible consequences up front. In any crowdsourcing experiment involves key steps [from Grier (2017)]:
+1. Design the job in accordance with the goal and objectives and identify the crowd selection criteria
+2. Write clear instructions 3. Choose a platform to serve as the crowdmarket 4. Release the job and recruit the crowd 5. Listen to the crowd and manage the job 6. Assemble the work and create the final product While certainly these steps figure into the planning of a safeguards design of a crowdsourcing experiment, they fall short of the full breadth of things we need to consider.
+
+## 3.1. Planning Considerations For Safeguards Crowdsourcing Experiment
+
+To help guide the design of a crowdsourcing experiment, we provide a framework summarized in Table 1. This is a taxonomy for crowdsourcing experimental design that endeavors to walk through different aspects of the planning considerations with an emphasis on specific concerns for safeguards. We contrast this with previous efforts in more generally applicable crowdsourcing taxonomies such as [Rouse (2010)] that organizes crowdsourcing by distribution of benefits and capabilities as well as [Cullina et al. (2015)] that are focusing on metrics.
+
+PURPOSE
+Goal
+Objectives
+Data Collection or
+Data Labeling or
+Data or Analysis
+Content
+Analysis
+Verification/Validation
+Technological Solution
+Generation
+Tasks
+Self-
+Crowdcontests
+organized
+Macrotasks
+Microtasks
+Crowdfunding
+crowds
+CROWDSOURCING TYPE
+Active
+Passive
+POTENTIAL PLAYERS
+Stakeholders
+IAEA
+State
+Other
+
+We think of the **purpose** as the reason for the crowdsourcing experiment and the **goal** as what we are trying to achieve with the crowdsourcing experiment. The **objectives** are concrete actions in how the goal will be achieved. Here we identify four types of crowdsourcing objectives: data collection or content generation; data labeling or analysis; data or analysis verification/validation; and a *technological solution*.
+
+Data collection or content generation can take many conceivable forms such as the collection of images, generation of text, generation of audio, collection of radioactivity data, seismic data, environmental data, etc. With the increasing sophistication of mobile devices, the reduction in footprint of memory stores as well as the diminishing size of sensors, the amount and type of data that can be collected and transmitted continues to increase. Data Labeling or Analysis is another activity that can take on a wide range of possible forms. Examples include labeling and searching image data, interpreting context, fusing disparate sources of information, anomaly detection, change detection, same detection. Data or analysis verification/validation may be the most important task a crowd can do for building confidence in both the experimental process and the outcome. This can stand-alone or be built into a *data collection* task or *data labeling/analysis* task. For example, many crowdsourcing experiments will require corroboration of data collects or findings. Technological solution crowdsourcing is also a very common and very successful form of crowdsourcing as metrics of success are frequently clear cut and verifiable through testing. In addition to challenges like the longitudinal problem in the introduction or the IAEA Technology Challenge [Createc (2016)] Open source code libraries are common example of successfully crowdsourced technical solutions.
+
+The specific **tasks** are what we ask the crowdworkers to do and frame how to do it. We include the tasks and descriptions as suggested by Grier in [Grier (2017)]. While these are broader than might apply to safeguards we include them here for comprehensiveness:
+Crowdcontests: Challenge or single job description with many people proposing or answering the challenge and competing for a singular reward Self-organizing crowds: A crowdcontest where the crowd organizes itself into a team and teams compete for a singular reward Macrotask: A specialized single task that can be done independently in a fixed amount of time that requires special skills of a worker Microtask: A small or simple task, often a part of a larger more complicated job where members of the crowd can do tasks and all are rewarded. Crowdfunding: Ways of raising funds through crowdsourcing, often for humanitarian purposes or venture capitalism.
+
+All of these previous tasks presume a specific **type of crowdsourcing** is being invoked, namely active crowdsourcing where the stakeholder or administrator plays an active role by posing a particular problem, soliciting information or solutions etc. Another type of crowdsourcing is passive crowdsourcing where the stakeholder or administrator assumes a passive role and collects and analyzes content on a specific topic that has been freely generated by citizens in various sources [Loukis, Charalabidis (2015)]. We deliberately separate the roles of **Stakeholders** and **Administrators** though often the players are conflated. The **Stakeholder** is the party who wants the product of the experiment and formulates the **Purpose** and the **Goal**. The **Stakeholder** can be an agency such as the *IAEA*, a State, or *Other* organizations that work in the area of safeguards. The **Administrator** is the party who performs and manages the crowdsourcing experiment. It can be useful to separate these parties for the purpose of logistics and qualifications but also public perception. For example a State can perform a crowdsourcing experiment on itself and share the results with other Stakeholders such as the *IAEA*. In the *Passive* crowdsourcing example, a commercial social media entity can perform a crowdsourcing experiment with no goal of safeguards but obtains relevant information that is freely available and of interest to a *State* or the *IAEA*. This relationship can be captured by the **Stakeholder**: State or *IAEA* and **Administrator**: *Third Party*. Second to the objective and task formulation, **Crowd Selection** is one of the more critical choices to the management and outcome of the experiment as it impacts the potential number of participants, the scale of the project to manage but also the quality of the task execution and the need for *post hoc* validation and verification. Here we consider three different options: General crowd (unrestricted); *Proximal* crowd (the people close in proximity to a location of interest); Expert crowd (people with specialized knowledge).
+
+With *General* crowd recruitment and compelling motivation, we can see enormous numbers of people worldwide coming together to solve problems. For example, the Tomnod online search party for the Malaysian airline flight MH370 recruited 2.3 million people who scanned every pixel of 750,000 images at least 30 times within 5 days [Fishwick (2014)]. While this effort was not successful in recovering the lost airline, it is an astounding crowdsourcing design involving huge numbers of crowdworkers performing microtasks with multiple validations quickly. Proximal crowds require either a pre-selection criteria for participation, a geolocation filter on voluntarily collected data, or a voluntary disclosure of location through mobile devices. Good examples include Safecast (http://blog.safecast.org/) where radioactivity data is geolocated and mapped or the use of the Ushahidi platform to aid in emergency response after the Haitian earthquake in 2010 [Gerami (2013)]. Expert crowds will also require a pre-selection criteria or a success in a specialized task, competition, or challenge. While the expertise may help alleviate the burden on verification of results, that burden may simply be shifted to the assessment of expertise up front.
+
+Crowd Motivation: Sustaining crowd participation and interest over time is critical to a successful crowdsourcing experiment. This requires analysis into what motivates the crowd to engage in crowdsourcing activities and how to create an incentive mechanism to attract participants. A useful framework to understanding people's willingness to participate in crowdsourcing comes from Self Determination Theory (SDT), formulated by Ryan and Deci (1985). SDT has been used extensively in gamification research and game design and frames motivation as one of the fundamental bases of human behavior: it starts with a particular need and activates a consequent behavior aimed to reach a goal. Deci and Ryan describe three innate and psychological Needs: *Competence* (being competent in performing a task), *Autonomy* (being in control of own behaviors and goals) and *Psychological Relatedness* (experiencing a sense of belonging). When people experience these innate needs, they become self-determined and intrinsically motivated to pursue certain behaviors. We identify two main motivators: *Intrinsic* and *Extrinsic*:
+Intrinsic motivators are innate to humans and refer to the natural predisposition to explore, learn, and master new skills and abilities that are essential to cognitive and social development and the satisfaction provided by completing a task. Extrinsic motivators are related to attaining a goal (a promotion), or some kind of external outcome (a monetary reward) and are not usually related to the satisfaction derived from completing an activity.
+
+According to [Roberts et al. (2006)] internal and external motivation likely interact and both affect participation. For these reasons, a crowdsourcing experiment may carefully design intrinsic and extrinsic motivators in combination and perhaps to include changes over time in an attempt to sustain engagement. Categories of ways of motivating such as *quid pro quo* (rewards or compensation), *peer recognition* through point systems, contests and *challenges*, gamification, altruism. The next planning consideration in the taxonomy deals with the choices in **Disclosure** that we explore from the perspective of the **Goal**, the **Objective**, the **Stakeholder** and the Crowd Participants. The point over disclosures is to capture in the idea of "experimenter effect" that the knowledge of the goal of the experiment or the **Stakeholder** of the experiment can bias the outcome in both positive and negative ways. There may be an advantage to non-disclosed Goals and non-disclosed **Stakeholders** administrated through commercial third parties just to circumvent the disinformation that could be imagined in the fully disclosed case. The concern over disclosing the **Crowd Participants** relates to their protection. The anonymity of the crowd can yield better information on one hand, it allows for disinformation with impunity on the other.
+
+## 3.2. The Importance Of Validation And Verification Of Information
+
+The challenge of crowdsourcing is the validation and verification of information and the discrimination of valid information from disinformation and misinformation. We have seen an example of built-in validation in the Tomnod Malaysian airliner search of cooperation and consensus over many crowdworkers before an area was tagged for follow up. We also identify Data or Analysis Verification/Validation as its own crowdsourcing task. Hinderstein et al. (2014) voice optimism on the successes of the private sector with Amazon Turk with feedback loops and Wikipedia moderators as well as tradecraft on vetting data and detecting bias. However with the number of intentional disclosures of disinformation seen over the internet in the last year, we can only expect that the validation and verification of information culled from crowdsourcing will be harder and previously successful methods may have to be evolved.
+
+## 4. Conclusions And Future Work
+
+In this Midterm report, we outline a taxonomy for the design of a safeguards crowdsourcing experiment with a detailed discussion on each element of the taxonomy. In forthcoming work, we will discuss the legal and ethical considerations for crowdsourcing safeguards and the types of crowdsourcing experimental designs that positively adhere to those considerations. Finally we will discuss candidates for active crowdsourcing experiments for Phase 2. This is the first installment of the new collaborative effort on crowdsourcing safeguards with Los Alamos National Laboratory and Sandia National Laboratories.
+
+## Part Ii A Legal And Ethical Examination Of The Use Of Crowdsourcing To Support International Nuclear Safeguards Verification 5. Introduction To The Legal And Ethical Examination
+
+The growth of the Internet and the Information Age has allowed the International Atomic Energy Agency (IAEA) Department of Safeguards to significantly expand its open source information collection, including new formats (such as multimedia [Barletta et al. (2016)]) and sources (such as social media [Lorenz, Feldman (2014) and Fowler et al. (2016)]) for potentially safeguardsrelevant information. The Agency's exploration of social media data has led some researchers in the nuclear nonproliferation community to consider the potential for the use of societal mobilization, also known as crowdsourcing, to support information collection and analysis efforts. For the purposes of this research, societal mobilization "refers to an appeal that is broadcast to the public...requesting information, analysis, or opinion" [Gastelum (forthcoming 2017)]. In this paper, we discuss the legal and ethical implications of the spectrum of crowdsourcing activities that may be available to support international nuclear safeguards. We define legal implications as the legal rights and permissions to collect and use information (which includes raw data, analyses, or even technologies) from crowdsourced activities. We examine ethics within the framework of the three basic principles defined in the Belmont Report [The National Commission for the Protection of Human Subjects of Biomedical and Behavioral Research (1978)] regarding research involving human subjects. While we recognize that crowdsourcing for international safeguards is distinct from biomedical or behavioral research using human subjects, we find that the protections for human life and well-being proscribed in the Belmont report are highly applicable to the potential collection or use of crowdsourced data to support international safeguards. We conduct this analysis with separate considerations for the collection and use of crowdsourced information (or technologies), and incorporate the taxonomy of the design of a safeguards crowdsourcing experiment presented in this project's midterm report (Part I) as framework for our examination. To better illustrate the connections between this analysis and the taxonomy presented in the midterm report, we **bold** the concepts defined in that paper. During the course of this research, the team also became aware of a number of best practices and considerations for the IAEA's use of crowdsourcing activities to support international safeguards verification. While these were neither legal nor ethical per se, they are critical to any IAEA implementation of crowdsourcing for safeguards and thus included in the last section of this report.
+
+## 6. Legal Collection Of Crowdsourced Data
+
+There are two means to analyze the IAEA's legal rights and boundaries for collecting crowdsourced data. The first includes how the IAEA *collects* and *evaluates* all relevant information for its safeguards verification activities under Part I of the strengthened safeguards measures established by the 93+2 Commission. The second relates to how the crowdsourced data itself is collected from the various crowdsourcing platforms, for which legal terms regarding the collection and use of the data are defined in each platform's respective Terms of Use or Terms of Service.
+
+## 6.1. 93+2 Part I Measures
+
+The IAEA has been routinely collecting and analyzing open source information in support of international nuclear safeguards verification since at least 1991 with the establishment of an open source information analysis unit within the Department of Safeguards [IAEA (2007)]. The Agency's collection and analysis of open source information was formalized in the 93+2 Part I measures [International Atomic Energy Agency (1995)]:
+The proposed approach to a strengthened and more cost-effective safeguards system builds on the current system of material accountancy and control by integrating...[e]lements of increased access to information and its effective use by the Agency, including...improved analysis and evaluation of all relevant information available to the Agency.
+
+GOV/2784 describes three sources of that increased information as information provided by the state under an Expanded Declaration, information from strengthened safeguards measures, and "information from all sources available to the Agency, including the public media, scientific publications and existing Secretariat databases...as well as other information made available by Member States" [IAEA (1995) pp. 21]. Today, open sources of data collected and analyzed as part of the State Level Concept include, for example, press releases, news media, government and academic websites, trade information, scientific and technical journal publications, and satellite and groundbased imagery. In the past two decades, the visibility of open source information analysis in support of nuclear safeguards verification has grown considerably, providing context for traditional in-field safeguards activities and complementary access visits, raising important questions about state declarations or activities, and in some cases such as for states with Small Quantities Protocols, serving as the primary source on safeguardsrelevant information. GOV/2784 offers the following legal analysis regarding "improved analysis of information" including open source information [IAEA (1995) pp. 23]:
+"Comprehensive safeguards agreements require the Agency to draw conclusions from its verification activities (INFCIRC/153, para. 90), which presupposes the analysis and evaluation of the results of such activities. Improvements in the Agency's analytical techniques would therefore be consistent with the overall objective of a strengthened and more cost-effective safeguards system, and can be pursued within the Agency's existing legal authority."
+This appears to legally justify at least *some* use of some crowdsourced data. However, the means by which the IAEA gains access to that data may be interpreted differently. For this, must consider the **crowdsourcing type**: passive or active. Passive crowdsourcing is defined in the midterm report (Part I) as an activity in which "the stakeholder or administrator assumes a passive role ad collects and analyzes content on a specific topic that has been freely generated by citizens in various sources." This could be interpreted as constituting any open source information, including information on the Internet and social media platforms. Active crowdsourcing is defined as an activity in which "the stakeholder or administrator plays an active role by posing a particular problem [and] soliciting information or solutions."
+Assuming the consideration only of active crowdsourcing activities for this research, we must consider both the **stakeholders** and the **administrators** of the crowdsource activity. A stakeholder is defined in our mid-term report (Part I) as "the party who wants the product of the experiment and formulated the purpose and goal." In cases where the IAEA is the primary stakeholder, the Agency would initiate a crowdsourcing activity and have direct interest in the resulting data (this type of activity may be either directly administered by the IAEA, or by an external administrator on behalf of the IAEA). However, given the various means by which the Agency might gain access to crowdsourced data, the Agency may also be a secondary stakeholder, in which the data was collected for another purpose or stakeholder but also interest to the IAEA. Examples of instances in which the IAEA is a secondary stakeholder include, for example, the IAEA accessing open source crowd-sourced data from a platform that collected the information for non-safeguards purposes, or a non-governmental organization or thirdparty providing information collected via crowdsourcing from their own activities to the IAEA if it was later determined that the results would be of interest to the Agency. In cases where the IAEA is a secondary stakeholder and accesses via open sources or is otherwise provided access to crowdsourced data, there appear to be no legal barriers for the Agency to treat that data any differently than it would other potentially safeguardsrelevant information. However, in cases where the IAEA is a primary stakeholder and is therefore responsible for initiating the collection of crowdsourced data, Member State buy-in would likely be required in any state for which data was being collected or analyzed in order to be considered "other information made available by the Member State" [International Atomic Energy Agency, (1995) pp. 21] If the IAEA were to be the primary stakeholder in a crowd-sourced activity that did not have buy-in from the host state, this could be considered espionage.
+
+## 6.2. Terms Of Service From Individual Platforms
+
+Terms of Service (TOS) are the legal agreement between platforms and their users regarding, among other things, how the data on their platform can be collected or used. TOS differ by platform, country, and by the crowdsource activities on that platform. If the IAEA were the primary stakeholder for a crowdsource activity, it would presumably administer the activity on its own site (in which it could define favorable terms of use that would enable the IAEA to collect and analyze data for safeguards purposes) or work with a platform (administrator) that had TOS that would be favorable to how the Agency wanted to collect the data. Most platforms include in their TOS that data harvesting should not be conducted in a way that results in a Denial of Service for the site. In addition to specifications regarding how the data from a specific platform is collected, some platforms terms of service explicitly prohibit the misrepresentation of an individual's identity for the purpose of data collection. This would prohibit the IAEA from collecting data under the guise of a non-IAEA identity.
+
+## 7. Legal Use Of Crowdsourced Data
+
+As noted above, the IAEA's collection of crowdsourced data through and IAEA-administered or IAEA-stakeholder activity may face legal limitations via Terms of Service agreements and avoiding the appearance of espionage. However, once the data is available (for example, as provided by a third party and not collected directly by or for the IAEA), the legal use of that data to support safeguards verification originates from the same Board of Governors report which authorizes the collection and analysis of open source and other Member-State supplied information [International Atomic Energy Agency (1995)]. For cases in which the IAEA uses data collected from a commercial platform not administered by the Agency itself, care must be taken to follow the terms of use of the platform regarding use of the data. For instance, many platforms prohibit users from copying materials under an intellectual property rights clause. Additionally, specific countries have TOS agreements that prohibit users from copying data without authorization. However, since the IAEA would be unlikely to publish the data or use it for commercial gain, it would likely be able to use the data under a "fair use"** clause without violating intellectual property regulations.
+
+## 8. Ethical Collection Of Crowdsourced Data
+
+For the purposes of this research, we found the ethical principles on the use of human subjects for biomedical and behavioral research from the 1978 Belmont Report to be highly applicable as ethical considerations for crowdsourcing. The Belmont Report outlines three main ethical principles: 1) respect for persons; 2) beneficence; and 3) justice, explained in the context of crowdsourcing below.
+
+## 8.1. Respect For Persons
+
+According to the Belmont report, respect for persons consists of two ethical principles: first, that individuals should be treated as autonomous agents (i.e., they can choose to participate or cease participating at any time), and second, that some individuals have diminished autonomy and must be protected. For crowdsourcing activities, this pertains to **crowd selection** and disclosure choices. Crowd selection can consist of the general public, proximal crowds (those in close physical proximity to an area of interest) or expert crowds (those with specialized knowledge). For crowdsourcing for safeguards, respect for persons means that individuals need to be given the explicit choice to participate in the verification activity (which could be terminated at any time), and that some individuals who are not able to make that choice should not be included as they may not have the full mental capacity to determine their participation (for example, children, those with reduced mental capacity or illness, or incarcerated persons). Any crowd selection activity should make explicit that participation is completely voluntary. For selection among the general public or proximal crowds, criteria for participation could include minimum age restrictions in order to protect children. Protecting those in other compromised situations such as incarcerated persons or those with mental illness is much more challenging, but efforts may be made in the design of a crowdsourcing activity to neither target not discriminate against these populations. The disclosure of a crowdsourced activity's stakeholder and goal can be an important determinant for participants to decide their own level of participation. For example, if an individual agrees with the mission of IAEA safeguards, disclosure of the IAEA as a stakeholder may increase the person's intrinsic motivation to participate. Alternatively, an individual who disagrees with the IAEA's mission may choose not to participate. In cases when the IAEA is a secondary stakeholder, the stakeholder and goal change from the point of original collection to the secondary use, and may be resource prohibitive to retroactively disclose.
+
+## 8.2. Beneficence
+
+Under beneficence, people are treated ethically by respecting their decisions, protecting them from harm, and making efforts to secure their well-being. The two general rules under beneficence are: "(1) do not harm and (2) maximize possible benefits and minimize possible harms" [National Commission for the Protection of Human Subjects of Biomedical and Behavioral Research (1978)]. Abiding by the principles of beneficence for a crowdsourcing activity in support of safeguards would impact the activity's **objectives** (some objectives carry more risk for participants than others) and **disclosures** (specifically identification of crowd participants, which could threaten participants' identity or personal information).
+
+## 8.2.1. Do No Harm
+
+The principle of doing no harm for human research subjects in biomedical and behavioral research stems from a history of experimentation in the 20th century in which participants were exposed to infectious disease, experienced psychological impacts of high-stress experiments, or experienced other side effects from participating in experiments that were ethically unsound. For a safeguards crowdsourcing activity's objectives, it is unlikely that participants would experience physical or psychological harm. However, depending on the activity, data collection or content generation may pose potential risk to participant safety. For safeguards verification purposes, we assume that collection refers to information or sample collection. Crowd-sourced data generation leverages the ubiquitous presence of sophisticated camera and monitoring equipment in the hands of citizens to provide data streams to the IAEA or societal mobilization platforms that could then be analyzed for safeguards-relevance. For safeguards, data collection or content generation may include taking photos, taking radiation measurements or environmental samples (if deemed acceptable by the BOG as part of wide area environmental monitoring), sending observations regarding facility status (presence/absence of a steam plume, presence/absence of equipment, or patterns of life such as fullness of the parking lot). In order to protect participants from safety hazards, the administrator should define the task so that it is not inherently dangerous, and so that participants are aware of potentially hazardous conditions. For example, if a crowdsourcing activity includes taking photos of a nuclear facility, participants should be advised to take photos only from publically accessible areas (i.e. not within a restricted area of the site).
+
+## 8.2.2. Maximize Benefits And Minimize Harms
+
+To maximize benefits, only crowdsourcing activities for which the data can be reasonably expected to be used in support of safeguards verification activities should be collected (assuming IAEA as the primary **stakeholder**). That is to say, collecting data from crowdsource activities should not be collected for the sake of collecting data - there should be a defined data collection plan in which the collected data can be applied for a specific verification activity. To minimize harm, the most significant consideration is the disclosure of crowd participants' identities to protect them from potential retaliation (from the host state, from anti-nuclear groups, etc.). The fear is that participants in a crowdsourcing activity without Member State consent
+could be viewed as whistleblowers or even as spies. As such, protection of participants' personal information and identities is an important consideration. For an IAEA-administered crowdsource activity, this would be the direct responsibility of the IAEA (and presumably would be described in the TOS). For activities administered by non-IAEA entities, it would be important that the IAEA only use, store, protect, and transmit the data in accordance with the original administrator's or stakeholder's specifications per their activity so as not to compromise any of the participants' privacy.
+
+## 8.3. Justice
+
+In regards to the Belmont report and the ethical use of human subjects, justice refers to the distribution of the benefits of the research compared to who bears the burden. For crowdsourcing related to international safeguards, the benefit could be considered global (for those who consider nuclear proliferation to be a global good/benefit). However, the risks would likely be concentrated in specific populations depending on **crowd selection** and would vary depending on the **objective**. Understanding the potential burden of a crowdsourcing activity for safeguards also calls into question the **crowd motivation**. If the crowdsourcing activity was global in nature (e.g., send us pictures of all the cooling towers in the world), the burden would be fairly distributed, as there are cooling towers in countries with nuclear energy, as well as those used for coal power plants. However, if the activity was focused on a specific country or site of interest, the **proximal crowd** would bear a much larger role (and therefore risk, burden). In crowd analysis activities, an **expert crowd** could theoretically be unduly burdened by excessive requests on a highly specialized topic. However, these impacts are expected to be minimal given the non-discrimination principles imposed by IAEA safeguards as well as the voluntary nature of crowdsourcing activities. Regarding crowd motivation, the Mid-Term report describes **intrinsic motivation** (i.e. satisfaction derived from completing an activity) and **extrinsic motivation** (related to attaining a goal or external outcome such as a reward). Intrinsically motivated crowds who participate in crowdsource activities based on their own personal motivations pose little ethical challenge. However, there is significant debate in the crowdsourcing community regarding the use of monetary payment (an archetype of extrinsic motivation). Some crowdsource platforms, for example Amazon's Mechanical Turk, use small payments to motivate participants. While this was likely intended as a motivational tool and not as an employment opportunity, some have claimed that the use of small payments could exploit certain types of workers who rely on the payments as a source of income (these populations may also be in a state of diminished autonomy, for example undocumented immigrants). The issue of payment may be exacerbated under the **technological solution** objective, in which the crowd develops equipment, computer codes, or other solutions that can require significant investments of infrastructure, time and resources on behalf of the participants. While many crowdsource activities with technological solution objectives do offer a reward for the best solution, many participants receive no compensation for their time or supplies.
+
+## 9. Ethical Use Of Crowdsourced Data
+
+Once crowdsourced data has been collected, its use poses minimal ethical concerns. However, as with ethical collection principles, participant identities and personal information should continue to be protected. In addition, it could be argued that the IAEA also has the responsibility to verify the data and to utilize the information in a non-discriminatory manner. However, because these responsibilities do not clearly fall within the definition of ethics, they will be discussed in more detail in the Best Practices section below. For instances in which the IAEA is the secondary stakeholder, they might consider if the activity was conducted ethically before determining if they will use the data. Data generated or collected in an unethical way, even if not initially for safeguards use, might be better avoided.
+
+## 10. Other Best Practices
+
+In the process of analyzing legal and ethical issues for incorporating crowdsourcing activities into international nuclear safeguards verification, several concerns, issues, or recommendations for best practice emerged. While many of these were not explicitly legal or technical, the research team found them sufficiently pertinent to include here.
+
+## 10.1. Independent Verification
+
+Recent high-profile errors made in crowdsourcing efforts call out the potential fallibility of "the crowd." Furthermore, the potential high visibility of a crowdsourcing activity in support of IAEA
+safeguards may have increased susceptibility to sabotage*** or misinformation. As with all open source data the Agency collects, they have the responsibility to independently verify that information. This is currently standard practice in the Agency's analytical due diligence, and would need to extend to crowd-sourced data. Fortunately, many **data collection/generation** and data analysis crowdsourcing activities already include verification and validation within the activities themselves, requiring multiple users to submit similar responses before the data would be considered for use. A **technological solution** developed for safeguards via a crowdsourcing activity would be subject to the same vulnerability analysis and technology approval process used for any safeguards equipment.
+
+## 10.2. Protecting Sensitive Data
+
+Data collection and generation about a state's nuclear facilities has the potential to generate or expose commercial proprietary, security, and safeguards information. Furthermore, data labeling or analysis activities could unintentionally expose, via the mosaic effect, states' sensitive information. As Oboler et al point out, "the potential damage of multiple individually benign pieces of information being combined to infer, or a big dataset being analyzed to reveal, sensitive information" is difficult to predict [Oboler et al. (2012)]. As with all safeguards activities conducted by the IAEA, the Agency has the responsibility to protect that data. Considerations regarding what information about a state would be exposed, collected, or analyzed in the course of a crowdsourcing activity to support safeguards verification would have to be carefully considered prior to the launch of an activity to ensure that the IAEA maintains its high standards for protecting sensitive information. This will involve careful cooperation between the IAEA and the state to ensure no sensitive data is being exposed, and that data collected is stored and analyzed according to the information security practices required for other safeguards data.
+
+## 10.3. Avoiding Undue Burden
+
+Though we have established that crowdsourced data may be legally permissible for the IAEA to use in support of its safeguards verification activities, any collection, generation, or analysis of that data must be done so in a way that does not unduly burden states or nuclear facility operators. Indeed, the IAEA's report GOV/2784, which describes strengthened safeguards measures under the 93+2 activities, notes that while the IAEA can collect and analyze additional information to support verification, it should not burden states with "excessive costs or by cumbersome measures to facilitate verification" [International Atomic Energy Agency (1995) pp. 1-2]. Regarding the application of crowd sourcing, this could be interpreted to include activities administered by, or with the primary stakeholder as, the IAEA. Such undue burdens resulting from an IAEA crowdsourcing activity could include, for example, crowding around a nuclear facility perimeter disrupting physical protection operations or trespassing by overeager participants wanting to collect data.
+
+## 10.4. Protection Of Iaea Interests
+
+While it may seem self-evident, a crowdsourcing activity undertaken by the IAEA to support safeguards verification should protect the Agency's own interests. In order to prevent potential obfuscation, the IAEA does not disclose details regarding areas of potential proliferation concern directly to a state, other than to ask follow-up questions or perhaps request a visit via complementary access. Thus, care must be taken in the construction of a crowdsourcing activity to ensure that IAEA safeguards questions regarding potential undeclared activities are not disclosed.
+
+## 10.5. Optics
+
+Finally, it is recognized that the IAEA safeguards mission operates in a politically sensitive environment. The Agency, if it chooses to adopt the use of crowdsourced data or analysis, should do so only in a manner that cannot be interpreted as intelligence collection or espionage. Any crowdsourcing activity conducted for the IAEA as the primary stakeholder should include Member State buy-in from all states which may be subject to information collection or analysis activities to alleviate this concern.
+
+## 11. Conclusions And Future Work
+
+Our analysis indicates that there are ways for the IAEA to utilize data from crowdsourcing activities to support safeguards verification. Some implementations of crowdsourcing for safeguards are legally or ethically uncertain, and must be carefully considered prior to adoption. In addition to compliance with legal and ethical norms for the use of crowdsourcing, there are other best practice considerations that would need to be accounted for in any IAEA-sponsored (i.e. as primary stakeholder) crowdsource activity. While crowdsourcing could theoretically provide data useful for the analysis of a state's nuclear activities, there has not been sufficient testing to conclude that 1) sufficient quantities of data could be collected; and 2) quality and veracity of data would be sufficient for safeguards use. As such, experimental testing is required to further assess the use of crowdsourcing for safeguards. A conceptual experimental plan will be delivered with this project's year-end report, with experiments to be conducted in FY18.
+
+# Part Iii Experimental Designs To Test Crowdsourcing In Support Of International Nuclear Safeguards
+
+## 12. Introduction To Experimental Design
+
+In FY17, the Power of the People research team defined a taxonomy of crowdsourcing activities, and conducted a legal and ethical examination of how such activities could be conducted to support international nuclear safeguards verification as a foundation for a more in-depth examination of the potential to use crowdsourcing to support safeguards. The team plans to conduct a series of experiments in FY18 to more precisely evaluate the ability of the public or expert groups to provide relevant insight for safeguards-like problems. In this report, we describe conceptual experimental designs of activities to be conducted by Sandia National Laboratories and Los Alamos National Laboratory in FY18. In our FY17 work, we identified several types of crowdsourcing activity, including data collection/generation, data analysis and labeling, and the development of technological solutions for safeguards. The team decided to focus on analysis and labeling tasks, due to implementation challenges expected from other crowdsourcing activity types. In addition, analysis and labeling tasks appeared more feasible for the support of international safeguards based on the team's ethical and legal analysis. In order to test a wide range of types of analysis, the team split into expert analysis activities (led by LANL) and non-expert communities (led by SNL). Each laboratory designed a series of experiments, described in more detail below.
+
+## 13. Experiment 1 (Snl): "Tag The Tower" - Classification Of Cooling Tower Images
+
+In this experiment, we will test non-expert crowds using a basic information analysis experiment in which participants will classify digital images based on whether or not they contain a hyperbolic cooling tower. Classifying cooling towers serves as a simplified proxy for recognition and tagging of photos of nuclear facilities, which could be used to draw analyst attention to a site of interest, or to train an algorithm to recognize them. This proxy problem will be used to determine if we can use non-experts with minimal training to classify photos of potential safeguards interest. If we are successful, more complex experiments such as assessments of multiple photos or determining the geolocation of a photograph may be further explored.
+
+## 13.1. Research Question
+
+This experiment seeks to test the question: Can crowdsourcing be reliably used to classify photographs of safeguards interest among a non-expert community? To determine success, we will measure:
+
+Accuracy (compared to existing image labels);
+
+Timeliness (time to reach the desired number of labels per image on the complete image set);
+
+Participant completion (the number of tags a unique user completes)
+
+Participant diversity (number of unique participants); and
+
+Participant agreement (% agreement on tagging, for data validation).
+
+## 13.2. Methodology
+
+In this experiment, participants will be presented with a set of digital photographs, and asked to determine:
+1.
+If there is a concrete, hyperbolic cooling tower such as those used at nuclear power stations and coal fired power plants; and
+2.
+Whether the cooling tower (if present) has a steam plume.
+Participants will be presented with a set of images, consisting of both cooling tower (steam plume and not) and not cooling tower images that have been collected from the Flikr site in accordance with the Flikr API user agreement. The images were manually labeled as part of a NA-22 funded research project in FY17.
+
+## 13.3. Platform
+
+We plan to conduct this experiment using the open source crowdsourcing platform Zooniverse. Because the Zooniverse platform selects which crowdsourcing activities to make public, we will be prepared to use an alternate platform if this experiment is not selected.
+
+## 13.4. Data Collection And Analysis Plan
+
+We plan to collect three to five labels (from unique participants) for each image in our dataset. We intend to collect the following information in the course of the experiment:
+
+Image labels
+
+
+Unique identifier of the participant who provided each label
+
+Timestamp associated with the label
+Given those data points, we will be able to assess the five measures (accuracy, timeliness, participant completion, participant diversity, and participant agreement) described above.
+
+Participants will be recruited via standard practices on the selected crowdsourcing platform. No targeted recruitment is anticipated. All potential participants will be provided with a short description of the task, and an estimate of the time required to complete the task. Due to the online, open, and voluntary nature of the platform, we will neither target nor discriminate against vulnerable populations.
+
+Users of online crowdsourcing platforms are generally recognized as agreeing to willfully participate in the activity (given there is sufficient explanation of the task on the site). Due to the ease in discontinuing use, especially for activities which offer no or limited compensation, continued participation can presume continued consent, and users can stop at any time.
+
+Participant information will be collected in order to identify the number of unique participants, and to associate a participant with the labels they assigned to each image. This will be done through the collection of a user hash, user name, IP address, or other identifying information depending on the crowdsource platform. The research team will make efforts to limit the connection between a user identification method and association with actual identifying information of the user.
+
+## 14. Experiment 2 (Snl): Personnel Patterns Of Life
+
+The personnel present at a nuclear facility (just as any location) can provide a secondary indicator of the type, or scale, of activity taking place at that site. The presence of construction workers, office workers, military personnel, first responders, or other types of individuals - and their respective density at a facility - are an important aspect of "patterns of life" analysis. In this experiment, we will test the ability of a non-expert crowd to identify:
+1.
+whether an image contains people, and if so,
+2.
+if an image includes people wearing firefighter uniforms, and
+3.
+the count of people (uniformed, and total count) in an image.
+The purpose of this activity is two-fold. First, it establishes a more complex level of analysis to test the effectiveness of crowdsourcing activities with potential safeguards implications. Second, this activity will share data and results with an on-going NA22 project that will use the image labels to train an algorithm to automate the counting/density estimates of people in various uniforms for patterns of life analysis. The NA22 project will provide both the data and the funding for participant compensation. The roll-out of the experiment will be a shared-cost between the two projects, with this NA-241 project having access to the full dataset collected by the activity in order to assess crowdsourcing effectiveness.
+
+## 14.1. Research Question
+
+This experiment will test the question: Can the public reliably identify uniforms and count the number of people in a photograph, to assist in patterns of life assessments? To determine success, we will measure:
+
+Participant agreement (% agreement, to approximate accuracy);
+
+Timeliness (time to reach the desired number of labels per image on the complete image set);
+
+Participant completion (the number of tags a unique user completes); and
+
+Participant diversity (number of unique participants)
+
+## 14.2. 3.2 Methodology
+
+Users will be presented with a set of photographs collected from the open source photography sharing website Flikr, that have been selected based on a series of search terms developed under the NA22 project described above to target people and firefighters. For each photograph, users will be asked:
+1.
+Does the photograph contain people? (if not, this will complete the task)
+2.
+Does the photograph contain images of people in a firefighter uniform? If yes, how many?
+3.
+How many people total are in the photograph?
+
+## 14.3. 3.3 Platform
+
+The experiment will utilize Amazon's Mechanical Turk platform.
+
+## 14.4. 3.4 Data Collection And Analysis
+
+This experiment intends to provide approximately 15,000 images, with a goal of collecting three to five complete labels (i.e. answering the full question set above) for each. A user identifier such as an IP address or user name will be collected with each question set, along with a timestamp on the completion of the activity.
+
+Participants will be recruited via standard practices on the selected crowdsourcing platform. All potential participants will be provided with a short description of the task, and an estimate of the time required to complete the task. Due to the online, open, and voluntary nature of the platform, we will neither target nor discriminate against vulnerable populations. The research team intends to provide minimal compensation ($0.01 to $0.10 per image) to encourage user completion.
+
+Users of online crowdsourcing platforms are generally recognized as agreeing to willfully participate in the activity (given there is sufficient explanation of the task on the site). Due to the ease in discontinuing use, continued participation can presume continued consent, and users can stop at any time. Per the terms of Mechanical Turk, compensation will be provided on an imageby-image basis that a user completes. The minimal nature of compensation is not expected to inflict undue influence for users to continue participation if they are no longer willing.
+
+Participant information will be collected in order to identify the number of unique participants, and to associate a participant with the labels they assigned to each image. The research team will make efforts to limit the connection between a user identification method and association with actual identifying information of the user.
+
+## 15. Experiment 3 (Snl): Audio And Video Transcription
+
+Time and resources permitting, Sandia would like to run a third experiment in which we evaluate a non-expert crowd's ability to transcribe audio and video files, from a variety of voices and accents. This will directly address a challenge currently being faced by the IAEA's State Factors Analysis section to collect and integrate multimedia information into their assessments. While efforts are currently underway to evaluate a suite of tools available for transcription, this activity will assess the ability of crowdsourcing to support that goal. While multi-lingual assessments would potentially provide the most value added for a safeguards use case, this assessment will start with English-language videos due to their availability to the research team.
+
+## 15.1. Research Question
+
+This experiment will test the question: Can the public reliably transcribe English-language video and audio files across a number of voices and accents? To determine success, we will measure:
+
+Accuracy (scoring mechanism is pending);
+
+Timeliness (time to reach the desired number of transcriptions per audio or video file);
+
+Participant completion (the number of transcriptions a unique user completes); and
+
+Participant diversity (number of unique participants).
+
+## 15.2. Methodology
+
+Users will be presented with a segment of an audio or video file. Files will vary in length, to determine if/how segment length impacts accuracy. Users will be asked to transcribe the audio or video files into English text. The mechanism for scoring the transcription is pending.
+
+## 15.3. Platform
+
+We will conduct our experiment on an open source crowdsourcing platform, such as Mechanical Turk, Zooniverse, or CrowdFlower.
+
+This experiment will cultivate (collect, or if needed, create) a body of publicly available audio and video files in the English language, and collect a minimum of three transcriptions into English-language text. The experiment will collect a single user identification, along with the user's transcription and timestamp for completion of each audio or visual file, in order to evaluate the measures (accuracy, timeliness, completion, and diversity) described above.
+
+Participants will be recruited via standard practices on the selected crowdsourcing platform. All potential participants will be provided with a short description of the task, and an estimate of the time required to complete the task. Due to the online and open (anyone can participate) nature of the platform, we will neither target nor discriminate against vulnerable populations.
+
+Users of online crowdsourcing platforms are generally recognized as agreeing to willfully participate in the activity (given there is sufficient explanation of the task on the site). Due to the ease in discontinuing use, continued participation can presume continued consent, and users can stop at any time.
+
+Participant information will be collected in order to identify the number of unique participants, and to associate a participant with the labels they assigned to each image. The research team will make efforts to limit the connection between a user identification method and association with actual identifying information of the user.
+
+## 16. Experiment 4 (Lanl): Eliciting Topics: Concepts And Key Words 16.1. Research Question
+
+The objective that drives the three related LANL experiments is to explore the efficacy of crowdsourcing methods to elicit and structure specialized expert knowledge quickly and efficiently that is very difficult to derive from data-driven methods alone and very expensive to solicit from a small cadre of experts. If successful, such resulting knowledge structures may be used for knowledge management systems, the basis for more refined ontology or Bayesian network construction, or become a key part of heterogeneous human-machine learning architectures. The first research question we want to test is: Can crowdsourcing elicit a comprehensive set of concepts and key words related to a topic of interest?
+
+## 16.2. Methodology 16.2.1. Gamified Version
+
+Participants will be presented with a topic area of interest and asked to provide words associated with that topic within a specified time limit with the goal of providing the most words (that result in a score) in the allotted time period. As words are repeated, they will be added to a "Taboo List" in accordance with a predefined threshold and no longer help the player to accrue points. The player with the most points is the high scorer on a list. Players can only play once for each topic.
+
+## 16.2.2. Regular Version
+
+Participants will be presented with a topic area of interest and asked to provide words associated with that topic within a specified time limit with the goal of providing the most words in the allotted time period. We may elect to take submitted words and present them as topics in a follow-on iteration of the experiment. Whether we execute the gamified version or the regular version will depend on the cost and mechanism for distribution for implementing the gamified version.
+
+## 16.3. Platform
+
+There are a number of platforms we can take advantage of: For a predefined expert crowd, the gamification version can be executed in a mini-workshop setting ideally on a LANL-approved website on the green network. The regular version can be executed over email or through quick interviews. For a broader audience, online resources include: Crowdcrafting, Crowdflower, and Zooniverse but vary in the ability to put controls on participation based on the expertise of the crowd.
+
+In addition to collecting concepts and key words associated with topics, we are also interested in the frequency of terms, and the sequence over which they accumulate. Here we want to identify the most strongly associated terms with a topic as defined by both frequency and time across users.
+
+We plan to explore expert crowd recruitment as well as online resources. If we use the online platforms, participants will be recruited via standard practices on the selected crowdsourcing platform. All potential participants will be provided with a short description of the task, and an estimate of the time required to complete the task. We will neither target nor discriminate against vulnerable populations.
+
+We will secure a written consent for any expert participation. If we use the online platforms, users of online crowdsourcing platforms are generally recognized as agreeing to willfully participate in the activity (given there is sufficient explanation of the task on the site). Due to the ease in discontinuing use, continued participation can presume continued consent, and users can stop at any time.
+
+Participant information will be collected in order to identify the number of unique participants, and to associate a participant with their input. The research team will make efforts to limit the connection between a user identification method and association with actual identifying information of the user.
+
+## 17. Experiment 5 (Lanl): Establishing Relationships Between Concepts And Key Words For Knowledge Structuring 17.1. Research Question
+
+The objective that drives the three related LANL experiments is to explore the efficacy of crowdsourcing methods to elicit and structure specialized expert knowledge quickly and efficiently that is very difficult to derive from data-driven methods alone and very expensive to solicit from a small cadre of experts. If successful, such resulting knowledge structures may be used for knowledge management systems, the basis for more refined ontology or Bayesian network construction, or become a key part of heterogeneous human-machine learning architectures. Once we have the set of concepts and keywords associated with a topic, the second research question we want to test: Can crowdsourcing help to structure the knowledge obtained in Experiment 4 and establish relationships in the predefined set of concepts and key words such as hierarchical relationships, causal relationships, etc.?
+
+## 17.2. Methodology
+
+Here we will present participants with either a complete list of the words we obtained in Experiment 4 or pairs ordered by priority based on their frequency. We ask participants to mark relationships between words with lines or arrows and the option to label the relationship between the two words. If the participant is provided the full set of words, the resulting structure does not need to be connected but rather a number of structures can be end result. There will be a "parking lot" for words that cannot be related to others with an option of adding them at any time in the process.
+
+## 17.3. Platform
+
+There are a number of platforms we can take advantage of: For a predefined expert crowd, the version can be executed in a mini-workshop setting ideally on a LANL-approved website on the green network. For a broader audience, the same online resources as for Experiment 4 could be used: Crowdcrafting, Crowdflower, and Zooniverse.
+
+For this experiment, we are looking to build the knowledge structure that leverages the input of all of the participants. We will track structural consensus by frequencies on arcs with the simple line as the primitive. Where there is conflict over structure, we will develop alternative structures to demonstrate alternative morphologies with frequencies attached to the arcs.
+
+We plan to explore expert crowd recruitment as well as online resources. If we use the online platforms, participants will be recruited via standard practices on the selected crowdsourcing platform. All potential participants will be provided with a short description of the task, and an estimate of the time required to complete the task. We will neither target nor discriminate against vulnerable populations.
+
+We will secure a written consent for any expert participation. If we use the online platforms, users of online crowdsourcing platforms are generally recognized as agreeing to willfully participate in the activity (given there is sufficient explanation of the task on the site). Due to the ease in discontinuing use, continued participation can presume continued consent, and users can stop at any time.
+
+Participant information will be collected in order to identify the number of unique participants, and to associate a participant with their input. The research team will make efforts to limit the connection between a user identification method and association with actual identifying information of the user.
+
+## 18. Experiment 6 (Lanl): Validation Of The Knowledge Structure 18.1. Research Question
+
+The objective that drives the three related LANL experiments is to explore the efficacy of crowdsourcing methods to elicit and structure specialized expert knowledge quickly and efficiently that is very difficult to derive from data-driven methods alone and very expensive to solicit from a small cadre of experts. If successful, such resulting knowledge structures may be used for knowledge management systems, the basis for more refined ontology or Bayesian network construction, or become a key part of heterogeneous human-machine learning architectures. If time and resources permit, we would like to pursue a third research question. Once we have a rudimentary crowd-created "folksonomy", the last research question we want to test: To what degree can crowdsourcing be used to validate the knowledge structure?
+
+## 18.2. Methodology
+
+We will present participants with the knowledge structures built and allow for voting on the consensus structure.
+
+## 18.3. Platform
+
+There are a number of platforms we can take advantage of: For a predefined expert crowd, the version can be executed in a mini-workshop setting ideally on a LANL-approved website on the green network. For a broader audience, the same online resources as for Experiment 4 could be used: Crowdcrafting, Crowdflower, and Zooniverse.
+
+For this experiment, we will track the votes in favor of and against particular arcs to validate the structure. We will use these votes to come up with a candidate structure (and possibly alternates if votes are evenly split) and present to a knowledge structure expert for a final decision.
+
+We plan to explore expert crowd recruitment as well as online resources. If we use the online platforms, participants will be recruited via standard practices on the selected crowdsourcing platform. All potential participants will be provided with a short description of the task, and an estimate of the time required to complete the task. We will neither target nor discriminate against vulnerable populations.
+
+We will secure a written consent for any expert participation. If we use the online platforms, users of online crowdsourcing platforms are generally recognized as agreeing to willfully participate in the activity (given there is sufficient explanation of the task on the site). Due to the ease in discontinuing use, continued participation can presume continued consent, and users can stop at any time.
+
+Participant information will be collected in order to identify the number of unique participants, and to associate a participant with their input. The research team will make efforts to limit the connection between a user identification method and association with actual identifying information of the user.
+
+## 19. Next Steps
+
+Upon review by NA-241, each laboratory will submit their proposed experiments to their respective Institutional Review Board for approval, and will commence deploying their experiments as appropriate. A final report of experimental design and outcomes will be provided at the end of the experimental period, no later than September 2018.
+
+## References
+
+M. Barletta, M. Fowler, J. Khaled (2016) "Integrating Multimedia Information in IAEA Safeguards" Proceedings of the American Nuclear Society Advances in Nuclear Nonproliferation Technology and Policy Conference. Santa Fe, NM, USA. N. Bilton, (2013) "Knowing Where to Focus the Wisdom of Crowds" *New York Times*, April 22, 2013 Createc "Createc wins IAEA Technology Challenge" (2016) https://www.createc.co.uk/createcwins-iaea-technology-challenge/ retrieved May 26, 2107. C. Fishwick (2014) "Tomnod - the online search party looking for Malaysian Airlines flight MH370" The Guardian https://www.theguardian.com/world/2014/mar/14/tomnod-online-searchmalaysian-airlines-flight-mh370 M. Fowler, J. Khaled, T. Skold (2016) "Using Social Media Information in Analysis for IAEA Safeguards" Presented at the American Nuclear Society Social Media for Nuclear Nonproliferation Workshop. Santa Fe, NM, USA. Z.N. Gastelum (Forthcoming 2017) "Societal Verification for Nuclear Nonproliferation and Arms Control" Nuclear Non-proliferation and Arms Control Verification: Innovative Systems Concepts. Eds., M. Dreicer, I. Niehmeyer, G. Stein. Springer. N. Gerami (2013) "Attracting a crowd and what societal verification means for arms control" Bulletin of the Atomic Scientists v.63, no. 3, pp.14-18. D.A. Grier (2017) "Crowdsourcing for Dummies-Cheat Sheet" http://www.dummies.com/business/start-a-business/crowdsourcing-for-dummies-cheat-sheet/ retrieved May 26, 2017. K.L. Hartigan, C. Hinderstein (2013) "The Opportunities and Limits of Societal Verification" Proceedings of the Institute of Nuclear Materials Management Annual Meeting, Palm Desert, CA. C. Hinderstein et al. (2014) Innovating Verification: New Tools & and New Actors to Reduce Nuclear Risks: Redefining Societal Verification Nuclear Threat Initiative. International Atomic Energy Agency (1995) "Strengthening the Effectiveness and Improving the Efficiency of the Safeguards System: A Report by the Director General" GOV/2784, pp. 5. International Atomic Energy Agency (2007) "IAEA: Staying Ahead of the Game" https://www.iaea.org/sites/default/files/safeguards0707.pdf  retrieved January 30, 2017. B. Lee, M. Zolotova (2013) "New Media Solutions in Nonproliferation and Arms Control Opportunities and Challenges" James Martin Center for Proliferation Studies, Technical Report. M. I. Pinsel (1981) "The Wind and Current Chart Series Produced by Matthew Fontaine Maury" Navigation: Journal of the Institute of Navigation v. 28, no. 2, p.123-138. J M Leimeister, M Huber, U. Bretschneider, H. Krcmar (2009) "Leveraging Crowdsourcing: Activation-Supporting Components for IT-Based Ideas Competition" Journal of Management Information Systems. v.26 no.1. T. Lorenz and Y. Feldman (2014) "The Efficacy of Social Media as a Research Tool and Information Source for Safeguards Verification" Proceedings of the Institute of Nuclear Materials Management Information Analysis Technologies, Techniques and Methods for Safeguards, Nonproliferation and Arms Control Verification Workshop. Portland, OR, USA E. Loukis, Y. Charalabidis (2015) "Active and Passive Crowdsourcing in Government" in Policy and Practice and Digital Science: Integrating Complex Systems, Social Simulation and Public Administration in Policy Research. M. Janssen, M.A. Wimmer, A. Deljoo eds. New York: Springer. National Commission for the Protection of Human Subjects of Biomedical and Behavioral Research (1978) "The Belmont Report: Ethical Principles and Guidelines for the Protection of Human Subjects of Research" https://videocast.nih.gov/pdf/ohrp_belmont_report.pdf retrieved August 9, 2017. A. Oboler, K. Welsch, L. Cruz (2012) "The Danger of Big Data: Social Media as Computational Social Science" *First Monday*, Vol 17, Number 7, 2 July 2012. http://firstmonday.org/ojs/index.php/fm/article/view/3993/3269 retrieved March 23, 2017. R. Richard, M. Edward, L. Deci (2000) "Self-Determination Theory and the facilitation of Intrinsic Motivation, Social development, and Well-Being". *American Psychologist*, Vol.55, No. 1, 68-78. J. Roberts, I-H Hann, S. Slaughter (2006) "Understanding the Motivations, Participation and Performance of Open Source Software Developers: A Longitudinal Study of the Apache Projects". *Marshall School of Business Working Paper No. IOM 01-06*; Management Science July 2006,
+
+## Distribution
+
+1
+National Nuclear Security Administration Attn: C. Stanuch U.S. Department of Energy 1000 Independence Ave., S.W. Washington, DC 20585 (electronic copy)
+1
+Los Alamos National Laboratory Attn: Kari Sentz P.O. Box 1663 Los Alamos, NM 87545 (electronic copy)
+
+|   1 | MS1371   | Tina Hernandez    | 06832 (electronic copy)   |
+|-----|----------|-------------------|---------------------------|
+|   1 | MS1371   | Zoe Gastelum      | 06832 (electronic copy)   |
+|   1 | MS0899   | Technical Library | 9536 (electronic copy)    |

markdown/misc/cyber-strat.md

@@ -0,0 +1,521 @@
+# National Cyber Strategy Of The United States Of America
+
+S E P T E M B E R  2 0 1 8
+THE W HITE HOUSE
+W A S H I N G T O N ,  D C
+My fellow Americans: Protecting America's national security and promoting the prosperity of the American people are my top priorities. Ensuring the security of cyberspace is fundamental to both endeavors. Cyberspace is an integral component of all facets of American life, including our economy and defense. Yet, our private and public entities still struggle to secure their systems, and adversaries have increased the frequency and sophistication of their malicious cyber activities. America created the Internet and shared it with the world. Now, we must make sure to secure and preserve cyberspace for future generations. In the last 18 months, my Administration has taken action to address cyber threats. We have sanctioned malign cyber actors. We have indicted those that committed cybercrimes. We have publicly attributed malicious activity to the adversaries responsible and released details about the tools they employed. We have required departments and agencies to remove software vulnerable to various security risks. We have taken action to hold department and agency heads accountable for managing cybersecurity risks to the systems they control, while empowering them to provide adequate security. In addition, last year, I signed Executive Order
+13800, *Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure*. The work performed and reports created in response to that Executive Order laid the groundwork for this National Cyber Strategy.
+
+With the release of this National Cyber Strategy, the United States now has its first fully articulated cyber strategy in 15 years. This strategy explains how my Administration will:
+
+- Defend the homeland by protecting networks, systems, functions, and data; - Promote American prosperity by nurturing a secure, thriving digital economy and fostering
+strong domestic innovation;
+- Preserve peace and security by strengthening the ability of the United States - in concert
+with allies and partners - to deter and, if necessary, punish those who use cyber tools for malicious purposes; and
+- Expand American influence abroad to extend the key tenets of an open, interoperable,
+reliable, and secure Internet.
+The National Cyber Strategy demonstrates my commitment to strengthening America's cybersecurity capabilities and securing America from cyber threats. It is a call to action for all Americans and our great companies to take the necessary steps to enhance our national cybersecurity. We will continue to lead the world in securing a prosperous cyber future.
+
+Sincerely,
+
+## Table Of Contents
+
+Introduction
+1
+How Did We Get Here?
+1
+The Way Forward
+2 6 6
+
+## Pillar I:  Protect The American People, The Homeland, And The American Way Of Life
+
+Secure Federal Networks and Information
+6
+Further Centralize Management and Oversight of Federal Civilian Cybersecurity
+6
+Align Risk Management and Information Technology Activities
+7
+Improve Federal Supply Chain Risk Management
+7
+Strengthen Federal Contractor Cybersecurity
+7
+Ensure the Government Leads in Best and Innovative Practices
+8
+Secure Critical Infrastructure
+8
+Refine Roles and Responsibilities
+8
+Prioritize Actions According to Identified National Risks
+8
+Leverage Information and Communications Technology Providers as Cybersecurity Enablers
+9
+Protect our Democracy
+9
+Incentivize Cybersecurity Investments
+9
+Prioritize National Research and Development Investments
+9
+Improve Transportation and Maritime Cybersecurity
+9
+Improve Space Cybersecurity
+10
+Combat Cybercrime and Improve Incident Reporting
+10
+Improve Incident Reporting and Response
+10
+Modernize Electronic Surveillance and Computer Crime Laws
+11
+Reduce Threats from Transnational Criminal Organizations in Cyberspace
+11
+Improve Apprehension of Criminals Located Abroad
+11
+Strengthen Partner Nations' Law Enforcement Capacity to Combat Criminal Cyber Activity
+11
+14
+
+## Pillar Ii:  Promote American Prosperity
+
+Foster a Vibrant and Resilient Digital Economy
+14
+Incentivize an Adaptable and Secure Technology Marketplace
+14
+Prioritize Innovation
+14
+Invest in Next Generation Infrastructure
+15
+Promote the Free Flow of Data Across Borders
+15
+Maintain United States Leadership in Emerging Technologies
+15
+| Promote Full-Lifecycle Cybersecurity                                              |   15 |
+|-----------------------------------------------------------------------------------|------|
+| Foster and Protect United States Ingenuity                                        |   16 |
+| Update Mechanisms to Review Foreign Investment and Operation in the United States |   16 |
+| Maintain a Strong and Balanced Intellectual Property Protection System            |   16 |
+| Protect the Confidentiality and Integrity of American Ideas                       |   16 |
+| Develop a Superior Cybersecurity Workforce                                        |   17 |
+| Build and Sustain the Talent Pipeline                                             |   17 |
+| Expand Re-Skilling and Educational Opportunities for America's Workers            |   17 |
+| Enhance the Federal Cybersecurity Workforce                                       |   17 |
+| Use Executive Authority to Highlight and Reward Talent                            |   17 |
+| 20                                                                                |      |
+
+## Pillar Iii:  Preserve Peace Through Strength
+
+20
+Enhance Cyber Stability through Norms of Responsible State Behavior
+20
+Encourage Universal Adherence to Cyber Norms
+21
+Attribute and Deter Unacceptable Behavior in Cyberspace
+21
+Lead with Objective, Collaborative Intelligence
+21
+Impose Consequences
+21
+Build a Cyber Deterrence Initiative
+21
+Counter Malign Cyber Influence and Information Operations
+24
+
+## Pillar Iv:  Advance American Influence
+
+24
+Promote an Open, Interoperable, Reliable, and Secure Internet
+24
+Protect and Promote Internet Freedom
+25
+Work with Like-Minded Countries, Industry, Academia, and Civil Society
+25
+Promote a Multi-Stakeholder Model of Internet Governance
+25
+Promote Interoperable and Reliable Communications Infrastructure
+and Internet Connectivity
+25
+Promote and Maintain Markets for United States Ingenuity Worldwide
+26
+Build International Cyber Capacity
+26
+Enhance Cyber Capacity Building Efforts
+
+## Introduction
+
+America's prosperity and security depend on how we respond to the opportunities and challenges in cyberspace.  Critical infrastructure, national defense, and the daily lives of Americans rely on computer-driven and interconnected information technologies.  As all facets of American life have become more dependent on a secure cyberspace, new vulnerabilities have been revealed and new threats continue to emerge.  Building on the National Security Strategy and the Administration's progress over its first 18 months, the National Cyber Strategy outlines how the United States will ensure the American people continue to reap the benefits of a secure cyberspace that reflects our principles, protects our security, and promotes our prosperity.
+
+## How Did We Get Here?
+
+would be self-evident.  Large parts of the world have embraced America's vision of a shared and open cyberspace for the mutual benefit of all. Our competitors and adversaries, however, have taken an opposite approach.  They benefit from the open Internet, while constricting and controlling their own people's access to it, and actively undermine the principles of an open Internet in international forums.  They hide behind notions of sovereignty while recklessly violating the laws of other states by engaging in pernicious economic espionage and malicious cyber activities, causing significant economic disruption and harm to individuals, commercial and non-commercial interests, and governments across the world.  They view cyberspace as an arena where the United States' overwhelming military, economic, and political power could be neutralized and where the United States and its allies and partners are vulnerable.
+
+The rise of the Internet and the growing centrality of cyberspace to all facets of the modern world corresponded with the rise of the United States as the world's lone superpower.  For the past quarter century, the ingenuity of the American people drove the evolution of cyberspace, and in turn, cyberspace has become fundamental to American wealth creation and innovation.
+
+Cyberspace is an inseparable component of America's financial, social, government, and political life.  Meanwhile, Americans sometimes took for granted that the supremacy of the United States in the cyber domain would remain unchallenged, and that America's vision for an open, interoperable, reliable, and secure Internet would inevitably become a reality.  Americans believed the growth of the Internet would carry the universal aspirations for free expression and individual liberty around the world.  Americans assumed the opportunities to expand communication, commerce, and free exchange of ideas Russia, Iran, and North Korea conducted reckless cyber attacks that harmed American and international businesses and our allies and partners without paying costs likely to deter future cyber aggression.  China engaged in cyber-enabled economic espionage and trillions of dollars of intellectual property theft.  Non-state actors - including terrorists and criminals - exploited cyberspace to profit, recruit, propagandize, and attack the United States and its allies and partners, with their actions often shielded by hostile states.  Public and private entities have struggled to secure their systems as adversaries increase the frequency and sophistication of their malicious cyber activities.  Entities across the United States have faced cybersecurity challenges in effectively identifying, protecting, and ensuring resilience of their networks, systems, functions, and data as well as detecting, responding to, and recovering from incidents.
+
+## The Way Forward
+
+New threats and a new era of strategic competition demand a new cyber strategy that responds to new realities, reduces vulnerabilities, deters adversaries, and safeguards opportunities for the American people to thrive.  Securing cyberspace is fundamental to our strategy and requires technical advancements and administrative efficiency across the Federal Government and the private sector.  The Administration also recognizes that a purely technocratic approach to cyberspace is insufficient to address the nature of the new problems we confront.  The United States must also have policy choices to impose costs if it hopes to deter malicious cyber actors and prevent further escalation.
+
+The Administration is already taking action to aggressively address these threats and adjust to new realities.  The United States has sanctioned malign cyber actors and indicted those that have committed cybercrimes.  We have publicly attributed malicious activity to the responsible adversaries and released details of the tools and infrastructure they employed. We have required departments and agencies to remove software vulnerable to various security risks.  We have taken action to hold department and agency heads accountable for managing the cybersecurity risks to systems they control, while empowering them to provide adequate security. The Administration's approach to cyberspace is anchored by enduring American values, such as the belief in the power of individual liberty, free expression, free markets, and privacy.  We retain our commitment to the promise of an open, interoperable, reliable, and secure Internet to strengthen and extend our values and protect and ensure economic security for American workers and companies.  The future we desire will not come without a renewed American commitment to advance our interests across cyberspace.
+
+The Administration recognizes that the United States is engaged in a continuous competition against strategic adversaries, rogue states, and terrorist and criminal networks.  Russia, China, Iran, and North Korea all use cyberspace as a means to challenge the United States, its allies, and partners, often with a recklessness they would never consider in other domains.  These adversaries use cyber tools to undermine our economy and democracy, steal our intellectual property, and sow discord in our democratic processes.  We are vulnerable to peacetime cyber attacks against critical infrastructure, and the risk is growing that these countries will conduct cyber attacks against the United States during a crisis short of war.  These adversaries are continually developing new and more effective cyber weapons. This National Cyber Strategy outlines how we will (1) defend the homeland by protecting networks, systems, functions, and data; (2) promote American prosperity by nurturing a secure, thriving digital economy and fostering strong domestic innovation; (3) preserve peace and security by strengthening the United States' ability - in concert with allies and partners - to deter and if necessary punish those who use cyber tools for malicious purposes; and (4) expand American influence abroad to extend the key tenets of an open, interoperable, reliable, and secure Internet. The Strategy's success will be realized when cybersecurity vulnerabilities are effectively managed through identification and protection of networks, systems, functions, and data as well as detection of, resilience against, response to, and recovery from incidents; destructive, disruptive, or otherwise destabilizing malicious cyber activities directed against United States interests are reduced or prevented; activity that is contrary to responsible behavior in cyberspace is deterred through the imposition of costs through cyber and non-cyber means; and the United States is positioned to use cyber capabilities to achieve national security objectives.
+
+The articulation of the National Cyber Strategy is organized according to the pillars of the National Security Strategy.  The National Security Council staff will coordinate with departments, agencies, and the Office of Management and Budget (OMB) on an appropriate resource plan to implement this Strategy.  Departments and agencies will execute their missions informed by the following strategic guidance.
+
+## Protect The American People, The Homeland, And The American Way Of Life P
+
+bilities, and accountability within and across departments and agencies for securing Federal information systems, while setting the standard for effective cybersecurity risk management. As part of this effort, the Administration will centralize some authorities within the Federal Government, enable greater cross-agency visibility, improve management of our Federal supply chain, and strengthen the security of United States Government contractor systems.
+
+FURTHER
+          CENTRALIZE
+                       MANAGEMENT
+                                     AND
+
+OVERSIGHT OF FEDERAL CIVILIAN CYBERSECURITY:
+
+      rotecting the American people, the
+    American way of life, and American
+              interests is at the forefront of the National
+Security Strategy.  Protecting American infor-
+mation networks, whether government or
+private, is vital to fulfilling this objective.  It will
+require a series of coordinated actions focused
+on protecting government networks, protecting
+critical infrastructure, and combating cybercrime.
+The United States Government, private industry,
+and the public must each take immediate and
+decisive actions to strengthen cybersecurity,
+with each working on securing the networks
+under their control and supporting each other as
+appropriate.
+
+OBJECTIVE:  Manage cybersecurity risks to increase the security and resilience of the Nation's information and information systems.
+
+## Secure Federal Networks And Information
+
+The responsibility to secure Federal networks - including Federal information systems and national security systems - falls squarely on the Federal Government.  The Administration will clarify the relevant authorities, responsi-
+The Administration will act to further enable the Department of Homeland Security (DHS) to secure Federal department and agency networks, with the exception of national security systems and Department of Defense (DOD) and Intelligence Community (IC) systems.  This includes ensuring DHS has appropriate access to agency information systems for cybersecurity purposes and can take and direct action to safeguard systems from the spectrum of risks.  Under the oversight of the OMB, the Administration will expand on work begun under Executive Order (E.O.) 13800 to prioritize the transition of agencies to shared services and infrastructure.  DHS will have appropriate visibility into those services and infrastructure to improve United States cybersecurity posture. We will continue to deploy centralized capabilities, tools, and services through DHS where appropriate, and improve oversight and compliance with applicable laws, policies, standards, and directives.  This will likely require new policies and architectures that enable the government to better leverage innovation. DOD and the IC will consider these activities as they work to better secure national security systems, DOD systems, and IC systems, as appropriate.
+
+## Align Risk Management And Information
+
+better ensure the technology that the Federal Government deploys is secure and reliable.
+
+This includes ensuring better information sharing among departments and agencies to improve awareness of supply chain threats and reduce duplicative supply chain activities within the United States Government, including by creating a supply chain risk assessment shared service.  It also includes addressing deficiencies in the Federal acquisition system, such as providing more streamlined authorities to exclude risky vendors, products, and services when justified.  This effort will be synchronized with efforts to manage supply chain risk in the Nation's infrastructure.
+
+## Strengthen Federal Contractor Cyber-
+
+TECHNOLOGY ACTIVITIES:  E.O. 13833, Enhancing the Effectiveness of Agency Chief Information Officers, empowers Chief Information Officers
+(CIOs) to more effectively leverage technology to accomplish agency missions, cut down on duplication, and make information technology (IT) investment more efficient.  Department and agency leaders will empower and hold their CIOs accountable to align cybersecurity risk management decisions and IT budgeting and procurement decisions.  The Administration, through OMB and DHS, will continue to guide and direct risk management actions across Federal civilian departments and agencies, and CIOs will be empowered to take a proactive leadership role in assuring IT procurement decisions assign the proper priority to securing networks and data.
+
+IMPROVE
+          FEDERAL
+                     SUPPLY
+                              CHAIN
+                                      RISK
+
+MANAGEMENT: The Administration will integrate
+supply chain risk management into agency
+procurement and risk management processes
+in accordance with federal requirements that
+are consistent with industry best practices to
+
+SECURITY: The United States cannot afford
+to have sensitive government information or
+systems inadequately secured by contractors.
+Federal contractors provide important services
+to the United States Government and must
+properly secure the systems through which
+they provide those services.  Going forward,
+the Federal Government will be able to assess
+the security of its data by reviewing contractor
+risk management practices and adequately
+testing, hunting, sensoring, and responding
+to incidents on contractor systems.  Contracts
+with Federal departments and agencies will
+be drafted to authorize such activities for the
+purpose of improving cybersecurity.  Among the
+acute concerns in this area are those contractors
+within the defense industrial base responsible for
+researching and developing key systems fielded
+by the DOD.  Further, as recommended in the
+E.O. 13800 Report to the President on Federal IT
+Modernization, the Administration will support
+
+adoption of consolidated acquisition strategies to improve cybersecurity and reduce overhead costs associated with using inconsistent contract provisions across the Federal Government.  It will also act to ensure, where appropriate, that Federal contractors receive and use all relevant and shareable threat and vulnerability information to improve their security posture.
+
+## Ensure The Government Leads In Best And
+
+sector, we will collectively use a risk-management approach to mitigating vulnerabilities to raise the base level of cybersecurity across critical infrastructure.  We will simultaneously use a consequence-driven approach to prioritize actions that reduce the potential that the most advanced adversaries could cause large-scale or long-duration disruptions to critical infrastructure.  We will also deter malicious cyber actors by imposing costs on them and their sponsors by leveraging a range of tools, including but not limited to prosecutions and economic sanctions, as part of a broader deterrence strategy.
+
+REFINE ROLES AND RESPONSIBILITIES: The Administration will clarify the roles and responsibilities of Federal agencies and the expectations on the private sector related to cybersecurity risk management and incident response.  Clarity will enable proactive risk management that comprehensively addresses threats, vulnerabilities, and consequences.  It will also identify and bridge existing gaps in responsibilities and coordination among Federal and non-Federal incident response efforts and promote more routine training, exercises, and coordination.
+
+## Prioritize Actions According To Identified
+
+INNOVATIVE PRACTICES: The Federal Government will ensure the systems it owns and operates meet the standards and cybersecurity best practices it recommends to industry.  Projects that receive Federal funding must meet these standards as well.  The Federal Government will use its purchasing power to drive sector-wide improvement in products and services.  The Federal Government will also be a leader in developing and implementing standards and best practices in new and emerging areas.  For example, public key cryptography is foundational to the secure operation of our infrastructure.  To protect against the potential threat of quantum computers being able to break modern public key cryptography, the Department of Commerce, through the National Institute of Standards and Technology (NIST), will continue to solicit, evaluate, and standardize quantum-resistant, public key cryptographic algorithms.  The United States must be at the forefront of protecting communications by supporting rapid adoption of these forthcoming NIST standards across government infrastructure and by encouraging the Nation to do the same.
+
+## Secure Critical Infrastructure
+
+The responsibility to secure the Nation's critical infrastructure and manage its cybersecurity risk is shared by the private sector and the Federal Government.  In partnership with the private NATIONAL RISKS: The Federal Government will work with the private sector to manage risks to critical infrastructure at the greatest risk.  The Administration will develop a comprehensive understanding of national risk by identifying national critical functions and will mature our cybersecurity offerings and engagements to better manage those national risks.  The Administration will prioritize risk-reduction activities across seven key areas:  national security, energy and power, banking and finance, health and safety, communications, information technology, and transportation.
+
+## Leverage Information And Communications Technology Providers As Cybersecurity
+
+protect the election infrastructure.  The Federal Government will continue to coordinate the development of cybersecurity standards and guidance to safeguard the electoral process and the tools that deliver a secure system.  In the event of a significant cyber incident, the Federal Government is poised to provide threat and asset response to recover election infrastructure.
+
+INCENTIVIZE CYBERSECURITY INVESTMENTS: Most cybersecurity risks to critical infrastructure stem from the exploitation of known vulnerabilities. The United States Government will work with private and public sector entities to promote understanding of cybersecurity risk so they make more informed risk-management decisions, invest in appropriate security measures, and realize benefits from those investments.
+
+## Prioritize National Research And Devel-
+
+ENABLERS: Information and communications technology (ICT) underlies every sector in America.  ICT providers are in a unique position to detect, prevent, and mitigate risk before it impacts their customers, and the Federal Government must work with these providers to improve ICT security and resilience in a targeted and efficient manner while protecting privacy and civil liberties.  The United States Government will strengthen efforts to share information with ICT providers to enable them to respond to and remediate known malicious cyber activity at the network level.  This will include sharing classified threat and vulnerability information with cleared ICT operators and downgrading information to the unclassified level as much as possible.  We will promote an adaptable, sustainable, and secure technology supply chain that supports security based on best practices and standards.  The United States Government will convene stakeholders to devise cross-sector solutions to challenges at the network, device, and gateway layers, and we will encourage industry-driven certification regimes that ensure solutions can adapt in a rapidly evolving market and threat landscape.
+
+OPMENT INVESTMENTS: The Federal Government will update the National Critical Infrastructure Security and Resilience Research and Development Plan to set priorities for addressing cybersecurity risks to critical infrastructure.  Departments and agencies will align their investments to the priorities, which will focus on building new cybersecurity approaches that use emerging technologies, improving information-sharing and risk management related to cross-sector interdependencies, and building resilience to large-scale or long-duration disruptions.
+
+IMPROVE TRANSPORTATION AND MARITIME CYBER-
+SECURITY: America's economic and national security is built on global trade and transportation.  Our ability to guarantee free and timely movement of goods, open sea and air lines of communications, access to oil and natural gas, and availability of associated critical infrastructures is vital to our economic and national security.  As these sectors have modernized, PROTECT
+OUR
+DEMOCRACY:
+Securing our democratic processes is of paramount importance to the United States and our democratic allies.  State and local government officials own and operate diverse election infrastructure within the United States.  Therefore, when requested we will provide technical and risk management services, support training and exercising, maintain situational awareness of threats to this sector, and improve the sharing of threat intelligence with those officials to better prepare and they have also become more vulnerable to cyber exploitation or attack.  Maritime cybersecurity is of particular concern because lost or delayed shipments can result in strategic economic disruptions and potential spillover effects on downstream industries.  Given the criticality of maritime transportation to the United States and global economy and the minimal risk-reduction investments to protect against cyber exploitation made thus far, the United States will move quickly to clarify maritime cybersecurity roles and responsibilities; promote enhanced mechanisms for international coordination and information sharing; and accelerate the development of next-generation cyber-resilient maritime infrastructure.  The United States will assure the uninterrupted transport of goods in the face of all threats that can hold this inherently international infrastructure at risk through cyber means.
+
+ation with state, local, tribal, and territorial government entities, play a critical role in detecting, preventing, disrupting, and investigating cyber threats to our Nation.  The United States is regularly the victim of malicious cyber activity perpetrated by criminal actors, including state and non-state actors and their proxies and terrorists using network infrastructure in the United States and abroad.  Federal law enforcement works to apprehend and prosecute offenders, disable criminal infrastructure, limit the spread and use of nefarious cyber capabilities, prevent cyber criminals and their state sponsors from profiting from their illicit activity, and seize their assets.  The Administration will push to ensure that our Federal departments and agencies have the necessary legal authorities and resources to combat transnational cybercriminal activity, including identifying and dismantling botnets, dark markets, and other infrastructure used to enable cybercrime, and combatting economic espionage.  To effectively deter, disrupt, and prevent cyber threats, law enforcement will work with private industry to confront challenges presented by technological barriers, such as anonymization and encryption technologies, to obtain time-sensitive evidence pursuant to appropriate legal process.  Law enforcement actions to combat criminal cyber activity serve as an instrument of national power by, among other things, deterring those activities.
+
+IMPROVE SPACE CYBERSECURITY: The United States considers unfettered access to and freedom to operate in space vital to advancing the security, economic prosperity, and scientific knowledge of the Nation.  The Administration is concerned about the growing cyber-related threats to space assets and supporting infrastructure because these assets are critical to functions such as positioning, navigation, and timing (PNT); intelligence, surveillance, and reconnaissance (ISR); satellite communications; and weather monitoring.  The Administration will enhance efforts to protect our space assets and support infrastructure from evolving cyber threats, and we will work with industry and international partners to strengthen the cyber resilience of existing and future space systems.
+
+## Combat Cybercrime And Improve Incident Reporting
+
+IMPROVE INCIDENT REPORTING AND RESPONSE:
+The United States Government will continue to encourage reporting of intrusions and theft of data by all victims, especially critical infrastructure partners.  The prompt reporting of cyber incidents to the Federal Government is essential to an effective response, linking of Federal departments and agencies, in cooperrelated incidents, identification of the perpetrators, and prevention of future incidents.
+
+## Modernize Electronic Surveillance And
+
+and other efforts with countries to promote cooperation with legitimate extradition requests.
+
+We will push other nations to expedite their assistance in investigations and to comply with any bilateral or multilateral agreements or obligations.
+
+STRENGTHEN
+              PARTNER
+                         NATIONS'
+                                    LAW ENFORCEMENT CAPACITY TO COMBAT CRIMINAL
+
+COMPUTER CRIME LAWS: The Administration will
+work with the Congress to update electronic
+surveillance and computer crime statutes to
+enhance law enforcement's capabilities to
+lawfully gather necessary evidence of criminal
+activity, disrupt criminal infrastructure through
+civil
+     injunctions,
+                 and
+                       impose
+                               appropriate
+consequences upon malicious cyber actors.
+
+## Reduce Threats From Transnational
+
+CYBER ACTIVITY: The United States should also aid willing partner nations to build their capacity to address criminal cyber activity.  The borderless nature of cybercrime, including state-sponsored and terrorist activities, requires strong international law enforcement partnerships.  This cooperation requires foreign law enforcement agencies to have the technical capability to assist United States law enforcement effectively when requested.  It is therefore in the interest of United States national security to continue building cybercrime-fighting capacity that facilitates stronger international law enforcement cooperation.
+
+CRIMINAL
+ORGANIZATIONS
+IN
+CYBERSPACE:
+Computer hacking conducted by transnational criminal groups poses a significant threat to our national security.  Equipped with sizeable funds, organized criminal groups operating abroad employ sophisticated malicious software, spearphishing campaigns, and other hacking tools - some of which rival those of nation states in sophistication - to hack into sensitive financial systems, conduct massive data breaches, spread ransomware, attack critical infrastructure, and steal intellectual property.  The Administration will advocate for law enforcement to have effective legal tools to investigate and prosecute such groups and modernized organized crime statutes for use against this threat.
+
+## Improve Apprehension Of Criminals Located
+
+The United States will strive to improve international cooperation in investigating malicious cyber activity, including developing solutions to potential barriers to gathering and sharing evidence.  The United States will also lead in developing interoperable and mutually beneficial systems to encourage efficient cross-border information exchange for law enforcement purposes and reduce barriers to coordination.  The Administration will urge effective use of existing international tools like the United Nations Convention Against Transnational Organized Crime and the G7 24/7 Network Points of Contact.  Finally, we will work to expand the international consensus favoring the Convention on Cybercrime of the Council of Europe (Budapest Convention), including by supporting greater adoption of the convention.
+
+ABROAD: Deterring cybercrime requires a credible threat that perpetrators will be identified, apprehended, and brought to justice.  However, some foreign nations choose not to cooperate with extradition requests, impose unreasonable limitations, or actively interfere in these efforts. The United States will continue to identify gaps and potential mechanisms for bringing foreignbased cyber criminals to justice.  The United States Government will also increase diplomatic
+
+## Promote American Prosperity Priority Actions Incentivize An Adaptable And Secure
+
+T
+he Internet has generated tremendous
+      benefits domestically and abroad, and it helps to advance American values of freedom, security, and prosperity.  Along with its expansion have come challenges that threaten our national security.  The United States will demonstrate a coherent and comprehensive approach to address these and other challenges to defend American national interests in this increasingly digitized world.
+
+OBJECTIVE:  Preserve United States influence in the technological ecosystem and the development of cyberspace as an open engine of economic growth, innovation, and efficiency.
+
+## Foster A Vibrant And Resilient Digital Economy
+
+TECHNOLOGY MARKETPLACE: To enhance the resilience of cyberspace, the Administration expects the technology marketplace to support and reward the continuous development, adoption, and evolution of innovative security technologies and processes.  The Administration will work across stakeholder groups, including the private sector and civil society, to promote best practices and develop strategies to overcome market barriers to the adoption of secure technologies. The Administration will improve awareness and transparency of cybersecurity practices to build market demand for more secure products and services.  Finally, the Administration will collaborate with international partners to promote open, industry-driven standards with government support, as appropriate, and risk-based approaches to address cybersecurity challenges to include platform and managed service approaches that lower barriers to secure practice adoption across the breadth of the ecosystem.
+
+Economic security is inherently tied to our national security.  As the foundations of our economy are becoming increasingly rooted in digital technologies, the United States Government will model and promote standards that protect our economic security and reinforce the vitality of the American marketplace and American innovation.
+PRIORITIZE INNOVATION: The United States Government will promote implementation and continuous updating of standards and best practices that deter and prevent current and evolving threats and hazards in all domains of the cyber ecosystem.  These standards and practices should be outcome-oriented and based on sound technological principles rather than point-in-time company specifications.  The Administration will eliminate policy barriers that inhibit a robust cybersecurity industry from developing, sharing, and building innovative capabilities to reduce cyber threats.
+
+"The National Cyber Strategy
+  is a call to action for all
+  Americans and our great
+   companies to take the
+ necessary steps to enhance
+our national cybersecurity."
+
+INVEST IN NEXT GENERATION INFRASTRUCTURE:
+The Administration will facilitate the accelerated development and rollout of next-generation telecommunications and information communications infrastructure here in the United States, while using the buying power of the Federal Government to incentivize the move towards more secure supply chains.  The United States Government will work with the private sector to facilitate the evolution and security of 5G, examine technological and spectrum-based solutions, and lay the groundwork for innovation beyond next-generation advancements.  The United States Government will examine the use of emerging technologies, such as artificial intelligence and quantum computing, while addressing risks inherent in their use and application.  We will collaborate with the private sector and civil society to understand trends in technology advancement to maintain the United States technological edge in connected technologies and to ensure secure practices are adopted from the outset.
+
+PROMOTE THE FREE FLOW OF DATA ACROSS
+BORDERS: Countries are increasingly looking towards restrictive data localization and regulations as pretexts for digital protectionism under the rubric of national security.  Those actions negatively impact the competitiveness of United States companies.  The United States will continue to lead by example and push back against unjustifiable barriers to the free flow of data and digital trade.  The Administration will continue to work with international counterparts to promote open, industry driven standards, innovative products, and risk-based approaches that permit global innovation and the free flow of data while meeting the legitimate security needs of the United States.
+
+## Maintain United States Leadership In
+
+EMERGING TECHNOLOGIES: The United States'
+influence in cyberspace is linked to our technological leadership.  Accordingly, the United States Government will make a concerted effort to protect cutting edge technologies, including from theft by our adversaries, support those technologies' maturation, and, where possible, reduce United States companies'
+barriers to market entry.  The United States will promote United States cybersecurity innovation worldwide through trade-related engagement, raising awareness of innovative American cybersecurity tools and services, exposing and countering repressive regimes use of such tools and services to undermine human rights, and reducing barriers to a robust global cybersecurity market.
+
+PROMOTE FULL-LIFECYCLE CYBERSECURITY:  The United States Government will promote full-lifecycle cybersecurity, pressing for strong, default security settings, adaptable, upgradeable products, and other best practices built in at the time of product delivery.  We will identify a clear pathway toward an adaptable, sustainable, and secure technology marketplace, encouravailability of United States telecommunications networks are essential to our economy and national security.  We must be vigilant to safeguard the telecommunications networks we depend on in our everyday lives so they cannot be used or compromised by a foreign adversary to harm the United States.  The United States Government will balance these objectives by formalizing and streamlining the review of Federal Communications Commission referrals for telecommunications licenses.  The United States Government will facilitate a transparent process to increase the efficiency of this review.
+
+## Maintain A Strong And Balanced Intellectual
+
+aging manufacturers to differentiate products based on the quality of their security features.
+
+The United States Government will promote foundational engineering practices to reduce systemic fragility and develop designs that degrade and recover effectively when successfully attacked.  The United States Government will also promote regular testing and exercising of the cybersecurity and resilience of products and systems during development using best practices from forward-leaning industries.  This includes promotion and use of coordinated vulnerability disclosure, crowd-sourced testing, and other innovative assessments that improve resiliency ahead of exploitation or attack.  The United States Government will also evaluate how to improve the end-to-end lifecycle for digital identity management, including over-reliance on Social Security numbers.
+
+## Foster And Protect United States Ingenuity
+
+PROPERTY PROTECTION SYSTEM: Strong intellectual property protections ensure continued economic growth and innovation in the digital age.  The United States Government has fostered and will continue to help foster a global intellectual property rights system that provides incentives for innovation through the protection and enforcement of intellectual property rights such as patents, trademarks, and copyrights. The United States Government will also promote protection of sensitive emerging technologies and trade secrets, and we will work to prevent adversarial nation states from gaining unfair advantage at the expense of American research and development.
+
+## Protect The Confidentiality And Integrity
+
+Fostering and protecting American invention and innovation is critical to maintaining the United States' strategic advantage in cyberspace.  The United States Government will nurture innovation by promoting institutions and programs that drive United States competitiveness.  The United States Government will counter predatory mergers and acquisitions and counter intellectual property theft.  We will also catalyze United States leadership in emerging technologies and promote government identification and support to these technologies, which include artificial intelligence, quantum information science, and next-generation telecommunication infrastructure.
+
+UPDATE
+        MECHANISMS
+                      TO
+                          REVIEW
+                                   FOREIGN
+
+INVESTMENT AND OPERATION IN THE UNITED
+OF AMERICAN IDEAS: For more than a decade, malicious actors have conducted cyber intrusions into United States commercial networks, targeting confidential business information held by American firms.  Malicious cyber actors from other nations have stolen troves of trade secrets, technical data, and sensitive proprietary internal communications.  The United States Government will work against the illicit appro-
+STATES:
+The confidentiality, integrity, and opportunities to re-train into cybersecurity careers.
+priation of public and private sector technology and technical knowledge by foreign competitors, while maintaining an investor-friendly climate.
+
+## Enhance The Federal Cybersecurity Develop A Superior Cybersecurity Workforce
+
+A highly skilled cybersecurity workforce is a strategic national security advantage.  The United States will fully develop the vast American talent pool, while at the same time attracting the best and brightest among those abroad who share our values.
+
+WORKFORCE: To improve recruitment and retention of highly qualified cybersecurity professionals to the Federal Government, the Administration will continue to use the National Initiative for Cybersecurity Education (NICE) Framework to support policies allowing for a standardized approach for identifying, hiring, developing, and retaining a talented cybersecurity workforce. Additionally, the Administration will explore appropriate options to establish distributed cybersecurity personnel under the management of DHS to oversee the development, management, and deployment of cybersecurity personnel across Federal departments and agencies with the exception of DOD and the IC.  The Administration will promote appropriate financial compensation for the United States Government workforce, as well as unique training and operational opportunities to effectively recruit and retain critical cybersecurity talent in light of the competitive private sector environment.
+
+USE
+     EXECUTIVE
+                  AUTHORITY
+                               TO
+                                    HIGHLIGHT
+
+AND REWARD TALENT:  The United States
+Government will promote and magnify excel-
+
+BUILD AND SUSTAIN THE TALENT PIPELINE: Our peer competitors are implementing workforce development programs that have the potential to harm long-term United States cybersecurity competitiveness.  The United States Government will continue to invest in and enhance programs that build the domestic talent pipeline, from primary through postsecondary education.  The Administration will leverage the President's proposed merit-based immigration reforms to ensure that the United States has the most competitive technology sector.  This effort may require additional legislation to achieve the sought after goals.
+
+EXPAND RE-SKILLING AND EDUCATIONAL OPPOR-
+lence by highlighting cybersecurity educators and cybersecurity professionals.  The United States Government will also leverage publicprivate collaboration to develop and circulate the NICE
+Framework, which provides a standardized approach for identifying cybersecurity workforce gaps, while also implementing actions to prepare, grow, and sustain a workforce that can defend and bolster America's critical infrastructure and innovation base.
+
+TUNITIES FOR AMERICA'S WORKERS: The Administration will work with the Congress to promote and reinvigorate educational and training opportunities to develop a robust cybersecurity workforce.  This includes expanding Federal recruitment, training, re-skilling people from a broad range of backgrounds, and giving them
+
+## Preserve Peace Through Strength
+
+C
+responsible state behavior in cyberspace built upon international law, adherence to voluntary non-binding norms of responsible state behavior that apply during peacetime, and the consideration of practical confidence building measures to reduce the risk of conflict stemming from malicious cyber activity.  These principles should form a basis for cooperative responses to counter irresponsible state actions inconsistent with this framework.
+
+ENCOURAGE UNIVERSAL ADHERENCE TO CYBER
+NORMS:
+International law and voluntary hallenges to United States security and
+      economic interests, from nation states and other groups, which have long existed in the offline world are now increasingly occurring in cyberspace.  This now-persistent engagement in cyberspace is already altering the strategic balance of power.  This Administration will issue transformative policies that reflect today's new reality and guide the United States Government towards strategic outcomes that protect the American people and our way of life. Cyberspace will no longer be treated as a separate category of policy or activity disjointed from other elements of national power.  The United States will integrate the employment of cyber options across every element of national power.
+
+OBJECTIVE:  Identify, counter, disrupt, degrade, and deter behavior in cyberspace that is destabilizing and contrary to national interests, while preserving United States overmatch in and through cyberspace.
+
+## Enhance Cyber Stability Through Norms Of Responsible State Behavior
+
+The United States will promote a framework of non-binding norms of responsible state behavior in cyberspace provide stabilizing, security-enhancing  standards that define acceptable behavior to all states and promote greater predictability and stability in cyberspace.  The United States will encourage other nations to publicly affirm these principles and views through enhanced outreach and engagement in multilateral fora.  Increased public affirmation by the United States and other governments will lead to accepted expectations of state behavior and thus contribute to greater predictability and stability in cyberspace.
+
+## Attribute And Deter Unacceptable Behavior In Cyberspace
+
+which we will impose consistent with our obligations and commitments to deter future bad behavior.  The Administration will conduct interagency policy planning for the time periods leading up to, during, and after the imposition of consequences to ensure a timely and consistent process for responding to and deterring malicious cyber activities.  The United States will work with partners when appropriate to impose consequences against malicious cyber actors in response to their activities against our nation and interests.
+As the United States continues to promote consensus on what constitutes responsible state behavior in cyberspace, we must also work to ensure that there are consequences for irresponsible behavior that harms the United States and our partners.  All instruments of national power are available to prevent, respond to, and deter malicious cyber activity against the United States. This includes diplomatic, information, military (both kinetic and cyber), financial, intelligence, public attribution, and law enforcement capabilities.  The United States will formalize and make routine how we work with like-minded partners to attribute and deter malicious cyber activities with integrated strategies that impose swift, costly, and transparent consequences when malicious actors harm the United States or our partners.
+
+LEAD WITH OBJECTIVE, COLLABORATIVE INTELLI-
+BUILD A CYBER DETERRENCE INITIATIVE: The imposition of consequences will be more impactful and send a stronger message if it is carried out in concert with a broader coalition of like-minded states.  The United States will launch an international Cyber Deterrence Initiative to build such a coalition and develop tailored strategies to ensure adversaries understand the consequences of their malicious cyber behavior.  The United States will work with like-minded states to coordinate and support each other's responses to significant malicious cyber incidents, including through intelligence sharing, buttressing of attribution claims, public statements of support for responsive actions taken, and joint imposition of consequences against malign actors.
+
+## Counter Malign Cyber Influence And Infor-
+
+GENCE: The IC will continue to lead the world in the use of all-source cyber intelligence to drive the identification and attribution of malicious cyber activity that threatens United States national interests.  Objective and actionable intelligence will be shared across the United States Government and with key partners to identify hostile foreign nation states, and non-nation state cyber programs, intentions, capabilities, research and development efforts, tactics, and operational activities that will inform whole-of-government responses to protect American interests at home and abroad.
+
+IMPOSE CONSEQUENCES: The United States will develop swift and transparent consequences, MATION OPERATIONS: The United States will use all appropriate tools of national power to expose and counter the flood of online malign influence and information campaigns and non-state propaganda and disinformation.  This includes working with foreign government partners as well as the private sector, academia, and civil society to identify, counter, and prevent the use of digital platforms for malign foreign influence operations while respecting civil rights and liberties.
+
+## Advance American Influence
+
+T
+he world looks to the United States,
+            where much of the innovation for today's Internet originated, for leadership on a vast range of transnational cyber issues.  The United States will maintain an active international leadership posture to advance American influence and to address an expanding array of threats and challenges to its interests in cyberspace.  Collaboration with allies and partners is also essential to ensure we can continue to benefit from the cross-border communications, content creation, and commerce generated by the open, interoperable architecture of the Internet.
+
+ries-old battles over human rights and fundamental freedoms are now playing out online. Freedoms of expression, peaceful assembly, and association, as well as privacy rights, are under threat.  Despite unprecedented growth, the Internet's economic and social potential continues to be undermined by online censorship and repression.  The United States stands firm on its principles to protect and promote an open, interoperable, reliable, and secure Internet.  We will work to ensure that our approach to an open Internet is the international standard.  We will also work to prevent authoritarian states that view the open Internet as a political threat from transforming the free and open Internet into an authoritarian web under their control, under the guise of security or countering terrorism.
+
+OBJECTIVE:  Preserve the long-term openness, interoperability, security, and reliability of the Internet, which supports and is reinforced by United States interests.
+
+## Priority Actions Promote An Open, Interoperable, Reliable, And Secure Internet
+
+The global Internet has prompted some of the greatest advancements since the industrial revolution, enabling great advances in commerce, health, communications, and other national infrastructure.  At the same time, centu-
+PROTECT AND PROMOTE INTERNET FREEDOM:
+The United States Government conceptualizes Internet freedom as the online exercise of human rights and fundamental freedoms - such as the freedoms of expression, association, peaceful assembly, religion or belief, and privacy rights online - regardless of frontiers or medium.  By extension, Internet freedom also supports the free Internet governance is characterized by transparent, bottom-up, consensus-driven processes and enables governments, the private sector, civil society, academia, and the technical community to participate on equal footing.  The United States Government will defend the open, interoperable nature of the Internet in multilateral and international fora through active engagement in key organizations, such as the Internet Corporation for Assigned Names and Numbers, the Internet Governance Forum, the United Nations, and the International Telecommunication Union.
+
+flow of information online that enhances international trade and commerce, fosters innovation, and strengthens both national and international security.  As such, United States Internet freedom principles are inextricably linked to our national security.  Internet freedom is also a key guiding principle with respect to other United States foreign policy issues, such as cybercrime and counterterrorism efforts.  Given its importance, the United States will encourage other countries to advance Internet freedom through venues such as the Freedom Online Coalition, of which the United States is a founding member.
+
+PROMOTE
+          INTEROPERABLE
+                         AND
+                               RELIABLE
+
+WORK WITH LIKE-MINDED COUNTRIES, INDUSTRY,
+
+COMMUNICATIONS
+                  INFRASTRUCTURE
+                                    AND
+
+INTERNET CONNECTIVITY: The United States
+will promote communications infrastructure
+and Internet connectivity that is open, interop-
+erable, reliable, and secure.  Such investment
+will provide greater opportunities for American
+firms to compete while countering the influence
+of statist, top-down government interventions
+in areas of strategic competition.  It will also
+protect America's security and commercial
+interests by strengthening United States indus-
+try's competitive position in the global digital
+economy.  The Administration will also support
+and promote open, industry-led standards activ-
+ities based on sound technological principles.
+
+PROMOTE
+          AND
+                MAINTAIN
+                          MARKETS
+                                    FOR
+
+ACADEMIA, AND CIVIL SOCIETY: The United
+States will continue to work with like-minded
+countries, industry, civil society, and other
+stakeholders to advance human rights and
+Internet freedom globally and to counter author-
+itarian efforts to censor and influence Internet
+development.  The United States Government
+will continue to support civil society through
+integrated support for technology development,
+digital safety training, policy advocacy, and
+research.  These programs aim to enhance the
+ability of individual citizens, activists, human
+rights defenders, independent journalists, civil
+society organizations, and marginalized popula-
+tions to safely access the uncensored Internet
+and promote Internet freedom at the local,
+regional, national, and international levels.
+
+PROMOTE A MULTI-STAKEHOLDER MODEL OF
+
+INTERNET GOVERNANCE: The United States will continue to actively participate in global efforts to ensure that the multi-stakeholder model of Internet governance prevails against attempts to create state-centric frameworks that would undermine openness and freedom, hinder innovation, and jeopardize the functionality of the Internet.  The multi-stakeholder model of UNITED STATES INGENUITY WORLDWIDE: American innovators and security professionals have contributed significantly in designing products and services that improve our ability to communicate and interact globally and that protect communications infrastructure, data, and devices worldwide.  The United States will continue to promote markets for American ingenuity overseas, including for emerging technologies that can lower the cost of security.  The United States will also advise on infrastructure deploypartners to implement policies and practices which allow them to be effective partners in the United States-led Cyber Deterrence Initiative.
+
+ments, innovation, risk management, policy, and standards to further the global Internet's reach and to ensure interoperability, security, and stability.  Finally, the United States will work with international partners, government, industry, civil society, technologists, and academics to improve the adoption and awareness of cybersecurity best practices worldwide.
+
+## Build International Cyber Capacity
+
+ENHANCE CYBER CAPACITY BUILDING EFFORTS:
+Many United States allies and partners possess unique cyber capabilities that can complement our own.  The United States will work to strengthen the capacity and interoperability of those allies and partners to improve our ability to optimize our combined skills, resources, capabilities, and perspectives against shared threats. Partners can also help detect, deter, and defeat those shared threats in cyberspace.  In order for international partners to effectively protect their digital infrastructure and combat shared threats, while realizing the economic and social gains derived from the Internet and ICTs, the United States will continue to address the building blocks for organizing national efforts on cybersecurity.  We will also aggressively expand efforts to share automated and actionable cyber threat information, enhance cybersecurity coordination, and promote analytical and technical exchanges.  In addition, the United States will work to reduce the impact and influence of transnational cybercrime and terrorist activities by partnering with and strengthening the security and law enforcement capabilities of our partners to build their cyber capacity.
+
+Capacity building equips partners to protect themselves and assist the United States in addressing threats that target mutual interests, while serving broader diplomatic, economic, and security goals.  Through cyber capacity building initiatives, the United States builds strategic partnerships that promote cybersecurity best practices through a common vision of an open, interoperable, reliable, and secure Internet that encourages investment and opens new economic markets.  In addition, capacity building allows for additional opportunities to share cyber threat information, enabling the United States Government and our partners to better defend domestic critical infrastructure and global supply chains, as well as focus whole-ofgovernment cyber engagements.  Our leadership in building partner cybersecurity capacity is critical to maintaining American influence against global competitors.  Building partner cyber capacity will empower international
+
+## Notes Notes

markdown/misc/dod-cyber.md

@@ -0,0 +1,159 @@
+# Department Of Defense Cyberspace Policy Report A Report To Congress Pursuant To The National Defense Authorization Act For Fiscal Year 2011, Section 934
+
+
+November 2011
+
+## Contents
+
+INTRODUCTION........ 1
+
+SECTION I: DESCRIPTION OF POLICY AND LEGAL ISSUES ........ 1 SECTION II: DECISIONS OF THE SECRETARY OF DEFENSE ........ 10 SECTION III: NATIONAL MILITARY STRATEGY FOR CYBERSPACE
+OPERATIONS ........ 10
+SECTION IV: CURRENT USE OF CYBER MODELING AND SIMULATION ........ 10 SECTION V: APPLICATION OF CYBER MODELING AND SIMULATION ........ 11 ANNEX A:  FULL TEXT OF SECTION 934 OF THE NATIONAL DEFENSE
+AUTHORIZATION ACE OF FISCAL YEAR 2011 ........ 11
+
+Introduction
+
+This report is submitted in accordance with the requirements of Section 934 of the Ike Skelton National Defense Authorization Act (NDAA) for Fiscal Year 2011. Cyberspace is a critical enabler to Department of Defense (DoD) military, intelligence, business and, potentially, civil support operations.  While the development and integration of cyber technologies have created many high leverage opportunities for DoD, our increasing reliance upon cyberspace also creates vulnerabilities for both DoD and the Nation. To more holistically capture these dynamic challenges and opportunities, the Department published the *Department of Defense Strategy for Operating in Cyberspace* (available at www.defense.gov/news/d20110714cyber.pdf), which identifies five distinct, but interrelated strategic initiatives to support DoD's cyberspace operations and its national security mission:
+
+
+- Treat cyberspace as an operational domain to organize, train, and equip so that DoD can
+take full advantage of cyberspace's potential in its military, intelligence, and business operations;
+- Employ new defense operating concepts, including active cyber defense, to protect DoD
+networks and systems;
+
+- Partner closely with other U.S. Government departments and agencies and the private
+sector to enable a whole-of-government strategy and a nationally integrated approach to
+cybersecurity;
+- Build robust relationships with U.S. Allies and international partners to enable
+information sharing and strengthen collective cybersecurity; and
+
+- Leverage the Nation's ingenuity by recruiting and retaining an exceptional cyber
+workforce and enabling rapid technological innovation.
+Section I: Description of Policy and Legal Issues As described in the *Department of Defense Strategy for Operating in Cyberspace*, DoD is addressing the complex challenges and opportunities of cyberspace in an integrated manner.
+DoD is focused on the development and extension of all necessary policies and authorities for its cyberspace operations.  As with all of the activities that DoD pursues in the physical world, cyberspace operations are executed with a clear mission and under clear authorities, and they are governed by all applicable domestic and international legal frameworks, including the protection of civil liberties and the law of armed conflict. The Senate Report (S. Rept. 111-201) accompanying the Senate version of the Ike Skelton NDAA for Fiscal Year 2011 further identified thirteen specific questions on cyber policy for Department of Defense Cyber Policy Report
+
+         1
+
+
+both DoD and the U.S. Government.  This report answers each of the thirteen questions posed in Senate Report 111-201.
+
+1. The development of a declaratory deterrence posture for cyberspace, including the relationship between military operations in cyberspace and kinetic operations.  The Committee believes that this deterrence posture needs to consider the current vulnerability of the U.S. economy and government institutions to attack, the relatively lower vulnerability of potential adversaries, and the advantage currently enjoyed by the offense in cyberwarfare. The President's May 2011 *International Strategy for Cyberspace* states that the United States will, along with other nations, encourage responsible behavior and oppose those who would seek to disrupt networks and systems, dissuading and deterring malicious actors, and reserving the right to defend these national security and vital national assets as necessary and appropriate.
+When warranted, we will respond to hostile acts in cyberspace as we would to any other threat to our country.  All states possess an inherent right to self-defense, and we reserve the right to use all necessary meansdiplomatic, informational, military, and economicto defend our Nation, our Allies, our partners, and our interests.  In doing so, we will exhaust all options prior to using force whenever we can; we will carefully weigh the costs and risks of action against the costs of inaction; and we will act in a way that reflects our values and strengthens our legitimacy, seeking broad international support wherever possible.  For its part, DoD will ensure that the U.S. military continues to have all necessary capabilities in cyberspace to defend the United States and its interests, as it does across all domains. Deterrence in cyberspace, as with other domains, relies on two principal mechanisms: denying an adversary's objectives and, if necessary, imposing costs on an adversary for aggression. Accordingly, DoD will continue to strengthen its defenses and support efforts to improve the cybersecurity of our government, critical infrastructure, and Nation.  By denying or minimizing the benefit of malicious activity in cyberspace, the United States will discourage adversaries from attacking or exploiting our networks.  DoD supports these efforts by enhancing our defenses, increasing our resiliency, and conducting military-to-military bilateral and multilateral discussions. In addition, the U.S. is working with like-minded nations to establish an environment of expectations, or norms of behavior, that increase understanding of cyber doctrine, and guide Allied policies and international partnerships.  At the same time, should the "deny objectives" element of deterrence not prove adequate, DoD maintains, and is further developing, the ability to respond militarily in cyberspace and in other domains.  Continuing to improve our ability to attribute attacks is a key to military response options. Defending the Homeland is an important element of deterrence.  DoD will use its significant capability and expertise in support of a whole-of-government approach to protect the Nation.
+The policy and legal authorities governing DoD's domestic activities - such as Defense Support to Civil Authorities - extend to cyber operations, as they would in any other domain.  DoD will continue to work closely with its interagency partners, including the Departments of Justice and Homeland Security, to address threats to the United States from wherever they originate, through a whole-of-government approach.  The Department is dedicated to the protection of the Nation, and to the privacy and the civil liberties of its citizens. Deterrence is a whole-of-government proposition.  DoD supports the White House Cybersecurity legislative proposal to protect the American people, U.S. critical infrastructure, and our government's networks and systems more effectively.  DoD is working closely with its interagency partners, including the Department of Homeland Security, to increase the cybersecurity of our critical infrastructure.  Moreover, DoD continues to work with private sector partners through efforts like the Enduring Security Framework and the Defense Industrial Base Cybersecurity/Information Assurance programs to enhance cybersecurity, reduce vulnerabilities, and encourage the innovation necessary to protect and strengthen the U.S. economy.  DoD is working with the Department of State to strengthen ties with our Allies and international partners to enhance mutual security.
+
+2. The necessity of preserving the President's freedom of action in crises and confrontations involving nations which may pose a manageable conventional threat to the United States but which in theory could pose a serious threat to the U.S. economy, government, or military through cyber attacks. The Department recognizes that a nation possessing sophisticated and powerful cyber capabilities could attempt to affect the strategic calculus of the United States.  In this scenario, an adversary might act in ways antithetical to vital U.S. national interests and attempt to prevent the President from exercising traditional national security options by threatening or implying the launch of a crippling cyber attack against the United States. Any state attempting such a strategy would be taking a grave risk.  DoD recognizes the vital importance of maintaining the President's freedom of action.  The Department is working, with our interagency partners, to ensure no future adversaries are tempted to pursue such a strategy. Our efforts focus on the following three areas:
+
+- First, the Department, in conjunction with the Intelligence Community and Law
+Enforcement agencies, strives to secure the best possible intelligence about potential adversaries' cyber capabilities.  These efforts are crucial because the United States needs
+to understand other nations' cyber capabilities in order to defend against them and to
+improve our ability to attribute any cyber attacks that may occur.  Forensic analysis is a part of attributing attacks, but foreign intelligence collection and international law enforcement cooperation play a key role.  In this regard, the co-location of the National Security Agency and United States Cyber Command (USCYBERCOM) provides
+benefits and efficiencies to the Department for its cyber operations.  The National Security Agency's unique strengths and capabilities provide USCYBERCOM with critical cryptologic support for target and access development, enabling DoD cyberspace operations planning and execution.
+
+- Second, the Department recognizes that strong cyber defenses and resilient information
+architectures, particularly those connected to critical infrastructure, mitigate the ability of
+a future adversary to constrain the President's freedom of action.  If future adversaries are unable to cripple our centers of gravity, they will be more likely to understand that the President has the full menu of national security options available.
+
+
+- Finally, the President reserves the right to respond using all necessary means to defend
+our Nation, our Allies, our partners, and our interests from hostile acts in cyberspace. Hostile acts may include significant cyber attacks directed against the U.S. economy, government or military.  As directed by the President, response options may include using cyber and/or kinetic capabilities provided by DoD.
+
+3. How deterrence or effective retaliation can be achieved in light of attribution limitations. The same technical protocols of the Internet that have facilitated the explosive growth of cyberspace also provide some measure of anonymity.  Our potential adversaries, both nations and non-state actors, clearly understand this dynamic and seek to use the challenge of attribution to their strategic advantage. The Department recognizes that deterring malicious actors from conducting cyber attacks is complicated by the difficulty of verifying the location from which an attack was launched and by the need to identify the attacker among a wide variety and high number of potential actors. With this in mind, the Department actively seeks to limit the ability of such potential actors to exploit or attack the United States anonymously in three ways:
+
+
+- First, the Department seeks to increase our attribution capabilities by supporting
+innovative research and development in both DoD and the private sector.  This research focuses on two primary areas: developing new ways to trace the physical source of an
+attack, and seeking to assess the identity of the attacker via behavior-based algorithms.
+In the near future, the Department intends to expand and deploy applications that detect, track, and report malicious activities across all DoD networks and information systems on a near real-time basis.  The ability to detect malicious activities quickly allows forensics experts to recover evidence during important windows of opportunity for attribution.
+
+- Second, the Department has significantly improved its cyber forensics capabilities over
+the past several years.  The Intelligence Community and U.S. Cyber Command continue
+to develop a highly skilled cadre of forensics experts.  Additionally, DoD has been the primary supporter of an innovative and effective center of excellence for forensics capabilities at the Defense Cyber Crime Center.  This unique organization provides an important nexus of support to both defense and law-enforcement communities, as well as to private sector companies who support DoD.
+
+- Third, in partnership with the Department of Homeland Security, DoD is expanding its
+international partnerships to increase shared situational awareness, warning capabilities
+and forensics efforts.  The ability to share timely indicators about cyber events, threat signatures of malicious code, and information about emerging actors enables advance
+deterrence of malicious activity.  Equally important are efforts to work with international partners to bolster cyber forensics capabilities.
+
+4. To the extent that deterrence depends upon demonstrated capabilities or at least declarations about capabilities and retaliatory plans, how and when the Department intends to declassify information about U.S. cyber capabilities and plans or to demonstrate capabilities. Effective deterrence in cyberspace is founded upon both the security and resilience of U.S.
+
+networks and systems, and ensuring that the United States has the capability to respond to hostile acts with a proportional and justified response.  The *International Strategy for Cyberspace*
+provides a clear statement that the United States reserves the right to use all necessary means diplomatic, informational, military, and economicto defend our Nation, our Allies, our partners, and our interests in cyberspace.
+
+The dynamic and sensitive nature of cyberspace operations makes it difficult to declassify specific capabilities.  However, the Department has the capability to conduct offensive operations in cyberspace to defend our Nation, Allies and interests.  If directed by the President, DoD will conduct offensive cyber operations in a manner consistent with the policy principles and legal regimes that the Department follows for kinetic capabilities, including the law of armed conflict.
+
+5. How to maintain control of or manage escalation in cyberwarfare, through, for example, such measures as refraining from attacking certain targets (such as command and control and critical infrastructure). The unique characteristics of cyberspace can make the danger of escalation especially acute.  For instance, the speed of action and dynamism inherent in cyberspace, challenges of anonymity, and the widespread availability of malicious tools can compound communications and increase opportunities for misinterpretation.  As a result, DoD recognizes the clear importance of steps such as the development of transparency and confidence building measures, in addition to further development of international cyberspace norms, to avoid escalation and misperception in cyberspace.  DoD and the Department of State are actively engaged with Allies, partners, and other states to build transparency and confidence with traditional adversaries. The Department also seeks to prevent dangerous escalatory situations by following the same policy principles and legal regimes in its cyberspace operations that govern actions in the physical world, including the law of armed conflict.  DoD's cyberspace operations are subject to careful coordination and review, including the use of cyberspace for intelligence operations. Intelligence, military, and political implications are carefully considered for cyberspace operations as elsewhere. In collaboration with other U.S. Government agencies, Allies and partners, DoD pursues bilateral and multilateral engagements to develop further norms that increase openness, interoperability, security, and reliability.  International cyberspace norms will increase stability and predictability of state conduct in cyberspace, and these norms will enable international action to take any required corrective measures. Finally, the Department believes that increased transparency minimizes the likelihood that a cyber incident will escalate to a dangerous or unintended level.  DoD continues to pursue opportunities for the facilitation and expansion of transparency among key international actors with regard to their command and control, doctrine, and deployment of cyber capabilities.  DoD
+works with international partners to develop confidence building and risk reduction measures to decrease the chance of miscommunication and escalation in cyberspace.
+
+6. The rules of engagement for commanders at various command echelons for responding to threats to operational missions and in normal peacetime operating environments, including for situations in which the immediate sources of an attack are computers based in the United States. DoD has implemented rules of engagement for the operation and defense of its networks.  In current operations that occur in designated Areas of Hostilities, specific rules of engagement have been approved to govern and guide DoD operations in all domains.  DoD's cyber capabilities are integrated into planning and operations under existing policy and legal regimes. As it continues to build and develop its cyber capabilities and organizational structures, the Department is addressing operational needs by modifying its standing rules of engagement for commanders to enable required decisions and take appropriate actions to defend critical information networks and systems. Due to the interconnectedness and speed that defines cyberspace, these standing rules of engagement will reflect: the implications of cyber threats; the operational demands of DoD's continuous, worldwide operations; and the need to minimize disruption from collateral effects on networked infrastructure. DoD recognizes the unique challenge presented by malicious activity coming from within the United States. The Department will support domestic agencies and departments, using its significant capability and expertise in support of a whole-of-government approach to protect the Nation.  The policy and legal authorities governing DoD's domestic activities - such as Defense Support to Civil Authorities - extend to cyber operations, as they would in any other domain. DoD will continue to work closely with its interagency partners, including the Departments of Justice and Homeland Security, to address threats to the United States from wherever they originate, through a whole-of-government approach.  The Department is dedicated to the protection of the Nation, and to the privacy and the civil liberties of its citizens.
+
+7.  How the administration will evaluate the risks and consequences attendant to penetrations of foreign networks for intelligence gathering in situations where the discovery of the penetration could cause the targeted nation to interpret the penetration as a serious hostile act.
+
+Espionage has a long history and is nearly always practiced in both directions.  For the U.S. and many other states, traditional espionage has been a state-sponsored intelligence-gathering function focused on national security, defense, and foreign policy issues.  The United States Government collects foreign intelligence via cyberspace, and does so in compliance with all applicable laws, policies, and procedures.  The conduct of all U.S. intelligence operations is governed by long-standing and well-established considerations, to include the possibility those operations could be interpreted as a hostile act. Classified material pertaining to this section is available in the separate Classified Annex.
+
+
+8. How DoD shall keep Congress fully informed of significant cyberspace accesses acquired for any purpose that could serve as preparation of the environment for military action. The Department has been working closely with Congress to improve the reporting schemes for cyberspace operations.  DoD will provide quarterly cyber briefings to appropriate Members of Congress and their congressional staff in fulfillment of notification requirements.  For sensitive operations that may require out-of-cycle reporting, DoD will ensure that appropriate Members of Congress and their congressional staff receive any necessary additional briefings.
+
+9. The potential benefit of engaging allies in common approaches to cyberspace deterrence, mutual and collective defense, and working to establish norms of acceptable behavior in cyberspace. The President's *International Strategy for* Cyberspace makes clear that hostile acts conducted through cyberspace could compel actions under the commitments we have with our military treaty partners, and DoD has been working actively to clarify those expectations within our alliances. To implement that vision, the *Department of Defense Strategy for Operating in Cyberspace* emphasizes the importance of building robust relationships with U.S. Allies and partners to strengthen the deterrence of malicious cyberspace activity and to build collective cyber defenses.
+Through shared warning, capacity building, and joint training activities, international engagement provides opportunities for an exchange of information and new ideas to strengthen U.S. and allied cyber capabilities.  DoD continues to coordinate amendments to the National Disclosure Policy that will ensure detailed cyber operations discussions with Allies and international partners. DoD is actively deepening its engagement on cyber issues with its Allies and international partners.  The Department continues to have both senior-level and expert coordinating activities with Australia, Canada, New Zealand, and the United Kingdom.  DoD has worked closely with its NATO Allies on cyber issues, including the revised NATO Cyber Policy and associated action plan approved at the June 2011 Ministerial.  In further development of our treaty relationships, DoD is strengthening its relationships with Japan and the Republic of Korea.  DoD and its Allies and international partners can maximize cyber capabilities, mitigate risk, and deter malicious activities in cyberspace. The United States is actively engaged in the continuing development of norms of responsible state behavior in cyberspace, making clear that as a matter of U.S. policy, long-standing
+
+
+international norms guiding state behavior also apply equally in cyberspace.  Among these, applying the tenets of the law of armed conflict are critical to this vision, although cyberspace's unique aspects may require clarifications in certain areas.
+
+10. The issue of third-party sovereignty to determine what to do when the U.S. military is attacked, or U.S. military operations and forces are at risk in some other respect, by actions taking place on or through computers or other infrastructure located in a neutral third country.
+
+The nature of the DoD response to a hostile act or threat is based upon a multitude of factors, but always adheres to the principles of the law of armed conflict.  These responses include taking actions short of the use of force as understood in international law.
+
+DoD adheres to well-established processes for determining whether a third country is aware of malicious cyber activity originating from within its borders.  In doing so, DoD works closely with its interagency and international partners to determine:
+
+- The nature of the malicious cyber activity;
+
+- The role, if any, of the third country;
+
+- The ability and willingness of the third country to respond effectively to the malicious
+cyber activity; and
+- The appropriate course of action for the U.S. Government to address potential issues of
+third-party sovereignty depending upon the particular circumstances.
+
+11.  The issue of the legality of transporting cyber "weapons" across the Internet through the infrastructure owned and/or located in neutral third countries without obtaining the equivalent of "overflight rights." There is currently no international consensus regarding the definition of a "cyber weapon."  The often low cost of developing malicious code and the high number and variety of actors in cyberspace make the discovery and tracking of malicious cyber tools difficult.  Most of the technology used in this context is inherently dual-use, and even software might be minimally repurposed for malicious action. The interconnected nature of cyberspace poses significant challenges for applying some of the legal frameworks developed for specific physical domains.  The law of armed conflict and customary international law, however, provide a strong basis to apply such norms to cyberspace governing responsible state behavior.  Significant multinational work remains to clarify the application of norms and principles of customary international law to cyberspace. As the President recognized in the *International Strategy for Cyberspace*, the development of norms for state conduct does not require a reinvention of customary international law nor render
+
+existing norms obsolete.  Rather, the principled application of existing norms must be developed with our partners and Allies.  DoD, in conjunction with other U.S. Government departments and agencies, will continue to work with our partners and Allies to build consensus on the applicability of norms in cyberspace to develop customary international law further.
+
+
+12.  The definition or the parameters of what would constitute an act of war in cyberspace and how the laws of war should be applied to military operations in cyberspace. The phrase "act of war" is frequently used as shorthand to refer to an act that may permit a state to use force in self-defense, but more appropriately, it refers to an act that may lead to a state of ongoing hostilities or armed conflict.  Contemporary international law addresses the concept of "act of war" in terms of a "threat or use of force," as that phrase is used in the United Nations
+(UN) Charter.  Article 2(4) of the UN Charter provides:  "All Members shall refrain in their international relations from the threat or use of force against the territorial integrity or political independence of any state."  International legal norms, such as those found in the UN Charter and the law of armed conflict, which apply to the physical domains (i.e., sea, air, land, and space), also apply to the cyberspace domain. As in the physical world, a determination of what is a "threat or use of force" in cyberspace must be made in the context in which the activity occurs, and it involves an analysis by the affected states of the effect and purpose of the actions in question. The particular attributes of cyberspace can make this determination especially difficult, including the detection of the activity, political and/or technical attribution, and a determination if the particular activity is part of a larger military operation, although these are challenges present in the "real world" as well. Without question, some activities conducted in cyberspace could constitute a use of force, and may as well invoke a state's inherent right to lawful self-defense.  In this context, determining defensive response to even presumptively illegal acts rests with the Commander-in-Chief.
+
+13.  What constitutes use of force in cyberspace for the purpose of complying with the War Powers Act (Public Law 93-148).
+
+The requirements of the War Powers Resolution apply to "the introduction of United States Armed Forces into hostilities or into situations where imminent involvement in hostilities is clearly indicated by the circumstances, and to the continued use of such forces in hostilities or in such situations." Cyber operations might not include the introduction of armed forces personnel into the area of hostilities.  Cyber operations may, however, be a component of larger operations that could trigger notification and reporting in accordance with the War Powers Resolution.  The Department will continue to assess each of its actions in cyberspace to determine when the requirements of the War Powers Resolution may apply to those actions.
+Section II: Decisions of the Secretary of Defense By approving the *Department of Defense Strategy for Operating in Cyberspace*, the Secretary of Defense has set out comprehensive guidance for the Department's cyberspace activities in defense and support of U.S. national interests.  The strategy also provides clear objectives and policies for DoD to take advantage of cyberspace's potential, while recognizing the continued growth of both cyberspace threats and vulnerabilities. DoD has also worked closely with the Administration to develop its Cybersecurity Legislative Proposal.  DoD supports the Administration's efforts to improve cybersecurity for the American people, our critical infrastructure, and the U.S. Government's networks and systems.  DoD relies upon U.S. critical civilian infrastructure for its operations.  The theft of sensitive information and intellectual capital erodes DoD's effectiveness and the economic vitality upon which our military strength depends.
+
+Section III: National Military Strategy for Cyberspace Operations The Joint Staff does not intend to modify the National Military Strategy for Cyberspace Operations at this time.  To guide the Department's activities in cyberspace, the Secretary of Defense has approved the *Department of Defense Strategy for Operating in Cyberspace*.
+
+Section IV: Current Use of Cyber Modeling and Simulation Cyber modeling and simulation technologies are rapidly evolving in scope and sophistication. As the size and complexity of networks continue to grow, the need for capabilities to understand and study them has become increasingly apparent.  In DoD, the use of these tools and technologies varies greatly depending upon the unique requirements and mission sets of component organizations. Exploration and refinement of tactics, techniques, and procedures used to defend DoD networks are a key application of modeling and simulation.  The use of "test ranges" allows the military to increase awareness, adjust planning, improve resiliency of its networks and systems, and train personnel.  DoD's cyber workforce can use these capabilities to increase proficiency through realistic, practical application of techniques and procedures to hone skills for better identification of vulnerabilities and improved remediation response.  In addition to new technologies and their application, the use of ranges allows DoD to explore and develop new concepts for its operations in a contained but realistic environment. The Defense Intelligence Agency (DIA) and several Combatant Commands are developing and using methodologies, analytic techniques, and tools to identify potential cyber vulnerabilities.
+Modeling and simulation are some of the tools used, but they are still at early stages of development.  Including methodologies and modeling in structural analytic techniques provides DoD with a framework to test assumptions and explore the interaction between networks.  For instance, the Cyber Operations Research Environment (CORE) provides data necessary to perform predictive strategic analysis on the impact of potential cyber threats.  This work
+
+provides the information necessary to prioritize mitigation efforts, increase network security, and preserve the ability of particular systems to perform military missions. DoD is also pursuing revolutionary approaches to modeling and simulation, such as the National Cyber Range (NCR).  The NCR will create a new state-of-the-art capability for large-scale cyber testing.  This ability to evaluate cyber technologies, policies, and procedures will be a critical asset to the development of future operations.  By enabling testing and analysis under real word conditions, DoD will be able to refine, research, and develop capabilities that can strengthen cyber defenses and revolutionize cybersecurity.  The NCR will allow testing of current cyber environments, and it will be the foundation of future modeling and simulation capabilities. Classified material pertaining to this section is available in the separate Classified Annex.
+
+Section V: Application of Cyber Modeling and Simulation The application of cyber modeling and simulation capabilities can improve current defense and future development activities.  These lessons will allow DoD to develop improved architectures and increase the sophistication of its cyber defenses.  New capabilities such as the NCR will provide vast improvements in DoD's ability to model and simulate a variety of networks quickly and at scale.  DoD continues to innovate and explore new initiatives that improve our cyberspace strategies and programs. As cyber technologies and their applications continue to evolve, DoD is exploring the use of modeling and simulation technologies to test and evaluate new cyberspace concepts, policies, and capabilities.  These efforts will enable DoD to develop new ideas and adapt to technological trends.  Improved modeling and simulation capabilities will further DoD's efforts to understand and integrate more effectively policy, legal, operational, and technical trends in cyberspace that will allow the Department to identify vulnerabilities, address them, and ensure that the U.S. military continues to have the capability to fulfill its national security mission in defense of the Nation. Classified material pertaining to this section is available in the separate Classified Annex.
+
+## Annex A:  Full Text Of Section 934 Of The National Defense Authorization Act Of Fiscal Year 2011 Sec. 934.  Report On The Cyber Warfare Policy Of The Department Of Defense.
+
+(a) REPORT REQUIRED.Not later than March 1, 2011, the Secretary of Defense shall submit to Congress a report on the cyber warfare policy of the Department of Defense.
+
+
+(b) ELEMENTS.The report required under this section shall include the following:
+(1) A description of the policy and legal issues investigated and evaluated by the Department in considering the range H. R. 6523203 of missions and activities that the Department may choose to conduct in cyberspace.
+
+
+(2) The decisions of the Secretary with respect to such issues, and the recommendations of the Secretary to the President for decisions on such of those issues as exceed the authority of the Secretary to resolve, together with the rationale and justification of the Secretary for such decisions and recommendations.
+
+(3) A description of the intentions of the Secretary with regard to modifying the National Military Strategy for Cyberspace Operations.
+
+
+(4) The current use of, and potential applications of, modeling and simulation tools to identify likely cybersecurity vulnerabilities, as well as new protective and remediation means, within the Department.
+
+
+(5) The application of modeling and simulation technology to develop strategies and programs to deter hostile or malicious activity intended to compromise Department information systems.
+
+(c) FORM.The report required under this section shall be submitted in unclassified form, but may include a classified annex.

markdown/misc/efficient.md

@@ -0,0 +1,153 @@
+# The Efficient Utilization Of Open Source Information
+
+Samuel R. Baty A-2, Intelligence & Systems Analysis August 11, 2016
+UNCLASSIFIED
+LA-UR-16-26273
+
+## Primary Considerations
+
+- Open source information consists of a vast set of
+information from a variety of sources.
+- World news - Unclassified documents and reports - Maps and Satellite imagery - Patents, scientific papers etc.
+- Not only does the quantity of open source
+information pose a problem, the *quality* of such information can hinder efforts.
+- Usually difficult to verify
+
+## The Method Of Solving Problems
+
+- In many cases, limitations in content prevents
+analysts from finding an exact answer to a question.
+- One important problem solving strategy is to bound
+a system's capability or technologies.
+- By using additional valuable information, more
+refined bounds can be built, allowing for more
+precise estimates.
+- Two example problems are found in examinations
+of Iran and North Korea
+
+## Case Study: Iran
+
+- Consider the Iranian space program.
+- Iran has demonstrated a satellite launch capability
+using the domestically produced Safir rocket family.
+- Given the success of Safir launches, could Iran
+utilize or modify existing satellite launch vehicles (SLVs) into ICBMs?
+- What are key factors to consider when analyzing a
+ballistic missile?
+- Size of deliverable
+- Range
+- Using these parameters, a v for the missile
+system can be defined for a given mass.
+- What is a good estimate for the mass of a reentry
+vehicle (RV)?
+- How can we arrive at that estimation?
+Selection of US RVs (L to R: Mk 6, Mk 12a, Mk 21). Not great analogies for a first Iranian RV (3,4,5).
+
+UNCLASSIFIED
+
+- We can estimate materials and sub-systems, using
+relatively small (in volume) US systems.
+- Safing, arming, fuzing, firing (SAFF) - Special nuclear material - High explosives - RV shell - plastics/foams/etc. - Others?
+- Using these, and weighting by volume, a lower
+mass bound was estimated at 740-1150 lbs.
+- Minuteman III throw weight is ~2400 lbs
+UNCLASSIFIED
+Minuteman III with 3 Mk 12a RVs (6)
+
+- Using this mass, a Safir system does not have the
+required v needed to reach necessary apogee to be considered an ICBM.
+- A comparison with western missiles of the same
+capability yields a bounded estimate (in time) of
+when Iran could have a nuclear capable ICBM.
+
+## Case Study: North Korea
+
+- Consider the naval capabilities of the DPRK.
+- How long would it take for the DPRK to successfully
+develop a reliable SLBM capability?
+NK-11 Missile ejection and estimate of Sinpo-Class SSB (7,8).
+
+UNCLASSIFIED
+
+- In similar fashion to the Iran case, what does the
+DPRK need to achieve its goal?
+- A nuclear weapon. (Deliverable/miniaturized) - Reliable SLBM system - SSB(N) - Supporting technology for SLBMs and SSB(N)s
+- How long would it take for the DPRK to successfully
+develop a reliable SLBM capability?
+- North Korea has made some fairly substantial
+claims...
+- Claim of "Hydrogen Bomb" test, Jan 2016 (BBC). - Claim of being about to fully "cope with America
+with nuclear weapons at any time" (CNN).
+- North Korean rhetoric alone will not provide an
+accurate understanding of capabilities.
+- Important to consider that posturing can be geared
+both for domestic propaganda or foreign
+intimidation.
+- Reality: Primarily using maps and satellite imagery
+as the source of information:
+- ~ One Sinpo Class submarine (assumed
+operational)
+- Testing of SLBMs initially only platform based.
+- Check through tracking tech transfers (Golf II, R-27)
+- Similarly to the Iran case, a comparison to Western
+development provides a minimum bound for the time needed to have a credible SLBM capability.
+- What is the difference between a "usable"
+capability and a "reliable" capability?
+- SSBNs, instead of SSBs, allow for a more flexible
+deterrent for several reasons
+- Quiet - Long(er) deployment times - Longer effective range
+- However, all of the required infrastructure for a
+naval nuclear reactor is certainly not trivial.
+- The domestic production timeframe on an SSBN
+class likely exceeds a decade.
+
+## Conclusions
+
+- The huge breadth and depth of open source
+information can complicate an analysis, especially because open information has no guarantee of
+accuracy
+- Open source information can provide key insights
+either directly or indirectly:
+- Looking at supporting factors (flow of scientists,
+products and waste from mines, government budgets, etc.)
+- Direct factors (statements, tests, deployments)
+
+## Conclusions (Cont.)
+
+- Fundamentally, it is the independent verification of
+information that allows for a more complete picture to be formed.
+- Overlapping sources allow for more precise bounds
+on times, weights, temperatures, yields or other
+issues of interest in order to determine capability.
+- Ultimately, a "good" answer almost never comes
+from an individual, but rather requires the utilization of a wide range of skill sets held by a team of people.
+
+## Picture And Graph Credits
+
+1.
+http://www.spacelaunchreport.com/slr2015q1.html
+2.
+http://www.spaceflight101.net/irans-safir-rocket-successfully-launches-fajr-satelliteinto-orbit.html
+3.
+http://defenceforumindia.com/forum/threads/agni-v-missile-test-launch.33457/page-
+20
+4.
+https://commons.wikimedia.org/wiki/File:Titan_II_Reentry_Vehicle_and_Warhead_C
+asing_%288562940163%29.jpg
+5.
+https://en.wikipedia.org/wiki/LGM-118_Peacekeeper
+6.
+http://nsarchive.gwu.edu/nsa/NC/mirv/mirv.html
+7.
+http://www.hisutton.com/Analysis%20- %20Sinpo%20Class%20Ballistic%20Missile%20Sub.html
+8.
+http://www.ncnk.org/resources/briefing-papers/all-briefing-papers/an-overview-ofnorth-korea-s-ballistic-missiles
+9.
+https://en.wikipedia.org/wiki/Golf-class_submarine
+
+## Additional References
+
+A.
+http://www.bbc.com/news/world-asia-pacific-11813699
+B.
+http://www.cnn.com/2015/09/15/asia/north-korea-nuclear-program/

markdown/misc/election-2020.md

@@ -0,0 +1,551 @@
+## National Intelligence Council Foreign Threats To The 2020 Us Federal Elections
+
+This document is a declassified version of a classified report. The analytic judgments outlined here are identical to those in the classified version, but this declassified document does not include the full supporting information and does not discuss specific intel1igence reports, sources, or methods.
+
+igence OJficer (NIO) jor *Cyber.* It
+igence Council under the auspices ojthe National *Inte*
+This Intelligence Community Assessment was prepared by the National Inte
+.
+
+igence Council and CIA, DHS, FBJ. INR, and NSA, and coordinated with CIA, DHS, FBJ. INR, Treasury*, and NSA*
+was drafted by the National Inte UNCLASSIFIED
+This page intentionally bZank.
+
+## Background
+
+This document is a declassified version of a classified report that the Intelligence Community provided to the President, senior Executive Branch offi.cials, and Congressionalleadership and intelligence oversight committees on 07 January
+2021. The Intelligence Community rarely can public1y reveal the full extent of its knowledge or the specific information on which it bases its analytic conclusions, as doing so could endanger sensitive sources and methods and imperil the Intelligence Community's ability to collect critical foreign intelligence. The analytic judgments outlined below are identical to those in the classified version, but this declassified document does not include the full supporting information and does not discuss specific intelligence reports, sources, or methods.
+
+## Scopenote
+
+This Intelligence Community Assessment (ICA), as required by Executive Order (EO) 13848(1)(a), addresses key foreign actors' intentions and efforts to influence or interfere with the 2020 US federal elections or to undermine public confidence in the US election process. It builds on analysis published throughout the election cycle and provided to Executive Branch and Congressionalleaders. This ICA does not include an assessment ofthe impact foreign malign influence and interference activities may have had on the outcome ofthe 2020 election. The US Intelligence Community is charged with monitoring and assessing the intentions, capabilities, and actions offoreign actors; it does not analyze US political processes or actors, election administration or vote tabulation processes, or public opinion.
+
+- Pursuant to EO 13848(1)(b), after receiving this assessment, the Attomey General and the Secretary ofHomeland
+Security, in consultation with the heads of any other appropriate Federal, State, or local agencies, will evaluate
+the impact of any foreign efforts on the security or integrity of election infrastructure or infrastructure pertaining
+to a political organization, campaign, or candidate in a 2020 US federal election, and document the evaluation in
+a report.
+- Pursuant to EO 13848(3)(a), after reviewing this assessment and the report required by EO 13848(1)(b), the
+Secretary ofthe Treasury, in consultation with the Secretary ofState, the Attomey General, and the Secretary of
+Homeland Security, wi1l impose appropriate sanctions for activities determined to constitute foreign interference
+in a US election.
+
+## Definitions
+
+For the purpose ofthis assessment, **election infIuence** includes overt and covert efforts by foreign govemments or actors acting as agents of, or on behalf of, foreign govemments intended to affect directly or indirectly a US electionincluding candidates, political parties, voters or their preferences, or political processes. **Election interference** is a subset of election influence activities targeted at the technical aspects of the election, including voter registration, casting and counting ballots, or reporting results.
+
+## Sources Oflnformation
+
+In drafting this ICA, we considered intelligence reporting and other information made available to the Intelligence Community as of31 December 2020.
+
+## Foreign Threats To The 2020 Us Federal Elections
+
+10 March 2021
+ICA 2020-00078D
+Key Judgment 1: We have no indications that any foreign actor attempted to a1ter any technica1 aspect of the voting process in the 2020 US elections, including voter registration, casting ballots, vote tabulation, or reporting results. We assess that it would be difficult for a foreign actor to manipulate election processes at scale without detection by intelligence collection on the actors themselves, through physical and cyber security monitoring around voting systems across the country, or in post-election audits. The IC identified some successful compromises ofstate and local govemment networks prior to Election Day-as well as a higher volume ofunsuccessful attempts-that we assess were not directed at altering election processes. Some foreign actors, such as Iran and Russia, spread false or inflated claims about alleged compromises of voting systems to undermine public confidence in election processes and results.
+
+Key Judgment 2: We assess that Russian President Putin authorized, and a range of Russian government organizations conducted, influence operations aimed at denigrating President Biden's candidacy and the Democratic Party, supporting former President Trump, undermining public confidence in the electora1 process, and exacerbating sociopolitica1 divisions in the US. Unlike in 2016, we did not see persistent Russian cyber efforts to gain access to election infrastructure. We have high confidence in our assessment; Russian state and proxy actors who all serve the Kremlin's interests worked to afi'ect US public perceptions in a consistent manner. A key element of Moscow's strategy this election cycle was its use of proxies linked to Russian intelligence to push influence narratives-including misleading or unsubstantiated allegations against President Biden-to US media organizations, US officials, and prominent US individuals, including some close to former President Trump and his administration.
+
+Key Judgment 3: We assess that Iran carried out a multi-pronged covert influence campaign intended to undercut former President Trump's reelection prospects-though without directly promoting his rivals-undermine public confidence in the electora1 process and US institutions, and sow division and exacerbate societal tensions in th~
+US. We have high confidence in this assessment. We assess that Supreme Leader Khamenei authorized the campaign and Iran's military and intelligence services implemented it using overt and covert messaging and cyber operations.
+
+Key Judpnent 4: We assess that China did not deploy interference efforts and considered but did not deploy influence efforts intended to change the outcome ofthe US Presidentia1 election. We have high confidence in this judgment. China sought stability in its relationship with the United States, did not view either election outcome as being advantageous enough for China to risk getting caught meddling, and assessed its traditional influence toolsprimarily targeted economic measures and lobbying- would be sufficient to meet its goal of shaping US China policy regardless ofthe winner. The NIO for Cyber assesses, however, that China did take some steps to try to undermine former President Trump's reelection.
+
+Key Judgment 5: We assess that a range of additional foreign actors-including Lebanese Hizballah, Cuba, and Venezuela-took some steps to attempt to influence the election. In general, we assess that they were smaller in scale than the influence efi'orts conducted by other actors this election cycle. Cybercriminals disrupted some election preparations; we judge their activities probably were driven by fmancial motivations.
+
+Please also see DNI memorandum: Views on Intelligence Community Election Security Analysis, dated January 7,
+2021.
+
+## Foreign Threats To The 2020 Us Federal Elections
+
+ICA 2020-00078D
+10 March 2021
+
+## Discussion
+
+Foreign govemments or other foreign actors ofien try to inf1uence the politics and policies of other countries.
+
+They may, for example, advocate for and try to shape other countries' foreign policies in ways that benefit their political, economic, and military interests. These efforts range along a spectrum from public statements and foreign assistance efforts, to sanctions and other economic pressure such as boycotts, to covert or clandestine efforts such as covert messaging and recruiting agents of inf1uence. When such activities are intended to directly or indirectly affect an electionincluding candidates, political parties, voters or their preferences, or political processes-the IC characterizes it as election influence. If a foreign govemment, as part of its election inf1uence efforts, attempts or takes actions to target the technical aspects of elections-including voter registration, casting and counting ofballots, and reporting ofresults, the IC characterizes it as election interference.
+
+2020, the IC tracked a broader array of foreign I
+actors taking steps to influence US elections than in past election cycles, a development that may be explained by several factors. First, increased IC focus on this issue may have uncovered a higher percentage of efforts. Second, more actors may view inf1uence operations as important tools for projecting power abroad. The growth of intemet and social media use means foreign actors are more able to reach US
+audiences directly, while the tools for doing so are becoming more accessible. Third, some foreign actors may perceive inf1uence activities around US elections as continuations ofbroad, ongoing efforts rather than specially demarcated campaigns. They may also perceive that such a continuum makes it more difficult for the US to single out and respond to specifical1y election-focused inf1uence efforts. Finally, as more foreign actors seek to exert inf1uence over US elections, additional actors may increasingly see election-focused inf1uence efforts as an acceptable norm of international beha vior.
+
+Greater public and media awareness of inf1uence operations in 2020 compared to past election cycles probably helped counter them to some degree. US
+Government public messaging as well as Government and private sector actions probably also disrupted some activities. For example, proactive information sharing with social media companies faci1itated the expeditious review, and in many cases removal, of social media accounts covertly operated by Russia and Iran.
+
+Additionally, public disclosure ofRussian and Iranian efforts and US Govemment sanctions on some of the responsible actors probably hindered their ability to operate deniably.
+
+## Election Interference
+
+We have no indications that any foreign actor attempted to interfere in the 2020 US elections by altering any technical aspect ofthe voting process, including voter registration, ballot casting, vote tabulation, or reporting results. We assess that it would be difficult for a foreign actor to manipulate election processes at scale without detection by intelligence collection on the actors themselves, through physical and cyber security monitoring around voting systems across the country, or in post-election audits of electronic results and paper backups. We identified some successful compromises of state and local govemment networks prior to Election Day. We assess these intrusions were
+
+# ~ ,-\ -1-1 () ~ .1\ 1, 1 N -R' 1: 1 1. 1 (; 1: N (' 1: (_' () T 1 N ( ' 1 1.
+
+## N 1 C 111I111111
+
+parts ofbroader campaigns targeting US networks and not directed at the election. Some foreign actors, such as Iran and Russia, spread false or inflated claims about al1eged compromises of voting systems to try to undermine public confidence in election processes and results.
+
+Over the course ofthe election cycle, the IC, other US
+agencies, and state and local officials also identified thousands of reconnaissance or low-level, unsuccessful attempts to gain access to county or state govemment networks. Such efforts are common and we have no indications they were aimed at interfering in the election.
+
+- Some of these govemment networks hosted,
+among a variety of other govemment processes,
+election-related elements like voter registration
+databases or state election results reporting
+websites. We have no indications that these
+activities altered any election processes or data.
+- Defensive measures such as firewalls, up-to-date
+patching, cybersecurity training for govemment
+personnel, and separation of election-specific
+systems from other computer networks probably
+helped to thwart thousands of compromise
+attempts. Such measures probably also would have
+helped prevent the network intrusions we detected.
+
+## Russia's Efforts To Influence 2020 Election, Exacerbate Divisions In Us
+
+We assess that President Putin and the Russian state authorized and conducted influence operations against the 2020 US presidential election aimed at denigrating President Biden and the Democratic Party, supporting former President Tmmp, undermining public confidence in tbe electoral process, and exacerbating sociopolitical divisions in the US. Unlike in 2016, we did not see persistent Russian cyber efforts to gain access to election infrastructure. We have high confidence in these judgments because a range of Russian state and proxy actors who all serve the Kremlin's interests worked to affect US public perceptions. We also have high confidence because of the consistency of themes in Russia's influence efforts across the various influence actors and throughout the campaign, as well as in Russian leaders' assessments of the candidates. A key element ofMoscow's strategy this election cycle was its use of people linked to Russian intelligence to launder influence narrativesincluding misleading or unsubstantiated allegations against President Biden-through US media organizations, US officials, and prominent US
+individuals, some of whom were close to former President Tmmp and his administration.
+
+## Krem1In Direction Of Influence Activity
+
+We assess that President Putin and other senior Russian officials were aware of and probably directed Russia's influence operations against the 2020 US
+Presidential election. For example, we assess that Putin had purview over the activities of Andriy Derkach, a Ukrainian legislator who played a prominent role in Russia's election influence activities. Derkach has ties to Russian officials as well as Russia's intelligence services.
+
+- Other senior officials also participated in Russia's
+election influence efforts-including senior
+national security and intelligence officials who we
+assess would not act without receiving at least
+Putin's tacit approval.
+
+## Actors, Methods, And Operations
+
+We assess that Russia's intelligence services, Ukrainelinked individuals with ties to Russian intelligence and their networks, and Russian state media, trolls, and online proxies engaged in activities targeting the 2020
+US presidential election. The primary effort the IC
+uncovered revolved around a nauative-that Russian actors began spreading as early as 20 14-alleging couupt ties between President Biden, his family, and other US officials and Ukraine. Russian intelligence services relied on Ukraine-linked proxies and these proxies' networks- including their US contacts- to spread this nauative to give Moscow plausible deniability of their involvement. We assess that the goals of this effort went beyond the US presidential campaign to include reducing the Trump administration's support for Ukraine. As the US presidential election neared, Moscow placed increasing emphasis on undermining the candidate it saw as most detrimental to its global interests. We have no evidence suggesting the Ukrainian Govemment was involved in any ofthese efforts.
+
+- A network ofUkraine-linked individualsincluding Russian influence agent Konstantin
+Kilimnik-who were also connected to the Russian
+Federal Security Service (FSB) took steps
+throughout the election cycle to damage US ties to
+Ukraine, denigrate President Biden and his
+candidacy, and benefit former President Trump's
+prospects for reelection. We assess this network
+also sought to discredit the Obama administration
+by emphasizing accusations of corruption by US
+officials, and to falsely blame Ukraine for
+interfering in the 2016 US presidential election.
+- Derkach, Kilirnnik, and their associates sought to
+use prominent US persons and media conduits to
+launder their narratives to US officials and
+audiences. These Russian proxies met with and
+provided materials to Trump administration-linked
+US persons to advocate for formal investigations;
+hired a US fmn to petition US officials; and
+attempted to make contact with several senior US
+officials. They also made contact with established
+US media figures and helped produce a
+documentary that aired on a US television network
+in late January 2020.
+- As part ofhis plan to secure the reelection of
+former President Trump, Derkach publicly released
+audio recordings four times in 2020 in attempts to
+implicate President Biden and other current or
+former US Govemment officials in allegedly
+corrupt activities related to Ukraine. Derkach also
+worked to initiate legal proceedings in Ukraine and
+the US related to these allegations. Former
+Ukrainian officials associated with Derkach sought
+to promote similar claims throughout late 2019 and
+2020, including through direct outreach to senior
+US Govemment officials.
+We assess that Russia' s cyber units gathered information to inform Kremlin decision-making about the election and Moscow's broader foreign policy interests. Through these operations, Russia probably gathered at least some information it could have released in influence operations. We assess Russia did not make persistent efforts to access election infrastructure, such as those made by Russian intelligence during the last US
+presidential election.
+
+- For example, shortly after the 2018 midterm
+elections, Russian intelligence cyber actors attempted to hack organizations primarily affiliated
+with the Democratic Party. Separately, the GRU
+unsuccessfully targeted US political actors in 2019
+and 2020; this activity aligned with the tactics of a
+larger intelligence-gathering campaign.
+- In late 2019, GRU cyber actors conducted a
+phishing campaign against subsidiaries of Burisma holdings, likely in an attempt to gather information related to President Biden's family and Burisma.
+
+- We judge that Russian cyber operations that
+targeted and compromised US state and local
+govemment networks in 2020- including
+exfiltrating some voter data-were probably not
+election-focused and instead part of a broader
+campaign targeting dozens of US and global
+entities.
+Throughout the election cycle, Russia's online infIuence actors sought to affect US public perceptions ofthe candidates, as well as advance Moscow's longstanding goals of undermining confidence in US
+election processes and increasing sociopolitical divisions among the American people. During the presidential primaries and dating back to 2019, these actors backed candidates fi"om both major US political parties that Moscow viewed as outsiders, while later claiming that election fi"aud helped what they called
+"establishment" candidates. Throughout the election, Russia's online influence actors sought to amplify mistrust in the electoral process by denigrating mail-in
+
+## ~ ~ E (' () Ii N (_' 1 I ~ I 1.1 (; [ N (_ [ -:\1 A T 1 0:\1 .1\ 1. 1 N I N 1 C 1111111111
+
+ballots, highlighting al1eged i egularities, and accusing
+.
+
+the Democratic Party ofvoter fraud
+
+The Kremlin-linked inf1uence organization Project
+-
+Lakhta and its Lakhta Intemet Research (LIR) troll
+farm-commonly refe ed to by its former moniker
+Intemet Research Agency (IRA)-amplified
+controversial domestic issues. LIR used social
+media personas, news websites, and US persons to
+deliver tailored content to subsets of the US
+population. LIR established short-lived trol1 farms
+that used unwitting third-country nationals in
+Ghana, Mexico, and Nigeria to propagate these
+US-focused na atives, probably in response to
+efforts by US companies and law enforcement to
+.
+shut down LIR-associated personas
+,
+Russian state media, trolls, and online proxies
+-
+including those directed by Russian intelligence ,
+published disparaging content about President
+Biden, his family, and the Democratic Party, and
+heavily amplified related content circulating in US
+media, including stories centered on his son. These
+inf1uence actors frequently sought out US
+contributors to increase their reach into US
+, audiences. In addition to election-related content these online inf1uence actors also promoted conspiratorial na atives about the COVID-19
+pandemic, made allegations of social media censorship, and highlighted US divisions
+.
+
+ounding protests about racial justice
+sU
+
+- Russian online inf1uence actors generally promoted
+former President Trump and his commentary,
+including repeating his political messaging on the
+election results; the presidential campaign; debates;
+the impeachment inquiry; and, as the election
+neared, US domestic crises. Inf1uence actors
+sometimes sought to discourage US left-leaning
+audiences from voting by suggesting that neither
+candidate was a preferable option. At the same
+time, Russian actors criticized former President
+Trump or his administration when they pursued
+foreign policies-such as the targeted killing of
+Iranian General Qasem Soleimani in January
+2020--at odds with Russia's preferences.
+
+- LIR, which probably receives tasking and strategic
+direction from the Kremlin, pushed stories
+supporting former President Trump and
+denigrating President Biden after he became the
+presumptive nominee in April.
+
+## Eva1Uating Moscow's Ca1Culus On The 2020 Election
+
+We assess that Russian leaders viewed President Biden's potential election as disadvantageous to Russian interests and that this drove their efforts to undermine his candidacy. We have high confidence in this assessment.
+
+- Russian officials and state media frequently
+attacked President Biden for his leading role in the
+Obama administration's Ukraine policy and his
+support for the anti-Putin opposition in Russia,
+suggesting the Kremlin views him as part of a
+ref1exively anti-Russia US foreign policy
+establishment. Putin probably also considers
+President Biden more apt to echo the idea of
+American "exceptionalism," which he and other
+Kremlin leaders have often publicly criticized as
+problematic and dangerous.
+- Moscow's range ofinf1uence actors uniformly
+worked to denigrate President Biden after his
+entrance into the race. Throughout the prirnaries
+and general election campaign, Russian inf1uence
+agents repeatedly spread unsubstantiated or
+misleading claims about President Biden and his
+family's alleged wrongdoing related to Ukraine. By
+contrast, during the Democratic primaries Russian
+online inf1uence actors promoted candidates that
+Moscow viewed as outside what it perceives to be
+an anti-Russia political establishment.
+Even after the election, Russian online inf1uence
+-
+actors continued to promote na atives questioning
+the election results and disparaging President Biden
+
+## ('( [ '( :\1 A T 1 () :\1 .;\ 1, 1 N T 1: 1_1, 1 (; 1: N N 1 C 1111111111
+
+and the Democratic Party. These efforts parallel plans Moscow had in place in 2016 to discredit a potential incoming Clinton administration, but which it scrapped after former President Trump's victory.
+
+We assess Russian leaders preferred that former President Trump win reelection despite perceiving some ofhis administration's policies as anti-Russia.
+
+We have high confidence in this assessment based in part on the Kremlin's public comments about him and the consistency and volume of anti-Biden messaging we detected from Russian online inf1uence actors.
+
+As the election neared, Kremlin offi.cials took some steps to prepare for a Biden administration, probably because they believed former President Trump's prospects for re-election had diminished.
+
+- Putin- while praising former President Trump
+personally during an interview in October-noted
+that President Biden appeared willing to extend the
+New START Treaty (NST) or negotiate a new
+strategic offensive reduction treaty. The comments
+were consistent with Russian officials' view that a
+potential Biden administration would be more
+open to arms control negotiations.
+Moscow almost certainly views meddling in US
+elections as an equitable response to perceived actions by Washington and an opportunity to both undermine US global standing and influence US
+decision-making. We assess that Moscow will continue election inf1uence efforts to further its longstanding goal ofweakening Washington because the Krern1in has long deemed that a weakened United States would be less likely to pursue assertive foreign and security policies abroad and more open to geopolitical bargains with Russia.
+
+-
+Russian officials are probably willing to accept
+some risk in conducting inf1uence operations
+targeting the US- including against US
+elections- because they believe Washington
+meddles similarly in Russia and other countries
+and that such efforts are endemic to geostrategic competition.
+
+-
+Russian officials probably also assess that
+continued inf1uence operations against the United
+States pose a manageable risk to Russia's image in
+Washington because US-Russia relations are
+already extremely poor.
+
+## Iran's Infiuence Campaign Designed To Undercut Former President Trump's Reelection, Sow Discord
+
+We assess with high confidence that Iran carried out an influence campaign during the 2020 US election season intended to undercut the reelection prospects of former President Trump and to further its longstanding objectives of exacerbating divisions in the US, creating confusion, and undermining the legitimacy of US elections and institutions. We did not identify Iran engaging in any election interference activities, as defined in this assessment. Tehran's efforts were aimed at denigrating former President Trump, not actively promoting his rivals. We assess that Tehran designed its campaign to attempt to inf1uence US
+policy toward Iran, distract US leaders with domestic issues, and to amplify messages sympathetic to the Iranian regime. Iran's efforts in 2020-especially its emails to individual US voters and efforts to spread allegations ofvoter fraud- were more aggressive than in past election cycles.
+
+- We assess that Tehran's efforts to attempt to
+inf1uence the outcome of the 2020 US election and
+Iranian officials' preference that former President
+Trump not be reelected were driven in part by a
+perception that the regime faced acute threats from
+the US.
+- Iran's election inf1uence efforts were primarily
+focused on sowing discord in the United States and
+exacerbating societal tensions- including by
+creating or amplifying social media content that
+criticized former President Trump-probably
+because they believed that this advanced Iran's
+longstanding objectives and undercut the prospects for the former President's reelection without provoking retaliation.
+
+## Actors, Methods, And Operations
+
+We assess that Supreme Leader Ali Khamenei probably authorized Jran's influence campaign and that it was a whole of government effort, judging from the involvement of mu1tiple Iranian Government elements. We have high confidence in this assessment.
+
+- Iran focused its social media and propaganda on
+perceived vulnerabilities in the United States,
+including the response to the COVID-19 pandemic,
+economic recession, and civil unrest.
+During this election cycle Iran increased the volume and aggressiveness of its cyber-enabled influence efforts against the United States compared to past election influence efforts. This included efforts to send threatening e-mails to American citizens and to amplify concems about voter fraud in the election.
+
+- In a highly targeted operation, Iranian cyber actors
+sent threatening, spoofed emai1s purporting to be
+from the Proud Boys group to Democratic voters in
+multiple US states, demanding that the individuals
+change their party affiliation and vote to reelect
+former President Trump. The same actors also
+produced and disseminated a video intending to
+demonstrate alleged voter fraud.
+- Since early 2020, Iranian actors created social
+media accounts that targeted the United States and
+published over 1,000 pieces of online content on
+the United States, though US social media
+companies subsequently removed many. Tehran
+expanded the number of its inauthentic social
+media accounts to at least several thousand and
+boosted the activity of existing accounts, some of
+which dated back to 2012.
+
+## Post-Election Activity
+
+We assess that Iran continues to use influence operations in attempts to inflame domestic tensions in the US. For example, in mid-December 2020, Iranian cyber actors were almost certainly responsible for the creation of a website containing death threats against US election officials.
+
+- We assess Iran is also seeking to exploit the
+post-election environment to collect
+intelligence.
+We assess that Jranian actors did not attempt to manipuIate or attack any election infiastrocture.
+
+- In early 2020, Iranian cyber actors exploited a
+known vulnerability to compromise US entities
+associated with election infrastructure as a part of a
+broad targeting effort across multiple sectors
+worldwide. Given the breadth and number of the
+targets, we judge that Iran did not specifically
+intend to use the results of this effort as part of its
+election influence campaign.
+We assess that Jran primarily relied on cyber tools and methods to conduct its covert operations because they are low cost, deniable, scalable, and do not depend on physical access to the United States. Iranian cyber actors who focused on influence operations targeting the election adapted their activities and content based on political developments and blended cyber intrusions with online influence operations.
+
+- As part oftheir influence operations, Iranian cyber
+actors sought to exploit vulnerabilities on US
+states' election websites, as well as news website
+content management systems.
+Iranian cyber actors sent spearphishing emails to
+-
+ner senior officials and members of
+cU ent and fO
+political campaigns, almost certainly with the
+intent to gain derogatory information or accesses for follow-on operations.
+
+## China Did N Ot Attempt To Influence Presidential Election Outcome
+
+We assess that China did not deploy interference efforts and considered but did not deploy infIuence efforts intended to change the outcome of the US
+presidential eleetion. We ha ve high confidence in this judgment. China sought stability in its relationship with the United States and did not view either election outcome as being advantageous enough for China to risk blowback if caught. Beijing probably believed that its traditional influence tools, primarily targeted economic measures and lobbying key individuals and interest groups, would be sufficient to achieve its goal of shaping US policy regardless ofwho won the election. We did not identify China attempting to interfere with election infcastructure or provide funding to any candidates or parties.
+
+- The IC assesses that Chinese state media criticism
+ofthe Trump administration's policies related to
+China and its response to the COVID-19 pandemic
+remained consistent in the lead-up to the election
+and was aimed at shaping perceptions ofUS
+policies and bolstering China's global position
+rather than to affect the 2020 US election. The
+coverage of the US election, in particular, was
+limited compared to other topics measured in total
+volume of content.
+- China has long sought to influence US politics by
+shaping political and social environments to press
+US officials to support China's positions and
+perspectives. We did not, however, see these
+capabilities deployed for the purpose of shaping the
+electoraloutcome.
+
+## Beijing Probably Judged Risk Of Interference Was Not Worth The Reward
+
+We assess that Beijing's risk calculus against infIuencing the election was informed by China's preference for stability in the bilateral relationship, their probable judgment that attempting to infIuence the election could do lasting damage to US-China ties, and belief that the election of either candidate would present opportunities and challenges for China.
+
+- We judge that Chinese officials would work with
+former President Trump if he won a second term.
+Beijing since at least 2019 has stressed the need to
+improve bilateral ties after the election regardless of
+whowon.
+- In addition, China was probably concemed the
+United States would use accusations of election
+interference to scapegoat China. This may in part
+account for Beijing waiting until13 November to
+congratulate President Biden.
+
+## We Assess That Beijing Also Believes There Is A Bipartisan Consensus Against China In The United States That Leaves No Prospect For A Pro-China Administration Regardless Of The Election Outcome.
+
+China probably expected that relations would suffer under a second term for former President Trump because he and his administration would press for further economic decoupling and challenge China's rise. It probably also believed that China in this scenario could increase its intemational clout because it perceived that some ofthe Trump administration's policies would alienate US partners.
+
+- Beijing probably expected that President Biden
+would be more predictable and eager to initially
+deescalate bilateral tensions but would pose a
+greater challenge over the long run because he
+would be more successful in mobilizing a global
+alliance against China and criticizing China's
+human rights record.
+- Beijing probably judged that Russia's efforts to
+interfere in the 2016 election significantly damaged
+Moscow's position and relationship with the
+United States and may have worried that
+Washington would uncover a Chinese attempt to
+
+## :'-I :\Ti(-)~ .;\I . 1:'-I "R[Ii. I(;[:--.I(' [ ( ' ()Tin(' Ii. N 1 C 1111111111
+
+deploy similar measures to influence or interfere in the election and punish Beijing.
+
+## Beijing Probably Continued To Collect Intelligence On Election-Related Targets And Topics
+
+China probably a1so continued longstanding efforts to gather information on US voters and public opinion;
+political parties, candidates and their staffs; and senior govemment officials. We assess Beijing probably sought to use this infounation to predict electoral outcomes and to infoun its efforts to influence US policy toward China under either election outcome, as it has during all election cycles since at least 2008 and considers an acceptable tool of statecraft.
+
+- We assess Beijing did not interfere with electjon
+infrastructure, including vote tabulation or the
+transmission of election results.
+
+## Minority View
+
+The National Intelligence Officer for Cyber assesses that China took at least some steps to undeunine founer President Trump's reelection chances, primarily through social media and official public statements and media. The NIO agrees with the IC's view that Beijing was primarily focused on countering anti-China policies, but assesses that some of Beijing's influence efforts were intended to at least indirectly affect US candidates, political processes, and voter preferences, meeting the defmition for election influence used in this report.
+
+The NIO agrees that we have no infounation suggesting China tried to interfere with election processes. The NIO has moderate confidence in these judgments.
+
+This view differs from the IC assessment because it gives more weight to indications that Beijing prefeued founer President Trump's defeat and the election of a more predictable member ofthe establishment instead, and that Beijing implemented some-and later increased-its election influence efforts, especially over the summer of 2020. The NIO assesses these indications are more persuasive than other information indicating that China decided not to intervene. The NIO further assesses that Beijing calibrated its influence efforts to avoid blowback.
+
+## Other Actors
+
+A range of additional foreign actors took some steps to attempt to influence the election. In general, we assess that they were smaller in scale than those conducted by Russia and Iran.
+
+We assess that Hizballah Secretary General Hassan Nasrallah supported efforts to undermine former President Trump in the 2020 US election. N asrallah probably saw this as a low-cost means to mitigate the risk of a regional conflict while Lebanon faces political, fmancial, and public health crises.
+
+We assess Cuba sought to undermine former President Trump's electoral prospects by pushing anti-
+Republican and pro-Democrat narratives to the Latin American community. Cuban intelligence probably conducted some low-level activities in support ofthis effort.
+
+The Venezuelan regime of Nicolas Maduro had an adversarial relationship with the Trump administration and we assess that Maduro had the intent, though probably not the capability, to try to inf1uence public opinion in the US against the former President. We have no information suggesting that the cuuent or former Venezuelan regimes were involved in attempts to compromise US election infrastructure.
+
+## Foreign Cybercriminais Dismpted Some Election Preparation (' [ ( ' ()Ti .I\L In Ci"I:I_I.I(;I: ~ ~ Io ";\"~ N 1 C 1111111111
+
+Profit-motivated cybercriminals dismpted election preparations in some US states with ransomware attacks intended to generate profit. We have no indications that these actors sought to use these attacks to alter election functions or data, nor do we have indications that they were acting on behalf of any govemment.
+
+- For example, in late October, probably foreign
+ransomware actors demanded payment from a
+New York county after encrypting 300 computers
+and 22 servers on the network with Ragnarok
+malware that prevented it from connecting to a
+statewide voter registration system. County
+officials directed voters who had applied via email
+for an absentee ballot to call and verify their ballot
+application had been received and processed.
+- We do not know whether cybercriminals
+specifically targeted election"related networks with
+profit-making schemes or whether their activity
+reflected a general targeting of state and local
+govemment networks that also happen to host
+election-related processes.
+- We assess foreign cybercrirninals probably did not
+work to interfere or influence the US elections on
+behalf of or at the direction of a nation state. We
+have low confidence in this assessment. We assess
+that some cybercrime groups probably operate with
+at least the tacit approval oftheir nation state hosts.
+
+## F Oreign Hacktivists
+
+The IC tracked a handful ofunsuccessful hacktivist attempts to influence or interfere in the 2020 US
+elections.
+
+- In November, hackers promoting Turkish
+nationalist themes breached and defaced a website
+previously established for a candidate in the US
+presidential campaign, according to US
+cybersecurity press.
+- In October, a hacker briefly defaced a presidential
+campaign website after gaining access probably
+using administrative credentials.
+
+## Estimative Langoage
+
+Estimative language consists oftwo elements: judgment about the likelihood of developments or events occuuing and levels of confidence in the sources and analytic reasoning supporting the judgments. Judgments are not intended to imply that we have proofthat shows something to be a fact. Assessments are based on collected information, which is often incomplete or fragmentary, as well as logic, argumentation ,and precedents.
+
+## Judgments Of Likelihood
+
+The chart below approximates how judgments oflikelihood couelate with percentages. Unless otherwise stated, the Intelligence Community's judgments are not derived via statistical analysis. Phrases such as "we judge" and
+"we assess"-and terms such as "probably" and "likely"---convey analytical assessments.
+
+## Our Judgments I Confidence
+
+Confidence levels provide assessments oftimeliness, consistency, and extent ofintelligence and open source reporting that supports judgements. They also take into account the analytic argumentation, the depth of relevant expertise, the degree to which assumptions underlie analysis, and the scope of information gaps.
+
+## We Ascribe High, Moderate, Or Low Confidence To Assessments:
+
+-
+High **confidence** generally indicates that judgments are based on sound analytic argumentation and highquality consistent reporting from multiple sources, including clandestinely obtained documents, clandestine
+and open source reporting, and in-depth expertise; it also indicates that we have few intelligence gaps, have
+few assumptions underlying the analytic line, have found potential for deception to be low, and have
+examined long-standing analytic judgements held by the IC and considered altematives. For most intelligence
+topics, it will not be appropriate to claim high confidence for judgements that forecast out a number ofyears.
+High confidence in a judgment does not imply that the assessment is a fact or a certainty; such judgments
+might be wrong even though we have a higher degree of certainty that they are accurate.
+-
+Moderate confidence generally means that the information is credibly sourced and plausible but not of
+sufficient quality or couoborated sufficiently to wauant a higher level of confidence. There may, for example,
+be information that cuts in a different direction. We have in-depth expertise on the topic, but we may
+acknowledge assumptions that underlie our analysis and some information gaps; there may be minor analytic
+differences within the IC, as well as moderate potential for deception.
+-
+Low **confidence** general1y means that the information's credibility and/ or plausibility is uncertain; that the
+inforation is fragmented, dated, or poorly couoborated; or that reliabi1ity of the sources is questionable. There
+may be analytic differences within the IC, several significant infounation gaps,high potential for deception or
+numerous assumptions that must be made to draw analytic conclusions. In the case oflow confidence, we are
+forced to use cuuent data to project out in time, making a higher level of confidence impossible.

markdown/misc/eu-nsa.md

@@ -0,0 +1,619 @@
+# Directorate General For Internal Policies Policy Department C: Citizens' Rights And Constitutional Affairs
+
+# The Us National Security Agency (Nsa) Surveillance Programmes (Prism) And Foreign Intelligence Surveillance Act (Fisa) Activities And Their Impact On Eu Citizens' Fundamental Rights
+
+## Note
+
+Abstract In light of the recent PRISM-related revelations, this briefing note analyzes the impact of US surveillance programmes on European citizens' rights. The note explores the scope of surveillance that can be carried out under the US FISA Amendment Act 2008, and related practices of the US authorities which have very strong implications for EU data sovereignty and the protection of European citizens'
+rights.
+
+AUTHOR(S) Mr Caspar BOWDEN (Independent Privacy Researcher) Introduction by Prof. Didier BIGO (King's College London / Director of the *Centre d'Etudes sur les Conflits, Liberte et Securite* - CCLS, Paris, France). Copy-Editing: Dr. Amandine SCHERRER (*Centre d'Etudes sur les Conflits, Liberte et Securite* - CCLS, Paris, France) Bibliographical assistance : Wendy Grossman RESPONSIBLE ADMINISTRATOR Mr Alessandro DAVOLI Policy Department Citizens' Rights and Constitutional Affairs European Parliament B-1047 Brussels E-mail: poldep-citizens@europarl.europa.eu LINGUISTIC VERSIONS Original: EN ABOUT THE EDITOR To contact the Policy Department or to subscribe to its monthly newsletter please write to:
+poldep-citizens@europarl.europa.eu Manuscript completed in MMMM 200X. Brussels,  European Parliament, 200X.
+
+This document is available on the Internet at:
+http://www.europarl.europa.eu/studies DISCLAIMER The opinions expressed in this document are the sole responsibility of the author and do not necessarily represent the official position of the European Parliament. Reproduction and translation for non-commercial purposes are authorized, provided the source is acknowledged and the publisher is given prior notice and sent a copy.
+
+for
+
+
+| LIST OF ABBREVIATIONS                                                    |   5  |
+|--------------------------------------------------------------------------|------|
+| EXECUTIVE SUMMARY                                                        |   7  |
+| Introduction                                                             |   8  |
+| 1. Historical background of US surveillance                              |  11  |
+| 1.1 World War II and the origins of the UKUSA treaties                   |  11  |
+| 1.2 ECHELON: the UKUSA communications surveillance nexus                 |  12  |
+| 1.3 1975-1978: Watergate and the Church Committee                        |  13  |
+| 1.4 The post-9/11 context: extension of intelligence powers              |  13  |
+| 1.5 Edward Snowden's revelations and PRISM                               |  14  |
+| 1.5.1 "Upstream"                                                         |  15  |
+| 1.5.2 XKeyscore                                                          |  15  |
+| 1.5.3 BULLRUN                                                            |  16  |
+| 2. NSA programmes and related legislation: controversies, gaps and       |      |
+| loopholes and implications for eu citIzens                               |  17  |
+| 2.1 Legal gaps and uncertainties of US privacy law: implications for US  |      |
+| citizens and residents                                                   |  17  |
+| 2.1.1 The Third Party Doctrine and limitations to the Fourth             |      |
+| Amendment                                                                |  17  |
+| 2.1.2 CDRs and the 'Relevance Test'                                      |  18  |
+| 2.1.3 'Direct Access' to data-centres granted for surveillance           |      |
+| purposes?                                                                |  19  |
+| 2.1.4 Intelligence Agencies' 'Black Budget': scale and costs of US       |      |
+| capabilities                                                             |  20  |
+| 2.2 Situation of non-US citizens and residents (non 'USPERs')            |  20  |
+| 2.2.1 The political definitions of 'foreign information intelligence' 20 |      |
+| 2.2.2 Specific powers over communications of non-US persons              |  21  |
+| 2.2.3 The Fourth Amendment does not apply to non-USPERs outside          |      |
+| the US                                                                   |  21  |
+| 2.2.4 Cloud computing risks for non-US persons                           |  22  |
+| 2.2.5 There are no privacy rights recognised by US authorities for       |      |
+| non-US persons under FISA                                                |  24  |
+| 2.3 Data export: false solutions and insufficient safeguards             |  25  |
+| 2.3.1 Safe Harbour,BCRs for processors and Cloud Computing               |  25  |
+| 2.3.2 ModelContracts                                                     |  27  |
+| 3. Strategic options and recommendations for the European parliament 29  |      |
+| 3.1 Reducing exposure and growing a European Cloud    |   29  |
+|-------------------------------------------------------|-------|
+| 3.2 Reinstating 'Article 42'                          |   29  |
+| 3.3 Whistle-Blowers' Protection and Incentives        |   31  |
+| 3.4 Institutional Reform                              |   31  |
+| 3.5 Data Protection Authorities and Governance        |   31  |
+| Conclusion                                            |   33  |
+| References                                            |   35  |
+|                                                       |       |
+|                                                       |       |
+|                                                       |       |
+
+## List Of Abbreviations
+
+
+ ACLU
+American Civil Liberties Union
+AUMF Authorization to Use Military Force
+CIA Central Intelligence Agency
+CNIL Comite National pour l'Informatique et les Libertes
+DPAs Data Protection Authorities
+EDPS European Data Protection Supervisor
+ENISA European Network and Information Security Agency
+FAA Foreign Intelligence Surveillance Amendment Act (2008)
+FBI Federal Bureau of Investigation
+
+## Five Eyes Uk, Us, Canada, Australia, New Zealand: Sharing Intelligence Under Ukusa
+
+FISA Foreign Intelligence Surveillance Act (1978)
+FISC Foreign Intelligence Surveillance Court
+FISCR Foreign Intelligence Surveillance Court of Review
+NSA National Security Agency
+PAA Protect America Act (2007)
+SHA EU-US Safe Harbour Agreement (2000)
+TIA Total Information Awareness
+WP29
+Article 29 Data Protection Working Party
+
+
+## Executive Summary
+
+This Briefing note provides the LIBE Committee with background and contextual information on PRISM/FISA/NSA activities and US surveillance programmes, and their specific impact on EU citizens' fundamental rights, including privacy and data protection.
+
+Prior to the PRISM scandal, European media underestimated this aspect, apparently oblivious to the fact that the surveillance activity was primarily directed at the rest-of-theworld, and was not targeted at US citizens. The note argues that the scope of surveillance under the *Foreign Intelligence Surveillance Act of 1978 Amendments Act of 2008* (FAA) has very strong implications on EU data sovereignty and the protection of its citizens' rights.
+
+The first section provides **a historical account of US surveillance programmes**, showing that the US authorities have continuously disregarded the human right to privacy of non-Americans. The analysis of various surveillance programmes (Echelon, PRISM) and US national security legislation (FISA, PATRIOT and FAA) clearly indicates that surveillance activities by the US authorities are conducted without taking into account the rights of non- US citizens and residents. In particular, the scope of FAA creates a power of masssurveillance specifically targeted at the data of non-US persons located outside the US, including data processed by 'Cloud computing', which eludes EU Data Protection regulation.
+
+The second section gives an overview of the main legal gaps, loopholes and controversies of these programmes and their differing consequences for the rights of American and EU citizens. The section unravels the legal provisions governing US surveillance programmes and further uncertainties in their application, such as:
+
+-
+serious limitations to the Fourth Amendment for US citizens
+-
+specific powers over communications and personal data of "non-US persons";
+-
+absence of any cognizable privacy rights for "non-US persons" under FISA
+ The section also shows that the accelerating and already widespread use of Cloud computing further undermines  data protection for EU citizens, and that a review of some of the existing and proposed mechanisms that have been put in place to protect EU citizens' rights after data export, actually function as loopholes. Finally, **some strategic options for the European Parliament are developed**, and related recommendations are suggested in order to improve future EU regulation and to provide effective safeguards for protection for EU citizens' rights.
+
+
+
+## Introduction Background
+
+This Briefing note aims at providing the LIBE Committee with background and contextual information on PRISM/FISA/NSA activities and US surveillance programmes and their impact on EU citizens' fundamental rights, including privacy and data protection.
+On June 5th the *Washington Post* and *The Guardian* published a secret order made under s.215 of the PATRIOT Act requiring the Verizon telephone company to give the NSA details of all US domestic and international phone calls, and "on an ongoing basis". On June 6th the two newspapers revealed the existence of an NSA programme codenamed PRISM that accessed data from leading brands of US Internet companies. By the end of the day a statement from Adm. Clapper (Director of NSA) officially acknowledged the PRISM
+programme and that it relied on powers under the FISA Amendment 2008 s.1881a/702
+(FAA). On June 9th Edward Snowden voluntarily disclosed his identity and a film interview with him was released. In the European Parliament resolution of 4 July 2013 on the US National Security Agency surveillance programme, MEPs expressed serious concern over PRISM and other surveillance programmes and strongly condemned spying on EU official representatives and called on the US authorities to provide them with full information on these allegations without further delay. Inquiries by the Commission1, Art.29 Working Party2, and a few MS
+Parliaments are also in progress.
+
+## The Problem Of Transnational Mass Surveillance And Democracy3
+
+Snowden's revelations about PRISM show that Cyber mass surveillance at the transnational level induces systemic breaches of fundamental rights. These breaches lead us to question the scale of transnational mass surveillance and its implications for our democracies.
+"Our government in its very nature, and our open society in all its instinct, under the Constitution and the Bill of Rights automatically outlaws intelligence organizations of the kind that have developed in police states" (Allen Dulles, 1963)4
+
+"There's been spying for years, there's been surveillance for years, and so forth, I'm not going to pass judgement on that, it's the nature of our society"
+(Eric Schmidt, Executive chairman of Google, 2013). These two quotations are distinct in time by 50 years. They differ in the answers but address the same central question: how far can democratic societies continue to exist in their very nature, if intelligence activities include massive surveillance of populations? For Eric Schmidt and according to most of the media reports in the world, the nature of society has changed. Technologies of telecommunication, including mobile phones, Internet, satellites and more generally all data which can be digitalised and integrated into platforms, have given the possibilities of gathering unprecedented amount of data, to keep them, to organise them, to search them. If the technologies exist, then they have to be used: "it is not possible to go against the flow". Therefore it is not a surprise to discover that programmes run by intelligence services use these techniques at their maximum possibilities and in secrecy. The assumption is that if everyone else with these technical capabilities uses them, then we should too. If not, it would be naivety or even worse: a defeat endangering the national security of a country by letting another country benefit from the possibilities opened by these technologies. However, should we have to live with this extension of espionage to massive surveillance of populations and accept it as "a fact"? Fortunately, totalitarian regimes have more or less disappeared before the full development of theses capacities. Today, in democratic regimes, when these technologies are used, they are limited on purpose and are mainly centred on antiterrorism collaboration, in order to prevent attempts of attacks. According to Intelligence Services worldwide, these technologies are not endangering civil liberties; they are the best way to protect the citizen from global terrorism. Intelligence services screen suspicious behaviours and exchange of information occurs at the international level. Only
+"real suspects" are, in principle, under surveillance. From this perspective, far from being a
+"shame", the revelations of programmes like PRISM could be seen as a proof of a good level of collaboration, which has eventually to be enhanced in the future against numerous forms of violence. In front of this "recital" given by the most important authorities of the different intelligence services and the antiterrorists agencies in the US, in the UK, in France, and at the EU level, it is critical to discuss the supposedly new nature of our societies. The impact of technological transformations in democratic societies, how to use these technologies as resources for both information exchange and competition over information (a key element of a globalised world), what are the rights of the different governments in processing them: these are the core questions. As stated by Allen Dulles above, justifications given by intelligence services work in favour of a police state and against the very nature of an open society living in democratic regimes. Proponents of an open society insist that, against the previous trend, technologies ought not to drive human actions; they have to be used in reasonable ways and under the Rule of Law. The mass scaling has to be contained. Constitutional provisions have to be applied, and the presumption of innocence is applicable for all human beings (not only citizens). If suspicions exist, they have to be related to certain forms of crime, and not marginal behaviours or life styles. Hence, what is at stake here is not the mechanisms by which antiterrorism laws and activities have to be regulated at the transatlantic level, even if it is a subset of the question. It is even not the question of espionage activities between different governments. It is the question of the nature, the scale, and the depth of surveillance that can be tolerated in and between democracies. The Snowden's revelations highlight numerous breaches of fundamental rights. This affects in priority all the persons whose data have been extracted via surveillance of communications, digital cables or cloud computing technologies, as soon as they are under a category of suspicion, or of some interest for foreign intelligence purposes. However, all these persons are not protected in the same way, especially if they are not US citizens. The EU citizen is therefore particularly fragile in this configuration connecting US intelligence services, private companies that provide services at the global level and the ownership they can exercise over their data. It is clear that if EU citizens do not have the same level of protections as the US citizens, because of the practices of the US intelligence services and the lack of effective protections, they will become the first victims of these systems. Freedom of thought, opinion, expression and of the press are cardinal values that have to be preserved. Any citizen of the EU has the right to have a private life, i.e, a life which is not fully under the surveillance of any state apparatus. The investigative eyes of any government have to be strongly reminded of distinctions between private and public activities, between what is a crime and what is simply a different lifestyle. By gathering massive data on life-styles in order to elaborate patterns and profiles concerning political attitudes and economic choices, PRISM seems to have allowed an unprecedented scale and depth in intelligence gathering, which goes beyond counterterrorism and beyond espionage activities carried out by liberal regimes in the past. This may lead towards an illegal form of Total Information Awareness where data of millions of people are subject to collection and manipulation by the NSA. This note wants to assess this question of the craft of intelligence and its necessary limits in democracy and between them. As we will see, through the documents delivered by Snowden, the scale of the PRISM programme is global; its depth reaches the digital data of large groups of populations and breaches the fundamental rights of large groups of populations, especially EU citizens. The EU institutions have therefore the right and duty to examine this emergence of cyber mass-surveillance and how it affects the fundamental rights of the EU citizen abroad and at home.
+
+## Privacy Governance: Eu/Us Competing Models
+
+A careful analysis of US privacy laws compared to the EU Data Protection framework shows that the former allows few practical options for the individual to live their lives with selfdetermination over their personal data. However a core effect of Data Protection law is that if data is copied from one computer to another, then providing the right legal conditions for transfer exist, the individual cannot object on the grounds that their privacy risk increases through every such proliferation of "their" data5. This holds true if the data is copied onto a thousand machines in one organization, or spread onward to a thousand organisations, or to a different legal regime in a Third Country. The individual cannot stop this once they lose possession of their data, whereas for example if the data was "intellectual property", then a license to reproduce the data would be necessary by permission. We are all the authors of our lives, and it seems increasingly anomalous that Internet companies lay claim to property rights in the patterns of data minutely recording our thoughts and behaviour, yet ask the people who produce this data to sacrifice their autonomy and take privacy on trust. The EU Data Protection framework in theory is categorically better than the US for privacy, but in practice it is hard to find any real-world Internet services that implement DP principles by design, conveniently and securely. Privacy governance around the world has evolved around two competing models. Europe made some rights of individuals inalienable and assigned responsibilities to Data Controller organizations, whereas in the United States companies inserted waivers of rights into Terms and Conditions6 contracts allowing exploitation of data in exhaustive ways (known as the 'Notice-and-Choice" principle). The PRISM crisis arose directly from the emerging dominance over the last decade of "free" services operated from remote warehouses full of computer servers, by companies predominantly based in US jurisdiction, that has become known as Cloud computing. To explain this relationship we must explore details of the US framework of national security law.
+
+## Scope And Structure
+
+It is striking that since the first reports of "warrantless wiretapping" in the last decade, and until quite recently in the PRISM-related revelations, European media have covered US surveillance controversies as if these were purely parochial arguments about US civil
+
+liberties, apparently oblivious that the surveillance activity was directed at the rest-ofthe-world. This note aims to document this under-appreciated aspect. It will show that the scope of surveillance conducted under a change in the FISA law in 2008 extended its scope beyond interception of communications to include any data in public cloud computing as well. This has very strong implications for the EU's continued sovereignty over data and the protection of its citizens' rights. The aim is here to provide a guide to how surveillance of Internet communications by the US government developed, and how this affects the human right to privacy, integrating historical, technical, and policy analysis from the perspective of the individual EU citizen7. The Note will therefore cover the following:
+
+
+-
+(I) An account of US foreign surveillance history and current known state
+-
+(II) An overview of the main legal controversies both in US terms, and the effects and consequences for EU citizens' rights
+-
+(III) Strategic options for the European Parliament and recommendations
+
+
+
+HISTORICAL BACKGROUND OF US SURVEILLANCE
+
+## Key Findings
+
+ A historical account of US various surveillance programmes (precursors to Echelon,
+PRISM, etc.) and US legislation in the field of surveillance (FISA and FAA) shows that the US has continuously disregarded the fundamental rights of non-US citizens.
+ In Particular, the scope of FAA coupled with expressly 'political' definitions of what
+constitutes
+'foreign
+intelligence
+information'
+creates
+a
+power
+of
+masssurveillance specifically targeted at the data of non-US persons located outside the US, which eludes effective control by current and proposed EU Data
+Protection regulation.
+
+A historical account of US surveillance programmes provides the context for their interpretation as the latest phase of a system of US exceptionalism, with origins in World War II. These programmes constitute the greatest contemporary challenge to data protection, because they incorporated arbitrary discriminatory standards of treatment strictly according to nationality and geopolitical alliances, which are secret and incompatible with the rule of law under EU structures.
+
+## 1.1. **World War Ii And The Origins Of The Ukusa Treaties**
+
+In the 1970s there were the first disclosures of the extent of Allied success in WWII cryptanalysis. The world discovered the secret history of Bletchley Park (aka Station X), Churchill's signals intelligence headquarters. The story of post-war secret intelligence
+
+partnerships at the international level is intertwined with the personal trajectory of Alan Turing, a great mathematician and co-founder of computer science, who was critical to the effort to design automated machines which could feasibly solve ciphers generated by machine, such as Enigma (used for many Nazi Germany communications). Alan Turing travelled to the US in 1942 to supervise US Navy mass-production of the decryption machines (called 'bombes') for the Atlantic war, and to review work on a new scrambler telephone at Bell Laboratories to be used for communications between Heads of Government. Unfortunately Turing was not equipped with any letters of authority, so he was detained by US immigration as suspicious until rescued by UK officials in New York. What was initially supposed to be a two-week trip turned into months, as no precedent existed to grant even a foreign ally security clearance to the laboratories he was supposed to visit. There followed several months of fraught UK diplomacy and turf wars between the US Navy and Army, since the latter had no "need-to-know" about Ultra (the name given to intelligence produced from decryption at Bletchley). The UK wanted as few people as possible in on the secret, and the disharmony thus experienced inside the US military security hierarchies became known as "the Turing Affair". These were the origins of the post-war secret intelligence partnership between the US and UK as "first" parties, Canada/Australia/New Zealand as second parties, and other nations with lesser access as third parties. The treaty is named UKUSA, and we know the details above about its genesis because in 2010 the US National Security Agency declassified the unredacted text of UKUSA treaties8 up until the 1950s with related correspondence (the current text is secret). GCHQ9 did not declassify much in comparison, although the occasion was billed as joint exercise. The purpose of the UKUSA treaties was to establish defined areas of technical cooperation and avoid conflicts. However, no general "no spy" clause appears in the versions published up until the 1950s, but expressions of amity comparable to public treaties. It is not known whether any comprehensive secret "no spy" agreement exists today between the UK and US, and neither has ever given legislative or executive comment on the matter.
+
+## 1.2. Echelon: The Ukusa Communications Surveillance Nexus
+
+From the founding of the US National Security Agency (NSA) in 1952 throughout the Cold War, both the UK and US vastly expanded their signal intelligence capacities, collecting from undersea cables at landing points10, satellites intercepting terrestrial microwave relays, and arrays of antennae usually sited in military bases and embassies. The evolution and nature of these capabilities were documented from open source research in two reports11 to the European institutions culminating in the Parliament's inquiry into ECHELON
+in 2000. ECHELON was in fact a codeword for one particular surveillance system, but became in common usage a synecdoche for the entire UKUSA communications surveillance nexus. The last meeting the EP inquiry committee was on September 10, 2001. The Committee recommended to the European Parliament that citizens of EU member states use cryptography in their communications to protect their privacy, because economic espionage with ECHELON had obviously been conducted by the US intelligence agencies.
+
+## 1.3. **1975-1978: Watergate And The Church Committee**
+
+After the US was convulsed by the Watergate scandal culminating in the resignation of Richard Nixon, Senator Frank Church led a Congressional committee of inquiry into abuses of power by law-enforcement and intelligence agencies which had conducted illegal domestic wire-tapping of political and civic leaders under presidential authority, and contrary to the Fourth Amendment of the US constitution which protects privacy against unreasonable searches without a particular warrant, issued on "probable cause" (meaning evidence of a 50% likelihood of criminality).
+
+The Church inquiry reported on the question of whether the Fourth Amendment restricts the mass-trawling and collection of international communications, which they discovered had been secretly conducted since the 1940s on telegrams12. The inquiry canvassed that inadvertent collection of Americans' data transmitted internationally was tolerable, if procedures were made for "minimization" of erroneous unwarranted access (and mistakes not used prejudicially against Americans). This idea was codified into the first **Foreign Intelligence Surveillance Act of 1978** (FISA), which regulated the interception of international (and domestic) "foreign intelligence information" from telecommunications carriers. Collection of data by any nation from outside its territory is literally lawless and not restricted by any explicit international agreements.
+
+## 1.4. The Post-9/11 Context: Extension Of Intelligence Powers
+
+After the terrorist attacks of September 9/11, privacy and data protection has been deeply challenged by exceptional measures taken in the name of security and the fight against terrorism. The USA PATRIOT Act of 2001 was voted by the US Congress on October 26, 2001, and its primary effect was to greatly extend law enforcement agencies' powers for gathering domestic intelligence inside the US. The revised Foreign Intelligence Surveillance Amendment Act of 2008 (FAA)13 created a power of mass-surveillance specifically targeted at the data of non-US persons located outside the US. These aspects and their implications for EU citizens will be analysed in the following section (Section 2). Numerous new surveillance programmes and modalities were further suggested to President Bush by NSA Director Gen. Hayden, without explicit authorization under statute, and approval was nevertheless given. Those programmes were retroactively deemed lawful in secret memoranda prepared by a relatively junior legal14 official, under the Authorisation to Use Military Force (AUMF) for the war in Afghanistan and associated War on Terror operations. Amongst these programmes was one codenamed *Stellar Wind* which involved placing fibreoptic cable "splitters" in major Internet switching centres, and triaging the enormous volumes of traffic in real-time with a small high-performance scanning computer (known as a deep-packet inspection box), which would send data filtered by this means back to the NSA. An AT&T technical supervisor in the San Francisco office was asked to assist in constructing such a facility ("Room 641A") and was concerned that this activity manifestly broke US Constitutional protections, because the cable carried domestic as well as international traffic. He took his story with documentation to the *New York Times*, which did not publish15 the story for a year, until 2005 after the re-election of President Bush.
+Other whistle-blowers from the NSA, CIA and FBI emerged with tales of illegal masssurveillance via mobile phones, the Internet and satellites, and even revealed that phone calls of Barack Obama16 (he was then Senator) and Supreme Court judges had been tapped. The controversy was exacerbated because two years before, a former National Security Adviser17 had proposed a research programme for *Total Information Awareness* -
+T.I.A., a massive system of surveillance of all digital data, processed with advanced artificial intelligence algorithms to detect terrorist plots. Immediate adverse media commentary prompted the US Congress to de-fund research into T.I.A., but rumours persisted that it had been absorbed into an intelligence "black budget". When the "warrantless wiretapping" allegations surfaced in a series of press reports from The New York Times, The *Los Angeles Times*, and The *Wall Street Journal*, the resonance with the supposedly cancelled T.I.A project intensified the level of public unease.
+
+## 1.5. **Edward Snowden's Revelations And Prism**
+
+On June 5th *The Washington Post* and *The Guardian* published a secret order made under s.215 of the PATRIOT Act requiring the Verizon telephone company to give the NSA details of all US domestic and international phone calls, and "on an ongoing basis".  On June 6th the two newspapers revealed the existence of an NSA programme codenamed PRISM, which accessed data from leading brands of US Internet companies. By the end of the day a statement from Adm.Clapper (Director of NSA) officially acknowledged the PRISM programme and that it relied on powers under the FISA Amendment 2008 s.1881a/702. On June 9th Edward Snowden voluntarily disclosed his identity and a film interview with him was released. The primary publication was in three newspapers: The Guardian, *The Washington Post*, and Der Spiegel. Four journalists have played a central role in obtaining, analysing and interpreting this material for the public: Barton Gellman, Laura Poitras, Jacob Appelbaum and Glenn Greenwald. They were joined by *The Guardian* (US edition), the *New York Times* in conjunction with *ProPublica* after the UK government insisted on destruction of The Guardian's copy of the Snowden material in their London offices, under the supervision of GCHQ18.
+
+What can be referred to as the 'PRISM scandal' revealed a number of surveillance programmes, including:
+
+## 1.5.1 "Upstream"
+
+The slides published from the Snowden material feature references to "Upstream" collection programmes by the NSA adumbrated by various codewords. Data is copied from both public and private networks to the NSA from international fibre-optic cables at landing points, and from central exchanges which switch Internet traffic between the major carriers, through agreements negotiated with (or legal orders served on) the operating companies (and probably also by intercepting cables on the seabed19 when necessary).
+
+## 1.5.2 Xkeyscore
+
+The XKeyscore system was described in slides20 (dated 200821) published by *The Guardian* on the 31st of July. It is an "exploitation system/analytic framework", which enables searching a "3 day rolling buffer" of "full take" data stored at 150 global sites on 700
+database servers. The system integrates data collected22 from US embassy sites, foreign satellite and microwave transmissions (i.e. the system formerly known as ECHELON), and the "upstream" sources above. The system indexes e-mail addresses, file names, IP addresses and port numbers, cookies, webmail and chat usernames and buddylists, phone numbers, and metadata from web browsing sessions (including words typed into search engines and locations visited on Google Maps). The distinctive advantage of the system is that it enables an analyst to discover "strong selectors" (search parameters which identify or can be used to extract data precisely about a target), and to look for "anomalous events" such as someone "using encryption" or "searching for suspicious stuff". The analyst can use the result of these index searches to "simply pull content from the site as required". This system of unified search allows retrospective trawling through 3 days (as of 2008) of a much greater volume of data than is feasible to copy back to the NSA. The system can also do "Persona Session Collection" which means that an "anomalous event" potentially characteristic of a particular target can be used to trigger automatic collection of associated data, without knowledge of a "strong selector". It is also possible to find "all the exploitable machines in country X" by matching the fingerprints of configurations which show up in the data streams captured, with NSA's database of known software vulnerabilities. The slides also say it is possible to find all Excel spreadsheets "with MAC addresses coming out of Iraq"23.
+Slide 17 is remarkable because it contained the first intimations of systemic compromise of encryption systems24 (see BULLRUN below).
+
+## 1.5.3 Bullrun
+
+BULLRUN25 is the codename for a NSA programme for the last decade for an "aggressive multi-pronged effort to break into widely used encryption technologies", revealed in a joint Guardian26/*New York Times* story on September 1st. This programme has caused the greatest shock amongst the Internet technical security community of all the Snowden material so far, and frantic efforts are underway worldwide to assess which systems might be vulnerable, and to upgrade or change keys, ciphers and systems, not least because adversaries in hostile countries will now be trying to discover any backdoor mechanisms previously only known by the NSA. The programme budget is $250m per annum, and may use some of the following methods: collaboration with vendors of IT security products and software, mathematical cryptanalysis and "side-channel" attacks, forging of public-key certificates, infiltrating and influencing technical bodies towards adopting insecure standards, and likely use of coercive legal orders to compel introduction of "backdoors". It is important to stress that no evidence has emerged (yet) that the fundamental cipher algorithms in common use have been broken mathematically, however over the past few years doubts have grown about vulnerabilities in the complex "protocols" used to set-up and ensure compatibility amongst the software in common use. FISA 702 may require a service provider to "immediately provide the government with all information, facilities, or assistance necessary to accomplish the acquisition" of foreign intelligence information, and thus on its face could compel disclosure of cryptographic keys, including the SSL keys used to secure data-in-transit by major search engines, social networks, webmail portals, and Cloud services in general. It is not yet known whether the power has been used in this way.
+
+
+
+## 2. Nsa Programmes And Related Legislation: Controversies, Gaps And Loopholes And Implications For Eu Citizens Key Findings
+
+ The complexity of inter-related US legislation pertaining to 'foreign intelligence
+information', and its interpretations by secret courts and executive legal memoranda, has led to unlawful practices affecting both US citizens and non-US citizens.
+ The consequences of this legal uncertainty, and lack of Fourth Amendment
+protection for non-US citizens, means that no privacy rights for non-Americans are recognized by the US authorities under FISA
+ The accelerating and already widespread use of Cloud Computing further
+undermines data protection for EU citizens.
+ A review of the mechanisms that have been put in place in the EU for data export to
+protect EU citizens' rights shows that they actually function as loopholes.
+
+When analysing known US surveillance programmes and related legislation from a Fundamental Rights perspective, the legal 'grey areas' fall into two categories, which constantly interact27:
+
+
+-
+a lack of legal certainty resulting in privacy invasions and other potential abuses and malpractices inside the US, through ostensibly unintended effects on American citizens and legal residents;
+-
+the intent of the US FISA (and PATRIOT) laws to acquire "foreign intelligence
+information', concerning  people who are not American citizens or legal residents.
+
+## 2.1. Legal Gaps And Uncertainties Of Us Privacy Law: Implications For Us Citizens And Residents 2.1.1 The Third Party Doctrine And Limitations To The Fourth Amendment
+
+In two US cases in 1976 and 1979 the legal doctrine was established that for personal data entrusted to, or necessary to use a service provided by, a "third party" such as a bank or telephone company, there was no reasonable expectation of privacy, and therefore no warrant was required by the Fourth Amendment, which protects privacy against unreasonable searches without a particular warrant, issued on "probable cause" (meaning evidence of a 50% likelihood of criminality). Consequently such business records as creditcard transactions, bank statements, and itemized phone bills can be obtained by law enforcement authorities through administrative procedures authorized by the law enforcement agency rather than an independent judge, and no "probable cause" has to be evidenced. This doctrine has been subject to continuous criticism throughout the development of mobile communications which track individuals' location, Internet services which record of website browsing and search-engine activity, and social networks in which merely the structure of and dynamics social interaction reveal intimate28 details of private life29.
+
+Obviously these conditions could not have been foreseen by courts in the 1970s, yet every challenge so far to overturn the doctrine has been unsuccessful. Such privacy concerns were increased by s.215 of the PATRIOT Act 2001, that attracted considerable controversy. It allows security authorities to obtain "tangible" business records from companies under a secret judicial order. Although secret non-judicial orders to obtain "non-content" data (i.e. "metadata") were already available under a procedure called  a 'National Security Letter', s.215 is applicable to any kind of "tangible" data held by a great variety of private-sector businesses. After the first revelations about the PRISM programme, Gen. Alexander (Director of the NSA) confirmed over two public hearings of Congressional intelligence review committees that the NSA collects (both domestic and international) telephone call metadata from all major carriers and maintains a database of all such calls for five years30. By the NSA's own account it uses this data for the sole purpose of deciding whether there is a "reasonable articulable suspicion" of a connection to a terrorist investigation. The database is searched for whether a candidate target telephone number is within "three hops" (i.e. when there exists a "chain" of calls sometime over a 5 year period) to a nexus of numbers previously associated with terrorism.
+
+## 2.1.2 Cdrs And The 'Relevance Test'
+
+So far, the greatest legislative controversy in the US about Snowden's revelations is not in fact about PRISM, but about the indiscriminate blanket collection of all telephone metadata (CDRs - call-detail-records), which appears to exceed the terms of the PATRIOT statute. Data can only be acquired under s.215 in the first place if it meets the standard that it must be "relevant" to an authorised investigation. The PATRIOT Act was amended in 2006
+to include the relevance standard, with the intention of limiting the collection of data31, but it appears to have been interpreted as a justification for massive data collection.
+records in the EU, beyond the 2-year maximum specified in the Data Retention Directive 2006, would be illegal under the e-Privacy 2002 Directive (and earlier 1998 "ISDN" Directive) requirement for such data to erased or made anonymous when any legitimate business purpose has expired.
+
+The rationale behind this collection is therefore questionable: how is it possible to justify collection of the entire database in the first place, on the basis of establishing that a particular suspect's number has a 3-hop connection to terrorism? As expressed succinctly by one advocate: "they were conducting suspicion-less searches to obtain the suspicion the FISA court required to conduct searches"32.
+
+Problems that emerged from FISA were left to the interpretation (in secret proceedings) of the *Foreign Intelligence Surveillance Court* (FISC and the higher Review court FISCR) whose judges are appointed solely by the Chief Justice of the Supreme Court. It appears that the FISA courts agree with the government's argument that it is common in investigations for some indefinitely large corpus of records to be considered "relevant", in order to discover the actual evidence. Some official declassifications of the secret FISC(R) Opinions are in progress, but have not so far explained this logical anomaly.
+
+## 2.1.3 'Direct Access' To Data-Centres Granted For Surveillance Purposes?
+
+The companies named in the PRISM slides issued prompt denials of "direct access" to their datacentres, mentioned in the "marketing" slides that revealed PRISM's existence. Their position was that they were simply complying with a mandatory court order, and they had never heard of the PRISM codename (which is not surprising since this was an NSA codeword for a Top Secret programme). Microsoft asserted that they only responded to requests referencing specific account identifiers, and Google and Facebook denied they had "black boxes" stationed in their networks giving "direct access". The companies are constrained by the secrecy provisions of s.702, on pain of contempt or even espionage charges33. Google and Microsoft are now suing the government for permission to publish a breakdown of the number of persons affected by FISA orders. However there is no substantive inconsistency between the carefully wordsmithed (and apparently co-ordinated34) company denials and the reports of PRISM. The phrase "direct access" was likely intended to distinguish this modality from "upstream" collection (see above), not necessarily implying a literal capability to extract data without the company's knowledge. However, such literal "direct access" is not precluded by the 702 statute, and it may be that this has already occurred with some other companies, or may in future be permitted by the FISC.
+
+A critical further development resulted from a keen observation by *The New York Times*35
+on August 8th that in the targeting procedures published on June 20th, the "selectors" used to specify the information to be accessed under 702 could include arbitrary search terms. This ought not to be surprising from a plain reading of the statute, but it emphasized that Americans' (and of course non-Americans') privacy could be implicated in arbitrary trawls through a mass of data, rather than access being confined to account identifiers judged
+50% likely to be non-American. A further story disclosed36 that at the government's request in 2011 the FISA court reversed an earlier ruling and thenceforth permitted arbitrary search terms **even if** these included targeting factors characteristic of Americans.
+
+Thus it appears that the theoretical protections, which in law existed only for Americans, have been very substantially undermined37 by successively expansive government requests to the court.
+
+## 2.1.4 **Intelligence Agencies' 'Black Budget': Scale And Costs Of Us Capabilities**
+
+On August 31st, *The Washington Post* published details from the secret ("black") budget38 of the US intelligence community, which amounted to $50bn per annum, together with a breakdown of expenditure into various categories. It was reported that the US had spent $500bn on secret intelligence since 9/11. The NSA's budget is about $10bn per annum, but it surprised commentators that the CIA's budget has rapidly grown to $15bn, exceeding that of the NSA.
+
+## 2.2. Situation Of Non-Us Citizens And Residents (Non 'Uspers')
+
+It is striking that so far in the evolution of the 'Snowden affair', domestic US political commentary has almost exclusively referred to the rights of *Americans*. This is not a rhetorical trope and is meant literally - no reciprocity ought to be assumed39 (in law or popular discourse) which extends rights further40. The rights of non-Americans have scarcely been mentioned in the US media41 or legislature. It is even more surprising that careful analysis of the FISA 702 provisions clearly indicates that there exist two different regimes of data processing and protection: one for US citizens and residents ("USPERs"), another one without any protection whatsoever for non-US citizens and residents ("non- USPERs").
+
+## 2.2.1 The Political Definitions Of 'Foreign Information Intelligence'
+
+The FISA definition of "foreign intelligence information" has been amended several times to include specific and explicit categories for e.g. money laundering, terrorism, weapons of mass-destruction, but has always included two limbs which seem almost unlimited in scope. When the terms are unwound it includes42:
+information with respect to a foreign-based political organization or foreign territory that **relates** to, and if concerning a United States person is **necessary** to the conduct of the foreign affairs of the United States. [emphasis added]
+This definition is of such generality that from the perspective of a non-American it appears any data of assistance to US foreign policy is eligible, including expressly political surveillance over ordinary lawful democratic activities.
+
+## 2.2.2 Specific Powers Over Communications Of Non-Us Persons
+
+To end the public controversy43 over "warrantless wiretapping" of Americans, the US Congress enacted44 the interim Protect America Act (PAA) in 2007, which amended FISA
+1978, and created a new power targeted at the communications of non-US persons located outside the territory of the US (i.e. the 95% of the rest-of-the-world). The most heated political difficulty was over whether telecommunications companies had broken statute law regulating the privacy of their subscribers by co-operating. Depending on the contested legitimacy of the use of the *Authorization for Use of Military Force* (AUMF) to effect surveillance, which had impinged on Americans, the companies were potentially liable for billions of dollars of damages. The telecommunications companies and the Internet service providers industry were adamant that complete civil immunity was their price for future cooperation. It is here critical to underline that this controversy was about the effects on the privacy of Americans, and that the surveillance of foreigners outside the US, through their communications routed to **or via** the US, was an assumed *fait accompli* and national prerogative45.
+
+## 2.2.3 The Fourth Amendment Does Not Apply To Non-Uspers Outside The Us
+
+The connection between the controversy over the s.215 PATRIOT Act power and the use of the FISA 702 power in the PRISM programme can now be explained. The database of 5 years of details of domestic and international calls was used to establish a counter-terrorist justification (according to the "three hops" principle). A second database was then checked of a directory the NSA maintains of telephone numbers believed to belong to Americans. If that check indicated the number was probably not that of an American, then the contents of that telephone call could be listened to with any further authorisation, under the FISA 702 law. Otherwise, if the number seemed probably that of an American, a further particular warrant for the interception would have to be obtained (under a different section of FISA), justifying the intrusion to a much higher legal standard, and with reference to the circumstances of the individual case. However a close reading of the s.215 shows that an alternative purpose (other than a connection to terrorism) is "to obtain foreign intelligence information not concerning a United States person"46. From a non-US perspective this may be an important point which has not so far featured in any of the analysis made in the US, nor is it clear how this provision would interact with the already tangled skein of contested legality. However it is a further illustration of US legislation, which discriminates between the protections afforded by the Constitution to its own citizens, and everybody else. Some remarkable interviews have been given by former NSA Director Gen. Hayden, in which he stressed that "*the Fourth Amendment* - that prohibits unreasonable searches and seizures and requires any warrant to be judicially sanctioned and supported by probable cause - *is not an international treaty*"47, and that the US enjoys a "home field advantage" of untrammelled access to foreign communications routed via US territory, or foreign data stored there.
+
+These statements sit uncomfortably with speeches and statements made by US State Department officials prior to 2012 at fora including the Council of Europe's "Octopus" conference on Cybercrime, and the annual International Conference of Privacy and Data Protection Commissioners. These statements lauded the protections afforded by the Fourth Amendment48, and since they were directed at an international audience to provide reassurance about America's respect for privacy, in retrospect they can only be construed as deceptive49. The author publicly challenged one representative in 2012 to state categorically that the Fourth Amendment applied to non-US persons (located outside the US), and they fell silent.
+
+## 2.2.4 Cloud Computing Risks For Non-Us Persons
+
+The interim Protect America Act of 2007 law mentioned above was set to expire shortly before the Presidential election of 2008, and its scope was limited to interception of telephony and Internet access providers. Candidate-in-waiting Obama gave his approval to a bipartisan agreement to put PAA and its immunities for telecommunications companies on a permanent basis with the FISA Amendment Act 2008, which was enacted in July 2008. When FAA was introduced, it contained an extra three words that apparently went unnoticed and unremarked by anyone50. By introducing "remote computing services" (a term defined in ECPA
+1986
+dealing with law enforcement access to stored
+
+communications),
+                   the
+                         scope
+                                  was
+                                         dramatically
+                                                        widened
+                                                                    from
+                                                                           Internet
+
+communications and telephony to include Cloud computing. Cloud computing can be defined in general terms as the distributed processing of data on remotely located computers accessed through the Internet. From 2007 Internet industry marketing evangelized the benefits of Cloud computing to business, governments and policy-makers, beginning with Google and then rapidly followed by Microsoft and others, becoming a new business software sector. In 2012 the LIBE Committee commissioned a briefing Note on "Fighting Cybercrime and Protecting Privacy in the Cloud" from the *Centre for European Policy Studies* (CEPS) and the *Centre d'Etudes sur les Conflits, Liberte et Securite* (CCLS), to which the author was invited to contribute51. Sections of the Note clearly asserted that Cloud computing and related US regulations presented an unprecedented threat to EU data sovereignty.
+
+The Note specifically underlined52 the following:
+
+
+(Cloud providers) cannot fulfil any of the privacy principles on which Safe Harbour is founded. This was never satisfactorily resolved by the Commission before the agreement was hastily concluded over the objections of European DPAs. As a result many US cloud providers advertise Safe Harbour certification with insupportable
+International Communications--Is It Reasonable?, Pace International Law Review Online Companion 1-1-2010.
+
+claims that this legalizes transfers of EU data into US clouds, and since 2009 several have altered their self-certification filings to claim the oxymoronic status of Safe- Harbour-as-a-Processor. The Article 29 Data Protection Working Party (WP29) have clarified that this is insufficient their recent opinion
+
+
+Cloud providers are transnational companies subject to conflicts of international public law. Which law they choose to obey will be governed by the penalties applicable and exigencies of the situation, and in practice the predominant allegiances of the company management. So far, almost all the attention on such conflicts has been focussed on the US PATRIOT Act, but there has been virtually no discussion of the implications of the US Foreign Intelligence Surveillance Amendment Act of 2008. 1881a of FAA for the first time created a power of masssurveillance specifically targeted at the data of non-US persons located outside the US, which applies to Cloud computing. Although all of the constituent definitions had
+been defined in earlier statutes, the conjunction of all of these elements was
+new.....the most significant change escaped any comment or public debate altogether. The scope of surveillance was extended beyond interception of communications, to include any data in public cloud computing as well. This change occurred merely by incorporating "remote computing services" into the definition of an "electronic communication service provider"
+
+...very strong implications on EU data sovereignty and the protection of its citizens' rights. The implications for EU Fundamental Rights flow from the definition of "foreign intelligence information", which includes information with respect to a foreign-based political organization or foreign territory that relates to the conduct of the foreign affairs of the United States. In other words, it is lawful in the US to conduct purely political surveillance on foreigners' data accessible in US Clouds. The root problem is that cloud computing breaks the forty year old legal model for international data transfers. The primary desideratum would be a comprehensive international treaty guaranteeing full reciprocity of rights, but otherwise exceptions ("derogations") can be recognized in particular circumstances providing there are safeguards appropriate to the specific situation. Cloud computing breaks the golden rule that "the exception must not become the rule". Once data is transferred into a Cloud, sovereignty is surrendered. In summary, it is hard to avoid the conclusion that the EU is not addressing properly an irrevocable loss of data sovereignty, and allowing errors made during the Safe Harbour negotiations of 2000 to be consolidated, not corrected.
+
+Particular attention should be given to US law that authorizes the surveillance of Cloud data of non-US residents. The EP should ask for further enquiries into the US FISA Amendments Act, the status of the 4th Amendment with respect to NONUSPERS, and the USA PATRIOT Act (especially s.215).
+
+The EP should consider amending the DP Regulation to require prominent warnings to individual data subjects (of vulnerability to political surveillance) before EU Cloud data is exported to US jurisdiction. No data subject should be left unaware if sensitive data about them is exposed to a 3rd country's surveillance apparatus. The existing derogations must be dis-applied for Cloud because of the systemic risk of loss of data sovereignty. The EU should open new negotiations with the US for recognition of a human right to privacy which grants Europeans equal protections in US courts.
+
+The EU needs an industrial policy for autonomous capacity in Cloud computing. The DG INFSO Communication of October 2012 is on this matter not in tune with the
+challenges analysed in this study. A target could be that by 2020, 50% of EU public services should be running on Cloud infrastructure solely under EU jurisdictional control.
+
+The study also underlined that since the SWIFT affair, an EU "High-Level Contact Group" has been conducting talks in 2011 with the US authorities on an "Umbrella" agreement intended to cover transfers of data for law enforcement purposes. So far, the US has been adamant that these will not cover access to EU data from US private parties by US
+authorities, and thus would exclude precisely the situation of Cloud computing53.
+
+
+## 2.2.5 There Are No Privacy Rights Recognised By Us Authorities For Non-Us Persons Under Fisa
+
+The acquisition of *foreign intelligence information* under the PRISM programme requires adherence to "minimization"54 and "targeting"55 procedures, which were revealed (unredacted) by *The Guardian* on 20th June. Together these provide strong evidence that there are no privacy rights for non-Americans recognized by the US authorities under PRISM and related programmes. The revealed documents are heavily tautologous and replete with bureaucratic jargon, but a close reading does not discover any acknowledgement of rights for non-Americans whatsoever. One therefore suspects that US operational practice places no limitations on exploiting or intruding a non-US person's privacy, if the broad definitions of *foreign intelligence information* are met.
+
+Moreover in a May 2012 letter to the Congress intelligence review committees56 the government states that:
+Because NSA has already made a "foreignness" determination for these selectorsin accordance with its FISC-approved targeting procedures, FBI's targeting role differs from that of NSA. FBI is not required to second-guess NSA's targeting determinations...
+The versions of the targeting procedures released are generic, but the American Civil Liberties Union (ACLU)57 obtained redacted copies of slides related to FBI staff training that referred specifically to FISAAA for counter-terrorism purposes. The letter continues:
+Once acquired, all communications are routed to NSA. NSA also can designate the communications from specified selectors acquired through PRISM collection to be "dual-routed'' to other intelligence Community elements.(emphasis added)
+This means that agencies such as the CIA, amongst others of the sixteen agencies of the US intelligence community, can receive their own streams of data to store and analyse, which the NSA has roughly filtered for a 50% likelihood of "foreignness". No reporting on documents from Snowden, or other commentary, has referred to this "dual-routing" or their mission purposes. According to the leaked "targeting procedures" (dated 2009) of FAA, an NSA database of telephone numbers and Internet identifiers58 is used to eliminate known Americans from being inadvertently targeted by s.702. Analysts may only proceed to access "content data" under the 702 power if there is more than a 50% likelihood the target is not American and located outside the US, because the Fourth Amendment was held not to apply. Otherwise a particular warrant must be applied for under a different section of FISA. This shows that the "probable cause" requirement for evidence of a 50% likelihood of criminality was converted into a 50% probability of *nationality*. This interpretation was first visible in a FISA Court of Review (FISCR) decision of 2008, released briefly in redacted form in 2010, and then apparently withdrawn from the official website (but a copy59 had been kept by a transparency NGO).
+The reasoning of FISCR was that foreign intelligence surveillance of targets reasonably believed to be outside of the US qualifies for a "special needs"
+exception60 **to the Fourth Amendment warrant requirement.** The constitutionality of that judgement is being contested in a number of lawsuits brought by US civil liberties organisations, because this "coin-flip" criterion implies many unconstitutional searches of Americans' communications.
+
+## 2.3. **Data Export: False Solutions And Insufficient Safeguards**
+
+In order to conclude this section, the author would like to draw the Parliament's attention to certain difficulties with current derogations and/or safeguards proposed as solutions to the implications for EU Citizens underlined above. This subsection aims to highlight the loopholes and gaps in several mechanisms that have been put in place for data export. In the author's view, these mechanisms should not be seen as guarantees for the protection of EU citizens' rights.
+
+## 2.3.1 Safe Harbour, Bcrs For Processors And Cloud Computing
+
+The EU/US Safe Harbour Agreement of 2000 implemented a process for US companies to comply with the EU Directive 95/46/EC on the protection of personal data. If a US company makes a declaration of adherence to the Safe Harbour Principles then an EU Controller may export data to that company (although a written contract is still required). Sometimes described as a 'simultaneous unilateral declaration', the Agreement left ambiguous whether it covered the situation of remote processing of data inside the US, on instruction from Controllers inside the EU. Especially in the case of Cloud computing, such remote processors were most unlikely to be capable of giving effect to the Safe Harbour Principles, which, the US argued, thus became void. Did the deal still apply, for unrestricted export of EU data for remote processing under essentially a self-regulatory framework? In 2000, the EU Commission over-ruled objections from civil society and some DPAs, to conclude a deal. The US negotiators in the Department of Commerce worked closely with US trade lobbies, on a series of "FAQs" for US companies to interpret the Agreement to marginalize EU privacy rights, building in loopholes on such questions as what counted as identifiable data, refusing rights of access, and avoiding any duty of finality or right-of-deletion. Safe
+
+Harbour proved so Byzantine that no EU citizen navigated the bureaucracy to lodge a complaint for many years.
+The official EU review study61 on Safe Harbour of 2004, in a slight treatment of FISA, did not parse the political non-USPER meanings of *foreign intelligence information* discussed above, and stated that "the controversial provisions of the USA PATRIOT Act are essentially irrelevant for Safe Harbour data flows". Much of the legal analysis supporting the theory that Safe Harbour applies to Cloud computing can be traced to the work of Dr. Christopher Kuner62, for many years the organizer of a Brussels lobby of privacy officers from predominantly US multinational companies, which became influential with the Commission and DPAs. Dr. Kuner also represented the International Chamber of Commerce in EU discussions over data protection, and has advised major Internet companies as clients. Kuner's textbook of Data Protection commercial law was cited in a Microsoft-sponsored study63, arguing that Safe Harbour sufficed for Cloud processing. The US recently re-iterated this view expressly64.
+
+Against this background, a working group of DPAs began discussions about 2009 with major Internet companies on a new proposed derogation which could subsume Cloud computing. This became known as *Binding Corporate Rules for data processors*. The concept was that a US (or other Third Country) Cloud service vendor could obtain a security accreditation for an entire software platform from a reputable auditor, and together with a "check-list" of organizational procedures drafted by WP2965, an EU
+Controller could then lawfully export personal data outside the EU into the foreigncontrolled Cloud. The checklist imposed (and in limited respects strengthened) similar conditions and wording to that which had already been created by the Commission for "model" clauses (see below). Perhaps in response to warnings about FISA, two months before Snowden, WP29 issued an apparently minor "clarification",  adding66 that the checklist
+"**only** creates an information process that does not legitimate transfers per se. In the case of a conflict of laws, one shall refer to the international treaties and agreements applicable to such matter" [emphasis added].
+It does not seem very prudent to place the burden of responsibility for such a critical evaluation67 of conflicts of international law on a foreign corporation with strong vested interests, that may be subject to espionage charges for compliance with EU law.
+
+
+Study, European Commission, Internal Market DG Contract PRS/2003/A0-7002/E/27.
+
+BCRs-for-processors might sound like a variant of the existing BCRs (for Controllers), but in actuality they are vastly more risky for Europeans' privacy. The strategic risk to EU data sovereignty, which arises directly from the concept of BCRsfor-processors, is that the global Cloud industry is dominated by software "platforms" from Microsoft, Google, Amazon, and a few others. Microsoft's goal for its public-sector salesforce from 2010 was to compete for every contract for data processing by governments68.
+
+The cost savings for Cloud processing can be massive (sometimes one tenth the cost of processing "on-premise" by the Controller according to industry marketing claims). The cost savings are from equipment, overhead, operational staff (increasingly expensive for leading cyber-security expertise), and the major Cloud providers can take advantage of economies of scale, and higher average utilization by spreading processing loads across time-zones globally. Therefore there is already, and will be further, a competitive imperative to migrate European "on-premise" data to Cloud processing, and so far the EU
+has almost no significant indigenous software platforms that can compete (on cost, features, or reliability) with the leading US providers. The exception to this gloomy picture is free and open-source software, which has produced powerful Cloud "stacks" competitive with proprietary software and services. In this light, BCR-for-processors can be seen as an expedient strategy both for the Commission and for Data Protection Authorities (DPAs) who wish to maintain the semblance of legal control over EU data, and for the Cloud providers who find the existing EU Data Protection regime generally inconvenient, especially for tax purposes69. The Commission promoted the legal status of the BCR-for-processors concept in the text of the new draft Regulation70. Subsequently, national DPAs have no alternative but to accept their validity once issued. So far, only a few dozen of the existing Controller BCRs have been approved71, and the standard of compliance already is not reassuring72.
+
+## 2.3.2 Model Contracts
+
+From 2001 the EU Commission drafted approved "model" clauses for inclusion in contracts both for Controllers and Processors located outside the EU, intended to guarantee privacy rights for individuals comparable to those they would have if the data remained inside the EU.
+
+## The Conceptual Flaw In This General Approach Is The Supposition That Computer Systems Can Be "Audited" To Guarantee The Three Essential Requirements Of Information Security: Confidentiality, Integrity And Availability. Whilst Integrity73 And Availability Of Data Are Technically And Logically Verifiable Properties, Confidentiality Is Not. It Is Impossible To Know With Certainty Whether Either An "Insider" Or External
+
+unauthorised party has seen or copied data. Even if data is encrypted with a mathematically strong cipher, the algorithm implementation may have software defects, or the key may be leaked or stolen secretly.
+
+## The Revelations About Prism Dramatically Illustrate The Folly Of This Legal Stratagem. No Force Of Law Operating In Civil Cases On Private Parties Can Guarantee Privacy Rights In The Face Of An Adversary Such As The Nsa Trying To Breach Them, And Operating Lawfully In It Own Terms.
+
+Clause.5(d)174 provided that the processor had to tell the EU exporter about any "legally binding request" for data *unless* that was prohibited, such as a prohibition under criminal law to preserve the confidentiality of a criminal investigation. The wording "such as" invites a reading that national security laws *a fortiori* overrides any contractual obligation. Although the EU retained powers to terminate the transfers, this required a basis of evidence to do so, and thus the structural temptation for turning a blind-eye was incorporated. Every organizational actor has an incentive to turn a blind-eye under these arrangements. The Commission so they can maintain "high standards" of data protection are observed, DPAs so as not to expose their technical limits and exhaust their limited resources in expensive legal actions, Member States whose security hierarchies benefit from access to US counter-terror information, and business in EU and the US who simply want to transact without awkward questions of state mass-surveillance continually arising. Even EU civil society75 seemed quiescent since ECHELON, and has mostly focussed on consumer rights76
+instead of meaningfully questioning the implications for Fundamental Rights and sovereignty in commercial data-flows to the US. As a legal mechanism for guaranteeing rights and obtaining damages for poor security or privacy practices, such contracts (and their "model" clauses) have proved useless in so far as they have not given rise to litigation. In most situations where an EU Controller might want to obtain monetary damages from a Third Country processor/controller, the reputation damage they could suffer in the marketplace (e.g. from a data breach becoming known) would be very unlikely to be recouped. In theory, this disincentive would be removed by the new draft Regulations' requirement77 to notify DPAs of data breaches, but DPAs have signalled that they will not necessarily require data subjects to be informed (and thus effectively make the incident public knowledge), partly in order to shield Controllers from disproportionate reputation damage. When disputes are settled out of court without publicity, it undercuts the function that contract litigation would perform, of informing Controllers about the reliability of those to whom they might export data. Data subjects of course have no idea when their rights may have been infringed under this approach.
+
+## 3. Strategic Options And Recommendations For The European Parliament 3.1. **Reducing Exposure And Growing A European Cloud**
+
+As explained earlier, the mechanism of BCRs-for-processors, apparently tailor-made to ease the flow of EU data into Third Country cloud computing, is not sufficient to safeguard rights. It contains a loophole that condones unlawful surveillance. It is thus quite surprising that at various stages of development, the concept has been endorsed by the Article 29
+Data Protection Working Party78 (WP29), the European Data Protection Supervisor79
+(EDPS), and the French *Commission Nationale de l'Informatique et des Libertes* (CNIL) which led their  formulation. No evidence has emerged that these DPAs understood the structural shift of data sovereignty80 implied by Cloud computing. Rather, an unrealistic and legalistic view has allowed the protection of EU citizens to be neglected.
+
+## Recommendations:
+
+-
+Prominent notices should be displayed by every US web site offering services in the EU to inform consent to collect data from EU citizens. The users should be made aware that the data may be subject to surveillance (under FISA 702) by the US government for any purpose which furthers US foreign policy. A consent requirement will raise EU citizen awareness and favour growth of services solely within EU jurisdiction. This will thus have economic impact on US business and increase pressure on the US government to reach a settlement.
+-
+Since the other main mechanisms for data export (model contracts, Safe Harbour) are not protective against FISA or PATRIOT, they should be revoked and renegotiated. In any case, the requirement above for informed consent after a prominent warning notice should apply to any data collected, in the past or in the future, by a public or private sector EU controller, before it can be exported to the US for Cloud processing.
+-
+A full industrial policy for development of an autonomous European Cloud computing capacity based on free/open-source software should be supported. Such a policy would reduce US control over the high end of the Cloud e-commerce value chain and EU online advertising markets. Currently European data is exposed to commercial manipulation, foreign intelligence surveillance and industrial espionage. Investments in a European Cloud will bring economic benefits as well as providing
+the foundation for durable data sovereignty.
+
+## 3.2. Reinstating 'Article 42'
+
+The published81 new Regulation omitted 'Art.42' (according to the numbering of a draft82
+leaked two months before the final version), reportedly after very heavy lobbying by US
+interests83. Article 42 prohibits Third Countries (such as the United States and other non-EU
+Member States) from accessing personal data in the EU where required by a non-EU court or administrative authority without prior authorization by an EU Data Protection Authority. The article has been described as the "anti-FISA clause". Recommendations: The deterrent effect of 'Art.42' should be assessed before it is reinstated, and in particular, the following issues should be addressed:
+
+-
+Even though Art.42 in principle mitigates controversial aspects of FISA, it is doubtful that this measure would be effective, because compliance would expose the leadership of US companies to charges of espionage. As the Yahoo CEO declared
+recently: "*we faced jail if we revealed NSA surveillance secrets*"84.
+-
+The efficiency of sanctions as a compliance mechanism should also be evaluated from the perspective of net economic gains and losses. As an illustration, the EU
+competition authority prosecuted a long case against Microsoft for its monopoly of
+local-area networking, resulting in a fine of $1bn (the largest ever applied by the EU). The corporate attorney responsible for that strategy was not fired for incompetence but promoted to a Deputy General Counsel. The reason is that Microsoft's profits over the previous decade from the monopoly were conservatively twenty times the size of the enormous fine, and this was  foreseen by Microsoft's legal strategists.
+-
+If a major Cloud provider failed to comply with Art.42, it could result in irreversible but secret violation of the fundamental rights of millions of citizens, and the Regulation ought to make this a serious criminal offence. At the moment, most MS transpositions of EU 95/46 treat DP offences as minor matters, and some MS do not implement criminal sanctions at all. That is no deterrent against a calculated strategy to ignore EU law, weighed against the penalties applicable under US law.
+-
+At a general level and beyond the specific scope of Art.42, the level of fines for infractions of the new Data Protection Regulation also need to be substantially increased. They were reduced to a 2% fine on the revenue of a corporation, from higher levels in leaked drafts. The example above of the Microsoft competition case shows that some companies have enormous resources and deep strategies that anticipate and incorporate even billion-dollar fines into their business plans. A fine level of 20% of global revenue may be needed to persuade such corporations to reckon seriously with Art.42 compliance.
+-
+Even after BULLRUN, cryptography is probably intact in theory85, however it is not
+known which encryption implementations and products may have been rendered insecure. Therefore consideration should be given to extending the scope of 'Art.42'
+also
+to
+cover
+vendors
+of
+systems/products
+(as
+well
+as
+Controllers/Processors) in EU markets. Existing encryption security product accreditations, especially if influenced by NSA or GCHQ, must be regarded as suspect.
+
+## 3.3. Whistle-Blowers' Protection And Incentives
+
+Recommendation: Systematic protection and incentives for whistle-blowers should be introduced in the new Regulation. Whistle-blowers should be given strong guarantees of immunity and asylum, and awarded 25% of any fine consequently exacted86. The whistleblower may have to live in fear of retribution from their country for the rest of the lives, and take precautions to avoid "rendition" (kidnapping). Ironically, US law already provides rewards of the order of $100m for whistle-blowers exposing corruption (in the sphere of public procurement and price-fixing)87.
+
+
+## 3.4. Institutional Reform
+
+At a very early stage of consultation the EU Commission rejected the option of establishing a new central pan-European Data Protection Authority, because this appeared disproportionate to the requirement for Member States' subsidiarity. The option was chosen for an evolutionary development of WP29 into the new Data Protection Board. However an intermediate option could have been considered: the creation of a new central authority for cases involving major Third Country data-flows. Recommendation: a central investigative service for cases involving major Third Country data-flows should be created. This service should be given authority and resources to initiate complex prosecutions against transnational companies, who often employ large legal teams to delay and appeal decisions over many years. National DPAs would retain jurisdiction over purely national affairs, and according to the principle of subsidiarity,  could initiate their own national investigations, or refer a case to the central service.
+
+## 3.5. Data Protection Authorities And Governance
+
+The PRISM scandal and Snowden's revelations have not been the first warnings to EU Institutions in relation to EU citizens' rights. Privacy activists for instance warned the Commission in 2000 that the Safe Harbour Agreement contained dangerous loopholes88.
+More recently, the above-mentioned note produced on Cloud Computing for the European Parliament's LIBE Committee clearly highlighted the loopholes of FISA and their consequences on EU citizens' rights and protection89. The Committee even held a hearing90 for the presentation of the Note, following a session on the EU Cybersecurity strategy on Feb 20th 2013. Afterwards MEPs asked for immediate proposals to meet the LIBE amendment deadline91 on the Data Protection Regulation.
+
+However, from March onwards, the level of interest in the Note declined, and there seemed only a remote possibility that Parliament would support fundamental revisions of the DP regulation. Thanks to the PRISM scandal and Snowden's revelations, such warnings and related concerns have gained a new legitimacy. The question remains why DPAs did not react. In one hundred and fifty Opinions of WP29 issued since 9/11, only the first mentions the PATRIOT Act (in a footnote), and none FISA, or even the term 'foreign intelligence'.
+
+National DPAs92, the EDPS93, and other institutions94 seemed to be unaware of US
+legislation or that PRISM was legally possible. They failed to sound the alarm for EU
+citizens, despite warnings95, and of course the widely reported US scandal before 2008. This may be because  DPAs, ENISA96, and the Trust and Security Unit of DG-CONNECT97, are ambivalent whether the "national security" exemption of EU competency means they are - or are not - required to defend their citizens' privacy from Third Country intelligence agencies. In their last state-of-play comments before Snowden, the EDPS noted the above mentioned LIBE proposed amendment for a drastic warning to data subjects before giving consent to Cloud transfers, but rejected98 this on the grounds that it was not "technology neutral".
+It appears the EU DPA institutions have some structural difficulties that need to be addressed. In particular, DPAs clearly lack capacities in technical expertise. Only a few dozen DPA staff (out of about two thousand across Europe) has an informatics background, let alone a post-graduate degree related to the computer and engineering science of privacy. There is a deeply-rooted view that because in general it is preferable to draft laws in a technology-neutral99 way, this excuses regulators from understanding technical matters. For example, WP29 has never conducted any survey of advanced privacyenhancing technologies, or issued any Opinion mandating their use, even in the face of persistent evidence of market failure for their voluntary adoption.
+
+Recommendations: A reform of the EU Data Protection Authorities appointment system should be implemented. The new Regulation does not address this aspect. This is critical in order to prevent inertia and deadlock regarding technology-specific questions. Some options to improve the EU Data Protection governance and capacities could include:
+
+-
+inclusion in the Data Protection Board of at least one special Commissioner with a mandate prioritizing defence of citizens' rights, with a small independent staff, perhaps directly elected by popular (but apolitical) vote at the time of European elections, or by the Parliament;
+-
+inclusion of a special technical Commissioner, nominated from the functional constituency of academic computer scientists specializing in privacy, and potentially another Commissioner from the field of Surveillance Studies, also with small independent staffs;
+-
+a requirement that DP Commissioners must be appointed by national Parliaments
+
+2012. Both the EDPS and Deputy were present, as well as senior officials from the Council, Commission and other DPAs, who were emailed a copy afterwards. October 2011. NSA was outside their mandate, but probably realizing this position is untenable, on 6.9.13 issued a statement finessing the issue and incorrectly implying (footnote 21) that ENISA had warned of FISA-type risks in 2009.
+
+and not the executive;
+
+-
+a minimum quota for DPAs of 25% technical staff with suitable qualifications (or
+equivalent experience) with a career path100 to the most senior positions;
+-
+a subvention of funds to support the civil society sector, although great care must be taken to ring-fence this allocation. Funds should be distributed fairly and on merit, but avoiding the stifling effect of bureaucracy and the danger of institutional
+capture101.  In the United States, the culture of philanthropy and mass-membership civil society supports four highly professional national NGOs102, with diverse
+approaches, which litigate test cases in privacy and freedom of information, and conduct world-class technical critique of government policies. In contrast, the EU still has a patchwork of dozens of NGOs, who with few resources and lacking the consistent capacity of a permanent  research staff, did not campaign on FISA before Snowden
+
+## Conclusion
+
+As noted earlier, one of the most extraordinary aspects of the PRISM affair is that not only have the rights of non-Americans not been discussed in the US, they were not even discussed by the European media until well after the story first broke. The rights of non- Americans were rarely raised, and a casual reader would not understand that the intended target of surveillance was non-Americans, and that they had no rights at all. It seems that the only solution which can be trusted to resolve the PRISM affair must involve changes to the law of the US, and this should be the strategic objective of the EU.
+
+Furthermore, the EU must examine with great care103 the precise type of treaty instrument proposed in any future settlement with the US. Practical104 but effective mechanisms are also needed to verify that disclosures of data to the US for justifiable law enforcement investigations are not abused. In assessing the impact of the revelations, three technical considerations should be borne in mind in the search for effective responses. (1) Data can only be processed whilst decrypted, and thus any Cloud processor can be secretly ordered under FISA 702 to hand over a key, or the information itself in its decrypted state. Encryption is futile to defend against NSA accessing data processed by US Clouds (but still useful against external adversaries such as criminal hackers). Using the Cloud as a remote disk-drive does not provide the competitiveness and scalability benefits of Cloud as a computation engine. There is no technical solution to the problem105.
+
+(2) Exposing data in bulk to remote Cloud mass-surveillance forfeits data sovereignty, so confining data to the EU is preferable pending legal solutions. Although NSA has extensive
+
+capabilities to target particular systems inside the EU, this is harder and riskier to do. However basic reforms to the new Regulation are needed, otherwise *in practice* these two situations will be treated as equivalent, and Cloud business will go to lowest bidder. (3) Although an EU-based company transacting in the US is also subject to conflicts between EU DP and the FISA law, in practice it is less likely they will be served with such secret orders, because the legal staff and management would be more likely to resist, and as EU-nationals are less threatened by US espionage laws. "Clouds" can be confined to a location, and arguments this would "balkanise106 the Internet confuses issues of censorship with the problem of keeping data private.
+
+## *         *         *
+
+The thoughts prompted in the mind of the public by the revelations of Edward Snowden cannot be unthought. We are already living in a different society in consequence. Everybody now knows, that the US intelligence community might know any personal secret in electronic data sent in range of the NSA. These developments could be profoundly destabilising for democratic societies, precluding exercise of basic political and human rights, and creating a new form of instantaneous and coercive Panoptic power. There is a historical symmetry between the incursions on the Fourth Amendment rights of Americans, and the disregard for the human right to privacy of everyone else in the world. In the period leading up the US War of Independence the British used "general warrants"
+which authorised any search without suspicion, and it was resentment107 against this power and its abuse that motivated the subsequent Fourth Amendment to the US Constitution. FISA 702 (aka *1881a*) is a general warrant to collect data and trawl for information related to US foreign affairs, but Americans' privacy is legallly sacrosanct (albeit in theory) unless the high legal threshold of "necessity" is met. What particularly galled the American revolutionaries was that ten years earlier a famous case in English law108 had prohibited such general warrants. They regarded it as hypocrisy that laws they did not write, and could not change, protected the privacy of their rulers, but not colonial subjects. The same principle is at stake today.
+
+## References
+
+
+ACLU FOIA request (2010), Introduction to FISA Section 702, (2010) Course Information, US Department
+of Justice, published December 2010
+
+Anzalda, Matthew A. and Gannon, Jonathan W. (2010), In re Directives Pursuant to Section 105B of the
+Foreign Intelligence Surveillance Act: Judicial Recognition of Certain Warrantless Foreign Intelligence Surveillance (paywall), Texas Law Review, Vol 88:1599 2010
+
+ART29WP - Article 29 Data Protection Working Party (2012), Opinion on Cloud Computing, WP 196,
+Adopted July 1st 2012
+
+ART29WP - Article 29 Data Protection Working Party (2012), Working Document 02/2012 setting up a table with the elements and principles to be found in Processor Binding Corporate Rules, WP 195 Adopted on 6 June 2012
+
+ART29WP - Article 29 Data Protection Working Party (2013), Explanatory Document On The Processor Binding Corporate Rules, WP 204, Adopted On 19 April 2013
+
+Bigo Didier, Boulet Gertjan, Bowden Caspar,  Carrera Sergio, Jeandesboz Julien, Scherrer Amandine (2012), Fighting cyber crime and protecting privacy in the cloud, Study for the European Parliament, PE 462.509
+
+Bloom, Stephanie Cooper (2009), What Really Is at Stake with the FISA Amendments Act of 2008 and
+Ideas for Future Surveillance Reform, Public Interest Law Journal Vol 18:269
+
+Bowden, Caspar (2011), Government Databases and Cloud Computing (slides), The Public Voice, Mexico,
+October 2011
+
+Bowden, Caspar (2012), Is EU data safe in US Clouds? (slides), Academy of European Law, Trier
+September 2012
+
+Cloud, Morgan (2005), A Liberal House Divided: How the Warren Court Dismantled the Fourth
+Amendment, Ohio State Journal of Criminal Law, Vol 3:33 2005
+
+Cole, David, (2003), Georgetown Law: The Scholarly Commons, Are Foreign Nationals Entitled to the
+Same Constitutional Rights As Citizens? 25 T. Jefferson L. Rev. 367-388
+
+Congressional Research Service - Bazan, Elizabeth B. (2008), The Foreign Intelligence Surveillance Act:
+An Overview of Selected Issues, Updated July 7, 2008, RL34279
+
+Congressional Research Service - Liu, Edward C. (2013), Reauthorizattion of the FISA Amendments Act,
+7-5700, R42725, January 2, 2013
+
+Congressional Research Service (2007), P.L. 110-55, the Protect America Act of 2007: Modifications to
+the Foreign Intelligence Surveillance Act, August 23, 2007
+
+Corradino, Elizabeth A. (1989), Fordham Law Review, The Fourth Amendment Overseas: Is
+Extraterritorial Protection of Foreign Nationals Going Too Far? Volume 57, Issue 4, Article 4, January, 1989
+
+De Filippi, Primavera, and McCarthy, Smari (2012), Cloud Computing: Centralization and Data
+Sovereignty, European Journal of Law and Technology 3, 2
+
+Desai, Anuj C. (2007), Wiretapping Before the Wires: The Post Office and the Birth of Communications
+Privacy, Stanford Law Review, 60 STAN L. REV. 553
+
+Dhont J., Asinari M.V.P., Poullet Y., Reidenberg J., Bygrave L. (2004), Safe Harbour Decision
+Implementation Study, European Commission, Internal Market DG Contract PRS/2003/A0-7002/E/27
+
+Dulles, Allen Welsh (1963), The Craft of Intelligence, New York: Harper&Row.
+
+European Commission (2011), [Draft] Proposal for a General Data Protection Regulation
+
+European Commission (2012), Proposal for a General Data Protection Regulation, 25.1.2012, COM(2012)
+11 final 2012/0011
+
+European Commissioner - Reding, Viviane (2013), Letter to the Attorney General, Ref. Ares
+(2013)1935546 - 10/06/2013, Brussels, 10 June 2013
+
+European Data Protection Supervisor - Hustinx, Peter (2010), Data Protection and Cloud Computing
+Under EU Law, speech, Third European Cyber Security Awareness Day, BSA, European Parliament, 13 April 2010, Panel IV: Privacy and Cloud Computing
+
+European Data Protection Supervisor (2011), Opinion on the Communication - "A comprehensive
+approach on personal data protection in the European Union", Brussels, 14 January 2011
+
+European Data Protection Supervisor (2013), Additional EDPS Comments on the Data Protection Reform
+Package
+
+Fein, Bruce (2007), Presidential Authority to Gather Foreign Intelligence, Presidential Studies Quarterly,
+March 2007
+
+
+Forgang, Jonathan D. (2009), "The Right of the People": The NSA, the FISA Amendments Act of 2008,
+and Foreign Intelligence Surveillance of Americans Overseas, Fordham Law Review, Volume 78, Issue 1, Article 6, 2009
+
+Hoboken, J.V.J., Arnbak, A.M., Van Eijk, N.A.N.M (2012), Cloud Computing in Higher Education and
+Research Institutions and the USA Patriot Act, IVIR, Institute for Information Law, University of Amsterdam, November 2012 (English Translation)
+
+Hon, W. Kuan and Millard, Christopher (2012), Data Export in Cloud Computing - How Can Personal Data
+Be Transferred Outside the EEA? The Cloud of Unknowing, Part 4, QMUL Cloud Legal Project, 4 April 2012
+
+Hondius, Frits W (1975), Emerging data protection in Europe. North-Holland Pub. Co.
+
+International Working Group on Data Protection in Telecommunications (2012), Working Paper on Cloud
+Computing - Privacy and data protection issues - Sopot Memorandum, 51st meeting, 23-24 April 2012
+
+Kuner, Christopher, (2008), Membership of the US Safe Harbor Program by Data Processors, The Center
+For Information Policy Leadership, Hunton & Williams LLP
+
+LoConte, Jessica (2010), FISA Amendments Act 2008: Protecting Americans by Monitoring International
+Communications--Is It Reasonable?, Pace International Law Review Online Companion 1-1-2010
+
+Medina, M. Isabel, (2008) Indiana Law Journal, Exploring the Use of the Word "Citizen" in Writings on the
+Fourth Amendment Volume 83, Issue 4, Article 14, January, 2008
+
+Pell, Stephanie K. (2012), Systematic government access to private-sector data in the United States,
+International Data Privacy Law, 2012, Vol. 2, No. 4
+
+Radsan, John A. (2007), The Unresolved Equation of Espionage and International Law, Michigan Journal
+of International Law, Vol 28:595 2007
+
+Snider, Britt L. (1999): Unlucky SHAMROCK - Recollections from the Church Committee's Investigation of NSA
+
+U.S. Ambassador to the EU (2012), Remarks by William E Kennard, Forum Europe's 3rd Annual European Data Protection and Privacy Conference, December 4, 2012
+
+U.S. Commerce Department (General Counsel) - Kerry, Cameron F. (2013), Keynote Address at the
+German Marshall Fund of the United States, 28th August 2013
+
+US Congress (2008), Foreign Intelligence Surveillance Act of 1978 Amendments Act of 2008, 122 Stat. 2436, Public Law 110-261, July 10, 2008
+
+US Department of Commerce International Trade Administration (2013), Clarifications Regarding the
+U.S.-EU Safe Harbor Framework and Cloud Computing, December 4, 2012
+
+US State Department (2012), Five Myths Regarding Privacy and Law Enforcement Access to Personal
+Information in the EU and the US
+
+Vandekerchkhove, Wim (2010), European whistleblower protection: tiers or tears?, in D. Lewis (ed) A
+Global Approach to Public Interest Disclosure, Cheltenham/Northampton MA, Edward Elgar, pp 15-35.
+
+Walden, Ian (2011), Accessing Data in the Cloud: The Long Arm of the Law Enforcement Agent, QMUL
+Cloud Legal Project, Research Paper No. 74/2011
+
+Weichert, Thilo (2011), Cloud Computing and Data Privacy, The Sedona Group Conference Working Group
+Series, February 2011
+
+Wills Aidan, Vermeulen Mathias, Born Hans, Scheinin Martin, Wiebusch Micha, Thornton Ashley,
+Parliamentary Oversight of security and Intelligence Agencies in the EU, Note for the European Parliament, PE 453.207.
+
+Young, Stewart M, (2003) Michigan Telecommunications and Technology Law Review, Verdugo in
+Cyberspace: Boundaries of Fourth Amendment Rights for Foreign Nationals in Cybercrime Cases, Volume 10, Rev. 139

markdown/misc/ic-covid-summ.md

@@ -0,0 +1,19 @@
+## Key Takeaways
+
+The IC assesses that SARS-CoV-2, the virus that causes COVID-19, probably emerged and infected humans through an initial small-scale exposure that occurred no later than November 2019 with the first known cluster of COVID-19 cases arising in Wuhan, China in December 2019.  In addition, the IC was able to reach broad agreement on several other key issues.  We judge the virus was not developed as a biological weapon.  Most agencies also assess with low confidence that SARS-CoV-2 probably was not genetically engineered; however, two agencies believe there was not sufficient evidence to make an assessment either way.  Finally, the IC assesses China's officials did not have foreknowledge of the virus before the initial outbreak of COVID-19 emerged. After examining all available intelligence reporting and other information, though, the IC remains divided on the most likely origin of COVID-19.  All agencies assess that two hypotheses are plausible: natural exposure to an infected animal and a laboratory-associated incident.
+
+
+Four IC elements and the National Intelligence Council assess with low confidence that the initial SARS-CoV-2 infection was most likely caused by natural exposure to an animal infected with it or a close progenitor virusa virus that probably would be more than 99 percent similar to SARS-CoV-2.  These analysts give weight to China's officials' lack of foreknowledge, the numerous vectors for natural exposure, and other factors.
+
+One IC element assesses with moderate confidence that the first human infection with SARS-CoV-2 most likely was the result of a laboratory-associated incident, probably involving experimentation, animal handling, or sampling by the Wuhan Institute of Virology.  These analysts give weight to the inherently risky nature of work on coronaviruses.
+ Analysts at three IC elements remain unable to coalesce around either explanation
+without additional information, with some analysts favoring natural origin, others a laboratory origin, and some seeing the hypotheses as equally likely.
+
+Variations in analytic views largely stem from differences in how agencies weigh intelligence reporting and scientific publications, and intelligence and scientific gaps.
+
+The IC judges they will be unable to provide a more definitive explanation for the origin of COVID-19 unless new information allows them to determine the specific pathway for initial natural contact with an animal or to determine that a laboratory in Wuhan was handling SARS- CoV-2 or a close progenitor virus before COVID-19 emerged.
+
+
+The ICand the global scientific communitylacks clinical samples or a complete understanding of epidemiological data from the earliest COVID-19 cases.  If we obtain information on the earliest cases that identified a location of interest or occupational exposure, it may alter our evaluation of hypotheses.
+
+China's cooperation most likely would be needed to reach a conclusive assessment of the origins of COVID-19.  Beijing, however, continues to hinder the global investigation, resist sharing information and blame other countries, including the United States.  These actions reflect, in part, China's government's own uncertainty about where an investigation could lead as well as its frustration the international community is using the issue to exert political pressure on China.

markdown/misc/ic-legal.md

@@ -0,0 +1,85 @@
+# On The Outside Looking In Remarks By Steven Aftergood Federation Of American Scientists At The 8Th Annual Intelligence Community Legal Conference
+
+## May 7, 2014
+
+
+Thank you for the opportunity to address this conference. As someone who has often been a critic of, and sometimes a litigant against, U.S. intelligence agencies, I was somewhat surprised but even more impressed to be invited to come speak to you. Your invitation shows a kind of intellectual curiosity and openness to alternate points of view that aren't always easy to find in your Community or in mine. I probably can't tell you anything about national security law that you don't already know. But I can tell you something about what it's like to be a member of the public who is interested in intelligence law and policy and who wants to engage with it from the outside. I can tell you what it's like to be me.
+
+## How Did I Get Here?
+
+As a policy advocate, I had two formative experiences over the years that strongly influenced my perspectives on government secrecy and how to deal with it.
+
+## 1. Timber Wind And The Abuse Of Classification Authority
+
+In the early 1990s, I was studying safety and environmental issues associated with the use of nuclear power supplies in space, whether for deep space exploration (like the NASA
+Voyager probes) or for military applications in Earth orbit. One day, to my astonishment, I received a package in the mail with no return address containing a stack of classified documents that described a Department of Defense program called TIMBER
+WIND. It was an effort to develop a nuclear reactor-driven rocket engine for potential anti-ballistic missile applications. I thought I knew pretty much everything about what was going in space nuclear research and development, but I didn't know about this program, and I wasn't supposed to. TIMBER WIND was what DoD calls an "unacknowledged special access program." That is, even the fact of its existence was classified. So it got my attention. Why was it set up as a highly classified program? A DoD official privately told me outright: The program managers' intent was to evade the anti-nuclear public controversy which they anticipated that the program would encounter, at least until the basic technical concept could be validated. While this was an understandable move, it was not a permissible use of the national security classification system. As you know, classification is not supposed to be a tool for managing public perceptions.
+
+So my very first exposure to classified information was also my introduction to classification abuse.
+
+Aside from that, the TIMBER WIND episode taught me that the unauthorized disclosure of secrets can be a powerful political gesture. It seems like there is a latent potential energy in a secret document that can generate powerful consequences when it is released outside of official channels.
+My boss at the Federation of American Scientists, Jeremy Stone, told me that before I could publicly release any classified documents on TIMBER WIND, I had to give the government a chance to explain its position on the matter. So I contacted an Air Force officer whose name I recognized on the list of those who had been read-in to the program. (The list of participants had also been sent to me). He told me he could not authorize or approve of any disclosure of classified information. But he said that if I was going to go ahead anyway, I ought to withhold technical documentation of TIMBER WIND's innovative particle bed reactor fuel design, because it could only be of interest to someone who was trying to replicate the technology. That made sense to me, and I did withhold that information. But I released the rest of the story to the press, and it was frontpage news in the *New York Times*, the *Washington Post*, and other papers on April 3, 1991. I also filed a complaint with the DoD Inspector General, who issued a report in December 1992
+concluding that the establishment of TIMBER WIND as a special access program was "not adequately justified." (The program managers disagreed and presented dissenting views in the IG
+report.) The program itself was formally terminated in 1994.
+
+## 2.  A Foia Lawsuit Against The National Reconnaissance Office
+
+A second formative experience that shaped my outlook on government secrecy involved the Freedom of Information Act. In 2005 I asked the National Reconnaissance Office to release unclassified portions of its latest Congressional Budget Justification Book (CBJB), and NRO officials said no. They said that the CBJB was exempt from FOIA under what's known as the operational files exemption. I appealed the denial, and then I filed suit under FOIA as a *pro se* litigant.
+
+The operational files exemption was a legal backwater that had rarely been litigated before (NRO's own specific exemption had not been), and it got a workout in this case. Among the legal questions at issue were: Was the CBJB technically a "record" or was it a "file"? What form of document dissemination is sufficient to nullify the exemption? And so on. It was not a particularly simple case.
+
+To everyone's surprise, including my own, I won. DC District Judge Reggie Walton, who heard the case, ruled against the multi-billion dollar intelligence agency (NRO), and in favor of the FOIA requester (me) who didn't even have his own attorney.
+That doesn't happen very often, but it happened to me. And it was a tremendous antidote to cynicism. If the TIMBER WIND nuclear rocket case led me to conclude that the classification system was prone to abuse, my FOIA lawsuit against NRO taught me that overcoming inappropriate government secrecy is an achievable goal. I may be wrong about that, but that was the lesson I came away with.
+
+## So Where Are We Today?
+
+What strikes me - in the aftermath of the unauthorized disclosure of the bulk telephony metadata collection program by Edward Snowden - is that the intelligence community had an unfamiliar realization: transparency or public disclosure of intelligence information is not necessarily a problemit can serve the interests of the IC too.
+Declassification, the intelligence agencies discovered, can be used to correct errors in the record, it can provide relevant context for public deliberation, and it can help to counteract cynicism about official activities and motivations.
+
+And as you know, the government has actually acted on this newfound realization.  More classified government records about ongoing intelligence surveillance programs - not just historical programs - have recently been declassified than ever before. The number of pages of Top Secret records about bulk collection programs in particular that have been officially declassified is roughly double the number of pages leaked by Snowden that have been published in the news media. Several new government websites have been established to publicize and disseminate declassified intelligence records, including records pertaining to the privacy interests of U.S.
+
+persons (e.g., *IC on the Record*, the website for the FISA Court, the NCTC site). For the first time, a presidential directive on signals intelligence
+(PPD-28) was issued by President Obama in unclassified form. (It forms a bookend in a way to the Top Secret PPD-20 on Cyber Operations that was released by Snowden.) New policy debates have emerged on previously remote topics such as what consideration, if any, should be given by US
+intelligence to the privacy rights of foreigners abroad, or the reported role of U.S. intelligence agencies in weakening public encryption standards or stockpiling known software vulnerabilities.
+
+*
+On the other hand, secrecy has remained a source of friction and public consternation. And while the IC has been opening up on some fronts, it is shutting down and tightening control on others. The new dawn of transparency so far has been largely limited to issues of bulk collection of telephone metadata. If you want to know how many civilian non-combatants have died as a result of US drone strikes, the government won't tell you, since those deaths occurred under the rubric of covert action and are not supposed to be acknowledged or discussed. If you want to know under what circumstances the US government can target and kill a US citizen without any judicial process beforehand or public accountability after the fact, that too is a secret.
+
+If you would like to read a Senate Intelligence Committee review of CIA interrogation activities that took place a decade ago, stand by and maybe, just maybe, portions of the executive summary will be declassified. Sometime.
+
+For the first time in more than four decades, the public no longer has access to open source news reports collected and translated by the ODNI Open Source Center (formerly the Foreign Broadcast Information Service). The channel by which the public could subscribe to those products (known as the World News Connection) was terminated by the CIA last December 31.
+
+The cup of secrecy regularly overflows. Last month, ODNI released a redacted version of Intelligence Community Directive 304 on Human Intelligence, which blacked out all references to the fact that the Director of CIA is the National HUMINT Manager.
+
+We thought that was silly and inappropriate, and we made the unredacted directive available on our website. Another new directive -- Intelligence Community Directive 119 on media contacts -- prohibits IC employees from having unauthorized contact with reporters or anyone who disseminates information to the public without prior approval. You're not only prohibited from disclosing classified information - that has always been true - but now you can't even discuss *unclassified*
+information that is "intelligence-related."
+A newly updated ODNI Instruction - 80.04 on prepublication review - requires that all official and non-official information intended for public release must be approved in advance. Information that is to be released must be "consistent with the official ODNI position or message." So if you ever disagreed with the official ODNI position on anything, you had better keep it to yourself. I think that kind of regimented approach to information management is a mistake. It's bad for me, it's bad for you, it's bad for the IC. It creates a wall between the public and government that doesn't need to be there. I think the DNI was not well served by whoever advised him to adopt these policies -- especially the directive on media contacts -- and I hope that they will be reconsidered and rescinded.
+
+## * But Let's Go Back To Something More Positive.
+
+In recent interviews and testimony, DNI Clapper has stated his conclusion that the need for greater transparency is one of the major lessons to be learned from the past year. In particular, he said it would have been prudent and proper to seek public consent for the bulk collection of call records from the start. "Had we been transparent about this from the outset right after 9/11... we wouldn't have had the problem we had," he said in an interview with the *Daily Beast*.
+
+This acknowledgment that greater transparency would have benefited the intelligence community all along creates an opening for a new conversation about what is wrong with current classification practices, and what can be done to rectify them. After all, overclassification or unnecessary classification doesn't really help anyone. For the IC, it creates both financial and operational costs, it impedes information sharing inside and outside the government, and it contributes to a climate of public cynicism. For those same reasons, reducing overclassification would positively serve government interests. It has the potential to lower costs, to foster information sharing, and to engender public confidence. Nobody criticizes the Internal Revenue Service for keeping people's income tax returns too secret or too secure;
+everybody understands that that sort of secrecy is in their own interest. The IC should strive for an optimal level of secrecy that is justified in the same way, so that people have reason to believe it serves them, not that it threatens them. That sounds good. But how to do it?
+
+*
+I think that the key to achieving significant reductions in official secrecy is to submit agency classification decisions to some form of external review and critique.
+What makes me think that is that it is already being done, at least on a small scale, by an executive branch body called the Interagency Security Classification Appeals Panel, or ISCAP.
+Between 1996 and 2012, the ISCAP completely overturned the classification judgments of executive branch agencies in 27% of the cases that it reviewed, and it partially overturned classification decisions in another 41% of such cases. That is a much more dramatic record of secrecy reversals than you would ever find in Freedom of Information Act appeals or litigation. I think it can be explained by considering the fact that the ISCAP as a body, though it is fully committed to protecting legitimate national security interests, does not share the specific bureaucratic interests of the member agencies whose classification judgments it rejected. By subjecting those individual agency classification decisions to an external evaluation (albeit still within the executive branch), the ISCAP process has consistently yielded a reduction in secrecy.
+
+But whatever the explanation is, the process works. Having been validated in practice year after year, this basic principle could now be applied more broadly. One conceivable way to apply it would be to submit relevant IC classification guides - the official guidance on exactly what types of information are to be classified and at what level - for independent review and critique to an external entity. This could be an ad hoc review body, an expanded ISCAP, or an existing entity such as the Public Interest Declassification Board (PIDB) or the Privacy and Civil Liberties Oversight Board. The PIDB, an official advisory board whose members are appointed by the White House and Congress, wrote in a 2012
+report:
+"The classification system exists to protect national security, but its outdated design and implementation often hinders that mission. The system is compromised by over-classification and, not coincidentally, by increasing instances of unauthorized disclosures. This undermines the credibility of the classification system, blurs the focus on what truly requires protection, and fails to serve the public interest. Notwithstanding the best efforts of information security professionals, the current system is outmoded and unsustainable; transformation is not simply advisable but imperative." It would be interesting to find out what the PIDB would do if it were to perform a review of IC classification guidance. What would the Board members see that others have missed? And how might they contribute to a more streamlined and effective classification system? Another more focused sort of independent critique of specific classification practices could be solicited from the Privacy and Civil Liberties Oversight Board (PCLOB). This Board could be asked to identify current intelligence community classification practices that have significant implications for personal privacy, to assess their validity, and to recommend appropriate changes in secrecy policy. There are other "best practices" for classification review that already exist and that could easily be incorporated throughout the intelligence community and the executive branch as a whole.
+
+For example, the Department of Energy has a formal regulation
+(10 C.F.R. 1045.20) under which members of the public may propose declassification of information that is classified under the Atomic Energy Act. I have made use of this regulation myself. A similar provision could be envisioned by which the public could challenge the classification of privacy-related and other national security information throughout the government. While one can already request declassification review of a particular document, the proposed approach would go beyond that to challenge the classification status of an entire topical area, and to ask that it be independently revisited and reconsidered. The current executive order on national security information allows for classification challenges, but only by security-cleared employees who have already have access to the information. Naturally, the key to a successful classification challenge is that it must be reviewed impartially by someone other than the original classifier. But that is entirely achievable. In FY2012, government employees filed 402 such challenges, one-third of which were granted in whole or in part (according to data compiled by the Information Security Oversight Office). But even these internal procedures are not widely known in every agency. Anyway, recall the remark by DNI Clapper that it would have been better if the government had openly acknowledged the fact of bulk collection of telephone metadata from the very start. He didn't say that bulk collection was not properly classified. He said that even if it was properly classified, it should have been disclosed. Of course, that kind of open acknowledgment never happened, and it doesn't seem realistic that any agency would spontaneously or unilaterally disclose such information. The only way it might happen is if key classification judgments are submitted to external critical review in some form. We all have blind spots, and we all have personal or institutional interests of our own, and what we see repeatedly is that those blind spots get translated into faulty, defective policies. But it doesn't have to be that way.
+
+If you think that transparency has some virtue to it, and that unnecessary secrecy should be avoided if possible, then the point is that there are practical ways to move in that direction.
+
+*
+Beyond adjusting the nuts and bolts of the secrecy system, which is difficult but do-able, I think the IC could and should do more to release unclassified, open source analysis into the public domain.
+
+The CIA World Factbook must be one of the most popular, widely used intelligence publications ever produced. But there is so much more where that came from. The Open Source Center which I mentioned earlier not only collects and translates foreign news reports, it also does its own analysis of open source intelligence. A lot of that material is neither classified nor copyrighted and could be made available to the interested public. This would be a very direct, down to earth way for the IC to enrich the public domain and to provide the taxpayers with what you might call an increased return on investment. Unfortunately, as I said, the Open Source Center is moving in the opposite direction, blocking access to the kind of information people have relied on for decades. If I were the DNI, I would turn that around and direct the OSC to release as much unclassified material as it could.
+
+*
+In closing, I just want to say how much I appreciate your attention and your willingness to listen to my comments. I think that even when we disagree, we are all somehow part of the same enterprise. When we fight, we oppose each other with arguments, and within a framework of law. That is not something that anyone should take for granted, especially since it is not true in so many other parts of the world. Steven Aftergood saftergood@fas.org

markdown/misc/interrogation-policy.md

@@ -0,0 +1,710 @@
+# Report Of The Special Task Force On Interrogation And Transfer Policies
+
+## Introduction And Summary
+
+Executive Order 13491 directed the Special Task Force on Interrogation and Transfer Policies to undertake two missions: (1) "to study and evaluate whether the interrogation practices and techniques in Army Field Manual 2-22.3, when employed by departments and agencies outside the military, provide an appropriate means of acquiring the intelligence necessary to protect the Nation, and, if warranted, to recommend any additional or different guidance for other departments or agencies"; and (2) "to study and evaluate the practices of transferring individuals to other nations in order to ensure that such practices comply with the domestic laws, international obligations, and policies of the United States and do not result in the transfer of individuals to other nations to face torture or otherwise for the purpose, or with the effect, of undermining or circumventing the commitments or obligations of the United States to ensure the humane treatment of individuals in its custody and control." 1
+The Task Force established an Interrogation Working Group to address the first mission, and a Transfer Working Group to address the second mission. After meeting with agencies of the United States government, foreign officials, and representatives of non-governmental organizations, the Task Force reached a series of conclusions and formulated a set of recommendations relating to interrogation and transfer policy. These recommendations should be coordinated and integrated with those ofthe Detention Policy Task Force.
+
+## Interrogation: General Conclusions
+
+The Task Force's mission was to determine whether any agency other than the military should be authorized to use any interrogation practice or technique not listed in Army Field Manual 2-22.3 (the "Army Field Manual" or "Manual") in order to protect national security. The Task Force could not undertake that task in a vacuum, however, and therefore asked federal law enforcement and Intelligence Community agencies to nominate interrogation practices and techniques for consideration. No federal agency informed the Task Force that it believed that it was necessary or appropriate to national security to use any interrogation practice or technique not listed in the Army Field Manual or currently used by law enforcement. ill particular, the Central Intelligence Agency (CIA) informed the Task Force that it did not seek to use the enhanced interrogation techniques it had developed after September 11, 2001, to question highvalue detainees. The President has also announced that the United States would no longer use those techniques. Accordingly, although there may be some lawful and effective interrogation practices and techniques that are not listed in the Army Field Manual or currently used by law enforcement agencies, the Task Force did not consider whether it was appropriate or legal for any agency of the federal government to use any specific technique not contained in the Army Field Manual.
+
+Nevertheless, the Task Force studied U.S. interrogation practices as extensively as time would allow. Based on that study, it reached the following conclusions:
+
+-  The Army Field Manual's description ofpermissible interrogation
+practices and techniques provides appropriate guidance to both
+inexperienced and experienced military interrogators.
+-  Experienced intelligence and law enforcement interrogators do not rely
+solely on particular interrogation techniques but instead develop lawful
+interrogation strategies based on extensive knowledge of the detainee and
+his organization, guile and deception, the use of incentives, and other
+factors.
+-  Experienced interrogators believe that the separation of a high-value
+detainee from other detainees is often essential to effective interrogation
+and that the U.S. government should maintain a detention capability that
+allows control of the detention environment to support intelligence
+collection. The legal, policy, and oversight questions raised by the
+establishment of a detention facility in the U.S. or abroad are beyond the
+Task Force's mandate, however, and are currently under consideration by
+the Detention Policy Task Force.
+-  To train effective interrogators, the United States must give its
+interrogators opportunities and incentives to gain experience in
+interrogation, not simply train them in interrogation techniques.
+-  The Army Field Manual imposes appropriate limits on interrogation.
+Among other things, the Manual bans cruel, inhuman, or degrading
+treatment, outlaws several specific interrogation practices, and bars
+interrogators from using any interrogation technique that they would not
+wish to see used on a United States citizen.
+-  Additional research is needed on the science of interrogation and the
+potential to develop new and more effective lawful interrogation practices,
+approaches, and strategies, particularly interrogation techniques that have
+the potential to obtain information as efficiently as possible in situations
+posing the greatest threats to national security.
+
+## Recommendations
+
+The Task Force also formulated four specific recommendations:
+1.
+
+Create a High-Value Detainee Interrogation Group (HIG): The Task Force recommends the creation of an interagency group that would deploy interrogation teams composed of interrogators, subject matter experts, analysts, behavioral specialists, and linguists to conduct interrogations of high-value terrorist detainees. The HIG's primary goal would be the collection of intelligence to protect national security. Where possible and consistent with this objective, it should collect intelligence in a manner that allows it to be used as evidence in a criminal prosecution.
+
+2.
+
+Increase Intelligence Community and Law Enforcement Cooperation: Determining whether any given interrogation should seek only the collection of intelligence or a statement that could potentially be used against the detainee in a criminal prosecution should be a pragmatic decision based on the needs of national security, and not the interests or goals of a particular agency.
+
+One purpose of the HIG would be to ensure that that decision is made pursuant to settled, consistently applied criteria. Those criteria would make clear that an interrogation of a high-value detainee would be primarily to collect intelligence necessary to protect national security and, where possible and consistent with this objective, to gather information to be used in a criminal prosecution. Of course, those goals are not mutually exclusive and should be pursued in tandem whenever possible.
+
+3.
+
+Establish and Disseminate Best Practices: If created, a High-Value Detainee Interrogation Group will develop a set of best practices for interrogation.
+
+The HIG should identify and disseminate those best practices and use them to conduct training for other agencies engaged in interrogation.
+
+4.
+
+Establish a Scientific Research Program for *Interrogation:* Prior to the September 11 attacks, the United States had not engaged in a systematic effort to study and improve interrogation techniques in nearly 50 years. Although some resources have been devoted to studying interrogation since September 11, the United States should engage in a concerted effort to study the effectiveness and propriety of existing interrogation practices, techniques, and strategies and should try to develop new ones that meet the requirements of domestic law and the United States obligations under international law. Resources should be devoted both within the U.S. government and in academic and research institutions to further this goal.
+
+Transfer:
+
+## General Conclusions
+
+The Task Force identified and considered seven types of transfers conducted by the U.S. government: 2 (1) extradition, (2) transfers pursuant to immigration proceedings,
+(3) transfers pursuant to the Geneva Conventions, ( 4) transfers from the Guantanamo Bay detention facility, (5) military transfers within or from Afghanistan, (6) military transfers within or from Iraq, and (7) transfers pursuant to intelligence authorities. The Task Force did not consider transfers into U.S. custody or transfers within U.S. custody to be part of its mandate under the Executive Order.
+
+The Task Force began by identifying the legal and policy framework within which the seven categories oftransfers take place. As a legal matter, the United States has taken the view that it is barred from transferring an individual from its territory where it is more likely than not that the person will be tortured by the country to which he is transferred. As a policy matter, the United States has applied the same standard to wholly extraterritorial transfers. The Task Force also examined U.S. policies and practices with respect to obtaining and evaluating assurances from other countries that they will not torture a person transferred from the United States.
+
+The Task Force carefully considered the key criticisms of U.S. transfer practices, as well as the operational and policy interests that are served by existing practices. The Task Force concluded that, while the seven identified transfer scenarios present strikingly different considerations, important U.S. national security interests are at stake in all of them. Particularly (but not exclusively) in the area of counterterrorism, transfers are an important tool for the United States in situations where U.S. prosecution or detention is not available, but where an individual may present a real danger or have significant intelligence value. Accordingly, proposed changes to existing practice must be developed in a manner that permits the continued use oftransfers consistent with relevant humanitarian considerations. Operating within the framework ofthis general conclusion, the Task Force considered what steps could be taken to better ensure that U.S. transfer practices comply with all relevant domestic laws and policies and all relevant international obligations.
+
+## Recommendations
+
+The Task Force formulated a number of recommendations, some ofwhich apply to all of the transfer scenarios and some of which are specific to particular transfer scenarios:
+2 In this report, the Task Force has used the term "transfer" to describe a variety of different scenarios in
+
+1.
+Improving Assurances: The Task Force makes several
+recommendations aimed at clarifying and strengthening U.S. procedures for
+obtaining and evaluating assurances and increasing the use of monitoring
+mechanisms to implement assurances.
+2.
+
+Improving partner nation detention facilities and capabilities: In considering recommendations on correctional assistance, the Detention Policy Task Force should take into account that the potential for transfers is increased by better facilities in partner nations, particularly in the Middle East and South and Southeast Asia.
+
+3.
+
+Amending Department of*Homeland Security regulations:* The Task Force recommends changes to the applicable regulations to reflect the shift in responsibility for evaluating diplomatic assurances from the Immigration and Naturalization Service under the Department of Justice to the Department of Homeland Security.
+
+4.
+
+Monitoring ISAF detainees in Afghanistan: The Task Force recommends that the U.S. Embassy in Kabul should develop a risk mitigation plan to improve monitoring of the treatment of detainees transferred by U.S.
+
+members of the International Security Assistance Force to the Islamic Republic of Afghanistan, taking into account resource and other practical concerns.
+
+5.
+
+Providing comprehensive assistance to develop detention facilities in areas where large numbers of*detainee transfers are expected:* The Task Force recommends using certain aspects of the U.S. experience with the Afghan National Detention Facility as a model in current and future conflicts where the United States expects to capture a significant number of detainees, and plans eventually to transfer them to the host government.
+
+6.
+
+Negotiating assurances with host governments in future conflicts:
+The Task Force recommends that, in the future, where it appears likely that the Department of Defense will hold and ultimately seek to transfer significant numbers of detainees to a host state, the Department of Defense, in cooperation with the Department of State, should negotiate assurances with the host government to govern the treatment of transferred detainees at as early a stage in the process as possible.
+
+7.
+
+Establishing Department of*Defense policies or directives:* The Task Force recommends that the Department of Defense should adopt policies or directives governing transfers consistent with the policy statement in section
+2242(a) of the Foreign Affairs Reform and Restructuring Act of 1998 (codified at
+8 U.S.C.  1231 note) ("FARRA").
+
+8.
+
+Establishing Intelligence Community policies or directives: The Task Force recommends that elements of the Intelligence Community that may be called upon to conduct or participate in transfers should adopt policies or directives governing transfers consistent with the policy statement in section
+2242(a) of the FARRA.
+
+9. Additional recommendations applicable to the Intelligence Community:
+The Task Force formulated three additional recommendations applicable to potential transfers conducted pursuant to intelligence authorities that are contained in a classified annex to the Task Force's report.
+
+## Interrogation
+
+In light of the President's decision to prohibit the use of enhanced or coercive
+interrogation techniques used by the CIA, the Task Force broadened its mission to focus
+on ways to improve the United States' ability to interrogate high-value detainees. The
+Task Force's recommendations are as follows:
+
+## 1. Establish A High-Value Detainee Interrogation Group
+
+The United States government should establish and maintain a High-Value Detainee Interrogation Group for intelligence collection, bringing together the best interrogators and support personnel from the Intelligence Community, the Department of Defense, and law enforcement.
+
+To ensure that the best available interrogation resources are directed against the nation's most high-value counterterrorism detainees, the Task Force proposes establishing a multi-agency High-Value Detainee Interrogation Group (RIG) that would use the best capabilities of intelligence and law enforcement, as well as allied military and civilian interrogation operations, with a focus on those interrogation practices and procedures that produce timely, reliable, and actionable results. The RIG would be a joint intelligence and law enforcement entity under the administrative control of the FBI.
+
+Subject to guidance from the Counterterrorism Security Group and based on pre-existing criteria, as well as information obtained from the Intelligence Community, the RIG
+would prepare to conduct interrogations by identifying individuals who should be the subjects of a specialized interrogation capability if detained by the U.S. government or otherwise become available for interrogation. Using the same process, the RIG would prepare to interrogate currently unknown members of specific terrorist organizations if they become available for interrogation. The RIG would coordinate the creation, and supervise the training, of Mobile Interrogation Teams (MITs) to conduct interrogations of the identified individuals, members of terrorist groups, or others who met its deployment criteria. The MITs would consist of experienced interrogators, subject matter experts, analysts, behavioral specialists, linguists, and others. The MITs would ordinarily deploy
+. when the U.S. government detained or otherwise obtained the ability to interrogate a person who met the HIG's deployment criteria, subject to limitations described in the classified annex to this report. The deployment of a MIT would be subject to the approval of the Chief of Mission for the country in which the MIT would deploy and, when the detainee is in Department of Defense custody, the approval of the responsible geographic combatant commander. The RIG would also supervise the development of new methodologies for effective interrogation.
+
+The HIG's priority would be intelligence collection to prevent terrorist attacks on the United States and its allies and otherwise protect national security. Evidence collection for prosecution (which may also protect national security) would remain an important consideration, and steps should be taken to ensure that intelligence collection proceeds in a manner that does not limit future law enforcement options. In cases where the interests of intelligence collection and preservation of evidence diverge, collecting intelligence,to prevent a future attack would take precedence. Accordingly, use ofthe MITs would not carry a presumption that the detainee should be prosecuted in a criminal court in the United States or that *Miranda* warnings should be given during the interrogation.
+
+Organization: The Task Force considered three organizational models for the HIG: ( 1) a free-standing interrogation capability; (2) a "federated" model in which the HIG would be organized with resources from across the U.S. government on a case-bycase basis; and (3) a "hybrid" model involving a small permanent nucleus of people modeled on the Foreign Emergency Support Team (FEST) and augmented on a case-bycase basis for individual deployments. The Task Force recommends the third, or hybrid, model. This small group would be drawn from agencies in the Intelligence Community and would be responsible for maintaining training and exercise programs, the administrative aspects of deployments, and managing an overall research program. This approach should provide greater stability and clarity of operational authority than the federated model, while maintaining flexibility by keeping resources in individual agencies.
+
+Under the hybrid model, individual agencies would be expected to establish and maintain minimum standards of training for individuals who are serving in the HIG or who are identified to deploy in a MIT. Agencies would also be expected to participate fully in the development and implementation of the HIG concept. The HIG
+administrative office would be responsible for the following activities with guidance and direction from the National Security Council's Counterterrorism Security Group:
+
+-  Managing the MIT interrogation program;
+-  Establishing interrogation priorities for the MITs;
+-  Developing policy, doctrine, and procedures for interrogations of high-value
+detainees;
+-  Based on information obtained from the Intelligence Community, identifying
+high-value detainees subject to interrogation if detained by the U.S.
+government or otherwise available for interrogation;
+-  Deploying MITs to interrogate high-value detainees who are on the HIG list
+or meet the HIG's criteria;
+-  Ensuring that a participant in the interrogation is prepared to testify if a
+determination is made that United States prosecution is a possible objective
+for disposition ofthe detainee;
+-  Setting and enforcing interrogation and training standards for the MITs;
+-  Conducting exercises to strengthen HIG collaboration and cooperation and
+ensure smooth support to future operations;
+-  Sponsoring and coordinating interrogation research activities; and
+-  Disseminating research results to the U.S. government interrogation
+community.
+While the HIG would provide the strategic and administrative backbone for the effort, other Intelligence Community and law enforcement agencies would provide operational capability, training, and research support.
+
+Governance: The Task Force recommends that the HIG be subject to the administrative supervision and control of a single agency. After evaluating potential agencies, the Task Force recommends that the FBI serve as the administrative headquarters for this multi-agency effort. Although other agencies also have existing interrogation capabilities, logistical support for communications and transportation, or operational and analytical programs focused on terrorism, the Task Force concluded that putting the HIG within the FBI will strengthen the public perception of legal oversight of the activity and dovetail with the FBI's existing intelligence and law enforcement programs focused on terrorism suspects. The recommendation is intended to align the HIG with the FBI's intelligence functions; it is not intended to make the FBI's law enforcement function the primary purpose of the HIG. As set forth above, the HI G's priority would be intelligence collection to prevent terrorist attacks on the United States and its allies and otherwise to protect national security.
+
+As an entity within the FBI, the HIG would have a chief drawn from that agency who would have over-all command of the HIG and supervision of the composition, training, and deployment of the MITs. To ensure input into the governance of the HIG
+from other components of the Intelligence Community, the Task Force recommends that its deputy should be drawn from another Intelligence Community agency. In addition, the HIG would be subject to oversight, as discussed below.
+
+Oversight: The Task Force agreed that the HIG should be subject to oversight to ensure appropriate policy guidance, effective interagency coordination, and compliance with the rule oflaw. The Task Force recommends that this policy and coordination oversight should be exercised by the Counterterrorism Security Group (CSG) of the National Security Council and by the NSC Deputies and Principals Committees, as necessary and appropriate. Legal issues that arise concerning compliance with U.S.
+
+domestic law and international legal obligations regarding the interrogation and treatment of detainees will be evaluated by the Department of Justice, in coordination with attorneys at the relevant agencies and the NSC/White House.
+
+Mobile Interrogation Teams: A key element ofthe HIG is the establishment of Mobile Interrogation Teams (MITs) that would deploy to conduct interrogations ofhighvalue detainees. A presumption would exist that the MITs would deploy to conduct the interrogation of a high-value detainee previously identified by the HIG, or who met the RIG's criteria, if the U.S. government detained or obtained the ability to interrogate the individual. The MITs would consist of interrogators, subject matter experts, analysts, behavioral specialists, and linguists drawn from existing programs, as needed. MIT
+interrogators would be U.S. government employees, would have specific expertise in interrogation, and would train to hone these skills and maintain current knowledge of terrorist groups, geographic regions, and relevant intelligence requirements. MIT subject matter experts, including law enforcement case agents and intelligence analysts with the greatest knowledge of a specific detainee or a specific subject matter, and others as needed, would provide detainee-specific and group-specific knowledge to the MIT during interrogation. The HIG would determine MIT membership for individual deployments based on available personnel from Intelligence Community and law enforcement agencies.
+
+Individual agencies participating in high-value detainee interrogation operations would be required to:
+
+-  Establish and maintain current capabilities for interrogation;
+-  Train to standards set by the RIG; -  Maintain readiness to respond to RIG deployments;
+-  Participate fully in exercises, both operationally and administratively, as
+necessary;
+-  Provide onsite command and control where required; and
+-  Deploy and operate in accordance with guidance and objectives set by the
+HIG and the CSG consistent with existing laws, executive orders, directives,
+and interagency agreements that govern deployment and activities of the
+government executive branch employees overseas.
+The Task Force concluded that the MITs must train and exercise together frequently to be effective. Several experienced interrogators told the Task Force that interrogation is less likely to succeed when an interrogator meets a supporting analyst or the interpreter immediately before an interrogation. Training should facilitate long-term working relationships and allow a MIT to develop interrogators who can work effectively with an interpreter and who know they can rely on the supporting subject-matter experts and analysts. In addition, by training and deploying together, MITs would develop the most effective approaches to interrogation and be in the best position to provide input to researchers studying ways to improve interrogation.
+
+The Task Force also considered whether the HIG could operate domestically by, for example, deploying an MIT to interrogate a high-value detainee or terrorism suspect captured in-the United States. In the end, the Task Force concluded that the question whether the HIG would operate domestically was outside its mission, although it believes the question of domestic deployment warrants further consideration.
+
+Logistical and Administrative Issues: The Task Force discussed several other administrative and logistical issues relating to the creation of the HIG and deployment ofMITs. The Task Force determined, however, that these details were more appropriately addressed in an implementation plan.
+
+## 2. Increase Intelligence Community And Law Enforcement Cooperation And Collaboration Against High-Value Detainees.
+
+Leverage relevant authorities and capabilities to maximize both intelligence collection and potential criminal prosecution.
+
+When the U.S. government detains or obtains access to a high-value detainee, it must often decide whether or not an interrogation ofthat detainee will have as an objective eliciting a statement that can be used against the detainee in a criminal prosecution in the United States or another country. The objectives of an interrogation may affect the course of the interrogation and the identity ofthe interrogator. Creating a consolidated team of interrogators with a variety of interrogation styles and experiences under unified leadership would make it possible to employ the most effective interrogation strategy for individual high-value detainees. Ideally, the MITs will know, in advance of deployment, the desired disposition of the detainee developed in the interagency planning process - U.S. or foreign prosecution, release, long-term detention, or deportation - and develop an interrogation plan that is tailored to the particular detainee and the desired disposition. By evaluating the potential for and possible interest in criminal prosecution prior to an interrogation, the HIG, with policy guidance from the CSG, can make appropriate decisions regarding the composition of the team, the strategy and sequence ofthe interrogation, and other issues that may affect the ability to prosecute the detainee. All planning and training should retain a significant degree of flexibility to account for the possibility of unforeseen developments in any capture and interrogation of a high-value detainee.
+
+## 3. Establish Best Practices And Disseminate Them To The Interrogation Community
+
+The HIG should continue to develop concepts ofbest practices and disseminate these to agencies that conduct interrogations.
+
+The MITs will develop a set of best practices for interrogation. Those practices will include improved interrogation strategies, training regimes, and methods of organizing interrogation teams. In particular, because the MITs will be on the front lines of interrogation and will confront some ofthe most hardened and resistant terrorist suspects, they will be in the best position to develop new and effective interrogation practices as necessary.
+
+For these reasons, the Task Force recommends that the HIG create a process for identifying and cataloging best practices. In addition, processes should be established for disseminating the fruits ofthe HIG's experience to other agencies that conduct interrogation. For example, the HIG could conduct regular training for other agencies.
+
+That kind of training would also allow for a healthy exchange ofideas between the HIG
+and other agencies, including law enforcement agencies.
+
+## 4. Establish A Scientific Research Program To Develop Improved Techniques And Methodologies For Interrogation
+
+Establish a program and corresponding budget to oversee a comprehensive scientific study to research and develop more effective interrogation methodologies.
+
+There is little existing scientific research assessing current interrogation approaches, including those listed in the Army Field Manual. Although some research has addressed the effectiveness of interviewing and interrogation techniques used by law enforcement agencies, the conclusions of those studies are not necessarily applicable to the interrogation of high-value detainees. Nor does the United States have a systematic mechanism to capture lessons learned and develop case studies on interrogation.
+
+To remedy these deficiencies, a long-term research program should be established to develop and oversee research on interrogation. Most Task Force members agree that the HIG would be the most effective entity to manage such a program, as the HIG would have the most significant substantive experience. It would house experts dedicated to ensuring that research is relevant and applicable to real-world interrogation. The research itself would be conducted by Intelligence Community members and academic and research institutions. The HIG should manage the study of foreign civilian and military intelligence and law enforcement methodologies to learn from the experience of foreign governments. The HIG should also ensure that the research would focus on the most difficult cases and issues.
+
+Any such program would adhere to all applicable U.S. government guidelines for scientific experimentation and research. Topics of research could include the following:
+
+-  The standards and assumptions inherent in the Anny Field Manual and law
+enforcement communities;
+-  The comparative effectiveness of interrogation approaches and techniques, with
+the goal of identifying the existing techniques that are most effective and
+developing new lawful techniques to improve intelligence interrogations; and
+-  Identification of additional lawful methods of obtaining information from an
+individual in the truncated timeframe that the United States may face in a crisis.
+Research methods could involve the following:
+
+-  Substantive exchanges between practitioners on what worked and what did not, to
+document lessons learned and capture actual interrogation experiences. Research
+should study both successes and failures;
+-  Developing case studies and teaching tools for continuing education of current
+interrogators, as well as to train new interrogators; and
+-  Applying social science theories to interrogation. Studies ofrelevant subjects
+such as persuasion, sources ofpower, interests and identities, stress, resistances,
+and memory were identified by the Intelligence Science Board as being extremely
+relevant to interrogation.
+Developing a research program and its corresponding budget would require significant resources. The Task Force recommends that as part of the creation ofthe HIG, funding for such a research program should be included for future budget requests.
+
+## Transfer
+
+Transfers ofpeople from U.S. custody to the custody of another government arise in a variety of contexts. Some of these transfers arise in contexts in which the international and domestic legal framework is well-established - such as extradition.
+
+Other transfers, though lawful, take place in contexts in which the legal framework is less well-defined. All ofthese transfers can raise important legal and policy issues. These issues relate primarily to the treatment of the person who is being transferred, but in some situations also include other issues such as whether the sovereignty of the country from which or through which a transfer takes place has been respected. Furthermore, U.S.
+
+policies on transfers must be developed in conjunction with U.S. policies on apprehension and detention, as these are inter-related elements of our counterterrorism efforts.
+
+Critics of U.S. transfer practices have expressed a number of concerns. Some of these concerns have been focused primarily on transfers reportedly conducted or facilitated by elements of the Intelligence Community. For example, some have argued that the apparent lack ofprocedural protections involved in any secret transfer inevitably leads to cases ofmistaken identity, resulting in the transfer of innocent people against their will. Others have expressed concerns about the lack of legal process for the individuals in the host or receiving state and about the implications for the sovereign rights of countries from which or through which secret transfers may take place.3
+One concern that has been expressed about U.S. transfer practices across the full range of scenarios is whether the United States has taken adequate steps to protect against torture or other forms of mistreatment after the transfer has taken place. In particular, one aspect of U.S. transfer practice that has come under particular scrutiny is the use of assurances obtained from the receiving country as a safeguard against post-transfer mistreatment. Many groups have argued that assurances should never be used for this purpose. Others have adv_ocated the imposition of controls on the use of assurances to make them more reliable. The groups that have taken these positions have expressed a number of concerns about the use of assurances to prevent mistreatment after transfer.
+
+First, critics of assurances point to a number of cases in which assurances appear to have failed to protect individuals who have been transferred. The Maher Arar case is frequently cited by critics of U.S. transfer practices, as are a handful of Guantanamo transfer cases involving Tunisia and Russia. Such critics argue that neither the transferring nor the receiving state has an incentive to report publicly that the receiving state has failed to respect the assurances it provided.
+
+Second, some argue that assurances are inherently untrustworthy, because a transferring state would only seek assurances in cases in which it had some concern that the receiving state would engage in torture. A related point is that many of the countries where torture is a problem may be sincere in making a commitment not to torture but may lack the ability to follow through on the assurance. Third, torture is inherently difficult to discover because it is almost always done in secret. Those who engage in torture may be skilled at using techniques that do not leave visible marks, and a victim of torture may be afraid to report it, even if there is some monitoring of his or her case.
+
+Assurances, it is argued, do nothing to alleviate these problems, even if they include some kind of monitoring mechanism.
+
+These criticisms about U.S. transfer practices, and in particular about the use of assurances, raise a number of significant concerns that need to be taken into account in shaping U.S. policy. However, they should be considered in light of several additional important points. First, while concerns about assurances not being respected must be taken seriously, the Task Force is unaware of any comprehensive study on state practice regarding implementation of and compliance with assurances. There have also been cases where assurances have been used successfully. For example, ofthe more than 550
+detainees transferred or released from Guantanamo, there have been only a very few complaints about treatment that violated the assurances obtained by the USG. Thus the Task Force believes that the facts point toward the need for careful case-by-case assessments of assurances, rather than a blanket rejection of the practice.4
+Second, the criticism that countries willing to violate their binding obligations not to torture will by definition be willing to violate any non-binding bilateral assurances assumes that a generalized multilateral commitment is no different than a case-specific bilateral commitment. This assumption does not hold true in all cases. Particularly in context of a multi-faceted bilateral relationship, a country may have a far greater incentive to live up to a specific bilateral assurance than to its obligations under the CAT
+generally. This is particularly true where a case-specific monitoring mechanism is part of the assurance.
+
+Some have argued that the United States should never transfer someone who alleges any kind of fear ofmistreatment in the receiving state. The Task Force concluded that this position was unworkable. Without undermining credible concerns about torture and United States' legal obligations with respect to transfers, transfers and assurances must be considered in the context of the practical reality in which transfers take place.
+
+Many ofthe detainees held by the United States would pose a significant threat if released into the United States, and many would be considered dangerous even if released into other countries. Moreover, for a variety of reasons, only a small percentage of these detainees held by the United States in recent years have been or can be prosecuted.
+
+The United States also has a strong interest in transferring people in other circumstances, such as in the traditional extradition or deportation contexts. These types of transfers can raise many of the same issues as transfers that take place in the context of armed conflicts. Furthermore, even where U.S. prosecution is an available option, this only serves to delay the issue of transfer in many situations, rather than removing the need to consider it altogether. Unless prosecution results in the death penalty or life in prison, there is a strong chance that the United States will have an interest in transferring the person after he has completed his sentence (or if found not guilty, after trial) in order to avoid releasing a dangerous person into the United States. In fact, maintaining a robust transfer option may actually facilitate prosecutions in the sense that the USG may otherwise be reluctant to take custody of a person for prosecution if the expected result is that the United States will be unable to remove the person from the country after completion of his sentence.
+
+Given the importance of transfers to the national security interests of the United States, while the use of assurances raises difficult questions, it will often be an important tool available to help balance competing considerations. In other words, transfers facilitated by credible assurances may be preferable to the other options available to the United States - releasing potentially dangerous people (or declining to capture them in the first place), returning people to foreign governments without assurances against mistreatment, or trying to detain them indefinitely. In this context, the Task Force has concluded that assurances are a tool that needs to be retained to facilitate necessary transfers while minimizing the chances of mistreatment.
+
+## I. General Recommendations Applicable To All Types Of Transfers
+
+A.
+Strengthening U.S. procedures for preventing transfers where torture is
+more likely than not
+
+## 1. Clarify And Strengthen Procedures For Obtaining Assurances.
+
+Recommendation: In situations where the appropriate entity within the USG
+decides that assurances should be obtained prior to conducting a transfer, the Task Force recommends that U.S. practice should at a minimum include the following requirements,:
+-- The Executive Branch should seek a specific commitment from the receiving state that it will not torture the individual.
+
+-- The assurances should refer to the receiving state's obligations under the Convention Against Torture (CAT) or comparable international obligations and, where appropriate, to the receiving state's domestic law (including relevant provisions criminalizing torture).
+
+-- If an individual has raised a particularized, reasonable, and credible concern about torture (by a specific agency in the receiving state, for example), assurances should address that concern (for example, by having the receiving state agree that the individual will not be held by the agency of concern).
+
+## 2. Improve Usg Capabilities To Evaluate Assurances Recommendations:
+
+-- Ifthe agency responsible for making the transfer decision is not the Department of State, it should be required to consult with the Department of State or the Chief of Mission at an appropriate embassy in assessing the reliability and credibility of all assurances obtained, regardless of which agency obtained the assurances. (The only exception to this rule would be for military-to-military agreements for the transfer of detainees under the laws of war pursuant to coalition and bilateral operations.) While this evaluation may slow the process in some cases, the Task Force believes that the costs of such a delay are outweighed by the benefit of bringing the Department of State's expertise into the process of evaluating posttransfer treatment. The Department of State's involvement has a number of potential advantages. First, the Department has the most expertise within the USG on human rights conditions in other countries. Second, the Department has the broadest perspective on U.S. relations with other countries, which is useful in evaluating the context in which assurances may be given. Third, having one government agency evaluate all assurances would be beneficial insofar as the agency would develop a body of experience relevant to the evaluation of future assurances.
+
+-- While the Task Force recognizes that using diplomatic channels to obtain assurances is not always the most effective approach and should not be used in every case (except in extradition cases), it has concluded that the State Department should be involved in evaluating assurances in all cases.
+
+-- The Department of State should provide adequate guidance to Chiefs of Mission to ensure that they coordinate their involvement in these issues with Department of State headquarters. State also should ensure that it can provide rapid assistance to other agencies when it receives an urgent request to evaluate assurances.
+
+-- The Executive Branch should strengthen its internal structures for evaluating assurances by developing effective interagency information-sharing mechanisms, in order to ensure that all relevant agencies have timely access to available information about U.S. transfer experiences with the receiving states, including any available information on the implementation and monitoring of assurances.
+
+-- The final decision on whether to transfer someone in reliance on an assurance provided by the receiving state should be made by the head or deputy head of the agency responsible for the transfer or an appropriately senior designee or a Deputies Committee or Principals Committee.
+
+-- Factors that the United States should consider in evaluating the credibility and reliability of assurances include: (1) information concerning the judicial and penal conditions and practices of the country providing assurances; (2) U.S. relations with the receiving country, including diplomatic relations as well as military, intelligence, or law enforcement relations as appropriate; (3) the receiving state's capacity and incentives to fulfill its assurances; ( 4) political or legal developments in that country that would provide context for the assurances; ( 5) that country's record in complying with similar assurances previously provided to the United States or another country; (6) any information on the identity, position, or other relevant facts concerning the person providing the assurances that bear on the reliability of those assurances; and (7) the relationship between that person and the entity that will detain the person or otherwise monitor his activity.
+
+-- The Inspectors General of the Department of State, the Department of Defense, and the Department of Homeland Security should prepare annually a coordinated report on transfers conducted by each of their agencies in reliance on assurances.
+
+The report should, with due regard for confidentiality and classification of information, address the process for obtaining the assurances, the content of the assurances, the implementation and monitoring of the assurances, and the posttransfer treatment of the person transferred.
+
+3.
+Increased use of monitoring mechanisms to implement assurances.
+
+## Recommendations:
+
+-- In all cases in which the United States obtains assurances, the agency or department obtaining the assurances should insist on the inclusion of a monitoring mechanism in the assurances it seeks or otherwise establish a monitoring mechanism, unless there is a compelling reason not to do so. In general, such monitoring mechanisms should provide for consistent, private access to the individual who has been transferred, with minimal advance notice to the detaining government.
+
+-- The specific form of monitoring may depend on the circumstances. For example, in some cases, monitoring may be more appropriately done by the USG, although the appropriate agency to conduct the monitoring may vary based on the circumstances. In other cases, monitoring by an outside group may be more effective. Where appropriate, the agency obtaining the assurances should consider whether other countries have monitoring mechanisms in place that the USG could employ or use as a model. In some cases, it may be possible to work with another country to jointly use the same monitoring mechanism. The possibility of seeking intelligence to assist in monitoring should also be considered.
+
+-- Agencies involved in obtaining and evaluating assurances should work together to develop guidelines for how to deal with countries that have failed to live up to their assurances, including when and how changes in circumstance should affect the USG's view ofpast failures to abide by assurances. This process should be coordinated by the National Security Council as necessary.
+
+The three sets ofrecommendations set forth above related to Executive Branch processes for obtaining, evaluating and monitoring assurances are particularly important in light of the fact that, in some contexts, assurances have been held to not be subject to judicial review. See Ahmad v. *Wigen,* 910 F.2d 1063 (2d Cir. 1990), and Kiyemba v.
+
+Obama 561 F.3d 509 (D.C. Cir. 2009). But see Khouzam v. *Attorney General,* 549 F.3d
+235 (3d Cir. 2008).
+
+## B. Maintain The Standard For Evaluating Transfers
+
+Recommendation: The United States should maintain its current legal and policy restrictions on transferring anyone from U.S. custody where it is more likely than not that the person will be tortured.
+
+States traditionally have had broad latitude to craft their immigration policies, but they have accepted certain legal limitations regarding when they may deport or expel people from their territories. In particular, states such as the United States that are parties to the Convention Relating to the Status of Refugees or its Protocol generally may not forcibly return a refugee to a place where his life or freedom would be threatened because of his race, religion, or political opinions, among other reasons. Similarly, the United States is a party to the Convention Against Torture and Other Cruel, Inhuman or Degrading Treatment or Punishment (the "CAT"). Article 3 ofthe CAT states:
+
+"l. No State Party shall expel, return ('refouler') or extradite a person to another
+State where there are substantial grounds for believing that he would be in danger
+of being subjected to torture.
+2. For the purpose of determining whether there are such grounds, the competent
+authorities shall take into account all relevant considerations including, where
+applicable, the existence in the State concerned of a consistent pattern of gross,
+flagrant or mass violations ofhuman rights."5
+Pursuant to the treaty understanding approved by the U.S. Senate and included in the U.S. instrument of ratification, the United States interprets the phrase "where there are substantial grounds for believing that he would be in danger ofbeing subject to torture," as used in Article 3 of the CAT, to mean "if it is more likely than not that he would be tortured."6 The Article 3 prohibition is absolute. Unlike non-refoulement in the refugee context, a potential transferee, no matter how dangerous, cannot be sent from the United States to another country if it is more likely than not that he or she will face torture there. These prohibitions on transferring a person to a foreign country based on the likelihood that the person would be subject to a specific harm in that country often are referred to collectively as the principle of "non-refoulement."
+The United States has previously interpreted Article 3 to impose legal obligations on the U.S. only with respect to individuals who are transferred from the territory of the United States. 7 In light of the United States' stated policy commitment not to send any person, no matter where located, to a country in which it is more likely than not that the person would be subject to torture, this report does not address the legal question whether the negotiating history, and the U.S. record of ratification, as well as the U.S. Supreme Court's interpretation of similar language in the Refugee Convention. See Sale v. *Haitian Ctrs. Council,* 509 U.S.
+
+153 (1993). Other states and international bodies, however, assert that Article 3 of the CAT applies to wholly extraterritorial transfers. Some take a broad view of the situations in which non-refoulement obligations legally attach - not just to expulsions, returns, or extraditions, but to any transfers of people from the custody of one state to another, wherever located. Yet others argue that, as a matter of customary law or by operation of Article 7 of the International Covenant on Civil and Political Rights, nonrefoulement obligations extend to situations in which the sending state believes that the person may face cruel, inhuman, or degrading treatment or an unfair trial. (Article 7 of the ICCPR states, in part, that '[n]o one shall be subject to torture or to cruel, inhuman or degrading treatment or punishment." The U.S. has not agreed with the view that this text contains an implicit non-refoulement obligation nor with the view that the covenant applies extraterritorially.)
+Article 3 applies to transfers conducted by the United States that are initiated outside of U.S. territory.
+
+The Task Force considered whether, as a policy matter, the United States should adopt a different standard than the "more likely than not to be tortured" standard in evaluating potential transfers. In particular, the Task Force considered whether to recommend that the United States adopt a "cruel, inhuman, or degrading treatment" or
+"humane treatment" standard. However, the Task Force ultimately decided against recommending such a change in standard for several reasons. First, changing the standard would not respond to the criticism that the U.S. has failed effectively to enforce the existing standard. Second, such a change would create significant complications.in at least some areas of U.S. transfer practice, such as extradition and immigration removal cases, where U.S. practice is subject to a complex and long-standing framework of international and domestic law and practice. _Third, the Task Force concluded that the adoption of a new standard could have uncertain operational consequences. Accordingly, and in light of the other recommendations in this report and the understanding of the Task Force that agencies that conduct transfers have a practice of looking beyond the narrow, legal definition of torture in evaluating whether to transfer a person or in obtaining assurances, the Task Force concluded that a change of standard or practice is not warranted.
+
+## C. Improve Partner Nation Detention Facilities And Capabilities Recommendations:
+
+-- In considering recommendations on correctional assistance, the Detention Policy Task Force should take into account that the potential ability to transfer is increased by better facilities in partner nations, particularly in the Middle East and South and Southeast Asia. In considering additional assistance in this area, the United States should consider whether other partner states are engaged in similar activities and ensure, to the greatest extent possible, that it works cooperatively with those states to avoid duplication of effort.
+
+Perhaps the most important way to minimize U.S. concerns about transfers to foreign states is for those states of concern to develop safe and humane detention or prison facilities and a work force for these facilities that is well trained, adequately paid, and subject to appropriate oversight. Helping foreign governments - particularly in countries where it is reasonably likely that the United States will wish to transfer individuals in the future - improve their detention capabilities consistent with their human rights obligations is a worthwhile, albeit long-term, goal. Current U.S. law imposes certain limitations on the USG's ability to provide foreign assistance to support foreign police and prisons, but such assistance is not barred.
+
+## D. Create A List Of Countries To Which Transfers Are Barred
+
+Recommendation: The United States should not create a list of countries to which transfers will be barred.
+
+The Task Force also considered whether the USG should create a list of countries with the worst records on treatment of detainees or a history of failing to honor assurances that the United States or other governments have obtained. Transfers to countries on this list would be barred. Such an approach would respond directly to the criticism that some countries' human rights records render their assurances inherently untrustworthy. It would also be a way to demonstrate that the United States takes the assurances process seriously and establish consequences for countries that violate assurances they have given.
+
+However, this "black-listing" approach also has a number of disadvantages. First, the credibility and reliability of assurances is inherently context-specific. The person to be transferred, the government entity to which he is to be transferred, the prevailing political circumstances, and other factors all play critical roles in determining likely treatment after transfer. A black list is not well-suited to making such context-specific judgments. In addition, such a list may be difficult to alter and may not reflect the most up-to-date assessment by the USG of the likelihood that the country will live up to its assurances in future cases. For example, a change in the government of a country could increase confidence in that country's willingness to adhere to its assurances, but it may be politically impossible to remove the country from the list - thereby unnecessarily hampering the USG's ability to transfer to that country.
+
+Even without such a blacklist approach, as a practical matter, if a country is found to have violated assurances it has given in connection with transfers, and no change in circumstance intervenes, the USG is unlikely to be able to rely on assurances to transfer anyone to that country again.
+
+## Ii. Specific Recommendation For Immigration Proceedings A. Update Applicable Regulations
+
+Recommendation: Current regulations pertaining to the treatment of aliens entitled to protection under the CAT were implemented in 1999, before the Department of Homeland Security was created. 8 The Task Force recommends changes to the applicable regulations to reflect the shift in responsibility for evaluating diplomatic assurances from the Immigration and Naturalization Service under the Department of Justice to Immigration and Customs Enforcement and U.S. Citizenship and Immigration Services under the Department of Homeland Security. The Department of Justice continues to adjudicate claims for CAT protection in formal removal proceedings through the Executive Office for Immigration Review (EOIR), a Department of Justice entity.
+
+Clarifying the decision-making roles ofthe different agencies is important to maintaining an open and transparent process.
+
+## Iii. Specific Recommendations For Military Transfer Scenarios
+
+A.
+Improved monitoring of detainees transferred from ISAF to the Islamic
+Republic ofAfghanistan.
+Recommendation: The U.S. Embassy in Kabul should develop a risk mitigation plan to improve monitoring of the treatment of detainees transferred by U.S.
+
+forces acting under International Security Assistance Force (ISAF) to the Islamic Republic of Afghanistan (IROA), taking into account resource and other practical concerns.
+
+The United States and ISAF partners concluded an agreement with the IROA that gives extensive access to detainees whom ISAF forces have transferred to the IROA.
+
+However, the U.S. government has yet to implement processes as robust as those the USG's ISAF partners have implemented with respect to the access provided by this agreement. The Task Force notes that in other military situations, the Department of Defense may be better situated to undertake monitoring in future conflicts.
+
+B.
+Consider comprehensive training and infrastructure assistance projects to
+develop adequate detention facilities in areas where large numbers of
+detainee transfers are expected.
+Recommendation: The Task Force recommends using elements ofthe USG
+experience with the Afghan National Detention Facility ("ANDF") as a model in current and future conflicts where the United States expects to capture significant numbers of detainees and eventually to transfer them to the host government.
+
+In April 2007, the ANDF began operating near Kabul. The facility was renovated by the United States to assist Afghanistan in holding and prosecuting former Guantanamo and Bagram detainees. The USG also trained the guard force, and maintains a presence at the facility. On the whole, the Task Force believes that this facility has been quite successful in handling detainees without serious allegations of abusive treatment.9 A
+similar approach, particularly with respect to the training of the guard force and the U.S.
+
+presence at the facility intended to prevent abusive treatment, may facilitate transfers in other conflicts.
+
+## C. Negotiate Assurances With Host Governments As Early As Possible In Future Conflicts.
+
+Recommendation: The Task Force recommends that, in the future, where it appears likely that the Department of Defense will hold and ultimately seek to transfer a significant numbers of detainees in a situation where no other specific legal framework governing transfers applies (such as applicable provisions of the Geneva Conventions or a United Nations Security Council Resolution), the Department of Defense, in cooperation with the State Department, should negotiate assurances with the host government, ifpossible, at an early stage in the process to govern treatment of transferred detainees.
+
+While concerns about torture usually arise in individualized contexts, there are situations in which the U.S. government may have serious concerns about whether a group of detainees captured during an armed conflict be tortured, treated inhumanely, or otherwise mistreated if transferred to a particular government's detention system. In these situations, there may be a tension between the limitations imposed on the U.S. military presence in another country where that presence depends on the country's consent (including consent to detain), and the U.S. commitment to avoid transfers where it is more likely than not that the person to be transferred will be tortured.
+
+To address this problem, the Task Force believes that the issue of transfers should be confronted at an early stage in the military deployment.
+
+## D. Department Of Defense Policies Or Directives
+
+Recommendation: The Department of Defense should promulgate policies or directives consistent with the policy statement in Section 2242(a) of the 1998
+Foreign Affairs Reform and Restructuring Act. Such policies or directives should include an express statement that the Department of Defense may not transfer any person to a foreign entity where it is more likely than not that the person will be tortured.
+
+As a matter of U.S. domestic law, Section 2242(b) of the 1998 Foreign Affairs Reform and Restructuring Act directed the heads ofthe appropriate agencies to prescribe regulations to implement the U.S. obligations under CAT Article 3. 10 The Justice and State Departments promulgated regulations to implement these obligations in the immigration and extradition contexts, respectively. 11 Immigration and extradition are the two contexts in which the U.S. obligations under the CAT are engaged directly, as they involve transfers from U.S. territory to another state. Section 2242 also contains a policy
+10 8 U.S.C.  1231 note.
+
+statement that asserts, "[I]t shall be the policy of the United States not to expel, extradite, or otherwise effect the involuntary return of any person to a country in which there are substantial grounds for believing the person would be in danger of being subjected to torture, regardless of whether the person is physically present in the United States." This recommendation is to implement this policy directive.
+
+## Iv. Specific Recommendations For Any Transfers That May Take Place By Or With The Support Of Elements Of The Intelligence Community
+
+The Task Force formulated a number ofrecommendations that would apply to transfers conducted pursuant to intelligence authorities. With the exception ofthe recommendation that follows immediately below, these recommendations are found in the classified annex.
+
+## A. Intelligence Community Policies Or Directives Recommendations:
+
+-- The Director ofNational Intelligence, in consultation with the relevant elements of the Intelligence Community, and subject to the direction and approval of the National Security Adviser, should draft and promulgate general policy guidance to the Intelligence Community concerning transfers. This guidance should be public and should be consistent with Section 2242(a) of the 1998 Foreign Affairs Reform and Restructuring Act.
+
+-- Elements ofthe Intelligence Community that may be called upon to conduct or participate in transfers should adopt implementing regulations or directives for their conduct, including standards for secure and humane treatment of detainees.
+
+during transportation, and an express statement that the Intelligence Community element may not transfer any person to a foreign entity where it is more likely than not that the person will be tortured and a requirement that the element will take appropriate steps to investigate any credible allegations that a transferred person has been subjected to torture by a foreign entity. The regulations or directives should make clear that these considerations are an express part of the review process required before approving a transfer conducted or facilitated by an element of the Intelligence Community.
+
+## Appendix A
+
+Executive Order 13491
+THE WHITE HOUSE
+Off ice of the Press Secretary For Immediate Release January 22,
+2009
+
+## Executive Order Ensuring Lawful Interrogations
+
+By the authority vested in me by the Constitution and the laws of the United States of America, in order to improve the effectiveness of human intelligence-gathering, to promote the safe, lawful, and humane treatment of individuals in United States custody and of United States personnel who are detained in armed conflicts, to ensure compliance with the treaty obligations of the United States, including the Geneva Conventions, and to take care that the laws of the United States are faithfully executed, I hereby order as follows:
+Section 1.
+
+Revocation.
+
+Executive Order 13440 of July 20, 2007, is revoked.
+
+All executive directives, orders, and regulations with this order, including but not limited to those issued to or by the Central Intelligence Agency (CIA) from September 11, 2001, to January 20, 2009, concerning detention or the interrogation of detained individuals, are revoked to the extent of their inconsistency with this order.
+
+Heads of departments and agencies shall take all necessary steps to ensure that all directives, orders, and regulations of their respective departments or agencies are consistent with this order.
+
+Upon request, the.Attorney General shall provide guidance about which directives, orders, and regulations are inconsistent with this order.
+
+Sec. 2.
+
+Definitions.
+
+As used in this order:
+(a)
+"Army Field Manual 2-22. 3" means FM 2-22. 3, Human Intelligence Collector Operations, issued by the Department of the Army on September 6, 2006.
+
+(b)
+"Army Field Manual 34-52" means FM 34-52, Intelligence Interrogation, issued by the Department of the Army on May 8, 1987.
+
+(c)
+"Common Article 3 11 means Article 3 of each of the Geneva Conventions.
+
+(d)
+"Convention Against Torture" means the Convention Against Torture and Other Cruel, Inhuman or Degrading Treatment or Punishment, December 10, 1984, 1465 U.N.T.S.
+
+85, s.Treaty Doc. No. 100-20 (1988).
+
+(e)
+"Geneva Conventions" means:
+(i)
+the Convention for the Amelioration of the Condition of the Wounded and Sick in Armed Forces in the Field, August 12, 1949 (6 UST 3114);
+(ii)
+the Convention for the Amelioration of the Condition of Wounded, Sick and Shipwrecked Members of Armed Forces at Sea, August 12, 1949
+(6 UST 3217);
+(iii)
+the Convention Relative to the Treatment of Prisoners of War, August 12, 1949 (6 UST
+3316); and
+(iv)
+the Convention Relative to the Protection of Civilian Persons in Time of War, August 12,
+1949 (6 UST 3516).
+
+(f)
+"Treated humanely," "violence to life and person," "murder of all kinds," "mutilation," "cruel treatment," "torture," "outrages upon personal dignity,"
+and "humiliating and degrading treatment" refer to, and have the same meaning as, those same terms in Common Article 3.
+
+(g)
+The terms "detention facilities" and
+11 detention facility" in section 4(a) of this order do not refer to facilities used only to hold people on a short-term, transitory basis.
+
+## Sec. 3. Standards And Practices For Interrogation Of Individuals In The Custody Or Control Of The United States In Armed Conflicts.
+
+(a)
+Common Article 3 Standards as a Minimum Baseline.
+
+Consistent with the requirements of the Federal torture statute, 18 U.S.C. 2340-2340A, section 1003 of the Detainee Treatment Act of 2005, 42 U.S.C. 2000dd, the Convention Against Torture, Common Article 3, and other laws regulating the treatment and interrogation of individuals detained in any armed conflict, such persons shall in all circumstances be treated humanely and shall not be subjected to violence to life and person (including murder of all kinds, mutilation, cruel treatment, and torture), nor to outrages upon personal dignity (including humiliating and degrading treatment), whenever such individuals are in the custody or under the effective control of an officer, employee, or other agent of the United States Government or detained within a facility owned, operated, or controlled by a department or agency of the United States.
+
+(b)
+Interrogation Techniques and Interrogation-
+Related Treatment.
+
+Effective immediately, an individual in the custody or under the effective control of an officer, employee, or other agent of the United States Government, or detained within a facility owned, operated, or controlled by a department or agency of the United States, in any armed conflict, shall not be subjected to any interrogation technique or approach, or any treatment related to interrogation, that is not authorized by and listed in Army Field Manual 2-22.3 (Manual).
+
+Interrogation techniques, approaches, and treatments described in the shall be implemented strictly in accord with the principles, processes, conditions, and limitations the Manual prescribes.
+
+Where processes required by the Manual, such as a requirement of approval by specified Department of Defense officials, are inapposite to a department or an agency other than the Department of Defense, such a department or agency shall use processes that are substantially equivalent to the processes the Manual prescribes for the Department of Defense.
+
+Nothing in this section shall preclude the Federal Bureau of Investigation, or other Federal law enforcement agencies, from continuing to use authorized, non-coercive techniques of interrogation that are designed to elicit voluntary statements and do not involve the use of force, threats, or promises.
+
+(c)
+Interpretations of Common Article 3 and the Army Field Manual.
+
+From this day forward, unless the Attorney General with appropriate consultation provides further guidance, officers, employees, and other agents of the United States Government may, in conducting interrogations, act in reliance upon Army Field Manual 2-22.3, but may not, in conducting interrogations, rely upon any interpretation of the law governing interrogation -- including interpretations of Federal criminal laws, the Convention Against Torture, Common Article 3, Army Field Manual 2-22.3, and its predecessor document, Army Field Manual 34-52 -- issued by the Department of Justice between September 11, 2001, and January 20, 2009.
+
+## Sec. 4. Prohibition Of Certain Detention Facilities, And Red Cross Access To Detained Individuals.
+
+(a)
+CIA Detention.
+
+The CIA shall close as expeditiously as possible any detention facilities that it currently operates and shall not operate any such detention facility in the future.
+
+(b)
+International Committee of the Red Cross Access to Detained Individuals.
+
+All departments and agencies of the Federal Government shall provide the International Committee of the Red Cross with notification of, and timely access to, any individual detained in any armed conflict in the custody or under the effective control of an officer, employee, or other agent of the United States Government or detained within a facility owned, operated, or controlled by a department or agency of the United States Government, consistent with Department of Defense regulations and policies.
+
+## Sec. 5. Special Interagency Task Force On Interrogation And Transfer Policies.
+
+(a)
+Establishment of Special Interagency Task Force.
+
+There shall be established a Special Task Force on Interrogation and Transfer Policies (Special Task Force) to review interrogation and transfer policies.
+
+(b)
+Membership.
+
+The Special Task Force shall consist of the following members, or their designees:
+(i)
+the Attorney General, who shall serve as Chair;
+(ii)
+the Director of National Intelligence, who shall serve as Co-Vice-Chair;
+(iii)
+the Secretary of Defense, who shall serve as Co-Vice-Chair;
+(iv)
+the Secretary of State;
+(v)
+the Secretary of Homeland Security;
+(vi)
+the Director of the Central Intelligence Agency;
+(vii)
+the Chairman of the Joint Chiefs of Staff; and
+(viii)
+other officers or full-time or permanent part-time employees of the United States, as determined by the Chair, with the concurrence of the head of the department or agency concerned.
+
+(c)
+Staff.
+
+The Chair may designate officers and employees within the Department of Justice to serve as staff to support the Special Task Force.
+
+At the request of the Chair, officers and employees from other departments or agencies may serve on the Special Task Force with the concurrence of the head of the department or agency that employ such individuals.
+
+Such staff must be officers or full-time or permanent part-time employees of the United States.
+
+The Chair shall designate an officer or employee of the Department of Justice to serve as the Executive Secretary of the Special Task Force.
+
+(d)
+Operation.
+
+The Chair shall convene meetings of the Special Task Force, determine its agenda, and direct its work.
+
+The Chair may establish and direct subgroups of the Special Task Force, consisting exclusively of members of the Special Task Force, to deal with particular subjects.
+
+(e)
+Mission.
+
+The mission of the Special Task Force shall be:
+(i)
+to study and evaluate whether the interrogation practices and techniques in Army Field Manual 2-22.3, when employed by departments or agencies outside the military, provide an appropriate means of acquiring the intelligence necessary to protect the Nation, and, if warranted, to recommend any additional or different guidance for other departments or agencies; and
+(ii)
+to study and evaluate the practices of transferring individuals to other nations in order to ensure that such practices comply with the domestic laws, international obligations, and policies of the United States and do not result in the transfer of individuals to other nations to face torture or otherwise for the purpose, or with the effect, of undermining or circumventing the commitments or obligations of the United States to ensure the humane treatment of individuals in its custody or control.
+
+(f)
+Administration.
+
+The Special Task Force shall be established for administrative purposes within the Department of Justice and the Department of Justice shall, to the extent permitted by law and subject to the availability of appropriations, provide administrative support and funding for the Special Task Force.
+
+(g)
+Recommendations.
+
+The Special Task Force shall provide a report to the President, through the Assistant to the President for National Security Affairs and the Counsel to the President, on the matters set forth in subsection (d) within 180 days of the date of this order, unless the Chair determines that an extension is necessary.
+
+(h)
+Termination.
+
+The Chair shall terminate the Special Task Force upon the completion of its duties.
+
+Sec. 6.
+
+Construction with Other Laws.
+
+Nothing in this order shall be construed to affect the obligations of officers, employees, and other agents of the United States Government to comply with all pertinent laws and treaties of the United States governing detention and interrogation, including but not limited to:
+the Fifth and Eighth Amendments to the United States Constitution; the Federal torture statute, 18 U.S.C. 2340-2340A; the War Crimes Act,
+18 U.S.C. 2441; the Federal assault statute, 18 U.S.C. 113;
+the Federal maiming statute, 18 U.S.C. 114; the Federal
+"stalking" statute, 18 U.S.C. 2261A; articles 93, 124, 128, and 134 of the Uniform Code of Military Justice, 10 U.S.C.
+
+893, 924, 928, and 934; section 1003 of the Detainee Treatment Act of 2005, 42 U.S.C. 2000dd; section 6(c) of the Military Commissions Act of 2006, Public Law 109-366; the Geneva Conventions; and the Convention Against Torture.
+
+Nothing in this order shall be construed to diminish any rights that any individual may have under these or other laws and treaties.
+
+This order is not intended to, and does not, create any right or benefit, substantive or procedural, enforceable at law or in equity against the United States, its departments, agencies, or other entities, its officers or employees, or any other person.
+
+THE  WHITE HOUSE, January 22, 2009.
+
+# # #Appendix B Transfer Scenarios Considered by the Task Force 1. Extradition
+In the extradition process, the Secretary of State is the U.S. official responsible for determining whether to surrender a fugitive to a foreign country to face prosecution or to serve a sentence. Decisions on extradition where there is a potential issue oftorture are presented to the Secretary (or by delegation, to the Deputy Secretary) pursuant to regulations at 22 C.F.R. Part 95.
+
+In making the determination whether to surrender, the Secretary or Deputy Secretary considers whether a person facing extradition from the United States is "more likely than not" to be tortured in the state requesting extradition. Where allegations relating to torture are made or the issue is otherwise brought to the Department's attention, appropriate policy and legal offices review and analyze information relevant to the case in preparing a recommendation to the Secretary or Deputy Secretary on whether to sign the surrender warrant. The regulations provide that the Secretary or Deputy Secretary's decision is not subject to judicial review. This regulatory bar currently is being challenged in litigation in Califomia. 12
+Surrender may be conditioned on the requesting state's provision of specific assurances relating to torture or to aspects of the requesting state's criminal justice system that protect against mistreatment. Assurances of the latter kind may include, for example, commitments that the fugitive will have regular access to counsel and the full protections afforded under that State's constitution or laws.
+
+Assurances against torture have been sought in only a small number of extradition cases. These assurances are generally in writing, explicit as to protection against torture, include a monitoring mechanism, and are from a ministerial level official or above. Ifthat official is the Minister of Foreign Affairs -- the normal channel for extradition -- they generally will not be acted upon until it has been directly confirmed with the officials who will be responsible for the individual while in custody that they are aware of the assurances provided and committed to complying with them.
+
+Prior to negotiating a new extradition treaty, the United States undertakes a review ofthe potential treaty partner's human rights record to determine if it will respect both the rule oflaw and an extradited individual's human rights, including protections against torture. (It is in the U.S. Government's interest to do so, as most of its modem extradition treaties envision that the United States will extradite U.S. nationals pursuant to appropriate extradition requests.) Although some extradition treaties predate this practice, in most cases there is thus a built-in screening mechanism in place in the extradition context that reduces the likelihood that questions about torture in the requesting country will arise in the extradition context.
+
+The Executive Branch acknowledges that it occasionally seeks assurances in extradition cases but typically declines to disclose whether it has sought assurances in specific cases and rarely reveals the contents of any assurances in the extradition context.
+
+Under the rule ofnon-inquiry, courts will generally not examine the fairness of the system to which the person will be extradited, and the United States has taken the position that its decisions in extradition cases involving torture allegations, including the existence and nature of assurances, are similarly non-justiciable.
+
+## 2. Immigration Proceedings
+
+As with extradition, the CAT is the primary source on the limitation of removals where it is more likely than not that the transferee will face torture. In the immigration context, regulations codified at 8 C.F.R.  208.18(c) and 1208.18(c) specifically contemplate that the United States may use diplomatic assurances where the person subject to removal raises a claim under the CAT. Those regulations provide that the Secretary of State may forward to the Secretary of Homeland Security assurances that the Secretary of State has obtained from the government of a specific country that an alien would not be tortured there if the alien were removed to that country.
+
+In practice, the Department of State seeks assurances upon the request of the Department of Homeland Security ("DHS") and exercises discretion in deciding in particular cases whether to seek assurances upon receiving such a request. Ifthe Secretary of State obtains and forwards such assurances to the Secretary of DHS, the Secretary of DHS determines, in consultation with the Secretary of State, whether the assurances are sufficiently reliable to allow the alien's removal to that country consistent with Article 3 of the CAT. Under the regulation, if the assurances are determined to be sufficiently reliable, the Secretary of DHS may then terminate any deferral of removal the alien had been granted as to that country and the alien's torture claim may not be considered further by an immigration judge, the Board of Immigration Appeals, or an asylum officer.
+
+Since implementation of the regulations in 1999, the Immigration and Naturalization Service and DHS have relied on diplomatic assurances to remove only three people. In contrast, approximately five thousand individuals have enjoyed protection in immigration proceedings through the withholding or deferral of removal on grounds that it was more likely than not that they would be tortured.
+
+While assurances are tailored to the specific case, in general in the immigration context, they are in writing from the official or officials at the ministerial level (or above)
+who will be directly responsible for the individual while in the custody of that country, explicit as to protection against torture, and include a monitoring mechanism.
+
+A recent case involving the removal of an Egyptian is worth noting. In this case,
+13 The Third Circuit declined rehearing *en bane;* the U.S.
+
+a Third Circuit panel held that due process under the Fifth Amendment requires that, to terminate an alien's deferral of removal on the basis of assurances, the alien must be given (1) notice and an opportunity to test the reliability ofthe assurances; (2) an opportunity to present before a neutral and impartial decision-maker evidence and an argument to make his case; and (3} an individual determination based on the record disclosed to the alien.
+
+Government decided against seeking certioriari.
+
+Another high profile removal case is the case of Maher Arar. The Office of the Inspector General of DHS issued a report in March 2008 on the removal of Arar from the United States to Syria, where Arar claims to have been tortured. A brief discussion of this report is included in the classified annex.
+
+## 3. Transfers Pursuant To The Geneva Conventions
+
+Armed conflicts present another scenario in which the United States may find itself in a position ofwanting to transfer or repatriate people to other states. In international armed conflicts in which the 1949 Geneva Conventions apply, those treaties contain rules governing the transfer ofparticular categories ofpeople between states.
+
+The Third Geneva Convention contains two provisions relevant to transfers of prisoners of war ("POW s"). Article 118 provides, "Prisoners of war shall be released and repatriated without delay after the cessation of active hostilities." The article is silent about what should happen to a POW who genuinely fears repatriation. During the Convention's negotiations, no state condemned the notion of forced repatriation. 14
+Nevertheless, state practice related to Article 118 suggests a policy evolution in the meaning of the provision. After the Korean War, North Korea, China, and the USSR
+contended that the obligation to repatriate prisoners under Article 118 was absolute. In contrast, the UN Command (led by the United States) argued that forcible repatriation
+"was inconsistent with the ... spirit of the Geneva Conventions."15 The issue also arose in the first Gulf War, where the United States and Saudi Arabia granted refugee status to some Iraqi POWs who opted not to return to Iraq. States thus appear increasingly willing to respect the concerns of POW s who fear returning to their states ofnationality, though the issue has not arisen in about twenty years. 16
+Article 12 of the Third Geneva Convention also is relevant to transfers. That article states, "Prisoners of war may only be transferred by the Detaining Power to a Power which is a party to the Convention and after the Detaining Power has satisfied itself of the willingness and ability of such transferee Power to apply the Convention."
+When pursuing resettlement or transfer options to third countries, the United States has sometimes concluded POW agreements pursuant to Article 12. These agreements often set forth the type of treatment the transferred POW will receive (i.e., treatment consistent with the Third Geneva Convention); grant the transferring state and the International Committee of the Red Cross ("ICRC") access to the transferred detainee; and contain provisions governing the detainee's repatriation or further transfer.
+
+The Fourth Geneva Convention offers greater specific protections against "nonrefoulement." For individual "protected persons" in the territory of a party to the conflict, the Convention states, "In no circumstances shall a protected person be transferred to a country where he or she may have reason to fear persecution for his or her political opinions or religious beliefs. " 17
+In the cases of U.S. transfers under the Third and Fourth Geneva Conventions, the United States transfer policies to date have, to the Task Force's knowledge, met or exceeded the relevant U.S. treaty obligations.
+
+## 4. Transfers From The Guantanamo Bay Detention Facility
+
+To date, the United States has transferred more than 500 detainees from Guantanamo to their states ofnationality or to third states. U.S. policy has been to seek humane treatment assurances with respect to all Guantanamo transfers in which it foresees that the receiving government will take post-transfer security measures to mitigate the threat a detainee poses. 18 In situations in which the United States expects the detainee to be released after his transfer, fewer issues arise with respect to humane treatment. Accordingly, the United States has not always sought assurances in those cases.
+
+The USG's practice with regard to Guantanamo assurances has evolved over the years. The current practice is wherever possible to negotiate a "framework" document with each country that has a national at Guantanamo, and then to seek specific assurances prior to each individual transfer to which the framework will apply. The USG has negotiated framework assurances with every major country that has a detainee remaining at Guantanamo and where repatriation is seen as a possibility. Therefore, at this time, there is no expectation that new framework assurance negotiations will be required.
+
+Although the content ofthose assurances varies somewhat, to take into account the particular circumstances of the receiving countries (such as variable treaty obligations, or the absence or existence of ICRC access arrangements to detention facilities), they generally include: (1) an assurance that the transferee will be treated humanely and in accordance with the receiving country's obligations under the CAT (or under comparable international obligations when the receiving country is not a party to the CAT); and (2) an assurance that either the USG or a mutually-agreed third party will enjoy post-transfer access to the transferees to monitor their treatment. While the USG
+requests humane treatment and access assurances as a general rule, it insists on lessextensive assurances in cases where it determines that the risk of inhumane treatment, with or without assurances, is negligible.
+
+The Department of State has taken the lead in bilateral negotiations to obtain assurances for Guantanamo transfers and in evaluating the sufficiency of the assurances obtained. In many cases, the United States has obtained assurances by means of an exchange of diplomatic notes or letters between senior government officials, but in other circumstances, the State Department has found to be adequate when stated orally and reported by the receiving U.S. Embassy in an official cable or reduced to writing in the form of an agreed minutes of a conversation between meeting participants.
+
+In addition, the ICRC has the opportunity to conduct exit interviews with detainees being transferred from Guantanamo. This process provides a further opportunity to explore possible concerns about post-transfer treatment.
+
+There have been few complaints about mistreatment of Guantanamo detainees who have been transferred to their home states or third states. However, hum.an rights groups have alleged that a few Guantanamo transferees sustained abuse after being transferred. 19
+As in extradition and (to date) im.migration cases, the U.S. policy has been that the United States will not unilaterally make public the contents of the assurances it has sought in the Guantanamo context. As explained in several sworn declarations filed in various federal courts, this policy is designed to help "avoid the chilling effects of making such discussions public and the possible damage to our ability to conduct foreign relations ... There also m.ay be circumstances where it may be important to protect sources of information (such as sources within a foreign government) about a government's willingness or capability to abide by assurances concerning humane treatment or relevant international obligations. "20
+
+## 5. Military Transfers Within Or From Afghanistan
+
+During the conflict in Afghanistan, the United States - as part of both Operation Enduring Freedom ("OEF") and the International Security Assistance Force ("ISAF"}-
+has detained large numbers ofpeople. It has released some quickly; has held others in its detention facilities in Afghanistan; has transferred some to Guantanamo Bay; has transferred some to the Islamic Republic of Afghanistan ("IROA"); and has transferred some to their states ofnationality.
+
+Transfers within Afghanistan: In 2005, the USG negotiated a transfer framework with the IROA for transfers of detainees to the IROA for continued detention and prosecution. As part of this framework, the USG obtained humane treatment assurances, assurances against the use of torture, and assurances of U.S. or third party access. The USG considers the 2005 assurances to apply both to the transfer of individuals detained by U.S. forces as part of OEF and to the transfer of individuals detained by U.S. forces operating within the ISAF coalition. In 2007, the United States, with other ISAF
+partners, concluded a subsequent arrangement with the IROA that gives ISAF even greater access to detainees whom ISAF has transferred.21 The 2007 arrangement provides that officials from each signatory government will "enjoy access to Afghan detention facilities to the extent necessary to ascertain the location and treatment of any detainee transferred by that government tothe Government of Afghanistan." It also gives ISAF governments the opportunity to conduct private interviews with transferred detainees, and permits the ICRC and the Afghan Independent Human Rights Commission to gain access to IROA facilities. However, as a practical matter, USG monitoring of ISAF detainees transferred to the IROA has been far less robust than USG monitoring of OEF detainees transferred to the IROA because of the regular U.S. presence in the facilities to which OEF detainees are transferred.
+
+Transfers from Afghanistan. Where the U.S. military detains third country nationals in the Afghanistan conflict and seeks to transfer those individuals to their home states, it applies the same non-refoulement policy that it applies to Guantanamo transfers, and where appropriate seeks third-country assurances prior to such transfers.
+
+## 6. Military Transfers Within Or From Iraq
+
+The USG has not sought assurances from the Government of Iraq ("GOI")
+concerning release within Iraq or transfer to Iraqi custody of Iraqi nationals detained by the multinational force in Iraq ("MNF-I"). In December 2008, the United States concluded a new framework arrangement with the GOI pursuant to which the United States now conducts detentions in Iraq.
+
+Transfers within Iraq. U.S. forces in Iraq currently operate under a Security Agreement ("SA") that the USG concluded with the GOI in late 2008. The SA provides that "[i]n the event the United States Forces detain or arrest persons as authorized by this Agreement or Iraqi law, such persons must be handed over to competent Iraqi authorities within 24 hours from the time of their detention or arrest." With regard to detainees who were being held by U.S. Forces on the date the SA entered into force, January 1, 2009, the SA provides: "Competent Iraqi authorities shall issue arrest warrants for [such]
+persons who are wanted by them. The United States Forces shall act in full and effective coordination with the Government of Iraq to tum over custody of such wanted detainees to Iraqi authorities pursuant to a valid Iraqi arrest warrant and shall release all ofthe remaining detainees in a safe and orderly manner, unless otherwise requested by the Government of Iraq and in accordance with Article 4 of this agreement."
+Although it would be politically difficult to refuse an Iraqi request for transfer, if the USG were to conclude that there was reason to believe that such a detainee was more likely than not to be tortured if he or she were transferred to Iraq, the matter could raised with the GOI at the diplomatic level. Moreover, the Solicitor General in the USG's Muna/and *Omar* briefs to the Supreme Court stated (prior to entry into force of the SA, but nevertheless still relevant to the above discussion), "The United States would object to the MNF-I's transfer of Omar or Munafto Iraqi custody if it believed they would likely be tortured." Although the Supreme Court in *Muna/held* that it would not block the decision to transfer, the decision in *Munaf*reserved the "more extreme case in which the Executive has determined that a detainee is likely to be tortured but decides to transfer him anyway."22
+Transfers from Iraq. To date, MNF-I has not released or transferred large numbers of third country national detainees. Third country nationals detained by MNF-I
+were provided an opportunity (by way of a questionnaire) to express to the USG fears of persecution or mistreatment if transferred. An interagency group, including the U.S.
+
+Embassy and the Department of Defense, evaluated the detainees' responses and made a recommendation to the Commander, who decided whether to transfer each individual. If appropriate, relevant assurances would be sought from the receiving country, although the Task Force is not aware of a case to date where this happened. Additionally, MNF-I
+notified the ICRC ofthe potential transfer and offered the ICRC the opportunity to conduct an exit interview in which the ICRC could explore the detainee' s possible fears of torture or persecution. However, the ICRC did not always avail itself of this opportunity to conduct exit interviews. Lack of an ICRC exit interview did not preclude the transfer of these detainees to the GOI or other states.
+
+These types of transfers were suspended at the request of the GOI, which expressed a desire to prosecute all such third country nationals. Recently, the GOI has issued arrest warrants for all third country nationals in MNF-I custody. MNF-I has started turning these third-country nationals over to the Iraqi Ministry of Justice pursuant to the SA.
+
+## 7. Transfers Of Individuals From One Country To Another Under Intelligence Authorities
+
+There has been much public speculation regarding alleged transfers by elements ofthe Intelligence Community pursuant to intelligence authorities. The Joint Inquiry Into Intelligence Community Activities Before and After the Terrorist Attacks of September
+11, 2001 (hereinafter the "Joint Inquiry") found that such transfers, also referred to as
+"renditions," were an important tool against terrorism.23 In a 2002 written statement to the Joint Inquiry, then-CIA Director George Tenet reported that, prior to September 11,
+2001, the "CIA (in many cases with the FBI) had rendered 70 terrorists to justice around the world."
+A transfer under intelligence authorities would occur under Section 503 of the National Security Act of 1947, as amended, which provides that the President may authorize "covert action" when "necessary to support identifiable policy objectives ofthe United States" and when "important to the national security of the United States."24 A
+critical aspect of these covert action activities is that the role of the United States will not be apparent or acknowledged publicly. Because, by definition, covert action is not subject to public scrutiny, the National Security Act contains requirements for congressional notification. Furthermore, section 503(a)(5) specifies that the President
+"may not authorize any action that would violate the Constitution or any statute of the United States. "25
+controlling source of authority for its activities." To do otherwise would restrict "intelligence activities that are otherwise entirely consistent with U.S. law and policy.").

markdown/misc/iqt-beyond.md

@@ -0,0 +1,13 @@
+## Beyond Data
+
+By Bob Gleichauf Beyond data there is information, then knowledge, and ultimately the wisdom to make the right decisions.
+
+Advanced Analytics and Big Data are two of the most active areas of innovation in the Tech sector right now. But from an analyst's point of view the products and technology coming out of these sectors demand a level of technical expertise that is sometimes a barrier to adoption. What's more, successful deployment frequently requires adjustments to resources and organizational structures that are not always clearly understood. If we are to maximize our return on investment we can't just upgrade our hardware and software. We also need to make adjustments to our
+"wetware" - the people, their skillsets, corporate policies, and the organizational structures that define our analytic communities. As Apple has shown us, the hallmark of a good product is one that is immediately usable by even the most technically challenged consumers. While the latest advanced analytical tools are very powerful, they still require a fair amount of technical sophistication and have a long way to go before they match the ease of use of an iPhone or an iPad. We cannot afford to wait for our analytic tools to catch up to Apple. We need to find ways to reduce the usability gap and further empower analysts. A good first step is to help analysts automate their more burdensome and repetitive tasks so they have more time to develop new capabilities. Unfortunately, automating tasks is hard to do and requires its own unique skills. At a minimum, an analyst needs to be able to describe inputs-outputs, what to filter, data transforms, and so on - in effect creating a storyboard. More complex analyses frequently turn into a programming exercise. While the effort is non trivial, there are clear benefits to be had. For example, codifying workflows in this manner promotes reuse. It also makes it easier to pick out "meta" patterns in what an analyst, or a group of analysts is doing. This makes it easier to spot hidden trends that can serve as a foundation for development of system intelligence such as the recommendation services offered by Amazon and Netflix. But even when the right processes have been put in place, it is unclear whether analysts have the time or the wherewithal to properly describe what they do on a day-to-day basis. One way to bridge the skills gap is to provide analysts with access to technical experts who know how to cross the chasm. This can be accomplished in any number of ways: access to professional services, creating virtual teams, embedding experts within those teams, and so on.  What works best depends on the unique demands of each directorate or analyst community. For example, the military has a long track record of successfully embedding experts, such as a medic or a signals corpsman, into squads and platoons. Similar benefits may be realized when a tools expert is "embedded" with a group of analysts. This of course would also require a clear career path for a skill set that heretofore has not always been explicitly recognized. Another challenge with Advanced Analytics and Big Data is the fact that legacy infrastructures and government policies are increasingly at odds with the realities of the analytic landscape. There are good reasons why some of these restrictions exist; protecting the privacy of U.S. citizens is a cornerstone of our society.  This is also the law. Our adversaries do not operate under the same constraints, however, and they are becoming more creative and nimble by the day. As a consequence, we risk putting ourselves at a distinct disadvantage unless we become more creative in how we operate within our own constraints.
+
+that require data to be encrypted, both while in transit and at rest, also introduce performance penalties that make it difficult if not impossible to process large data sets in an acceptable timeframe. As the volume of data increases we may be reaching a tipping point where the rate of effectiveness actually starts to decrease because of this processing overhead. In situations such as this we should be willing to entertain alternative approaches that remain compliant with policies but do not introduce these operational impediments. For example, what if we obscured query results (the "output") rather than the data the queries operate on (the "input")? While sensitive data within a result set still remains obscured, the analyst gets back a result set that otherwise might not be generated. It also may be more accurate. From there an analyst may have justification to request a deeper analysis by authorized staff. Such an approach would require data to be stored in an unencrypted form within a virtual data vault that provides one-way access (a data "diode"). While there are many technical and political issues that would need to be worked out, this type of novel data management could dramatically improve the impact of the latest and greatest products and technology.
+
+Connecting the dots - whether to understand the latest regional trends, proactively predict a threat, or find a proverbial needle in a haystack - more often than not requires access to multiple data sources. The challenge here is that over the years the collection and curation of data has created its own fiefdoms that are at odds with this data-sharing requirement. The rules of analytic engagement are further complicated by both security and privacy requirements, which mandate that sensitive data be obscured. This often translates into encrypted data that precludes some forms of analysis. As a result, analysts may miss important pieces of the puzzle and be unaware that vital facts even exist.
+
+The challenge of course is not just beyond data, it also is beyond products and technology. Ultimately our success is tied to how good a job we do managing the risk of innovation, while at the same time operating within the constraints of our IT, regulatory, and organizational environments. By virtue of its unique mix of commercial and government experience, IQT is well positioned to help both our customers and portfolio companies strike this balance. IQT has most recently demonstrated this through investments in companies such as Digital Reasoning, Recorded Future, and SitScape. Going forward we are looking to do even more through experimentation and prototyping in close cooperation with our IC customers.
+While significant advances have been made in identifying patterns in encrypted and obscured data, the fact remains that certain forms of analysis are no longer possible within an encrypted environment. Rules Bob Gleichauf serves as IQT's Executive Vice President of Technology Transfer and Chief Scientist and oversees the transfer of innovative technology solutions to the U.S. Intelligence Community. In this role, he supports technology advancement programs and IQT's rapid prototyping capability, and is responsible for increasing customer awareness of IQT portfolio company capabilities. Bob joined IQT from Cisco Systems, where he spent more than a decade working on the development of secure network infrastructures across a variety of the company's products as the Chief Technology Officer for the Wireless and Security Technology Group. He is respected globally for his work in information security and has more than a dozen patents in network security.

markdown/misc/iqt-radar.md

@@ -0,0 +1,39 @@
+## On Our Radar On Our Radar
+
+By Nat Puffer The fight to secure information is being lost. This was at the center of a debate within In-Q-Tel's Infrastructure and Security Practice last summer. Every day we would hear about another epic breach of consumer data or critical company secrets. In an industry that uses analogies as a foundation, all of them have crumbled. The "castle perimeter" has crumbled. The "hunters" are not efficient enough to seek out the persistent and embedded foothold of determined adversaries. A 2013 article cited Mandiant as discovering a foothold in a network that went undiscovered for six years and three months.1
+The same article cited the average time from initial breach to discovery as 229 days. If this isn't an indication of critical systemic failure, I'm not sure what is.
+
+On the other side of the argument, "losing" means something is lost, and implies that there's some idea what winning would look like. But what if we haven't really lost anything? Perhaps breaches and data theft, like power outages or rush hour traffic, are just part of living in the modern world. While the numbers vary for effect, Target was reported to have lost 40 million payment cards in 2013; Home Depot lost 56 million payment cards in 2014; and Anthem lost 69 million patient records in 2015.2 Yet every time one of these breaches is announced, we go about our days like nothing has happened. We still use our credit cards at Target. We still use our health insurance. We've become accustomed to the idea that companies can't keep our information secure against a sophisticated attacker, and in some cases, even an unsophisticated one. If we get substantially more out of modern conveniences than they cost us, how is that a loss? Stated differently, isn't instantly streaming movies to a tablet worth having to change a credit card number from time to time? At the core of the tradeoff is that people on a day-today basis value convenience over security. We shouldn't be surprised that this extends to people who develop software; that security lags behind innovation. In 2011, Steve Yegge wrote a blog post at Google capturing this concept, and I cite this post frequently to demonstrate the nature of the information security problem. Yegge asserted that there are two competing forces as systems are developed. The first is how functional and useful the system is, dubbed accessibility. The second is security. Without any external influence, accessibility will always win at the cost of security. As stated in Yegge's post, "[D]ialing Accessibility to zero means you have no product at all, whereas dialing Security to zero can still get you a reasonably successful product such as the PlayStation Network."3
+It's a strange coincidence that it was also a Sony breach that brought lapses in security to the attention of the general public. Was the most recent breach of Sony Entertainment a game changer? If you are an information security professional, your likely answer is a jaded "no." We have been here before. There was nothing extraordinary about the breach technically. The concept of nation-state attackers penetrating corporate systems has appeared in commercial penetration testing reports since 2004. The only change, if any, is the rate at which we have to respond to new threats with limited resources. If agility is defined as the ability
+
+## Without Any External Influence, Accessibility Will Always Win At The Cost Of Security.
+
+to minimize the time required to accomplish a different task, we're finding agility is critical.
+
+indicator of compromise with equal veracity, which is exhausting. That exhaustion bore little fruit, which bred complacency. That complacency, over time, led to the very thing you wanted to prevent. Going forward, companies will be faced with developing doctrine based on hard questions. What assets are priorities? Which systems would potentially be sacrificed for others? Is it okay to isolate and restore a user's desktop automatically based on a machine's determination of a threat? The user would lose his or her work, but you would limit chasing ghosts through the system. At the root of this are questions surrounding "How?" How do I know what to prioritize? How can I create the maximum effect with the minimal resources? Developing a sense of situational awareness to focus operations will be critical in answering those questions.
+
+However, if you haven't been living in information security or worried about operating system internals and the ways they can be exploited (i.e., the majority of people), your perspective may be that the Sony breach signals a major change. There is a wider awareness that system breaches aren't just about criminal gangs looking to steal credit cards anymore. There is a new world where countries use the Internet as a platform for attack or retribution. This was highlighted by the White House Press Corps asking the President directly about a computer breach of a private company, and being assured that appropriate action would be taken.4 Similar questions have been echoed in board rooms and C-suite conversations across the country: How would we fare? What's at risk? What are we doing differently today given these revelations?
+
+## Situational Awareness
+
+Over the past year and a half, IQT has been tracking the rise of the private threat intelligence market. State of the Internet and Annual Breach reports have existed for a long time, but this space was something new. Vendors were looking to increase the rate and specificity of intelligence into something actionable, forming two camps.
+
+The next steps after those questions are even more interesting. If you believe that all the investment in current mitigation strategies has been working, something has changed and you need to adapt. If you think that all your investments have failed, it's time to change course. In either case, something needs to change. The constant stacking of security tools hasn't worked. The doctrine of Defense in Depth has to answer for its cost of complexity when measured against a lack of success. While we may not want to abandon the idea altogether, we need to adapt with a new way of operating. This will likely include variable response, situational awareness, and security orchestration.
+
+## Belief In Variable Response
+
+The first camp produced finished products. These were full reports with in-depth analysis and attribution. Actors, campaigns, tools, techniques, and procedures are all tracked and discussed, with fun names created for many of them. There was a focus on attribution, which we weren't convinced would be useful for those without certain authorities. The fact that activity was supposedly part of a People's Liberation Army (PLA) initiative may be interesting, but the overall economics of a private company are more of a driving factor in dealing with China than an IT department's report for the CIO. However, as the Sony breach has raised awareness inside commercial enterprises, so has the Endless stacking of security safeguards is a flawed strategy and every asset cannot be protected equally. For a long time there was a belief that you could secure everything in a reasonably complex network if you put more resources and tools against the problem. This resulted in a limited staff chasing every possible value of attribution. Understanding the larger context of "Who" is suddenly as important as "What" or "Why" even if prosecution isn't an option. The second camp produced machine-readable Indicators of Compromise (IOC). This information was intended to enrich the detection systems within a network through a couple of mechanisms. First, IOCs could be fed into a central incident management solution. The goal was to correlate indicators like IP addresses with existing log data to determine if network traffic that would normally appear benign is something to worry about. The second use was to add IOCs to detection capabilities to search out new potential compromises.
+
+Both are useful and have a place. We expect to see significant activity as vendors from one camp add capabilities from the other, collection biases in feeds are worked through, and infrastructure for delivery, consumption, and sharing is rolled out. The promise is that focus and prioritization will eventually result from the ability to put global context around local alerts. The reality is that it may be too early to tell if the intelligence is sustainable and provides efficiency, or becomes an overwhelming deluge of data. Ultimately, the indicators need to support and drive action in the organization.
+
+## Action Through Security Orchestration
+
+Awareness without the ability to act is useless. Action that consumes all your resources is limiting. The ability to make decisions on the intelligence we have and act with minimal resources in a timely manner is the goal, but has eluded most complex IT organizations. Networks of sufficient complexity are typically built by several generations of employees using products from a number of vendors spanning years. Legacy systems, acquisitions, new initiatives, and day-to-day break-fix cycles consume any available time personnel might Nat Puffer is a Senior Member of the Technical Staff within In-Q-Tel's Infrastructure and Security Practice. He has led investments in network security, data storage, and cloud computing. Prior to IQT, Puffer was with Knowledge Consulting Group, where he was responsible for growing the Cyber Attack and Penetration Division. He previously held consulting roles with Neohapsis and Symantec. Puffer earned a bachelor's degree in Integrated Science and Technology and a master's degree in Computer Science from James Madison University.
+
+## R E F E R E N C E S
+
+have otherwise put towards automation on a systemwide scale. Vendors have added to the problem with protection of their market share by limiting centralized management solutions to work only with products in their portfolio. Bring your own device (BYOD) policies and the Internet of Things (IoT) pile on even more complexity and amplify the problem. Several third-party vendors are chasing this problem with fresh eyes. The core concept is more in line with a knowledge-based system or workflow management solution than something fully autonomous. Identify actions that are frequent and time consuming, streamline the decision making and sign-off process, and efficiently execute across the infrastructure. While limited, this ability to act, potentially in machine time, on identified threats that are based on a broad view and defined prioritization might begin to tilt the odds back in our favor. However, the ability to capture business process and maintain automation as vendors update their solutions and companies change their infrastructure has been the downfall of these solutions before. These solutions will succeed based on their ability to capture and keep pace with changes in doctrine and business processes.
+
+## Rebooting Cybersecurity
+
+Perhaps we need to restart, building upon what we have with variable response, situational awareness, and security orchestration in mind. Doctrine and awareness enable action that can drive up the cost for the attacker by constantly removing their footholds while keeping the defender's resources relatively flat. Tracking, identifying, and attributing attacks changes the political landscape. If winning in this context means establishing a livable equilibrium, changing the economics and politics of the attacker may be a good first step.

markdown/misc/iqt-space.md

@@ -0,0 +1,37 @@
+## On Our Radar The New Race For Space
+
+By Ryan Lewis and Todd Stavish President John F. Kennedy, speaking several months after John Glenn's historic flight aboard Friendship 7, famously proclaimed that, "No nation which expects to be the leader of other nations can expect to stay behind in this race for space." The origins of the modern space industry are rooted in one of the most renowned global competitions: the race for space between the United States and the former Soviet Union. Fifty years later, a new space race is underway that is being driven not by nations, but by venture-backed startups.
+
+Throughout the 1960s and 1970s, space research and development was driven by government agencies seeking to expand their national security capabilities and prestige. In today's space race, this generation of venture-backed startups is challenging long-held industry conventions by leveraging the same techniques that drove innovation in the software market and applying them to space systems. As a result, space capabilities and services are rapidly becoming accessible for commercial and government consumers alike. The changes currently unfolding in the market are truly unprecedented. While the space industry had its share of new commercial entrants in previous decades, never before has the industry experienced aggressive startup activity across every market segment. From providing reliable and affordable access to space to developing new analytics for remote sensory data, startups are looking to disrupt current practices by leveraging affordable platforms that allow them to innovate quickly and inexpensively. This approach allows companies to rapidly evolve their products and services at previously unimaginable price points. The cost structure of these startups also allows them to pursue new types of business models. Unlike a majority of their predecessors, most new space startups are not looking to government agencies to serve as their sole or even primary customers. Instead, commercial industries serve as their main sources of revenue generation. While many of these consumers may be unfamiliar with space-based capabilities, the insights provided from space remote sensory data fit directly into existing big data, communications, or tracking and monitoring challenges. This comprehensive market change and rising commercial interest has not been lost on investors. For the first time, venture capital firms are playing an increasingly significant role in funding space startups. As more money enters the industry, more entrepreneurs are likely to join this new race. It is important to consider why this innovation in the market is happening now. Startups are taking advantage of fundamental changes occurring across a variety of market sectors, including launch vehicles, hardware and software, satellites, and analytics.
+
+## Decreased Cost To Access Space
+
+The ability to reach outer space safely has always been one of the biggest challenges in the space industry. As recent events have shown, rocket launches are still risky enterprises. Despite the inherent challenges of rocket science, recent advances in expanding affordable For the first time, venture capital firms are playing an increasingly significant role in funding space startups. As more money enters the industry, more entrepreneurs are likely to join this new race.
+
+methods, in which requirements and solutions evolve through collaboration between self-organizing, crossfunctional teams. This promotes adaptive planning, evolutionary development, early delivery, continuous improvement, and rapid and flexible response to change. The end result is that a single satellite design can evolve through ten generations in one or two years - taking advantage of hardware that did not exist at the inception of the design cycle.
+
+access to space have made it possible for entrepreneurs and startups to put pathfinders and prototypes into orbit at a fraction of the cost. Demand for secondary rides has developed so rapidly that startups specializing in launch brokerage services have emerged to simplify the process for new companies. The U.S. government also helped ease access to space by supporting efforts like NASA's rideshare program, which provides secondary rides to university science projects.
+
+## Standardized Satellite Buses
+
+Although the secondary launch market helped catalyze growth among aspiring small satellite startups, it cannot address the ever-increasing demand for launch services. From launch dates to desired orbits and altitudes, startups are demanding increasingly complex services to meet their needs on an already overtaxed system. A series of startups have emerged to meet this demand for timely, reliable, and affordable access to space. These innovations will be important not only for aspiring companies dedicated to small satellite launch, but also the current heavy lift providers who are looking to diversify their product lines.
+
+## Commodity Hardware And Software
+
+Expanding on the original CubeSat standard developed at California Polytechnic State University and Stanford University, manufacturers have drastically simplified the process for researchers and companies alike to procure, test, and fly their own inexpensive satellites for a wide variety of missions and/or research projects. This flexibility has catalyzed numerous startup companies to develop tailored satellite services leveraging an inexpensive satellite bus. As the standard matures and companies support different elements of the supply chain, it will become easier for individuals and companies interested in CubeSats to experiment with their own satellites.
+
+## Common Analytic Engines And Services
+
+Historically, the analysis of remote sensory data from space assets required a series of highly trained professionals to prepare, analyze, and disseminate the data to the appropriate stakeholders. While there will always be a need for highly trained professionals, the emergence of proprietary and open source analytics engines have enabled companies to sell affordable analytic products, not just raw data.
+
+The second major change to the space industry is the adoption of commodity hardware coupled with the use of agile development methods. The advantage of using commodity hardware is most widely recognized in "Moore's Law" - the observation that, over the history of computing hardware, the number of transistors in a dense integrated circuit doubles approximately every two years. This doubling effect creates massive computing power over generations. The power of generational doubling is not isolated to computing, however. For example, space startups are utilizing the rapid pace of innovation currently experienced in solar power cells, battery systems, software-defined radios, and smartphone sensors.
+
+The shift from raw data to insights will have a substantial impact on the market. Companies, both incumbents and startups, now have new product lines to sell customers. Furthermore, it has given rise to a new group of startups focusing exclusively on remote sensory analytics. Thus, a major barrier to entry for The exponential improvement of commodity hardware is further amplified by the use of agile development most commercial companies interested in space-based remote sensing data has been removed. Companies, no longer encumbered by analytic challenges associated with raw data exploitation, focus directly on business needs by purchasing tailored analytic products. In conclusion, the transformation occurring in the commercial space industry is undeniable, but change is not easy. In each market segment, consumers, both public and private alike, are slowly being forced to reconsider how they currently plan, buy, and use commercial space services and products. Similar to the software market, customers, including the Intelligence Community, will be increasingly challenged to decide between a series of companies, not simply one or two sole-source suppliers.
+
+Ryan Lewis is a Director of Intelligence Community Support at In-Q-Tel. Prior to joining IQT, Lewis was an Account General Manager for Computer Science Corporation. In this role, he was responsible for the account's technical delivery, financial management, business development, and strategic planning. Lewis received a bachelor's degree from Truman State University and a master's degree from the University of Maryland, where he was named a Memorial Fellow.
+
+
+Todd Stavish is a Senior Member of the Technical Staff within IQT's Advanced Analytics practice. Stavish's company portfolio includes investments in big data, geospatial information systems, and space technologies. Prior to IQT, as a Chief Systems Engineer with InfiniteGraph, Stavish was responsible for customer acquisition. In this role, he acquired the company's first customer and won a key intelligence customer for media analytics. Stavish received
+a bachelor's degree in Computational Physics from Saint Bonaventure University.
+
+Recognizing this shift in the space market, IQT is undertaking a strategic mission initiative focused on exploring the commercial space revolution. Going beyond IQT's core investment model, this initiative seeks to provide the IC with a mechanism to rapidly understand, architect, and demonstrate the art of the possible using new capabilities from the emerging commercial space industry. As space services become the realm of startups, not just governments, the IC and its partners must consider the implications of global commercial sales. While these market forces present both changes and challenges, it is truly an unprecedented time in the market. The new space race is on.

markdown/misc/lexicon.md

@@ -0,0 +1,224 @@
+(U//FOUO) Domestic Extremism Lexicon IA-0233-09
+UNCLASSIFIED//FOR OFFICIAL USE ONLY
+
+##
+
+
+(U//FOUO)  Domestic Extremism Lexicon
+26 March 2009
+(U)  Prepared by the Strategic Analysis Group and the Extremism and Radicalization Branch, Homeland Environment Threat Analysis Division. (U//FOUO)  Homeland Security Reference Aidsprepared by the DHS/Office of Intelligence and Analysis (I&A)provide baseline information on a variety of homeland security issues.  This product is one in a series of reference aids designed to provide operational and intelligence advice and assistance to other elements of DHS, as well as state, local, and regional fusions centers.  DHS/I&A intends this background information to assist federal, state, local, and tribal homeland security and law enforcement officials in conducting analytic activities.  This product provides definitions for key terms and phrases that often appear in DHS analysis that addresses the nature and scope of the threat that domestic, non-Islamic extremism poses to the United States.  Definitions were derived from a variety of open source materials and unclassified information, then further developed during facilitated workshops with DHS intelligence analysts knowledgeable about domestic, non-Islamic extremism in the United States.
+
+##
+
+(U)  Definitions (U)  aboveground
+(U//FOUO)  A term used to describe extremist groups or
+individuals who operate overtly and portray themselves as law-abiding.
+(U)  alternative media
+(U//FOUO)  A term used to describe various information
+sources that provide a forum for interpretations of events and issues that differ radically from those presented in mass media products and outlets.
+(U)  anarchist extremism
+(U//FOUO)  A movement of groups or individuals who advocate a society devoid of government structure or ownership of individual property.  Many embrace some of the radical philosophical components of anticapitalist, antiglobalization, communist, socialist, and other movements. Anarchist extremists advocate changing government and society through revolutionary violence. (also: *revolutionary anarchists*)
+(U)  animal rights extremism
+(U//FOUO)  A movement of groups or individuals who ascribe equal value to all living organisms and seek to end the perceived abuse and suffering of animals.  They believe animals are sentient creatures that experience emotional, physical, and mental awareness and deserve many of the same rights as human beings; for example, the right to life and freedom to engage in normal, instinctive animal behavior. These groups have been known to advocate or engage in criminal activity and plot acts of violence and terrorism in an attempt to advance their extremist goals.  They have targeted industries, businesses, and government entities that they perceive abuse or exploit animals, including those that use
+animals for testing, human services, food production, or
+consumption. (also: *animal liberation*)
+(U)  antiabortion extremism
+(U//FOUO)  A movement of groups or individuals who are virulently antiabortion and advocate violence against providers of abortion-related services, their employees, and their facilities.  Some cite various racist and anti-Semitic beliefs to justify their criminal activities.
+(U)  anti-immigration extremism
+(U//FOUO)  A movement of groups or individuals who are vehemently opposed to illegal immigration, particularly along the U.S. southwest border with Mexico, and who have been known to advocate or engage in criminal activity and plot acts of violence and terrorism to advance their extremist goals. They are highly critical of the U.S. Government's response to illegal immigration and oppose government programs that are designed to extend "rights" to illegal aliens, such as issuing driver's licenses or national identification cards and providing in-state tuition, medical benefits, or public education.
+(U)  antitechnology extremism
+(U//FOUO)  A movement of groups or individuals opposed to technology.  These groups have been known to advocate or engage in criminal activity and plot acts of violence and terrorism in an attempt to advance their extremist goals. They have targeted college and university laboratories, scholars, biotechnology industries, U.S. corporations involved in the computer or airline industry, and others. (also: *Neo-Luddites*)
+(U)  Aryan prison gangs
+(U//FOUO)  Individuals who form organized groups while in prison and advocate white supremacist views. Group members may continue to operate under the auspices of the prison gang upon their release from correctional facilities.
+(U)  black bloc
+(U//FOUO)  An organized collection of violent anarchists and
+anarchist affinity groups that band together for illegal acts of civil disturbance and use tactics that destroy property or strain law enforcement resources.  Black blocs operate in autonomous cells that infiltrate nonviolent protests, often without the knowledge of the organizers of the event.
+(U)  black nationalism
+(U//FOUO)  A term used by black separatists to promote the
+unification and separate identity of persons of black or African American descent and who advocate the establishment of a separate nation within the United States.
+(U)  black power
+(U//FOUO)  A term used by black separatists to describe their
+pride in and the perceived superiority of the black race.
+| (U)  black separatism                                          |
+|----------------------------------------------------------------|
+| African American descent who advocate the separation of the    |
+| races or the separation of specific geographic regions from    |
+| the rest of the United States; some advocate forming their     |
+| own political system within a separate nation.  Such groups or |
+| individuals also may embrace radical religious beliefs.        |
+| Members have been known to advocate or engage in criminal      |
+| activity and plot acts of violence directed toward local law   |
+| enforcement in an attempt to advance their extremist goals.    |
+| (U)  Christian Identity                                          | (U//FOUO)  A racist religious                            |
+|------------------------------------------------------------------|----------------------------------------------------------|
+| philosophy that maintains                                        |                                                          |
+| non-Jewish whites are "God's                                     |                                                          |
+| Chosen People" and the true                                      |                                                          |
+| descendants of the                                               |                                                          |
+| Twelve Tribes of Israel.                                         |                                                          |
+| Groups or individuals can be                                     |                                                          |
+| followers of either the Covenant                                 |                                                          |
+| or Dual Seedline doctrine; all believe that Jews are conspiring  |                                                          |
+| with Satan to control world affairs and that the world is on the |                                                          |
+| verge of the Biblical apocalypse.  Dual Seedline adherents       |                                                          |
+| believe Jews are the literal offspring of Satan and that non-    |                                                          |
+| whites, who are often referred to as "mud people," are not       |                                                          |
+| human beings.                                                    |                                                          |
+| (also:                                                           | Identity, CI, Anglo-Israel                               |
+| (U)  Cuban                                                       |                                                          |
+| independence                                                     |                                                          |
+| extremism                                                        |                                                          |
+| (U//FOUO)  A movement of groups or individuals who do            |                                                          |
+| not recognize the legitimacy of the Communist Cuban              |                                                          |
+| Government and who attempt to subvert it through acts of         |                                                          |
+| violence, mainly within the United States.                       |                                                          |
+| (also:                                                           | anti-Castro groups                                       |
+| (U)  decentralized                                               |                                                          |
+| terrorist movement                                               |                                                          |
+| (U//FOUO)  A movement of groups or individuals who               |                                                          |
+| pursue shared ideological goals through tactics of leaderless    |                                                          |
+| resistance independent of any larger terrorist organization.     |                                                          |
+| (U)  denial-of-service                                           |                                                          |
+| attack                                                           |                                                          |
+| (U//FOUO)  An attack that attempts to prevent or impair the      |                                                          |
+| intended functionality of computer networks, systems, or         |                                                          |
+| applications.  Depending on the type of system targeted, the     |                                                          |
+| attack can employ a variety of mechanisms and means.             |                                                          |
+| (also:                                                           | DoS attack                                               |
+| (U)  direct action                                               | (U//FOUO)  Lawful or unlawful acts of civil disobedience |
+| ranging from protests to property destruction or acts of         |                                                          |
+| violence.  This term is most often used by single-issue or       |                                                          |
+| anarchist extremists to describe their activities.               |                                                          |
+(U)  environmental extremism
+(U//FOUO)  A movement of groups or individuals who use violence to end what they perceive as the degradation of the natural environment by humans.  Members have advocated or engaged in criminal activity and plot acts of violence and terrorism in an attempt to advance their extremist goals. They target industries, businesses, and government entities that they allege are engaged in habitat destruction, citing urban sprawl and development, logging, construction sites and related equipment, and man-made sources of air, water, and land pollution. (also: *ecoterrorism*)
+(U)  ethnic-based extremism
+(U//FOUO)  A movement of groups or individuals who are drawn together and form extremist beliefs based on their ethnic or cultural background.  Members have advocated or engaged in criminal activity and have plotted acts of violence and terrorism in an attempt to advance their extremist goals.
+(U)  extremist group
+(U//FOUO)  An ideologically driven organization that
+advocates or attempts to bring about political, religious, economic, or social change through the use of force, violence, or ideologically motivated criminal activity.
+(U)  green anarchism
+(U//FOUO)  A movement of groups or individuals who combine anarchist ideology with an environmental focus. They advocate a return to a preindustrial, agrarian society, often through acts of violence and terrorism.
+| (U)  hacktivism                                                 | (U//FOUO)  (A portmanteau of "hacking" and "activism.")     |
+|-----------------------------------------------------------------|-------------------------------------------------------------|
+| The use of cyber technologies to achieve a political end, or    |                                                             |
+| technology-enabled political or social activism.                |                                                             |
+| Hacktivism might include website defacements,                   |                                                             |
+| denial-of-service attacks, hacking into the target's network to |                                                             |
+| introduce malicious software (malware), or information theft.   |                                                             |
+| (U)  hate groups                                                | (U//FOUO)  A term most often used to describe white         |
+| supremacist groups.  It is occasionally used to describe other  |                                                             |
+| racist extremist groups.                                        |                                                             |
+| (U)  Jewish extremism                                           | (U//FOUO)  A movement of groups or individuals of the       |
+| Jewish faith who are willing to use violence or commit other    |                                                             |
+| criminal acts to protect themselves against perceived affronts  |                                                             |
+| to their religious or ethnic identity.                          |                                                             |
+(U)  leaderless resistance
+(U//FOUO)  A strategy that stresses the importance of individuals and small cells acting independently and anonymously outside formalized organizational structures to enhance operational security and avoid detection.  It is used by many types of domestic extremists.
+(U)  leftwing extremism
+(U//FOUO)  A movement of groups or individuals that embraces anticapitalist, Communist, or Socialist doctrines and seeks to bring about change through violent revolution rather than through established political processes.  The term also refers to leftwing, single-issue extremist movements that
+are dedicated to causes such as environmentalism, opposition to war, and the rights of animals. (also: *far left, extreme left*)
+(U)  lone terrorist
+(U//FOUO)  An individual motivated by extremist ideology
+to commit acts of criminal violence independent of any larger terrorist organization. (also: *lone wolf*)
+(U)  Mexican separatism
+(U//FOUO)  A movement of groups or individuals of Mexican descent who advocate the secession of southwestern U.S. states (all or part of Arizona, California, New Mexico, and Texas) to join with Mexico through armed struggle. Members do not recognize the legitimacy of these U.S. states, including the U.S. Government's original acquisition of these territories.
+(U)  militia movement
+(U//FOUO)  A rightwing extremist movement composed of
+groups or individuals who adhere to an antigovernment ideology often incorporating various conspiracy theories. Members oppose most federal and state laws, regulations, and authority (particularly firearms laws and regulations) and often conduct paramilitary training designed to resist perceived government interference in their activities or to overthrow the U.S. Government through the use of violence. (also: *citizens militia, unorganized militia*)
+(U)  neo-Nazis
+(U//FOUO)  Groups or individuals who adhere to and
+promote Adolph Hitler's beliefs and use Nazi symbols and
+ideology.  Subjects subscribe to virulently racist as well as
+anti-Semitic beliefs, many based on national socialist ideals derived from Nazi Germany.  Neo-Nazis may attempt to downplay or deny the Jewish Holocaust. (also: *national socialists, Nazis*)
+| (U)  patriot movement                                        | (U//FOUO)  A term used by rightwing extremists to link their    |
+|--------------------------------------------------------------|-----------------------------------------------------------------|
+| beliefs to those commonly associated with the American       |                                                                 |
+| Revolution.  The patriot movement primarily comprises        |                                                                 |
+| violent antigovernment groups such as militias and sovereign |                                                                 |
+| citizens.                                                    |                                                                 |
+| (also:                                                       | Christian patriots, patriot group, Constitutionalists,          |
+| Constitutionist                                              | )                                                               |
+(U)  Phineas Priesthood
+(U//FOUO)  A Christian Identity doctrine derived from the Biblical story of Phinehas, which adherents interpret as justifying inter-racial killing.  Followers of this belief system also have advocated martyrdom and violence against homosexuals, mixed-race couples, and abortion providers.
+| (U)  primary targeting                                         | (U//FOUO)  Plans or attacks directed by extremists against    |
+|----------------------------------------------------------------|---------------------------------------------------------------|
+| parties that are the focus of an organized campaign.           |                                                               |
+| (U)  Puerto Rican                                              |                                                               |
+| independence                                                   |                                                               |
+| extremists                                                     |                                                               |
+| (U//FOUO)  Groups or individuals who engage in criminal        |                                                               |
+| activity and advocate the use of violence to achieve           |                                                               |
+| Puerto Rican independence from the United States.              |                                                               |
+| (U)  racial Nordic                                             |                                                               |
+| mysticism                                                      |                                                               |
+| (U//FOUO)  An ideology adopted by many white supremacist       |                                                               |
+| prison gangs who embrace a Norse mythological religion,        |                                                               |
+| such as Odinism or Asatru.                                     |                                                               |
+| (also:                                                         | Odinism, Asatru                                               |
+| (U)  racialist                                                 | (U//FOUO)  A term used by white supremacists intended to      |
+| minimize their extreme views on racial issues.                 |                                                               |
+| (U)  racist skinheads                                          | (U//FOUO)  Groups or individuals who combine white            |
+| supremacist ideology with a skinhead ethos in which "white     |                                                               |
+| power" music plays a central role.  Dress may include a        |                                                               |
+| shaved head or very short hair, jeans, thin suspenders, combat |                                                               |
+| boots or Doc Martens, a bomber jacket (sometimes with racist   |                                                               |
+| symbols), and tattoos of Nazi-like emblems.  Some are          |                                                               |
+| abandoning these stereotypical identifiers.                    |                                                               |
+| (also:                                                         | skins                                                         |
+| (U)  radicalization                                            | (U//FOUO)  The process by which an individual adopts an       |
+| extremist belief system leading to his or her willingness to   |                                                               |
+| advocate or bring about political, religious, economic, or     |                                                               |
+| social change through the use of force, violence, or           |                                                               |
+| ideologically motivated criminal activity.                     |                                                               |
+(U)  rightwing extremism
+(U//FOUO)  A movement of rightwing groups or individuals who can be broadly divided into those who are primarily hate-oriented, and those who are mainly antigovernment and reject federal authority in favor of state or local authority. This term also may refer to rightwing extremist movements that are dedicated to a single issue, such as opposition to abortion or immigration. (also known as *far right, extreme right*)
+(U)  secondary targeting
+(U//FOUO)  Plans or attacks directed against parties (secondary targets) that provide direct financial, logistic, or physical support to the primary target of an organized campaign, with the goal of coercing those parties to end their engagement with a primary target.  Secondary targets can include customers of or suppliers to a primary target or employees of a primary target organization.
+(U)  single-issue extremist groups
+(U//FOUO)  Groups or individuals who focus on a single issue or causesuch as animal rights, environmental or anti-abortion extremismand often employ criminal acts. Group members may be associated with more than one issue. (also: *special interest extremists*)
+(U)  skinheads
+(U//FOUO)  A subculture composed primarily of
+working-class, white youth who embrace shaved heads for males, substance abuse, and violence.  Skinheads can be categorized as racist, anti-racist or "traditional," which emphasizes group unity based on fashion, music, and lifestyle rather than political ideology.  Dress often includes a shaved head or very short hair, jeans, thin suspenders, combat boots or Doc Martens, and a bomber jacket. (also: *skins*)
+(U)  sovereign citizen movement
+(U//FOUO)  A rightwing extremist movement composed of groups or individuals who reject the notion of U.S. citizenship.  They claim to follow only what they believe to be God's law or common law and the original 10 amendments (Bill of Rights) to the U.S. Constitution. They believe they are emancipated from all other responsibilities associated with being a U.S. citizen, such as paying taxes, possessing a driver's license and motor vehicle registration, or holding a social security number. They generally do not recognize federal or state government authority or laws.  Several sovereign citizen groups in the United States produce fraudulent documents for their members in lieu of legitimate government-issued forms of identification.  Members have been known to advocate or engage in criminal activity and plot acts of violence and terrorism in an attempt to advance their extremist goals. They often target government officials and law enforcement. (also: state citizens, freemen, preamble citizens, common law citizens)
+(U)  tax resistance movement
+(U//FOUO)  Groups or individuals who vehemently believe taxes violate their constitutional rights.  Among their beliefs are that wages are not income, that paying income taxes is voluntary, and that the 16th Amendment to the U.S. Constitution, which allowed Congress to levy taxes on income, was not properly ratified.  Members have been known to advocate or engage in criminal activity and plot acts of violence and terrorism in an attempt to advance their extremist goals.  They often target government entities such as the Internal Revenue Service and the Bureau of Alcohol, Tobacco, Firearms and Explosives.
+(also: tax protest movement, tax freedom movement, antitax
+movement)
+(U)  tertiary targeting
+(U//FOUO)  Plans or attacks against parties with indirect
+links to the primary target of an organized campaign. Tertiary targets can include employees, customers, investors, and other participants in a company (the secondary target) that does business with or provides support services to the primary target; or parties who provide direct financial, logistic, or physical support to the secondary target.
+(U)  underground
+(U//FOUO)  A term used to describe clandestine extremist
+groups, individuals, or their activities.
+
+
+
+(U)  violent antiwar extremism
+(U//FOUO)  A movement of groups or individuals who advocate or engage in criminal activity and plot acts of violence and terrorism in an attempt to voice their opposition to U.S. involvement in war-related activities.  They often target the military, seats of government power, and defense industry personnel, facilities, and activities.
+(U)  violent religious sects
+(U//FOUO)  Religious extremist groups predisposed toward violence.  These groups often stockpile weapons, conduct paramilitary training, and share a paranoid interpretation of current world events, which they often associate with the end of the world.  They perceive outsiders as enemies or evil influences; display intense xenophobia and strong distrust of the government; and exercise extreme physical or psychological control over group members, sometimes isolating them from society or subjecting them to physical or sexual abuse and harsh initiation practices.
+(U)  white nationalism
+(U//FOUO)  A term used by white supremacists to emphasize
+what they perceive as the uniquely white (European) heritage of the United States.
+(U)  white power
+(U//FOUO)  A term used by white supremacists to describe
+their pride in and the perceived superiority of the white race.
+(U)  white separatism
+(U//FOUO)  A movement of groups or individuals who
+believe in the separation of races and reject interracial marriages.  Some advocate the secession of specific geographic regions from the rest of the United States. Members have been known to advocate or engage in criminal activity and plot acts of violence and terrorism in an attempt
+to advance their extremist goals.
+(U)  white supremacist movement
+(U//FOUO)  Groups or individuals who believe that whites
+Caucasiansare intellectually and morally superior to other
+races and use their racist ideology to justify committing crimes, acts of violence, and terrorism to advance their cause. Some advocate racial separation/segregation.
+White supremacists generally fall into six categories:
+Neo-Nazi, Ku Klux KlanUSPER, Christian Identity, racist
+skinhead, Nordic mysticism, or Aryan prison gangs. White supremacists have been known to embrace more than one of these categories.
+
+
+
+##
+
+(U)  Reporting Notice: (U)  DHS encourages recipients of this document to report information concerning suspicious or criminal activity to DHS and the FBI.  The DHS National Operations Center (NOC) can be reached by telephone at
+202-282-9685 or by e-mail at NOC.Fusion@dhs.gov.  For information affecting the private sector and critical infrastructure, contact the National Infrastructure Coordinating Center (NICC), a sub-element of the NOC.  The NICC can be reached by telephone at 202-282-9201 or by e-mail at NICC@dhs.gov.  The FBI regional phone numbers can be found online at http://www.fbi.gov/contact/fo/fo.htm.  When available, each report submitted should include the date, time, location, type of activity, number of people and type of equipment used for the activity, the name of the submitting company or organization, and a designated point of contact. (U)  For comments or questions related to the content or dissemination of this document, please contact the DHS/I&A Production Branch at IA.PM@hq.dhs.gov, IA.PM@dhs.sgov.gov, or IA.PM@dhs.ic.gov. (U)  **Tracked by:** TERR-020100-01-05, TERR-020600-01-05, TERR-060100-01-05

markdown/misc/megiddo.md

@@ -0,0 +1,290 @@
+The attached analysis, entitled PROJECT MEGIDDO, is an FBI
+strategic assessment of the potential for domestic terrorism in the United States undertaken in anticipation of or response to the arrival of the new millennium.
+
+## Project Megiddo Table Of Contents:
+
+| I.  EXECUTIVE SUMMARY                         | 3   |
+|-----------------------------------------------|-----|
+| II.  INTRODUCTION                             | 6   |
+| When Does the New Millennium Begin?           | 7   |
+| Blueprint for Action: The Turner Diaries      |     |
+| 8                                             |     |
+| Interpretations of The Bible                  |     |
+| Apocalyptic Religious Beliefs                 | 10  |
+| The New World Order Conspiracy Theory and the |     |
+| Year 2000 Computer Bug                        | 11  |
+| Gun Control Laws                              | 12  |
+| III.  CHRISTIAN IDENTITY                      | 14  |
+| IV.  WHITE SUPREMACY                          |     |
+| V.  MILITIAS                                  | 21  |
+| VI.  BLACK HEBREW ISRAELITES                  | 23  |
+| VII.  APOCALYPTIC CULTS                       | 26  |
+| VIII.  THE SIGNIFICANCE OF JERUSALEM          | 30  |
+| IX.  CONCLUSION                               | 32  |
+
+For over four thousand years, MEGIDDO, a hill in northern Israel, has been the site of many battles.  Ancient cities were established there to serve as a fortress on the plain of Jezreel to guard a mountain pass.  As Megiddo was built and rebuilt, one city upon the other, a mound or hill was formed.  The Hebrew word "Armageddon" means "hill of Megiddo."  In English, the word has come to represent battle itself. The last book in the New Testament of the Bible designates Armageddon as the assembly point in the apocalyptic setting of God's  final and conclusive battle against evil.  The name "Megiddo" is an apt title for a project that analyzes those who believe the year 2000 will usher in the end of the world and who are willing to perpetrate acts of violence to bring that end about.
+
+## I.  Executive Summary
+
+The year 2000 is being discussed and debated at all levels of society.  Most of the discussions regarding this issue revolve around the topic of technology and our society's overwhelming dependence on the multitude of computers and computer chips which make our world run smoothly.  However, the upcoming millennium also holds important implications beyond the issue of computer technology.  Many extremist individuals and groups place some significance on the next millennium, and as such it will present challenges to law enforcement at many levels.  The significance is based primarily upon either religious beliefs relating to the Apocalypse or political beliefs relating to the New World Order (NWO) conspiracy theory.  The challenge is how well law enforcement will prepare and respond.
+
+The following report, entitled "Project Megiddo," is intended to analyze the potential for extremist criminal activity in the United States by individuals or domestic extremist groups who profess an apocalyptic view of the millennium or attach special significance to the year 2000.  The purpose behind this assessment is to provide law enforcement agencies with a clear picture of potential extremism motivated by the next millennium.  The report does not contain information on domestic terrorist groups whose actions are not influenced by the year 2000.
+
+There are numerous difficulties involved in providing a thorough analysis of domestic security threats catalyzed by the new millennium.  Quite simply, the very nature of the current domestic terrorism threat places severe limitations on effective intelligence gathering and evaluation.  Ideological and philosophical belief systems which attach importance, and possibly violence, to the millennium have been well-articulated.  From a law enforcement perspective, the problem therefore is not a lack of understanding of motivating ideologies: The fundamental problem is that the traditional focal point for counterterrorism analysis -- the terrorist group -- is not always well-defined or relevant in the current environment.
+The general trend in domestic extremism is the terrorist's disavowal of traditional, hierarchical, and structured terrorist organizations.  Even well-established militias, which tend to organize along military lines with central control, are characterized by factionalism and disunity.
+
+While several "professional" terrorist groups still exist and present a continued threat to domestic security, the overwhelming majority of extremist groups in the United States have adopted a fragmented, leaderless structure where individuals or small groups act with autonomy.  Clearly, the worst act of domestic terrorism in United States history was perpetrated by merely two individuals: Timothy McVeigh and Terry Nichols.  In many cases, extremists of this sort are extremely difficult to identify until after an incident has occurred.  Thus, analysis of domestic extremism in which the group serves as the focal point of evaluation has obvious limitations.
+
+The Project Megiddo intelligence initiative has identified very few indications of specific threats to domestic security.  Given the present nature of domestic extremism, this is to be expected.  However, this is a function of the limitations of the group-oriented model of counterterrorism analysis  and should not be taken necessarily as reflective of a minor or trivial domestic threat.  Without question, this initiative has revealed indicators of potential violent activity on the part of extremists in this country.  Militias, adherents of racist belief systems such as Christian Identity and Odinism, and other radical domestic extremists are clearly focusing on the millennium as a time of action.  Certain individuals from these various perspectives are acquiring weapons, storing food and clothing, raising funds through fraudulent means, procuring safe houses, preparing compounds, surveying potential targets, and recruiting new converts. These and other indicators are not taking place in a vacuum, nor are they random or arbitrary.  In the final analysis, while making specific predictions is extremely difficult, acts of violence in commemoration of the millennium are just as likely to occur as not.  In the absence of  intelligence that the more established and organized terrorist groups are planning millennial violence as an organizational strategy, violence is most likely to be perpetrated by radical fringe members of established groups.  For example, while Aryan Nations leader Richard Butler publicly frowns on proactive violence, adherents of his religion or individual members of his organization may commit acts of violence autonomously.
+Potential cult-related violence presents additional challenges to law enforcement.  The potential for violence on behalf of members of biblically-driven cults is determined almost exclusively by the whims of the cult leader.  Therefore, effective intelligence and analysis of such cults requires an extensive understanding of the cult leader.  Cult members generally act to serve and please the cult leader rather than accomplish an ideological objective.  Almost universally, cult leaders are viewed as messianic in the eyes of  their followers.  Also, the cult leader's prophecies, preachings, orders, and objectives are subject to indiscriminate change.  Thus, while analysis of publicly stated goals and objectives of cults may provide hints about their behavior and intentions, it is just as likely to be uninformed or, at worst, misleading.  Much more valuable is a thorough examination of the cult leader, his position of power over his followers, and an awareness of the responding behavior and activity of the cult.  Sudden changes in activity - for example, less time spent on "Bible study" and more time spent on "physical training" - indicate that the cult may be preparing for some type of action.
+
+The millennium holds special significance for many, and as this pivotal point in time approaches, the impetus for the initiation of violence becomes more acute.  Several religiously motivated groups envision a quick, fiery ending in an apocalyptic battle.  Others may initiate a sustained campaign of terrorism in the United States to prevent the NWO.  Armed with the urgency of the millennium as a motivating factor, new clandestine groups may conceivably form to engage in violence toward the U.S. Government or its citizens.
+Most importantly, this analysis clearly shows that perceptions matter.  The perceptions of the leaders and followers of extremist organizations will contribute much toward the ultimate course of action they choose.  For example, in-depth analysis of  Y2K  compliancy on the part of various key sectors that rely on computers has determined that, despite a generally positive outlook for overall compliance, there will be problem industries and minor difficulties and inconveniences.1  If they occur, these inconveniences are likely to cause varying responses by the extreme fringes.  Members of various militia groups, for example, have identified potentially massive power failures as an indication of a United Nations-directed NWO takeover.  While experts have indicated that only minor brownouts will occur, various militias are likely to perceive such minor brownouts as indicative of a larger conspiracy.2
+The Senate Special Committee on the Year 2000 Technology Problem has stated that some state and local governments could be unprepared, including the inability to provide benefits payments.3  This could have a significant impact in major urban areas, resulting in the possibility for civil unrest.  Violent white supremacists are likely to view such unrest as an affirmation of a racist, hate-filled world view.  Likewise, militia members who predict the implementation of martial law in response to a Y2K computer failure would become all the more fearful.
+
+## Ii.  Introduction
+
+Are we already living on the precipice of the Apocalypse - the chaotic final period of warfare between the forces of good and evil signaling the second coming of Christ, as forecast in the New Testament's Book of Revelation?  Or, will life on earth continue for another 1,000 years, allowing humans to eliminate disease and solve the mysteries of the aging process so they can live as long as Methuselah, colonize space, commune with extraterrestrials, unravel the secrets of teleportation, and usher in a golden age of peace and productivity? 4 At first glance, some of the predictions compiled in Prophecies for the New Millennium that claim to foretell how the millennium will affect the United States seem benign.  In fact, those predictions capture some of the countless ways that domestic terrorists view how the millennium will affect the world.  The threat posed by extremists as a result of perceived events associated with the Year 2000 (Y2K) is very real.
+
+  Numerous religious extremists claim that a race war will soon begin, and have taken steps to become martyrs in their predicted battle between good and evil.  Three recent incidents committed by suspects who adhere to ideologies that emphasize millennial related violence illustrate those beliefs: Buford O. Furrow, Jr., the man charged in the August 1999 shootings at a Los Angeles area Jewish day care center, told authorities "its time for America to wake and kill the jews"; Ben Smith, who committed suicide after shooting at minorities in Indiana and Illinois, killing two and injuring ten, over the July 4, 1999 weekend, was found to have literature in his home that indicated the year 2000 would be the start of the killing of minorities; and John William King, the man convicted in the dragging death of  James Byrd, Jr., a black man in Jasper, Texas, believed that his actions would help to initiate a race war.  Each of these men believed in the imminence of a racial holy war.
+
+ Meanwhile, for members of the militia movement the new millennium has a political overtone rather than a religious one.  It is their belief that the United Nations has created a secret plan, known as the New World Order (NWO), to conquer the world beginning in 2000.  The NWO will be set in motion by the Y2K computer crisis.
+
+Religious motivation and the NWO conspiracy theory are the two driving forces behind the potential for millennial violence.  As the end of the millennium draws near, biblical prophecy and political philosophy may merge into acts of violence by the more extreme members of domestic terrorist groups that are motivated, in part, by religion.  The volatile mix of apocalyptic religions and NWO conspiracy theories may produce violent acts aimed at precipitating the end of the world as prophesied in the Bible.
+
+When and how Christ's second coming will occur is a critical point in the ideology of those motivated by extremist religious beliefs about the millennium.  There is no consensus within Christianity regarding the specific date that the Apocalypse will occur.  However, within many right-wing religious groups there is a uniform belief that the Apocalypse is approaching.  Some of these same groups also point to a variety of non-religious indicators such as gun control, the Y2K computer problem, the NWO, the banking system, and a host of other "signs" that the Apocalypse is near.  Almost uniformly, the belief among right-wing religious extremists is that the federal government is an arm of Satan.  Therefore, the millennium will bring about a battle between Christian martyrs and the government.  At the core of this volatile mix is the belief of apocalyptic religions and cults that the battle against Satan, as prophesied in the Book of Revelation, will begin in 2000.
+
+An example of the confrontational nature and belief system of religiously motivated suspects illustrates the unique challenges that law enforcement faces when dealing with a fatalist/martyr philosophy.  It also illustrates the domino effect that may occur after such a confrontation.  Gordon Kahl, an adherent to the anti-government/racist Christian Identity religion, escaped after a 1983 shootout with police that left two Deputy U.S. Marshals dead.  He was later killed during a subsequent shootout with the FBI and others that also left a county sheriff dead. In response to the killing of Kahl, Bob Mathews, a believer in the racist Odinist ideology, founded The Order.  After The Order committed numerous crimes, its members were eventually tracked down.  Mathews escaped after engaging in a gun battle and later wrote, "Why are so many men so eager to destroy their own kind for the benefit of the Jews and the mongrels?  I see three FBI agents hiding behind some trees . . . I could have easily killed them . . . They look like good racial stock yet all their talents are given to a government which is openly trying to mongrelize the very race  these agents are part of . . . I have been a good soldier, a fearless warrior.  I will die with honor and join my brothers in [heaven]."  Exemplifying his beliefs as a martyr, Mathews later burned to death in an armed standoff with the FBI.
+
+In light of the enormous amount of  millennial rhetoric, the FBI sought to analyze a number of variables that have the potential to spark violent acts perpetrated by domestic terrorists.  Religious beliefs, the Y2K computer problem, and gun control laws all have the potential to become catalysts for such terrorism.  The following elements are essential to understanding the phenomenon of domestic terrorism related to the millennium:
+
+## When Does The New Millennium Begin?
+
+As the nation and the world prepare to celebrate the arrival of the new millennium, a debate has arisen as to the correct date for its beginning.  Although the true starting point of the next millennium is January 1, 2001, as established by the U.S. Naval Observatory in Washington, D.C., our nation's official time keeper, many will celebrate January 1, 2000, as the start of the millennium.  The majority of domestic terrorists, like the general public, place a greater significance on January 1, 2000.
+
+## Blueprint For Action: The Turner Diaries
+
+Many right-wing extremists are inspired by The Turner Diaries, a book written by William Pierce (under the pseudonym Andrew Macdonald), the leader of the white supremacist group National Alliance.  The book details a violent overthrow of the federal government by white supremacists and also describes a brutal race war that is to take place simultaneously.  To date, several groups or individuals have been inspired by this book:
+
+
+At the time of his arrest, Timothy McVeigh, the man responsible for the Oklahoma City bombing, had a copy of  The Turner Diaries in his possession.  McVeigh's action against the Murrah Federal Building was strikingly similar to an event described in the book where the fictional terrorist group blows up FBI Headquarters.
+
+The Order, an early 1980s terrorist cell involved in murder, robberies, and counterfeiting, was motivated by the book's scenarios for a race war.  The group murdered Alan Berg, a
+Jewish talk show host, and engaged in other acts of violence in order to hasten the race
+war described in the book.  The Order's efforts later inspired another group, The New Order, which planned to commit similar crimes in an effort to start a race war that would lead to a violent revolution.5
+
+Most recently, The Turner Diaries provided inspiration to John William King, the man
+convicted for dragging a black man to his death in Jasper, Texas.  As King shackled James Byrd's legs to the back of his truck he was reported to say, "We're going to start the
+Turner Diaries early."6
+During the year 2000 and beyond, The Turner Diaries will be an inspiration for right-wing terrorist groups to act because it outlines both a revolutionary takeover of the government and a race war.  These elements of the book appeal to a majority of right-wing extremists because it is their belief that one or both events will coincide with Y2K.
+
+## Interpretations Of The Bible
+
+Religiously based domestic terrorists use the New Testament's Book of Revelation -- the prophecy of the endtime -- for the foundation of their belief in the Apocalypse.  Religious extremists interpret the symbolism portrayed in the Book of Revelation and mold it to predict that the endtime is now and that the Apocalypse is near.  To understand many religious extremists, it is crucial to know the origin of the Book of Revelation and the meanings of its words, numbers and characters.
+
+The Book of Revelation was written by a man named "John" who was exiled by the Roman government to a penal colony - the island of Patmos - because of his beliefs in Christ.7
+While on the island, he experienced a series of visions, described in the Book of Revelation.  The writing in the Book of Revelation is addressed to churches who were at the time experiencing or were threatened by persecution from Rome because they were not following the government.  For this reason, some believe the Book of Revelation was written in code language, much of which was taken from other parts of the Bible.
+One interpretation describing the essence of the message contained in Revelation is that God will overcome Christianity's enemies (Roman Government/Satan) and that the persecuted communities should persevere.8  For right-wing groups who believe they are being persecuted by the satanic government of the United States, the Book of Revelation's message fits perfectly into their world view.  This world view, in combination with a literal interpretation of the Book of Revelation, is reflected in extremist ideology, violent acts, and literature.  For this reason, it is imperative to know the meaning of some of the "code words" frequently used:
+
+C
+Four (4) signifies the world.
+C
+Six (6) signifies imperfection.
+C
+Seven (7) is the totality of perfection or fullness and completeness.
+C
+Twelve (12) represents the twelve tribes of Israel or the 12 apostles.
+C
+One-thousand (1000) signifies immensity.
+C
+The color white symbolizes power and can also represent victory, joy and resurrection.
+C
+The color red symbolizes a bloody war.
+C
+The color black symbolizes famine.
+C
+A rider on a pale green horse is a symbol of Death itself.
+
+"Babylon" is the satanic Roman Government, now used to describe the U.S. government.9
+Black Hebrew Israelites, a black supremacist group, typify the use of numerology from the Book of Revelation.  They believe group members will comprise the 144,000 people who are saved by God in the second coming that is outlined in Revelation (7:1-17).   In the Book of Revelation, John is shown a vision of 144,000 martyrs who have survived and did not submit to Satan.  This number is derived from the assertion that the twelve tribes of Israel consisted of 12,000 people each.
+
+Groups not only use the Bible to interpret the endtimes, but use it to justify their ideology.
+
+Phineas Priests, an amorphous group of Christian Identity adherents, base their entire ideology on Chapter 25 of the Book of Numbers.  The passage depicts a scene where Phineas kills an Israelite who was having relations with a Midianite woman and God then granted Phineas and all of his descendants a pledge of everlasting priesthood.  Modern day followers of the Phineas Priest ideology believe themselves to be the linear descendants of Phineas and this passage gives them biblical justification to punish those who transgress God's laws.  Therefore, the group is ardently opposed to race mixing and strongly believes in racial separation.  The number 25 is often used as a symbol of the group.
+
+## Apocalyptic Religious Beliefs
+
+To understand the mind set of why religious extremists would actively seek to engage in violent confrontations with law enforcement, the most common extremist ideologies must be understood.  Under these ideologies, many extremists view themselves as religious martyrs who have a duty to initiate or take part in the coming battles against Satan.  Domestic terrorist groups who place religious significance on the millennium believe the federal government will act as an arm of Satan in the final battle.  By extension, the FBI is viewed as acting on Satan's behalf.
+
+The philosophy behind targeting the federal government or entities perceived to be associated with it is succinctly described by Kerry Noble, a former right-wing extremist.  He says the right-wing "envision[s] a dark and gloomy endtime scenario, where some Antichrist makes war against Christians."10  The House of Yahweh, a Texas based religious group whose leaders are former members of the tax protesting Posse Comitatus, is typical:  Hawkins (the leader) has interpreted biblical scripture that the Israeli Peace Accord signed on October 13, 1993, has started a 7-year period of tribulation which will end on October 14, 2000, with the return of the Yeshua (the Messiah).11  He also has interpreted that the FBI will be the downfall of the House of Yahweh and that the Waco Branch Davidian raids in 1993 were a warning to The House of Yahweh from the federal government, which he terms "the beast."12  Similarly, Richard Butler, leader of the white supremacist group Aryan Nations, said the following when asked what might have motivated the day care shooting by Buford O. Furrow, Jr., one of his group's followers: "There's a war against the white race.  There's a war of extermination against the white male."13
+
+## The New World Order Conspiracy Theory And The Year 2000 Computer Bug
+
+Unlike religiously based terrorists, militia anxiety and paranoia specifically relating to the year 2000 are based mainly on a political ideology.  Some militia members read significance into 2000 as it relates to their conception of the NWO conspiracy.14  The NWO conspiracy theory holds that the United Nations (UN) will lead a military coup against the nations of the world to form a socialist or One World Government.  UN troops, consisting mostly of foreign armies, will commence a military takeover of America.  The UN will mainly use foreign troops on American soil because foreigners will have fewer reservations about killing American citizens.  U.S. armed forces will not attempt to stop this invasion by UN troops and, in fact, the U.S. military may be "deputized" as a branch of the UN armed forces.  The American military contingent overseas will also play a large part in this elaborate conspiracy theory, as they will be used to help conquer the rest of the world.  The rationale for this part of the theory is that American soldiers will also have less qualms about killing foreigners, as opposed to killing their own citizens.
+Under this hypothetical NWO/One World Government, the following events are to take place:  1) private property rights and private gun ownership will be abolished; 2) all national, state and local elections will become meaningless, since they will be controlled by the UN; 3) the U.S. Constitution will be supplanted by the UN charter; 4) only *approved* churches and other places of worship will be permitted to operate and will become appendages of the One World Religion, which will be the only legitimate doctrine of religious beliefs and ethical values; 5) home schooling will be outlawed and all school curriculum will need to be approved by the United Nations Educational, Scientific and Cultural Organization (UNESCO); and 6) American military bases and other federal facilities will be used as concentration camps by the UN to confine those patriots, including the militias, who defy the NWO.  Other groups beside the UN that are often mentioned as being part of the NWO conspiracy theory are Jews, Communists, the Council on Foreign Relations, the Bilderbergers and the Trilateral Commission.  Law enforcement officials will probably notice different versions of this theory, depending upon the source.
+
+The NWO conspiracy theory is particularly relevant to the millennium because the year
+2000 is considered to be a triggering device for the NWO due to the element of computer breakdown.  Many computers around the world are based on a numerical system in which the year is only registered by the last two digits.  A number of militia members accept the theory that on January 1, 2000, many computers will misinterpret this date as January 1, 1900, and malfunction and/or shut down completely.  They further believe that these major computer malfunctions will cause widespread chaos at all levels of society- economic, social and political. This chaos will theoretically create a situation in which American civilization will collapse, which will then produce an environment that the UN will exploit to forcibly take over the United States. Therefore, these militia members (as well as other groups) believe that the year 2000 will be the catalyst for the NWO.
+According to James Wickstrom, former leader of the defunct Posse Comitatus and
+"Minister" of the True Church of Israel, anyone who holds any powerful political influence knows that the Y2K crisis may be the final fuse that will lead to the NWO that "David Rockefeller and the rest of his satanic jew seedline desire to usher in upon the earth."15  He claims that Jews have conspired to create the Y2K problem and that the prospect of impending computer failure is very real.  Similarly, The New American, an organ of the ultraconservative John Birch Society, speculates that the Y2K bug could be America's Reichstag fire, a reference to the 1933 arson attack on Germany's Parliament building that was used by Hitler as an excuse to enact police state laws.  Similar to this train of thought, Norm Olson, leader of the Northern Michigan Regional Militia, believes constitutional rights probably will be suspended before the real crisis hits.  He states: "It will be the worst time for humanity since the Noahic flood."16
+However, there are some extremists who do not attach any major significance to the Y2K
+problem.  In his article, *"The Millennium Bug and 'Mainstreaming' the News,"* William Pierce of the National Alliance tells his followers not to worry, or at least, not to worry very much about the Y2K issue.  Pierce predicts that the main event that will occur on New Year's Day 2000 is that crazed millennialists will go "berserk when the Second Coming fails to occur."  Also, "a few right-wing nuts may launch a premature attack on the government, figuring that without its computers the government won't be able to fight back."  Pierce claims that the lights will remain on, and that airplanes will not fall from the sky.  He says that he is able to make such a prediction with some degree of confidence because, "contrary to what some cranks would have you believe, the computer professionals and the government have been working on the Y2K problem for some time."17
+
+## Gun Control Laws
+
+The passage of the Brady Bill and assault weapons ban in 1994 were interpreted by those in the militia movement and among the right-wing as the first steps towards disarming citizens in preparation for the UN-led NWO takeover.  Some are convinced that the registration of gun owners is in preparation for a confiscation of firearms and eventually the arrest of the gun owners themselves.  An article by Larry Pratt, Executive Director for Gun Owners of America, interprets a 1995 UN study of small arms, done reportedly in cooperation with U.S. police, customs and military services, as part of the UN's plan to take over the U.S.  Pratt goes on to say that the "UN is increasingly assuming the jurisdictional authority of a federal world government with the U.S. as just one of scores of member states.  And gun control -- meaning civilian disarmament -- is high up on the agenda of the UN."18  Speculation like this only serves to fuel the already existing paranoia of militia and patriot groups.
+
+The right-wing believes that many of the restrictions being placed on the ownership of firearms today mirror events in The Turner Diaries.  In his book, Pierce writes about the United States government banning the private possession of firearms and staging gun raids in an effort to arrest gun owners.  The book discusses the government/police use of black men, assigned as "special deputies" to carry out the gun raids.  Many members of the right-wing movement view the book as prophetic, believing that it is only a matter of time before these events occur in real life.
+
+In the aftermath of the school shootings in Littleton, Colorado, President Clinton, Congress, and Attorney General Reno acted swiftly to propose new laws aimed at restricting the sales of guns to juveniles and to close loopholes in existing laws.  In May 1999, the Senate passed a bill to ban the importation of high capacity ammunition magazines and require background checks for guns sold at gun shows.  In light of the enormous importance and prominent role that extremist groups place on the Second Amendment, it is probable that recent government actions aimed at controlling guns are perceived to be compelling signs of the UN-led NWO takeover.
+
+## Iii. Christian Identity
+
+Christian Identity is an ideology which asserts that the white Aryan race is God's chosen race and that whites comprise the ten lost tribes of Israel.19  There is no single document that expresses this belief system.  Adherents refer to the Bible to justify their racist ideals.  Interpreting the Book of Genesis, Christian Identity followers assert that Adam was preceded by other, lesser races, identified as "the beasts of the field" (Gen. 1:25).  Eve was seduced by the snake (Satan) and gave birth to two seed lines:  Cain, the direct descendent of Satan and Eve, and Able, who was of good Aryan stock through Adam.  Cain then became the progenitor of the Jews in his subsequent matings with the non-Adamic races.  Christian Identity adherents believe the Jews are predisposed to carry on a conspiracy against the Adamic seed line and today have achieved almost complete control of the earth.20  This is referred to as the two-seedline doctrine, which provides Christian Identity followers with a biblical justification for hatred.
+The roots of the Christian Identity movement can be traced back to British-Israelism, the conviction that the British are the lineal descendants of the "ten lost tribes" of Israel.  It is a belief that existed for some time before it became a movement in the second half of the 19th century. The writings of John Wilson helped to extend the idea of British-Israelism to Anglo-Israelism, which included other Teutonic peoples -- mostly northern European peoples from Germany, Italy, France and Switzerland.  British-Israelism was brought to America in the early part of the 1920s, where it remained decentralized until the 1930s.  At that time, the movement underwent the final transformation to become what we know as Christian Identity, at which time its ties to the original English movement were cut and it became distinctly American.
+
+Wesley Swift is considered the single most significant figure in the early years of the Christian Identity movement in the United States.  He popularized it in the right-wing by "combining British-Israelism, a demonic anti-Semitism, and political extremism."21  He founded his own church in California in the mid 1940s where he could preach this ideology.  In addition, he had a daily radio broadcast in California during the 1950s and 60s, through which he was able to proclaim his ideology to a large audience.  With Swift's efforts, the message of his church spread, leading to the creation of similar churches throughout the country.  In 1957, the name of his church was changed to The Church of Jesus Christ Christian, which is used today by Aryan Nations (AN) churches.
+
+One of Swift's associates, William Potter Gale, was far more militant than Swift and brought a new element to Christian Identity churches.  He became a leading figure in the anti-tax and paramilitary movements of the 1970s and 80s.  There are numerous Christian Identity churches that preach similar messages and some espouse more violent rhetoric than others, but all hold fast to the belief that Aryans are God's chosen race.
+
+Christian Identity also believes in the inevitability of the end of the world and the Second Coming of Christ.  It is believed that these events are part of a cleansing process that is needed before Christ's kingdom can be established on earth.  During this time, Jews and their allies will attempt to destroy the white race using any means available.  The result will be a violent and bloody struggle -- a war, in effect -- between God's forces, the white race, and the forces of evil, the Jews and nonwhites.  Significantly, many adherents believe that this will be tied into the coming of the new millennium.
+
+The view of what Armageddon will be varies among Christian Identity believers.  Some contend there will be a race war in which millions will die; others believe that the United Nations, backed by Jewish representatives of the anti-Christ, will take over the country and promote a New World Order.  One Christian Identity interpretation is that white Christians have been chosen to watch for signs of the impending war in order to warn others.  They are to then physically struggle with the forces of evil against sin and other violations of God's law (i.e., race-mixing and internationalism); many will perish, and some of God's chosen will be forced to wear the Mark of the Beast to participate in business and commerce.  After the final battle is ended and God's kingdom is established on earth, only then will the Aryan people be recognized as the one and true Israel.
+
+Christian Identity adherents believe that God will use his chosen race as his weapons to battle the forces of evil.  Christian Identity followers believe they are among those chosen by God to wage this battle during Armageddon and they will be the last line of defense for the white race and Christian America.  To prepare for these events, they engage in survivalist and paramilitary training, storing foodstuffs and supplies, and caching weapons and ammunition.  They often reside on compounds located in remote areas.
+As the millennium approaches, various right-wing groups pose a threat to American society.  The radical right encompasses a vast number and variety of groups, such as survivalists, militias, the Ku Klux Klan, neo-Nazis, Christian Identity churches, the AN and skinheads.  These groups are not mutually exclusive and within the subculture individuals easily migrate from one group to another.  This intermixing of organizations makes it difficult to discern a singular religious ideology or belief system that encompasses the right-wing.
+
+Nevertheless, Christian Identity is the most unifying theology for a number of these diverse groups and one widely adhered to by white supremacists.  It is a belief system that provides its members with a religious basis for racism and an ideology that condones violence against non-Aryans.  This doctrine allows believers to fuse religion with hate, conspiracy theories, and apocalyptic fear of the future.  Christian Identity-inspired millennialism has a distinctly racist tinge in the belief that Armageddon will be a race war of Aryans against Jews and nonwhites.  The potential difficulty society may face due to the Y2K computer glitch is considered by a number of Christian Identity adherents to be the perfect event upon which to instigate a race war.
+
+There are a number of issues concerning the Christian Identity belief system that create problems when determining the threat level of groups.  First, Christian Identity does not have a national organizational structure.  Rather, it is a grouping of churches throughout the country which follows its basic ideology.  Some of these churches can be as small as a dozen people, and some as large as the AN church, which claims membership in the thousands.  In addition, some groups take the belief to a higher extreme and believe violence is the means to achieve their goal. This lack of structure creates a greater potential for violent actions by lone offenders and/or leaderless cells.  It is important to note that only a small percentage of Christian Identity adherents believe that the new millennium will bring about a race war.  However, those that do have a high propensity for violence.
+
+Secondly, there are many factions of the right-wing, from Christian Identity to militias, all of which are intermingled in ideology and members.  In some cases it is easy for a person to be a member of more than one group or to move from one to another.  Often, if a member of one group believes the group is lax in its convictions, he or she will gravitate to a group that is more radical.
+The third concern is the increased level of cooperation between the different groups.  This trend can be seen throughout the right-wing.  Christian Identity followers are pairing up with militias to receive paramilitary training and have also joined with members of the Ku Klux Klan and other right-wing groups.  This cohesiveness creates an environment in which ideology can easily spread and branch out.  However, it makes the job of law enforcement much more difficult as there are no distinctive borders between groups or ideology.
+Lastly, the formation of splinter groups or state chapters from larger organizations presents an increased level of threat due to the likelihood that the leader has diminished control over the members and actions of the smaller groups.  The AN is a large group that adheres to the Christian Identity belief system.  The group espouses hatred toward Jews, the federal government, blacks and other minorities.   The ultimate goal of the AN is to forcibly take five northwestern states -- Oregon, Idaho, Wyoming, Washington and Montana -- from the United States government in order to establish an Aryan homeland.  It consists of a headquarters in Hayden Lake, Idaho, and a number of state chapters, which often act as their own entities.  While the leader may not support or encourage acts of violence, it is easy for small cells of members or splinter groups to take part in violent acts without the knowledge of the leader.  The individuals are associated with the group as a whole and carry the name of the group, but may perpetrate acts on their own.
+
+These factors make a threat assessment concerning millennial violence difficult to determine.  There is a moderate possibility of small factions of right-wing groups, whether they be members of the same group, or members of different groups, acting in an overtly violent manner in order to initiate the Apocalypse.
+
+Several problems associated with the assessment for violence can be seen when looking at the structure and actions of the AN.  The AN has been headquartered at Hayden Lake since the late 1970s and remains a focal point for the group's activities.  Its annual World Congress attracts a number of different factions from the right-wing, including members and leaders of various right-wing groups.  The World Congress is often viewed as a sort of round table to discuss rightwing issues.  These meetings have led to an increased level of contact between AN members and members and leaders of other groups.  This degree of networking within the right-wing may further the AN's base of support and help advance its cause.
+
+One of the greatest threats posed by the right-wing in terms of millennial violence is the formation of a conglomeration of individuals that will work together to commit criminal acts.
+
+This has happened with some frequency in the past.  Bob Mathews formed a subgroup of the AN, called The Order, which committed a number of violent crimes, including murder.  Their mission was to bring about a race war and there are several groups that currently exist which hold these same beliefs.  Dennis McGiffen, who also had ties to the AN, formed a cell called The New Order, based on Mathews' group.  The members were arrested before they could follow through on their plans to try to start a race war.  Chevie Kehoe, who was convicted of three homicides, conspiracy and interstate transportation of stolen property also spent some time at the AN compound.  Most recently, Buford O. Furrow, Jr., the man accused of the August 10, 1999, shooting at the Jewish Community Center in Los Angeles, California, also spent some time at the AN compound working as a security guard.
+
+A relatively new tenet gaining popularity among Christian Identity believers justifies the use of violence if it is perpetrated in order to punish violators of God's law, as found in the Bible and interpreted by Christian Identity ministers and adherents.  This includes killing interracial couples, abortionists, prostitutes and homosexuals, burning pornography stores, and robbing banks and perpetrating frauds to undermine the "usury system."  Christian Identity adherents engaging in such behavior are referred to as Phineas Priests or members of the Phineas Priesthood.  This is a very appealing concept to Christian Identity's extremist members who believe they are being persecuted by the Jewish-controlled U.S. government and society and/or are eagerly preparing for Armageddon.  Among adherents today, the Phineas Priesthood is viewed as a call to action or a badge of honor.
+
+## Iv.  White Supremacy
+
+There are a number of white supremacy groups that do not necessarily adhere to Christian Identity or other religious doctrines.  White supremacy groups such as the National Alliance, the American Nazi Party and the National Socialist White People's Party are largely politically, rather than religiously, motivated.
+The National Alliance is probably best known for its leader, William Pierce, who is one of the most recognized names in the radical right.  Pierce wrote The Turner Diaries and Hunter and hosts a weekly radio program, *American Dissident Voices*.  Via these outlets, Pierce is able to provide his followers with an ideological and practical framework for committing violent acts. The rhetoric of these groups largely shadows that of Adolf Hitler's in content and political ideology.  In 1997, Pierce stated that:
+Ultimately we must separate ourselves from the Blacks and other nonwhites and keep ourselves separate, no matter what it takes to accomplish this.  We must do this not because we hate Blacks, but because we cannot survive if we remain mixed with them.  And we cannot survive if we permit the Jews and the traitors among us to remain among us and to repeat their treachery.  Eventually we must hunt them down and get rid of them.22
+The end goal of National Socialist and Christian Identity devotees is the same:  an all white nation.  However, Christian Identity followers appear to be more of a threat concerning the millennium because of their religious beliefs.
+There are also white supremacist groups which adhere to the general supremacist ideology, but are not political or religious in nature.  For example, the Ku Klux Klan (KKK) proposes racial segregation that is not generally based on religious ideals.  The KKK is one of the most recognized white supremacist groups in the United States.  Its history is expansive and its actions of cross burnings and rhetoric of hate are well known.  There is currently not a singular KKK group with a hierarchical structure, but many different KKK groups with a common ideology.
+
+The KKK, as a whole, does not pose a significant threat with regard to the millennium.
+
+That is not to say that a member of the KKK will not act on his own or in concert with members of another group.  Law enforcement has been very successful in infiltrating a number of these groups, thereby keeping abreast of their plans for action.  The KKK also draws the attention of many watchdog groups, and the Southern Poverty Law Center produces a quarterly publication entitled "Klanwatch."  It would be difficult for any of the known KKK groups to participate in millennial violence without law enforcement knowing.
+
+Again, there is a great deal of movement that is possible throughout the right-wing, regardless of prior beliefs.  If a member of a Christian Identity faction does not feel that his current group is taking enough violent action, it is possible for that member to move on to other ideologies or organizations such as Odinism, the World Church of the Creator (WCOTC) or the National Socialist movement.  Because of this movement, it is also likely that communication exists between various factions of the right-wing, from religious groups to skinheads.  Their end goals are similar.
+
+The WCOTC presents a recent example of violence perpetrated by a white supremacist in order to bring about a race war.  The major creed upon which Ben Klassen founded the religion is that one's race is his religion.  Aside from this central belief, its ideology is similar to many Christian Identity groups in the conviction that there is a Jewish conspiracy in control of the federal government, international banking, and the media.  They also dictate that RAHOWA, a racial holy war, is destined to ensue to rid the world of Jews and "mud races."  In the early 1990s, there was a dramatic increase in membership due to the growing belief in the Apocalypse and that RAHOWA was imminent.
+
+In 1996, Matt Hale, who has come upon recent fame by being denied a license to practice law in Illinois, was appointed the new leader of the Church of the Creator.  Hale made a number of changes to the group, including changing the name of the organization to the World Church of the Creator, giving it the feel of a widespread movement.
+
+As publicly reported, there is information to indicate that the WCOTC has violent plans for the millennium.  Officials who searched Benjamin Smith's apartment, the man who went on a racially motivated killing spree over the 4th of July weekend, found a loose-leaf binder of handwritings.  These writings described a holy war among the races and included a reference to the new millennium.  Passages included plans of how white supremacists would shoot at nonwhites from motor vehicles after the dawning of the new millennium.23  While the group's rhetoric does include the belief in a race war and the creation of an all white bastion within the United States, other than Smith's writings, there is no indication that it is linked to the millennium.
+
+In addition, there have been recent incidents that have demonstrated the willingness of members to take part in violent action.  WCOTC members in Southern Florida are thought to be tied to several racially motivated beatings.  Within the last year, four Florida members were convicted for the pistol-whipping and robbery of a Jewish video store owner.  They were supposedly trying to raise money for "the revolution."24
+Finally, Odinism is another white supremacist ideology that lends itself to violence and has the potential to inspire its followers to violence in connection to the millennium.  What makes Odinists dangerous is the fact that many believe in the necessity of becoming martyrs for their cause.  For example, Bob Mathews, the leader of The Order, died in a fiery confrontation with law enforcement.  Also, William King relished the fact that he would receive the death penalty for his act of dragging James Byrd, Jr. to his death.  Odinism has little to do with Christian Identity but there is one key similarity:  Odinism provides dualism -- as does Christian Identity -- with regard to the universe being made up of worlds of light (white people) and worlds of dark (nonwhite people).  The most fundamental difference between the two ideologies is that Odinists do not believe in Jesus Christ. However, there are enough similarities between the myths and legends of Odinism and the beliefs of Christian Identity to make a smooth transition from Christian Identity to Odinism for those racist individuals whose penchant for violence is not being satisfied.
+
+## V.  Militias
+
+The majority of growth within the militia movement occurred during the 1990s.  There is not a simple definition of how a group qualifies as a militia.  However, the following general criteria can be used as a guideline:  (1) a militia is a domestic organization with two or more members; (2) the organization must possess and use firearms; and (3) the organization must conduct or encourage paramilitary training.  Other terms used to describe militias are Patriots and Minutemen.
+
+Most militias engage in a variety of anti-government rhetoric.  This discourse can range from the protesting of government policies to the advocating of violence and/or the overthrow of the federal government.  However, the majority of militia groups are non-violent and only a small segment of the militias actually commit acts of violence to advance their political goals and beliefs.  A number of militia leaders, such as Lynn Van Huizen of the Michigan Militia Corps -
+Wolverines, have gone to some effort to actively rid their ranks of radical members who are inclined to carry out acts of violence and/or terrorism.25  Officials at the FBI Academy classify militia groups within four categories, ranging from moderate groups who do not engage in criminal activity to radical cells which commit violent acts of terrorism.26  It should be clearly stated that the FBI only focuses on *radical elements* of the militia movement capable and willing to commit violence against government, law enforcement, civilian, military and international targets.  In addition, any such investigation of these radical militia units must be conducted within strict legal parameters.
+Militia anxiety and paranoia specifically relating to the year 2000 are based mainly on a political ideology, as opposed to religious beliefs.  Many militia members believe that the year 2000 will lead to political and personal repression enforced by the United Nations and countenanced by a compliant U.S. government.  This belief is commonly known as the New World Order (NWO) conspiracy theory (see Chapter I, Introduction).  Other issues which have served as motivating factors for the militia movement include gun control, the incidents at Ruby Ridge (1992) and Waco (1993), the Montana Freemen Standoff (1996) and the restriction of land use by federal agencies.
+
+One component of the NWO conspiracy theory -- that of the use of American military bases by the UN -- is worth exploring in further detail.  Law enforcement officers, as well as military personnel, should be aware that the nation's armed forces have been the subject of a great deal of rumor and paranoia circulating among many militia groups.  One can find numerous references in militia literature to military bases to be used as concentration camps in the NWO and visiting foreign military personnel conspiring to attack Americans.  One example of this can be found on the website for the militia group United States Theatre Command (USTC).27  The USTC website prominently features the NWO theory as it portrays both Camp Grayling in Michigan and Fort Dix in New Jersey as detention centers to be used to house prisoners in an upcoming war.  Specifically in reference to a photograph of Camp Grayling, the USTC website states:  "Note that the barbed wire is configured to keep people in,  not out, and also note in the middle of the guard towers, a platform for the mounting of a machine gun."  Specifically in reference to a photograph of Fort Dix, the USTC website states:  "Actual photos of an 'Enemy Prisoner of War' camp in the United States of America!  (Fort Dix, New Jersey to be exact!) Is there going to be a war here?  Many more are suspected to be scattered throughout the United States."
+Law enforcement personnel should be aware of the fact that the majority of militias are reactive, as opposed to proactive.  *Reactive* militia groups are generally not a threat to law enforcement or the public.  These militias may indeed believe that some type of NWO scenario may be imminent in the year 2000, but they are more inclined to sit back and wait for it to happen. They will stockpile their guns and ammunition and food, and wait for the government to curtail their liberties and take away their guns.  When the expected NWO tragedy does not take place, these *reactive* militias will simply continue their current activities, most of which are relatively harmless.  They will not overreact to minor disruptions of electricity, water and other public services.
+
+However, there is a small percentage of the militia movement which may be more proactive and commit acts of domestic terrorism.  As stated earlier, the main focus of the militias connected to the Y2K/millennium revolves around the NWO conspiracy theory.  While the NWO is a paranoid theory, there may be some real technological problems arising from the year 2000. Among these are malfunctioning computers, which control so many facets of our everyday lives. Any such computer malfunctions may adversely affect power stations and other critical infrastructure.  If such breakdowns do occur, these may be interpreted as a sign by some of the militias that electricity is being shut off on purpose in order to create an environment of confusion. In the paranoid rationalizations of these militia groups, this atmosphere of confusion can only be a prelude to the dreaded NWO/One World Government.  These groups may then follow through on their premeditated plans of action.
+
+## Vi.  Black Hebrew Israelites
+
+As the millennium approaches, radical fringe members of the Black Hebrew Israelite
+(BHI) movement may pose a challenge for law enforcement.  As with the adherents of most apocalyptic philosophies, certain segments of the BHI movement have the potential to engage in violence at the turn of the century.  This movement has been associated with extreme acts of violence in the recent past, and current intelligence from a variety of sources indicates that extreme factions of BHI groups are preparing for a race war to close the millennium.
+
+Violent BHI followers can generally be described as proponents of an extreme form of black supremacy.  Drawing upon the teachings of earlier BHI adherents, such groups hold that blacks represent God's true "chosen people," while condemning whites as incarnate manifestations of evil.  As God's "authentic" Jews, BHI adherents believe that mainstream Jews are actually imposters.  Such beliefs bear a striking resemblance to the Christian Identity theology practiced by many white supremacists.  In fact, Tom Metzger, renowned white supremacist, once remarked, "They're the black counterpart of us."28  Like their Christian Identity counterparts, militant BHI followers tend to see themselves as divinely endowed by God with superior status. As a result, some followers of this belief system hold that violence, including murder, is justifiable in the eyes of God, provided that it helps to rid the world of evil.  Violent BHI groups are of particular concern as the millennium approaches because they believe in the inevitability of  a race war between blacks and whites.
+
+The extreme elements of the BHI movement are prone to engage in violent activity.  As seen in previous convictions of BHI followers, adherents of this philosophy have a proven history of violence, and several indications point toward a continuation of this trend.  Some BHI followers have been observed in public donning primarily black clothing, with emblems and/or patches bearing the "Star of David" symbol.  Some BHI members practice paramilitary operations and wear web belts and shoulder holsters.  Some adherents have extensive criminal records for a variety of violations, including weapons charges, assault, drug trafficking, and fraud.
+
+In law enforcement circles, BHI groups are typically associated with violence and criminal activity, largely as a result of the movement's popularization by Yahweh Ben Yahweh, formerly known as Hulon Mitchell, Jr., and the Miami-based Nation of Yahweh (NOY).  In reality, the origins of the BHI movement are non-violent.  While the BHI belief system may have roots in the United States as far back as the Civil War era, the movement became more recognized as a result of the teachings of an individual known as Ben Ami Ben Israel, a.k.a Ben Carter, from the south side of Chicago.  Ben Israel claims to have had a vision at the age of 27, hearing "a voice tell me that the time had come for Africans in America, the descendants of the Biblical Israelites, to return to the land of our forefathers."29  Ben Israel persuaded a group of African-Americans to accompany him to Israel in 1967, teaching that African-Americans descended from the biblical tribe of Judah and, therefore, that Israel is the land of their birthright.  Ben Israel and his followers initially settled in Liberia for the purposes of cleansing themselves of bad habits.  In 1969, a small group of BHI followers left Liberia for Israel, with Ben Israel and the remaining original migrants arriving in Israel the following year.  Public source estimates of the BHI community in Israel number between 1500 and 3000.30  Despite promoting non-violence, members of Ben Israel's movement have shown a willingness to engage in criminal activity.31
+BHI in Israel are generally peaceful, if somewhat controversial.  The FBI has no information to indicate that Ben Israel's BHI community in Israel is planning any activity - terrorist, criminal, or otherwise - inspired by the coming millennium.  Ben Israel's claims to legitimate Judaism have at times caused consternation to the Israeli government.  BHI adherents in Israel have apparently espoused anti-Semitic remarks, labeling Israeli Jews as "imposters."32
+Neither the Israeli government nor the Orthodox rabbinate recognize the legitimacy of BHI claims to Judaism.  According to Jewish law, an individual can be recognized as Jewish if he/she was born to a Jewish mother or if the individual agrees to convert to Judaism.33  At present, BHI in Israel have legal status as temporary residents, which gives them the right to work and live in Israel, but not to vote.  They are  not considered to be Israeli citizens.  While BHI claims to Judaism are disregarded by Israeli officials and religious leaders, the BHI community is tolerated and appears to be peaceful.34
+While the BHI community in Israel is peaceful, BHI adherents in the United States became associated with violence thanks to the rise of the NOY, which reached the height of its popularity in the 1980s.  The NOY was founded in 1979 and led by Yahweh Ben Yahweh.  Ben Yahweh's followers viewed him as the Messiah, and therefore demonstrated unrequited and unquestioned obedience.  Members of the organization engaged in numerous acts of violence in the 1980s, including several homicides, following direct orders from Ben Yahweh.  Seventeen NOY members were indicted by a federal grand jury in Miami in 1990-91 on charges of RICO, RICO
+conspiracy, and various racketeering acts.  Various members were convicted on RICO conspiracy charges and remain imprisoned.
+
+While the overwhelming majority of BHI followers are unlikely to engage in violence, there are elements of this movement with both the motivation and the capability to engage in millennial violence.  Some radical BHI adherents are clearly motivated by the conviction that the approach of the year 2000 brings society ever closer to a violent confrontation between blacks and whites.  While the rhetoric professed by various BHI groups is fiery and threatening, there are no indications of explicitly identified targets for violence, beyond a general condemnation and demonization of whites and "imposter" Jews.  Militant BHI groups tend to distrust the United States government; however, there are no specific indications of imminent violence toward the government.
+
+## Vii.  Apocalyptic Cults
+
+For apocalyptic cults, especially biblically based ones, the millennium is viewed as the time that will signal a major transformation for the world.   Many apocalyptic cults share the belief that the battle against Satan, as prophesied in the Book of Revelation, will begin in the years surrounding the millennium and that the federal government is an arm of Satan.  Therefore, the millennium will bring about a battle between cult members --- religious martyrs --- and the government.
+
+ In the broadest meaning, cults are composed of individuals who demonstrate "great devotion to a person, idea, object or movement."35  However, using that definition, many domestic terrorist groups could be characterized as cults, including Christian Identity churches, Black Hebrew Israelites,  and some militias.  For law enforcement purposes, a narrower interpretation of groups that qualify as cults is needed.  A more useful definition of cults incorporates the term "cultic relationships" to describe the interactions within a cult.36
+Specifically, a cultic relationship refers to "one in which a person intentionally induces others to become totally or nearly totally dependent on him or her for almost all major life decisions, and inculcates in these followers a belief that he or she has some special talent, gift, or knowledge."37
+This definition of cults provides important distinctions that are vital for analyzing a cult's predilection towards violence.
+The origin of the cult, the role of its leader, and its uniqueness provide a framework for understanding what distinguishes cults from other domestic terrorist groups that otherwise share many similar characteristics.  These distinctions are: (1) cult leaders are self-appointed, persuasive persons who claim to have a special mission in life or have special knowledge; (2) a cult's ideas and dogma claim to be innovative and exclusive; and (3) cult leaders focus their members' love, devotion and allegiance on themselves.38  These characteristics culminate in a group structure that is frequently highly authoritarian in structure.  Such a structure is a sharp contrast to the rapidly emerging trend among domestic terrorist groups towards a leaderless, non-authoritarian structure.
+
+While predicting violence is extremely difficult and imprecise, there are certain characteristics that make some cults more prone to violence.  Law enforcement officials should be aware of the following factors:
+
+
+Sequestered Groups:  Members of sequestered groups lose access to the outside world
+and information preventing critical evaluation of the ideas being espoused by the leader.
+
+Leader's History:  The fantasies, dreams, plans, and ideas of the leader are most likely to
+become the beliefs of the followers because of the totalitarian and authoritarian nature of cults.
+
+Psychopaths:  Control of a group by charismatic psychopaths or those with narcissistic
+character disorders.
+
+Changes in the Leader:  Changes in a leader's personality caused by traumatic events
+such as death of a spouse or sickness.
+
+Language of the Ideology:  Groups that are violent use language in their ideology that
+contains the seeds of violence.
+
+Implied Directive for Violence:  Most frequently, a leader's speeches, rhetoric, and
+language does not explicitly call for violence, rather it is most often only implied.
+
+Length of Time:  The longer the leader's behavior has gone unchecked against outside
+authority, the less vulnerable the leader feels.
+
+Who Is in the Inner Circle: Cults with violent tendencies often recruit people who are
+either familiar with weapons or who have military backgrounds to serve as enforcers.
+Apocalyptic cults see their mission in two general ways:  They either want to accelerate the end of time or take action to ensure that they survive the millennium.  For example, Aum Shinrikyo wanted to take action to hasten the end of the world, while compounds in general are built to survive the endtime safely.  An analysis of millennial cults by the FBI's Behavioral Science Unit describes how rhetoric changes depending on whether the leader's ideology envisions the group as playing an active role in the coming Apocalypse or a passive survivalist role:
+A cult that predicts that "God will punish" or "evil will be punished" indicates a more passive and less threatening posture than the cult that predicts that "God's chosen people will punish . . ."  As another example, the members of a passive group might predict that God or another being will one day liberate their souls from their bodies or come to carry them away.  The followers of a more action-oriented group would, in contrast, predict that they themselves will one day shed their mortal bodies or transport themselves to another place.39
+A cult that displays these characteristics may then produce three social-psychological components, referred to as the "Lethal Triad," that predispose a cult towards violence aimed at its members and/or outsiders.40  Cults in which members are heavily dependent on the leader for all decision making almost always physically and psychologically isolate their members from outsiders, the first component of the triad.41  The other two components interact in the following way:
+ "... **isolation** causes a reduction of critical thinking on the part of group members who become entrenched in the belief proposed by the group leadership.  As a result, group members relinquish all responsibility for group decision making to their leader and blame the cause of all group grievances on some outside entity or force, a process known as projection.  Finally, isolation and **projection** combine to produce pathological **anger**, the final component of the triad."42 Of the nearly 1000 cults operating in the United States, very few present credible threats for millennial violence.  Law enforcement officials should concentrate on those cults that advocate force or violence to achieve their goals concerning the endtime, as well as those cults which possess a substantial number of the distinguishing traits listed above.43  In particular, cults of greatest concern to law enforcement are those that: (1) believe they play a special, elite role in the endtime; (2) believe violent offensive action is needed to fulfill their endtime prophecy; (3) take steps to attain their beliefs.  Those factors may culminate in plans to initiate conflict with outsiders or law enforcement.
+
+  The violent tendencies of dangerous cults can be classified into two general categories--
+defensive violence and offensive violence.  Defensive violence is utilized by cults to defend a role at the end time; (3) the cult has large numbers of firearms, explosives or weapons of mass destruction; (4) the cult  has prepared defensive structures; (5) the cult speaks of offensive action; (4) the cult is led by a single male charismatic leader; (5) the leader dominates the membership through physical, sexual and emotional control; (6) the cult is not an established denomination; (7) cult members live together in a community isolated from society; (8) extreme paranoia exists within the cult concerning monitoring by outsiders and government persecution; (9) and outsiders are distrusted, and disliked.  These factors are designed to leave out cults that have unique end-time beliefs, but whose ideology does not include the advocacy of  force or violence.
+
+compound or enclave that was created specifically to eliminate most contact with the dominant culture.44  The 1993 clash in Waco, Texas at the Branch Davidian complex is an illustration of such defensive violence.  History has shown that groups that seek to withdraw from the dominant culture seldom act on their beliefs that the endtime has come unless provoked.45
+Cults with an apocalyptic agenda, particularly those that appear ready to *initiate* rather than *anticipate* violent confrontations to bring about Armageddon or fulfill "prophesy" present unique challenges to law enforcement officials.  One example of this type of group is the Concerned Christians (CC).  Monte Kim Miller, the CC leader, claims to be one of the two witnesses or prophets described in the Book of Revelation who will die on the streets of Jerusalem prior to the second coming of Christ. To attain that result, members of the CC traveled to Israel in 1998 in the belief that Miller will be killed in a violent confrontation in the streets of Jerusalem in December 1999.  CC members believe that  Miller's death will set off an apocalyptic end to the millennium, at which time all of Miller's followers will be sent to Heaven.  Miller has convinced his followers that America is "Babylon the Great" referred to in the Book of Revelation. In early October 1998, CC members suddenly vanished from the United States, an apparent response to one of Miller's "prophesies" that Denver would be destroyed on October 10, 1998.  In January 1999, fourteen members of the group who had moved to Jerusalem were deported by the Israeli government on the grounds that they were preparing to hasten the fulfillment of Miller's prophecies by instigating violence.46
+Ascertaining the intentions of such cults is a daunting endeavor, particularly since the agenda or plan of a cult is often at the whim of its leader.  Law enforcement personnel should become well acquainted with the previously mentioned indicators of potential cult violence in order to separate the violent from the non-violent.
+
+## Viii.  The Significance Of Jerusalem
+
+The city of Jerusalem, cherished by Jews, Christians, and Muslims alike, faces many serious challenges as the year 2000 approaches.  As already evidenced by the deportation of various members of the religious cult known as the Concerned Christians, zealotry from all three major monotheistic religions is particularly acute in Israel, where holy shrines, temples, churches, and mosques are located.  While events surrounding the millennium in Jerusalem are much more problematic for the Israeli government than for the United States, the potential for violent acts in Jerusalem will cause reverberations around the world, including the United States.  The extreme terrorist fringes of Christianity, Judaism, and Islam are all present in the United States.  Thus, millennial violence in Jerusalem could conceivably lead to violence in the United States as well.
+
+Within Jerusalem, the Temple Mount, or Haram al-Sharif, holds a special significance for both Muslims and Jews.47  The Temple Mount houses the third holiest of all Islamic sites, the Dome of the Rock.  Muslims believe that the prophet Muhammad ascended to Heaven from a slab of stone -- the "Rock of Foundation"-- located in the center of what is now the Dome of the Rock.  In addition, when Arab armies conquered Jerusalem in 638 A.D., the Caliph Omar built the al-Aqsa Mosque facing the Dome of the Rock on the opposite end of the Temple Mount.  The Western (or Wailing) Wall, the last remnant of the second Jewish temple that the Romans destroyed in 70 A.D., stands at the western base of the Temple Mount.   The Western Wall has long been a favorite pilgrimage site for Jews, and religious men and women pray there on a daily basis.  Thus, the Temple Mount is equally revered by Jews as the site upon which the first and second Jewish Temples stood.
+Israeli officials are extremely concerned that the Temple Mount, an area already seething with tension and distrust among Jews and Muslims, will be the stage for violent encounters between religious zealots.  Most troubling is the fact that an act of terrorism need not be the catalyst that sparks widespread violence.  Indeed, a simple symbolic act of desecration, or even perceived desecration, of any of the holy sites on the Temple Mount is likely to trigger a violent reaction.  For example, the Islamic holy month of Ramadan is expected to coincide with the arrival of the year 2000.  Thus, even minor provocations on or near the Temple Mount may provide the impetus for a violent confrontation.
+
+The implications of pilgrimages to Jerusalem by vast numbers of tourists are ominous, particularly since such pilgrimages are likely to include millennial or apocalyptic cults on a mission to hasten the arrival of the Messiah.  There is general concern among Israeli officials that Jewish and Islamic extremists may react violently to the influx of Christians, particularly near the Temple Mount.  The primary concern is that extreme millennial cults will engage in proactive violence designed to hasten the second coming of Christ.  Perhaps the most likely scenario involves an attack on the Al-Aqsa Mosque or the Dome of the Rock.  Some millennial cults hold that these structures must be destroyed so that the Jewish Temple can be rebuilt, which they see as a prerequisite for the return of the Messiah.  Additionally, several religious cults have already made inroads into Israel, apparently in preparation for what they believe to be the endtimes.
+It is beyond the scope of this document to assess the potential repercussions from an attack on Jewish or Islamic holy sites in Jerusalem.  It goes without saying, however, that an attack on the Dome of the Rock or the Al-Aqsa Mosque would have serious implications.  In segments of the Islamic world, close political and cultural ties between Israel and the United States are often perceived as symbolic of anti-Islamic policies by the Western world.  Attacks on Islamic holy sites in Jerusalem, particularly by Christian or Jewish extremists, are likely to be perceived by Islamic extremists as attacks on Islam itself.  Finally, the possibility exists that Islamic extremist groups will capitalize upon the huge influx of foreigners into Jerusalem and engage in a symbolic attack.
+
+## Ix. Conclusion
+
+Extremists from various ideological perspectives attach significance to the arrival of the year 2000, and there are some signs of preparations for violence.  The significance of the new millennium is based primarily upon either religious beliefs relating to the Apocalypse/Armageddon, or political beliefs relating to the New World Order conspiracy theory. The challenge to law enforcement is to understand these extremist theories and, if any incidents do occur, be prepared to respond to the unique crises they will represent.
+
+Law enforcement officials should be particularly aware that the new millennium may increase the odds that extremists may engage in proactive violence specifically targeting law enforcement officers.  Religiously motivated extremists may initiate violent conflicts with law enforcement officials in an attempt to facilitate the onset of Armageddon, or to help fulfill a
+"prophesy."  For many on the extreme right-wing, the battle of Armageddon is interpreted as a race war to be fought between Aryans and the "satanic" Jews and their allies.  Likewise, extremists who are convinced that the millennium will lead to a One World Government may choose to engage in violence to prevent such a situation from occurring.  In either case, extremists motivated by the millennium could choose martyrdom when approached or confronted by law enforcement officers.  Thus, law enforcement officials should be alert for the following:  1) plans to initiate conflict with law enforcement; 2) the potential increase in the number of extremists willing to become martyrs; and 3) the potential for a quicker escalation of conflict during routine law enforcement activities (e.g. traffic stops, issuance of warrants, etc.).

markdown/misc/metrics.md

@@ -0,0 +1,851 @@
+# Sandia Report Sand2012-2427 Unlimited Release Printed March 2012
+
+
+
+## Cyber Threat Metrics
+
+
+Mark Mateski, Cassandra M. Trevino, Cynthia K. Veitch, John Michalski, J. Mark Harris, Scott Maruoka, Jason Frye Prepared by Sandia National Laboratories Albuquerque, New Mexico 87185 Sandia National Laboratories is a multi-program laboratory managed and operated by Sandia Corporation, a wholly owned subsidiary of Lockheed Martin Corporation, for the U.S. Department of Energy's National Nuclear Security Administration under contract DE-AC04-94AL85000. Approved for public release; further dissemination unlimited
+
+
+Issued by Sandia National Laboratories, operated for the United States Department of Energy by Sandia Corporation.
+
+
+NOTICE: This report was prepared as an account of work sponsored by an agency of the United States Government. Neither the United States Government, nor any agency thereof, nor any of their employees, nor any of their contractors, subcontractors, or their employees, make any warranty, express or implied, or assume any legal liability or responsibility for the accuracy, completeness, or usefulness of any information, apparatus, product, or process disclosed, or represent that its use would not infringe privately owned rights. Reference herein to any specific commercial product, process, or service by trade name, trademark, manufacturer, or otherwise, does not necessarily constitute or imply its endorsement, recommendation, or favoring by the United States Government, any agency thereof, or any of their contractors or subcontractors. The views and opinions expressed herein do not necessarily state or reflect those of the United States Government, any agency thereof, or any of their contractors.
+
+Printed in the United States of America. This report has been reproduced from the best available copy. Available to DOE and DOE contractors from U.S. Department of Energy
+
+
+Office of Scientific and Technical Information
+
+P.O. Box 62
+
+Oak Ridge, TN  37831
+Telephone: (865)576-8401
+
+Facsimile: (865)576-5728
+
+E-Mail: reports@adonis.osti.gov
+
+Online ordering: http://www.osti.gov/bridge Available to the public from
+U.S. Department of Commerce
+
+National Technical Information Service
+
+5285 Port Royal Rd
+
+Springfield, VA  22161
+Telephone: (800)553-6847
+
+Facsimile: (703)605-6900
+
+E-Mail: orders@ntis.fedworld.gov
+
+Online ordering: http://www.ntis.gov/help/ordermethods.asp?loc=7-4-0#online
+# Sand2012-2427 Unlimited Release Printed March 2012 Cyber Threat Metrics
+
+
+Mark Mateski John Michalski, Cynthia Veitch Critical Systems Security, 05621
+Security Systems Analysis, 06612
+
+
+Cassandra Trevino Jason Frye Analytics and Cryptography, 05635
+Information Engineering, 09515
+
+Mark Harris, Scott Maruoka Assurance Tech and Assessments, 05627
+
+Sandia National Laboratories P.O. Box 5800
+Albuquerque, New Mexico 87185-MS0671
+
+## Abstract
+
+Threats are generally much easier to list than to describe, and much easier to describe than to measure. As a result, many organizations list threats. Fewer describe them in useful terms, and still fewer measure them in meaningful ways. This is particularly true in the dynamic and nebulous domain of *cyber* threatsa domain that tends to resist easy measurement and, in some cases, appears to defy any measurement. We believe the problem is tractable. In this report we describe threat metrics and models for characterizing threats consistently and unambiguously.
+
+This page intentionally blank
+
+
+## Acronyms And Abbreviations
+
+| APT     | Advanced Persistent Threat                   |
+|---------|----------------------------------------------|
+| C&C     | Command and Control                          |
+| CNO/CNE | Computer Network Operations and Exploitation |
+| DHS     | Department of Homeland Security              |
+| DOE     | Department of Energy                         |
+| FCEB    | Federal Civilian Executive Branch            |
+| FNS     | Federal Network Security                     |
+| HSB     | Human Studies Board                          |
+| OTA     | Operational Threat Assessment                |
+| RFP     | Request for Proposal                         |
+| RVA     | Risk and Vulnerability Assessment            |
+| VAP     | Vulnerability Assessment Program             |
+| VPN     | Virtual Private Network                      |
+| XSS     | Cross-site Scripting                         |
+
+
+## 1 Introduction
+
+For the purposes of this report, a *threat* is a person or organization that intends to cause harm.
+
+Threats are generally much easier to list than to describe, and much easier to describe than to measure. As a result, many organizations list threats, but fewer describe them in useful terms and still fewer measure them in meaningful ways. Several advantages ensue from the ability to measure threats accurately and consistently. Good threat measurement, for example, can improve understanding and facilitate analysis. It can also reveal trends and anomalies, underscore the significance of specific vulnerabilities, and help associate threats with potential consequences. In short, good threat measurement supports good risk management.
+
+Unfortunately, the practice of defining and applying good threat metrics remains immature. This is particularly true in the dynamic and nebulous domain of *cyber* threatsa domain that tends to resist easy measurement and, in some cases, appears to defy any measurement. We believe the problem is tractable. In this report we describe threat metrics and models for characterizing threats consistently and unambiguously. We embed these metrics within a process and suggest ways in which the metrics and process can be applied and extended.
+
+## 1.1 Background
+
+The Department of Homeland Security (DHS) Federal Network Security (FNS) program created the Risk and Vulnerability Assessment (RVA) program to assist Federal Civilian Executive Branch (FCEB) agencies with conducting risk and vulnerability assessments [1]. These assessments individually identify agency-specific vulnerabilities and combine to provide a view of cyber risk and vulnerability across the entire federal enterprise. The RVA program has worked with Sandia National Laboratories to develop a basis Operational Threat Assessment (OTA) methodology that will result in an unclassified estimate of current threats to an FCEB system to be shared with the system owner [2]. The goal of the OTA phase of a risk and vulnerability assessment is to provide an accurate appraisal of the threat levels faced by a given FCEB agency. Information is collected about the system being assessed through document review and targeted searches of both open source and classified data sets. The identified threats, vulnerabilities, mitigations, and controls may be confirmed or discounted during assessment activities. OTA is designed to provide an efficient threat estimate that is consistent from agency to agency and analyst to analyst. Given the scope of the RVA program, a large number of assessments will be conducted each year, addressing agencies with widely varying sizes and missions. The consistency and repeatability of each threat assessment is important to ensure similar treatment of all agencies and facilitate the combination of risk assessment results for all agencies. Toward this end, this report reviews cyber threat metrics and models that may potentially contribute to the OTA methodology.
+
+## 1.2 Scope And Purpose
+
+The purpose of this report is to support the OTA phase of risk and vulnerability assessment. To this end, we focus on the task of characterizing cyber threats using consistent threat metrics and models. In particular, we address threat metrics and models for describing malicious cyber threats to US FCEB agencies and systems.
+
+## 1.3 Report Structure
+
+This report is organized as follows:
+
+ Chapter 1 provides background, scope, and purpose;
+ Chapter 2 describes the nature and utility of threat metrics and models;  Chapter 3 introduces the generic threat matrix and discusses its application as a threat model;  Chapter 4 discusses several sources of possible threat metrics; and  Chapter 5 concludes the report by sketching a threat analysis process.
+
+## 2 Threat Metrics And Models
+
+In order to define and apply good threat metrics, we must first understand the characteristics of a good metric and then understand how those metrics can be framed to establish a model to describe threat.
+
+## 2.1 Threat Metrics
+
+Before we discuss our approach to threat metrics, it is useful to review the following four questions.
+
+| What is a metric?                                                             | A concise dictionary definition of metric is "a standard of measurement"    |
+|-------------------------------------------------------------------------------|-----------------------------------------------------------------------------|
+| [3]. Similarly, a current security metrics guide describes a metric as "a     |                                                                             |
+| consistent standard of measurement" [4]. Metrics allow us to measure          |                                                                             |
+| attributes and behaviors of interest. A                                       |                                                                             |
+| meter                                                                         |                                                                             |
+| , for example, is a metric                                                    |                                                                             |
+| that allows us to measure length, while the                                   |                                                                             |
+| number of defects per                                                         |                                                                             |
+| shipment                                                                      |                                                                             |
+| is a metric that allows us to measure quality.                                |                                                                             |
+|                                                                               | Confusion between a                                                         |
+| metric                                                                        |                                                                             |
+| and a                                                                         |                                                                             |
+| measure                                                                       |                                                                             |
+| sometimes occurs. Bob                                                         |                                                                             |
+| Frost, a performance measurement authority, clarifies the terms by            |                                                                             |
+| noting that "'metric' is the unit of measure, [while] 'measure' means a       |                                                                             |
+| specific observation characterizing performance" [5]. Thus, if the            |                                                                             |
+| number of defects per hour is the metric, the measure is the observed         |                                                                             |
+| value of, for example, seven.                                                 |                                                                             |
+| Why do we use                                                                 |                                                                             |
+| metrics?                                                                      |                                                                             |
+| When we measure something using consistent metrics, we improve our            |                                                                             |
+| ability to understand it, control it, and, in the case of a threat, better    |                                                                             |
+| defend against it. According to the performance engineer H. James             |                                                                             |
+| Harrington, "Measurement is the first step that leads to control and          |                                                                             |
+| eventually improvement. If you can't measure something, you can't             |                                                                             |
+| understand it. If you can't understand it, you can't control it. If you can't |                                                                             |
+| control it, you can't improve it." [6].                                       |                                                                             |
+| What makes a good                                                             |                                                                             |
+| metric?                                                                       |                                                                             |
+| A quality metric typically exhibits several conventional characteristics.     |                                                                             |
+| For example, a good metric is clear and unambiguous. It facilitates           |                                                                             |
+| inexpensive collection (that is, the cost of collecting measurement data      |                                                                             |
+| doesn't exceed the value of the data). A good metric also supports            |                                                                             |
+| decision making and precludes subjective interpretation.                      |                                                                             |
+|                                                                               | Many authors further suggest that good metrics implement quantitative       |
+| rather than qualitative scales. On this point, security professional          |                                                                             |
+| Andrew Jaquith states that "good metrics should express results using         |                                                                             |
+| numbers rather than high-low-medium ratings, grades, traffic lights, or       |                                                                             |
+| other nonnumeric methods." He notes further that "Ordinal numbers            |                                                                             |
+| created by assigning a series of subjective scores numeric equivalents       |                                                                             |
+| are functionally equivalent to ratings" [4]. Although the goal of             |                                                                             |
+| implementing only quantitative scales is certainly a worthy one,              |                                                                             |
+| practitioners continue to debate precisely how to do this. For now, most      |                                                                             |
+| organizations continue to implement qualitative scales for measuring          |                                                                             |
+| "intangible" factors such as motivation and intent.                           |                                                                             |
+
+
+An additional factor to consider here is that no single metricno matter how good it might beis likely to tell the whole story. Multiple metrics from multiple perspectives are usually needed. This, in fact, is one of the driving ideas behind the widely used Balanced Scorecard that Bob Frost
+refers to as a "measurement framework" or a "performance model." Not
+only does a measurement framework help organize sets of metrics, Frost
+notes that it also "can tell you what types of variables to consider and
+where to look" [7].
+What makes a good threat metric?
+A good threat metric is foremost a good metric. It is clear and efficient, and it supports decision making. An example of a good threat metric might be number of attacks per month. If we are able to define attacks clearly and count them economically, we will most likely have a good metric. Over time, the count of attackswhether high or lowgrants the defender insight into the attacker's intent and capability. Given this, the defender can better calculate risk and allocate resources.
+
+## 2.2 Threat Models
+
+As we noted above, a stand-alone metric is usually insufficient to describe the characteristics or behavior of a complex system or actor. Much more useful is a "measurement framework" that combines metrics and their relationships into a complete and consistent whole. Although models can be much more than measurement frameworks, a measurement framework is certainly a model. In this section, we consider *threat models*. More specifically, we consider *cyber* threat models.
+
+What is a threat?
+We informally describe a threat as "a person or organization that intends to cause harm." More formally, a threat is "a malevolent actor, whether an organization or an individual, with a specific political, social, or personal goal and some level of capability and intention to oppose an established government, a private organization, or an accepted social norm" [8].
+
+Threats can be of different types, and they can pursue different goals. Depending on the environment in which an information system or network is located and the type of information it is designed to support, different classes of threats will have an interest in attempting to gain different types of information or access, based on their particular capabilities.
+What is a model?
+Informally, a model is a simplified representation of something else. A model ignores, masks, or abstracts unimportant or unnecessary details, thereby highlighting the details of interest. For example, a model of a real-world computer network will abstract away certain details and highlight others.
+What is a threat model?
+Clearly, a threat model is a model of a threat. Per the definition of model above, a threat model highlights the details of interest regarding a threat, class of threat, or threats in general. A threat
+model will generally address both a threat's capabilities and its
+intent.1 Because our mandate is to address cyber threat metrics, the
+models we consider below emphasize the intent and capability of cyber threats.
+Today, cyber threat models are frequently little more than a progression of semi-descriptive labels: hackers, hacktivists,2 script kiddies,3 nation states, cyber terrorists,4 *organized crime*, or malicious insiders. These labels reinforce preconceived notions regarding motivation and resources. Unfortunately, this method undermines a clear understanding of capabilitiesan understanding that is particularly useful when attempting to establish protections for an information system or network. The model that follows is designed to address the limitations of current cyber threat models. Additionally, the model that follows is designed to promote consistency, even (or especially) when the analysis is performed by different analysts. Arming analysts with clearly defined, uniform threat models based on consistent metrics helps reduce the effects of personal bias and preconceived notions. Moreover, the value of consistency grows with time. Given a standardized threat model, an analyst can store consistent threat reports in a reference database accessible to other analysts. As new threats are encountered, these threats can be analyzed using the same process, allowing for up-to-date, accurate threat estimates that contribute to a consistent, repeatable, and reliable risk and vulnerability assessment process. In the remainder of the report, we present and describe a threat model based on the generic threat matrix. We then discuss a range of possible metrics sources. We close by bringing these elements together into a broader threat assessment process.
+
+This page intentionally blank
+
+
+## 3 The Generic Threat Matrix5
+
+The generic threat matrix (Table 1) is currently used in the OTA methodology. Sandia developed the matrix in order to characterize and differentiate threats against targets of interest. The purpose of the matrix is to identify attributes that could help the analyst characterize threats based on their overall capabilities. This characterization allows for the description of the full spectrum of threat without assigning a label (with its preconceived notions) to a specific threat. Although it is impossible to capture each distinct type of threat consistently, the generic threat matrix enables government entities and intelligence organizations to categorize threat into a common vocabulary. Additionally, the generic threat matrix allows analysts in the unclassified environment to (1) identify potential attack paths that could be supported by the asserted capability and (2) identify proper mitigation steps to thwart attacks.
+
+
+Reproduced from Duggan et al. [8].
+
+As presented in Table 1, the columns of the generic threat matrix describe possible attributes of a threat (described in further detail in the following sections), while the rows define the capability of a threat to act upon each attribute. A unique metric defines each attribute. Some of the metrics are quantitative (for example, the number of technical personnel), while others are qualitative (the level of cyber knowledge). From this perspective, the matrix is a framework or model for organizing a set of related metrics.
+
+THREAT LEVEL 1 is the most capable of achieving an objective or goal, while LEVEL 8 is the least capable. In general, each threat level, from LEVEL 8 to LEVEL 1, represents a more dangerous threat than the previous level. Although a LEVEL 8 threat may be able to attain the same objective as a LEVEL 1 threat, it will be through an unprotected vulnerability of an asset, the fortuitous timing of an attack, or simple luck, rather than a capability characteristic possessed by the threat organization. It is possible, indeed likely, that at least one specific threatout of the full spectrum of threats
+will not fit exactly into a specific threat level. In this case, the threat should be categorized into the level that has the most similar threat profile. This is the very reason that the generic threat matrix has been designed with levels-of-magnitude differences between subsequent threat levels: to ensure that a threat is not equally similar to two adjacent levels.
+
+## 3.1 Threat Attributes
+
+A threat attribute is a discrete characteristic or distinguishing property of a threat. The combined characteristics of a threat describe the threat's willingness and ability to pursue its goal.
+
+However, both willingness and ability are defined by multiple, separate attributes. The intent of this delineation of attributes is that each defines a distinctive characteristic of a threat and that no inherent dependencies exist between any two threat attributes. There are two families of threat attributes: *commitment* attributes that describe the threat's willingness and *resource* attributes that describe the threat's ability.
+
+## 3.1.1 Commitment Attribute Family
+
+Commitment attributes are the characteristics of a threat that describe the threat's willingness to pursue its goal. Characteristics of commitment are indicative of a threat's capability because they exemplify the drive of the threat to accomplish its goal. Those threats with the highest commitment will stop at nothing in pursuit of the goal, while those with lower overall commitment will not display such drive and ambition. There are three attributes in the commitment family:
+
+ INTENSITY: The diligence or persevering determination of a threat in the pursuit of its
+goal. This attribute also includes the passion felt by the threat for its goal. Intensity is a measure of how far a threat is willing to go and what a threat is willing to risk to accomplish its goal. Threats with higher intensity are, therefore, considered more dangerous because of their driving ambition in pursuit of a goal.
+ STEALTH: The ability of the threat to maintain a necessary level of secrecy throughout the
+pursuit of its goal. The maintenance of secrecy may require the ability to obscure any or all details about the threat organization, including its goal, its structure, or its internal
+operations. A higher level of stealth allows a threat to hide its intended activities, as well as its internal structure, from the outside world. This hinders intelligence gathering and pre-emptive measures to counter, or prevent, attacks by the threat.
+
+ TIME: The period of time that a threat is capable of dedicating to planning, developing,
+and deploying methods to reach an objective. In the case of a cyber or kinetic attack, it includes any time necessary for all steps of implementation up to actual execution. The more time a threat is willing and able to commit to preparing an attack, the more potential the threat has for devastating impacts.
+Additional details regarding the levels of each attribute can be found in Duggan et al. [8].
+
+## 3.1.2 Resource Attribute Family
+
+Resource attributes are the characteristics of a threat that describe the people, knowledge, and access available to a threat for pursuing its goal. Characteristics of resources are indicative of a threat's capability because greater resources may allow a threat to accomplish an objective or goal more easily and with greater overall adaptability. There are three attributes in the resource family:
+
+ TECHNICAL PERSONNEL: The number of group members that a threat is capable of
+dedicating to the building and deployment of the technical capability in pursuit of its
+goal.6 Technical personnel includes only group members with specific types of
+knowledge or skills, such as kinetic or cyber, and those directly involved with the actual fabrication of the group's weapons. A threat with a higher level of technical personnel has greater potential for innovative design and development, allowing for the possibility of new methods of reaching a goal that may not have been available in the past. In addition, a higher level of technical personnel also expedites the design and development of a threat's plans for attack.
+ KNOWLEDGE: The threat's level of theoretical and practical proficiency and the threat's
+capability of employing that proficiency in pursuit of its goal. Knowledge also includes the ability of a threat to share information, acquire training in a necessary discipline, and maintain a research and development program. However, this attribute does not include any proficiency found or purchased outside the threat organization. This attribute includes knowledge pertaining to both an offensive and defensive capability within the category. The greater the knowledge of a threat as a whole, the more capability a threat has to pursue its goal with fewer resources and in less time. Also, a threat's knowledge provides a means to differentiate between threats that are cyber, kinetic, or hybrid-based. There are two basic categories of knowledge:
+ CYBER KNOWLEDGE: The theoretical and practical proficiency relating to
+computers, information networks, or automated systems.
+ KINETIC KNOWLEDGE: The theoretical and practical proficiency relating to
+physical systems, the motion of physical bodies, and the forces associated with that movement.
+ ACCESS: The threat's ability to place a group member within a restricted system
+whether through cyber or kinetic meansin pursuit of the threat's goal. A restricted system is considered to be any system, whether cyber or physical, where access is granted based on privileges or credentials. The characteristic of access details a threat's ability to infiltrate a restricted system, whether through a privileged group member, the blackmail and coercion of an innocent bystander, or the corruption of an under-protected network or computer system. Infiltration by a threat can lead to a wide variety of effects: the need for
+fewer resources to achieve an objective, the implementation of a long-term scheme of
+product-tampering, or an increased level of intimate knowledge of a target.
+Additional details regarding the levels of each attribute can be found in Duggan et al. [8].
+
+## 3.2 Profiles Of Threat Capability
+
+There are several observations that can be made after review of the generic threat matrix. First, there are two boundary conditions necessary for establishing viable threat profiles:
+
+ Threats with a LEVEL 1 profile will always have the highest capability within each
+attribute.
+ Threats with the highest numbered level (LEVEL 8 in this matrix) will always have the
+lowest capability within each attribute.
+Second, a threat's level of TECHNICAL PERSONNEL can aid in understanding a threat's other attributes:
+
+ Threats with more TECHNICAL PERSONNEL will necessarily have greater INTENSITY,
+KNOWLEDGE, and ACCESS. This is based on the assumption that more personnel create more viable opportunities.
+ Threats with a TECHNICAL PERSONNEL level of ONES will not have high KNOWLEDGE,
+because these threats have little capacity for information sharing or research and development programs.
+ Threats with TECHNICAL PERSONNEL level of ONES will not have high INTENSITY because
+these threats are not likely to be self-sacrificing.
+The level of KNOWLEDGE possessed by a threat organization also follows an observable pattern:
+
+ Threats with high CYBER KNOWLEDGE will not have low KINETIC KNOWLEDGEand
+vice-versabecause of the application of expert proficiency in both theoretical and practical domains.
+A final observation can be made regarding a threat organization's capability for ACCESS:
+
+ Threats with high KNOWLEDGECYBER or KINETICwill have at least medium ACCESS
+due to the assumption that it is easier to attain and harder to detect access achieved
+through expert proficiency.
+
+## 3.3 Mitre's Cyber Prep Methodology
+
+The MITRE Corporation's Cyber Prep methodology [9] characterizes threats using an approach similar in many ways to the generic threat matrix [1].This is not surprising; the MITRE work cites two papers on the generic threat matrix papers as sources. The MITRE approach, for example, also defines threat as *the adversary*, and it characterizes threats using qualitative levels, in this case five: advanced, significant, moderate, limited, and unsophisticated.
+
+The approach, however, differs in one major feature: It divides the threat attributes into three classes (capability, intent, and targeting)7 rather than two (commitment and resources). It does not decompose the three classes, but it does describe example threats in which the values of the three classes vary more than they do in the generic threat matrix levels. For example, the paper cited above describes adversaries of low capability and intent and moderate targeting, and adversaries of high capability and low intent and targeting. The eight levels shown in Table 1 do not include these sorts of high-low mixes. The generic threat matrix and the tabular threat characterization approach used in Cyber Prep are clearly cousins. Each has apparent strengths and weaknesses. The generic threat matrix offers the analyst a discrete set of adversary levels to consider. More can be generated, certainly, but the limited number will in many cases be an advantage. The analyst is not required to search a large space but instead looks for the closest approximationa much easier task that is likely to be adequate in most cases. The generic threat matrix also includes both qualitative (STEALTH, KNOWLEDGE) and quantitative (TIME, TECHNICAL PERSONNEL) metrics, while Cyber Prep's metrics are strictly qualitative. The Cyber Prep approach, on the other hand, does allow for differences in targeting. This can be useful, for example, when attempting to differentiate between (1) the adversary with low capability and intent but aggressive targeting and (2) the adversary with high capability, moderate intent, and low targeting. Advocates of the generic threat matrix can argue that "intent" addresses both capability and intent and that the two are correlated. Still, the Cyber Prep approach clearly allows for more granular descriptions of adversaries, at least at the level of capability, intent, and targeting.
+
+This page intentionally blank
+
+
+## 4 Additional Sources Of Threat Metrics
+
+The generic threat matrix is a useful threat model. It does not, however, capture all possible threat metrics. The following sections outline some additional sources of threat metrics. Some of these supplement and enhance the generic threat matrix, while others offer an independent perspective.
+
+## 4.1 Incident Data
+
+In this section, we describe some of the categories of incident information that may be used to assess and measure the attributes of a threat. The variables of interest in a complex system may or may not be directly observable. For instance, a network-based cyber-attack on an information system is directly observable if the network data are collected, but the particular size and composition of the threat is not necessarily observable through the same means. The magnitude of a threat's attributes must often be estimated using some indirect method, such as statistical data analysis, expert opinion, or intelligence analysis. In Table 2, we present some example categories of information that may be gleaned from incident reports in order to contribute to the analysis of a threat's capabilities. Note in particular the final column, which specifies the expected relation of the information category to the threat attributes in the generic threat matrix.
+
+| Category                                                        |
+|-----------------------------------------------------------------|
+| Expected Relation to                                            |
+| Threat Attributes                                               |
+|                                                                |
+|                                                                 |
+| What type of incident occurred (e.g., website defacement,       |
+| Incident                                                        |
+| Characteristics                                                 |
+| denial of service, unauthorized access,                         |
+| reconnaissance/probing)?                                        |
+|                                                                |
+|                                                                 |
+| If malicious software (e.g., a virus or Trojan) was involved in |
+| T                                                               |
+| ECHNICAL                                                        |
+| P                                                               |
+| ERSONNEL                                                        |
+|                                                                 |
+| C                                                               |
+| YBER                                                            |
+| K                                                               |
+| NOWLEDGE                                                        |
+|                                                                 |
+|                                                                 |
+| the incident, was its purpose                                   |
+|                                                                |
+|                                                                 |
+| Command and control (C&C)?                                      |
+|                                                                |
+|                                                                 |
+| Remote access?                                                  |
+|                                                                |
+|                                                                 |
+| Data exfiltration?                                              |
+|                                                                |
+|                                                                 |
+| Data manipulation?                                              |
+|                                                                |
+|                                                                 |
+| Activity monitoring?                                            |
+|                                                                |
+|                                                                 |
+| Was the level of security protection on the target system       |
+| Target System                                                   |
+| Characteristics                                                 |
+|                                                                |
+|                                                                 |
+| Highfully protected using access control, file                 |
+| monitoring, up-to-date patches, etc.?                           |
+| T                                                               |
+| ECHNICAL                                                        |
+| P                                                               |
+| ERSONNEL                                                        |
+|                                                                 |
+| C                                                               |
+| YBER                                                            |
+| K                                                               |
+| NOWLEDGE                                                        |
+|                                                                 |
+| A                                                               |
+| CCESS                                                           |
+|                                                                 |
+|                                                                |
+|                                                                 |
+| Moderatesome protections implemented?                          |
+|                                                                |
+|                                                                 |
+| Lowvery limited protections implemented?                       |
+| Timeline                                                        |
+|                                                                |
+|                                                                 |
+| What is the date of initial activity related to incident?       |
+|                                                                |
+|                                                                 |
+| What is the most recent date of activity related to incident?   |
+| I                                                               |
+| NTENSITY                                                        |
+|                                                                 |
+| S                                                               |
+| TEALTH                                                          |
+|                                                                 |
+| T                                                               |
+| IME                                                             |
+|                                                                 |
+|                                                                |
+|                                                                 |
+| On what date was the incident detected?                         |
+| Category                                                          |
+|-------------------------------------------------------------------|
+| Expected Relation to                                              |
+| Threat Attributes                                                 |
+| Covert Activity                                                   |
+|                                                                  |
+|                                                                   |
+| Was activity related to the incident identified by                |
+|                                                                  |
+|                                                                   |
+| Network monitoring?                                               |
+|                                                                  |
+|                                                                   |
+| A monitoring application (e.g., intrusion detection               |
+| S                                                                 |
+| TEALTH                                                            |
+|                                                                   |
+| C                                                                 |
+| YBER                                                              |
+| K                                                                 |
+| NOWLEDGE                                                          |
+|                                                                   |
+| A                                                                 |
+| CCESS                                                             |
+|                                                                   |
+| system or anti-virus software)?                                   |
+|                                                                  |
+|                                                                   |
+| A system administrator?                                           |
+|                                                                  |
+|                                                                   |
+| A system user?                                                    |
+|                                                                  |
+|                                                                   |
+| Were identified activities immediately associated with the        |
+| incident? Or were identified activities originally dismissed as   |
+| false alarms?                                                     |
+|                                                                  |
+|                                                                   |
+| Were event logs or timestamps modified or deleted to obfuscate    |
+| activity associated with the incident?                            |
+|                                                                  |
+|                                                                   |
+| Were file/disk deletion tools involved in the incident?           |
+|                                                                  |
+|                                                                   |
+| Were incident activities related to reconnaissance, probing,      |
+| execution, or exploitation stages of attack?                      |
+| Attack Vector                                                     |
+|                                                                  |
+|                                                                   |
+| Was the incident facilitated by                                   |
+| S                                                                 |
+| TEALTH                                                            |
+|                                                                   |
+| T                                                                 |
+| IME                                                               |
+|                                                                   |
+| C                                                                 |
+| YBER                                                              |
+| K                                                                 |
+| NOWLEDGE                                                          |
+|                                                                   |
+| A                                                                 |
+| CCESS                                                             |
+|                                                                   |
+|                                                                  |
+|                                                                   |
+| Phishing?                                                         |
+|                                                                  |
+|                                                                   |
+| Social engineering (other than phishing)?                         |
+|                                                                  |
+|                                                                   |
+| Remote access (e.g., VPN or modem)?                               |
+|                                                                  |
+|                                                                   |
+| Inside access?                                                    |
+|                                                                  |
+|                                                                   |
+| If the attack was facilitated by any type of social engineering,  |
+| including phishing, was it a targeted, individual approach or a   |
+| broad blanketing approach?                                        |
+|                                                                  |
+|                                                                   |
+| Was more than one computer system affected by this incident?      |
+| Attack                                                            |
+| Sophistication                                                    |
+|                                                                  |
+|                                                                   |
+| Was the internal network accessed on multiple occasions during    |
+| this incident?                                                    |
+|                                                                  |
+|                                                                   |
+| Were activities associated with the incident novel in any way     |
+| S                                                                 |
+| TEALTH                                                            |
+|                                                                   |
+| T                                                                 |
+| IME                                                               |
+|                                                                   |
+| C                                                                 |
+| YBER                                                              |
+| K                                                                 |
+| NOWLEDGE                                                          |
+|                                                                   |
+| A                                                                 |
+| CCESS                                                             |
+|                                                                   |
+| (i.e., a zero-day attack) or common (i.e., easily acquired        |
+| toolsets)?                                                        |
+|                                                                  |
+|                                                                   |
+| Does an anti-virus signature (from any vendor) exist for any      |
+| Anti-virus                                                        |
+| Signature                                                         |
+| malicious software involved in the incident?                      |
+|                                                                  |
+|                                                                   |
+| If so, did the signature exist and was it widely available on the |
+| date of initial activity?                                         |
+| T                                                                 |
+| ECHNICAL                                                          |
+| P                                                                 |
+| ERSONNEL                                                          |
+|                                                                   |
+| C                                                                 |
+| YBER                                                              |
+| K                                                                 |
+| NOWLEDGE                                                          |
+|                                                                   |
+|                                                                   |
+|                                                                  |
+|                                                                   |
+| Was the system physically accessed as part of the incident?       |
+| Physical                                                          |
+| Interaction                                                       |
+|                                                                  |
+|                                                                   |
+| Was the incident facilitated via the introduction of a physical   |
+| medium (e.g., USB drive, CD, hardware)?                           |
+| T                                                                 |
+| ECHNICAL                                                          |
+| P                                                                 |
+| ERSONNEL                                                          |
+|                                                                   |
+| K                                                                 |
+| INETIC                                                            |
+| K                                                                 |
+| NOWLEDGE                                                          |
+|                                                                   |
+| A                                                                 |
+| CCESS                                                             |
+|                                                                   |
+|                                                                  |
+|                                                                   |
+| Did the incident result in any physical, real-world effects?      |
+| Obfuscation                                                       |
+|                                                                  |
+|                                                                   |
+| Was any involved malicious software encrypted or packed?          |
+|                                                                  |
+|                                                                   |
+| Was any activity, function, or script injected into another for   |
+| malicious purposes?                                               |
+| S                                                                 |
+| TEALTH                                                            |
+|                                                                   |
+| T                                                                 |
+| ECHNICAL                                                          |
+| P                                                                 |
+| ERSONNEL                                                          |
+|                                                                   |
+| C                                                                 |
+| YBER                                                              |
+| K                                                                 |
+| NOWLEDGE                                                          |
+|                                                                   |
+| Category                                                           |
+|--------------------------------------------------------------------|
+| Expected Relation to                                               |
+| Threat Attributes                                                  |
+| Data Compromise                                                    |
+|                                                                   |
+|                                                                    |
+| Was data compromised (e.g., manipulated, exposed, deleted) in      |
+| relation to the incident? If so,                                   |
+|                                                                   |
+|                                                                    |
+| What type of data (e.g., OUO, PII, SUI, UCNI) was                  |
+| compromised?                                                       |
+|                                                                   |
+|                                                                    |
+| Did compromised data affect system operation or                    |
+| mission?                                                           |
+| I                                                                  |
+| NTENSITY                                                           |
+|                                                                    |
+| S                                                                  |
+| TEALTH                                                             |
+|                                                                    |
+| T                                                                  |
+| IME                                                                |
+|                                                                    |
+| C                                                                  |
+| YBER                                                               |
+| K                                                                  |
+| NOWLEDGE                                                           |
+|                                                                    |
+| A                                                                  |
+| CCESS                                                              |
+|                                                                    |
+|                                                                    |
+|                                                                   |
+|                                                                    |
+| Was data exfiltrated as part of the incident? If so,               |
+|                                                                   |
+|                                                                    |
+| What type of data (e.g., password hashes, PII, OUO,                |
+| UCI, proprietary, military, security) was exfiltrated?             |
+|                                                                   |
+|                                                                    |
+| Was data exfiltrated on multiple occasions?                        |
+|                                                                   |
+|                                                                    |
+| Was data encrypted as part of the exfiltration process?            |
+| Attribution                                                        |
+|                                                                   |
+|                                                                    |
+| Is it possible to definitively attribute the activities associated |
+| with the incident to a specific actor?                             |
+|                                                                   |
+|                                                                    |
+| Has any group or individual claimed responsibility for the         |
+| incident?                                                          |
+|                                                                   |
+|                                                                    |
+| If so, was the statement public or private? Was the                |
+| statement a general, specific, or limited declaration?             |
+| I                                                                  |
+| NTENSITY                                                           |
+|                                                                    |
+| S                                                                  |
+| TEALTH                                                             |
+|                                                                    |
+| T                                                                  |
+| ECHNICAL                                                           |
+| P                                                                  |
+| ERSONNEL                                                           |
+|                                                                    |
+| C                                                                  |
+| YBER                                                               |
+| K                                                                  |
+| NOWLEDGE                                                           |
+|                                                                    |
+|                                                                    |
+|                                                                   |
+|                                                                    |
+| Has any group or individual made a targeted threat                 |
+| statement against the victim organization?                         |
+|                                                                   |
+|                                                                    |
+| Were hop-points used? If so, how many?                             |
+|                                                                   |
+|                                                                    |
+| Did the attack originate from a U.S. or foreign IP address? If     |
+| the source IP address is in another country, which country?        |
+
+
+## 4.2 Threat Multipliers
+
+Additional properties of threat exist that, while not distinctive characteristics, can affect one or more threat attributes; they can enhance a threat's capabilities, but they do not affect the threat's profile level. Consider the following three multipliers, each of which can be quantified.
+
+ FUNDING: The monetary support available to a threat has historically been used to define
+the capability of threat groups; however, because the value of currency fluctuates over time, it is a difficult factor to translate into actual capability. As a multiplier, FUNDING can be used to enhance certain threat attributes, such as KNOWLEDGE or ACCESS. On the other hand, it can also reduce the level of a threat attribute such as STEALTHthe purchase of greater KNOWLEDGE or increased access may make an organization more detectable because it is using outside resources.
+ ASSETS: A threat's ability to have, build, or acquire the equipment, tools, and material
+necessary for the pursuit of its goal can be a difficult factor to translate into actual
+capability. However, like funding, it can enhance a threat's ability to carry out its
+mission.
+ TECHNOLOGY: The type of technology that a threat is capable of utilizing or targeting in
+pursuit of its goal can be a limiting factor on certain threat attributes, such as TIME and KNOWLEDGE. The fast-paced, dynamic nature of some technology and its development requires up-to-date KNOWLEDGE and quick implementation or application.
+
+## 4.3 Attack Vectors
+
+An attack vector is an avenue or tool that a threat uses in order to gain access to a device, system, or network in order to launch attacks, gather information, or deliver/leave a malicious item or items in those devices, systems, or networks. An analyst can associate specific attack vectors with specific threat levels in the generic threat matrix (that is, certain vectors may require more commitment and resources, limiting them to the more sophisticated threat levels). An analyst, for example, might associate a given attack vector with THREAT LEVEL 2 through THREAT LEVEL 8 while another vector might be associated with THREAT LEVEL 1 through THREAT LEVEL 3. When performing this sort of assessment, the analyst extends the basic threat model contained in the generic threat matrix. Further work is needed to integrate the model fully, but it should be clear from the description of these vectors below and the content of Table 2 and Table 3 that attack vectors represent a potentially rich source of threat metrics. In addition, each vector suggests a range of associated attack metrics. For instance, how much time does each vector take to plan, stage, and execute? How frequently does each level of threat execute each type of vector? Which vectors do attackers apply against which sorts of targets and vulnerabilities? Each of these questions corresponds to one or more metrics that the analyst can apply within the generic threat matrix or another threat model. Not surprisingly, the number and sophistication of attack vectors grows as technology advances. The popularity of mobile computing offers threats more avenues and tools that they can use to launch attacks, gather information, or deliver/leave malicious applications. Some general attack vectors include the following.
+
+ *Phishing attacks* can use a network's applications against its own users. For example, a
+company-wide email may include maliciously crafted links to viruses or malware. Additionally, detailed information regarding a network's users can be gathered on the
+Internet via public archives and social networking sites. This information can be used to conduct targeted phishing attacks against individual users that can be very difficult to
+detect.
+ *Unsecured wireless networks* can be used as both a tool and an avenue for launching
+certain attacks. If attackers are able to gain unauthorized access to a wireless network,
+they can observe traffic, exfiltrated data, and deny services to legitimate users.
+ *Removable media*, such as USB drives, can easily introduce malware into an information
+system. The threat doesn't need to be actively involved if an unsuspecting individual
+connects a USB drive of unknown origin to his own or his organization's computer
+system.
+ *Mobile devices (e.g., smartphones and tablets)* can be used both as a tool and an avenue
+for launching attacks or gathering personal information. One example is when a threat
+makes use of the location where mobile users purchase "apps" for their smartphones. If a
+threat actor is able to create rogue apps or modify existing apps and an unsuspecting individual downloads such apps to her smartphone, the individual has opened up her mobile device to the threat. Mobile devices introduce potential vulnerabilities associated with physical loss and inconsistent configuration management (e.g., personally owned
+devices vs. enterprise owned).
+ *Malicious web components* can be used as a tool for a threat to be able to launch attacks
+by possibly using malicious web pages. If an unsuspecting individual visits a malicious web page, he can possibly make his systems or networks vulnerable. Malicious downloads may occur as a result of visiting web pages that contain malicious web components (downloads). Insufficiently secured web components offer attack surfaces
+susceptible to SQL injection and cross-site scripting (XSS) attacks.
+ *Viruses and malware* are tools that are used in order to launch certain types of attacks.
+Many of these tools are openly available on the Internet. Such attacks will have differing
+goalsbased on the threat actor, environment, and target system/network.
+The attack vectors listed above (and others not listed) can be used in conjunction to launch particular types of attacks. As threat actors become more sophisticated and attack methods become more portable, the list of attack vectors will continue to grow. Usually, attack or threat vectors are included in attack graphs or trees (see Section 4.5) to show where along an attack path they play a role.
+
+## 4.4 Target Characteristics
+
+Target characteristics also offer the analyst a source of metrics to relate to the threat model. These characteristics, for example, suggest that some targets are more attractive than others, that some targets are more vulnerable than others, and that some targets are targeted more frequently than others. If the analyst uses the generic threat matrix as his primary threat model, then information about target characteristics can inform the threat levels and can, in addition, be aggregated and associated with the threat levels as shown in Section 0.
+
+Some characteristics of the target system can help an analyst to understand the existence or likelihood of threat action against that system. The following system characteristics are representative.
+
+ The quantity or frequency of *unattributed cyber-attack incidents*, such as network probes,
+malware discoveries, Web-based attacks, phishing emails, spear phishing incidents, and exfiltrated data.
+ The *availability of agency information* discoverable through publicly accessible means:
+ The quantity or percentage of agency personnel found on social sites and the
+amount of sensitive information posted by those personnel.
+ The inclusion of requests for proposal (RFPs), statements of work, design
+documentation, and configuration guidelines posted on public websites or
+available in open archives.
+ The *value of the agency*, determined by its visibility and profile.  The *security level of the system.*
+
+## 4.5 Attack Trees
+
+Attack trees offer another approach to characterizing and analyzing threats. An attack tree is a logical diagram similar to a fault tree. An attack tree, or its cousin the attack graph, can be used as a source of metrics or as a stand-alone attack model. In this report, we cite it primarily as a source of threat metrics. When building an attack tree, as illustrated in Figure 1, an analyst begins by defining the attacker's overarching goal. This goal serves as the top node in the tree. Subordinate nodes detail
+(1) the logical relationships among the actions an adversary might undertake to achieve the goal and (2) the actions themselves. Each unique path through the tree represents an attack scenario.
+
+The example attack tree in Figure 1 shows an attack with three unique paths or scenarios. The attacker may pursue an attack comprising leaf node 1, leaf node 2, or a third attack that requires leaf node 3 and leaf node 4.
+
+The threat analyst typically characterizes the attack scenarios using a variety of metrics. One metric, for example, might be the level of skill required to perform an attack. Another metric might be the time required to implement an attack. Still another might be the consequence generated by an attack. Once the analyst characterizes the scenarios using these metrics, she can rank the scenarios from the threat's perspective. Easy scenarios that yield an attractive consequence (again, from the threat's perspective) rise to the top. Difficult scenarios that yield weak or undesirable consequences sink to the bottom. The threat analyst can apply the threat levels enumerated in the generic threat matrix directly to attack tree analysis. Once each attack path or scenario is defined (along with the metrics and measures for the leaf nodes) the analyst can assess which attacks each level of threat can perform.8 For example, the analysis might yield the following tabulation (Table 4), which indicates that the ability to undertake the scenarios is distributed fairly evenly across the threat levels. (Note that the following tables and figures incorporate notional data.)
+
+| Threat Level    | Scenarios    |
+|-----------------|--------------|
+| Number          | Percent      |
+| 1               |              |
+| 9               | 90           |
+| 2               |              |
+| 8               | 80           |
+| 3               |              |
+| 8               | 80           |
+| 4               |              |
+| 8               | 80           |
+| 5               |              |
+| 8               | 80           |
+| 6               |              |
+| 7               | 70           |
+| 7               |              |
+| 6               | 60           |
+| 8               |              |
+| 3               | 30           |
+
+Figure 2 displays the Table 4 data as a distribution. It should be clear that, taken as a whole, this set of attacks is not limited to high-level attackers. Alternatively, the analysis might yield a result like that shown in Table 5 and Figure 3, which tell a very different story. In this case, the scenarios are limited to the higher-level attackers, with the exception of one scenario that an attacker of THREAT LEVEL 8 is able to perform. (This apparent anomaly can indeed occur, depending on the nature of the metrics applied.) It is also possible to assess the output of the attack tree analysis metric-by-metric and compare this analysis with the threat levels. This assessment can tell the analyst which metrics are potentially the most interesting or influential and, additionally, which combinations of metric and threat level are also most interesting.
+
+
+| Threat Level    | Scenarios    |
+|-----------------|--------------|
+| Number          | Percent      |
+| 1               |              |
+| 5               | 50           |
+| 2               |              |
+| 5               | 50           |
+| 3               |              |
+| 4               | 40           |
+| 4               |              |
+| 3               | 30           |
+| 5               |              |
+| 0               | 0            |
+| 6               |              |
+| 0               | 0            |
+| 7               |              |
+| 0               | 0            |
+| 8               |              |
+| 1               | 10           |
+
+In sum, attack trees are useful in several ways. First, they allow the analyst to delineate attacks deductively. Second, they facilitate attack analysis by providing a transparent and relatively straightforward method of characterizing both attacks and attackers. Third, they are highly flexible and can be used to model just about any type of attack or threat. Finally, they generate data that can be used in concert with the generic threat model to learn more about which threats can undertake which attacks and which attacks are likely to be preferred by which threats. That said, attack trees represent only one way of thinking about attacks and threats. Not everyone prefers to approach the problem deductively, and some users no doubt find the logical structure of the tree to be more of a hindrance than a help.
+
+
+
+## 4.6 Attack Frequency
+
+Attack frequency can serve as another useful metric. It is particularly valuable because it can be coupled with a variety of related metrics. Attack frequency by level of difficulty is a potentially useful combination. Other possible combinations are attack frequency by target type and difficulty and attack frequency by vulnerability. Figure 4 illustrates a family of four charts that show the cumulative attack frequency by threat level and vulnerability for a given target type. The data are strictly notional. We can just as easily generate a series of charts for cumulative attack frequency by target type for a given vulnerability (see Figure 5). Again, the data are strictly notional. These kinds of charts complement the generic threat matrix and apply existing metrics in new and informative ways.
+
+## 4.7 Making Security MeasurableTM
+
+The MITRE Corporation is currently leading an effort to improve "the measurability of security through enumerating baseline security data, providing standardized languages as means for accurately communicating the information, and encouraging the sharing of the information with users by developing repositories" [9]. Initiatives within this effort include those listed in Table 6. Additional enumerations, languages, and repositories are identified on the MITRE Web site.
+
+
+
+Enumerations
+Common Vulnerabilities and Exposures (CVE)
+
+Common Weakness Enumeration (CWETM)
+
+Common Attack Pattern Enumeration and Classification (CAPECTM)
+
+Common Configuration Enumeration (CCETM)
+Languages
+Open Vulnerability and Assessment Language (OVAL)
+
+Common Event Expression (CEETM)
+
+Malware Attribute Enumeration and Characterization (MAECTM)
+Repositories
+OVAL Repository
+
+At a high level, the effort appears to be designed to standardize the categorization and description of security-related incidents, threats, and vulnerabilities so these things can then be counted and analyzed. This is accomplished by using what are, in effect, nominal or categorical scales. Thus, if one set of enumerations identifies 10 classes of "things," the analyst can then count how many of each "thing" occurs over a period of time. The descriptions are standardized using languages that yield "tool-consumable" data. This also facilitates automation. Finally, the "tool-consumable" data are held in shared repositories [10]. This initiative is potentially useful, and it becomes even more useful as more organizations join the effort. It is worth noting, however, that nominal scales tend to be more limited than ordinal, interval, and ratio scales or measurement. They are generally easier to define and easier to employ, but the resulting data cannot be (or should not be) used in as many quantitative operations.
+
+This page intentionally blank
+
+
+## 5 Conclusion: Toward A Consistent Threat Assessment Process
+
+To this point in our effort, we have used the generic threat matrix as our primary threat model. As such, the matrix serves as the framework for ordering a set of relevant threat metrics. These metrics vary in character from potentially quite subjective (the level of intensity) to relatively objective (the number of technical personnel). This is not surprising: Threat metrics can be difficult to identify, delimit, and quantify. In Section 4, we introduced a number of sources for additional threat metrics. Some of these metrics complement the generic threat matrix and others extend it.9
+Regardless of the model or metrics employed, however, we recognize that we must also apply a consistent threat analysis *process*. Consistency is a key requirement of this effort (as noted in Section 0).
+
+Figure 6 offers a functional view of the process employed to date. (We refer to this process as the
+"as is" processas opposed to the suggested "to be" process, which we introduce later in this section.) Although the boxes and lines suggest a rigid process, the process in practice is anything but rigid. Indeed, the analysis of threat remains grounded in each analyst's experience, background, and expert opinion.
+
+
+functional diagram where the main function (*assess threat*) is fed by two inputs (*threat analysis*
+and *threat reports*) and yields a single output (a threat ranking and statement). Process guidelines serve as a control, and the *threat analyst* and the *generic threat matrix* serve as resources.
+
+What does the "as is" process lack? The main deficit is any explicit accommodation for feedback and learning. If we assume that the threat analyst generates useful threat rankings and statements, we should also assume that these outputs can serve as useful inputs in future iterations. In other words, the more we learn, the more we should feed what we have learned back through the process. Figure 7 illustrates one possible variation. Here, three inputs inform the threat assessment: (1) relevant threats, (2) new threat information, and (3) catalogued threat information. The output, a threat report, becomes an input to future threat assessments. Basically, routine and ongoing FCEB threat assessment research would discover and track threats (including general, unattributed threat activity), recording information in a database using the metrics defined here. For each agency that the RVA program is assessing, a search is conducted to identify threats relevant to that agency, possibly adding new information as it is discovered. Then the threat characteristic contained in the database is provided to the Vulnerability Assessment Program (VAP) team as the estimate for that system. This will help in providing consistent estimates to multiple agencies. Despite our progress in this area, further study regarding how analysts assess threats is needed.
+
+We propose a study involving human subjects that do not have a deep background in cyber threat analysis in order to observe their methodology for investigating threat (using open data sources) and applying the proposed OTA measurement system. The purpose of the study would be to observe and explore the investigations and assessments made by novice threat analysts in their process of categorizing threat in a cyber environment. Future studies would be necessary to compare this novice approach to that of subject matter experts, such as experienced intelligence analysts.
+
+This page intentionally blank
+
+
+## 6 Works Cited
+
+[1] Bodeau, Deb, Jenn Fabius-Greene, and Rich Graubart. How Do You Assess Your
+Organization's Cyber Threat Level? The MITRE Corporation, n.d.
+[2] RVA Program (Sandia National Laboratories). Operational Threat Assessment Project
+Execution Plan for a Single Threat Assessment (DRAFT). Federal Network Security, Compliance & Assurance Program, U.S. Department of Homeland Security, 2010.
+[3] Merriam-Webster.com. *metric.* http://www.merriam-webster.com/dictionary/metric
+(accessed September 15, 2011).
+[4] Jaquith, Andrew. *Security Metrics: Replacing Fear, Uncertainty, and Doubt.* Upper
+Saddle River, NJ: Addison-Wesley, 2007.
+[5] Frost, Bob. *Measuring Performance.* Dallas, TX: Measurement International, 2000. [6] Kaydos, Will. *Operational Performance Measurement: Increasing Total Productivity.*
+Boca Raton, FL: St. Lucie Press, 1999.
+[7] Frost, Bob. *Designing Metrics.* Dallas, TX: Measurement International, 2007. [8] Duggan, D. P., S. R. Thomas, C. K. K. Veitch, and L. Woodard. Categorizing Threat:
+Building and Using a Generic Threat Matrix. Albuquerque, NM: Sandia National Laboratories, 2007.
+[9] Martin, Robert A. *Making Security Measurable*. Bedford, MA: The MITRE Corporation.
+http://measurablesecurity.mitre.org/ (accessed October 13, 2011).
+[10] Martin, Robert A. "Making Security Measurable and Manageable." CrossTalk: The
+Journal of Defense Software Engineering, September/October 2009: 26-32.
+[11] DHS Risk Steering Committee. *DHS Risk Lexicon.* Washington, DC: The Department of
+Homeland Security, 2010.
+
+
+This page intentionally blank
+
+
+## Distribution
+
+Mr. Robert Karas, Department of Homeland Security, 245 Murray Ln SW, Bldg. 410, Washington, DC  20528 1
+MS0671
+J. Mark Harris
+0527
+1
+MS0899
+RIM-Reports Management, 9532 (electronic copy)
+
+
+##
+
+
+
+##

markdown/misc/mumbai.md

@@ -0,0 +1,1585 @@
+(viii) Abdur Rehman @ Abu Abdar Rehman (Chhota - 21 yrs) r/o
+Arifwala, Multan Road, Pakistan.
+(ix)
+Fahadulla (23 yrs) r/o Ujrashah Mukim, Rasur Road, Okara,
+Punjab, Pakistan.
+
+## Material Objects Recovered
+
+11.
+
+On the basis of the interrogation and searches, the investigators have recovered the following material objects:
+
+(i)
+ M.V. Kuber, a fishing trawler
+(if)
+ GPS instruments
+(iii)
+A satellite phone
+(iv)
+An eleven seater inflatable dinghy with outboard motor
+(v)
+Numerous articles (list with photographs at Annexure-II)
+12.
+
+M.V. Kuber is a fishing trawler that belongs to Vinod Bhai Masani of Porbander in the State of Gujarat, India. As the narration below will show, it was hijacked by the terrorist group.
+
+13.
+
+The GPS instruments and the satellite phone were provided to the terrorists by their masters. A photograph of the GPS instruments and an analysis of the GPS data is contained in Annexure-III.
+
+14.
+
+The satellite phone has yielded several telephone numbers that links the terrorists to top functionaries of the LeT
+in Pakistan.
+
+A
+photograph of the satellite phone and the telephone numbers retrieved from the satellite phone are contained in Annexure-IV.
+
+One of the numbers is that of a Thuraya satellite phone and is (+88 216) 44 44
+7049. This number belongs to Abu Al Qama, a senior known functionary of LeT.
+
+15.
+
+The eleven seater inflatable dinghy was recovered off the shore near Badhwar Park, Mumbai.
+
+It was fitted with an outboard motor made by Yamaha Motor Corporation. An attempt was made by the terrorists to erase the engine number but it has been retrieved by the investigators.
+
+The outboard motor number is 67 CL-1020015 manufactured by Yamaha Motor Corporation, Japan and imported into Pakistan and distributed by a company by name
+"Business
+& Engineering Trends" located at No.
+
+24, Habibullah Road, off Davis Road, Lahore. The telephone number of the company is +92 42 63 11044.
+
+16.
+
+The articles that were recovered include toiletries, medical kit, food articles, drums containing diesel, clothing items etc and they bear clear evidence of having been manufactured in Pakistan
+(please see Annexure-II).
+
+## R I Mumbai
+
+17.
+
+The terrorists started in a small boat from Karachi at approximately
+0800
+hrs on November 22, 2008. After traveling for about 40 minutes, they were shifted to a larger boat, 'Al-Husseini', which, according to the captured terrorist, belongs to Zaki-ur-Rehman Lakhvi, Chief Commander of the LeT.
+
+There were already seven LeT members on board.
+
+The terrorists spent the entire day on board the A/-Husseini. On November 23,
+2008, at about 1500 hours, the captured terrorist noticed another boat docked next to the Al-Husseini. This was an Indian registered fishing vessel called
+'MV
+Kuber, which had five crewmembers.
+
+Four crewmembers of MV Kuber were shifted to the Al-Husseini. These four crewmembers were later killed by the LeT members. The captain of the trawler (Amar Singh Solanki) was allowed to remain on board the MV
+Kuber and it was he who navigated the MV Kuber for approximately 550
+NM to Mumbai.
+
+18.
+
+The ten terrorists were given their individual pack bags, containing a Kalashnikov, ammunition,
+9 mm pistols, hand grenades, dry fruits, etc.
+
+They were also handed over a bag each, which contained an IED.
+
+19.
+
+The ten terrorists performed watch duties on board MV Kuber. Log sheets maintained by them have been seized (Annexure-V). The MV
+Kuber reached a point four nautical miles off Mumbai at 1600 hours on November 26,
+2008.
+
+As soon as it was dark, the team leader, Ismail Khan, contacted their handler in Pakistan, who directed them to kill Amar Singh Solanki, the captain of MV
+Kuber.
+
+After killing Solanki, the terrorists, along with their weapons and IEDs, boarded the inflatable dinghy. They traversed the last four nautical miles to Mumbai in about
+1
+hour and
+15
+minutes, reaching the locality of Badhwar Park
+(Cuffe Parade) in South Mumbai at about 2030 hours.
+
+## Rrori Reak In I Irs
+
+20.
+
+ After alighting, the ten terrorists divided into five teams according to the pairing decided earlier. Mohammed Ajmal Amir Kasab was paired with the group leader, Ismail Khan. They took taxis to different target destinations.
+
+IED
+devices were planted in two taxis and they later exploded
+- one at Wadi Bunder and the other at Vile Parle
+-
+killing the two taxi drivers.
+
+## The Targets; Cst Railway Station
+
+21.
+
+CST Railway Station is the headquarters of Central Railways. More than 3.5 million passengers pass through the station everyday., At about
+21:20 hrs, two terrorists (Mohammed Ajmal Amir Kasab and Ismail Khan)
+entered the station and started firing indiscriminately from their Kalashnikov rifles and also lobbed grenades. The carnage resulted in 58
+dead and 104 injured.
+
+22.
+
+They were challenged by a small number of policemen at the station. They left the station, crossed an over-bridge and fled into a lane towards Cama Hospital. Near Cama Hospital they were challenged by a police team and there was an exchange of fire. As they exited the lane, they fired on a police vehicle carrying three senior police officers and four policemen. Believing that all the occupants had been killed, they pulled out the bodies of the three police officers and hijacked the police vehicle.
+
+However, only six were killed and one policeman survived the assault. He is Constable Arun Jadhav and is an eyewitness to the events.
+
+After traveling some distance, the terrorists abandoned the police vehicle and hijacked another passenger car.
+
+The car came up against a police barricade at Girgaum Chowpatti and, in an exchange of fire with the police, Ismail Khan was killed and Mohammed Ajmal Amir Kasab was captured. An Assistant Sub-Inspector, Tukaram Ombale was killed while overpowering Mohammed Ajmal Amir Kasab. Two police officers were injured.
+
+23.
+
+The police recovered two Kalashnikov rifles, eight magazines, two pistols, ammunition, empty cases and five hand grenades from the two terrorists.
+
+## Nd Tar: I Id Cafe An R
+
+24.
+
+The Leopold Cafe
+and Bar, established in
+1871, is a popular watering hole and is frequented by foreigners as well as Indians. At about
+21:40
+hrs, two terrorists
+(Hafiz Arshad
+@ Abdul Rehman Bada and Naser @ Abu Umar) entered the Cafe and started firing indiscriminately using AK-47 assault rifles. One grenade was lobbed and it exploded. Ten persons were killed and many injured. After about five minutes, the two terrorists ran towards the Taj Mahal Hotel, situated about half a kilometer from the Cafe.
+
+25.
+
+Police later recovered from the scene of the attack five AK-47
+magazines
+(of which three were empty and two contained
+13
+bullets), empty cases of ammunition, one metal butt of an AK-47
+rifle and two mobile phones.
+
+'
+
+## Thir Rget: Taj Mahal Hotel
+
+26.
+
+The Taj Mahal Hotel, constructed in 1903, is a heritage building and an icon in Mumbai.
+
+It has two wings, the heritage wing with 290 rooms and the Taj Towers with 275 rooms.
+
+27.
+
+Four terrorists
+(Shoaib and Javed and the two terrorists who attacked the Leopold Cafe and Bar, namely, Hafiz Arshad and Nasir)
+targeted the Taj Mahal Hotel. The first pair entered the main lobby at
+21:38 hrs and opened fire, killing 20 persons in the first few minutes. The second pair entered the hotel from the North Court entrance at 21:43 hrs and fired indiscriminately and hurled grenades. The four terrorists moved up to the sixth floor of the Heritage Wing, killing anyone who came in their way. They set fire to a portion of the hotel. The first, fifth and sixth floors of Heritage Wing were badly gutted. Some of these events have been captured in the CCTV cameras installed in the hotel.
+
+28.
+
+Eight police personnel from the local police station rushed to the hotel and cordoned off the area. Thereafter, commandos of the Indian Navy reached the hotel. The next morning, the National Security Guards flew in from Delhi and took charge of the operations.
+
+29.
+
+There was a hostage situation because many guests had locked themselves in their rooms and many were sequestered in different parts of the hotel. The operations continued until the morning of November 29,
+2008. Nearly 450 guests were rescued. The terrorists killed 32 persons including hotel guests and staff.
+
+A major of the NSG was killed and another commando was injured. At the end of the operations, the four terrorists were killed.
+
+30.
+
+The police recovered four Kalashnikov assault rifles, eight magazines, three pistols and magazines, a number of unexploded grenades, live and empty cases of ammunition, mobile telephones and one GPS instrument.
+
+31.
+
+Throughout the period, the terrorists were in touch with their controllers in Pakistan via telephone.
+
+They received a stream of instructions and it was apparent that the controllers were monitoring Indian television channels. The controllers were keen that the terrorists should take hostage some wazirs (meaning Ministers) who might have been present in the hotel.
+
+## E I Oberoi-Tri 1
+
+32.
+
+The hotel has two wings, one named Oberoi and the other Trident.
+
+Together they have 877 rooms.
+
+33.
+
+At about 22:00
+hrs, two terrorists (Abdul Rehman Chotta and Fahadullah)
+entered Trident Hotel through the main entrance and started firing indiscriminately.
+
+They crossed over to the Oberoi and sprayed bullets into a restaurant. Two IEDs were exploded. The terrorists moved to the upper floors of the Oberoi, killing guests and staff who came in their way. Finally, they holed up on the 16" and 18" floors where they kept many guests hostage.
+
+34.
+
+NSG Commandos took charge of the operations on the morning of November 27, 2008. The operations were concluded after 42 hours on the afternoon of November 28, 2008. The two terrorists were killed.
+
+35.
+
+In the attack on the Oberoi-Trident, 33 persons were killed.
+
+36.
+
+Police recovered two Kalashnikov rifle, six magazines of which two were loaded, a number of empty cases and hand grenade clips.
+
+## Fi : Ri
+
+37.
+
+Nariman House is a five-storied building, which had been purchased two years ago by an orthodox Jewish organisation called Chabad Liberation Movement of Hasidic Jews. It was renamed as Chabad House. A
+Rabbi and his family lived in the building and generally accommodated visiting Jews.
+
+38.
+
+At about 22:25 hrs, two terrorists (Babar Imran and Nazir) began firing outside Chabad House and gained access to the building. Several persons were taken hostage.
+
+39.
+
+The terrorists and the police exchanged fire throughout the night of November 26, 2008 and into the next day. A powerful IED explosion blew away the wall at the rear of Nariman House. During the operations, the police rescued
+14 persons from Chabad House. The maidservant of the Rabbi also escaped carrying the Rabbis two-year-old son.
+
+40.
+
+The NSG pressed helicopters into service and landed commandos on the terrace of Chabad House. Eventually, both the terrorists were killed.
+
+One NSG Commando was killed and two injured.
+
+Five hostages were found dead.
+
+41.
+
+Throughout the operations, the terrorists received instructions over telephone from their controllers. The controllers warned the terrorists about the use of helicopters and about the landing of commandos on the terrace.
+
+42.
+
+The police recovered two Kalashnikov rifles, four magazines, three pistols, about 250 live rounds of ammunition, four mobile phones and one GPS instrument.
+
+## The Evidence Gathere Far
+
+43.
+
+Reference has been made to the Kalashnikov rifles, pistols, ammunition, grenades, mobile telephones, GPS sets etc recovered from the terrorists from the scenes of the crimes.
+
+44.
+
+Ten IED devices were given to the terrorists. Seven had exploded and three were recovered and defused later. The three devices are similar and bear the unmistakable signature of having been made by the same individual or same team at the same time.
+
+Each IED
+weighed approximately 8 kilograms and each contained 4-5 kilograms of tightly packed black greasy RDX.
+
+Each had a black-coloured programmable electronic timer switch with five wires numbered from
+1
+to
+5.
+
+Wire numbers
+1
+and
+4 were found connected in all the devices while wire numbers
+2,
+3
+and
+5
+were left unconnected.
+
+Each device had two detonators and steel ball bearings of 4 to
+6 mm diameter, which were embedded and placed around the charge. The power source was two 9-
+volt batteries of Duracell make.
+
+The timer bore instructions in Urdu language for setting the time.
+
+45.
+
+The 9 mm pistols that were recovered from different scenes of the crimes bore the marking of "Diamond Nedi Frontier Arms Company, Peshawar". (Peshawar is in Pakistan).
+
+46.
+
+The hand grenades that were detonated and that were found unexploded were manufactured by Arges, an Austrian company. Inquiries have revealed that Arges Company had given a franchise to manufacture hand grenades to a Pakistan Ordnance Factory near Rawalpindi. Similar hand grenades were used in the serial blasts that shook Mumbai on March
+12, 1993 and in the attack on the Parliament House on December 13,
+2001. (Photographs of pistols/grenades are at Annexure-VI)
+47.
+
+M.V. Kuber, the fishing trawler has been recovered. It contained the body of Amar Singh Solanki, the captain.
+
+48.
+
+The satellite phone recovered from the fishing trawler was used to call a number of telephones. Some of these telephone numbers have linkages with the LeT (please see Annexure-IV).
+
+49.
+
+A GPS Set was recovered from the fishing trawler. Data retrieved from the set reveals that the route was set from about 150 km South East of Karachi to Mumbai. The GPS was also pre-programmed to help the terrorists reach the shore near Badhwar Park, Mumbai
+(please see Annexure~III).
+
+50.
+
+Many items of personal use recovered from the fishing trawler contain unmistakable signs of having been manufactured in Pakistan
+(please see Annexure-II).
+
+51.
+
+An email claiming responsibility for the Mumbai attack was sent to the media by a hitherto unknown organization styled as
+Deccan Mujahideen'.
+
+The IP
+address of the email ID
+deccanmujahideen@
+gmail.com'
+resolved to a proxy server in Russia.
+
+Examination of the server data has indicated that Zarrar Shah, Communication Coordinator of LeT, had organized the creation of a new email account in the evening of November
+26,
+2008
+specifically in order to send the email claiming responsibility for the attack. It has also been learnt that Zarrar Shah was using another email ID
+'drmoazam@ymail.com' which was registered from Pakistan via IP address 118.107.140.139
+at 1440
+Z on June
+24,
+2008.
+
+## Telephone Links
+
+52.
+
+The controllers/handlers of the terrorists passed instructions over telephone throughout the operations. They used VOIP calling platforms.
+
+Investigations into the numbers used by the controllers/handlers have revealed that one number is a 'virtual number' and five are DID numbers with the country code of Austria.
+
+The virtual number carries the US
+country code and is +1 201 2531824. This virtual number was used to route calls to the terrorists in India. The virtual number was initially set up with a US
+company, by name Callphonex, by an individual who identified himself as Kharak Singh from India. The account was activated by a moneygram transferred in the name of Mohammed Ashfaq pk, code
+88647675.
+
+Kharak Singh also requested Callphonex to assign five Austrian Direct Inward Dialing (DID) numbers because his clients called from different Countries, including India. The payment for the account was through Western Union Transfer. The payment was made to the Western Union agent, Nizar Alsharif whose address is Madina Trading, Corso Garibaldi S3
+A, Brescia, BS 25100, Italy with the information: "MTCN:
+0579326626, Sender:
+Javaid Igbal, Amount: US$238.78" on November
+25,
+2008. According to Western Union, Javaid Igbal's date of birth is December
+31,
+1962
+and the form of IV
+he provided was Pakistani Passport No KC 092481.
+
+Investigations have revealed that Callphonex asked Kharak Singh if he was from India why the Western Union Transfer was coming from Pakistan. Apparently, Callphonex received no reply.
+
+## The Transcripts
+
+53.
+
+Even while the terrorists had occupied the target buildings and the security forces were engaging them, the terrorists were in contact with their controllers/handlers over mobile telephones. They also used mobile telephones belonging to hostages/victims. Shortly after the attack on Taj Mahal Hotel, Indian agencies were able to intercept mobile telephone calls made from and to the Hotel. The controllers/handlers used the virtual number to contact a mobile telephone with one of the terrorists. This conversation was intercepted and, thereafter, all calls made through the virtual number were also intercepted and recorded.
+
+The interceptions revealed three Austrian numbers, which were given to the terrorists by the controllers/handlers and conversations with these numbers by the terrorists, were also intercepted and recorded.
+
+The Austrian numbers correspond to the DID numbers referred to in paragraph
+52 above.
+
+A
+sample of the transcripts of the intercepted conversations is at Annexure-VII.
+
+The transcripts show that the terrorists were being instructed and guided by their controllers/handlers.
+
+## Interrogation Of Mohammed Ajmal Amir Xasab
+
+54, The interrogation of the captured terrorist has reveaied a wesith of information. Mohammed Ajmal Amir Kasab tac claimed that he had met some important LeT leaders. When shown a photograph taken from the passport of the person concerned, he identified the person as the one who had briefed the terrorists in the LeT camps near Muzzafarabad and in Azizabad. He described the person as the most important person in the LeT
+and the mastermind behind the operations in Mumbai.
+
+The photograph shown to him was that of Zaki-ur-Rehman Lakhvi.
+
+55.
+
+The evidence gathered so far unmistakably points to the territory of Pakistan as a source of the terrorist attacks in Mumbai between November 26 and November 29, 2008.
+
+It is also abundantly clear that senior functionaries of the LeT were the controllers/handlers of the ten terrorists. The evidence unmistakably establishes that the ten terrorists were chosen, trained, despatched, controlled and guided by the LeT which is the organisation responsible for the terrorist attacks in Mumbai.
+
+| List    | of    | Foreigners    | Killed          | in         | Mumbai      | Terrorist    | Attacks    |
+|---------|-------|---------------|-----------------|------------|-------------|--------------|------------|
+| [       | 81    | Name          | Age             | |[Sex|     | Nationality |              |            |
+| No.     |       |               |                 |            |             |              |            |
+| 1       | |     | Ms.           | Naomi           | Shear      | 25          | F            | |          |
+| 2       | |     | Mr.           | Allan           | Michele    | Shear       | 58           | M          |
+| 3       | |     | Mr.           | Sandeep         | Kishan     | Jeswani     | M            | |          |
+| 4       | |     | Mr.           | Bread           | Gilbert    | Tailor      | 49           | M          |
+| 5       | | Mr. | Douglas       | Markell         | 50         | M           | |            | Australian |
+| 6       | |     | Mr.           | Mike            | Steweart   | Moss        | 73           | M          |
+| 7       | |     | Ms.           | Elizabeth       | Russel     | 65          | F            | |          |
+| 8       | |     | Mr.           | T               | Tsuda      | Bilasi      | 41           | |          |
+| |9      | |     | Mr.           | Mourad          | Amersey    | 49          | M            | |          |
+| 10      | |     | Ms.           | Loumi           | Amersey    | 32          | F            | |          |
+| 11      | |     | Mr.           | Jugran          | Heinz      | Schmidt     | 68           | M          |
+| 12      | |     | Ms.           | Dapane          | Schmidt    | 50          | M            | |          |
+| 13      | |     | Mr.           | Ralph           | Buruei     | 51          | M            | |          |
+| 14      | |     | Ms.           | Pillai          | Hema       | 43          | F            | |          |
+| 15      | |     | Ms.           | Rivka           | Holtzberg  | 28          | F            | |          |
+| 16      | |     | Rabbi         | Gavriel         | Holtzberg  | 29          | M            | |          |
+| 17      | |     | Mr.           | Yocheved        | Orpaz      | 34          | M            | |          |
+| 18      | |     | Ms.           | Norma           | Rabinovich | 50          | F            | |          |
+| 19      | |     | Rabbi         | Leibish         | Teitelbaum | 50          | M            | |          |
+| lived   | in    | Jerusalem     |                 |            |             |              |            |
+| 20      | |     | Mr.           | Bentzion        | Chroman    | 28          | M            | |          |
+| 21      | |     | Mr.           | Lorenza-Antinio | 45         | M           | |            | Italian    |
+| 22      | |     | Mr.           | William         | John       | Berbush     | 38           | M          |
+| 23      | |     | Ms.           | Low             | Hawai      | Yen         | 27           | F          |
+| 24      | |     | Ms.           | Jina            | Jira       | Kanmani     | 27           | F          |
+| 25      | |     | Mr.           | Livera          | Andres     | 73          | M            | |          |
+| 26      | |     | Mr.           | Gunness         | Chaitlal   | 45          | M            | |          |
+| List    | of        | it        | tograph    | overed    |
+|---------|-----------|-----------|------------|-----------|
+| ik      | Pickle    |           |            |           |
+| 2;      | Diesel    | Container |            |           |
+| 3y      | Match     | box       |            |           |
+| 4.      | Detergent | Powder    |            |           |
+| 5.      | Tissue    | Paper     |            |           |
+| 6.      | Wheat     | Flour     |            |           |
+| 75      | Mountain  | Dew       | Bottle     |           |
+| 8.      | Medicam   | Dental    | Cream      |           |
+| 9.      | Touchme   | Shaving   | Cream      |           |
+| 10.     | Sogo      | Spray     | Paint      |           |
+| 11.     | Yamaha    | Engine    | Cover      |           |
+| 12.     | Milk      | Powder    | packet     | (Nestle)  |
+| 13.     | Floor     | cleaning  | brush      |           |
+| 14.     | Bermuda   |           |            |           |
+| 15.     | Towel     |           |            |           |
+| 16.     | Jackets   |           |            |           |
+
+## Bl Ofelimioary Gbs Dataraslaved From The Et Gbs Smulamants
+
+On caraful analysis of 17 Waypolnts retrievad from the target GPS, It s cancluded that the Waypoints obtalned can be divided Into thres distinct groups , as explalned below :
+
+1)
+START, RETURN & REFERENCE Point  MOB (Man On Board)
+Mo8
+. CRTD 0654
+T
+atarasonR
+22-NOv-2008
+.
+6789 525"
+Besring - 317
+Distance 407.7 naut mile
+MOB Is 20 kms South-Wast
+from Kajhar Crask, near Keti Bandar In Pakiston, The point ls 150
+
+kma South-East of Karachl, This Is the polnt from where the militants switched on thelr GPS and started their journey, as well 25 planned to return to this very polnt after compietion of attack.
+
+2)
+ PATH THAT WAS SUPPOSED TO BE FOLLOWED
+|
+
+| OCENSE      | QCEAN    | /      | SEA          | 240    | 433"    | N    |
+|-------------|----------|--------|--------------|----------|---------|------|
+| Besring     | -        | 317   | 6799'52.6"E |          |         |      |
+| Distance    | =407,    | naut   | mile         |          |         |      |
+| OCENS2      | OCEAN    | /      | SEA          | 827      | WIN    |      |
+| Buaring     | -        | 316   | $749'       | 053"     |        |      |
+| Distance    | =        | 392.6  | naut         | mila     |         |      |
+| QCENS3      | CRTD     | 06:12  | 2313         | 173N    |         |      |
+| 22-N0V-2008 | 6740'   | 05.3"  | K            |          |         |      |
+| Baaring     | -        | 318   |              |          |         |      |
+| Distance    | =        | 382.9  | nsut         | mile     |         |      |
+| OCENSA      | OCEAN    | /      | $6A          | .        | IS      | TN   |
+| Reforance   | -        | JALA-1 | 7249        | 3207E    |         |      |
+| Bearing-    | 125     | .      |              |          |         |      |
+| Distance    | =312.7   | naut   | mile         |          |         |      |
+
+The OCENS polnts were pre-programmed In GPS for navigation to reach Mumbal through sea rauts. These points wara Intended to help milltants In reaching at OCENSA, ('A"
+possibly indicating 'Arrival'), Badhwar Park Kollwada Cuffa Parade, Mumbal. Though they deviated from the pre-planned route dus to its closer proximity with Indlan coastal ceglons, and followad the path marked 85 JALA {explaingd below), Tha GPS also shows a symbol of a car at the arrival point (ODENSA) and the terrorists sctuslly took 8 taxi from the place,
+
+28-NOV-2008
+Baaring - 202
+T004
+Distance - 0.88 naut mile
+CRTD 10:32
+28-NOV-2008 Bearing - 314
+'Distance =432.7 naut mile
+T003
+CRTD 20:32
+28-NOV-2008
+Bearing - 314
+Distance =432.7 naut mile CATD 10:32
+28-NOV-2008
+Bearing- 314
+Distence
+- 4329 naut mile
+T001
+CRTD 10:32
+28-NOV-2008
+Bearlng - 317
+Distance
+- 407.7 naut mile
+
+The T001 0 7007 are TRAGBACK polnts marked In GPS with mention of date 28,11.2008(10:32).
+
+It seems that 7007 and MAP ware the RV for thel Intended retum after the attack, The route to be followed would have been T007 through T001,
+
+| 7250'      | 366"    |     |
+|-------------|---------|------|
+| 2343'      | 262N    |      |
+| 6705'      | 481"    | E    |
+| 2943'24"N  |         |      |
+| 6708        | 491"    |      |
+| BN          |         |      |
+| 705'      | 45"     |      |
+| 2040        | 830N   |      |
+| 6799'525"E |         |      |
+3)
+ ROUTE ACTUALLY FOLLOWED FOR REACHING MUMBAI:
+Jaua-y
+OCEAN / SEA
+21055 47.0" N
+Bearing - 307
+6817'07.0E
+Distance = 314,8 naut mile
+JALA2
+OCEAN / SEA
+'201946.0" N
+Boaring - 300
+7016 37.0E
+Distance - 166.2 naut mile
+IAA3
+OCEAN / SEA
+.
+1056 20.0N
+Buaring - 205
+720442608
+Distance - 8.78 naut mile
+IALA4
+OCEAN / SEA
+18 55 100" N
+Bearing - 322
+72049 31.0
+Distance =2.13 naut mile
+s
+
+Since the originel route decided was having closer proximity with Indlan coastal reglons, the militants maintained  safe distanca of 60 to 80 Kms from Indlan soll tll they reachad Mumbal, During thelr journey, they marked four positions as showad above as JALA, showing the actual positions on thelr way to Mumbal.
+
+## 4) Planned Route For Return Journey After Attack:
+
+| MAP         | CRTD    | 23:06     | 18    | 53"    | 31.5"    | N    |
+|-------------|---------|-----------|--------|--------|----------|------|
+| 27-NOV-2008 | 72     | 50"       | 56.7"  | E      |          |      |
+| Bearing     | -       | 000      |        |        |          |      |
+| Distance    | - 0     | naut      | mile   |        |          |      |
+| TOO7        | CRTD    | 10:32     | 18    | 53/    | 31.5"    | N    |
+| 28-NOV-2008 | 72%     | 50756:7"E |        |        |          |      |
+| Bearing     | -       | 0        |        |        |          |      |
+| Distance    | - 0     | naut      | mile   |        |          |      |
+| TO06        | CRTD    | 10:32     | 18    | 53"    | 01.2"    | N    |
+| 28-NOV-2008 | 72     | 50"       | 46.1"  | E      |          |      |
+| Bearing     | -       | 199      |        |        |          |      |
+| Distance    | ~       | 0.53      | paut   | mile   |          |      |
+| TOOS        | CRTD    | 10:32     | 18    | 52"    | 42.2"    | N    |
+
+=
+=/
+I
+J
+&) J
+) I
+<
+sic Mumbai Tour Sightseeing Bombay Elect And Mech Marine Service
+
+| Sko.         | [         | NAME      | SIME0L    | |     | COMMENTS    |
+|--------------|-----------|-----------|-----------|-------|-------------|
+| 1            | [         | OCEAN/SEA | WTATN     |       |             |
+| 1            | Beaig     | -         | 07       | &     | ITOTE       |
+| Distance     | -         | 3148      | naut      | mie   |             |
+| 2            | [         | |         | OCEAN/SEA | WEECN |             |
+| Beaing       | -         | 300      | T         | I0E   | i           |
+| Distance     | -         | 166.2     | naut      | mie   | e           |
+| 1            | |3        | OCEAN/SEA | 1600N    |       |             |
+| Bearing      | -         | 205      | WPWESE    |       |             |
+| Distance     | -         | 6.78      | naut      | e     |             |
+| 4            | OCEAN/SEA | 1855      | 100N     |       |             |
+| Bearing-327 | TPYNOE    |           |           |       |             |
+| Oistance     | ~2.13     | naut      | mie       |       |             |
+| 5.           | (M        | R         | B         | WINSN |             |
+| 78042008     | TPUSETE   |           |           |       |             |
+| Beariog-000 |           |           |           |       |             |
+| Oistance     | -         | 0         | raut      | mile  |             |
+| [            | OXTD      | 0634      | BYAON     |       |             |
+| N0           | 7k        | 47143     |           |       |             |
+| Bearing-317 |           |           |           |       |             |
+| Distance     | -407.7    | navt      | ke        |       |             |
+| 7.           | |         | oot       | OCEAN/SEA | 0BT   |             |
+| Bearing-     | 317       | PARE      |           |       |             |
+| Qistance     | -         | 4077      | raut      | e     |             |
+| i            | [ome      | OCEAN/SEA | BWARTN    |       |             |
+| Bearing      | -         | 316      | P         | 0S3'E |             |
+| Distance     | -         | 3926      | nast      | mile  |             |
+| 9.           | [ocom     | O         | 0612      | WUIN  |             |
+| N8           | PAYOSTE   |           |           |       |             |
+| Beaing-      | 315      | i         |           |       |             |
+Cistance - 3829 raut mle
+Pagreof12
+OCEAN /SEA
+WS HEN
+Reference - JALK
+T
+NITE
+Bearing-125
+Oistance -312.7naut mile
+
+QRTD 10:32
+BYsIN
+2HOV-2008
+PSS E
+Pearivg
+- 317"
+Didtance~407.7
+naut mie
+CRID 1032
+BEOEN
+ZBHOV-1008
+670545
+Bearig-314
+Distaie
+- 4329 pait e
+O 10:32
+2EULN
+2HOV-2008
+P
+BLE
+Bearing -314
+Distance
+- 4307 navtmie
+QX 1032
+WERIN
+2BHOV-2008
+e BYE
+Bearing
+- 314"
+Distance
+- 4327 raut mile
+Qm 1032
+WRLN
+2BH04 2008
+PUBEE
+Bearing- 10
+Distance
+~ (.83 raet mile
+am 102
+180N
+2B-H0V-2008
+brd
+4
+Beaing
+- 199
+Distace
+- .53 vt mile
+RID 1032
+WINSN
+TRN0V-21008
+6T E
+Being-0*
+Distaoce
+-0 naut mile
+Angexure-Il1
+BWaeN
+6139'525E
+6
+YD 0634
+2-NOV-2008
+Bearing-317 Distance
+- 407.7 naut mile
+MOB is 20 ks South-West from Kajhar Creel, Keti Bandar in Pakistan. The poiatis 150 kms South-ast of Karachi
+
+3) PLANNED PATH
+O BE FOLLOWED :
+
+| 7.           | 1         | OCENSE    | OCEAN     | [     | SEA    |
+|--------------|-----------|-----------|-----------|-------|--------|
+| Bearing      | -317     | 619S26E |           |       |        |
+| Distance     | ~         | 7.7       | naut      | mie   |        |
+| S            | OCEAN/SEA | PURTN     |           |       |        |
+| Bearing-316 | SPATOSTE  |           |           |       |        |
+| Distance     | -         | 392       | 6         | naut  | mite   |
+| 9.           | |oCENS    | GRD       | 0612      | BIOIN |        |
+| 12-N0V-2008  | 6P4F0S3E | .         |           |       |        |
+| Bearing      | -         | 315      |           |       |        |
+| Distance     | ~         | 382.9     | naut mile |       |        |
+| 10           | |ocensa   | OCEAN/    | SEA       | 1055  | 1LEN  |
+| Reference    | ~JALA-1   | g         | NTE       |       |        |
+| I            | Bearing-  | 125      |           |       |        |
+| Distence     | ~312.7    | naut mile |           |       |        |
+
+(1 of 12
+
+## Houtes
+
+vaiable ~19
+Used-2
+
+| WAYPOINTS-    | SUNRISE    |
+|---------------|------------|
+| 1514M         |            |
+| (229          |            |
+| 0706          |            |
+| 2.            | JAAL       |
+| bR            |            |
+| 49            |            |
+| o             | A          |
+| COURSE        | DISTANCE   |
+| w             | o          |
+| g             | 51         |
+| 100           | 3t         |
+| s             |            |
+| 4             | M          |
+053
+3 W@
+b, T006
+199
+000NM
+206
+053
+e
+088
+c T
+(518
+d. T004
+As
+00%
+%
+us
+o
+[
+@
+e B
+TR
+a8
+g To01
+| Trip         | Computer    |
+|--------------|-------------|
+| Trip         | Odometer    |
+| v            |             |
+| 1314m        |             |
+| Trip         | Timer       |
+| 01235        |             |
+| AverageSpeed |             |
+| 626          |             |
+| Matimum      | Speed       |
+| aux          |             |
+| L            |             |
+
+Annesure-111
+Page 120712
+SMS contents retrieved from numbers connected to Thuraya No. 8821655526412 and IMEI No. 352384000408640 received from Indian boat MFB Kuber
+
+| IMEI             | No.             | To        | Date       | &      | Message    |
+|------------------|-----------------|-----------|------------|--------|------------|
+| Time             |                 |           |            |        |            |
+| 352384000541520  | 88216676759     | 23.11.08  | "26        | 03     | 000<=>     |
+| (probably        | used            | by        | 11:05(IST) | 000    | I          |
+| number           |                 |           |            |        |            |
+| 8821655526412    |                 |           |            |        |            |
+| 3523840001345050 | 8821655526550   | 20.11.08  | ""SEND     | ME     | A          |
+| 08:43            | BALNS"          |           |            |        |            |
+| -DO-             | -DO-            | 22.11.08  | "AB        | GHOR   | WALI       |
+| 8:35             | PER             | PHONCH    | GAY        |        |            |
+| HAIN             | KIA             | AGHER     | DIN        |        |            |
+| KO               | MUNASIB         | HO        | TO         |        |            |
+| MULAQAT          | KERIN"          |           |            |        |            |
+| 352384000408640  | 8821655526463   | 18.11.08  | "CARD      | NO     |            |
+| 10:58            | 23270973242324" |           |            |        |            |
+| -DO-             | 8821644447049   | 19.11.08  | "SAAD      |        |            |
+| 19:49            | 8821655526571"  |           |            |        |            |
+| -DO-             | 8821644447049   | 21.11.08  | "KIA       | HALAAT | HAIN?"     |
+| 17:33;           |                 |           |            |        |            |
+| -DO-             | 8821655526571   | 23.11.08  | ""HARAS    | SAY    | MILNAY     |
+| 08:14            | KI              | SEATING   | KARLO"     |        |            |
+| -DO-             | 8821655526412   | 24.11.08  | "PLEAS     | SEND   | ME         |
+| 00:28            | POSITION        | &         | SPEED"     |        |            |
+| -DO-             | 8821655526412   | 25.11.08  | "GR        | DAIN.  | KIA        |
+| 10:01            | HALAAT          | KIA       | HAIN.      |        |            |
+| BARF             | KITNY           | DIN       | KI         |        |            |
+| BAQI             | HY?"            |           |            |        |            |
+| 352384001196680  | 8821655526550   | 222.11.08 | "AOA       | FAHUD  | BHAI       |
+| (used            | by              | ITNI      | DER        | IS     | JAGA       |
+| 882165526571     | KHRA            | HONA      | MONASIB    |        |            |
+| probably         | by              | a         | person     | NHI.   | AGR        |
+| called           | SAAD)           | AGY       | CHLY       | JAIEN. |            |
+| SAAD"            |                 |           |            |        |            |
+| -DO-             | 8821644447049   | 23.11.08  | "A         | O      | A          |
+| 06:48            | GUHR            | LGA       | KNHI.      | HUM    |            |
+| KETI             | BNDR            | PR        | HEIN.      |        |            |
+| SAAD"            |                 |           |            |        |            |
+| 352384000236350  | 8821655526412   | 23.11.08  | "MUJH      | SY     | IS         |
+| 09:06            | PER             | RABTA     | RAKHNA     |        |            |
+
+HY. WAST"
+
+## Log Of Kuber 24 Hours Poori Safar (24 Hours Complete Journey)
+
+|            |        |         |    |        |          |    |    |   Name  | Timings    |
+|------------|--------|---------|----|--------|----------|----|----|---------|------------|
+| Fahadullah | +      | Saquib  | +  | Muheeb | 6        | am | to |      8  | am         |
+| Ali        | +      | Hayazi  | +  | Umar   | 8        | am | to |     10  | am         |
+| Ismail     | +      | Qayahiz | +  | Umar   | 10       | am | to |     12  | pm         |
+| Fahadullah | 12     | pmto    | 2  | pm     |          |    |    |         |            |
+| Ali        | 2      | pmto    | 4  | pm     |          |    |    |         |            |
+| Ismail     | 4      | pm      | to | 6      | pm       |    |    |         |            |
+| Fahadullah | 6      | pm      | to | 8      | pm       |    |    |         |            |
+| Ali        | 8      | pm      | to | 10     | pm       |    |    |         |            |
+| Ismail     | 10     | pm      | to | 12     | midnight |    |    |         |            |
+| Fahadullah | 00     | am      | to | 2      | am       |    |    |         |            |
+| Ali        | 2amto4 | am      |    |        |          |    |    |         |            |
+| Ismail     | 4      | am      | to | 6      | am       |    |    |         |            |
+|        |           |          |            |           |           | Sl    | no.     | Code    | Meaning    |
+|--------|-----------|----------|------------|-----------|-----------|-------|---------|---------|------------|
+| 1      | "Machli   | lag      | rahi       | hai"      | (Fish     | is    | "Haalat | theek   | hain"      |
+| being  | caught)   | (Things  | are        | OK)       |           |       |         |         |            |
+| 2      | "Bhai     | log"     | (brothers) | Civil     | Boat      |       |         |         |            |
+| 3      | "Yaar     | log"     | (friends)  | Navy      | Boat      |       |         |         |            |
+| 4      | "Yaar     | logon    | ka         | group"    | (friends' | |     | Navy    | Ship    |            |
+| group) |           |          |            |           |           |       |         |         |            |
+| 5      | "Machine" | "Uljhan" | (problem)  |           |           |       |         |         |            |
+| 6      | "Maal"    | (goods)  | "Madad"    | (help)    |           |       |         |         |            |
+| 7      | "Baraf"   | (Ice)    | "Safar"    | (journey) |           |       |         |         |            |
+
+"GR dene wala (3) jama karega aur lene wala khud (3) nakki karega" (GR providers (3) will deposit and receivers (3) themselves will finalise)
+"'Satellite khula rakha hai (10pm - 10 am)
+(Satellite is on (10 pm - 10 am)
+
+## Page 3
+
+"Yahan ka phone number" (Phone number of this place)
+"Yahan ka satellite number (Satellite number of this place)
+"Naksha ki photographian" (Photocopies of maps)
+"Hoyal seton ki simen" (SIMs of Hoyal sets)
+"TT pistol 2" ( 2 TT pistols)
+Mineral Water Aqua fina
+"Khajoor Achhi 10 kg" (good quality dates 10 kg)
+Current Store Charger
+"GPS ya Navigator" (GPS or Navigator)
+0.
+
+Satellite + phone card
+1. Biscuit (Candy + bakery)
+2. "Suiyan (bareek)" (thin needles)
+3. "Aata lal" (Red flour)
+4. "Drum (saman ke liye mai tala)" (drum with lock to keep things)
+
+## Page 4
+
+Gun
+1 piece Magazine
+8 pieces Grenade
+8 pieces GPS group
+1 piece Chain
+1 piece Itkafi bullets as per requirement Mobile + Batteries
+
+## Page 5
+
+23270972879217
+Colaba, Cuffe Parade, Machlimar Nagar, Raja bhai Tower, Regal Chowk, Nathalal Marg, Nariman Point, WTC, Regal Cinema
+18.56_200
+
+G
+18-56-000
+72-67-560
+D
+18-55-600
+72-48-900
+Q
+18-5500-300
+72-49-56
+18-55-190
+72-49-500
+18-55-180
+72-49-535
+21 55 470" 68 17' 070"
+20 13' 460"
+70 16' 370"
+18 56' 200"
+12 44' 260"
+18 55' 100"
+72 49" 310
+L,.:, /f(,ou Aoty ul/__,-zu....
+
+.
+
+w;gug ufi'dfll'l.
+
+~pe 2
+
+| SS7__ule'.    | i    |
+|---------------|------|
+| 6817,         | T    |
+| 26            |      |
+| I3            |      |
+| g             |      |
+
+## Names Of Terrorists Figuring In The Conversation During The Attack (Phonetic)
+
+A.
+Hotel Taj
+i)
+Shuaib
+i)
+Ali
+iii)
+ Abdur Rehman
+iv)
+ Umer
+V)
+Ismail (not present at Taj, killed at Girgaum Choupati)
+B.
+ Hotel Oberoi
+i)
+Abdul Rehman @ Saquib
+i)
+Fahadullah @ Fahad
+C.
+Nariman House
+i)
+Imran Babbar @ Imran @ Kasha
+i)
+Umar
+
+## Names Of Pak Based Handlers Figuring In The Conversations (Phonetic)
+
+A.
+Nariman House
+i)
+Wassi
+i)
+Zarar
+iii)
+ Jundal
+iv)
+ Buzurg
+V)
+Major General
+B.
+ Hotel Oberoi
+i)
+Kafa
+i)
+Wassi
+iii)
+ Zarar
+C.
+Hotel Taj
+i)
+Wassi
+
+## Lat. F Ected G 1 Conversations
+
+(Locations and names, etc.
+
+have been indicated on the basis of internal evidence of conversations)
+
+| |         | Taj        | I:          | 2       | :       | 10        | hr       |
+|-----------|------------|-------------|---------|---------|-----------|----------|
+| Greetings | !          |             |         |         |           |          |
+| Receiver  |            |             |         |         |           |          |
+| Caller    |            |             |         |         |           |          |
+| Greetings | !          | There       | are     | three   | Ministers | and      |
+| Secretary | of         | the         | Cabinet | in      | your      | hotel.   |
+| know      | in         | which room. |         |         |           |          |
+| Oh        | !          | That        | is      | good    | news      | !        |
+| Receiver  |            |             |         |         |           |          |
+| Caller    | Find       | those       | 3-4     | persons | and       | then     |
+| want      | from       | India.      |         |         |           |          |
+| Receiver  |            |             |         |         |           |          |
+| Pray      | that       | we          | find    | them.   |           |          |
+| Caller    | Do         | one         | thing.  | Throw   | one       | or       |
+| Navy      | and        | police      | teams,  | which   | are       | outside. |
+| Receiver  | Sorry.     | I           | simply  | can''t  | make      | out      |
+| 2         | F          | r           |         |         |           |          |
+| Caller    | Greetings. | What        | did     | the     | Major     | General  |
+| Receiver  |            |             |         |         |           |          |
+Greetings. The Major General directed us to do what
+we like. We should not worry. The operation has to
+be concluded tomorrow morning. Pray to God. Keep
+two
+magazines
+and
+three
+grenades
+aside,
+and
+expend the rest of your ammunition.
+
+## Annexure-Vii
+
+|           |          |          | Hotel      | Taj      | Mahal:    | 27.11.2008    | :         | 0126      | hrs    |
+|-----------|----------|----------|------------|----------|-----------|---------------|-----------|-----------|--------|
+| Caller    | 7        | Are      | you        | setting  | the       | fire          | or        | not       | ?      |
+| Receiver  | :        | Not      | yet.       | I        | am        | getting       | a         | mattress  | ready  |
+| Caller    | g        | What     | did        | you      | do        | to            | the       | dead body | ?      |
+| Receiver  | Left     | it       | behind.    |          |           |               |           |           |        |
+| Caller    | H        | Did      | you        | not      | open      | the           | locks     | for       | the    |
+| (Probably | of       | MV       | Kuber)     |          |           |               |           |           |        |
+| Receiver  | :        | No,      | they       | did      | not       | open          | the       | locks.    | We     |
+| because   | of       | being    | in         | a        | hurry.    | We            | made      | a         | big    |
+| Caller    | :        | What     | big        | mistake  | ?         |               |           |           |        |
+| Receiver  | When     | we       | were       | getting  | into      | the           | boat,     | the       | waves  |
+| quite     | high.    | Another  | boat       | came.    | Everyone  | raised        | an        |           |        |
+| alarm     | that     | the      | Navy       | had      | come.     | Everyone      | jumped    |           |        |
+| quickly.  | In       | this     | confusion, | the      | satellite | phone         | of        |           |        |
+| Ismail    | got      | left     | behind.    |          |           |               |           |           |        |
+| ri        | H        | .11.2    | :          | 2226     | hr        |               |           |           |        |
+| Caller    | :        | Brother, | you        | have     | to        | fight.        | This      | is        | a      |
+| prestige  | of       | Islam.   | Fight      | so       | that      | your          | fight     | becomes   | a      |
+| shining   | example. | Be       | strong     | in       | the       | name          | of        | Allah.    | You    |
+| may       | feet     | tired    | or         | sleepy   | but       | the           | Commandos | of        |        |
+| Islam     | have     | left     | everything | behind.  | Their     | mothers,      |           |           |        |
+| their     | fathers. | Their    | homes.     | Brother, | you       | have          | to        | fight     |        |
+| for       | the      | victory  | of         | Islam.   | Be        | strong.       |           |           |        |
+| Receiver  | :        | Amen     | !          |          |           |               |           |           |        |
+| i         | i        | 27.1%:   | i          |          |           |               |           |           |        |
+| Caller:   | Brother  | Abdul.   | The        | media    | is        | comparing     | your      | action    |        |
+| to        | 9/11.    | One      | senior     | police   | officer   | has           | been      | killed.   |        |
+| Abdul     | Rehman:  | We       | are        | on       | the       | 10TM/11%       | floor.    | We        | have   |
+
+## Annexure-Vii
+
+Caller 2 (Kafa):
+Everything is being recorded by the media. Inflict the
+maximum damage.
+Keep
+fighting.
+Don't
+be taken
+alive.
+Caller:
+Kill all hostages, except the two Muslims. Keep your
+phone switched on so that we can hear the gunfire.
+Fahadullah:
+We
+have
+three
+foreigners
+including women.
+From
+Singapore and China.
+Kill them.
+Caller:
+
+(Voices of Fahadullah and Abdul Rehman directing hostages to stand in a line, and telling two Muslims to stand aside.
+
+Sound of gunfire.
+
+Cheering voices in background Kafa hands telephone to Zarar)
+
+Zarar:
+Fahad, find the way to go downstairs.
+
+## Hotel Taj I: 27.11. : 0137 Hr
+
+|            |               | Caller:    | Let     | me         | talk      | to      | Umar,     |
+|------------|---------------|------------|---------|------------|-----------|---------|-----------|
+| Receiver:  | Note          | a          | number. | Number     | is        | 00437   | 20880764. |
+| Caller:    | Whose         | number     | is      | this       | ?         |         |           |
+| Receiver:  | It            | is         | mine.   | The        | phone     | is      | with      |
+| Caller:    | The           | ATS        | Chief   | has        | been      | killed. | Your      |
+| important, | Allah         | is         | helping | you.       | The       | "Vazir" |           |
+| (Minister) | should        | not        | escape. | Try        | to        | set     | the       |
+| fire.      |               |            |         |            |           |         |           |
+| Receiver:  | We            | have       | set     | fire       | in        | four    | rooms.    |
+| Caller:    | People        | shall      | run     | helter     | skelter   | when    | they      |
+| flames.    | Keep throwing | a          | grenade | every      | 15        | minutes |           |
+| or         | so.           | It         | will    | terrorise. | Here,     | talk    | to        |
+| Caller     | (2):          | A          | lot     | of         | policemen | and     | Navy      |
+| the        | entire        | area.      | Be      | brave      | !         |         |           |
+
+## Annexure-Vii Hotel Taj I: : 0108 Hr:
+
+| Caller:    | How    | many    | hostages    | do       | you        | have    | ?      |
+|------------|--------|---------|-------------|----------|------------|---------|--------|
+| Receiver:  |        |         |             |          |            |         |        |
+| We         | have   | one     | from        | Belgium. | We         | have    | killed |
+| There      | was    | one     | chap        | from     | Bangalore. | He      | could  |
+| controlled | only   | with    | a           | lot      | of         | effort. |        |
+| Caller:    |        |         |             |          |            |         |        |
+| 1          | hope   | three   | is          | no       | Muslim     | amongst | them   |
+| Receiver:  |        |         |             |          |            |         |        |
+| No,        | none.  |         |             |          |            |         |        |
+
+## H .11.2 : Hr:
+
+Wassi:
+Keep
+in mind that the hostages are
+of use only as
+long as you do not come under fire because of their
+safety.
+If you are still threatened, then don't saddle
+yourself
+with
+the
+burden
+of
+the
+hostages,
+immediately kill them.
+Receiver:
+Yes, we shall do accordingly, God willing.
+Wassi:
+The Army claims to have done the work without any
+hostage
+being
+harmed.
+Another
+thing;
+Israel
+has
+made a request through diplomatic channels to save
+the hostages.
+If the hostages are killed,
+it will spoil
+relations between India and Israel.
+Receiver:
+So be it, God willing.
+Wassi:
+Stay alert.
+
+## Section - 1L
+
+Ministry of External Affairs
+
+## Il. Pak Response To Mumbai Attacks
+
+| Pakistani      | leaders    | and      | Officials    | after     |
+|----------------|------------|----------|--------------|-----------|
+| attack         | on         | Mumbai   | made         | different |
+| statements     | that       | indicate | continuous   |           |
+| prevarication. |            |          |              |           |
+
+## Visit Of Dg, Isi To India
+
+| +                 | Initial    | position:    | On             | 28        | Nov     | 2008,    |
+|-------------------|------------|--------------|----------------|-----------|---------|----------|
+| Pakistan          | PMO        | and          | FO             | issued    | Press   |          |
+| Releases          | that       | DG           | S|             | would     | visit   | India.   |
+|                  | Changed    | Position:    | Later          | on,       | on      | 28"      |
+| 2008              | night      | a            | spokesman      | for       | Prime   |          |
+| Minister's        | House      | said         | that           | a         |         |          |
+| representative    | of         | the          | Inter-Services |           |         |          |
+| Intelligence      | (ISI)      | will         | visit          | India     | instead | of       |
+| the               | Director   | General.     |                |           |         |          |
+| On                | 30         | Nov          | 2008,          | President | Zardari | said     |
+| an                | interview: | "There       | was            | a         |         |          |
+| miscommunication. | We         | had          | announced      |           |         |          |
+| that              | a          | director     | will           | come      | from    | my       |
+| That              | is         | what         | was            | requested | by      | the      |
+| (Indian)          | prime      | minister     | and            | that      | is      | what     |
+| we                | agreed".   |              |                |           |         |          |
+
+Ministry of External Affairs
+
+## Air Space Violation And Military Buildup
+
++
+On 13 Dec 2008, PM Gilani said
+it was a minor
+technical mistake.
+Information Minister Sherry
+Rehman said
+it was inadvertent.
+
+On 14 Dec 2008, President Zardari said
+it was a
+technical mistake
+ On 18 Dec 2008 Pakistan conveyed its concern
+on technical and air space violations by Indian
+aircraft alleged on 12 and 13 December 2008.
++ Airspace violation was denied by India on
+13.12.2008 itself.
+
+## Kasab's Identity And Involvement Of Pakistani Nationals
+
+*
+A Sunday Observer Newspaper report on 7/12/08 has
+established that the lone surviving
+gunman caught by Indian
+olice during
+last week's terrorist attacks on Mumbai came from
+aridkot village in the Okara district of the Pakistani Punjab
+*
+On 13 Dec 2008, GEO TV reported that when Ajmal Kasab's father
+was shown therlc(ures published in newspapers after Mumbai attacks, he confirmed that the man in the picture was his son
++
+On 9 Dec 2008, PR of Pakistan to UN at UNSC said that i) the
+Government of Pakistan has already initiated investigations on its
+own pertaining to the allegations of involvement of persons and
+entities in Mumbai ii) an intelligence led operation strongly
+supported by law enforcement agencies is already underway to
+arrest the individuals alleged to be involved in the Mumbai attacks.
+
+## Kasab's Identity And Involvement Of Pakistani Nationals (2) Changed Position
+
+* On 17 Dec 2008 Pakistan's High
+commissioner to India, Shahid Malik said
+that Ajmal Kasab is not a Pakistani citizen.
+* On 17 Dec 2008, President Zardari in an
+Interview to BBC said that there is still no
+proof that the gunmen who attacked
+Mumbai came from Pakistan
+
+## Chronology Of Contradictory Statements On Masood Azhar
+
++
+On 9-12-08 Defence Minister Chaudhry Ahmed
+Mukhtar told CNN-IBN that Masood Azhar has
+been detained and that Pakistan "might allow"
+Indian investigators to question him.
+ On 9-12-08 itself a Bhawalpur police official told
+Aaj TV that Masood Azhar's movements have
+not been restricted.
++ On 10-12-08 PM Gilani told reporters that "We
+are awaiting the latest reports about Masood
+Azhar".
+He did not confirm or deny Masood
+Azhar's detention.
+
+## Ministry Of External Affairs Chronology Of Contradictory Statements On Masood Azhar (2)
+
++
+On 17-12-08, Pakistan High Commissioner
+to India told
+'Network 18' that Pakistan government had not detained
+Azhar as part of the ongoing clampdown on militant and
+terrorist groups.
+He also claimed
+Masood Azhar was not
+in Pakistan,
++
+On 17-12-08 FM Qureshi told "News Eye" at 9 pm that
+Masood Azhar is "in custody".
++
+On 17-12-08 at 10 pm FM Qureshi said that "Masood
+Azhar is wanted by the government of Pakistan, but he is
+not in our custody and he is at large"
++
+On 18-12-08 MFA PR stated "The Foreign Minister had
+said that Mr. Masood Azhar is wanted by the law enforcement authorities of Pakistan and'is at large".
+
+## Hoax Call Issue
+
+Government of Pakistan Officials claimed that the President of Pakistan received a threatening call from the External Affairs Minister of India on 28-11-08.
+
+It subsequently emerged that the call was a hoax.
+
+Pakistan has however continued to harp on this to build up hysteria about India-Pakistan tensions. It has been clarified by our External Affairs Minister that
+
+"My last and only conversation with President Zardari was in
+Islamabad during my May 2008 visit".
+"The only telephonic conversation with a Pakistani leader
+| had was
+on 28-11-08 with FM Pakistan in New Delhi"
+
+"I can only ascribe this to those in Pakistan, who wish to divert attention from the fact that a terrorist group operating from the Pakistani territory, planned and launched a ghastly attack on Mumbai"
+
+| January    | 09    | Ministry    | of    | Exteral    | Affairs    | 67    |
+|------------|-------|-------------|-------|------------|------------|-------|
+
+## Mrs. Benazir Bhutto's Assassination Enquiry
+
+Mrs.
+
+Benazir Bhutto was assassinated on Dec 27, 2007 and the crime scene was cleared before any forensic examination could be completed.
+
+Details of the plot of the assassination remained a mystery. Mrs Bhutto herself in a letter in Oct 2007, to the President of Pakistan had named serving and retired intelligence officers as being involved in a plot to Kill her.
+
+Many believed that the Government was involved in the assassination, leading to wide spread demands in Pakistan for an impartial enquiry. On
+31
+May
+2008
+Pakistan formally requested UN
+Secretary General to establish an independent Commission of Inquiry into the circumstance of the killing of former PM Benazir Bhutto.
+
+UN Secretary General announced on 26" December 2008 that UN
+is in consultations with the GOP to set up such a Commission
+
+| January    | 09    | Ministry    | of    | Exteral    | Aftairs    | 68    |
+|------------|-------|-------------|-------|------------|------------|-------|
+
+## Section - Li I1L. Evidence Shared With Pakistan
+
+Information has been shared with Pakistan in different meetings from August 2004 till November 2008 repeatedly on:
+
+ Terrorist Attacks in India by Organisations
+and Entities in Pakistan
+* Fugitives from Indian Law
+ Other terrorism related cases.
+
+## Home Secretaries' Talks 10-11Aug, 2004
+
+
+ Details of 20 major incidents of terror in Jammu and Kashmir and other
+parts of India caused by Pakistan based /ISI sponsored terrorist outfits.
++
+ Details of 21 major terrorist modules busted in various J)ans of India
+revealing involvement
+of Pakistan based/)S) sponsored
+terrorist outfits.
+
+List of 12 known training camps in Pakistan /Pakistan occupied Kashmir
+used by terrorist outfits along with map.
+
+List of 31 communication control stations in Pakistan/Pakistan occupied
+Kashmir used by terrorist outfits along with maps.
+
+ List along with details of 25 most wanted fugitives from law in India who are
+residing in Pakistan.
++
+Sample cases showing
+involvement of IS and Pak nationals in circulation of
+Fake Indian Currency
+Notes (FICNs)into India.
+
+ List of 257 Pakistani nationals and foreign mercenaries killed in Jammu and
+?asgmlr as claimed by terrorist outfits based in Pakistan/Pakistan occupied
+ashmir.
+
+## Home Secretaries' Talks 29-30Th August , 2005
+
++
+List along with detals of most wanted fugitives from law in India who aro residing in Pakistan: Dawood Ibrahim Kaskar
+@ Shaikh Dawood Hasan @
+Dawood Sabi (Indian), Memon Ayub Abdul Razak
+(indian), Memon Ibrahim @ Tiger
+@ Mushiag @ Siander (indian), Shaikh Shaked! @ Chnota Shakeel (indan).
+
+{brahim Athiar
+@Ahrmed All Mohd All Sheikh @ Siddiqui Javed @ Chief @ AA Sheikh Ibrahim (PAK)
+Azhar Yusuf @ Mohd. Salim (PAK). Mistri Zahur ibrahim @ Bhola AK), Sayeed Shahid Akhtar @ Doctor @ Moti Khalid (PAK), Shakir Md.
+
+nankar @ Rajesh Gopal Vemia@ Ram Gopal Verma @ Fargoq Abdul Aziz Siddial
+(PAK). lshaq Ata Hussain @ Al Moosa (Indiar), Sagir Sabir All Shaknh (Inian).
+
+Maulana Mohammad Masood Azhar Alvi @ Maulana Masood Azhar @ Vali Adam Isa
+(PAK), Mohd. Yusuf Shah @ Salauddin (Indan). Gainder Singh @
+GAlnder Singh halsa (Indian), Lakhbir Slrh @ Singh Lakhbir Rode@ Sth Lakhbir (Indian), Paramt Singh Paniar @
+Paramil Famma @ Gian Singh (ingan). Ranit Singh @
+Manpreet Singh @
+Neeta (indiar). Wachawa Singh (ncian) Amuar Arened
+1o Jamal Theba (Indian). Anis Ibrahir Kaskar Shaikh (Indian).Mohammad Ahmed Dosa
+(Indian). Amanuiiah Khan (PAK), Aftab Batki (PAK), Abdul Rauf (PAK), Javed Patel@
+Iaved Chkna @ Javed Dawood Talor (ndian) Karula Habib Shaikn (ndian)
+faim Abdu)
+Gani Gazi (Indian), Riyaz Abu Bakar Knair (indian), Munat Abdul tajd Halari ( Indian), Mohd.
+
+Tainur Mohd. Phansopkar Salim Mujahid
+(Indian).
+
+## Home Secretaries' Talks 30-31St May, 2006
+
+Details of recent major incidents of terror in J&K and other parts of India
+caused by Pakistan /Pakistan occupied Kashmir-based/IS| sponsored
+terrorist outfits.
+Details of recent major terrorist modules neutralised in various
+parts in
+India revealing involvement of Pakistan/Pakistan occupied Kashmirbased/ ISI sponsored terrorist outfits.
+Profile of a ISI element involved in narcotic smuggling and pushing in of
+fake Indian currency for terrorist actions. List of known major training camps in Pakistan / Pakistan occupied
+Kashmir and Northern Areas used by terrorist outfits along with maps.
+List of communication Control Stations in Pakistan/ Pakistan occupied
+Kashmir used by terrorist outfits along with map.
+List (of 35) along with details of most wanted fugitives from law in India
+who are residing in Pakistan.
+List of Pakistan and foreign mercenaries recently killed/ arrested in India.
+
+## Foreign Secretaries' 14-15Th Nov, 2006 Document Handed Over By Indian Foreign Secretary To Pakistan Foreign Secretary On 14Th November, 2006 Regarding Pakistan Links To :
+
+Varanasi twin blasts on March 7, 2006
+Delhi Serial Blasts on October 29, 2005.
+
+Suicide bombing at STF office, Hyderabad on Oct 12, 2005.
+
+Terrorist attack at Ayodhya on July 5, 2005
+
+## | Meeting Of Jatm 6Th March, 2007
+
+Details of 35 Red Corner Notice Subjects residing in Pakistan
+already shared with the Pakistani side at Home Secretary Talks on
+Counter Terrorism and Drug Trafficking (30th -31st May, 2006).
+A document containing details of following 12 cases was handed
+over:
+Deportation of Mohammad Faisal Naeem from Bangladesh to Pakistan.
+Haren Pandya murder case Explosions in public transport buses in Ahmedabad.
+Suicide bombing at Special Task Force (Hyderabad Police) office
+Recovery of arms, ammunition and explosives in Aurangabad
+Fidayeen attack on Congress rally in Srinagar.
+Grenade attacks on tourists in Srinagar
+Violence carried out by Mohammad Amin Baba of Hizb-ul-Mujahideen
+Planting of improvised explosive devices in Baramulla, J&K
+Attack on security forces at Boniyar, Baramulla, J&K
+Escape of Ghulam Rasool Shah from police custody.
+Serial blasts in Mumbai local trains
+January 09
+Ministry of Extemal Affairs
+75
+
+## Home Secretaries' Talks 3 -4 July, 2007
+
+Details of recent major incidents of terror in J&K and other parts of India
+caused by terrorist outfits based in Pakistan/ Pakistan occupied Kashmir.
+Details of recent major terrorist modules exposed in J&K and other parts
+of India revealing involvement of terrorist outfits based in
+Pakistan/Pakistan occupied Kashmir
+Specific cases of involvement of elements in Pak Intelligence
+establishment in fomenting anti-India activities including terrorism,
+narcotic smuggling, circulation of FICN, etc.
+List of known major training camgs in Pakistan /Pakistan occupied
+Kashmir & Northern Areas used by terrorist outfits along with maps.
+List of Communication Control Stations in Pakistan/Pakistan occupied
+Kashmir used by terrorist outfits along with map.
+List along with details of most wanted fugitives from law in India who are
+residing in Pakistan.
+List of Pakistani and other foreign terrorists recently killed/arrested and
+their involvement in terrorist activities in India.
+January 09
+Ministry of External Affairs
+
+## Il Meeting Of Jatm 22Nd Oct, 2007
+
+Document handed over by India containing information based on interrogation on the following: Muhammad Younas @ Bilal of Lashkar-e-
+Tayyaba, Abdullah @ Asgar Al of Lashkar-e-Tayyaba Muzaffar Ahmed Rather @
+Rafi of Lashkar-e-Tayyaba, Muhammad Bilal@
+Zubair of Jaish-e-Muhammad, Adnan Younis Bhatti@
+Muhammad Sohail Afzal of Jaish-e-Muhammad, Jalaluddin Mulla@ Babu Bhai of Harkat-ul-Islami, Muhammad Naushad of Harkat ul-Jehadal-Islami, Nasir Hussain of Harkat-ul-Jehad-al-Isiami, Muhammad Yaqub of Harkat-ul-Jehad-al-Islami, Sheikh Mukhtar Hussain of Harkat-ul-Jehad-al-Islami, Muhammad Ali Akbar Hussain of Harkat-ul-Jehad-al-islami, Muhammad Yasin @
+Abu Saraka of Lashkar-e-Tayyaba, Akhtar Teli @ Akhtar-al-Islam of Lahkar-e-
+Tayyaba, Mubarak Ahmed Wani of Hizb-ul-Mujahideen.
+
+Information gathered in the investigations of tho following events: Attack on Mangal Ram Sharma (ex Dy CV) Stinagar on 13-07-2004, Tertoris atiack on Prime Minister's meeting ~
+Srinagar on
+17-11-2004, Terrorist Attack on Bombay
+-
+Gujrat Hotel Srinagaron 29-07-2005, Terroris! attack on M.Y. Tarigami (MLA/ICPM) and assassination of Ghulam Nabi Lone (Ex-MOS, Education) on 18-10-2005, Terrorist attack on CRPF Camp, Nageen, Srinagar, Terrorist attack on Firdaus Cinema Hall - Srinagar on 23-11-2005 and Robbery at J&K Bank in Stinagar on
+30-11-2005. A consolidated list of 48 (absconders wanted in Mumbai Blast Cases 1993 +
+Hijackers of IC-814 + Attackers of Parliament + Sikh Terrorists + Accused involved in illegal arms smuggling + Other activities) was handed over
+
+| January    | 09    | Ministry    | of    | Exteral    | Affairs.    | b    |
+|------------|-------|-------------|-------|------------|-------------|------|
+
+## Il Meeting Of Jatm 24Th June, 2008
+
+g information based on the
+
+|                   |          |                   |              |                    | Document          | handed             | over               | cont               |
+|-------------------|----------|-------------------|--------------|--------------------|-------------------|--------------------|--------------------|--------------------|
+| interrogation     | of:      | Imran             | Shahza       | ?                  | 'Abu              | Shama              | of                 | Lashkar-e-Tayabba, |
+| Muhammad          | Farooq   | Bhatti            | @            | Abu                | Zaar of           | Lashkar-e-Tayabba, | Sabahuddin         |                    |
+| Ahmad             | @        | Farhan            | of           | Lashkar-e-Tayabba, | Muhammad          | Sharief            | g                  | Suhail             |
+| Lashkar-e-Tayabba | involved | in                | the          | Attack             | on                | CRPF               | camp               | at                 |
+| Januray           | 01,      | 2008              |              |                    |                   |                    |                    |                    |
+| Nissar            | Ahmad    | Bhat              | @            | Gazi               | Misbahuddi        | of                 | Hizbul             | Mujahideen         |
+| Islam             | @        | Asif              | of           | Hizbul             | Mujahideen        | involved           | in                 | the                |
+| Lashkar-e-Tayabba | (LeT)    | at                | Samba,       | J&K                |                   |                    |                    |                    |
+| Muhammad          | Abid     | @                 | Safdar       | of                 | Jaish-e-Muhammad, | Saiful             | Rehman             | @                  |
+| Khan              | of       | Jaish-e-Muhammad, | Mirza        | Rashid             | Beig              | @                  | Raja               | of                 |
+| Muhammad          | involved | in a              | Plan         | to                 | kidnap            | a                  | political          | personality        |
+| Saqib             | Aziz     | Malik             | @            | Abu                | Sayeed            | of                 | Lashkar-e-Tayyaba, | Tafeem             |
+| Hashmi            | @        | Feema             | of Al        | Badar,             | Qurban            | Ali                | @                  | Zubair             |
+| and               | Zafar    | Igbal             | Sudan@       | Rehman             | of                | Jaish-e-Muhammad   | involved           | in                 |
+| explosion         | in       | Shrinagar         | Cinema       | Hall,              | Ludhiana,         | Punjab             | on                 | 14-10-07           |
+| List              | of       | terrorists        | of           | Lashkar-e-Tayyaba  | (LeT)             | killed             | in                 | India              |
+| in                | JuD/     | LeT               | periodicals. |                    |                   |                    |                    |                    |
+| January           | 09       | Ministry          | of           | External           | Affairs           | 78                 |                    |                    |
+
+## Special Meeting Of Jatm 24-10-2008
+
++
+Document handed over by India containing information based on the interrogation of Karimullah Osain Khan @ Karimullah Habib of Dawood Ibrahim Gang
+(Karimulla has confirmed presence of 14 criminals accused in Bombay blasts in 1993 in Karachi, Pakistan)
+Raziuddin Nasir @ Abdul Rehman of Lashkar-e-Tayyaba (LeT) Muhammad Fahad @ Neduthanni @ Muhammad Koya of Al Badar Muhammad Ali Hussain @ Jehangir @ Kasim of Al Badar Muhammad Imran Butt @ Umar Saani of Lashkar-e-Tayyaba (LeT)
+Sflk_agder Azam Sani Butt @ Abu Hurrera of Lashkar-e-Tayyaba
+(Le murfi;nmad Hashim Khan @ Darvesh of Harkat-ul-Mujahideen ul
+
++
+Leads on attack on Indian Embassy in Kabul on 7th July, 2008
+
+## Home Secretaries' Talks 25-26 Nov 2008
+
+ Details of 32 Indian and 10 Pakistani
+fugitives and who are based in Pakistan
+handed over. The list contains the names
+of fugitives like Dawood Ibrahim, Masood
+Azhar, Tiger Memon, and others.
+
+## Sample Of Responses Given By Pakistan To Evidence Shared During Meetings
+
+*
+Investigations so far have not yielded anything
+linked to attack on the Embassy being present in
+Pakistan (Special Session of JATM) in October
+2008
+ On the evidence given on statements and
+operations of JeM, LeT, JuD, the Pakistani
+response was that all these groups were banned
+or under watch in Pakistan.
+*
+LeT & JeM have already been banned in
+Pakistan
+
+## Section - Iv V. Pakistan's Commitments And Obligations
+
+Bilateral, International, and Multilateral commitments obligate Pakistan to act against Terrorism emanating from its territory. These are listed in the following slides:
+Ministry of External Affairs.
+
+## Bilateral Commitments
+
+|                  | *         | President    | Musharraf    | assured     | Prime     | Minister    |
+|------------------|-----------|--------------|--------------|-------------|-----------|-------------|
+| Vajpayee         | that he   | will         | not          | permit      | any       | territory   |
+| under Pakistan's | control   | to           | be           | used        | to        | support     |
+| terrorism        | in        | any          | manner.      | [Joint      | Statement | of          |
+| January          | 2004;     |              |              |             |           |             |
+|                 | President | Zardari      | reassured    | Prime       | Minister  |             |
+| Manmohan         | Singh     | that         | the          | Government  | of        |             |
+| Pakistan         | stands    | by           | its          | commitments | of        | January     |
+| 6,               | 2004,     | not          | to           | permit      | any       | territory   |
+| Pakistan's       | control   | to           | be           | used        | to        | support     |
+| terrorism        | in        | any          | manner.      | [Joint      | Statement | of          |
+| 24%              | September | 2008]        |              |             |           |             |
+
+## International Obligations  International Convention For The Suppression Of Terrorist Bombings, 1997.
+
+- Article 2 makes it an offence to detonate an explosive in or
+against a place of public use, a state or govt. facility. Any person
+who participates as an accomplice is also covered as an
+offender.
+- Under Article 7 a State which receives information about such
+offender is required to take measures to ensure his presence for
+prosecution or extradition.
+- All persons who participated in or contributed to the terrorist
+attack are covered under this Convention.
+- Pakistan as a State Party is required to extradite or prosecute
+such offenders and also provide mutual legal assistance in
+investigation or prosecution.
+Ministry of External Affairs
+
+## International Obligations  International Convention Against The Taking Of Hostages, 1979.
+
+- Applicable as the terrorists had taken
+hostages and murdered them later.
+- Pakistan as a State Party is obliged under this
+Convention to cooperate in investigations
+including extradition.
+
+## Multilateral Obligations * The Saarc Convention On Suppression Of Terrorism, 1987
+
+- Mumbai attack is covered under it as a
+terrorist act.
+- The Convention requires States Parties to
+provide mutual legal assistance and has
+provisions for extradition.
+
+## Multilateral Obligations  Additional Protocol To The Saarc Convention On Suppression Of Terrorism, 2004 [Entered
+
+into force on 12t January 2006]
+- Has provisions related to suppression of financing of
+terrorism (similar to UN Terrorist Financing
+Convention).
+- Pakistan is required to take measures to freeze funds
+used for committing terrorist attacks.
+
+## Section -V
+
+Ministy of External Afairs
+
+## V. What Pakistan Should Do
+
+This was a conspiracy launched from Pakistan.
+
+Gaps in knowledge can be filled by investigation and interrogation of conspirators there. Some of the actions that India expects Pakistan to undertake in extending cooperation to bring the terrorists to justice are listed in the following slide.

markdown/misc/muon-imaging.md

@@ -0,0 +1,90 @@
+## La-Ur-15-26068 Approved For Public Release; Distribution Is Unlimited.
+
+Title:
+A new method of passive counting of nuclear missile warheads -a white paper for the Defense Threat Reduction Agency
+
+Author(s):
+                  Morris, Christopher
+                  Durham, J. Matthew
+                  Guardincerri, Elena
+                  Bacon, Jeffrey Darnell
+                  Wang, Zhehui
+                  Fellows, Shelby
+                  Poulson, Daniel Cris
+                  Plaud-Ramos, Kenie Omar
+                  Daughton, Tess Marie
+                  Johnson, Olivia Ruth
+
+Intended for:
+Report
+Issued:
+2015-07-31
+
+Disclaimer:
+Los Alamos National Laboratory, an affirmative action/equal opportunity employer,is operated by the Los Alamos National Security, LLC for the National NuclearSecurity Administration of the U.S. Department of Energy under contract DE-AC52-06NA25396.  By approving this article, the publisher recognizes that the U.S. Government retains nonexclusive, royalty-free license to publish or reproduce the published form of this contribution, or to allow others to do so, for U.S. Government purposes.  Los Alamos National Laboratory requests that the publisher identify this article as work performed under the auspices of the U.S. Departmentof Energy.  Los Alamos National Laboratory strongly supports academic freedom and a researcher's right to publish; as an institution, however, the Laboratory does not endorse the viewpoint of a publication or guarantee its technical correctness.
+
+# A New Method Of Passive Counting Of Nuclear Missile Warheads -A White Paper For The Defense Threat Reduction Agency
+
+Chris Morris, Matt Durham, Elena Guardincerri, Jeff Bacon, Zhehui Wang, Shelby Fellows, Dan Poulson, Kenie Plaud-Ramos, Tess Daughton, and Olivia Johnson Los Alamos National Laboratory, Los Alamos, NM 87544 Abstract  Cosmic ray muon imaging has been studied for the past several years as a possible technique for nuclear warhead inspection and verification as part of the New Strategic Arms Reduction Treaty between the United States and the Russian Federation. The Los Alamos team has studied two different muon imaging methods for this application, using detectors on two sides and one side of the object of interest.  In this report we present results obtained on single sided imaging of configurations aimed at demonstrating the potential of this technique for counting nuclear warheads in place with detectors above the closed hatch of a ballistic missile submarine.
+
+##
+
+The problem Both the United States and the Russian Federation have deployed the bulk of their strategic nuclear weapons on missiles that have the capability to deliver multiple, independently targeted warheads. This poses a difficult problem for verification of the number of warheads mounted in each missile. For instance, an Ohio class ballistic missile submarine, Figure 1, has 24 Trident C4 SLBMs with up to 8 MIRVed nuclear warheads on each missile. The current method of verification is visual inspection. Inspectors are allowed to visually inspect the shrouded payload region of a small set of missiles in order to count the number of reentry bodies. START allows the use of radiation detection equipment to verify that an object declared to be non-nuclear is non-nuclear. This inspection procedure is complicated and expensive.  The missile launch tubes need to be opened, nose cones and heat shields need to be removed. All of the steps involve complicated procedures that protect classified data while insuring that all treaty partners are meeting their obligations.  Stringent safety requirements must be met during these inspections.
+
+##
+
+Here we demonstrate a potential method that allows imaging of active warheads using passive signals obtained from cosmic radiation. This technique uses single sided neutron tagged muon imaging. We demonstrate that this technique can see through 2.5 cm of steel and provide images of sufficient quality to count warheads in situ.  This method of warhead verification can considerably simplify and reduce the cost of the inspection regime while providing accurate verification data and protecting sensitive weapons design information.
+
+##
+
+Tagged muon imaging Tagged imaging uses the incoming trajectory of neutron-tagged cosmic rays to create an image of material below a set of muon tracking detectors using a technique called laminography. The flux of cosmic ray muons at the earth's surface is composed of both positively and negatively charged muons. Muons are slowed down and eventually stopped as they move through matter. Free muons decay into positrons or electrons, depending on their charge, and neutrinos. In matter negatively charged muons are captured into bound atomic states by the Coulomb force, like electrons, but with much smaller radii.  In nuclei heavier than magnesium the predominant decay becomes muon capture on a bound proton, producing a neutron and a neutrino. In fissionable material this decay leaves an excited nucleus that subsequently fissions and produces more neutrons. In fissile assemblies, such as a nuclear warhead, there is additional gain due to neutron amplification. The neutrons can be detected and used to tag their parent muon. Both the muons and the neutrons are highly penetrating radiation that can pass through layers of steel. Even scattered neutrons are useful for the tagging so considerable steel overburden should not affect this technique much. The positions where the tagged muon trajectories intersect a plane at the location of the warheads can be tallied (histogrammed) in two dimensions to produce an image that is very sensitive to the fissile material in the warheads, as shown schematically in Figure 2.  The position resolution is not sufficient to reveal classified details of the weapon. Also, the strength of the image should be distinctive of a specific weapon type but should not reveal classified information because it depends on both the mass of fissile material and its geometry in a way that cannot be disentangled without further information.  The information barriers are inherent to this technique make it especially well-suited to international arms verification efforts.
+
+This concept has recently been demonstrated using the mini muon tracker (MMT) in Los Alamos[1] with a single neutron counter and a muon tracker in a geometry optimized to detect tagged events.  Here we present the results from some recent tests approaching the geometry needed for warhead counting in a missile submarine, list the remaining risks, and estimate the costs of a deployable system.
+
+
+Results We show data taken in several configurations including in a shielded box and in a geometry approximating the one needed for imaging the MIRVed warheads in the nose cone of a missile in its launching tube through a closed hatch. Data were taken using 20 kg cubes of both depleted (DU) and low enriched uranium (LEU) as surrogates for the fissile material in a missile warhead. One of the setups is shown in Figure 3.   In Figure 4 we show the tagged muon rate as a function of the distance between the detectors and the LEU cube.  The solid line is a prediction of rate made using the MuonEstimator tool previously provided to DTRA.  The prediction is high at small distance because we have not taken the finite detector sizes into account but assume that the distances from all points at the detectors to the cube are equal to the normal distance between the detector planes and the cube.
+
+In the next test the cube was placed inside of a shielding box with a three inch layer of polyethylene and a 1 inch layer of lead surrounding the cube on all sides.  This shielding would be sufficient shielding to defeat any passive neutron or gamma detection of a similarly sized piece of weapons grade uranium. Data were taken with both an empty shielding box (20 hours)
+and with the uranium cube in the shielding box (61 hours). The normalized rate was measured to be lower without the uranium but more data are needed to completely quantify the difference. It is important to note that a significant quantity of highly enriched uranium (HEU) or plutonium would generate many more neutrons than the cubes used here. This technique may provide an entirely passive method to inventory or search for shielded nuclear weapons or special nuclear materials (SNM).
+
+## Imaging War Heads Through A Missile Hatch
+
+In order to test imaging through overburden, like that expected in submarine, we constructed the setup shown in Figure 6. Three 20 kg uranium cubes were placed on the concrete floor about 160 cm under the tracker.  The neutron detectors were placed on the floor approximately the same distance from the centroid of the cube positions. Steel was placed on a table just below the upper tracking detector to mockup the missile hatch.  The thickness of steel was chosen based on the assumption that the hatch would be as light as possible based on the pressure requirements for the submarine.  The cut away drawing, Figure 1, lists the diameter of the hull as 10 m and the thickness as 7.6 cm. The missile hatches appear to be spherical with a diameter of 2 m. The missile hatch could be as thin as 0.76 cm and still hold the same pressure as the hull.  A thickness of 2.5 cm of steel was chosen as a conservative estimate of the missile hatch thickness for these measurements. More research on the specifics of submarine design is needed to find the actual thickness. A sample counting geometry is illustrated in Figure 8.  The detectors are mounted on top of the closed hatch.  The diameter of the missile tube is 2 m.  Although the accuracy of these figures may be dubious, it appears that a two meter standoff should allow the warheads to be observed from the top of the hatch.  (It appears this is a French submarine).
+
+## Remaining Risks
+
+- The geometries could be different from the studies here, reducing the counting rates to
+an impractical level.
+- The neutron background expected from thermonuclear devices with plutonium pits
+could produce large accidental coincidence backgrounds and obscure the signal.
+- The safety issues involved in mounting detectors above the submarine hatch could be
+insurmountable.
+- The assumptions that the information from real systems is unclassified could be
+incorrect.
+
+## Path Forward
+
+- More research into the actual geometries encountered in treaty verification needed to
+verify the geometries used in this experiment.
+- Further measurements are needed using neutron sources to simulate the neutron
+background expected from thermonuclear devices with plutonium pits.
+- Large area neutron detectors that do not use low flashpoint solvents need to be tested.
+- Data should be taken in a realistic geometry with weapon trainers to ensure the data
+are unclassified.
+A rough estimate of the cost of this effort is $600k-6 months of the P-25 threat reduction team. This work can be completed in 1 year.
+
+## Cost Of A Deployable System
+
+A 1.81.8 m2 muon tracker used with a set of 100, 10 cm diameter, 10 cm long stilbene neutron detectors would provide rates about 40 times larger than in this experiment.  This would allow warhead imaging with sufficient statistical precision to count active warheads in place in times on the order of an hour. Since stilbene is an organic crystal, it poses no safety hazard. The current price for a tracker is about $250 k (est.). A set of 100 neutron detectors would cost about $600 k (est. based on quote for 100 bare stilbene crystals of $474 k). A rough estimate of the total cost of a scanner with data acquisition and mechanics is about $1M. An additional
+$550k is needed for engineering, construction and testing. This work can be completed in 1 year.
+
+Submarine Demonstration Demonstration of warhead counting requires access to a submarine in port.  Assuming that both access and the costs associated with obtaining authorization and access are provided, this demonstration could be performed for about $450K. A demonstration could be made using the existing scanner and the results could be scaled to the larger detectors described in the previous section.
+
+Pentagon demonstration The current system could be used for a demonstration at the Pentagon. Travel and set up would cost approximately $66k.
+
+Summary We have performed an experiment to evaluate tagged muon imaging for counting warheads in a MIRVed missile system in a submarine.  It appears from this simple experiment that sufficient rate can be obtained to identify and count warheads with about an hour of exposure without opening the missile hatch using equipment currently commercially available. 1.
+
+Guardincerri, E., et al., Detecting special nuclear material using muon-induced neutron emission. Nuclear Instruments and Methods in Physics Research Section A: Accelerators, Spectrometers, Detectors and Associated Equipment, 2015.
+
+2.
+Morris, C.L. and A. Saunders, *NewDisplay*, in *Los Alamos Computer Code*. 2004.

markdown/misc/ncrdic-cyber.md

@@ -0,0 +1,118 @@
+RepoRt of the NatioNal CommissioN
+foR the Review of the ReseaRCh aNd developmeNt pRogRams of the UNited states iNtelligeNCe CommUNity SPECIAL TOPIC WHITE PAPER:
+THE IC'S ROLE WITHIN U.S. CYBER R&D
+
+## Preface Co-Chairs:
+
+Since Congress created the modern Intelligence Community Mr. Maurice Sonnenberg Samantha Ravich, PhD COMMISSIONERS: Sen. Dan Coats Rep. Mike Conaway Rep. Rush Holt
+(IC) with the passage of the National Security Act of 1947, the IC has existed to serve one overarching goalto provide timely and accurate intelligence to inform, warn, and act on behalf of U.S. decisionmakers to ensure our continued national security. The National Commission for the Review of the Research and Development Programs of the United States Intelligence Community was established by Public Law 107-306, as amended by Public Law 111-259, to review the R&D programs of the IC and to ensure that this goal is being, and will continue to be, met.
+
+Hon. Shirley Ann Jackson, PhD
+In the legislation establishing the Commission, Congress Mr. Gilman Louie Mr. Kevin Meiners Hon. Stephanie O'Sullivan Mr. Troy Wade Sen. Mark Warner Hon. John J. Young, Jr. EXECUTIVE DIRECTOR: David A. Bray, PhD
+
+noted that for the foreseeable future, the IC "must operate in a dynamic, highly-challenging environment against a growing number of hostile, technically-sophisticated threats." Aided by their growing national commitments to R&D, current and potential adversaries of U.S. interests have easy access to advanced sensors, social media tools, a variety of communication networks, precision weapons and home-made devices, analytical software, and many other capabilities for undermining our national advantage. IC R&D programs are critical to ensure that the United States advances and maintains "technological capabilities to detect, characterize, assess, and ultimately counter the full range of threats to the national security of the United States."
+The Commission conducted a thorough review of the IC
+R&D enterprise, including its relationship with the broader U.S. R&D base and the U.S. R&D talent pool. The Commission held individual sessions with R&D leaders and national security experts from the IC, Department of Defense, Executive Office of the President, academia, and private industry and also reviewed policies and programs aimed at enhancing the nation's science, technology, engineering, and mathematics (STEM) workforce. Several IC-wide data calls were conducted to gain information about current IC R&D budgets as well as R&D priorities. The Commission also reviewed five IC R&D topics to consider illustrative areas of high interest in more detail.
+
+There are two key challenges that Congress and the IC must address to ensure U.S. national security. First, the global diffusion of R&D efforts is accelerating, posing increasing risk to the essential capabilities of the IC and to national security. Second, the ever-increasing sophistication of our adversariescoupled with the growing volume and complexity of the data collectedis testing the ability of the IC R&D enterprise to succeed in its mission absent greater Community-wide integration and leadership. To address these challenges, Congress and IC
+leadership must ensure that R&D is recognized as a critical and strategic component of the IC's missionsand empower the IC R&D enterprise to act accordingly.
+
+We echo previous congressional commissions and prominent studies as we stress that complementing our above concerns is the need for Congress to better protect and prepare the broader U.S. industrial base through legislation focused on improving STEM education, creating skills-based immigration policies, securing the supply chains of critical materials and technologies, and countering cyber theft and foreign espionage.
+Like traditional national security issues, these R&D issues transcend partisanship, and, for the good of our nation, Congress should act to address these concerns.
+
+
+
+## Summary Of Main Report Findings And Recommendations Broaden Scientific And Technical Intelligence
+
+Finding 1: The Commission found a limited effort by the IC to discern and exploit the strategic R&Despecially non-military R&Dintentions and capabilities of our adversaries, and to counter our adversaries' theft or purchase of U.S. technology. Recommendation 1: Conduct comprehensive strategic collection and analysis of scientific and technical intelligence (S&TI); use it for IC R&D planning and resource allocation.
+
+## Enhance Integrated Intelligence
+
+Finding 2: The Commission found that while the traditional ways and means of collecting and analyzing intelligence remain useful and necessary, emerging and future threats cannot be addressed without Enhanced Integrated Intelligence capabilities that enable shared, discoverable data for analysis and shared, discoverable information for decisionmakers. Recommendation 2: Focus advanced IC R&D on Enhanced Integrated Intelligence approaches methods that integrate diverse sources and expertise and that employ automated capabilities to tag, discover, access, and aggregate both data and analyzed information.
+
+## Empower R&D Leadership
+
+Finding 3: The Commission found that there is inadequate IC R&D strategic planning and inadequate awareness of IC R&D investment plans and programs. Recommendation 3: Empower IC R&D leadership to develop a comprehensive R&D strategy and oversee R&D resource allocation.
+
+## Leverage People/Talent
+
+Finding 4: The Commission found substantial interest within the IC to take advantage of talent and innovation in both the domestic and international private sectors, as well as within the IC itself, but the IC must evolve its business and personnel practices to leverage and exploit the STEM personnel marketplace. Recommendation 4: Assess longer-term workforce needs within the context of a more competitive private sector and global marketplace and develop procedures to recruit and keep needed talent. Increase and augment IC R&D talent by emphasizing approaches to innovation sharing within the public and private sectors, universities, and research and national labs, and by developing an IC strategy and approach for creating R&D opportunities for non-U.S. citizens.
+
+
+
+## Special Topic: The Ic's Role Within U.S. Cyber R&D The Growing Cyber Threat
+
+The national security of the United States requires that our public and private enterprises be safe from cyber exploitation and cyber espionage. The United States is witnessing a dramatic increase in cyber-related risks as both the numbers and the magnitude of attacks rise, affecting critical infrastructure, public and private institutions, financial and communication systems, national defense elements, and the economic security of every citizen. Both U.S. companies and individual Americans must do more to protect themselves than simply practicing good cyber hygiene and best information technology (IT) practices.
+
+The most worrisome cyber attacks are believed to be state-sponsored, and some of them may include the use of proxies. Cyber attacks can be designed to deny access to critical services, reduce the reliability and trust of U.S.-based institutions, cause failure in the nation's critical infrastructure, or steal intellectual property, financial resources, and identities. Other attacks are intended to extort, blackmail, or probe for vulnerabilities in preparation for a larger attack.
+Distributed denial of service (DDoS) attacks may target entire industries, as demonstrated by recent attacks against U.S. financial institutions. In milliseconds, DDoS cyber attackswith loads measured in hundreds of gigabits per secondcan overwhelm the bandwidth of Internetbased services of even large enterprises. When DDoS attacks overwhelm the defenses of a target, they can degrade quality of service, cause localized outages, or mask other attacks.
+
+Attacks more sophisticated than DDoS also have been observed. These attacks modify their behavior in near real time in response to the defenses they encounter. Furthermore, attacks of types not yet known may have been executed, or may be ready to be launched at a future time.
+
+The Intelligence Community and the Department of Defense, because of both their capabilities and their missions, are at the forefront of understanding, assessing, and countering this growing threat.
+
+## The Need For A New Approach For U.S. Cyber R&D
+
+On the basis of information provided to the Commission, we conclude that there are several urgent needs regarding U.S. cyber R&D investment. The nation must carefully examine and clarify the roles of individual government agencies with respect to cyber R&D. The government also should design a process for collaborating that makes private enterprises more comfortable about cooperating with government agencies and each other. The United States must leverage cyber expertise in private industry and academiaand look to parts of the IC that are already investing successfully in the people and technology to confront these growing threatswhen considering how to align cyber R&D resources.
+Important R&D focus areas include, but are not limited to, the following:
+
+ Deterring, detecting, defeating, and attributing cyber attacks during their planning,
+deployment, or operations phases, using cyber and other means
+ Identifying behavioral signatures of different human actors or groups  Modeling the behaviors, decisions, and strategy of human actors involved in a cyber
+attack
+ Improving IC analytical capabilities to characterize, stop, or mitigate major classes of
+coordinated attacks against U.S. interests in real time, using cyber and other means
+ Collaborating with industry on capabilities to exchange real-time information relevant to
+IC interests, while also protecting privacy
+ Developing trusted devices and software  Developing new techniques and mathematics to replace public-key infrastructure (PKI)
+ Creating transparent and multifactor authentication  Establishing methods to use Big Data analytics for threat correlation and threat
+containment
+
+## Framework For U.S. Cyber R&D Investment
+
+Three principles should guide U.S. investment in cyber R&D.
+
+Cyber R&D must be informed by full threat and vulnerability assessments.
+
+Comprehensive knowledge of the threats and vulnerabilities of both our systems and those of our adversaries is fundamental to formulating a national cyber R&D strategy. This is why scientific and technological intelligence is important, and why threat and vulnerability knowledge today possessed by the IC must be part of the cyber R&D strategy.
+
+A cyber R&D framework must respect privacy and civil liberties. A cyber R&D
+framework must develop capabilities that protect U.S. systems, while adhering to U.S. policies and laws governing privacy, security, and liability.
+
+Cyber R&D must be informed by information exchange. The federal government should partner with governments, industry, and academia to exchange knowledge of cyber exploitation mechanisms and successful defense tactics.
+
+## Recommended Cyber R&D Actions I. Establish A National Cyber R&D Agenda
+
+Adversaries already employ a full range of social, technical, and economic capabilities against U.S. computing and communications resources. Increasingly, cyber means are used to access, influence, or disrupt not just computer networks but also more traditional targets. Future cyber R&D must incorporate work from numerous disciplinesfor example, biological sciences, behavioral sciences, social network science, and quantum science. New approaches might include economic intelligence, motivation-based modeling, and predictive models characterizing the attacker, not just the attack. At the same time, cyber R&D should inform cyber policymakers about what is possible and its cost.
+
+II.  Determine what cyber R&D is being done now
+Current U.S. government cyber R&D activities are spread over a large number of agencies with little apparent coordination. There needs to be a comprehensive accounting of cyber R&D programs and budgets. This evaluation should included assessments of cyber R&D also being pursued by other nations and industries.
+
+III. Examine and evaluate approaches to publicprivate partnerships for cyber R&D
+(i) At present, no one knows the ideal form that cyber security cooperation and sharing within and between the government and the private sector should take. To determine appropriate cyber R&D approaches for partnerships and real-time information exchange within the government and with the private sector, there must be experimentation and pilot programs incorporating the concepts discussed above and other examples. (ii) Key to addressing the vulnerability of important private-sector systems is the adoption of security standards that raise the cost of attacking critical systems. In partnership with industry, the U.S. government must develop such standards, practices, and requirements.
+
+## Possible Models For U.S. Cyber R&D Investment Activity
+
+There are a number of examples on which we can draw in organizing collaborative R&D and information exchange beyond just a government-led effort, including the following:
+
+
+Enduring Security Framework (ESF). The National Security Agency (NSA) serves as the executive agent for a groundbreaking publicprivate cyber R&D effort. The NSA, partnering with the National Institute of Standards and Technology (NIST), brings together leading private-sector actors across the IT industry and the defense industrial base to reduce U.S. exposure to
+important classes of threats. The ESF incorporates activities across the full range of leadership and staff, from periodic strategic discussions at the level of CEOs and government agency heads to continuous, detailed planning and concrete action at the level of technical experts. Other countries are pursuing similar arrangements. For example, the Australian National Cyber Center plans to start up at the end of 2013, and in the United Kingdom, GCHQ (Government Communications Headquarters) and the Security Service (MI-5) have a publicprivate partnership with industry for the exchange of information on cyber threats.
+
+Cyber business clusters. There are several cyber business clusters developing in the United States in regions including the San Francisco Bay Area, Boston, Raleigh/Durham, Austin, and Northern Virginia. Such clusters are centers of excellence that typically grow up around leading universities with strong engineering, mathematics, and computer science departments; worldclass research labs (public and private); and interconnected technology businesses, suppliers, and service providers. A sizable population of technical talent, skilled labor, and entrepreneurs
+naturally assembles in this environment. Such clusters exhibit positive feedback: commercial contributions enable universities to strengthen their computing programs, a development that leads to an even stronger research program and generates the high-caliber talent needed to strengthen the industrial base.
+
+
+Sector-specific consortia including industry and academiasuch as for banking, energy, financial services, telecommunications, and defensewhich exchange information and set research directions
+
+(i) In 1987, 14 U.S.-based semiconductor manufacturers and the U.S. government came together to solve common manufacturing problems by leveraging resources and sharing risks as part of the SEMATECH (Semiconductor Manufacturing Technology) consortium. SEMATECH focuses on improving industry infrastructure and working with a wide variety of actors to improve
+capabilities, foster technology innovation, and accelerate the commercialization of new materials and nanostructures. SEMATECH also supports applied research in universities.
+
+(ii) The In-Q-Tel Lab 41 program involves teams from industry and academia who collaborate to solve complex problems involving Big Data. A similar kind of effort could be effective in addressing certain classes of cyber security problems.
+
+FinTech Innovation Lab. FinTech Innovation Lab is an annual program run by the New York City Investment Fund and Accenture for early- and growth-stage companies that have developed cutting-edge technology products targeted at financial services customers. Through a competitive process, the chief technology officers of the world's leading financial services firms determine which proposals are accepted for further development and deployment. Winners get the chance to refine and beta test their financial technology products in New York City in partnership with these firms.
+
+The Oak Ridge National Laboratory. The Oak Ridge National Laboratory is partnering with the National Nuclear Security Administration to establish a cyber test range at the Nevada National Security Site (formerly the Nevada Test Site). The range involves two major substations in area 25 at NNSS, the site that now houses the now-defunct Yucca Mountain project. The Extreme Cyber Test Range would utilize these two substations, with independent power supplies, to do
+offensive and defensive testing of network designs coming from Oak Ridge National Laboratory.
+
+##

markdown/misc/ncrdic.md

@@ -0,0 +1,901 @@
+RepoRt of the NatioNal CommissioN
+foR the Review of the ReseaRCh aNd developmeNt pRogRams of the UNited states iNtelligeNCe CommUNity UNCLASSIFIED VERSION
+A variety of terms pertaining to scientific and technical research and development are employed by the Intelligence Community (IC) and in this report. Key concepts in this report are: Enhanced Integrated Intelligence (EII) - EII is the rearchitecturing of collection and analysis processes enabled by automated collection, analysis, integration, and discovery of relevant intelligence data and information from classified and open sources. The goal is to achieve a better contextual understanding of the world. EII extends the integration of intelligence capabilitiesbegun under the Intelligence Reform and Terrorism Prevention Act of 2004 (IRTPA) and continued by the unification of collection and analysis under a single Deputy Director of National Intelligenceto include the research and development activities that support collection and analysis. Scientific and Technical Intelligence (also Science and Technology Intelligence or Scientific and Technological Intelligence; abbreviated S&TI) - S&TI is the systematic study and analysis of foreign capabilities in basic and applied research and applied engineering. S&TI products are used to warn of foreign technical developments and capabilities and to guide the development of future capabilities, which are often provided through R&D. In this report, S&TI is understood more broadly: it includes not only the efforts described above but also aspects of counterintelligence and open-source intelligence used to provide a comprehensive picture of global scientific and technological advancements. Each of the following terms, though sometimes used interchangeably, has a distinct meaning: Research and Technology (R&T or RT) - RT is an expenditure center within the National Intelligence Program (NIP) budget that funds many of the activities within the IC R&D enterprise. Research and Development (R&D) - As used in the IC, R&D is a broad term encompassing all of the intelligence and intelligence-related work systematically undertaken to develop new scientific and technical knowledge and to apply such knowledge in developing or improving existing applications (sensors, devices, analytical tools, and so on). Acquisition is not typically part of development. Research, Development, Test, and Evaluation (RDT&E) - RDT&E is a Department of Defense (DOD) budget appropriation that covers the entire development cycle, from basic research through final operational test. At the conclusion of RDT&E, the system is ready for procurement and fielding to the operators. Science and Technology (S&T) - S&T is a broad term for the entire range of scientific and technical disciplines used to codify, increase, or apply knowledge. In the IC, S&T generally describes the knowledge that is developed and applied to IC mission needs. In the DOD, S&T refers specifically to basic research, applied research, and the advanced development of knowledge and of system prototypes.
+
+## Failure To Properly Appraise The Extent Of Scientific Developments In Enemy Countries May Have More Immediate And Catastrophic Consequences Than Failure In Any Other Field Of Intelligence.
+
+
+Task Force Report on National Security Organization (the Eberstadt Report) (1948)
+
+
+## Failure To Properly Resource And Use Our Own R&D To Appraise, Exploit, And Counter The Scientific And Technical Developments Of Our AdversariesIncluding Both State And Non-State Actors May Have More Immediate And Catastrophic Consequences Than Failure In Any Other Field Of Intelligence.
+
+
+National Commission for the Review of the Research and Development Programs of the United States Intelligence Community (2013)
+This page intentionally left blank.
+
+This page intentionally left blank.
+
+
+
+## Preface Co-Chairs:
+
+Since Congress created the modern Intelligence Community Mr. Maurice Sonnenberg Samantha Ravich, PhD COMMISSIONERS: Sen. Dan Coats Rep. Mike Conaway Rep. Rush Holt Hon. Shirley Ann Jackson, PhD
+(IC) with the passage of the National Security Act of 1947, the IC has existed to serve one overarching goalto provide timely and accurate intelligence to inform, warn, and act on behalf of U.S. decisionmakers to ensure our continued national security. The National Commission for the Review of the Research and Development Programs of the United States Intelligence Community was established by Public Law 107-306, as amended by Public Law 111-259, to review the R&D programs of the IC and to ensure that this goal is being, and will continue to be, met.
+
+Mr. Gilman Louie In the legislation establishing the Commission, Congress Mr. Kevin Meiners Hon. Stephanie O'Sullivan Mr. Troy Wade Sen. Mark Warner Hon. John J. Young, Jr.
+
+## Executive Director:
+
+David A. Bray, PhD
+
+noted that for the foreseeable future, the IC must operate in a dynamic, highly-challenging environment against a growing number of hostile, technically-sophisticated threats. Aided by their growing national commitments to R&D, current and potential adversaries of U.S. interests have easy access to advanced sensors, social media tools, a variety of communication networks, precision weapons and home-made devices, analytical software, and many other capabilities for undermining our national advantage. IC R&D programs are critical to ensure that the United States advances and maintains technological capabilities to detect, characterize, assess, and ultimately counter the full range of threats to the national security of the United States.
+The Commission conducted a thorough review of the IC
+R&D enterprise, including its relationship with the broader U.S. R&D base and the U.S. R&D talent pool. The Commission held individual sessions with R&D leaders and national security experts from the IC, Department of Defense, Executive Office of the President, academia, and private industry and also reviewed policies and programs aimed at enhancing the nation's science, technology, engineering, and mathematics (STEM) workforce. Several IC-wide data calls were conducted to gain information about current IC R&D budgets as well as R&D priorities. The Commission also reviewed five IC R&D topics to consider illustrative areas of high interest in more detail.
+
+There are two key challenges that Congress and the IC must address to ensure U.S. national security. First, the global diffusion of R&D efforts is accelerating, posing increasing risk to the essential capabilities of the IC and to national security. Second, the ever-increasing sophistication of our adversariescoupled with the growing volume and complexity of the data collectedis testing the ability of the IC R&D enterprise to succeed in its mission absent greater Community-wide integration and leadership. To address these challenges, Congress and IC leadership must ensure that R&D is recognized as a critical and strategic component of the IC's missionsand empower the IC R&D enterprise to act accordingly.
+
+We echo previous congressional commissions and prominent studies as we stress that complementing our above concerns is the need for Congress to better protect and prepare the broader U.S. industrial base through legislation focused on improving STEM education, creating skills-based immigration policies, securing the supply chains of critical materials and technologies, and countering cyber theft and foreign espionage.
+Like traditional national security issues, these R&D issues transcend partisanship, and, for the good of our nation, Congress should act to address these concerns.
+
+## Summary Of Findings And Recommendations
+
+The global spread of scientific and technical knowledge challenges U.S. national security. It threatens to erode essential capabilities of the U.S. Intelligence Community (IC) and the strength of the U.S. R&D base.
+
+The IC has played a vital role in maintaining the United States' global preeminence. Over the years, its successes have been underpinned by R&D achievements in the private and public sectors, some of which were directly supported by research programs sponsored by the federal government. From the first mass data storage and retrieval systems to satellites to the mathematics of modern cryptography, public- and private-sector R&D has been crucial to the ability of the IC to perform and succeed in its missions.
+
+But today U.S. technological superiority is diminishing in important areas, and our adversaries' investments in S&Talong with their theft of our intellectual property, made possible in part by insufficient cyber protection and policiesare giving them new, asymmetric advantages. The United States faces increasing risk from threats against which the IC could have severely limited warning, deterrence, or agility to develop effective countermeasures.
+
+## The Threat From Global Scientific And Technical Knowledge
+
+ Our adversaries' use of S&T increasingly challenges IC capabilities in critical areas, including:
+
+ *Cryptography.* The availability and strength of high-grade encryption schemes continue
+to expand.
+ *Assured Space Access.* Foreign countries continue to develop new technologies and
+methods for disrupting our space assets, necessitating the development of resilient approaches.
+ *Cyber Attack and Defense.* As cyber attacks grow in scale and scope, we struggle to
+defend against this rising threat.
+ *Nuclear Technology and Forensics*. The proliferation of nuclear materials and
+technology will remain a high-priority national security threat.
+ *Global Supply Chains*. Production and distribution chains are increasingly vulnerable to
+a variety of actions, including intentional disruptions.
+ *All-Source Data Analytics*. The volume of data is challenging our ability to process and
+use it.
+Exacerbating these challenges are U.S. policies that weaken the U.S. R&D talent base. As scientific and technical knowledge and the resulting economic growth spread around the world, the competition for R&D talent is increasingly global. Other countries have committed significant resources to pursue R&D in areas such as quantum computing, physics, materials, energy, all-source data analytics, biomedical sciences, and pharmaceuticals. The United States is increasingly losing talent as foreign students and professors who have been educated and employed in the United States return to their home countries or move overseas to pursue their research in places where they find modern equipment and laboratories, less bureaucracy and administrative red tape, and more attractive compensation. These trends are further complicated by the diminished support for R&D by the U.S. government.
+Given the scope and accelerating pace of global R&D activities, the IC must change and broaden its strategy for how it pursues innovative ideas. First, for areas in which it is essential that the United States maintain superiority (e.g., cryptography), the IC must maintain its R&D
+base. Second, when needed innovations may be obtained from the broader U.S. R&D base, the IC must encourage more participantsparticularly small, innovative firms. Such firms currently are often discouraged or precluded from contributing by the time and cost imposed by the IC's security and procurement requirements, not to mention the onerous restrictions placed on them as subcontractors of some of the larger contracting organizations.1 A tiered approach that allows more direct contracting with small firms for important R&D areas should be examined, with the goal of applying it broadly across the IC R&D enterprise. Finally, for areas of basic research that is, research that is often unclassifiedthe IC must aggressively leverage the global talent pool.
+
+## Strategic Objectives And Challenges
+
+To ensure that the United States prevails in a global environment in which our adversaries have access to advanced scientific and technical knowledge at a level approaching, and sometimes higher than, that possessed by the United States, the Commission finds that the IC must (1) uncover global threats more completely and at an early stage, and (2) be more agile, more aggressive, and faster in how it develops innovative, new capabilities.
+
+The Commission underscores four challenges to achieving the principal objectives of uncovering global threats more completely and being more agile in developing new capabilities: the IC must broaden scientific and technical intelligence, *enhance integrated intelligence,* empower R&D leadership, and *leverage expertise and talent wherever it resides*.
+
+
+
+## Summary Of Findings And Recommendations Broaden Scientific And Technical Intelligence
+
+Finding 1: The Commission found a limited effort by the IC to discern and exploit the strategic R&Despecially non-military R&Dintentions and capabilities of our adversaries, and to counter our adversaries' theft or purchase of U.S. technology. Recommendation 1: Conduct comprehensive strategic scientific and technical intelligence (S&TI); use it for IC R&D planning and resource allocation.
+
+## Enhance Integrated Intelligence
+
+Finding 2: The Commission found that while the traditional ways and means of collecting and analyzing intelligence remain useful and necessary, emerging and future threats cannot be addressed without Enhanced Integrated Intelligence capabilities that enable shared, discoverable data for analysis and shared, discoverable information for decisionmakers. Recommendation 2: Focus advanced IC R&D on Enhanced Integrated Intelligence approaches methods that integrate diverse sources and expertise and that employ automated capabilities to tag, discover, access, and aggregate both data and analyzed information.
+
+## Empower R&D Leadership
+
+Finding 3: The Commission found that there is inadequate IC R&D strategic planning and inadequate awareness of IC R&D investment plans and programs. Recommendation 3: Empower IC R&D leadership to develop a comprehensive R&D strategy and oversee R&D resource allocation.
+
+## Leverage People/Talent
+
+Finding 4: The Commission found substantial interest within the IC to take advantage of talent and innovation in both the domestic and international private sectors, as well as within the IC itself, but the IC must evolve its business and personnel practices to leverage and exploit the STEM personnel marketplace. Recommendation 4: Assess longer-term workforce needs within the context of a more competitive private sector and global marketplace and develop procedures to recruit and keep needed talent. Increase and augment IC R&D talent by emphasizing approaches to innovation sharing within the public and private sectors, universities, and research and national labs, and by developing an IC strategy and approach for creating R&D opportunities for non-U.S. citizens.
+
+
+## Broaden Scientific And Technical Intelligence
+
+ The increasing pace and adoption of global scientific and technological discovery heighten the risk of strategic or tactical surprise and, over time, reduce the advantages of our intelligence capabilities. To counter these effects, the strategy of the IC first must be to seek global knowledge ofas well as influence over and access toR&D developments. The Commission's first finding is that the IC is not adequately assessing the strategic R&D intentions and capabilities of our adversaries. The recommendation is therefore to expand the effort devoted to scientific and technical intelligence (S&TI), and to use the insights thereby gained to develop new capabilities and understand the strategic intent of these actors' S&T investments.
+
+## Finding 1: Limited Effort To Discern And Exploit Adversaries' Strategic R&D Intentions
+
+Investment in, and development of, sophisticated technology by other nations and the private sector, as well as access to technology developed by others, is increasing. Scientific breakthroughs outside the United States, often accomplished with U.S. talent or technology, are enabling rapid innovation in a number of strategic sectors.2 Inadequate IC awareness of and access to global R&D likely will make the nation more vulnerable to the loss of vital and unique national security capabilities, as well as vulnerable to new adversary capabilities.
+
+ Rapid growth of global R&D exceeds the IC's ability to understand, access, and develop countering technologies. The limited ability of the IC to know, understand, and evaluate global R&D and its effects on the national and economic security of the United States was a theme often discussed in Commission meetings with leaders, managers, and experts on the IC and R&D. Yet it is difficult to discern significant changes in plans or programs made in response to the globalization of R&D. Such urgency was seen in the aftermath of the 1948 Task Force Report on National Security Organization (the Eberstadt Report), which noted the critical importance of understanding scientific advancements outside the United States.3
+ In the mid-20th century, the United States relied on groundbreaking R&D to confront a grave threat. The development and deployment of the strategic reconnaissance satellites of the CORONA program gave the United States the ability, for the first time, to regularly see into the Soviet Union on a grand scale. CORONA provided the foundation for nearly all space-based mapping technologies developed over the past 50 yearsfrom the street maps available on the personal devices we use in our daily lives to weather maps that enable us to compare changes in global climate.4 None of this would have been possible without a solid R&D base, strategic focus, and vision. Without continuing dedication to R&D, and to the men and women who work in R&D, the United States will not develop the CORONAs of the future.5
+Currently, the Director of National Intelligence (DNI) organizes responsibilities for collection and analysis across 15 National Intelligence Managers, each of whom produces a Unifying Intelligence Strategy. The office of the National Intelligence Manager for S&T (NIM- S&T) has the mission of appraising the extent of scientific developments throughout the world
+but does not focus sufficiently on global private industry, where many of the advances are being made. The limitations on assessing global S&T are largely due to the rapid increase in the globalization of R&D and to the NIM-S&T's not stressing these types of foreign activities.
+ Foreign governments are developing policies to foster technological innovation as a key mechanism for stimulating sustainable economic growth and enhancing securitythe fruits of which will present both challenges to and opportunities for U.S. interests. The globalization of R&D capabilities is becoming an increasingly important component of the business strategies of multinational corporations, not only because they wish to boost competitiveness by enhancing local customization, gaining access to new markets, and placing technical staff close to manufacturing and design centers, but also because the accelerating pace of S&T-based innovation and its potential for high-margin products drive successful firms to seek out the best S&T talent, regardless of where it resides.
+
+Foreign economic espionage is helping both adversaries and allies.6 The U.S. government must act to stem the economic and national security risks posed by large-scale espionage, which often is state-sponsored.
+ Foreign countries' growing expertise and proficiency in a number of emerging or potentially disruptive technologies and industriesgained either by improving their own capabilities, by using surreptitious methods, or by taking advantage of an erosion of U.S. capabilities and U.S. control over critical supply chainshave the potential to cause great harm to the national security of the United States and its allies. Of equal concern, foreign nations can acquire early-stage U.S. technology and start-up companies, through venture capital investment or acquisitionin areas whose future national security and economic implications may not yet be appropriately and fully recognized. Current U.S. policies on, and mechanisms to review, foreign ownership and control of U.S. companies or U.S.-affiliated companies (most prominently, the Committee on Foreign Investment in the United States, or CFIUS) have not kept pace with the evolution of business practices in the high-technology market.
+
+## Recommendation 1: Conduct Comprehensive Strategic Scientific And Technical Intelligence (S&Ti); Use It For Ic R&D Planning And Resource Allocation
+
+Improve the IC's comprehension of foreign strategies for science and technology developments through scientific and technical intelligence, and use this knowledge to help construct IC requirements, programs, and threat assessments. Ensure that S&TI requirements inform the development and integration of multidisciplinary tools and functions throughout the IC R&D enterprise, including allocations of IC R&D resources.
+
+## Actions For Recommendation 1
+
+1.1 IC R&D budget requests to Congress must include annual S&TI assessments for major areas of investment.
+
+1.2 The Office of the Director of National Intelligence must identify IC S&TI priorities.
+
+ODNI will incorporate this input when creating applicable Unifying Intelligence Strategy (UIS) documents.
+
+1.3 When relevant, IC assessments provided to Congress should include S&TI
+assessmentsincluding assessments of counterintelligence (CI) against IC R&Dalong with comparisons to IC R&D priorities. These serve as justification for future IC R&D requirements and activities, and help inform IC engagement with the industrial base.
+
+ After one year the Commission expects the IC to have at least:
+
+ Created an appropriately sized S&TI cellincreasing the emphasis on open-source
+information in the assessment of foreign S&T, and augmenting, training, and recruiting expertise in science, engineering, and business
+ Established S&TI requirements based on intelligence gaps and incorporated these
+requirements into the applicable Unifying Intelligence Strategies
+ Developed and implemented the process for ensuring that S&TI is utilized by the IC
+R&D enterprise
+
+## Enhance Integrated Intelligence
+
+ The speed with which an adversary can acquire and exploit scientific and technical knowledge continues to increase. In addition to posing new threats that are fast-forming or that have low signatures, adversaries have learned to conceal their operations from the IC and have developed an awareness of U.S. capabilities. It is imperative that the Intelligence Community develop ways to gain and exploit insights earlier and faster.
+
+ The key finding is that the current method of producing IC intelligencecollecting information and integrating it afterwardloses valuable time and information. The collection and analysis process is becoming at once more difficult, given the increase in the scale and diversity of information sources, and more essential, given the intelligence significance of the explosive growth in access to and operations in cyberspace. The recommendation focuses on how to realize Enhanced Integrated Intelligencecomprising the automated collection, analysis, integration, and discovery of relevant data and informationin which decision cycles can occur in near real time.
+
+## Finding 2: Enhanced Integrated Intelligence Needed For Emerging And Future Threats
+
+The global environment in which the IC must operate and dominate is changing. Fast-forming and low-signal threats, including "do-it-yourself" capabilities and economic espionage, are becoming the norm along with rising state challengers and super-empowered non-state actors. The IC must make the coordinated tasking, aggregation, and integrated processing and sharing of data from multiple sources a priority to provide collated signals of adversary actions and intentions that would be missed if the single-source threads of intelligence were reviewed individually.
+
+ To meet the challenge of scalable Enhanced Integrated Intelligence, the IC must, for example, develop or expand capabilities for agile, synchronized tasking, collection, and analysis across intelligence disciplines (signals intelligence [SIGINT], human intelligence [HUMINT], etc.) and across collection domains (space, air, ground, subsurface). Approaches to analysis must be developed that use all available information, thereby enabling the IC to better anticipate developments or detect troubling trends at the earliest feasible time. Doing more integrated analysis will require new techniques for data aggregation, tagging, discovery, access, and organization; greater use of cognitive computing; high-performance computation; and the leveraging of open-source analysis and multidisciplinary approaches.
+ There are several barriers to achieving Enhanced Integrated Intelligence. New sources of intelligence-rich data are proliferating worldwide, often driven by commercial and consumer trends. IC practices traditionally have kept the various INTs separatethereby allowing various IC agencies to develop expertise in specific INTs at the expense of developing strong cross-INT integration. The lack of a strategic R&D approach within the IC limits the investment in longterm research that produces such innovations in intelligence processes.
+
+## Recommendation 2: Enhance Integrated Intelligence
+
+Focus advanced IC R&D on Enhanced Integrated Intelligence approaches methods that integrate diverse sources and expertise and that employ automated
+
+## Capabilities To Tag, Discover, Access, And Aggregate Both Data And Analyzed Information. Actions For Recommendation 2
+
+2.1 The Office of the Director of National Intelligence must create a new joint program plan between the Director of Science and Technology (DS&T) and the Deputy Director of National Intelligence for Intelligence Integration (DDII) for Enhanced Integrated Intelligence, which it will use to track, prioritize, and coordinate Enhanced Integrated Intelligence R&D across the IC. These priorities will guide multidisciplinary and multi-intelligence R&D efforts.
+
+2.2 ODNI must emphasize R&D for analytical methods to produce warnings that follow from advances in data aggregation, data analytics, the processing of large volumes of data, and predictive analytics.
+2.3 ODNI must broaden IC R&D's existing focus so that it also pursues R&D for Enhanced Integrated Intelligence. The Commission recommends an initial pilot program to experiment with emerging capabilities.
+
+After one year the Commission expects the IC to have at least:
+
+ Generated a comprehensive list of intelligence problems and key investment areas for
+Enhanced Integrated Intelligence R&D initiatives of the IC; initial priority projects are to define data tagging standards, and to create and implement rules for multilevel data discovery and access
+ Established a plan for devoting a baseline percentage of agencies' R&D budgets to
+pursue Enhanced Integrated Intelligence programs (after a one-year pilot period, ODNI and the heads of the respective agencies should revisit this number on an agency-byagency basis)
+ Created the framework for a dynamic directory of R&D activities and subject matter
+experts within the IC to better achieve Enhanced Integrated Intelligence objectives
+
+## Empower R&D Leadership
+
+The Intelligence Community needs to become more agile, more aggressive, and faster in collecting, analyzing, and developing new offensive and defensive capabilities. Strong R&D leadership is needed to help create new R&D business practices, coordination, planning, and oversight.
+
+The findings detail several factors that hinder the efforts of the R&D enterprise to create a unified plan, among them a set of disparate budgeting schemes and priorities across those IC agencies performing R&D. The ODNI DS&T needs to serve as the lead executive of IC R&D
+and provide strategic guidance and coordination to the IC R&D enterprise while valuing the individual agencies' abilities to develop and pursue their own innovative solutions.
+
+## Finding 3: Lack Of Unified R&D Emphasis
+
+The IC has spent a decade supporting immediate military necessities that demand near-term R&D and incremental improvements for specific ends, rather than undertaking strategic endeavors. Strategic R&D goals for the IC
+enterprise are not jointly established or adopted.7 With few exceptions, the IC
+R&D does not adapt rapidly to a changing technology environment.
+
+IC agencies had difficulty providing the Commission with a financial accounting of their existing and planned R&D projects and budgets. This is a problem rooted in how the IC tracks expenditures (e.g., the practice of incorporating some R&D funding into mission-related efforts).
+
+The Commission recognizes that IC research activities should be classified in a way that appropriately limits the disclosure of sensitive information while ensuring the sharing of innovations. However, the DS&T must have a comprehensive view of the IC R&D enterprise in its entirety.
+
+The Commission identified several challenges that should be addressed. The roles and authorities of the Director of National Intelligence Science and Technology Committee (NISTC)
+and the ODNI DS&T are not clearly defined in the legislation that created them.8 The process of coordinating and setting priorities for IC R&D activities has developed slowly. Several IC agencies have their respective areas of expertise and authorities for different types of intelligence, though the coordination of R&D between these agencies can be improved.
+
+## Recommendation 3: Empower R&D Leadership
+
+Empower IC R&D leadership to develop a comprehensive R&D strategy and oversee R&D resource allocation.
+
+## Actions For Recommendation 3
+
+3.1 Consolidate the positions of Assistant Deputy Director of National Intelligence for S&T
+(ADDNI/S&T) and DS&T into the DS&T only. Annually, the DS&T will brief the members of the relevant congressional oversight committees on all relevant issues of R&D, S&T, and R&D acquisition programs. The DNI should establish a budget at a level set by Congress under the control of the DS&T to facilitate investment in emerging, disruptive, and joint technology projects and in Enhanced Integrated Intelligence.
+
+3.2 Empower the DNI with the authority to annually reprogram R&D project funds, up to a level agreed to by Congress, into existing or new R&D projects without prior notification to Congress for approval.
+3.3 Establish a science and technology advisory group for the House Permanent Select Committee on Intelligence (HPSCI)and reaffirm the value of the Senate Select Committee on Intelligence (SSCI) Technical Advisory Groupto provide independent advice on strategic R&D initiatives, including those that require multiyear funding.
+
+After one year the Commission expects the IC to have at least:
+
+ Developed an improved IC-wide method of tracking research and development efforts
+and implemented it in time for the FY16 budget build
+ Created a unified plan for the IC R&D program that incorporates relevant S&TI and
+includes a demonstrated means of better aligning IC R&D investments, industry's independent R&D (IRAD), corporate R&D (CRAD), and R&D in academic institutions with U.S. national security objectives
+ Established performance metrics for evaluating R&D investments  Obtained congressional approval for below-threshold reprogramming authority to
+enable agile R&D investment by the IC
+
+## Leverage People/Talent
+
+The continued success of the Intelligence Community depends on a strong, talented scientific and technical workforce. The IC needs innovative approaches to ensure its access to their expertise in the categories and quantities required.
+
+The IC needs to improve how it manages talent so that it keeps workforce skills current, brings in new thinking, and gains the perspectives of experts outside the IC. The IC's R&D workforce historically has concentrated its specialized talent within tightly closed circles. It must change its approach, taking advantage of the opportunities afforded by the expanding global environment to become more adaptable and flexible. The United States must not risk losing our technological lead in a growing number of R&D domains that are critical to our national security.
+
+## Finding 4: Limited Leveraging Of The Stem Personnel Marketplace
+
+Facing increasing competition, the IC can do more to access a larger pool of talent and to leverage the best expertise available in our industries, start-ups,
+
+universities, national labs, and federally funded research and development centers (FFRDCs) as well as the S&T/R&D workforce of our allies.
+
+The IC must better compete for scientific talent in an environment increasingly dominated by globalization. It is expected that this trend in competition will continue, although on a national level the U.S. workforce remains the world's R&D powerhouse. It accounted for about
+31 percent of the estimated $1.4 trillion expended on R&D globally in 2012.9
+The United States' growing reliance on foreign R&D talent must be balanced by increasing the domestic R&D talent base, strengthening STEM education at all levels, and attracting more American STEM undergraduates and graduate students.10
+Despite its need to draw on outside researchers and research, the IC's ability to leverage, attract, and retain the world's brightest R&D talent continues to be limited by a number of challengesespecially contracting requirements, the need to possess U.S. citizenship to obtain security clearances, the difficulties in obtaining appropriate U.S. visas, and opportunities abroad for U.S. talent.
+
+## Recommendation 4: Increase And Augment Ic R&D Talent
+
+Assess longer-term workforce needs within the context of a more competitive private sector and global marketplace and develop procedures to recruit and keep needed talent. Increase and augment IC R&D talent by emphasizing approaches to innovation sharing within the public and private sectors, universities, and research and national labs, and by developing an IC strategy and approach for creating R&D opportunities for non-U.S. citizens.
+
+## Actions For Recommendation 4
+
+4.1 Increase the number of industry rotations for talented IC R&D government personnel, covering a broad range of types and sizes of businesses and a range of capabilities of particular interest to the IC. These partnerships should focus on broadening the experiences and deepening the knowledge and insights of both mid- and senior-level government personnel. Improve interaction with small firms by lowering the barriers to entry and by expanding competitions and opportunities for nontraditional providers and innovators to participate in programs.
+
+Mathematics (Washington, DC: Georgetown University, Center on Education and the Workforce, 2012), pp. 6
+
+
+4.2 Establish an IC R&D Corps composed primarily of part-time researchers, technologists, scientists, engineers, and entrepreneursfrom the private sector and academiaas well as IC retirees.
+
+4.3 The DNI must identify categories of interest to the IC to aid scientists, researchers, engineers, technologists, S&T analysts, and entrepreneurs seeking fast-track U.S. visas. For select individuals, if clearance procedures allow, such visas should be granted immediately. Create such a fast-track system for both private and government workers. The U.S. government must then determine a process for issuing fast-track visas for S&T and R&D personnel of interest, as is currently done to satisfy business and other needs.
+
+After one year the Commission expects the IC to have at least:
+
+ Created a Strategic Workforce Net Assessment to document the critical scientific and
+technical skill sets for the IC, and created within the IC human capital system a method of tracking these skill sets
+ Increase the flexibility of term-limited appointments to bring in talented outside experts
+who will transfer skills and know-how to the IC R&D workforce
+ Established connections with the Office of Science and Technology Policy (OSTP), the
+Department of Homeland Security, the Department of State, and the Department of Energy, which will work together in identifying special visa needs of critical importance to the IC while ensuring that counterintelligence and security considerations and investigative procedures remain central to the review process
+
+## Importance Of R&DBuilding The Future
+
+In the past, the United States has thrived when both our nation and our national security policy have adapted to shape change instead of being shaped by it.
+
+2010 National Security Strategy In the face of the challenges and opportunities presented by globalization, Congress and IC
+leadership must ensure that R&D is recognized as a critical and strategic component of the IC's missionsand must empower the IC R&D enterprise to act accordingly.
+In its review of IC R&D activities, the Commission found that the IC should engage with numerous problems and areas to ensure superiority in the future. The following list illustrates the breadth of R&D that must be undertaken to ensure that the IC's capabilities remain preeminent:
+
+ Quantum information processing  Advances in high-performance computing  Real-time sensor data fusion  Anticipatory analytics from Big Data  Assured continued nuclear design analysis competency  Advanced manufacturing  Creation, maintenance, and detection of cover  Persistent, agile, and resilient overhead capability  Artificial intelligence for autonomous system and robotics  Assured trusted communications  Detecting and countering foreign media influence  Understanding human dynamics and complex adaptive systems
+This Commission report makes four broad recommendations that must be implemented immediately to protect our future national security by transforming how the IC creates strategic advantage and mitigates the impact of unforeseeable global events.
+
+Just as the 80th U.S. Congress and the Truman administration showed great foresight in passing the National Security Act of 1947, so too the 113th U.S. Congress should promptly make needed reforms to the IC's R&D enterprise and its broader S&TI efforts. It is therefore advised that Congress hold hearings no later than one year after the conclusion of the Commission to ensure that these recommendations are being aggressively pursued and implemented.
+
+This page intentionally left blank.
+
+
+## Appendices
+
+
+This page intentionally left blank.
+
+
+## Abbreviations
+
+| DNI     | Director of National Intelligence                        |
+|---------|----------------------------------------------------------|
+| DOD     | Department of Defense                                    |
+| DS&T    | Director of Science and Technology                       |
+| EII     | Enhanced Integrated Intelligence                         |
+| HUMINT  | human intelligence                                       |
+| IC      | Intelligence Community                                   |
+| INT     | intelligence                                             |
+| JIEDDO  | Joint Improvised Explosive Device Defeat Organization    |
+| NIM-S&T | National Intelligence Manager for Science and Technology |
+| ODNI    | Office of the Director of National Intelligence          |
+| R&D     | research and development                                 |
+| R&T     | research and technology                                  |
+| RDT&E   | research, development, test, and evaluation              |
+| S&E     | science and engineering                                  |
+| S&T     | science and technology                                   |
+| S&TI    | scientific and technical intelligence                    |
+| STEM    | science, technology, engineering, and mathematics        |
+|         |                                                          |
+
+## Legislation Pertinent To The Commission 1. Legislation Establishing The Commission From Title 50 Of The United States Code
+
+NATIONAL COMMISSION FOR REVIEW OF RESEARCH AND DEVELOPMENT PROGRAMS OF THE UNITED STATES INTELLIGENCE COMMUNITY
+Pub. L. 111-259, title VII,  701(a)(3), Oct. 7, 2010, 124 Stat. 2745, provided that: The membership of the National Commission for the Review of the Research and Development Programs of the United States Intelligence Community established under subsection (a) of section 1002 of such Act (Public Law 107-306; 50 U.S.C. 401 note) [set out below] (referred to in this section [enacting and amending provisions set out below] as the  Commission') shall be considered vacant and new members shall be appointed in accordance with such section 1002, as amended by this section. Pub. L. 107-306, title X, Nov. 27, 2002, 116 Stat. 2437, as amended by Pub. L. 108-177, title III,  315(a), Dec. 13, 2003, 117 Stat. 2610; Pub. L. 111-259, title VII,  701(a)(1), (4), (b)(3), (c), Oct. 7, 2010, 124 Stat. 2744, 2745, provided that:
+SEC. 1001. FINDINGS.
+
+Congress makes the following findings: (1) Research and development efforts under the purview of the intelligence community are vitally important to the national security of the United States. (2) The intelligence community must operate in a dynamic, highly-challenging environment, characterized by rapid technological growth, against a growing number of hostile, technicallysophisticated threats. Research and development programs under the purview of the intelligence community are critical to ensuring that intelligence agencies, and their personnel, are provided with important technological capabilities to detect, characterize, assess, and ultimately counter the full range of threats to the national security of the United States. (3) There is a need to review the full range of current research and development programs under the purview of the intelligence community, evaluate such programs against the scientific and technological fields judged to be of most importance, and articulate program and resource priorities for future research and development activities to ensure a unified and coherent research and development program across the entire intelligence community.
+
+SEC. 1002. NATIONAL COMMISSION FOR THE REVIEW OF THE RESEARCH AND DEVELOPMENT PROGRAMS OF THE UNITED STATES INTELLIGENCE COMMUNITY.
+
+(a) ESTABLISHMENT.There is established a commission to be known as the National Commission for the Review of the Research and Development Programs of the United States Intelligence Community (in this title referred to as the Commission).
+
+(b) COMPOSITION.
+The Commission shall be composed of 12 members, as follows: (1) The Principal Deputy Director of National Intelligence. (2) A senior intelligence official of the Office of the Secretary of Defense, as designated by the Secretary of Defense.
+
+(3) Three members appointed by the majority leader of the Senate, in consultation with the Chairman of the Select Committee on Intelligence of the Senate, one from Members of the Senate and two from private life. (4) Two members appointed by the minority leader of the Senate, in consultation with the Vice Chairman of the Select Committee on Intelligence of the Senate, one from Members of the Senate and one from private life. (5) Three members appointed by the Speaker of the House of Representatives, in consultation with the Chairman of the Permanent Select Committee on Intelligence of the House of Representatives, one from Members of the House of Representatives and two from private life. (6) Two members appointed by the minority leader of the House of Representatives, in consultation with the ranking member of the Permanent Select Committee on Intelligence of the House of Representatives, one from Members of the House of Representatives and one from private life.
+
+(c) MEMBERSHIP.
+(1) The individuals appointed from private life as members of the Commission shall be individuals who are nationally recognized for expertise, knowledge, or experience in (A) research and development programs; (B) technology discovery and insertion; (C) use of intelligence information by national policymakers and military leaders; or (D) the implementation, funding, or oversight of the national security policies of the United States. (2) An official who appoints members of the Commission may not appoint an individual as a member of the Commission if, in the judgment of the official, such individual possesses any personal or financial interest in the discharge of any of the duties of the Commission. (3) All members of the Commission appointed from private life shall possess an appropriate security clearance in accordance with applicable laws and regulations concerning the handling of classified information.
+
+(d) CO-CHAIRS.
+(1) The Commission shall have two co-chairs, selected from among the members of the Commission. (2) One co-chair of the Commission shall be a member of the Democratic Party, and one cochair shall be a member of the Republican Party.
+
+(3) The individuals who serve as the co-chairs of the Commission shall be jointly agreed upon by the President, the majority leader of the Senate, the minority leader of the Senate, the Speaker of the House of Representatives, and the minority leader of the House of Representatives.
+
+(e) APPOINTMENT; INITIAL MEETING.
+(1) Members of the Commission shall be appointed not later than 45 days after the date of the enactment of this Act [Nov. 27, 2002]. (2) The Commission shall hold its initial meeting on the date that is 60 days after the date of the enactment of this Act.
+
+(f) MEETINGS; QUORUM; VACANCIES.
+(1) After its initial meeting, the Commission shall meet upon the call of the co-chairs of the Commission. (2) Six members of the Commission shall constitute a quorum for purposes of conducting business, except that two members of the Commission shall constitute a quorum for purposes of receiving testimony.
+
+(3) Any vacancy in the Commission shall not affect its powers, but shall be filled in the same manner in which the original appointment was made. (4) If vacancies in the Commission occur on any day after 45 days after the date of the enactment of this Act [Nov. 27, 2002], a quorum shall consist of a majority of the members of the Commission as of such day.
+
+(g) ACTIONS OF COMMISSION.
+(1) The Commission shall act by resolution agreed to by a majority of the members of the Commission voting and present. (2) The Commission may establish panels composed of less than the full membership of the Commission for purposes of carrying out the duties of the Commission under this title. The actions of any such panel shall be subject to the review and control of the Commission. Any findings and determinations made by such a panel shall not be considered the findings and determinations of the Commission unless approved by the Commission.
+
+(3) Any member, agent, or staff of the Commission may, if authorized by the co-chairs of the Commission, take any action which the Commission is authorized to take pursuant to this title.
+
+(h) DUTIES.
+The duties of the Commission shall be (1) to conduct, until not later than the date on which the Commission submits the report under section 1007(a), the review described in subsection (i); and (2) to submit to the congressional intelligence committees, the Director of National Intelligence, and the Secretary of Defense a final report on the results of the review.
+
+(i) REVIEW.
+The Commission shall review the status of research and development programs and activities within the intelligence community, including advanced research and development programs and activities. Such review shall include (1) an assessment of the advisability of modifying the scope of research and development for purposes of such programs and activities; (2) a review of the particular individual research and development activities under such programs; (3) an evaluation of the current allocation of resources for research and development, including whether the allocation of such resources for that purpose should be modified;
+(4) an identification of the scientific and technological fields judged to be of most importance to the intelligence community; (5) an evaluation of the relationship between the research and development programs and activities of the intelligence community and the research and development programs and activities of other departments and agencies of the Federal Government; and (6) an evaluation of the relationship between the research and development programs and activities of the intelligence community and the research and development programs and activities of the private sector.
+
+SEC. 1003. POWERS OF COMMISSION. (a) IN GENERAL.
+(1) The Commission or, on the authorization of the Commission, any subcommittee or member thereof, may, for the purpose of carrying out the provisions of this title
+
+ (A) hold such hearings and sit and act at such times and places, take such testimony, receive such evidence, and administer such oaths; and (B) require, by subpoena or otherwise, the attendance and testimony of such witnesses and the production of such books, records, correspondence, memoranda, papers, and documents, as the Commission or such designated subcommittee or designated member considers necessary. (2) Subpoenas may be issued under subparagraph (1)(B) under the signature of the co-chairs of the Commission, and may be served by any person designated by such co-chairs. (3) The provisions of sections 102 through 104 of the Revised Statutes of the United States (2 U.S.C. 192194) shall apply in the case of any failure of a witness to comply with any subpoena or to testify when summoned under authority of this section.
+
+(b) CONTRACTING.
+The Commission may, to such extent and in such amounts as are provided in advance in appropriation Acts, enter into contracts to enable the Commission to discharge its duties under this title.
+
+(c) INFORMATION FROM FEDERAL AGENCIES.
+The Commission may secure directly from any executive department, agency, bureau, board, commission, office, independent establishment, or instrumentality of the Government information, suggestions, estimates, and statistics for the purposes of this title. Each such department, agency, bureau, board, commission, office, establishment, or instrumentality shall, to the extent authorized by law, furnish such information, suggestions, estimates, and statistics directly to the Commission, upon request of the co-chairs of the Commission. The Commission shall handle and protect all classified information provided to it under this section in accordance with applicable statutes and regulations.
+
+(d) ASSISTANCE FROM FEDERAL AGENCIES.
+(1) The Director of National Intelligence shall provide to the Commission, on a nonreimbursable basis, such administrative services, funds, staff, facilities, and other support services as are necessary for the performance of the Commission's duties under this title. (2) The Secretary of Defense may provide the Commission, on a nonreimbursable basis, with such administrative services, staff, and other support services as the Commission may request. (3) In addition to the assistance set forth in paragraphs (1) and (2), other departments and agencies of the United States may provide the Commission such services, funds, facilities, staff, and other support as such departments and agencies consider advisable and as may be authorized by law. (4) The Commission shall receive the full and timely cooperation of any official, department, or agency of the United States Government whose assistance is necessary for the fulfillment of the duties of the Commission under this title, including the provision of full and current briefings and analyses.
+
+(e) PROHIBITION ON WITHHOLDING INFORMATION.
+No department or agency of the Government may withhold information from the Commission on the grounds that providing the information to the Commission would constitute the unauthorized disclosure of classified information or information relating to intelligence sources or methods.
+
+(f) POSTAL SERVICES.
+The Commission may use the United States mails in the same manner and under the same conditions as the departments and agencies of the United States.
+
+(g) GIFTS.
+The Commission may accept, use, and dispose of gifts or donations of services or property in carrying out its duties under this title.
+
+
+SEC. 1004. STAFF OF COMMISSION. (a) IN GENERAL.
+(1) The co-chairs of the Commission, in accordance with rules agreed upon by the Commission, shall appoint and fix the compensation of a staff director and such other personnel as may be necessary to enable the Commission to carry out its duties, without regard to the provisions of title 5, United States Code, governing appointments in the competitive service, and without regard to the provisions of chapter 51 and subchapter III of chapter 53 of such title relating to classification and General Schedule pay rates, except that no rate of pay fixed under this subsection may exceed the equivalent of that payable to a person occupying a position at level V of the Executive Schedule under section 5316 of such title.
+
+(2) Any Federal Government employee may be detailed to the Commission without reimbursement from the Commission, and such detailee shall retain the rights, status, and privileges of his or her regular employment without interruption. (3) All staff of the Commission shall possess a security clearance in accordance with applicable laws and regulations concerning the handling of classified information.
+
+(b) CONSULTANT SERVICES.
+(1) The Commission may procure the services of experts and consultants in accordance with section 3109 of title 5, United States Code, but at rates not to exceed the daily rate paid a person occupying a position at level IV of the Executive Schedule under section 5315 of such title. (2) All experts and consultants employed by the Commission shall possess a security clearance in accordance with applicable laws and regulations concerning the handling of classified information.
+
+SEC. 1005. COMPENSATION AND TRAVEL EXPENSES. (a) COMPENSATION.
+(1) Except as provided in paragraph (2), each member of the Commission may be compensated at not to exceed the daily equivalent of the annual rate of basic pay in effect for a position at level IV of the Executive Schedule under section 5315 of title 5, United States Code, for each day during which that member is engaged in the actual performance of the duties of the Commission under this title. (2) Members of the Commission who are officers or employees of the United States or Members of Congress shall receive no additional pay by reason of their service on the Commission.
+
+(b) TRAVEL EXPENSES.
+While away from their homes or regular places of business in the performance of services for the Commission, members of the Commission may be allowed travel expenses, including per diem in lieu of subsistence, in the same manner as persons employed intermittently in the Government service are allowed expenses under section 5703 of title 5, United States Code.
+
+SEC. 1006. TREATMENT OF INFORMATION RELATING TO NATIONAL SECURITY. (a) IN GENERAL.
+(1) The Director of National Intelligence shall assume responsibility for the handling and disposition of any information related to the national security of the United States that is received, considered, or used by the Commission under this title. (2) Any information related to the national security of the United States that is provided to the Commission by a congressional intelligence committee may not be further provided or released without the approval of the chairman of such committee.
+
+(b) ACCESS AFTER TERMINATION OF COMMISSION.
+Notwithstanding any other provision of law, after the termination of the Commission under section 1007, only the Members and designated staff of the congressional intelligence committees, the Director of National Intelligence (and the designees of the Director), and such other officials of the executive branch as the President may designate shall have access to information related to the national security of the United States that is received, considered, or used by the Commission.
+
+
+SEC. 1007. FINAL REPORT; TERMINATION.
+
+(a) FINAL REPORT.
+Not later than one year after the date on which all members of the Commission are appointed pursuant to section 701(a)(3) of the Intelligence Authorization Act for Fiscal Year 2010 [Pub. L. 111-259, set out above], the Commission shall submit to the congressional intelligence committees, the Director of National Intelligence, and the Secretary of Defense a final report as required by section 1002(h)(2).
+
+(b) TERMINATION.
+(1) The Commission, and all the authorities of this title, shall terminate at the end of the 120-day period beginning on the date on which the final report under subsection (a) is transmitted to the congressional intelligence committees. (2) The Commission may use the 120-day period referred to in paragraph (1) for the purposes of concluding its activities, including providing testimony to Congress concerning the final report referred to in that paragraph and disseminating the report.
+
+SEC. 1008. ASSESSMENTS OF FINAL REPORT.
+
+Not later than 60 days after receipt of the final report under section 1007(a), the Director of National Intelligence and the Secretary of Defense shall each submit to the congressional intelligence committees an assessment by the Director or the Secretary, as the case may be, of the final report. Each assessment shall include such comments on the findings and recommendations contained in the final report as the Director or Secretary, as the case may be, considers appropriate.
+
+SEC. 1009. INAPPLICABILITY OF CERTAIN ADMINISTRATIVE PROVISIONS. (a) FEDERAL ADVISORY COMMITTEE ACT.
+The provisions of the Federal Advisory Committee Act (5 U.S.C. App.) shall not apply to the activities of the Commission under this title.
+
+(b) FREEDOM OF INFORMATION ACT.
+The provisions of section 552 of title 5, United States Code (commonly referred to as the Freedom of Information Act), shall not apply to the activities, records, and proceedings of the Commission under this title.
+
+[**SEC. 1010. Repealed**. Pub. L. 111-259, title VII,  701(b)(3), Oct. 7, 2010, 124 Stat. 2745.]
+
+SEC. 1011. DEFINITIONS.
+
+In this title:
+(1) CONGRESSIONAL INTELLIGENCE COMMITTEES. The term congressional intelligence committees means (A) the Select Committee on Intelligence of the Senate; and (B) the Permanent Select Committee on Intelligence of the House of Representatives. (2) INTELLIGENCE COMMUNITY. The term intelligence community has the meaning given that term in section 3(4) of the National Security Act of 1947 (50 U.S.C. 401a(4)).
+
+2. Legislation establishing the Director of Science and Technology within the Office of the
+
+## Director Of National Intelligence (50 *U.S.C.*  403-3E)
+
+
+ 403-3e. Director of Science and Technology
+(a) Director of Science and Technology There is a Director of Science and Technology within the Office of the Director of National Intelligence who shall be appointed by the Director of National Intelligence. Page 107 TITLE 50WAR AND NATIONAL DEFENSE  403-3g
+(b) Requirement relating to appointment An individual appointed as Director of Science and Technology shall have a professional background and experience appropriate for the duties of the Director of Science and Technology.
+
+(c) Duties The Director of Science and Technology shall (1) act as the chief representative of the Director of National Intelligence for science and technology; (2) chair the Director of National Intelligence Science and Technology Committee under subsection (d) of this section; (3) assist the Director in formulating a long-term strategy for scientific advances in the field of intelligence; (4) assist the Director on the science and technology elements of the budget of the Office of the Director of National Intelligence; and
+(5) perform other such duties as may be prescribed by the Director of National Intelligence or specified by law.
+
+(d) Director of National Intelligence Science and Technology Committee
+(1) There is within the Office of the Director of Science and Technology a Director of National Intelligence Science and Technology Committee. (2) The Committee shall be composed of the principal science officers of the National Intelligence Program. (3) The Committee shall (A) coordinate advances in research and development related to intelligence; and (B) perform such other functions as the Director of Science and Technology shall prescribe.
+
+3. Legislation extending the Commission Pub. L. 112-277 (Jan. 24, 2013; 126 Stat. 2466)
+
+
+ 502. EXTENSION OF NATIONAL COMMISSION FOR THE REVIEW OF THE RESEARCH AND DEVELOPMENT PROGRAMS OF THE UNITED STATES INTELLIGENCE COMMUNITY.
+
+   Section 1007(a) of the Intelligence Authorization Act for Fiscal Year 2003 (Public Law 107
+306; 50 U.S.C. 401 note) is amended by striking Not later than one year after the date on which all members of the Commission are appointed pursuant to section 701(a)(3) of the Intelligence Authorization Act for Fiscal Year 2010, and inserting Not later than March 31, 2013,.
+
+
+
+## List Of Briefings
+
+ The Commissioners and staff of the National Commission for the Review of Research and Development Programs of the United States Intelligence Community would like to express our sincere gratitude to the individuals that met with us, and the individuals that participated in the numerous groups/panels listed below. Their flexibility, willingness to share important insights, and candid responses were of utmost importance to the creation of this report. This report would not be possible without their support, insightful analysis, and willingness to provide information.
+
+
+
+29 February 2012
+
+-
+Office of the Director of National Intelligence
+
+
+5 March 2012
+
+-
+Defense Intelligence Agency
+
+
+6 March 2012
+
+-
+Intelligence Advanced Research Projects Activity
+
+
+7 March 2012
+
+-
+National Geospatial-Intelligence Agency
+
+
+10 April 2012
+
+-
+In-Q-Tel
+
+
+11 April 2012
+
+-
+Central Intelligence Agency
+
+
+3 May 2012
+
+-
+Collaboration Panel
+
+
+4 May 2012
+
+-
+Central Intelligence Agency
+
+
+11 May 2012
+
+-
+First Cyber Panel
+
+
+14 May 2012
+
+-
+National Security Agency
+
+
+16 May 2012
+
+-
+Defense Advanced Research Projects Agency
+
+29 May 2012
+
+-
+National Reconnaissance Office
+
+
+30 May 2012
+
+-
+ *Department of Defense Research and Engineering Enterprise*
+
+
+31 May 2012
+
+-
+National Nuclear Security Administration
+
+
+6 June 2012
+
+-
+Defense Intelligence Agency
+
+
+12 June 2012
+
+-
+Federal Bureau of Investigation
+
+13 June 2012
+
+-
+Office of Director of National Intelligence/Systems & Resources Analysis, Intelligence,
+Planning, Programming, Budgeting & Evaluation
+
+
+14 June 2012
+
+-
+Department of Homeland Security
+
+
+26 June 2012
+
+-
+Office of the Director of National Intelligence/Acquisition, Technology & Facilities
+
+
+27 June 2012
+
+-
+Pacific Northwest National Laboratory
+-
+Lawrence Livermore National Laboratory
+
+
+12 July 2012
+
+-
+Sandia National Laboratory
+-
+Los Alamos National Laboratory
+
+
+17 July 2012
+
+-
+Executive Office of the President, Office of Science & Technology Policy
+-
+Government Accountability Office
+-
+National Academies of Science
+-
+MITRE
+
+
+19 July 2012
+
+-
+Merck, Inc.
+
+
+26 July 2012
+
+-
+AT&T
+
+
+30 July 2012
+
+-
+IBM
+
+
+7 August 2012
+
+-
+S&TI Panel
+
+
+8 August 2012
+
+-
+Wireless Panel
+-
+Former S&T Experts Panel
+-
+House Armed Services Committee
+-
+Department of Energy
+
+16 August 2012
+
+-
+Academic Panel
+
+22 August 2012
+
+-
+New York City Police Commissioner's Office
+-
+New York City District Attorney's Office
+
+
+27 August 2012
+
+-
+I2WD & JIEDDO Panel
+-
+Executive Office of the President, Homeland Security Advisor
+-
+House Permanent Select Committee on Intelligence
+-
+Senate Select Committee on Intelligence
+
+29 August 2012
+
+-
+Independent Research and Development (IRAD) Panel
+
+
+10 September 2012
+
+-
+O'Reilly Publishing
+-
+Former S&T Experts Panel
+
+
+11 September 2012
+
+-
+Cloud Computing Panel
+
+
+12 September 2012
+
+-
+IC Science Advisory Body Experts Panel
+
+1415 September 2012
+
+-
+Oak Ridge National Laboratory
+
+
+19 September 2012
+
+-
+University of Maryland (former NSF representative)
+
+
+2 October 2012
+
+-
+Central Intelligence Agency
+
+
+3 October 2012
+
+-
+National Academies of Science
+
+
+11 October 2012
+
+-
+Central Intelligence Agency, Lessons Learned Office
+
+
+25 October 2012
+
+-
+JASON scientists
+
+
+26 October 2012
+
+-
+Intelligence Science Board Task Force Study
+
+
+7 November 2012
+
+-
+MITRE
+
+1314 November 2012
+
+-
+Sandia National Laboratory
+
+15 November 2012
+
+-
+SRI International
+-
+Kleiner Perkins Kaufman Byers
+-
+Lockheed Martin Applied Technology Center
+
+
+16 November 2012
+
+-
+Google
+
+
+28 November 2012
+
+-
+Intelligence Advanced Research Projects Activity
+-
+Innovative Solutions Consortium
+
+
+4 December 2012
+
+-
+Executive Office of the President, Office of Management & Budget
+
+13 December 2012
+
+-
+National Security Agency
+-
+Office of the Director of National Intelligence
+
+
+19 December 2012
+
+-
+B612 Foundation
+-
+National Critical Systems and Technology Joint Task Force
+
+
+9 January 2013
+
+-
+Defense Intelligence Agency
+
+
+15 January 2013
+
+-
+Second Cyber Panel
+
+
+28 January 2013
+
+-
+IC S&T Professionals
+
+
+31 January 2013
+
+-
+Executive Office of the President, National Security Staff
+
+
+5 February 2013
+
+-
+Identity Intelligence Panel
+
+
+12 February 2013
+
+-
+Disruptive Technologies Panel
+
+25 February 2013
+
+-
+National Geospatial-Intelligence Agency
+
+
+26 February 2013
+
+-
+Director of DARPA
+
+
+8 March 2013
+
+-
+Deputy Secretary of Defense
+
+
+18 March 2013
+
+-
+National Security Agency
+
+19 March 2013
+
+-
+Georgia Tech Research Institute
+-
+National Security Agency, Cyberlaw Brief
+
+
+## 11 April 2013
+
+-
+Director of the Center for Intelligence Research and Analysis
+
+
+## 16 April 2013
+
+-
+Managing Director of Cybersecurity for JP Morgan Chase
+-
+Independent Consultant for Cyber Security
+
+## Commissioner Biographies
+
+Maurice Sonnenberg, Commission Co-Chair, is the Senior International Advisor at J. P.
+
+Morgan. He has advised five presidential administrations in the fields of foreign policy, international trade, finance, and intelligence. He is currently a member of the Special Navy Advisory Panel to the Secretary of the Navy.
+
+Some past governmental positions he has held in the fields of intelligence are member of the President's Foreign Intelligence Advisory Board (eight years), Vice Chairman of the National Commission on Terrorism, member of the U.S. Commission on Reducing and Protecting Government Secrecy, the Senior Advisor to the U.S. Commission on the Roles and Capabilities of the U.S. Intelligence Community, and member of the Private Sector Senior Advisory Committee and the Southwest Border Task Force of the Homeland Security Advisory Council. He is a member of the Council on Foreign Relations, where he served on the Council's Independent Task Force on Terrorist Financing, and is on the Advisory Board of the Council's magazine, *Foreign Affairs*.
+
+Samantha Ravich, Ph.D., Commission Co-Chair, consults with both private industry and federal and state governments on international security, financial risk, and political risk. She is a Senior Advisor to the Chertoff Group. From 2009 to 2011, Ravich was Senior Vice President at IPS, a software and global analysis firm.
+
+Ravich was previously Principal Deputy National Security Advisor to Vice President Cheney and served in the White House for 512 years. She received a Ph.D. in policy analysis from the RAND Graduate School, an M.C.P. from the University of Pennsylvania, and a B.S.E.
+
+in finance from the Wharton School. In 2000, Cambridge University Press published Ravich's book, *Marketization and Democracy: East Asian Experiences*, which is used as a basic textbook in international economics, political science, and Asian studies courses in colleges throughout the country.
+
+
+Senator Dan Coats is the senior senator for Indiana. Coats began his service to our nation in the U.S. Army, and has served Hoosiers in both the U.S. House of Representatives and U.S. Senate. In 2001, he was named Ambassador to Germany, arriving in the country only a few days before the tragic events of 9/11. Coats returned to the U.S. Senate in 2011. He serves on four Senate committees: Appropriations, Intelligence, Commerce, and the Joint Economic Committee, where he is the senior Senate Republican. Dan and Marsha Coats met in college and have three adult children and eight grandchildren.
+
+Congressman K. Michael Conaway is a member of both the House Armed Services Committee and the House Permanent Select Committee on Intelligence. Congressman Conaway served as both the Chairman of the Panel on Defense Financial Management and Auditability Reform in the 112th Congress and the Ranking Member of the Committee's Panel on Defense Acquisition Reform in the 111th Congress. In addition, he has served on various subcommittees within the Armed Services Committee and currently sits on both the Subcommittee on Emerging Threats and Capabilities and the Subcommittee on Oversight and Investigations. On the House Permanent Select Committee on Intelligence, Congressman Conaway currently serves on the Subcommittee on Terrorism, HUMINT, Analysis, and Counterintelligence. In 2012,
+
+
+Congressman Conaway was appointed to the Board of Visitors of the U.S. Military Academy at West Point.
+
+Representative Rush Holt has represented central New Jersey in the U.S. House of Representatives since 1999. From 2007 to 2010, he was Chair of the Select Intelligence Oversight Panel, which worked to strengthen oversight of the Intelligence Community. He was also a senior member of the House Permanent Select Committee on Intelligence from 2003 to 2011 and previously served as an intelligence analyst at the Department of State in the 1980s. Holt holds a B.A. in physics from Carleton College and M.A. and Ph.D. degrees, also in physics, from New York University. He served on the faculty of Swarthmore College and from 1989 until his 1998 congressional campaign served as Assistant Director of the Princeton Plasma Physics Laboratory, the largest research facility of Princeton University and the largest center for alternative energy research in New Jersey. He is a resident of Hopewell Township, New Jersey.
+
+The Honorable Shirley Ann Jackson, Ph.D., is President of Rensselaer Polytechnic Institute
+(RPI), and has held senior leadership positions in government, industry, research, and academe. From 1995 to 1999, Dr. Jackson served as Chairman of the U.S. Nuclear Regulatory Commission. She serves on the President's Council of Advisors on Science and Technology (PCAST) and the International Security Advisory Board (ISAB) to the United States Department of State. Dr. Jackson is an International Fellow of the Royal Academy of Engineering and a member of the National Academy of Engineering and a number of other professional societies. She is a Regent of the Smithsonian Institution, a member of the boards of the Council on Foreign Relations and the Brookings Institution, and a member of the Board of Directors of IBM, FedEx, and other global companies. Dr. Jackson holds an S.B. degree in physics and a Ph.D. in theoretical physics, both from MIT.
+
+Gilman Louie is a partner of Alsop Louie Partners, a venture capital fund focused on helping entrepreneurs start companies, and the founder and first CEO of In-Q-Tel, a private nonprofit venture capital firm that invests in private companies on behalf of a wide range of U.S. intelligence agencies. Before founding In-Q-Tel, he ran a publicly traded company called Spectrum HoloByte; it ultimately was acquired by Hasbro Corporation, where he served as chief creative officer of Hasbro Interactive and general manager of Games.com. He serves a member of the Board of Directors of the Markle Foundation and of Digital Promise, and is Chairman of the Board of the Federation of American Scientists. Gilman is also an advisor to the Defense Intelligence Agency, Central Intelligence Agency, and National Security Agency, and is a member of the Technical Advisory Group to the United States Senate Select Committee on Intelligence.
+
+Kevin P. Meiners is the Deputy Under Secretary of Defense for Intelligence for Strategy, Programs, and Resources, where he is responsible for all matters related to Intelligence, Surveillance & Reconnaissance, and Environmental system capabilities. Mr. Meiners began his government service in 1984, working in various engineering, aviation, and program managementrelated positions before joining the Office of the Secretary of Defense in 1994 as a member of the newly formed Defense Airborne Reconnaissance Office (DARO); in 2000 he became a member of the Senior Executive Service. He has a BSEE from Virginia Tech
+
+University and holds two Master of Science degrees; he is also a graduate of the Federal Executive Institute.
+
+The Honorable Stephanie O'Sullivan, as the Principal Deputy Director of National Intelligence
+(PDDNI) since 28 February 2011, serves the Intelligence Community in a role similar to that of a chief operating officer, focusing on ODNI operations; managing IC coordination, information sharing, and resource challenges; and reinforcing the DNI's intelligence integration initiatives. Beginning in 2005, Ms. O'Sullivan led the CIA's Directorate of Science and Technology
+(DS&T), the part of the Agency responsible for developing and deploying innovative technology in support of intelligence collection and analysis, and she served as Associate Deputy Director of the CIA from December 2009 through February 2011. Previously, as an engineer and team leader with the CIA, the Office of Naval Intelligence, and TRW, she fielded systems in areas ranging from power sources to biotechnology. She holds a Bachelor of Science degree in civil engineering from the Missouri University of Science and Technology.
+
+Troy E. Wade II is chairman emeritus of the Nevada Alliance for Defense, Energy and Business, a group of more than 35 technology companies that support the Nevada Test Site and help bring new science and technolgy programs to Nevada, and president and chairman of the Nevada Test Site Historical Foundation. He is also president of Wade Associates, a Las Vegas based management consulting firm. Mr. Wade is a member of the Board of Directors of WSI, Inc.; a member of the Advisory Board of TSC, Inc.; a member of the Advisory Board of Longenecker & Associates; and a member of the Advisory Board of the Howard R. Hughes School of Engineering at the University of Nevada, Las Vegas.
+Mr. Wade has 31 years of service with the U.S. Department of Energy, having served as Assistant Secretary of Energy for Defense Programs after holding a succession of key positions associated with the nation's nuclear programs.
+
+Senator Mark Warner was elected to the U.S. Senate in November 2008; he serves on the Senate Banking, Budget, Commerce, and Intelligence committees. After more than four years in the Senate, Senator Warner has established himself as a national leader in efforts to find bipartisan consensus to create balanced solutions to reduce the federal debt and deficit. He also has been a champion for military men and women, their families, and our military veterans.
+
+Senator Warner also is a leader in Congress in efforts to promote private-sector innovation and to help our nation's small businesses and start-up companies succeed.
+
+From 2002 to 2006, Senator Warner served as Governor of Virginia, where he worked in a bipartisan way to turn record budget deficits into a surplus. Governor Warner also focused on improving public education and expanding economic opportunity in every region of the state. Before entering public office, Senator Warner was an early investor in the cellular telephone business. He co-founded the company that became Nextel, and ultimately made early investments in hundreds of start-up technology companies that have created tens of thousands of private-sector jobs.
+
+The Honorable John J. Young, Jr., served as the Under Secretary of Defense for Acquisition, Technology and Logistics, with responsibility for all research, development, procurement, and logistics programs in the Department of Defense. During his tenure, he drove DOD initiatives on competitive prototyping, revision of the DOD 5000 instruction, and collaborative program
+
+
+management. Previously, Mr. Young oversaw DOD's research enterprise as the Director of Defense Research and Engineering and led the Mine Resistant Ambush Protected (MRAP) Vehicle Task Force, which delivered more than 15,000 MRAPs to protect soldiers from improvised explosive devices (IEDs).
+
+Mr. Young also served as the Assistant Secretary of the Navy for Research, Development and Acquisition and worked for ten years as a professional staff member of the Senate Defense Appropriations Subcommittee. He currently serves as a board member, advisor, and consultant to a number of companies.
+
+
+
+## Acknowledgments
+
+
+This Commission depended on and would like to thank the extraordinary staff that dedicated themselves to the yearlong venture. Staff members demonstrated exemplary interagency collaboration in performing their assessments on behalf of the Commission, supporting the Commissioners' vision for improving research across the entire national intelligence enterprise, and bringing to fruition the final report.
+
+The Commission is profoundly grateful to all of the staff and to all individuals who enabled the completion of its report.

markdown/misc/obsat.md

@@ -0,0 +1,966 @@
+## Unclassified Classification Changes
+
+TO
+confidential
+31 May 1966,
+DoDD 5200.10,
+Group-4,
+per
+document marking.
+
+## This Page Is Unclassified 'Security - \'. Marking
+
+The classitied or limited status of this report applies te each page, unless otherwise marked,
+
+"
+.
+Separate page printouts MUST bo marked accordingly.
+A
+e B
+T
+R
+i B
+S
+S
+s B
+*This doetmene' cofiiains info rmation affecting the Na.{. nal within the meaning of the S.
+
+C., Section 793 and
+|Defeneo of the United States Esplonsge Laws, Title 18, U,
+794.
+
+Yts transmission op th
+@ revelation of its coatents in any manner to an unauthorised persen is prokidited by lav,s
+
+# Helassifed O
+
+## Research Paper P-88
+
+Study FAIR Volume V
+
+# Ervation Satellites For Arms Control: Some Implications And Policy Choices (U)
+
+Rosemary Klineberg MAY 1963
+DDC CONTROL
+N0 53264
+m INSTITUTE FOR DEFENSE ANALYSES
+'
+ECONOMIC AND POLITICAL STUDIES DIVISION
+This moterial contains information affecting the nationol defemse of the United States within the meaning of the Espioncge Laws (Title 18, U.S.C., Sections 793 and 794), the transmission or revelation of which in any monner to an unauthorized person is prohibited by law.
+
+# 31 Als V 3Y Aiatrivation O This Pepory 1G Oontrolled,  Quaified W Ngz\Uon Shall Request Through Arpa/T10.
+
+The views expressed hereinare not nacessorily those of the institute for Deferse Analyses or of any agency of the United States Government.
+
+The institute for Defense Anclyses mm kinds of pub~-
+lication for dictribution, entitled Report, Study, ond Research Paper.
+
+A
+Report embodies the results of a mojor ressarch project under~
+token by and is intended to be on authoritative contribution on its subject.
+
+scope o Report.
+
+It may be the resvit of @ smaller and more narrowly defined resecrch project or it moy be o supporting technical paper prepared in connecrion with
+0 major (soject.
+
+A Ressarch represents the work of one or more nomed outhors oct to revisw comparable to that for publicotion in o professional journal .
+
+## Research Paper P-S8
+
+l Srudy FAIR Volumc v
+
+## K Observation Satellites For Arms Control: | Some Implications And Policy Choices (U)
+
+Rosemary Klincberg INSTITUTE FOR DEFENSE ANALYSES
+ECONOMIC AND POLITICAL STUDIES DI VISION
+
+## Foreword
+
+The following paper on the policy implications of an observation satellite system represents cne part of Study I-'AIR:F
+Focus on Arms Information and Reassurance, The author, Rosemary Xlineberg, is a former member of this division and a specialist in international relations.
+
+Partial financial support for Study FAIR has come from the US Arms Control aud Disarmament Agency, the Office of the Assistant Secretary of Defense for International Security Affairs, and Project Michelson of the US Naval Ordnance Test Station, as well as from IDh Central Research funds.
+
+- Acting Director N
+Boonomic and Politicay Studies Division
+
+## Rreviows Page Was Blank, Ti.Refore Not Filmed. Preface
+
+The five principal parts of Study FAIR are entitled: Studies on Information and Arms Control;
+Studies on hccidental War; Unilateral Arms Control:
+A_Survey; Observation Satellites ifor Arms Control:
+Technical Capabilities, Concepts, and Applications (U);
+and Observation Satellites for Arms Control:
+Some Implications and Policy Choices (U).
+
+The first three papers are not classified, the latter two are classified "Confidential" and "Secret," respectively.
+
+All five papers are based on unclassified sources.
+
+The paper which follows examines implications of an observation satellite system for general United States pdlicy.
+
+.
+
+JOHN PHELPFS
+g Leader, Study FAIR
+
+## Contents
+
+Jage
+I.
+INTRODUCTIONANDBACYGROUND........
+1
+History
+Present Policy
+TT.rt.'ACt:k'L'LAPPLICATIONS........o......
+7
+Area Coverage
+Possible Fields
+;.III.
+MILI'MRY CONSIDRRATIONS
+
+&
+o
+0
+8
+0
+s
+4
+o
+o
+
+
+o
+e
+@
+12
+The Targeting Question
+Physical Vulnerability of Satellites
+IV.I.EGALISSUES........-......
+20
+Space Fhotogvrajx, J/
+Outer Space nd the High Seas
+Satellites and U-2s
+Scvereignty,
+S2crecy,
+and Satellites
+V.
+POLITICALPSYC!DIDGICALFACTORS.
+
+s
+0
+e
+s
+0
+00
+e
+27
+US Image Abroad
+The Public Press
+VI.THECI'DICBS........;.....-....
+313
+Maintenance of Secrecy
+legitimization of Observation from Outer Space
+etion and Control
+VII.
+StmssnONs
+
+[
+]
+[ ]
+L ]
+L ]
+.
+L
+L
+[
+)
+[
+*
+[ ]
+L]
+L]
+L]
+L)
+[
+]
+.
+L ]
+[ ]
+*
+41
+First Steps
+General Climate of Cpinion
+i
+e
+
+## Observation Satellites For Arms Control: Some Implications And Pol1Cy Choices I. Introduction And Background ''______--
+
+its full potential for usefulness may be realized.
+
+after a brief review of the history of the satellite program and the nature of present US
+pPolicy towerd it, we first examine the little-kn own peaceful applications of observation satellj
+'
+benefits, gram.
+
+Finally, we ces open to pPolicy-makers, and make certain
+1.
+
+The other "wo wnake up tudy PAIR Volume 4, Observation Satellites fopr Arms Control:
+Technical Ca abilities, Conce ts, a ligations
+-
+suggestions fdr Specific action, The effect of a Us observation satellite pregram on the mairtenance of Soviet Secrecy--potentially
+4 highly significant aspect of the program--is analyzed under the other headings as it relates to them, His togz It has been generally, if unofficially, known for several years that the United States has been developing a reconnaissance satellite program.
+
+In the early stages, daunchings were announced Thus, the first two MIDAS /Missile Defense in some detail, Alarm System/ launchings (26 February and 24 May,
+" successors to the U-2.
+
+In March of 1962
+4 new policy was introduced aimed at reducin; the information about all satellite launchings to the same common denominator.
+
+time, the booster rccket were identiover-all space program, but a1l else was considered classified information, In April 1963, there was a further publicity clampdown requiring all satellite launchings by
+1.
+
+Th
+:
+1
+the m:llitary services to be done in secnf.
+
+%his move came about despite the virtual imposribility of hiding an orbiting satellite from a modern tracking ne!:work.l In any case, the earlier, more specific press releases remain on the public record, forming a history of actisity which the press consistently integraces in some fashion, not necessarily accurate, into its current articles.
+
+Thus a Teperter may speculate that a Satellite launched with an Atlas-Agena booster combimation "known to have been used in previous SAMOS-MITAS shotsTM must be one or the other,2 and a British aeronautical weekly may announce that of
+"twenty unidentified satellites" launched by the US Air Force between November 1961 and August 1362 six were probably SAMDS reconnaissance satellites, twelve were Discoverer-type safellites Ybresumably carrying SAMDS or MIDAS equipment, TM and one was = MIDAS
+early-warning ntonito.a Careful perusal of the wblicy press and the more knowledgeable aeros;;ace journals mny therefore suffice to keep the interested citizen moderately well informed of the extent of US observation satellite activity.
+
+1.
+"Clampdown," Newsweek, April 22, 1963, p. 67.
+2, The Wash on _Post,
+6 August 1962, p, A-1.
+
+SAMOS stands for SateJHEW%flT'ofisewation Syscem.,
+'
+3.
+
+Flizgt International (Official Organ of the Royal Aero Club), voI.
+
+87, No, ugust 1962), p.
+
+253.
+
+The twentieth of the group was described as "either a SAMOS or a MIDAS
+. -
+possibly unsuccessful."
+
+## Present Policz
+
+In response to specific queries about tha obscrvation satellite program, which (except for low=resolution metecrolcgical satellites)l continues to be the exclueive responsibility of the armed services, Us spokesmen now restrict th
+2ir commments to a Statement that the Air Force is endeavoring to develcp a capability to conduct military reconnzissance from space.
+
+They neither deny nor confirm that the United States may have such an operational capability at the presant time, Conducting the satellite program in total secrecy--thereby mitigating public Speculation--Zoes not appear to be practical in the "open socizty" of the United States, since it is impossible to conceal the visibiliey of launrhings altoyether.
+
+Furthermore, compliance with UN General Assembly Resolution 1721
+(XVI)
+of the Peaceful Uses of Outer Space.
+
+This the United States has bean doing since mid-February 1962,
+-The earlier reports included T
+
+l.
+
+Resolution is a measure of the ability of an cptical or photographic System to distinguish detail, Roughly,
+& resolution object cannot be.
+
+Low resolution s high r2solution, that small objects aad W
+i S ._.,...,_,,_m,a-'rw'"_m
+-
+r
+.ification only of those satellites which were still in orbit at the end of the two-week reporting period; thcse which had been launched but were no longer in Space were not mentioned.
+
+The information given included orbital characteristics, the name of the launch vehicle, the launch date, and a general description of the kind of space program being undertaken, Another limitation on the mifitemnco of secrecy was manifested when the Soviets claimed to be giving full information in the registration reports, whereas it was evident that the United States was not reporting all its launchings, as called for by th'e General fissembly resolution.
+
+Comparing the US reports with the briaf Air Force releases regarding satellite launchings, the Soviets noticed that 'the latter were not always reflected in the reports to the-United Nations, The US position was that the'
+satellites in question were no longer in orbit at the time of the reports and therefore did not need to be registered.
+
+However,
+
+_
+in order to be consistent, the reports would not have been able
+to cover vtho :J.igh': by Lt.
+Coul, John Glern on 20 February 1962,
+since his capsule was orbited and returned to earth in the middie
+of a repoiting period.
+Therefore, a new scheme of reporting ves
+developed and put into effect shortly thereafter.
+|
+Now the U3 repurts give the same information for both ecivil-
+" ian and milivary launchings, viz:
+the name of the launch vehicle,
+5
+RREF
+A T
+T S
+P NN
+L T
+N D
+the date, and the Satellite's nodal period, inclination, apogee, and perigee.
+
+In addition, they disclose into which of four main categories the funetion of the satellite falls:
+development of
+
+## Ii. Peaceful Appl1Cations W
+
+With one exception, public and official interest in observation satellites seems to have centered on their military intel.
+
+ligence applications.
+
+The exception is the TIROS [l'clevision and Infra-Red Observation Systeg] weather satellito;
+the firsc of which was launched on
+1 April 1960.
+
+The TIROS system--using very low-resolution photography, high altitudes, and picture transmission by television--has been notably suecesaful in providing large-area cloud cover data  helping to identify and track dangerous starms, ard generally advancing the science of metnorology.
+
+By 1964 the mone advanced Nimbus system is expected to take over some of the functions of TIROS.
+
+But observation satellites may be applied to a varicty of other important pezceful purposes, and these shculd figure prominently in any consideration of the futu-o i0le of observation satellites and the policies ussociated with them.
+
+It should be noted, by the way, that the term "peacoful" is not necessarily to be equated with "non-mintary' as in the Antarc":lc Treaty.
+
+m:u:lt:agz act::l.vitiu in space, some or which, at least in the opinicn of US officials, may well have a long-run "peaceful" effect.
+
+Communicaticns satellites, morecover, have obvious military and non~-military
+
+## Area Covecage
+
+even compared with the highestflying airplenes, is its coverage of very large areas (hundreds o
+4 single Picture, interest, and also
+
+## These Surveys Of The Earth! $ Suppliesof
+
+l.
+
+See the ac COmpanying paper
+"Observation Satellites for Arms Contral:
+Concepts andingppnca::ions."
+2.
+
+See the accol
+ "Observation Satellites for Arms Contro]:
+Technical Capabilities," for documentation and elaborstion,
+'
+nations, some with burgeoning populations, strive to develop as rapidly as possible, A satellite photograph neot Only covers a large area;
+it captures the area at a known instant of time in a picture which can be studied at leisure.
+
+Stereo pictures lend themselves to topographic mapping and other applications where depth is important to photo-interpretation,
+
+## Possible Fialds
+
+Despite the almost exclusive emphasis on the utility of observation satellites for military intelligence and weather information, it is inscructive to note that there are as many as thirteen additional fields, not counting arms control, where satellites may be useful.
+
+These are:
+cartography, geography, geology, soil science, engineering, forestry, wildlife management, hydrology, agriculture, urban and regional planning, archa-ology, publie
+3dministration, and disaster analysis.l In cartography, satellite. offer the grut advantage of bridging over relatively unknown regions and plotting accurate pPusitions in relation to known points for shorelines, islands, Within the broad area of geology, glaciers, and ships.
+
+-
+1, We are grateful to the Itek Corporation for this listing, R
+.
+
+R
+Ly cmmel AN e PP OHE
+pw MYy e R
+glacial geology, lithouogy, structural geology, and mineral exploration, Satellites can help contruction engincers take a regional Plished with one or two satellice Pictures, esyecially in relatively inaccessible areas, In hydrology;
+Snow cover and glaciers can be seen "at a glance" from satellites, Optical and infrared forestry, wildlife management, urban Planning, photography, we may judge that, once the Satellites were operating and the pictures widely available, important new applications would be discovered and new benelits realized, Tt is often assumed chut satellite photuyraphs have the great advantage of large area coverage, but that they cannot match conventional aerial photos when high resolution and detail coverage are clesired.:l So far as the limiting capabilities of the two systems are concerned, this is true.
+
+But it is not generally realized that the satellite resolutions achievable now are as good as those of a laige fraction of useful aerial photogfadn made so far.
+
+One informed st:udy2 indicates that satelarea alone of the earth is about S0 million square miles), If either (a) the cost of launch vehicies is paid by governments, or (b) economies associated with frequent launchings become possible, or (c) the areas of interest are particularly inaccessible (like Antarctica), this cost comparison shifts strdngly in favor of satellites.
+
+.
+
+Tt seems evident that realization of the peaceful advantages of observation satellites depends more on overcaming some political l.
+
+We may note, however, that, given reasonzble technological progress, by 1970 the maximum achievable satellite resolution should be limited only by the turbulence of the atmosphere, a problem with which very high<flying aircraft also must contend.
+
+See the accompanying paper,
+"Observation Satellites for Arms Control:
+Technical Capabilities,"
+Coe T
+
+2,
+Conducted by the Itek Corporation.
+b problems and making the right policy choices than it does on technical capabilities,
+"Because they cover the whole earth and all nations can benefit from them, observation satellites should ideally be operated, and the data obtained from them .distributed, on an international basis, The United Nations might, for instance,
+~.
+
+Operate a central repository for sa.tel:iitc photographs which would be available to a1 nations, But as a practical matter it may be fecessary for the United States, initially at least, to undertake some applications and establish some precedents through unilateral actions.
+
+On this score we have some suggestions toward the end of this paper (see below, pp. 41
+-
+45).
+
+## Iti. Military Considerations
+
+It is clear that obscrvation satellites can provide intelligence informatiocn of military value, and it seems reasonable to assume that gathering such intelligence has been their main mission so far, Within the scope of Study FAIR, one additional point: relating to the military intelligence role of satellites stands out:
+there is often not much difference between the type
+-.
+
+## The_Targeting Question
+
+There is, however, one type of intelligence information which seems to require special attention here, viz:
+strategic targeting data, particularly on missile sites and bomber bases, which figure importantly in the over-all strategic equation.
+
+In the context of US attempts to retain some kind of counterforce Cepability, it is conceivable that, if the United States had accurate targeting data, and the mathematics of force sizes and exchange ratios were sufficiently in its favor, it could launch
+4 preventive strike against the Soviet Union (presumably in the hope of forestalling a Soviet attack) and destroy its forces sufficiently to save US cities from retaliation.
+
+From a military standpoint the United States might indeed want such a capability;
+on the other hand, the Soviets would most certainly Prefer that the US not have it and from their standpoint the situation would seem very dangerous.
+
+It is possible that they might eventually be frightered into reckless action, perhaps in the form of a preventive strike of their own.
+
+This the United States would surely not want.
+
+A more J.ikely outmme to the situation may be Soviet efforts to make their forces less vulnerable.
+
+Steps toward less vulnerability could include hardening and dispersal of Soviet forces, or concealment of them, or an but it woulg be made difficult ig there were Operating Even if the missiles could System went into OPeration, concealment were nNecessary, forces increas:
+From the US standpoint, a mobile Soviet capability might be considered militarily undesirable, since it would tend to rule out any chance of protecting the homeland by striking hard and decisively at Soviet strategic forces.
+
+But from the standpoint of longer-term strategic stability, it is clear that much can be said for mobile Soviet strategic foicu.l The Russians would feel a relative sense of sccurity'which might leave them less apt to undertake reckless action such as installing medium~
+range missiles in Cuba to redress the strategic balance.
+
+They might similarly be less inclined to compete with the United States in numbers of bombs or delivery vehicles, th'-..ngh' they cannot realistically be expected to accept the notion of permanent numerical inferiority.
+
+A significant benefit of a Soviet emphasis on mobility, compelled in aeabnant:l._a.l. part by US observation satellites, might be a net decrease in Soviet dependence on cther forms of secrecy as a military asset.
+
+Othep Papers of Study FAIR point out that anything which tends to diminish the Soviet emphasis On Sacrecy may ganerally be considered to be desirebdle.
+
+That is, if the Soviets can make their strategic -forces secure through mobility instead of concealment, so much the better from a Western standpoint.
+
+A
+
+
+## Physical Vulnerabilitz Of Satellites
+
+For the Furposes of this inquiry,
+4 crucial ouestion is whether the Soviets have *he capability physically to0 disable observation Satellites, and, if so, whether they would use it.
+
+The discussion and comments in the United States following the Vostok IIT and Iv flights implied
+
+hat the Soviets might try to destroy op disable US observation satellites if they had the capability.
+
+This is not self-evident.
+
+First of all, the Soviets would need to know at which satellites to shoot, They might be able to decide this largely on the basis of ug laynching data.
+
+At the present time the This would seem to be where the recent Vostok
+{
+exper.ence would be most applicable;
+given Some very v the Soviets probably could ap But this imple thing to achieve, It was evidently intended that Vostok III should be in precis ely the right tining and position for the launching of Vostok IV, but such conditions for the launch of an inspection satellite would almost certainly not be met by non-Soviet satellites that the Soviets might want to inspect.
+
+Thus, a capability for ragid launch, extensive maneuvering in space, and other technically difficult feats would be needed before the Soviets could count on inspecting unidentified satellites.
+
+Furthermore,'it is not at all clear how ciose the inspecting satellite might have to come to the unidentified satellite to examine it carefully
+.
+
+~nough really to determine its mission, as the observation satellite could be made with relatively little trouble to look like another kind of satellite.
+
+If the Soviets knew exactly which satellite they wanted to destroy, their task might be comparstively easy, although still perhaps expensive.
+
+Once they had picked cut the objectiunable satellite, they could compute its ephemeris and make plans for destroying it at a time and place most favorable to the intercepting weapon.
+
+It might not be difficult for them to propel a nuclear weapon up to th.kaatellito alt;tudc at just the right time with a combarltivcly simple rocket.
+
+The situatidn might alter, however, if decoy satellites were used by the United States.
+
+It is theoretically possitle to distinguish decoys from actual observation satellites hy calculating the effects of air drag, could be dj Stinguished.
+
+the task of the satellite destroyer more expensive, So much for Capability, physiculy to destroy or dis would stop once it started.
+
+If each side decided to exercise its military option, rather indiscriminate destruction of satellites and space vehicles could result in fairly short uider, to the point where neither side would be able to carry on its longer-range space program.
+
+One may judge that such a progran is very important to the Soviets in view of the efforts which they have put into it and the extent to which their prestige has been involved.
+
+They would have relatively more to lose in seeing their space program defeated than would the United States, and this is a fact which they are not likely to overlook when they first consider whether or not to shoot at US observation satellites.
+
+In summary, the main military considerations with regard to observation satcllites afe the following:
+(a)
+cthe intelligerice information which satellites can provide may well be of military value;
+(b) US acquisition of prccise targeting data for the Soviet Union may encourage the Soviets to emphasize mobility and hardening in their strategic forces, thereby reducing the threat to them of observation satellites as an aid to a US
+pre-emptivo strike, and at the same t1me allowing the Soviets to feel relatively more secure and thus less apt to undertake certain kinds of reckless action;
+(c) this increased Soviet emphasis on mobility and hardening may be accompanied by a net fringed by observation satelli tes?
+
+Some of the answers may derive Erom dnalogies, Oothers from fhe development of Precedent , and
+
+## Space Photoqraphy
+
+The first analogy which might be emphasized is that between human photography and instrumental photography from space.
+
+After all, the results obtained by both means can be very similar.
+
+The fact that both the United States and the Soviet Union have orbited men who have taken pictures argues in favor of at::epta-nce of the legitimacy of the procedure, a status which may then be extended to the orbiting of photographic instruments.
+
+It is not certain that the USSR has orbited optical satellites, but the film made of Major Titov's flight included some of the photographs which he took in the course of his seventeen orbits, and there may be similaz; releases based on subseguent flights.
+
+Even though the Soviets may insist that these pictures were "peaceftl" and innocuous, they will, regardless cf their intentions, have strengthened the legitimacy of photography from outer space.
+
+## Outer Space O.Nd The High Seas
+
+Another possible analogy is that between outer space and the high seas.
+
+US spokesmen at meetings of the Legal Suncomittce of the UN Committee on the Peaceful Uses of Outer Space', for instance, have compared the US satellites to Soviet trawlers hovering off US coasts with electronic equipment just beyond the three-mile territorial limit.
+
+While the United States certain.}y does not
+"approve"
+of this activity, it does not consider it illegal a-g does not try to terminate it.
+
+The Soviets, however, have never publicly conceded that these vessels are, in fact, engaged in electronic reconnaissance or surveillance.
+
+The Soviet position, as expressed in May 1962 at the Geneva meetings of the Legal Subcommitcee, appears to be that the orbiting of satellites opr other space vehicles is in itself legitimate;
+the question of legality or propriety arises ocnly in connection function of the satellite.
+
+In other words, while in the Soviet view the United States may orbit anything it chooses
+(with the Probable exception of weapons ), observation of territory belonging to a Sovereign nation is illegal and aggressive behavior.
+
+Thus, in their draft from space to be "incompatible with the cbjectives'of mankind in:
+the conquest of outer space."
+One of the difficulties with the high seas anal ogy is that of definintions.
+
+It is universally accepted, for instance, that waters more than twelve miles off-shore are cutside of national Sovereignty (and some nations, including the United restrict territorial waters to six or even three miles).
+
+The United States may, however, prefer not to define the lower limits of "outer space," inasmuch as "airspace"
+is internationally
+
+## Am'
+
+agreed to be within the jurisdiction of the underlying state.l Another problem might result from attempts to apply the law of piracy to outer space,
+&5 the United States may wish to avoid the implication that an inspecticn satellite, designed to ascertain that observation or reconnaissance satellites are not carrying weapons of mass destruction, might be considered a "pirate."
+
+## Satellites And U-2S
+
+Some of the suspicion of illegality surrounding the use of
+'
+observation satellites clearly derives from public identification of satellites with U-2 reconnaissance aircraft.
+
+This equation was buttressed by the early official assurances in 1960 that curtailment of the activities of the latter would not adversely affect the national security, inasmuch as satellites would perform the
+2
+In strictly same function and provide the same informaticu.
+
+legal terms, the equation is ill-founded.
+
+While as an aircrafc
+(that is, a non-orbiting vehicle) the U-2 went through airspace
+1. Vehicles at current orbiting altitudes are generally agreed to be in outer space, not :I.n airspace, but unless there is a4 relatively low ceiling on airspace some countries may not be able to gst 1n and out of space without violating anot nation's
+" sove: eignty."
+See Richard N.
+
+Gardner, "Cooperation in Outer Space," Foreign Affairs, Vol.
+
+41, No.
+
+2 (Janusry 1962), p.
+
+34S.
+
+and unmistakably came within the'jurisdiction of the sovereignty of the underlying state, this concept is not automatically applicable to outer space.
+
+'the UN General Assembly, in its Resolution
+1721 (Part A) of
+20 December 1961, commended to Statcs the principle that "outer space and celestial bodies are free for exploration and use by all States in conformity with international law and are not subject to national appropriation."
+Thus such use by the Unituod States for the orbiting of observation satellites is not, in the absence of more specific injunctions, necessarily illegal.
+
+Still, se_long as the military reconnaissance function of the observation satellites ic emphasized at the expense of non-military functions, the identification of U-2s with satellites is likely to continue, especially since the Soviets find this to their advantage.
+
+## Sovereignty, Secrecy, And Satellites
+
+Even if it is concluded that there are no existing legal barrfiers to observation from space, either by instruments or human beings, objections to the practice may still be raised.
+
+It is not only the Soviets who claim that determination of howrmuch information about one's society will be furnished to other nations is an inherent attribute of sovereignty;
+many US allies and neutral countries are equally jealous of their supposed prerogatives.
+
+But certainly it is the Soviets who are most articulate about their concern, and who fe:l most threatened by US insistence on the right to orbit photographic satellites.
+
+Some US spokesmen, on the other hand, have criticized the quiet Union for maintaining maximum secrecy as the foundation of its entire society, ancl have warned tha: such secrecy is becoming obsolete in the face of confiemporary technological developments.
+
+One of
+:he subsidiary purposes of the satellite program, in fact, may be to prove to the Soviets that their concepts of secracy are ocutmoded and impossible to perpetuate.
+
+The above-cited General Assembly resolution may be interpreted as implying that the orbiting of observation satellites is not in and of itself :llleg'al.1
+To expect the Russians to agree at the present time is clearly unrealistic.
+
+But it is not necessary that they should agres now.
+
+Soviet society is changing rapidly, and what nolds true today may no longer be true tomorrow.
+
+At the same time it must be recognized that the rest of the world is not standing still either, so that a significant internatidnal consensus on matters of law and political philosophy, while certainly a distant dream, may not be unrealizadle.
+
+.___-'_'-_____._____
+The question of sovereignty remains an open one.
+
+The Soviets m&y depend on Secrecy for their security, but the Uniced States seeiks curtain kinds of intelligence information for its security, and the two convictions are incompatible.
+
+This is inevitable in
+4 world of disunity and disagreement.
+
+1In the absence of a worid government to resolve such questions and enfcrce its it is each nation! S task to implement its conviction to the best of its ability, in the light of the limitations imposed by the opposition of other nations.
+
+Thus we may tentatively answer the questions raised at the beginning cf this section as follows:
+(a)
+the free use of Outer Space, implicitly including the orbiting of observation satelappears to be accepted by the UN General Assembly as legitimace, although the Communist countiies do not agree;
+(b) the legitina ey of manned or weather satellites is more universally accepted than that of reconnaissance satellites;
+(c) even if there is a distinct: on between photography by instruments and photo-
+" graphy by human beings, the Onited States may wish to de-emphasize it;
+(d) the line between "airspace" and "outer space" has not;
+yet been drawn, though the U-
+2 is clearly in the former (and therefore illegal when over countries objecting to it) and satellites are Clearly in the latter;
+the maintenance of widespread secreny, but it may also be upheld to the extent that they assist in the self-cefense of the country doing the orbiting.
+
+In general, tfie legal picture is clouded and obscure, which leaves open the possibility that ihe United States fiight be able to set unilateral precedents for the accepted international law of the future.
+
+## V. Political-Psychological Factors
+
+The political and psychological factors involved in an obser=
+vation satellite program are of rather more immediate import than the legal issues, and are perhaps as significant as the military considerations.
+
+They relate to the over-all image which the United States presents to the world, and wfiich the US Government presents to its citizens.
+
+The problem faced by US policy-makers in this area is, essentially, one of ofitaining information in such a way as to provoke as little opposition as possible from other nations, especially the Soviet Union, while eliciting the widest possible national and international sfipport.
+
+Thncochpt offlflpwovoggt;on"
+is an eiusive one, With rer:rence to the USSR, it may fairly be said that almost anything which the US does affecti
+.g Soviet society is bound to be 'provocative"
+in scme way.
+
+Of course, the Soviets may consider some actions more threatening than others, but it is often impossible to judge less unpalatable
+"he Mmear.time, however, faced with Several comp]ex Questions, for instance, vill the the Stability of the Soviet at least until i* beromes evident in the structure of Soviet society itself.
+
+De-emphasizing the military reconnaissance aspect of satellite observation in favor of its non-military potential might be reassuring not only to the Soviet Union, but also to other countries wlere concern has been cipressed about us belligerence.l
+
+## Us_Image Abroad
+
+This brings us to consideration of the image which the United States may be presenting to the rest of the world.
+
+It has made a public commitment (in the United Nations and elsewhere)
+O
+support the peaceful uses of outer space.
+
+The general identification of "peaceful" with "non-military" inevitably brings the United States under suspicion of using space for belligerent purposes, since
+':s reconnaissance satellite program is the exc].u?
+
+sive responsibility of the armed serviczz Turning the program in toto over to a civilian agency might result :n a de-emphasis of the military aspects of satellite development.
+
+However, it
+-
+1.
+
+See, for example, the results of polls in the United Kingdom
+- and France conducted by the United States Information Agency in May 1960, which were published in The New York Times on
+27 October 1960, p.
+
+28.
+
+Forty-eight per cent of 1,150 British respondents, and forty-nine per cent of 1,000 French respondents, held tiat the US was not doing all it should to prevent a new world war (vs.
+
+thirty-three per cent and twenty-nine per cent, respectively, who held that it was).
+
+Sixty-two per cent of the British and fifcy-nine per cent of the French believed, similarly, that the USSR was not doing all it should to prevent war (vs. thirteen per cent and eighteen per cent who believed that it was).
+
+29
+.
+
+would have two obvious disadvantages:
+first, it would Suggest, erroneously, that the military was incapable of being useful in Peaceful activities, and second, it might simply transfer sus-
+Picions already aroused to other programs carried on by the gram into two parts, one to remain essentially military and classified and the .other to be civilian and open (see below, It is brobably unwise in any case, when dealing with public relations, to try to treat one aspect of US policy as entirely Separate from others.
+
+' De-emphasis of the uilitumy'uacs'ot"satela lites, for example, problem is not really one of peaceful observation, but rather of the peaceful uses of the knowledge gained through observation, and this is somsthing which can nnly be demonstrated over a period of time, not broved by opvopaganda or pronouncements.
+
+## The Public Press
+
+There is one aspect of US policy, however, which is a thing apart, and that is the press relations of the satellite program.
+
+I=s special nature derives from the change in policy in 1962
+which drastically 'redu_ced the information available to the public
+(=ece above, PP.
+
+2
+-
+J).
+
+Thus newsmen, in the absence of de=-
+tailed and specific information, tend to incorporate recent releases into what they learned in 1960 and 1961, when such in-
+
+formation was being disclosed.
+
+The reiultcnt speculation is frequently of such a nature as to create more apprehension and
+'
+uncertainty among the various audiences and readerships than might be the case if more authoritative or official data ware distribi ted.
+
+The most cbvious solution seems tc be to make such data available to the news media.
+
+The spy-in-the-sky image of US
+observation satellites could not be changed overnight, but it is certainly in order to begin thinking about the ways in which a gradual modification might come about.
+
+We do not intend to Suggest that the satellite program should be declassified immediately, with all details disclosed to the public;
+it weuld he useful, however, as a first step, to replace some of the speculation by actual fact.l In any case, it may perhaps be assumed that the scope and extent of the US observation satellite program will eventually be known.
+
+This could come about in any of several ways:
+the USSR
+might, for reasons of its own, decide to disakle or destroy an objectionable satellite;
+the United States might wish to offer the Satellite System to help inspect an arms control agreement;
+there might be disclosures to certain elements of the prese by individual government officials;
+or, perhaps most .realistically, in order fully to explo.= the peaceful potential of the satellite system the United States might in time find it advisable to reveal or demonstrate the value of the program.
+
+When this happens, the United States will somehow have to cope with the "history"
+of secrecy and even defensiveness which will have been crested.
+
+In sum, the UnitedStates mast pay some attentiofi to the image which it presents to the rest of the world when determining a policy for its observation sitellite system.
+
+Impressions of undue belligerence should be countered by demonstrations of peaceful intent and utility.
+
+While it is not essential to deprive the military of parcici'patiun in or even directidn of work in peadeful
+(though not necessarily non-military) areas, it is important to de-emphasize the military aspects of the system as a whole.
+
+Relations with the press may be particularly difficult to handle, due to past changes in policy which have 1:ft reporters less informed today than they once were.
+
+It is to be hoped that greater coope.ration between press and program dimct'ors may be achieved in the
+' future, especially in light of the 11k-iihood that the scope of the program will someday become known.
+
+## Vi. The Choices
+
+The alternatives open to US decision-makers in terms of the emphasis of the satellite program are, broadly, two:
+the United States may attempt to maintain secrecy insofar and as long as possible;
+or it may make a carefully planned and widely based effort to legitimize the principle of observation from outer space.
+
+There are certain further choices regarding direction and control of the program.
+
+We shall consider these possibilities in turn, in the light of the. vearious factors covered in the preceding sections.
+
+## Maintenance Of Secrecy
+
+To the extent that the military and intelligence agencies have never been obliged to announce in detail what .they are doing, there may be sound precedent for maintaining secrecy with regard to the observation satellite program.
+
+There are s of course, certain limitations on secrecy, especially in the United States, one being the impossibility of comealit;g the launchings altogether, and another, the obligation to reporf: launchings to the UN General Assembly (see above, pp.
+
+4
+-
+6)..
+
+However, as long as there is no official acknowledgement of the observation satellite program, there are arguments in favor of maintaining a certain amount cf discretion.
+
+For one thing, official acknowledgement of the program might compel the Soviets to react to it in some way, perhaps by challenging its legality in the United Nations.
+
+Than the United States might find itself under pressure to reduce the program, as happened in tho case of the U-2, In addition, the sorting out of satellites by mission would certainly make the development of countermeasures easier.
+
+r-'ina.uy,' by maintaining secrecy, the United States also maintains the greatest possible emount of flexibility and, similarly, of imprecision, thereby making it difficult for the Soviet Union, or any other country, to know exactly what is going on.
+
+## =
+
+Other pressures in faver of a policy of secrecy include a reluctance to assist the Soviets in determining the relative value of information obtained by the United States from observation satellites compared to that obtained from other sourees.l In other words, whiie the Soviets probably know generally what the United States is doing in this area, it is unlikely that they know precisely what information comes from where.
+
+It would seem advisable to keep them ignorant of this fact as long as possible, and certainly om way of doing this would be to treat even "innocucus"
+lavnchings the same way as actual launchings of reconnaissance satellites.
+
+Also, US policy-makers would prefer te avoid embarrassing the Soviets unduly, should the ex':ent of US surveillance become known as happened with the U-2, A policy of secrecy minimizes the involvement of national prestige on either side.
+
+The advantages of secrecy must be weighed against the drawbacks and disadvantages of such a policy.
+
+Some of these have been noted in previous sections.
+
+One is the insistence of the press on handling the launching stories in terms of the record which was created during the relatively open period of 1960-1961.
+
+Another s the possible damage to the image of the United States as
+& country publicly committed to the support of the "peaceful uses
+1.
+
+A related pressure is the intelligence tradition which rules out identifying the origins of one's information, lest the
+"sources" be compromised.
+
+'
+' of outer space," as Se2recy inevitably raises suspicions about us space activities.
+
+An additional public relations problem is SOViet:s themselves have already practiced the latter.
+
+Another is the development of analogies between outer space and the high seas.
+
+3 third possibility, perhaps most promising, is a new emphasis on, and demonstration of s Some of the manifestly Peaceiul uses of observation satellites, expected to keep up with the unclassified literature in the field.
+
+At the same time, the United States would wish not to confrort the Soviets with a embarrassing is:uc vhich they would fina difficult to overlook.
+
+This is a further reason for emphasizing the peaceful benefits obtainable from observation satellites rather than their intelligence capability.
+
+The issue of national prestige as a whols, however, may well be irrelevant.
+
+To a sophisticated audience, the capabilities of observation satellites may be no more than a ainor technical innovation;
+to an unsophisticated audience, they may be so incomprehensible as to be unimpressive.
+
+In terms of any great impact on public opinion, details of the space effort,v prior to the stag
+of interplanetary travel, may be ocut of date, as each successive space achievemsnt is less newsworthy than the last.
+
+Far more important than cailing attention to the ;trict technical capability ol taking pictures would be a new stress on ;hc arfius contro; and other peaceful lppiications of observation Qatcnitcs.
+
+In addition, ths general image of the United States as a country practicing openness and honesty in its dealing; with the rest of the world would be fostered bv attempts to make the satellite program acceptable instead of continuing to conceal its scope as long as possible.
+
+## Directicn And Control  T Control
+
+While alternatives in the emphasis and presentation of the US satellite program provide the most basic choices for government policy-makers in this field, alternative methods of directing the program also merit Scme examination.
+
+We have suggested above
+(see .
+
+30) the possibility of an initial and te.
+
+sporary division of the program into distinct civilian and milicary spheres, thereby permitting concomitant development of its non-military and military applications, There are also, however, problems of. national vs.
+
+international control.
+
+It has been suggested, for example, that the US transfer an operational satellite system to the 'nited Nations, so that the international community itself might monitor the military threats Posed by any one country to another, while simultaneously developing the peaceful uses of the system.
+
+' In this way, the system itself, at least, need not be construed as a threat.
+
+But the United Nations is only the sum of its parts, and sometimes it is sven less than that.
+
+It is not organized at the present time to administer a system of such techriological and political complexity, nor is it reasonable to assume that it will be able to do so in the foreseeable future., The immediate economic and social problems with which the UN Secretariat is trying to deal already tax the financial and intellectual resources of the organization to the utmost.
+
+Thus, while international control may be an ultimate goal, it is not a realistic alternative for the present.
+
+Tie possibility way arise again._however.
+
+in conjunction with an arms contrel treety.
+
+where it would be necessary to equip the control organization with all available means for ascertaining that the 2qreements were being adhered to.
+
+Observation satellites could influence arms control efforts, both as a method for verifying compliance and as
+4 unilateral method for obtaining information to affect attitudes tcward arms control as such.1
+Fov in-
+Stance, it may well be that the technical potentialities of the Satellite system would significantly lessen the requirements for verification by other means, to the point ot permitting che United States to reach
+4 compromise with the Soviet Union on the degree of additional (ground) inspection which a treaty should specify The system might ventually also be helpfulin another way, namely, by convincing the Soviets thatr they need have no objection to an internaticnal inspection program because of the inroads on their nilitary secrecy which an observation satellite system would alreadv have nade.
+
+____.___._______________________._.__._________________
+l.
+
+See the daccompanying baper,
+"Obserwvation Satellites for Arms Control:
+Concepts and Applications. "
+1In the context of a negotiated agreement, there may be scme inspection tasks which airplanes could carry out more cheaply or more effectively than satellices.
+
+irements.
+
+The Unit ed States wishes to avoid being unduly Provocative to the Soviets--and at the same time Prove that secrecy in all fo?ms is becoming obsolete.
+
+It would like to demonstrate the peaceful uses of observation satellites--without revealing militarily essential information.
+
+It wants to set up a legitimate basis for satellite observation;-in the face of explicit and adamant Soviet opposition., It would like to reshape its press and public information program--without unnecessarily embarrassing the Soviets.
+
+IJt wishes to create and foster a consisgent image of itself as dcicatod to the peaceful uses of outer space--even though the military applications of observation satellites are much better known and understood.
+
+In essence, the United States wants to continua to develop its observation satellite system--
+but without incurring international disapproval.
+
+Clearly, all these requirements cannot be reconciled.
+
+How~
+ever, certain beginnings, certain compromises, certain initiatives can be undertaken even_ndw.
+
+In the following section we make a number of suggestions regarding steps which might be contemplated in the immediate future.
+
+## Vii. Suggestions
+
+On the basis of the foregoing discussion, we wish to indicate certain reasonable first steps in the implementation of a policy designed to develop the full potential for usefulness of the observation satellite system.
+
+Rather than Attempt to outline a clea rly Great popular interest in these pictures may be expected.
+
+Such interest srould be fostered by photo interprecation pointing out the most noteworthy features, along with emphasis on whatever scientific value they might have.
+
+While the United States would hope to create a maximum favorable impact with the photographs, it should avoid giving the impression that their release is the result of a solemn declassification decision or that there is risk of offending the Soviets or anyone else in publicizing them.
+
+If the opportunity arises, the US might let it be known that it would appreciate seeing similar photographs of US territory made by the Sovier cosmonauts.
+
+Another initial step, following the first in a matter of a few months, might be ar announcement that the United States is going to map Antarctica with sateliites.
+
+Sc far a little over ten per cent of the six million square miles has been covered by a mapping program.
+
+Cost estimates for completing the job, with airplanes and over a period of at least several years, are in the
+$40 to $50 million rarge, and these may run higher when all costs are included.
+
+It seems very likely that the job could be done more eeonomically and more efficiently with two or three sateilites, using cameras and vehicles that are not even the best available in the present state of the ar-.
+
+moreover, this would be a first step toward realizing some of the peaceful benefitsvfrom observation satellites, of which there will be more in the futfire.
+
+convenienC'nor accurate fop Atlas, would be suj tabl Satelliteg, Tlie
+:
+0 anathes civilian lau ching from military
+\\\-s ewee ---\
+1o Lee vp SCcumpany
+3 g paper,
+"Ohge Arms Control;
+=
+Tvation S3co3
+
+Wechniecal Capab ilitjes.
+facidities.
+
+wWe would recommend the release of Antarctica maps, perhaps on two or tiree different scales, making them avaiiable thiough the normal channels for distribution of scientific and Fntarctica data.
+
+It would be desirable to publicize the utility of the maps and the means whereby they were made, but it should be pcssible to avoid implying that a volicy change had thereby been implemented.
+
+It is important to note here that releasing the Antarctica maps would reveal essentially nothing about US satellite reconnaissance capability.
+
+They would repvesent something less than ths maximum results now echievable, and it is certain that the Soviets already know that the United States is capable of conducting such
+
+_
+a program.
+For Optimum effect,
+the available information on the
+vehicles and cameras should be made as complete as possible. but
+if
+ic
+is not possible to disclose all the design details because
+some of them might relate exclusively to classified reconnaissance
+satellites,
+this information should be withheld as inconspicuously
+as possible.
+Probably there are some prncedsnts for such
+a prn-
+_cedure
+in prnvious NASA space activity.
+
+## General Climate Of Opinion
+
+_While these first two steps are teing taken, efforts must also be made to create a favorable climate of opinion for observation satellite activity, n the course of consciously undertaking to legitimize Such activ ity, tha Unic able reactiong from the Suviets.
+
+71t clearly but ;;5.
+
+2nt of Soviet consent., The
+
+In addition, the Unived Stites might the Soviets tc release more da ta the Communist bloc, In brief, US planners should expesct to respond promptly to Soviet challenges, but they should not allow themselves to provoke avoidable arguments.
+
+After the Antarctica maps have been released, the next task might be the mapping of some relatively u'nexplored parts of the world, perhaps alohg with some resource studias of chese areas.
+
+It should not be difficult to do this work at the request of an African, Asian, or South American councry.
+
+Another possibmty would be to chart the waters below the equator near Australia, where many of the reefs and islands are improperly located ard thus a hazard to sailors.
+
+n additional NASA satellite or even two might be required for these purposes, though the excess rilming capacity inherent in the Antarctica mapping satellites themselves should not bs overlooked.
+
+It should generally be possible to avoid taking, or at least publishing, picturcs of areas where US efforts are not welcome, but care should probably be exercised to avcid establishing the principle of photographing only dhcn requested to do so by the nation or nations concerned.
+
+Perhaps the cccasional relsase of low-resolution photogoaphs of the Soviet Union or the Chinese mainlard would serve to inhibit such a contingercy; a picture by Major L. Gordon Cooper of a portion of China, covered by clouds, has already been published.l
+_'--________'
+
+1.
+Life Magazine,
+7 June 1963,
+p.
+29.
+
+## Of Peacefyl Space Activi-- -Ye
+
+Up to this point, we have envisaged five or gix NASA sacellites and a time period of some two years.
+
+We mey assume tha:
+a classified reconnaissance Satellite program will have been going forward concurrently, an announcement that the United States b2
+in accord with the US over-all peaceful aspirations, the already demonstrated benefits of the NASA program, and the realization that technology is carrying mankind inevitably toward a more open and interdependent world.
+
+From this point on it should be possible to bring about a gradual merger of the continuing MASA program and the classified military program.
+
+Subsequent developments would depend mor: on concomitant legal, poltical, and military considerations than on unildteral decisions by us policy-makers., Tt may be that the United States could corcider at that time doing some work under UN auspices or making some observations explicitly for arms cortrol purposes, The classified satellites may, in any case, have been gathering information of value for arms control even before the transitiosnal pericd, In conclusion, there is no need at this time to make a crecy and Jegitimiza:ion, but neither ard exploiting the Peaceful applications of observation satellites.
+
+It is to be hoped

markdown/misc/panetta-1987.md

@@ -0,0 +1,38 @@
+"(2) All workpapers of the Comptroller General and gll records and property of the Central Intelligence Agency that the Comptroller General uses during an audit or evaluation under this section shall remain in facilities provided by the Central Intelligence Agency. Procedures established by the Comptroller General pursuant to paragraph
+(1) of this subsection shall include provisions specifying the method and duration of any temporary removal of workpapers from facilities providsd by the Oentral Intetligemce Agency.
+
+"(3) Before initiating an audit or evaluation under this section, the Comptroller General shall provide the Director of Central Intelligence with the names and other relevant information concerning each officer and employee of the General Accounting Office who may have access to, or otherwise be provided with, classified or other sensitive information in connection with an audit or evaluation for purposes of security clearance reviews. The Director of Central Intelligence shall complete the necessary security clearance reviews on an expedited basis.
+
+"(4) The Comptroller General shall provide the Director of Central Intelligence with the name of each officer and employee of the General Accounting Office who has obtained a security clearance from the Central Intelligence Agency and to whom, upon proper identification, the officers, employees, records, and property of the Central Intelligence Agency shall be made available in carrying out this section.
+
+"(e) This section may be superseded only by a law enacted after the date of enactment of this section specifically repealing or amending this section.
+
+"(f) The authority provided in this section is in addition to the authority that the Comptroller General has to investigate, audit, and evaluate the financial transactions, programs, and activities of any other establishment or agency of the Government of the United States.".
+
+(b) The table of sections for chapter
+35
+of title
+31, United States Code, is amended by inserting after the item relating to section 3523 the following new item:
+3n. Audit of Contral Intelligence Agency activities."".
+
+Sec.
+
+8.
+
+(a)
+Section 3524
+of title
+31, United States Code, is amended
+
+(1)
+in
+the
+first
+sentence
+of subsection
+(a)(1),
+by
+striking out "The" and inserting in lieu thereof the following: "Except with respect to audits or evaluations of the Central Intelligence Agency as provided in section 3523a, of this title, the';
+(2) in subsection (c), by inserting "(other than activities conducted by the Central Intelligence Agency)"
+after "activities";
+(8) by amending subsection (d) to read as follows:

markdown/misc/prather.md

@@ -0,0 +1,337 @@
+United States Marine Corps
+             Command and Staff College
+               Marine Corps University
+                     2076 South Street
+Marine Corps Combat Development Command
+         Quantico, Virginia  22134-5068
+
+## Master Of Military Studies Title:
+
+George Washington, America's First Director of Military Intelligence SUBMITTED IN PARTIAL FULFILLMENT
+OF THE REQUIREMENTS FOR THE DEGREE OF
+MASTER OF MILITARY STUDIES
+
+## Author:
+
+LCDR MICHAEL S. PRATHER, USN, CG-7
+
+## Ay 2001-02
+
+Mentor:  Dr. John B. Matthews Approved: Date: Mentor:  LtCol David A. Kelley, USMC Approved: Date:
+
+## Report Documentation Page
+
+Public reporting burder for this collection of information is estibated to average 1 hour per response, including the time for reviewing instructions, searching existing data sources, gathering and maintaining the data needed, and completing and reviewing this collection of information. Send comments regarding this burden estimate or any other aspect of this collection of information, including suggestions for reducing this burder to Department of Defense, Washington Headquarters Services, Directorate for Information Operations and Reports (0704-0188), 1215 Jefferson Davis Highway, Suite 1204, Arlington, VA 22202-4302. Respondents should be aware that notwithstanding any other provision of law, no person shall be subject to any penalty for failing to comply with a collection of information if it does not display a currently valid OMB control number. PLEASE DO NOT RETURN YOUR FORM TO THE ABOVE ADDRESS.
+
+1. REPORT DATE (DD-MM-YYYY) 01-07-2002
+
+2. REPORT TYPE Student research paper
+4. TITLE AND SUBTITLE George Washington, America's First Director of Military Intelligence Unclassified 6. AUTHOR(S) Prather, Michael S. ; 7. PERFORMING ORGANIZATION NAME AND ADDRESS USMC Command and Staff College 2076 South Street MCCDC Quantico, VA22134-5068 9. SPONSORING/MONITORING AGENCY NAME AND ADDRESS USMC Command and Staff College 2076 South Street MCCDC Quantico, VA22134-5068 12. DISTRIBUTION/AVAILABILITY STATEMENT APUBLIC RELEASE , 13. SUPPLEMENTARY NOTES 14. ABSTRACT See report. 15. SUBJECT TERMS
+16. SECURITY CLASSIFICATION OF:
+17. LIMITATION OF ABSTRACT Public Release
+a. REPORT Unclassified
+b. ABSTRACT Unclassified
+c. THIS PAGE Unclassified
+3. DATES COVERED (FROM - TO) xx-xx-2001 to xx-xx-2002
+5a. CONTRACT NUMBER 5b. GRANT NUMBER 5c. PROGRAM ELEMENT NUMBER 5d. PROJECT NUMBER 5e. TASK NUMBER 5f. WORK UNIT NUMBER
+8. PERFORMING ORGANIZATION REPORT NUMBER
+10. SPONSOR/MONITOR'S ACRONYM(S) 11. SPONSOR/MONITOR'S REPORT NUMBER(S)
+19. NAME OF RESPONSIBLE PERSON EM114, (blank) lfenster@dtic.mil
+18. NUMBER OF PAGES 56
+19b. TELEPHONE NUMBER
+International Area Code Area Code Telephone Number 703767-9007 DSN 427-9007
+
+Standard Form 298 (Rev. 8-98)
+Prescribed by ANSI Std Z39.18
+
+## Report Documentation Page
+
+public reporting burden for this collection of information is estimated to average 1 hour per response, including the time for reviewing instructions, searching existing data sources, gathering and maintaining the data needed, and completing and reviewing the collection of information.  Send comments regarding this burden estimate or any other aspect of this collection of information, including suggestions for reducing this burden, to Washington headquarters services, directorate for information operations and reports, 1215 Jefferson davis highway, suite 1204, Arlington, VA  22202-4302, and to the office of management and budget, paperwork reduction project (0704-0188)  Washington, dc  20503
+1.  AGENCY USE ONLY (LEAVE BLANK)
+2.  REPORT DATE
+3.  REPORT TYPE AND DATES COVERED STUDENT RESEARCH PAPER
+4.  TITLE AND SUBTITLE
+5.  FUNDING NUMBERS
+      N/A
+GEORGE WASHINGTON, AMERICA'S FIRST DIRECTOR OF MILITARY INTELLIGENCE 6.  AUTHOR(S) MICHAEL S. PRATHER, LCDR USN 7.  PERFORMING ORGANIZATION NAME(S) AND ADDRESS(ES)
+8.  PERFORMING ORGANIZATION REPORT NUMBER
+     NONE
+    USMC COMMAND AND STAFF COLLEGE
+    2076 SOUTH STREET, MCCDC, QUANTICO, VA  22134-5068 9.  SPONSORING/MONITORING AGENCY NAME(S) AND ADDRESS(ES)
+10. SPONSORING/MONITORING AGENCY REPORT NUMBER:
+     SAME AS #7.
+      NONE
+
+## 11.  Supplementary Notes
+
+      NONE
+12A.  DISTRIBUTION/AVAILABILITY STATEMENT
+12B.  DISTRIBUTION CODE
+      NO RESTRICTIONS
+      N/A
+
+ABSTRACT (MAXIMUM 200 WORDS)
+Thesis:  George Washington, as Commander-in-Chief of the Continental Army led this nation to victory and independence in the American War for Independence.  Victory was facilitated by his direct and effective use of intelligence sources and methods.
+
+Discussion:  During the American War for Independence, intelligence information regarding location, movement, and disposition of British forces allowed the Continental Army to fight on its own terms and stymie British efforts to quell the revolution.  General George Washington, as Commanding General of the Continental Army, was aware of the value of intelligence in the proper conduct of military operations.  Washington literally became America's first director of military intelligence.  He directed the intelligence operations that were conducted, and performed his own analysis.  The Continental Army's effectiveness in intelligence includes examples of the proper use of espionage, counterintelligence, communications security, codebreaking, deception, operational security, surveillance, reconnaissance, reporting and analysis.  Time after time, the Americans were properly prepared with good intelligence ultimately resulting in independence from the British.  These intelligence successes can be directly attributed to the direction of General George Washington and the actions of his operatives.
+
+## 15.  Number Of Pages: 54 14.  Subject Terms (Key Words On Which To Perform Search) George Washington, Intelligence, American Revolution, Spies, Espionage, Reconnaissance, Us History, Us Army 16.  Price Code:  N/A
+
+18.  SECURITY CLASSIFICATION OF THIS PAGE:
+19.  SECURITY CLASSIFICATION OF ABSTRACT
+      UNCLASSIFIED
+UNCLASSIFIED
+UNCLASSIFIED
+
+## Disclaimer
+
+THE OPINIONS AND CONCLUSIONS EXPRESSED HEREIN ARE THOSE OF
+THE INDIVIDUAL STUDENT AUTHOR AND DO NOT NECESSARILY
+REPRESENT THE VIEWS OF EITHER THE MARINE CORPS COMMAND AND
+STAFF COLLEGE OR ANY OTHER GOVERNMENTAL AGENCY.  REFERENCES
+TO THIS STUDY SHOULD INCLUDE THE FOREGOING STATEMENT.
+
+QUOTATION FROM, ABSTRACTION FROM, OR REPRODUCTION OF ALL OR
+ANY PART OF THIS DOCUMENT IS PERMITTED PROVIDED PROPER
+ACKNOWLEDGEMENT IS MADE.
+
+## Executive Summary
+
+Title:
+George Washington, America's First Director of Military Intelligence Author:
+LCDR Michael S. Prather, USN, CG-7
+Thesis:
+George Washington, as Commander-in-Chief of the Continental Army led this nation to victory and independence in the American Revolution.  Victory was facilitated by his direct and effective use of intelligence sources and methods.
+
+Discussion:
+During the American War for Independence, intelligence information regarding location, movement, and disposition of British forces allowed the Continental Army to fight on its own terms and stymie British efforts to quell the revolution.  General George Washington, as Commanding General of the Continental Army, was aware of the value of intelligence in the proper conduct of military operations.  Washington literally became America's first director of military intelligence.  He directed the operations that were conducted, and performed his own analysis.  The Continental Army's effectiveness in intelligence includes examples of the proper use of espionage, counterintelligence, communications security, codebreaking, deception, operational security, surveillance, reconnaissance, reporting and analysis.  Time after time, the Americans were properly prepared with good intelligence ultimately resulting in independence from the British.  These intelligence successes can be directly attributed to the direction of George Washington and the actions of his operatives.
+
+Conclusion(s) or Recommendations:  Military professionals, particularly intelligence professionals, can learn much about the basic necessities of conducting successful intelligence operations in support of military operations. Recommend that a short analysis of the history of intelligence operations be added to training programs for new intelligence personnel.
+
+## Introduction.
+
+During the American War for Independence, from Lexington and Concord in April, 1775, to Yorktown in October, 1781, intelligence information regarding location, movement, and disposition of British forces allowed the armed forces of the rebellious colonies to fight on their own terms and stymie British efforts to quell the revolution.  General George Washington, as Commanding General of the Continental Army, was acutely aware of the value of intelligence in the proper conduct of military operations.  Washington literally became America's first director of military intelligence.  However, Washington was also very careful not to divulge his sources or methods even late in his life.  Much of what we know today is reconstructed from what was revealed in later years by his various agents.  Although there were individuals who had been identified as responsible for intelligence operations, General Washington directed the operations that were conducted, and performed his own analysis.  The Continental Army's effectiveness in intelligence includes examples of the proper use of espionage, counterintelligence, communications security, codebreaking, deception, operational security, surveillance, reconnaissance, reporting and analysis.  Many of the major and minor engagements of the American War for Independence are punctuated by the intelligence successes or failures that contributed to their outcome.
+
+Accurate intelligence was crucial to Washington because of a poverty of resources with which to battle the British.  Unable to muster a large, well-trained army, he resorted to a strategy of surprise attacks and hit-and-run raids on British outposts, such as the Christmas night descent on the unwary Hessians.  Intelligence enabled him to perceive the strengths and weaknesses of both his own force and those of the enemy.  With this knowledge, he was able to mask his own weaknesses while exploiting those of his adversaries.1
+Fortunately for the Colonies, time after time, the Americans were properly prepared with good intelligence ultimately resulting in independence from the British. These intelligence successes can be directly attributed to the direction of George Washington and the actions of his operatives.
+
+## Background.
+
+General George Washington was reared in Northern Virginia on the edges of civilization.  He learned at an early age how to be an effective frontiersman.  This carried over to his youth when he was appointed adjutant of
+
+the southern district in the Virginia Militia at the age of twenty-one.2  In 1753, it had become apparent that the French were encroaching into British territory in Pennsylvania and Ohio.  George Washington was sent to his destiny as a practitioner of intelligence.  He was ordered to scout the area in question and determine locations and strength of the French garrisons.  He located Fort Leboeuf
+(in today's northwestern Pennsylvania), scouted it, and provided startlingly detailed reports to the Royal Governor.  He was rewarded by being ordered to raise a force and build his own fort in the Ohio valley and was authorized to engage any French who opposed him.  This resulted in a minor skirmish won by Washington's forces (before his eventual withdrawal from that fort, Fort Necessity).  Thus, the opening acts of the French and Indian war were conducted by Washington and initiated by his intelligence collection mission.3  Later, during the French and Indian War, his appreciation for the value of intelligence was reinforced by his experiences while accompanying General Edward Braddock on the disastrous campaign to Fort Duquesne.  The British defeat is a direct
+
+result of the complete lack of intelligence regarding the strength of the French garrison.  Washington learned this lesson and carried it with him as he barely escaped with his life.4
+When the American Revolution broke out, George Washington was appointed as the overall commander of the Continental Army in June, 1775.  He arrived on the outskirts of Boston and assumed command of the army besieging the British in July.  He likely inherited what was left of the pre-existing intelligence network established by Dr. Joseph Warren and Paul Revere and built upon it.5  As the war progressed, Washington became a true master of the intelligence trade.  He recognized the value of accurate intelligence and regarded it as one of his most important duties.6  Despite the fact that he had many other duties, he refused to delegate that responsibility (except for the actual field collection) to someone else.7
+Washington parlayed his ability to acquire accurate knowledge of the enemy into success on the battlefield.
+
+Realizing that his army was not going to be able to match the British in open battle, Washington adopted a strategy of picking his battles, avoiding most major engagements and outlasting the enemy.8  In order to pursue this strategy, it was necessary to know what the British plans were. Therefore, he developed an advanced network of operatives, spies, and surveillance and reconnaissance units. Intelligence gleaned from this apparatus served to place him in position to strike small portions of the British Army as at Trenton, Princeton, and Yorktown.  Ultimately this strategy worked, the British were tired, harried and much more concerned with the expanded war with France and Spain, than the recalcitrant colonies.
+
+## Intelligence Support To Operations:
+
+Boston (1775-1776).  Upon assumption of command of the Continental Army, Washington was anxious to ensure that he knew every intention of the enemy.  Recognizing this continuing need for information he almost immediately began building upon what was left of the pre-war operation organized by Dr. Joseph Warren operating in Boston.9
+$333 1/3 was the first large entry in his ledger and it was to fund an unknown agent's activities in Boston.10  For the safety of his sources, Washington was careful not to name his agents in his operational and expenditure reports.
+
+Despite British desires to keep spies from entering and exiting Boston, Washington was well informed of British activities.  Probably one of the most imaginative and easy ways in which agents entered and exited Boston was by way of fishing ships.  The British were not very diligent in policing who would depart and arrive in these ships.  The Americans would include a spy among the crew leaving port and then drop him off outside of town and pick up the next agent to enter Boston.11
+The majority of reporting was of the routine sort regarding such things as British troop strength, resupply intentions, and defensive positions.  In early 1776, the Americans tightened the cordon around Boston by placing artillery on Dorcester Heights threatening the British positions in the city.  The British decided that the city was not defendable and evacuated to Halifax before descending on New York City.
+
+New York (1776).  Washington was most certainly aware that the British intended to move to New York, however he seemed unprepared for that movement.  The British began the campaign for this strategic city in June, 1776.  Washington did not already have a spy network in place when the British arrived, and it showed.  Throughout the summer, the British defeated and outmaneuvered the Continentals time and again (at places such as Long Island, Harlem Heights and Fort Washington).  Washington seemed not to know when or where he would be attacked.  Only a familiarity with the local area and British inability to close in a timely manner prevented the Continental Army from being destroyed.
+
+During this time, Washington became quite frantic for intelligence on British strength and plans.  He began to repeatedly ask his subordinates for information.  At last, he asked his first unit designated for intelligence work, Knowlton's Rangers, to find a volunteer to enter the city and try to gain some valuable information.  Young Nathan Hale became that man.12
+Nathan Hale was idealistic and enthusiastic, but not very well-suited for this mission.  He entered the city, conducted surveillance, was captured with incriminating evidence and promptly executed in September, 1776.13  This is when Hale uttered the famous words, "I only regret, that I have but one life to lose for my country."14  George Washington became aware of Hale's sacrifice as stories filtered out of the city.  This was the final realization for Washington that a well-developed spy network was of the utmost value to him.  He slowly worked to build an effective network that began to pay dividends as he would be ready for the British when they moved to Philadelphia.
+
+Trenton & Princeton (1776-77).  Late in 1776, after securing the vicinity of New York City, the British had pushed into New Jersey.  Washington was forced to retreat across the colony and into eastern Pennsylvania.
+
+Washington had become desperate.  By mid-December, his army had shrunk to nearly 6,000 men.15  Most of his army's enlistments would expire on January 1, 1777.  Spirits in the rebellious colonies were flagging.  Washington realized that unless something drastic happened before the New Year, his army would disappear and the cause would probably be lost.  Washington needed some intelligence that would help the Continental strike a blow against the British and help bolster the flagging spirits of the revolution.
+
+As Washington retreated he left many agents and spies across the New Jersey countryside.  Most of them remain unidentified, however they were local people or soldiers who rode though the countryside and loudly "talked Tory" while selling tobacco and other supplies to the British and Hessian soldiers.16  One such source was John Honeyman of Griggstown, New Jersey.
+
+John Honeyman, a veteran of the French and Indian War, probably first met Washington in Philadelphia when the Virginian was appointed as Commander-in-Chief.  He probably also offered his services as a spy at that time.  They met again as Washington began his retreat across New Jersey.17
+Honeyman began posing as a Tory butcher and had become well known to the British forces in New Jersey as he wandered in and out of the camps providing meat to the British while also collecting intelligence.
+
+Trenton, a small village on the Delaware River in New Jersey, was manned by a detachment of Hessian mercenaries numbering approximately 2,000 men.18  Honeyman noted that this outpost was not properly defended and was vulnerable to a surprise attack.19  He needed to get this information to Washington and the general knew that he needed to speak to his spy.  Washington made it be known that he wanted the Tory captured.  Honeyman then allowed himself to be captured.  The spy was taken to Washington and made his report.  Some time after that, Honeyman conveniently escaped (it seems probable that Washington facilitated Honeyman's escape) and reported back to the Hessian commander that the Continentals were in disarray and unlikely to attack.20  Washington corroborated the information received and determined that he should attack Christmas morning.  He daringly crossed the Delaware River and completely surprised the sleeping Hessians.
+
+This victory is probably Washington's best known win and it was made possible by a thorough knowledge of the enemy's defenses and vulnerabilities to a surprise attack. As a result of their success at Trenton, many of his soldiers re-enlisted prior to the New Year and Washington was able to quickly follow the victory with another in Princeton on 3 January, 1777.  Victory at Princeton was aided by intelligence received from Colonel Cadwalader, who had been ordered to scout New Jersey.  Cadwalader provided a complete analysis of Princeton to include defensive positions, approaches to the town, and artillery locations that gave Washington the type of information that he needed to launch a successful attack for the second time in ten days.21  After these two striking victories, the American cause had been renewed.  Valuable intelligence, as well as some thoughtful deception by Honeyman, contributed greatly to these important victories.
+
+New Jersey/Pennsylvania (1777-78).  Early 1777 saw the two armies consolidating and training.  As the campaign down the Hudson Valley by British General John Burgoyne began, Washington was concerned that General William Howe, the officer in overall command of British forces in the Colonies, would move north up the Hudson River and isolate New England from the rest of the Colonies.  Howe departed New York in late July.  Over the next month, Washington was kept guessing as to his actual intentions.  Eventually, Howe moved on Philadelphia.  Washington had been tipped off to this possibility as early as April, when a woman who had been sent into New York by one of Washington's spymaster's, Nathaniel Sackett, reported that the British were constructing flat-bottomed boats for use in the conquest of Philadelphia.22  Washington's reaction to this news was to order General Thomas Mifflin to set up a spy network in the Colonial capitol.23  Washington attempted to thwart the British advance to Philadelphia at Brandywine on September 11, 1777.  This battle was nearly a disaster and marks one of the few serious intelligence failures of the war. Washington's scouts (mostly militia) failed to notice the British flanking maneuver, nor the ford used by the British to complete the move.24  The British entered Philadelphia on September 26th, however, by the time the British captured it, the spy network was in place.  This time Washington had anticipated his opponent's eventual move and had assets waiting for his use when the British arrived.
+
+This period of the war is marked by multiple intelligence successes that led to Howe's eventual frustration due to his inability to defeat Washington.  As John Blakeless states in his book Turncoats, Traitors, and Heroes:
+The contrast with the situation in New York in 1776, only a year before, when Washington had been totally in the dark as to enemy intentions and capabilities, was positively startling.  By 1777, the Continental commander always knew what Howe *could* do.  He sometimes knew several days in advance exactly what Howe was going to do.  And the commander-in-chief himself evaluated the intelligence, as it came in, with unerring skill.25
+Washington truly knew his enemy during this period.
+
+Washington's spy-master in Philadelphia was Major John Clark.  He and his spies kept Washington and his staff informed of British intentions, swiftly reporting all plans to headquarters.  Major Clark worked so hard and diligently that he was forced to step down due to failing health in January, 1778, a potentially brilliant career cut short.26
+Two occasions stand out in which Washington had warning and was able to avoid defeat.  The first was at Forts Mifflin and Mercer.  Major Clark's spies kept the Americans fully appraised of British intentions in November, 1777, and both forts were abandoned prior to their capture, saving men and materiel.27
+The second significant instance involves a story of true bravery.  The British had commandeered the house of a local Quaker family, the Darraghs, for use as a headquarters.  The British frequently used the homes of Quakers because they were pacifists and were not expected to support the war effort.  Unfortunately for the British, the Darragh family had been recruited by Major Clark. During this time, Washington was encamped at Whitemarsh, a short distance outside the city.  On the night of 2 December, 1777, Lydia Darragh, the matron of the family, hid in a closet and overheard the British making plans to attack Washington on the 4th.  There was not enough time to use her normal round-about method of delivering her information.  She slipped out of the city under the guise of needing flour and contacted the American army.  This information confirmed other reports and the army was put on alert and the raid was thwarted.28  These are but two examples of the type of situation that Howe faced in Philadelphia.
+
+Although the Americans suffered greatly at Valley Forge during the winter, the British had had enough and decided to return to New York after General Howe was replaced by General Henry Clinton.  Washington was well aware of the British intentions to return to New York and began making plans to harass the retreating British. Unfortunately, Washington's spies were unable to ascertain the exact date that movement would begin.  Once movement did begin on 17-18 June, 1778, it was immediately reported to Washington, however, this report arrived too late to attack the British while they were crossing the Delaware (a move the British were expecting).29  Washington rushed to catch up to the British resulting in the battle of Monmouth on June 28, 1778.
+
+American intelligence agents repeatedly reported to reconnaissance units throughout the entire region as the British retreated to New York.  Eventually, Washington found his place to strike the retreating British at Monmouth, where they had stopped for the night.  General Charles Lee was ordered to command the advance force and engage the British rear guard while Washington brought up the main body.  Washington received word that the British had begun their expected move the morning of 28 June.  He sent word for Lee to begin the attack.  Lee did not immediately attack.  Washington ordered Lee forward a second time.  Lee finally did order his units forward, but he didn't issue attack orders and did not properly coordinate his units.  Lee's Brigade commanders took it upon themselves to attack but due to lack of coordination from Lee were forced to fall back.  By that time, Washington had brought up his main body and fought a respectable engagement against a strengthened British attack.  Washington blamed Lee for failing to attack the rear guard in a timely manner.  This eventually led to Lee's court martial.  There have been many theories as to why Lee failed to properly execute Washington's orders.  In all likelihood, Lee merely didn't believe that it would succeed.  However, some have suggested that the recently exchanged Lee had switched sides while a prisoner of war and promised to help the British win a battle.30  After this battle, which had been a spirited exchange and showed that the abilities of the Continental Army had greatly improved, the British elected to continue on to New York rather than continue the fight.  The second time that the main British force occupied New York was to be quite different from the first.
+
+New York (1778-81).  The war had now entered a new phase.
+
+The British seemed content to hunker down in New York City and look to other areas to pursue what had now become a world war with the entry of France and, later, Spain.31  In the Spring of 1779, the British began the southern phase of the war with the conquest of Charleston, South Carolina. Washington remained in the New York area and continued harassment of the British there.  This was when Washington's spies really came into their own.  During the year in which the majority of British forces in the Colonies had been in the Philadelphia area, Washington worked to vastly improve his spy network in New York.  When Clinton returned to New York those agents went to work. The most important group was the "Culper net".  There were two primary agents.  Abraham Woodhull and Robert Townsend used the aliases "Samuel Culper" and "Culper Junior" respectively in their reporting.  They were managed by Major Benjamin Tallmadge of the 2d Dragoons (Sheldon's Horse), who used the alias "John Bolton."32  Tallmadge reported directly to Washington.
+
+Major Benjamin Tallmadge was a young man who had been a classmate of Nathan Hale's at Yale.33  He joined the Dragoons when they were formed in December 177634 and was particularly adept at light cavalry work.  Washington noticed his ability and recruited him to act as his spymaster.  Washington intentionally did not know the identities of many of Tallmadge's contacts.  The 2d Light Dragoons operated in Connecticut and Tallmadge received the reports from the "Culpers" from across the Long Island Sound.  Tallmadge then forwarded them directly to Washington.35  Tallmadge was very secretive, making little mention of his exploits throughout the rest of his life, but these exploits helped maintain the Revolution.
+
+Washington relied heavily on the steady flow of information that came from the "Culpers."
+Abraham Woodhull, "Samuel Culper," lived in New York, posing as a Tory.  He mucked about listening to British officers' conversations and corresponding with "Bolton." He was never discovered, but as time went along, he became convinced that the British were on to him.  When he felt that he could no longer suffer the trials and tribulations of active espionage, he recruited Robert Townsend to take his place.  Townsend became "Sameul Culper, Jr." or "Culper Junior".  Townsend was a merchant of dry goods, and was permitted to travel about freely.  Woodhull became the link between Tallmadge and the new Culper.36  Townsend had a different approach from the secretive eavesdropping Woodhull.  Townsend was a "loud Tory" who made submissions
+
+to the social section of a New York City Tory newspaper, The Royal Gazette.  "British officers, eager to see their names in print, readily talked with Townsend."37  The
+"Culpers" had their own contacts, many of whom remain unidentified to this day, that they used to compile their reports.
+
+The majority of intelligence collected by this spy ring was of the routine nature.  Reports on ship movements, morale, casualties, resupply, and warnings of British agents operating in the Continental Army were the normal types of reports received.38  Although unglamorous, it was the volume of this material that made them particularly valuable to Washington.
+
+There was one instance of intelligence supplied by the
+"Culpers" that was particularly important.  The first major body of French troops, under the Comte de Rochambeau, was set to arrive at Newport, Rhode Island, in July, 1780.  The British knew and planned to strike the French before they could construct an adequate defense.  Townsend got word of the plan and immediately reported this to Tallmadge.
+
+Because the raid was already forming Tallmadge was forced to act quickly.  Tallmadge forwarded this information to Washington, who quickly warned Rochameau. However, Washington did not have a strong enough force to interdict the raid nor attack a weakened New York City.
+
+But Washington did have an active intelligence and counterintelligence net, and he made the British believe that he was prepared to attack New York.  The British took this threat seriously and withdrew the striking force.39
+The French, and therefore the alliance too, were spared.
+
+This ring continued its accurate reporting throughout the remainder of the war.  Because most of Tallmadge's spies were posing as Tories, the Major received permission from Washington to enter New York ahead of the main army when the British turned over control of the city to the Americans.  Tallmadge contacted his spies and was able to ensure that there was no retribution made against them by the local population.  Washington is said to have met with many of these people soon after the conquest of New York and gave his appreciation.40
+Probably the most famous case of espionage and counterespionage during the American War for Independence was the case of General Benedict Arnold's treasonous attempt to turn over the fortress at West Point, New York, to the British.  Major Benjamin Tallmadge had a large role in the disruption of the plan.
+
+Arnold's contact was a British Major by the name of John Andre who was using the alias "John Anderson."  Andre was the head of British intelligence in New York.  "John Anderson" was captured carrying a letter from Arnold and the plans for West Point hidden in his boot on September
+23, 1780.  Prior to this, Arnold had asked Tallmadge to escort a man named "John Anderson" to him if he (Tallmadge) was to come across him.  It is unclear whether Tallmadge had previously known the true identity of "John Anderson." But, when he learned that this man had been captured it was enough to make him suspicious.  Tallmadge's superior, Lt. Col. John Jameson, unknowingly had decided to send Washington the documents that had been found and return the prisoner and a report to Arnold (the local commander to whom he was responsible for reporting).  Not fathoming that Arnold could be guilty, Jameson reasoned that Arnold would know best how to deal with someone who was "spying on West Point."
+Appalled, Tallmadge was able to convince Jameson to have the prisoner returned, but wasn't able to stop the report.  Arnold received the report and, knowing that he had been discovered as a traitor, fled to the safety of the British in New York.  Major Andre was not so lucky.  He was convicted of espionage and executed.41  Tallmadge and the
+"Culpers" are but just a few of Washington's agents that contributed in keeping the British pent up in New York.
+
+Yorktown (1781).  In 1779-80, the focus of the war effort moved to the south.  By July 1781, the British forces in the south, under General Charles Cornwallis, had moved out of the Carolinas and had relocated to Yorktown, Virginia. Cornwallis was hemmed in by American forces, commanded by the Marquis de Lafayette, but still large enough to be dangerous.  Washington quickly seized upon a plan as the situation developed.  In May, the French had indicated that a fleet would be available for use in aiding the war effort in America.  Washington's initial plan was to use this fleet and some accompanying French troops for an all-out assault on New York.  To Rochambeau, the French commander in America, this didn't seem to really be the best course of action, but it was the allies initial plan.42
+By August, Washington's plan changed abruptly.  The Comte de Grasse, the French admiral, reported that he was ready to sail north from the West Indies to assist the allies.  The allies seized upon a plan to capture all of Cornwallis' force.  The French fleet was directed to go to Virginia and close the British escape route by sea.
+
+Washington and Rochambeau would move south to complete the siege of Yorktown.
+
+This is when Washington pulled another trick out of his bag.  The general knew that his plan to attack New York had been captured.  Although, there doesn't appear to be any evidence to support it, given Washington's history with disinformation, it is possible that he allowed the plan to be captured.  Nevertheless, Clinton was convinced that the allies intended to attack New York, and Washington needed Clinton to continue to believe this while the French and American armies slipped away.  He began repositioning boats, improving roads, and conducting other tasks in New Jersey that would lead the British to believe that they were preparing to attack New York.43  In the meantime, the armies began to move south into New Jersey giving weight to the notion that they were preparing an attack from that direction.
+
+The British were not aware that *some* troops were moving south until September 1st.  On September 2nd, they
+
+still feared that Washington planned to double back and attack New York.  On the 4th, they received the report that French troops were reinforcing Lafayette at Yorktown.  On the 6th, they discovered that very few troops remained in the vicinity of New York.  Clinton still did not become convinced of the plan to attack Cornwallis until 8
+September.44  By this time it was too late, the allied army had gotten away and Clinton would not be able to interfere with the move south.  In the meantime, the French Navy defeated the British relief at the Battle of the Virginia Capes.  Cornwallis' fate was sealed.
+
+By the time Washington and Rochambeau reached Yorktown, they were well aware of Cornwallis' plight. Washington was intercepting many of Cornwallis' dispatches. Thanks to the skill of Mr. James Lovell at code breaking Washington was also able to read these messages.45  The deception plan allowed Washington to move south.  His constant knowledge of British intentions from his sources within New York City and intercepted communications allowed him to tighten the noose in Virginia.
+
+Washington knew that Clinton was unable and unwilling to attempt to come to the aid of Cornwallis.  Armed with
+
+this knowledge, Washington was able to concentrate sufficient force in Yorktown without fear that Clinton would attack other locations that were less well defended.
+
+Cornwallis surrendered his force on October 19, 1781.  The war was all but won.  Major fighting in the war had come to a conclusion.  After the completion of the Yorktown campaign, Washington resumed his "siege" of New York and intelligence continued to flow from his spies inside the city until the final evacuation in November, 1782, after the conclusion of the war.
+
+Other Theaters.  Even though Washington remained around the main body of the British army while some more important battles were fought in other theaters, he retained control of all Continental Army efforts.  Washington kept up a steady correspondence with his subordinate commanders.  He demanded that they provide him with detailed accounts of engagements and responses to his requests for information. At the same time that he was requesting information he was also using his knowledge of enemy plans and intentions to aid his subordinates in their operations.
+
+In February 1777, Washington sent correspondence to General Phillip Schuyler, the commander of forces defending Fort Ticonderoga and northern New York from any attack from Canada.  In a letter dated on the twenty-third of that month, Washington informed Schuyler that he didn't anticipate that the British would attempt to move south until late spring.  Additionally, he informed him of anticipated reinforcements, estimated enemy troop strengths and that "the intelligence communicated by the Express [probably a courier sent earlier], who delivered my Letter of the 9th Instt. was premature."46
+In August of 1778, the first French aid provided to the Americans came in the form of a fleet under the Comte. D'Estaing.  It initially advanced to the Newport, RI, area before proceeding on to Boston.  In correspondence with Gen. Nathanael Greene dated 21 August, 1778, Washington advised him to be wary of attacks from the British.  He informed Greene that "it appears certain, that Sixteen of Lord Howe's fleet entered the Hook on the 17th."47  The Hook was the area exiting New York Harbor.  Washington used the intelligence that he received from his coastal watchers to warn his subordinate of potential threat to allied and Continental forces operating in other areas than his own.
+
+Another example can be found in correspondence between Washington and General Nathanael Greene.  In the summer of 1781, as Cornwallis had moved to Yorktown and Greene was consolidating his victory in South Carolina, Washington was in constant communication with Greene.  In a letter dated
+30 July, 1781, Washington informed Greene of Cornwallis' movement into Virginia and his intention to have Greene continue his efforts in South Carolina.48  In a later letter dated 27 September, he informed him of the victory at the Battle of the Virginia Capes and his movement to Yorktown.49
+In addition to informing Greene of the current situation he continued to request reports from the commander in the southern sector.  Washington's intention with both letters was to keep his subordinate informed of the general situation while continuing to keep him engaged with his task at hand.  Washington continually communicated with his subordinates relaying and requesting important information.
+
+## Intelligence Methods:
+
+Sun Tzu said it quite well: Now the reason the enlightened prince and the wise general conquer the enemy whenever they move and their achievements surpass those of ordinary men is foreknowledge.50
+Washington was successful because he had foreknowledge. Knowledge of the enemy's intentions and dispositions are paramount to a successful military campaign.  Washington was master of these techniques.  His foreknowledge of the enemy allowed him to avoid many engagements and attack when the time was right for battle.  Washington's use of intelligence information included the cornerstones of traditional intelligence analysis and operations: espionage; counterintelligence; communications security and code breaking; operational security and deception; and surveillance and reconnaissance.  Effective use of all of these methods allowed Washington to make analytical estimates and stymie British efforts to decisively engage the Continental Army.
+
+General George Washington regarded intelligence accumulation and analysis as one of his primary responsibilities.  He hired spies, planted false reports with double agents, used codes and ciphers, and analyzed the reports he received for himself.  He used his cavalry units to conduct reconnaissance operations and act as intermediaries between himself and his spies.  He demanded that reports be in writing and delivered with utmost haste "reminding his officers of those bits of intelligence he had received which had become valueless because of delay in getting them to him."51  He realized the value of multiple sources and used this method frequently to validate his information.  He even wrote a makeshift textbook for his army officers to use to conduct intelligence operations.52
+Additionally, he used all the information gathered to create a decision-making process.53  Washington also created the first intelligence gathering units, the Light Dragoons. Their primary duties included reconnaissance, surveillance, capture of prisoners for interrogation, and harassment.54
+Washington directed all intelligence activities conducted by the Continental Army and truly was the focus of all intelligence reporting and analysis.
+
+## Espionage.  Espionage Was The Primary Method Of Collection Of Intelligence During The Eighteenth Century, With
+
+reconnaissance, prisoner interview, and courier interception being the others.  However, espionage provided General Washington with the wherewithal to succeed in his endeavors to lead a young nation to victory.  Spies were very prevalent on both sides during the war, and Washington was the best at using them.  As noted above, one of his very first expenditures after assuming command was to an agent to enter Boston,55 and the value of intelligence that came from spies such as the "Culpers" cannot be underestimated.
+
+There are countless stories of intrigue from the war.
+
+People used disguises and cover stories to enter the British occupied areas and report back to the Americans. Frequently, as in the case of the Darraghs, they were ordinary citizens who were forced to house British officers.  Many were simple salesmen and hucksters like John Honeyman who plied their trade among the British and reported what they saw.  Still others were society people who mixed easily with the British Officers.56  Many military secrets leaked out.  One was Burgoyne's plan for the invasion of New York State and the capture of the Hudson Valley.  The reporting was highly accurate, predicting the
+
+movements of Burgoyne and Howe during that campaign that ended in British defeat at Saratoga.  Burgoyne's plan was reported to the Continentals before it was even presented to King George.57
+Many spies, like Nathan Hale, were taken right from the ranks of the Continental Army.  Another soldier, Captain David Gray, was declared a deserter.  After
+"deserting," he infiltrated Colonel Beverly Robinson's Tories and obtained the position as the courier for the Tory intelligence agent.  Gray then proceeded to turn over copies of all of Robinson's dispatches.  Eventually, Gray moved up to be a courier for Major Oliver DeLancey, Jr. DeLancey headed the British secret service in New York. Gray was responsible for the route between the city and Canada and passed his dispatches on to Washington for nearly two years.  After completing that assignment he returned to the ranks and his name was stricken from the list of deserters.58  Washington managed some of his own spies as well as delegating the management duties to various subordinates.
+
+## Counterintelligence.  Knowing The Value Of His Own Spies
+
+and how easy it was to infiltrate the enemy, Washington recognized that the British were finding it almost as easy to do the same to him.  This may be one reason that he performed much intelligence analysis himself rather than trust too many others with his sources.  He was constantly on the lookout for spies and directed his subordinates to be just as vigilant.  He called British spies "the one evil I dread."59  Washington firmly believed that he should pay his agents as much as possible, but he remained wary of a spy who was purely in it for the money because he could just as easily be paid by the British with more than the Continentals could afford.60  Washington firmly believed that the best security for his army and cause was a strong sense of patriotism, which is probably why he found Benedict Arnold's betrayal so distressing.  Luckily it was discovered before any major damage had been done.
+
+Previously, another instance of solid counterintelligence work involves the case of Dr. Benjamin Church.  Church was a trusted part of the circle of patriots in Boston prior to the start of the War.  Although the patriots knew that there was a mole in their organization, the doctor was above suspicion.  Later, after Washington had taken command, Church was made chief medical officer for the Continental Army.  In September, 1775, a letter written in cipher was intercepted.  After interrogating the young lady who had been entrusted to deliver the letter, it was revealed that the author of the letter was Dr. Church.  Church was immediately questioned and held until they could determine his guilt or innocence.61  After some work, the letter was decoded and Church's deception had been proven.  The doctor was found guilty and imprisoned because of a legal loophole that prevented his execution (the loophole was immediately fixed).  He was exchanged for American prisoners in 1777.62
+Washington found Dr. Church's disloyalty very sobering and began to take the threat of spies even more seriously than before.
+
+## Communications Security & Code Breaking.  Just As Ferreting
+
+out spies was important to the American cause, so was the need to protect the information that was being supplied to Washington.  Washington's most important spies were supplied with a "sympathetic stain" that had been invented
+
+by John Jay's brother, Sir James Jay.  This ink was more effective than traditional milk or lemon juice methods of invisible writing.  It could not be read by holding it up to light.  It required a solution to make the writing visible. Additionally, codes were developed so that names and locations could be protected even if the British discovered how to develop the stain.63  Washington's agents using the stain would write a standard letter and then use the stain in the margins and between the lines.  They would also write in the margins of the pages and inside the cover-leafs of books.
+
+Another method of encryption was to create a cutout template.  Two examples included an hourglass shape or small blocks cut out of a plain sheet of paper.  When this sheet was placed over top of an otherwise normal looking letter a secret message was revealed.64
+James Lovell was Washington's chief codebreaker.  As noted above, he provided a valuable service decoding British dispatches, particularly during the Yorktown campaign.  Once encryption methods had been determined they were provided directly to Washington and he spent hours analyzing the accumulated intelligence that was gleaned from intercepted communications.65  Intercepted communications provided a vast wealth of information and Washington recognized the need to protect his own as well.
+
+## Deception & Operational Security.  Washington Was A Master
+
+at the art of deception.  The British were frequently left guessing as to his exact intentions.  Washington achieved these results through a series of deliberate plants of disinformation, operational security, and deceptive acts by his forces.  There are numerous instances of deception during the War for Independence.  Washington's withdrawal from around New York and movement south to Yorktown is one example.  Construction of boats and road improvement coupled with deliberate disinformation, making Clinton believe that New York was about to be attacked, allowed the French and Americans to move south without interference from the British.
+
+Another interesting case of deception happened in winter quarters at Morristown, NJ, in 1777.  Washington's army had dwindled to only about 4,000, so he billeted them by twos and threes in the various buildings giving the impression that his army was much larger.  Then when a known British spy arrived in the camp, Washington allowed him to steal greatly inflated unit strength reports. General Howe was led to believe that the Continental Army was three times its actual strength.66  Washington's spies were frequently ordered to provide false information to the British, which was very effective in keeping the British guessing as to American intentions.
+
+Washington was also very concerned about operational security.  Due to the nature of the war, secrets were hard to keep.  Because spies and double agents were rampant, Washington did his best to ensure that his plans remained secret as long as possible.  The troops usually didn't know where they were headed when a march was ordered. Washington was also quick to punish operational and security leaks.  Many violators were given the lash.67  On one occasion some of Major Benjamin Tallmadge's confidential papers, operational funds, and his personal trunk were captured by the British during a raid in 1779. A spy was compromised, but was warned in time to escape. Although there is no evidence that Tallmadge was given the lash, he was admonished by Washington.68  After this incident, the spies were required to write in code and use the "sympathetic stain" as well.69  Without effective deception tactics and operational security the Continental Army could have been engaged and destroyed on numerous occasions.
+
+## Surveillance & Reconnaissance.  The Operations Of Light
+
+cavalry as surveillance, reconnaissance, and guide assets was as important to the armies of the Eighteenth Century as reconnaissance units are today.  Washington was initially unimpressed with the need for such units.  The first cavalry unit that was assigned to the Continental Army was dismissed by Washington in July, 1776, due in part to his belief that they were too expensive to maintain and his distaste for their military bearing.70  Their presence was missed just a month later when the British easily outflanked Washington's position at the Battle of Long Island.  Later that year, Washington established the first Light Dragoon units to accomplish these tasks.  As the war progressed these units became very valuable to him.
+
+The Dragoons truly were the intelligence organization of the American War for Independence.  After failures in and around New York City in 1776, Washington asked Congress to fund four light cavalry, or Dragoon, units late in that year.71  The "Dragoons were a light, mobile force, operating ahead and on the flanks of the main force, scouting out the enemy's movements, gathering other intelligence, and thwarting the enemy cavalry's similar efforts."72  There were four Dragoon units; all had significant impact on the course of the war.  However, the 2d Continental Light Dragoons (Sheldon's Connecticut Horse) stood out for its effectiveness as an intelligence gathering unit.  Major Benjamin Tallmadge was part of this unit.
+
+The second dragoons exceeded the personification of the ideal type of Dragoon.  They not only fought and won victories on horse and foot but on the water as well.  They were also the key to Washington's espionage service.  None of the four Light Dragoon regiments surpassed Sheldon's Horse for uniquely active and effective service.  Too little has been written of the impact that "Sheldon's Connecticut Horse" had in the American Revolution.73
+When the armies were encamped, the Dragoons remained active, ranging between the armies intercepting enemy units and agents and conducting hit and run raids on militarily
+
+significant targets.  Military and intelligence operations conducted by the Continental Army greatly improved with the creation of the Dragoons.
+
+During the Battle of Brandywine, although the British flanking maneuver had been missed earlier, it was these units that discovered it in time to alert Washington and prevent a catastrophe.74  In addition to traditional Dragoon units, Washington also used the local populace and soldiers from his army familiar with the area to scout the surrounding terrain and guide his army to battle.  Three Continental soldiers from the Trenton area scouted the area looking for Tories carrying warning to the Hessians and guided Washington's army from the Delaware river crossing to the town enabling Washington's army to surprise the enemy.75  There were other units created for the express purpose of conducting surveillance.  One such unit was a New Jersey militia unit formed in 1777 for the purpose of watching and reporting British naval and shipping movements.76  As Sun Tzu tells us, "Those who do not use local guides are unable to obtain the advantages of the ground."77  Washington was fully aware of this and used the capabilities of his army for local knowledge to great effect, staying a step ahead of the British on many occasions.
+
+## Reporting & Analysis. Raw Collected Data Is Of Little
+
+value if it is not properly reported and analyzed.  As stated previously, Washington performed most of his intelligence analysis himself.  We will never know the extent of his intelligence apparatus because neither Washington, nor many of his sources, ever revealed that information.  However, we do know that Washington preferred his reports to be in writing, in detail, and delivered as swiftly as possible.  His instructions were precise when requesting "details on British military and naval movements, the location and condition of fortifications and bases, and not least, the health and morale of enemy troops."78  Washington used this data to help him make the assessments of British strength and capabilities.  He was very meticulous and resolutely believed in the value of validating intelligence by confirmation from another source.  Although the exploits of John Honeyman are well known, Washington confirmed his spy's reports through intelligence gathered from other sources before deciding to launch the attack on Trenton.79
+Reports continued to flow immediately after the attack on Trenton.  Colonel John Cadwalader had been assigned the task of scouting Princeton, and his report included the type of detailed information that Washington repeatedly desired.  It was a complete "intelligence preparation of the battlefield."  It pointed out approaches to the town, artillery locations, defenses, and exact quartering locations.80  Washington used this information to defeat elements of the British army at Princeton on January 3, 1777.
+
+Washington also desired timely reporting, and more than once he admonished his agents and units for not supplying information quickly enough before it had become irrelevant.  However, he also frequently received reporting in almost no time.  British casualty reports from the Battle of Germantown in October, 1777, were received approximately thirty-six hours after the conclusion of the battle.81  Washington was gifted at analyzing the information that was provided to him.  Proper analysis requires sound collection methods, multiple sources, and detailed and timely reporting, all of which Washington received.
+
+Organization.  Because General Washington maintained control of intelligence operations there was little formal organizational structure for intelligence in the Continental Army.  Potentially, Washington could have relieved himself of these duties and they may very well have been accomplished satisfactorily.  However, Washington believed that intelligence analysis was too important to be left to a subordinate.  In this way he was able to delegate other responsibilities and reduce the chance of compromise by limiting the number of personnel involved in his secret operations.
+
+Although the primary intelligence collection units were the light cavalry, or Dragoons (as discussed above), there was another unit that was expressly created for the conduct of intelligence operations.  In 1776, Washington selected Lieutenant Colonel Thomas Knowlton to head an elite unit that became known as "Knowlton's Rangers."  This unit was created to conduct reconnaissance and intelligence collection.  Because it was the first such unit in the Continental Army, today's Army's Military Intelligence Corps traces its origins here.82  However, Knowlton's Rangers was more of a light infantry unit that conducted special operations and not the same sort of unit that the Dragoons became.  Thomas Knowlton himself was a charismatic leader who always led his men in battle, epitomizing today's Intelligence Corps' Motto "Always Out Front."83
+Unfortunately, Knowlton himself was killed at the battle of Harlem Heights on September 16, 1776.  Two months later, the unit was captured at Fort Washington and ceased to exist.84  Nathan Hale was a member of this unit when he volunteered for his fateful mission.  Washington made great use of his units expressly created for collection of intelligence while limiting the number of personnel who would be privy to that information collected, thus maintaining a high level of security.
+
+## Conclusion.
+
+"Over the Revolutionary War as a whole, Washington's grasp of military intelligence and deception comfortably exceeded that of his British opponents."85   Accurate and timely intelligence is the key to successful military operations.  General George Washington understood this quite well.  His most brilliant military successes were due in part to good intelligence.  Trenton was made possible by the daring feats of a butcher who posed as a Tory so that he could enter the British camp.  Washington came to realize exactly how vulnerable Cornwallis was through intercepted communications and used sound deception tactics to move away from New York and force the British capitulation at Yorktown.  Although intelligence methods have changed quite a bit in the last two centuries, the basic principles remain valid today.  Washington used these functions to great success.
+
+Espionage was the primary method available to gather valuable information regarding one's adversary in the Eighteenth Century.  Washington had many spies placed throughout the country and behind the British lines.
+
+Today, espionage has become more dangerous and somewhat less important with the advent of new technologies to monitor enemy operations and communications.  However, espionage (one of the functions of human intelligence or HUMINT) is still capable of providing some of the most valuable information.  While espionage was frequently conducted by members of the army in Washington's time, today we rely on non-Department of Defense organizations to provide that information.  Today technology has replaced many of the old-fashioned espionage tactics.  However, the threat posed by terrorism may require that we readdress the role of espionage in our intelligence apparatus.  One of the major concerns regarding espionage is the fear of compromise and the need for solid counterintelligence practices.
+
+Washington regarded counterintelligence as one of the most dangerous threats to his army.  Today, the threat of infiltration of our intelligence organizations is less than it was during the American Revolution, but still remains valid (with potentially devastating results).  Washington tasked his personnel to remain vigilant for the actions of enemy agents.  The best counterintelligence method is vigilance and questioning suspicious activity.  One of the reasons that the counterintelligence threat has changed is for the same reason that we do not conduct as much espionage as we did in the past.  Technology has improved.
+
+Most intelligence collection today can be done from long range.  Communications can now be intercepted by electronic means.  With the increase in capability to intercept electronic communications, an increase in the requirement for proper communications security has become necessary.  Washington's primary methods of communications security were limited to invisible ink, embedded messages, and codes.  Today, invisible ink is no longer necessary, but codes are paramount.  As codebreaking methods have become more sophisticated so have methods of encrypting messages.  Washington realized the value of proper communications security especially as he became adept at intercepting and decoding British messages.
+
+The comprehension of the value of communications security led to his respect for the need for good operational security and the ability to deceive his enemy. Operational security remains one of our primary areas of concern.  With expanded ability to read and distribute information it has become even easier to piece together what a nation or force intends to do.  Sound operations security and good deception tactics can prevent the enemy from knowing their adversary's intentions.  Washington was a master at deception.  The best way to defeat an adversary is to keep him guessing as to your intentions.
+
+Surveillance and reconnaissance were important aspects of Washington's ability to remain a step ahead of the British.  Washington was limited to information that could be obtained by someone actually viewing an event.  Today we can conduct these activities from long range through the use of imaging capabilities and listening devices.  Eyeson-target surveillance and reconnaissance has not completely gone away and can still be some of our most effective intelligence collection assets when combined with radio communications and on-call weapons delivery.
+
+As Sun Tzu tells us: And therefore only the enlightened sovereign and the worthy general who are able to use the most intelligent people as agents are certain to achieve great things.  Secret operations are essential in war; upon them the army relies to make its every move.86
+Washington knew the value of intelligence and carried his lessons into his presidency when he "took personal responsibility for foreign intelligence."87  Whether it was analysis of multiple sources of information or management of far ranging spy networks, Washington always displayed an adept ability to use intelligence for the successful conduct of the war and the attainment of independence for the United States of America.
+
+## Annotated Bibliography
+
+Proposed Topic:  Gen. George Washington made great use of intelligence during the American War for Independence.  His use of intelligence had great effect on the outcome of the war and holds lessons that can be applied today.
+
+## Primary Sources:
+
+The Library of Congress has scanned the majority of George Washington's correspondence and placed it online (http://memory.loc.gov/ammem/gwhtml/gwhome.html).  This can be a very valuable source.  However, many of the letters have not been transcribed and are difficult to read. Additionally, the volume of data is also difficult to wade though for the nuggets of information that are contained within.
+
+## Secondary Accounts:
+
+Christopher Andrew's For the President's Eyes Only, Secret Intelligence and the American Presidency from Washington to Bush, (New York:  Harper Perennial, 1995.) is a book that looks at how U. S. Presidents have used intelligence information in the execution of their duties.  The first chapter discusses Washington's involvement in intelligence throughout his career as a military officer and President. John Blakeless' Turncoats, Traitors, and Heroes (Philadelphia:  J. B. Lippencott Company, 1959) is an analysis of American and British military intelligence methods and activities employed during the American Revolution.  This source is invaluable to the writing of this paper. The CIA's pamphlet, Intelligence in the War of Independence, (n. p., n. d.) is a 45-page overview of all intelligence operations and activities during the Revolution.  It contains quite a bit of useful information and areas to look for further reference.  Of note, it contains a listing of suggested readings which includes an article titled "George Washington, Manager of Intelligence," published in *Studies in Intelligence*, vol. 27, no. 4 (Winter 1983) which should have some valuable information.
+
+Washington's Eyes, The Continental Light Dragoons (Fort Collins, Colorado:  The Old Army Press, 1977) by Burt Garfield Loescher is a book about the operations and organization of the four Continental Light Dragoon units. This book outlines the exploits of these units that were vital to gaining information regarding the activities of the British army for the Continental Army. Nathan Miller's Spying For America, The Hidden History of U. S. Intelligence (New York:  Paragon House, 1989) is a review of spying throughout the history of the United States.  The first chapter is about George Washington and describes some of his activities and sources.  The second and third chapters focus on activities performed by Washington's agents. The periodical, *Studies in Intelligence* [24, no. 4 (Winter 1983):  1-10], published an article by Edward F. Sayle titled "George Washington:  Manager of Intelligence."  This article outlines Washington's actions in the field of intelligence in support of the war effort. Samuel B. Griffith's translation of Sun Tzu's The Art of War (Oxford:  Oxford University Press, 1963) and Carl von Clausewitz's *On War,* (Princeton, New Jersey:  Princeton University Press, 1976) contain useful insight into the value and impact of accurate intelligence on military operations and planning. Edmund R. Thompson edited Secret New England, Spies of the American Revolution (Kennebunk, Maine, USA:  The David Atlee Phillips New England Chapter Association of Former Intelligence Officers, 1991).  This book contains a series of articles about intelligence and espionage operations conducted in the New England colonies during the Revolution. This Week in History broadcast by The History Channel aired a segment titled "American Spy" on 14 January, 2002 (Robert Sharenow and Harlan Reiniger, prods. and narrated by Josh Lebowitz).  This program expanded on much information that had already been identified through research.  However, it did contain one new nugget on the use of cutout templates when encrypting messages. The United States Army Center of Military History posted a short article on their web site titled Rangers in Colonial and Revolutionary America (4 Jan. 2002. <http://www.army.mil/cmh-pg/documents/revwar/revra.htm>). It provided information on the history of Knowlton's Rangers.
+
+## Biography:
+
+Trevor Nevitt Dupuy's The Military Life of George Washington: American Soldier (New York:  Franklin Watts, Inc., 1969) is a brief biography of George Washington as a soldier and provides a good snapshot of his battles and how they were conducted.
+
+2d Lieutenant Lila Faint, USA, wrote a short biography titled Lieutenant Colonel Thomas Knowlton, A Short Biography (n.d.  Military Intelligence Corps Association. 4 Jan 2002.  <http://www.micorps.org/knowlton/knowltonbio.htm>.).  It contains details of his life and the formation of his unit, Knowlton's Rangers.

markdown/misc/psp-0116.md

@@ -0,0 +1,66 @@
+Office of the Inspector General U.S. Department of Justice
+
+# Report On The President's Surveillance Program
+
+## Volumes I - Iii
+
+
+(Some previously redacted information unreadacted)
+
+## Note
+
+
+
+In connection with Freedom of Information Act litigation brought by The New York Times in the Southern District of New York, the OIG's July
+2009 "Report on the President's Surveillance Program" has been re-released with additional information declassified by agencies with the authority to do so.  The following pages in this version of the report contain information that was previously redacted:
+
+
+Volume
+Pages
+
+I
+
+27
+
+
+53-54 II
+
+122 III
+
+220
+
+
+334
+
+
+342
+
+
+344
+
+
+346
+
+
+349
+
+
+357
+
+## Redacted - For Public Release
+
+
+
+The Department of Justice Office of the Inspector General
+(DOJ OIG) is a statutorily created independent entity
+whose mission is to detect and deter waste, fraud,
+abuse, and misconduct in the Department of Justice, and
+to promote economy and efficiency in the Department's
+operations. Information may be reported to the DOJ
+OIG's hotline at www.justice.gov/oig/hotline or
+(800) 869-4499.
+
+
+Office of the Inspector General U.S. Department of Justice www.justice.gov/oig
+
+## Redacted - For Public Release

markdown/misc/quantum.md

@@ -0,0 +1,402 @@
+## Project Quantum Leap After Action Report V1.0 Draft 12 September 2012
+
+QUANTUM LEAP takes its name from a three-year series of exercises and technology experiments conducted by Naval Special Warfare Group ONE (NSWG-1) in the late 1990s to examine ways to make Naval Special Warfare relevant in the 21st Century.
+
+Building upon this successful heritage, the reincarnation of QUANTUM LEAP is intended to accomplish the same mission but this time for all Special Operations Forces. QUANTUM
+LEAP will do this by following the example set by the British Special Operations Executive (SOE) during World War II -
+leveraging cutting-edge technology to enhance the conduct of operations. In many respects, this is
+" .. an old way to do new business." 1
+Admiral William H. McRaven, "The Plan," circa 2000.
+
+## Table Of Contents
+
+I. Introduction
+II. QUANTUM LEAP Operational Concept
+III. Scenario
+IV. Experiments & Participants
+V. Conclusions
+VI. Summary and Thoughts on the Way Ahead
+Appendix A: Participants
+Appendix B: Charts and graphs from QL discussion
+Appendix C: Prospective Financial Information Sources (Spreadsheet)
+Appendix D. Prospective All-Source Information Sources (List)
+
+## L Introduction
+
+Special Operations Command National Capital Region (SOCOM NCR) is the interagency coordination center for USSOCOM in the W asbington DC area. Its stated mission is
+" ... to shape, coordinate, and support the synchronization of global SOF activities with the Interagency, Law Enforcement, Intelligence Community, TSOCs, multinational and private sector partners in order to integrate operational strategies and plans to achieve national security objectives, primarily along indirect lines of *operations.* "2 To this end, SOCOM NCR
+will facilitate and enable non-traditional capabilities, technologies, tactics, techniques and procedures (TIP), improve interagency cooperation and coordination with Washington DC-area organizations and agencies, and support the SOCOM global special operations mission.
+
+QUANTUM LEAP will be crucial to these tasks.
+
+The new QUANTUM LEAP is a planned six-part experiment sponsored by SOCOM
+NCR. The first iteration of QUANTUM LEAP (QL) was held at the OSD AT&L open-source development laboratory in Crystal City, Virginia from 08-17 August 2012. Approximately 50
+government and industry representatives attended this experiment.
+
+The first three days of the experiment (Wed-Fri, 08-10 August) were focused on definition of requirements and exploration ofthe experiment scenario. The following week
+(Mon-Fri, 13-17 August) was devoted to actual exploration of tools, and TIP to support the SOCOM NCR mission, in this first iteration concentrating on use of unclassified and open source tools and information to support the counter-threat finance (CTF) mission.
+
+The experiment scenario was based on an actual Department of Homeland Security
+(DHS) Immigration and Customs Enforcement (ICE) Homeland Security Investigations (HSI)
+Bulk Cash Smuggling Center (BCSC) money laundering case. NDA's were signed among all participants to permit open sharing of proprietary and law enforcement sensitive information among the participants. The ICE/HSI Intelligence Analyst and case lead John Clifton provided background on the case, which included a wide range of examples and the tactics of advanced money laundering activity.
+
+Against this scenario, various technologies were employed to identify and exploit the human, commercial and information networks associated with the money laundering case. The majority of these approaches utilized commonly available open sources and tools, in some cases integrated with specialized tools made available by the QL participants. From the use of these tools, new TIP were developed and explored.
+
+SOCOM NCR Charter (Draft) 01 October 2012.
+
+The most heavily used specialized tool employed in QL was Raptor X, a Government Off-the-shelf (GOTS) geospatial information system (GIS) developed by the Department of Energy (DOE) Special Technology Laboratory (STL) and operationally used by USSOCOM
+components. Raptor X is an open architecture that relies on "plug-ins" to import, exploit and display heterogeneous data. One of the tools developed as a Raptor X plug-in for QL was "Social Bubble," a tool which summons data via the Twitter API to display Twitter users, their geographic location, posted Tweets and related metadata in the Raptor X geospatial display. This tool was used heavily during QL to identify individuals and commercial entities associated with the money laundering network. Other participating tools and technologies included maritime and air surveillance networks, financial transaction analysis software, numerical analysis software and computer network monitoring and analysis tools and data visualization. None of the other third party tools were as heavily utilized as Raptor X (along with Social Bubble). This will be discussed at length in detail in section IV.
+
+Overall the experiment was successful in identifying strategies and techniques for exploiting open sources of information, particularly social media, in support of a counter threat finance mission. Major lessons learned were the pronounced utility of social media in exploiting human networks, including networks in which individual members actively seek to limit their exposure to the internet and social media; the need for a capability to collect, manage, and exploit "big data"; the importance of concentrating open-source collection on unique data sources vice unique exploitation tools; the need for specialized analytical expertise ("Subject Matter Experts" or SMEs) and the importance of developing a specific ontology of topics, terms and data types relevant to the specific threat model, in this case counter-threat finance.
+
+## Il Quantum Leap Operational Concept
+
+The QUANTUM LEAP operational concept envisions six separate iterations of the experiment over approximately six months, each with a different theme or scenario. The planned themes include:
+
+-
+Counter-Threat Finance (CTF)
+-
+Counter-Human Trafficking (CHT)
+-
+Counter-Terrorism/Homemade Explosives (CTIHME)
+-
+Counter-Narcotics/Drug Interdiction (CN)
+-
+Counter-Prolife.mtion(CP)
+-
+Critical Infrastructure Protection (CIP)
+The first theme, Counter Threat Finance (CTF), was explored in the first iteration of QL
+in August 2012. Subsequent themes are to be explored approximately monthly.
+
+The themes of all of the planned QL experiments will be similar to the earlier Naval Special Warfare (NSW) *Trident Spectre* series, including *"Think-Do-Innovate"* and "Evolving Threat - *Technology Driven."* Included among the goals for the initial experiment were an intent to leverage open-source, commercial, unclassified and law enforcement sources to gain increased insight into the scenario threat (moneylaundering) network and engage heavy use of social media sources to extrapolate, analyze and exploit the network. Additional goals were to evaluate network discovery processes and mechanisms and to capture and record the most effective technical applications and TIPs.
+
+Evaluation of the QL experiment process will be conducted in four principal areas:
+technology, process (e.g. TTPs), legal and policy. For example, against a given problem associated with the scenario, such as "identify entities associated with the money laundering network in a given geographic area, " a technology would be identified, TTPs associated with the use of that technology developed, and legal and policy issues, concerns or requirements would be addressed. This process was followed through multiple dimensions of the threat scenario and various use-cases were developed and demonstrated. This methodology led to identification of a significant amount of new and actionable information associated with an actual ICEIHSI CTF investigation during the first iteration.
+
+As part of this technology discovery process, tools and technologies were evaluated for maturity, including usability, versatility and effectiveness; availability, including classification, IT AR restriction, etc; and practicality, including cost, license schema, etc. It was noted that adherence to traditional DOD software procurement models, including a procurement TRM/CMMI level, etc, can be an impediment to obtaining the most modern and effective tools available.
+
+Tools and technologies were also evaluated for their applicability. The specific goal was to identify open, commercial, and unclassified sources relevant to counter threat finance (CTF)
+requirements. Eight "Categories of *Information"* were identified as characteristic of the CTF
+network exploitation problem. These are:
+
+-
+Business Networks
+-
+Human Networks
+-
+Communications
+-
+Financial interactions
+-
+Property/Real Estate
+-
+Assets
+-
+Transport and Logistics
+-
+Value Transfer/Movement of Goods
+It was also noted that it was essential to systematically assess and understand the nature and structure of CFT networks in order to identify likely multiple high value sources of information. This type of analysis requires specialized knowledge and expertise on the part of analysts and subject matter experts ("SME's") as well as access to tools tailored to each of the 8
+major information categories listed above.
+
+One of the major issues identified was the need for improved capabilities to acquire raw data from open sources for further reduction. One of the key types of data (under "financial interactions"#4 above) is banking secrecy data (BSA) obtained by law enforcement pursuant to a warrant. Transactional data obtained through other sources -law enforcement investigation and forensic exploitation of seized or otherwise obtained media - is also key to unraveling deliberately obfuscated transactions and relationships.
+
+Some data in other categories is available but not necessarily efficient to obtain unilaterally, such as real estate information (almost always public record) and transportation and logistics data. These types of data may be most efficiently obtained on a commercial or
+"subscription" basis from industry sectors that focus on the type of data in question.
+
+Network and communication data can be more complex to obtain and may require more sophisticated tools to exploit. On one hand, simply scraping the Internet can obtain a huge amount of data but the infrastructure required to perform the scraping is a highly complex effort Crowd-sourcing was also identified as another efficient way to obtain data. In the scenario of a money laundering network, various individuals around the world were identified with rich and highly specific knowledge of the network. Finding and leveraging such individuals can be a productive and effective strategy, but requires various forms of subject matter expertise to conduct.
+
+Human entity resolution is a requirement that will be common to almost any of the scenario categories proposed for the QUANTUM LEAP (QL) experiment series. Fortunately, penetration of social media, preponderance of publicly available Personal Identifying Information (PII) databases and sources, and advancements in available analytical tools significantly improves the ability to rapidly and accurately do human entity resolution from open sources.
+
+Various (over 300) other traditional and non-traditional open sources were identified with potential relevancy to the CTF mission. These include public sources such as the Patent Classification System, which has tremendous amounts of business information contained in patent applications, or subscription-based sources like Revere Data, who sell specialized financial and business data. Two sample lists of sources are included as Appendices C and D.
+
+An important dimension of the QL experiment was the evaluation of the policy and strategic considerations associated with open-source discovery and analysis of CTF data as well as the larger implications ofthe applications oftechnologies and TIPs developed as part ofQL.
+
+The discussion included consideration of the strategic goals of the emerging capability to be created by QL: What is it trying to accomplish? Who are the likely customers? Who are likely partners, collaborators, suppliers, and participants? Are there security or OPSEC considerations from advanced applications of open source collection and analysis capabilities? Although many ofthe types of issues were discussed, in general, no firm conclusions were drawn. Stated goals, however, were included to make the resultant capabilities applicable to and usable by the Theater Special Operations Commands (TSOC's, e.g. SOCCENT, SOCPAC, etc) and to make the technical capabilities interoperable with the proposed "Digital Joint Task Forces" (Digital JTFs)
+being created to support the transformed TSOC organizations. Another hypothesized goal is
+"parallel discovery," whereby open-source and commercial capabilities are identified or developed in parallel with government-owned capabilities and systems, in order to capitalize on the sharing of tools and information with interagency and international partners.
+
+## Ill Scenario
+
+The scenario for the first iteration of QUANTUM LEAP, Counter Threat Finance (CTF), involved an actual major money laundering case being investigated by the Department of Homeland (DHS) Security Bureau of Immigration and Customs Enforcement (ICE) Homeland Security Investigations Division (HSI) Bulk Cash Smuggling Center (BCSC). Details of the case are Law Enforcement Activity Sensitive (LEAS) and involve a wide range of real-world money laundering tactics, to include informal value transfer systems, unlicensed money services, conspiracy, wire fraud, layered transactions, masked ownership and beneficiary relationships, shell and shelf companies and the use of bank secrecy havens.
+
+The scenario threat network included several multi-national and US-based corporate entities, shell and shelf companies, dozens of individuals, and millions to billions of USD in assets. The total identified scope of the money laundering activity thus far identified is approximately $2.5 billion USD in five separate law enforcement cases.
+
+The purpose of the money laundering activity is to transfer and launder proceeds in the United States of illicit (and probably licit) activities in a country unfiiendly to the US. The funds are licitly or illicitly transferred to the US where they are then used in informal value transfer systems (IVTS), trade-based money laundering, fraudulent payments, wire fraud, bribes and kickbacks and possibly the black market peso exchange.
+
+The money laundering network includes several major groups in the US, which are all connected to financial and wealthy commercial interests in their home country. They all share various characteristics, including intricate networks of shell and shelf companies, large numbers of suspect illicit wire transfers, and use of unwitting or semi-witting proxies (often US citizens)
+and a heavy reliance on family and personal relationships.
+
+The various components of this scenario for this particular threat finance network operate globally, conducting large-scale business transactions in many different countries, relying on banking secrecy havens such as the British Virgin Islands, the Madeira Islands, Switzerland, and Bermuda.
+
+The success of the scenario network is enabled by the unfiiendly relations between their home country and the US, as well as heavy reliance on layered transactions, large numbers of wire transfers, including to/from bank secrecy havens, masked ownership and beneficiary relationship of many transactions, close relationships with the home country's government, and common use of inflated-value transactions, often offshore, with institutions in the home country.
+
+Facilitators in the threat network include registered agents, attorneys and accountants, uncooperative banks, limited liability corporations (LLCs), shell and shelf companies, and family members and close friends of the key participants. To exploit this network, heavy use was made of open-source information and social media, including the exploitation of publicly available personal identifying information {PII), web log (blog) postings about the network and its members, as well as publicly reported data about companies, banks or other entities associated with the network.
+
+The scenario investigation is a large interagency effort with participants from many non-
+DOD law enforcement and regulatory agencies, led by ICEIHSI. The main goals of the investigation includes the criminal prosecution of key leaders of the money laundering network, and possibly regulatory reform to make it more difficult for this type of activity to be conducted in the future.
+
+## W. Experiments And Participants
+
+Several industry representatives were invited to participate in QL to demonstrate their particular technologies or capabilities. Most of the industry participants were developers or providers of software tools, chosen for their potential applicability to the CTF scenario.
+
+## Raptor X!Creative Radicals
+
+The backbone of the open source analytical effort was Raptor X, a GOTS GIS
+architecture designed to incorporate a wide range of''plug-ins" or software modules from third parties to enhance the ability to discover relationships, human networks, and geospatial features.
+
+The key plug-in used with Raptor X in the first iteration of QL was called "Social Bubble," developed by Creative Radicals, Inc. (http://creativeradicals.com/) Social Bubble enabled search via the Twitter API and display of Twitter-related content associated with the search query within Raptor X. This tool was heavily used to explore human networks associated with the CTF scenario and enabled identification of various entities: people, businesses and locations associated with the moneylaundering network.
+
+## Information Systems Worldwide (I_Sw)
+
+i_SW (http://www.iswcorp.cornD is one ofthe principal contractors building the "Digital JTF'
+concept on behalf of SOCOM NCR to support the "TSOC transformation". I_SW engineers and developers participated in QL to evaluate the process and tools developed for subsequent integration into the Digital JTF concept.
+
+## Cybertap
+
+The Cybertap Corporation (http://www.cybertapllc.comt) produces a tool called
+"Recon"that can be used to recreate data streams from an Ethernet ''tap" or packet capture file.
+
+The tool is effective at recreating documents and pages from a raw TCPIIP packet stream.
+
+Documents are re-created in their native format, .html, .pdf, etc. While there are many other tools, including many open source programs, that will recreate a TCPIIP stream, Rr tap to provide data for it to process.
+
+## Red Cell Intelligence Group
+
+Red Cell Intelligence Group ( http://www.redcellig.com/) is a financial intelligence company who specialize in characterizing global correspondent banking relationships. They collect data from several public or commercial sources, including comparatively expensive financial industry data subscriptions, to create a searchable database of international banking relationships. This data is potentially highly applicable to the CFT scenario although no sample data related to the scenario was introduced during QL.
+
+## Lockheed Martin Inc
+
+Lockheed Martin (http://www.lockheedmartin.comD primarily participated by having representatives to observe and advise on organizational issues. They did not demonstrate any software tools.
+
+## Green Line
+
+Green Line Systems (http://greenlinesystems.com/index.php) is a commercial maritime tracking and analysis company. Their "MDA WatchK.eeper" product delivers comprehensive global ship tracking and analytical services in a Software as a Service (SaaS) format. For QL
+they demonstrated the ability to track a particular ship or ships associated with a named company or other commercial entity including transoceanic transits.
+
+## G. Intrusion, Inc.
+
+Intrusion, Inc. (http://www.intrusion.comD specializes in large scale open-source monitoring and analysis. They have a nearly unique capability (shared only with large search engines such as Google) to index the internet and establish network relationships, status, and topography over time, as well as collect large quantities of data from the "deep web", or sources which are accessible via the internet but not necessarily indexed or linked via a WorldWide Web
+(WWW) page. Intrusion's capabilities include several software tools:
+
+-
+Savant: the principal data accumulator or engine that indexes the internet on a constant
+basis
+-
+Resume Harvest: a tool to collect individual resumes posted on the internet
+-
+Trace Viewer: a tool to geolocate IP addresses and map the global IP space
+-
+Global Harvest: a large repository of WWW and web server data
+-
+GeoObjects: a tool to fuse multi-source locative data
+-
+TraceCop: monthly survey of internet topography
+-
+Trace Viewer: global IP space mapping via traceroute
+They did not provide any sample data sets during the first iteration of QL but would
+probably be able to provide some sample data for future iterations, if given some advance
+indication ofthe subjects of interest.
+
+## Numerica Corporation.
+
+Numerica Corporation (http://www.numerica.usl) produces computational software for compressing and evaluating geospatial data. Their tool is capable of real-time signal processing on networks and potential detection of anomalous behavior, but use of the Numerica tool against a digital file containing steganography might erase the steganographic payload, similar to other compression tools. During QL, the Numerica tool was not used significantly, likely due to the lack of a candidate dataset to process.
+
+## Semantic Research Inc (Sri)
+
+Semantic Research Inc. (SRI) (http://www.semanticresearch.comD produces the Semantica visual analytics tool. Semantica is capable of ingesting structured and semi-structured data and displaying it in a "triplet" format, e.g. two entities and a relationship, such as "Acme Widgets is owned by Wile E. *Coyote."* Triplet datablocks can then be interrelated to identify and visualize networks. Semantica is capable of processing and visualizing live data, if the data is structured in a format that the tool can ingest.
+
+SRI provided a limited demonstration of the Semantica visual analytics tool. It was proposed that SRI develop a ''plug-in" version of Semantica to interoperate with Raptor X for future iterations of QL.
+
+## Sherpa Analytics
+
+Sherpa Analytics (htq>:/ /www .sherpaanalytics.comD specializes in the near real time and automated analysis of publicly available data in all media channels, especially the social media, in many languages, to extract indicators and assess insights that impact target audiences. Sherpa discussed but did not demonstrate their capabilities. It appears they mainly offer a consulting service using off-the-shelf tools, vice providing a tool of their own. Their capabilities, focusing on social media collection and analysis, appear to be a very good fit for QL requirements, however.
+
+## Cypherpath
+
+Cypherpath (http://cyphemath.comD participated in QL principally by providing a financial crimes subject matter expert who was able to guide the open source data collection effort as well as providing a comprehensive overview of the mechanics of moneylaundering.
+
+## Basis Technology
+
+Basis Technology (http://www.basistech.com/) provides text analytics and digital forensics tools potentially useful for media exploitation or analytics particularly of foreign language text sources. They are supporting the Digital J1F effort and their capabilities are probably desirable for QL requirements as well, although they did not specifically demonstrate applicability of any of their tools to the QL scenario in this interation.
+
+## Actionable Intelligence Technologies (Ait)
+
+Actionable Intelligence Technologies (http://www.aitfis.comD produces a financial analysis tool called "FIS" (for Financial Intelligence System). It is, in effect, an accounting software package similar to Quicken or Peachtree but modified and optimized for financial investigations. It is used by many financial crimes investigatory agencies, including IRS, FBI, Secret Service, etc, to reconstruct and analyze large-scale financial records. AIS advertises that an investigative agency can perform an entire investigation in FIS, including importing and managing documents, records analysis, intelligence data capture, and automated analytics. AIS
+demonstrated FIS during QL and it appeared to be one of the most relevant and valuable tools to CTF requirements.
+
+More than 200 additional open-source tools and sources were identified relevant to counter threat finance. Some were investigated or used during QL while others were identified as desirable **but** not available during the experiment. These additional sources are described in Appendices C and D.
+
+## V. Conclusions
+
+The first iteration of QUANTUM LEAP 2012 (QL) successfully developed and identified technologies, sources, TIPs, policy and legal issues and strategies for developing a capability to support Counter Threat Finance (CTF) requirements and missions.
+
+With over 50 participants in the initial experiment over the course of 8 days, there was a wealth of valuable input, resulting in development of a coherent methodology for approaching CTF missions.
+
+This methodology is described as an iterative cycle, with an initial input of known and unknown indicators ofCTF-related activity. Subsequently a phase of mapping and discovery is initiated, identifying people, assets, money, criminal activity, etc. This is followed by forensic development of a movement and chronology narrative of transactions, goods exchanged, communications, and transportation. Subsequently the narrative is mapped against targeted outcomes, e.g. desired end game, etc, to inform specific actions to be taken. Every time a new entity is identified associated with the CTF network or activity, the cycle is repeated. This cycle is illustrated in Figure 8 of Appendix B.
+
+Also identified as part of the initial QL effort were broad categories of functions needed for SOCOM NCR These include:
+
+-
+Training
+- Processes
+- Protocols
+- Data
+-
+Technology
+0
+Discovery
+0
+Maturation
+0
+Transition
+- Cooperation between stakeholders
+-
+Strategy
+- Risk Mitigation
+- Liability - Counterintelligence
+-
+Work Processes
+-
+Interagency Collaboration
+-
+Information Sharing
+-
+Communications
+- Funding
+-
+Feedbackloop~sons~ed
+-
+Resiliency, Robustness, and Repeatability
+-
+Research and Development
+These categories, described as "nodes in the solution set", were not completely developed during the first iteration but will be subjects for continued discussion at the next and subsequent QL experiments. Some additional requirements or needs identified for future QL iterations were also identified, including:
+
+-
+Need to identify and prioritize target datasets within the 8 major categories (see Section II
+above)
+-
+Need to identify strategies for rapid large-scale data reduction, to "zero in" in on potential
+targets in a timely way.
+-
+Need to develop strategies for "triage" of targets, especially in CTF investigations, to
+avoid inaccurate targeting and wasted effort.
+-
+A strategy is needed for development of measures of effectiveness (MOE). These may be
+different depending on the mission (CTF vs CT, CP, etc) but the metrics should be clear,
+unambiguous, and agreed upon with interagency partners.
+-
+Also needed are ontologies for technical and social media collection, to clearly enumerate
+what data is sought from what sources, relevant to the eight categories of CTF -related
+information and the CTF exploitation cycle.
+Some generalized additional conclusions:
+
+-
+It would be highly desirable to recruit additional participants from the social
+media monitoring industry. Social media monitoring is a rapidly growing commercial
+sector, primarily focused on private sector marketing. But the same tools and
+technologies would apparently be highly applicable to QL requirements as well.
+-
+Future participants in QL experiments should be ~ed" with information about
+the theme and scenario for the experiment and encouraged to develop or modify their
+technologies or capabilities for demonstration against the specific scenario for that
+iteration. Ideally, participants should be provided in advance with some sample data as an
+example or for use with tools that do not collect data organically.
+-
+We are currently in a "window .. of opportunity for exploitation of social media
+sources for application to CTF or other SOCOM NCR missions. 1bis window could be as
+narrow as 18-24 months before the social media phenomenon transforms. This future
+transformation is unknown and could offer additional opportunities, or existing
+opportunities could be closed, but the only thing that is certain is that there will continue
+to be rapid change.
+-
+Legal review of the appropriate use and application of social media data is in its
+infancy. Social media is transforming notions of privacy and distinctions between
+personally identifiable information (PII) and self-reported public information will have to
+be established by precedent in case law.
+-
+Almost all information relevant to the QL experiment has a locative context.
+Location based services (LBS) are becoming integrated into every facet of our lives and
+are becoming much more accepted. There is a cultura1/generational component to
+acceptance of LBS in social media.
+-
+Strategies and tactics to protect operational security (OPSEC) in the open-source
+exploitation process are very important and can be very difficult But use of open sources
+is a "double edged sword" that can compromise OPSEC as readily as it can contribute to the mission.
+
+QUANTUM LEAP (QL) intends to use a secure workspace and collaboration capabilities in the performance of future advanced, cutting edge technology demonstrations. The SOCOM
+NCR Collaboration Portal (SNCP) will be specially tailored to provide a Secure Work Environment (SWE) to enhance the performance ofQL by offering government, industry, interagency and academic partners the capability to share information and work asynchronously from remote locations when required- all secured by the portal. There are three stages to this process of SWE integration:
+
+-
+Stage one consists of mapping the integration methodology needed to ensure that the
+developing Innovation can be readily transitioned to a secure work environment (SWE)
+-
+Stage two is formatted as pre-deployment zone which mirrors portal hardware, software
+and network environment while only allowing access to limited users -to include original
+developers and beta-testers as required
+-
+Stage three is a fully-operational enclave that addresses the security concerns related to
+the innovation product, allows remote web access, is part of a collaborative environment
+To complete the creation of the SWE, an Innovations server will be connected to the Portal server enclave which will be accessible via a public-facing web address and/or the collaboration layer, as required. The work spaces will pull information into data groups which will be accessed by Innovations and also be able to export results in multiple formats. A risk assessment of each innovation package will be prepared and provided to the appropriate decision makers. The SWE will allow an Innovation to be held in the pre-deployment zone or cycled back to the QL for further development. Users can be segmented and all users on the network will have visibility as to who is on the network. A future enhancement will allow the creation of special classes of users, to enable secure yet limited access and functionality for trusted but unvetted foreign partners.
+
+## Vi. Summary And Thoughts On The Way Ahead
+
+In summary, the August 2012 QUANTUM LEAP experiment yielded some vital insights into the process of exploiting social media and other open sources within a Counter Threat Finance (CTF) scenario, as well as highlighting many of the technical, organizational, legal, policy and procedural issues important to the development of the SOCOM NCR organization.
+
+There were numerous "Lessons Learned" for future iterations of the QL which will inform and improve each successive experiment. As a result of this experience, the next QL iteration should be even more productive and effective in addressing SOCOM NCR's unique needs and requirements.
+
+With regard to the way ahead, it would be prudent for SOCOM NCR and SOCOM writ large to take a hard look at the way C1F is currently conceptualized and executed within DoD
+and a wider interagency context. Terrorist, insurgent, weapons proliferation and Transnational Organized Crime (TOC) networks ali rely on irregular ways and illicit means to fund their activities, to include donations from non-governmental organizations (NGOs) and clandestine financial support from hostile foreign governments. As we witnessed in the QL scenario, sophisticated front companies-established by an adversary as part and parcel of an Irregular Warfare (lW) strategy-are another important financial source, generating self-sustaining streams of revenue, laundering illicit money, and providing covert means to penetrate economies, states and societies. Such legitimate looking companies can be used to cloak lesssophisticated, large-scale means of transferring illicit funds, such as bulk cash shipment and trade-based money laundering. Protecting or attacking these networks- including their financial bases of support, means of sustainment and lines of communication-has always played an important role in the history of warfare. Yet, in the 21st-century era of globalization and IW, the challenge of countering the financial and economic depth of our adversaries in conflict has become remarkably complex. Early on in the QL first iteration, a couple of points became apparent:
+
+-
+There is a need to develop or identify USSOCOM policy relevant to Counter Threat
+Finance (CTF) missions. It was unclear to the QL participants if SOCOM has a
+command-wide policy or instruction governing CTF outside existing DOD instructions
+and directives.
+-
+A "policy road.map" for CTF in the USSOCOM claimancy is needed, which will
+probably need to be coordinated or staffed with OSD USD(I) and ASD(SOLIC)
+Given the complexity ofroqay's threat and IW financial networks, CTF as it currently exists may be too narrowly defined. From the current strategy, this is:
+"CTF is defined as the means to detect, counter, contain, disrupt, deter or dismantle the transitional financing of state and non-state adversaries threatening US national security. Monitoring, assessing, analyzing and exploiting financial information are key support functions of *CTF activities.* "3
+The scope of DOD interests in preventing US adversaries access to resources to support their activities goes far beyond financing. We should also consider non-financial resources as targets for coordinated, "whole of government" action to include:
+
+-
+Counter trafficking- narcotics, illicit goods (e.g., counterfeited contraband, blood
+diamonds, etc.), weapons transfers, human trafficking and weapons of mass destruction
+and subcomponents (the latter two are subjects of future QL experiments)
+-
+Facilitating US and allied law enforcement actions to undennine TOC networks (i.e.,
+arrests, prosecutions, asset seizures)
+-
+Economic activity and lines of communication ("ratlines") disruption
+Department of Defense Counter Threat Financing Strategy, p. vi.
+
+-
+Disrupting/undermining adversary critical infrastructure and economies (Economic
+Warfare)
+-
+Support for economic development programs to undermine insurgencies (e.g. alternative
+crop programs in Colombia and Afghanistan)
+-
+Counter transfer of dual-use technologies
+While strategy and policy formulations refer to most if not all of the above, there is no coherent DOD strategy that is all-encompassing, and provides the capability for DOD to provide
+support to counter IW adversaries in peacetime, as well as war. In the larger view, perhaps a better terminology is "Countering Threat Resources (CTR)" vice purely CTF. As such, CTR may be more broadly defined as follows:
+"CTR is the strategy of undermining the economic activities that generate financial resources for adversary nation states, insurgent groups, terrorist organizations and individuals who are part of or supporting forces engaged in hostilities against the US, its collation partners and allies. This includes actions taken against persons who have committed a belligerent act or supported hostilities in the aid of enemy forces, to include criminal enterprises linked to these activities. "
+Given the seamless nature of adversary economic activities, it is also our view that the future design of CTF /CTR should take a global view, and not piecemeal the problem by limiting the spectrum of action or carving CTF/CTR up along Geographic Combatant Commander (GCC)
+lines. This will yield a system that will have too narrow a mission focus, will thus "miss the bigger picture" with regards to enemy economic activity, will not have the agility to act or coordinate action in response to disruption actions and will not be able to measure and assess the effects of disruption activities and their impact on adversary networks, not to mention on our collation partners and allies. Therefore it is the view of the QL participants that SOCOM should advocate for the following:
+
+-
+Develop a more encompassing CTF/CTR strategy that incorporates a "whole of
+government" or more broadly "whole ofnation(s)" that provides DOD the flexibility to
+support CTF *ICTR.* and Economic Warfare activities in both peace and war
+-
+Clearly define DOD (and SOCOM's role) in CT, CN and CTF/CTR activities and the
+derivative authorities involved
+-
+CTF *ICTR.* should be a national priority and directed at the national level, with a national
+interagency center directing the action worldwide (central planning/de-centralized
+execution), supported by technology that can be brought to bear on the problem to
+provide global situational awareness
+-
+Examine the JlA TF-South military - law enforcement - international cooperation model
+for a combined interagency CTF /CTR operations center that would work in conjunction
+with SOCOM NCR

markdown/misc/remote.md

@@ -0,0 +1,553 @@
+# National Geospatial-Intelligence Agency
+
+7500 GEOINT Drive Springfield. Virginia 22150
+Steven Aftergood Sent via U.S. mail November 28,2012
+Re: FOIA Case Number: 20100025F
+Federation of American Scientists
+1725 Desales Street NW, Suite 600
+Washington, DC 20036
+Dear Mr. Aftergood:
+This letter responds to your October 29, 2009 Freedom oflnformation Act (FOIA) request, which we received on October 29, 2009. You requested access to documents pertaining to "U.S.
+
+National Security and Economic Interests in Remote Sensing: The Evolution of Civil and Commercial Policy by James A. Vedda, Aerospace Corp., February 20, 2009, prepared for NGA Sensor Assimilation Division." , A search ofNGA's system of records located one document (37 pages) that is responsive to your request. We reviewed the responsive documents and determined they are releasable in full.
+
+If you have any questions about the way we handled your request, or about our FOIA regulations or procedures, please contact Elliott Bellinger, Deputy FOIA Program Manager, at 571-557-2994
+or by email at Elliott.E.Bellinger@nga.mil or via postal mail at:
+National Geospatial-Intelligence Agency FOIA Requester Service Center
+7500 GEOINT Drive, MS S71-0GCA
+Springfield, VA 22150-7500
+Sincerely,
+~
+Elliott Belinger Deputy FOIA Program Manager
+
+20 February 2009
+James A. Yedda NSS Programs Policy and Oversight National Space Systems Engineering Prepared for:
+National Geospatial-Intelligence Agency Sensor Assimilation Division Sunrise Valley Drive Reston, VA 20191-3449
+Contract No. F A8802-09-C-OOO 1
+Authorized by: National Systems Group Distribution Statement: Distribution authorized to U.S. government agencies and their contractors only; administrative or operational use, 20 February 2009. Other requests for this document shall be referred to NGAIOIPP.
+
+Destruction Notice: For classified, limited documents, follow the procedures in DOD 5200.22-
+M, National Industrial Security Program Operating Manual (NISPOM), Paragraph 5, Section 7.
+
+For unclassified documents, destroy by any method that will prevent disclosure of the contents or reconstruction of the document.
+
+## Report Documentation Page
+
+The public reporting burden for this collection of information is estimated to average 1 hour per response, including the time for reviewing instructions, searching existing data sources, gathering and maintaining the data needed, and completing and reviewing the collection of information. Send comments regarding this burden estimate or any other aspect of this collection of information, including suggestions for reducing the burden, to the Department of Defense. Executive Services and Communications Directorate (0704-0188). Respondents should be aware that notwithstanding any other provision of law, no person shall be subject to any penalty for failing to comply with a collection of information if it does not display a currently valid OMP control number.
+
+7. PERFORMING ORGANIZATION NAME{S) AND ADDRESS(ES)
+8. PERFORMING ORGANIZATION REPORT NUMBER
+The Aerospace Corporation, Center for Space Policy & Strategy, 1000 Wilson TOR-2009(360 I )-8539
+Blvd., Suite 2600, Arlington, VA 22209
+
+## 9. Sponsoring/Monitoring Agency Name(S) And Address(Es) 10. Sponsor/Monitor's Acronym(S)
+
+National Geospatial-Intelligence Agency
+NGNOIPP
+Sensor Assimilation
+11. SPONSOR/MONITOR'S REPORT NUMBER(S)
+
+## 12. Distribution/Availability Statement U.S. Government And Contractors 13. Supplementary Notes
+
+14. ABSTRACT
+lbe Aerospace Corporation prepared this report in partial fulfillment of a study for NGA on balancing national security and economic equities in satellite remote sensing. The report chronicles the policy history of civil and commercial remote sensing from 1960 through 2008. It highlights the difficulties in establishing a consistent government role in a field where public good and private profit exist side-by-side, and where business interests have the potential to contribute to and conflict with national security interests.
+
+## 15. Subject Terms Commercial Remote Sensing, Civil Remote Sensing
+
+16. SECURITY CLASSIFICATION OF:
+17. LIMITATION
+18. NUMBER
+19A. NAME OF RESPONSIBLE PERSON
+A. REPORT
+B. ABSTRACT
+C. THIS PAGE
+OF ABSTRACT
+OF PAGES
+James A. Yedda
+u
+u
+u
+uu
+30
+198. TELEPHONE NUMBER (INCLUDE
+AREA CODE)
+(703) 812-7042
+
+20 February 2009
+James A. Yedda NSS Programs Policy and Oversight National Space Systems Engineering Prepared for:
+National Geospatial-Intelligence Agency Sensor Assimilation Division Sunrise Valley Drive Reston, VA 20191-3449
+Contract No. FA8802-09-C-0001
+Authorized by: National Systems Group Distribution Statement: Distribution authorized to U.S. government agencies and their contractors only; administrative or operational use, 20 February 2009. Other requests for this document shall be referred to NGAIOIPP.
+
+Destruction Notice: For classified, limited documents, follow the procedures in DOD 5200.22-
+M, National Industrial Security Program Operating Manual {NISPOM), Paragraph 5, Section 7.
+
+For unclassified documents, destroy by any method that will prevent disclosure of the contents or reconstruction of the document.
+
+Approved by:
+-")
+./)~~
+[1~r;~ :
+Allan W. LeGrow Principal Director National Space Systems Engineering Systems Planning and Engineering
+
+## Table Of Contents Of Contents
+
+1.
+Civil Remote Sensing Programs, 1960-1992........c.ccereirienieecereeereeerrrreercsnresetessseeseesressssessnsesssesnnes 1
+I.
+Civil Remote Sensing Programs, 1960-1992 ........ I
+I.T
+Weather Satellites......oociioiiiieeieecieieree
+et st et
+e
+e et e s
+et sar e ba e ss e s e s e esseesnssnesesasnnansesan 1
+1.2
+Human Earth ObSErvation ........ccuiiiiririniiiinerie
+e cecesetr s et ee e
+e eessete e saesaesensessennseensans 2
+1.3
+Landsat: Experimental or Operational SYSTemM? ........cvveeeiiveriereerieeiieseeeeseeeesssaeseessssenans 3
+1.4
+A Failed Attempt at Privatization........ccccooveevireeniininienieccrrcnecccne
+et
+e 4
+1.5
+Factors Affecting the Viability of Commercial Remote Sensing........cccceeeceeeeiercveevierreceeeennc 8
+1.6
+ Foreign Interest Leads to a Proliferation of Orbital ObServers ........cccceeeveveeeiiiecreceeececcieeens 9
+2.
+Civil and Commercial Remote Sensing, 1992-2008 ........ocvrieeereniirienieneiiisienecsresreseseresssreesasssesnenes 13
+2.1
+ Corrective Action on Remote Sensing POlICY .......ccoviiieericrinsiirinrie et 13
+2.2
+Commercial Remote Sensing Policy Takes Shape ........cccceevveeveeecieecierecieercerereeeevaeesenens 15
+2.3
+Recent Developments in Civil Remote SenSing ....c.cccceeevieiiieeninemiiseecsesveseseesineseeeeseveenas 21
+
+ALCTOMYINS
+             ettt
+                        ettt et et vte e
+                                        e st e e
+                                            e e s
+                                                m e e e et e sseassessnseansea e saeesseassaseassessassasataseassserasnssersseanssessnsenreners 29
+
+| 1.1         | Weather Satellites I                           |
+|-------------|------------------------------------------------|
+| 1.2         | Human Earth Observation 2                      |
+| 1.3         | Landsat: Experimental or Operational System? 3 |
+| 1.4         | A Failed Attempt at Privatization              |
+| 1.5         | Factors Affecting the Viability                |
+| 1.6         | Foreign Interest Leads to a Proliferation      |
+| 2.          | Civil and Commercial Remote Sensing, 1992-2008 |
+| 2.1         | Corrective Action on Remote Sensing Policy     |
+| 2.2         | Commercial Remote Sensing Policy Takes Shape   |
+| 2.3         | Recent Developments in Civil Remote Sensing    |
+| Acronyms 29 |                                                |
+
+## List Of Figures List Of Figures
+
+Figure 1. Commercial Remote Sensing Industry EVOIULION.....c.c.cucciiiiciiniiiiee
+e ciecteceecte e
+e 20
+Figure 2. Earth Science Mission Profile 1997-2003.......coocieemirriiiieeciereneesineecseeessrecrsssessessssnsessssessens 25 Figure 3. Earth Science Mission Profile 2004-2011.......ooovieveerimrieiiireeeeieenreesereenresseessssesseessssens 26
+Figure I. Commercial Remote Sensing Industry Evolution ........ 20 Figure 2. Earth Science Mission Profile 1997-2003 ........ 25 Figure 3. Earth Science Mission Profile 2004-2011.. ........ 26
+
+## Foreword
+
+The documentation and study of lessons learned is an important tool for guiding policy formulation and implementation, just as it is for technology development and operations. The policy history of civil and commercial remote sensing goes back to the beginning of the space age and is closely intertwined with national security policy. It has been remarkably difficult to establish a consistent government role in a field where public good and private profit exist side-by-side, and where business interests have the potential to both contribute to and conflict with national security interests. Despite a number of important achievements in remote sensing technology and applications, the policy history in this area is riddled with missteps, delays, and indecision. As the nation becomes increasingly dependent on civil and commercial satellite remote sensing capabilities for environmental monitoring, climate studies, resource and land use management, and support to national security needs, the errors of the past must be avoided so that the required capabilities can be provided in an affordable and timely manner.
+
+This report is a component of a larger project begun in fiscal year 2008 by The Aerospace Corporation for the National Geospatial-Intelligence Agency (NGA). The project seeks to define the balance between the national security sector's needs and aspirations for satellite remote sensing and those of the economic and scientific communities. Aerospace's Center for Space Policy & Strategy contributed the civil and commercial analysis, presented here in two parts. The first part begins in the early days of the space age when NASA, NOAA, and other civilian agencies laid the groundwork for the science, technology, and eventual commercialization of remote sensing. The second part begins in
+1992, a turning point for commercial remote sensing efforts. At that point, a major course correction in national policy began at the same time that technical advances and industry efforts started to show promise. By late 2008, considerable progress was evident in both commercial enterprise and NASA
+Earth science research, but difficult challenges remained for both endeavors.
+
+## 1. Civil Remote Sensing Programs, 1960-1992
+
+Earth observations, in addition to their utility for defense and intelligence purposes, yield important civilian benefits involving a wide range of disciplines. For example, satellite images can be used for weather forecasting, climate studies, map making, land use planning, pollution detection, wildlife conservation, mineral location, crop management, forest conservation, water supply management, and earthquake zone identification. Comprehensive estimates of the national and worldwide societal and economic benefits from applications of satellite remote sensing are impossible to determine.
+
+Numerous case studies related to resource exploration, agricultural use, and natural disaster mitigation and recovery have demonstrated that the benefits are real, though difficult to quantify.
+
+Weather data alone are responsible for saving untold millions of dollars annually in the U.S. in the transportation, utility, and agricultural sectors. 1
+The potential value of imagery from space was identified long before the dawn of the space age,2 so it should be no surprise that space systems and applications directed toward realizing this potential were early goals of the U.S. civil space program. A logical start was the development of capabilities to augment existing government activities such as monitoring the weather.
+
+## 1.1 Weather Satellites
+
+Weather satellites require low spatial resolution since their primary task is tracking weather patterns that can cover vast areas. The less-demanding sensors for this job were addressed early in the space age and yielded immediate, obvious benefits. The first in a series of civilian weather satellites, the Television and Infrared Observation Satellite (TIROS), began service in 1960. In the decades that followed, civilian and military weather satellite programs developed in parallel with each other.
+
+The U.S. government's civilian weather satellites are operated by the National Oceanic and Atmospheric Administration (NOAA), which is in charge of the National Weather Service. Spawned from the Environmental Science Service Administration and other legacy organizations going back to the early 19th century, NOAA was created within the Department of Commerce (DoC) in 1970.3 In keeping with NOAA's mission, sensors for atmospheric research, such as radiometers, accompany the standard weather imaging hardware to perform additional functions such as tracking of atmospheric ozone concentrations. One ofNOAA's polar orbiters documented the seasonal Antarctic ozone hole as early as 1978, though researchers didn't understand what the data meant until it was correlated with British ground observations seven years later.
+
+As much as we still bemoan the errors made by the "weather guessers" on the local TV news, their seven-day forecasts are substantially more accurate than the two-day forecasts that were developed prior to the birth of weather satellites. In the decades since this capability emerged, countless lives, property, and crops have been saved as a result. We take for granted the nightly weather map shown on newscasts, but we are repeatedly reminded that early warning of a severe turn in the weather, made possible by a long-term commitment to satellite technology for the public good, can prove extremely valuable.
+
+## 1.2 Human Earth Observation
+
+Unclassified Earth observations from orbit for purposes other than weather started almost as an afterthought in the early 1960s using some fairly standard equipment: hand-held cameras and astronauts' eyeballs. Initially it was believed that the occupants of spacecraft orbiting at altitudes in excess of 100 miles would be incapable of discerning much detail on the Earth's surface. In fact, ground controllers originally did not believe the Mercury astronauts who reported what they saw below, such as Gordon Cooper's description of a train moving crossing the midwestern United States. 4 But after more experience and photographic proof, it was clear that a potentially valuable capability was in the making.
+
+Earth observation in Project Gemini benefited from longer duration flights, an extra pair of eyes on each flight, a variety of orbital altitudes, and remarkably clear atmospheric conditions. The pictures brought back from the Gemini flights pointed the way for civilian applications of high-resolution imaging systems. This was evident even outside ofNASA, particularly in the U.S. Departments of Interior and Agriculture. Crews aboard Skylab during 1973-74 followed up with even more extensive Earth observations from orbit, but by that time NASA had already launched the first civil remote sensing satellite.
+
+The space shuttle program continued the tradition of human observations, with each flight bringing back pictures of Earth sometimes numbering more than a thousand. Shuttle astronauts are the most skilled observers the U.S. has sent into space, having been trained by the Space Shuttle Earth Observations Office at the NASA Johnson Space Center. Beyond simply learning how to use the camera equipment, astronauts also are taught how to identify and evaluate interesting phenomena and are briefed on what to look for on their particular flight. As the astronauts' trainers have noted,
+... astronauts are unexcelled at detecting dynamic phenomena whose existence and location cannot be predicted. Astronauts operate in a discovery mode: detecting, evaluating, and documenting anomalous phenomena. This capability is not matched by any existing or planned satellites. 5
+
+## 1.3 Landsat: Experimental Or Operational System?
+
+Drawing on what had been learned from early human spaceflights, the development of weather satellites, and the agency's work on Lunar Orbiters and other space probes, NASA established its first Earth resources program in 1964. The Departments of Interior and Agriculture quickly took interest, but became frustrated with NASA's approach. Interior and Agriculture wanted a simple, affordable satellite system that could be brought into service quickly to serve immediate needs. However, NASA
+wanted an experimental system aimed at advancing the state of the art in sensor technologies and favored the use of manned platforms. NASA did not want to become an operator of an orbital imagery service for other agencies, nor did it want to share the planning or control of the system. By
+1966, the user agencies, especially Interior, wanted to forge ahead on their own, but budget concerns and eventual interagency compromises would prevent this from happening. 6
+The Bureau of the Budget (later renamed the Office of Management and Budget, OMB) did not want to fund an ongoing operational system unless it could be demonstrated that such a system would pay its way through savings to user agencies and/or fees collected from users outside the U.S.
+
+government. 7 With this restriction in mind, an interagency compromise was reached and NASA
+launched its first land remote sensing satellite in 1972. Initially called the Earth Resources Technology Satellite, it was renamed Landsat, a label that has been applied to seven members of the series to date. NASA originally was responsible for designing, procuring, launching, and operating the spacecraft, including data collection at the Goddard Space Flight Center, while the Department of Interior's U.S. Geological Survey (USGS) was given the task of archiving and distributing the data, to be carried out by the newly established EROS Data Center in Sioux Falls, South Dakota.
+
+The experimental satellite's user community was expected to consist almost exclusively ofNASA, Interior, Agriculture, and their associated research communities around the country. But even before the launch of the first satellite, scientific interest in the U.S. and around the world far exceeded NASA's expectations. 8 By the time it completed its first decade of operation, the Landsat system had users throughout the government, including the Defense Department and state and local agencies;
+corporations, especially oil and mineral companies, as well as private firms offering processing and analytical services for the raw data; environmental groups; and foreign users in over 130 countries, some of which built their own ground stations to receive the data.9 However, despite the extent and diversity of this community, it was not enough to justify development of an operational system. Users paid only for distribution costs, and it was evident that many would not continue to use the data if they were required to pay a price reflecting the full costs of the system. Also, many potential users did not want to become reliant on a system that could change its specifications or disappear at any time.
+
+This limited Landsat's constituency, making it difficult to prove the operational utility of Earth resources satellites using an experimental system.
+
+The first three Landsat spacecraft flew in the 1970s with two instruments, the Return Beam Vidicon and the Multi-Spectral Scanner (MSS). When the time came to plan Landsat 4, NASA wanted to replace the Vidicon with a new sensor called the Thematic Mapper (TM), and the OMB proposed eliminating the MSS on the grounds that it was ready for operational use and therefore did not belong on an experimental satellite. Although the TM would improve spatial resolution to 30 meters
+(compared to 80 meters for the MSS), it would produce data incompatible with the MSS system. The users ofMSS data were a large enough group by this time that the proposed change prompted an outcry to save the MSS and a recommendation by an ad hoc council in the White House Office of Science and Technology Policy to continue flying the MSS. 10 Both the MSS and TM sensors flew on Landsats 4 and 5, launched in July 1982 and March 1984, respectively. Both satellites lasted well beyond their expected lifetime, with marginal functionality still available more than 20 years later.
+
+Landsat 6 was lost in a launch failure in October 1993. Landsat 7 made it to orbit safely in April 1999
+and continues to function as of this writing, although with degraded capabilities. 11 These launches followed more than a decade of activity aimed at stabilizing the land remote sensing program, but this goal would remain elusive.
+
+## 1.4 A Failed Attempt At Privatization
+
+The seemingly rapid evolution of Landsat applications led some to believe, in the late 1970s, that land remote sensing was ready to be moved out ofthe federal government to become a profit-making private sector activity, as had been done with communications satellites several years earlier.
+
+Proposals for an operational Landsat system were brought to Congress and the executive branch, some favoring government management, some preferring the private sector, others encouraging the creation of a quasi-private company similar to Comsat. 12 The issue remained unresolved- partially because several congressional committees claimed jurisdiction over at least some part of Landsat's activities- so the White House attempted to settle the matter with a presidential directive in November 1979. 13 NASA would continue remote sensing technology development, but Landsat operational duties would shift to NOAA, which was chosen because of its experience in operating the weather satellites. Also, it was felt that since NOAA was not a user of the higher-resolution remote sensing data, it would not tend to favor the design of future systems that would serve in-house needs at the expense of other user needs. While NASA, Commerce, and Agriculture approved of this arrangement, Interior and the Agency for International Development felt that Interior should have been given responsibility because it had been managing Landsat data processing and distribution since the start of the program. 14
+President Jimmy Carter's directive made NOAA's control of Landsat temporary. One of the agency's assigned duties was to devise a plan for the phased transfer of remote sensing to the private sector.
+
+This would assure data continuity while the privatization process was being implemented. Funding was included in Carter's final budget request for two additional spacecraft beyond the ones already being planned. This would guarantee coverage into the 1990s, by which time the transfer should be complete.
+
+Despite this high-level attention, the debate was not settled over who should operate the Landsat system or whether land remote sensing primarily served the public good or private interests. The Carter plan did not have the opportunity to demonstrate whether or not it could have resulted in a smooth, albeit lengthy transition for Landsat operations. Ronald Reagan took over the White House a little over a year later with different ideas about the privatization of government programs.
+
+When the Reagan administration entered office in 1981, the two additional spacecraft were quickly cut from the budget, and OMB director David Stockman declared that when the fifth Landsat expired
+(then expected to be around 1987), the government would be out of the remote sensing business, and private industry would inherit the responsibility. 15 During 1981-84, OMB downplayed the significance of scientific and foreign relations gains from Landsat, viewing the program as a money sink. The Reagan plan accelerated Carter's privatization timetable: there would be no more government-funded Landsats after number five (which was already being built), so the system would be terminated if no private operator came forward by 1988.
+
+Meanwhile, Comsat Corporation had been keeping its eye on Landsat, and now saw an opportunity to move. Comsat approached OMB with a plan to take over Landsat, provided that the weather satellite system was included in the deal, and that the government would guarantee a minimum annual purchase of data. The OMB saw this as a way to unload Landsat quickly and without direct subsidy.
+
+But no one had thought about privatizing the weather satellites, so the Cabinet Council on Commerce and Trade (CCCT), along with its numerous advisory groups, studied the idea for almost two years.
+
+They concluded that even with both systems packaged together, subsidy would still be necessary. The CCCT recommended that Commerce solicit bids for the land and weather systems separately, but that joint bids for both would be allowed. To many this appeared to be a setup for Comsat, since no one else had expressed interest in the weather satellites. 16
+Congress had not been consulted as the administration developed its plan, and the Hill had strong objections to the privatization of the weather satellites. The Land Remote Sensing Commercialization Act of 1984 spelled out how Congress felt the transfer should take place, and prohibited the transfer of weather satellites. 17 Federal subsidy would be provided in the early years ofthe transfer, and the amount that became a guideline in the bidding was $150 million per year, a figure that had been mentioned in a March 8, 1983 administration statement on privatization of Landsat.
+
+18
+The Landsat debate is an illustration of the classic tug-of-war between Congress and the executive branch. Neither branch wanted the other to seize the initiative in setting the nation's remote sensing policy. The Reagan administration, promoting reductions in government programs, took office and found the Congress still indecisive on the Landsat issue. The White House moved quickly to speed up Landsat privatization, causing Congress to respond hastily, passing ill-conceived legislation that hindered rather than helped the new industry and its user community.
+
+Notably, neither the White House nor the Congress took heed of the finding of the Office of Technology Assessment, reported to Congress two months before the legislation passed: "Until the market expands substantially, and more efficient spacecraft are developed and deployed, it could cost the Federal Government as much to subsidize a private owner as to continue operating the system itself." 19
+The office of Commerce Secretary Malcolm Baldrige, which was handling the bidding process for Landsat, received seven bids, each requesting a total subsidy of approximately $500 million. The field was narrowed to two bidders: Earth Observing Satellite Company (EOSAT), ajoint venture ofRCA
+and Hughes Aircraft; and the team of Kodak, Fairchild, and TRW. When OMB Director Stockman heard of the subsidy commitment that was about to be made, he intervened to insist that there should be no subsidy at all. When the issue was finally settled at the White House level, a ceiling of $250
+million was placed on the total subsidy. As a result, the Kodak team quietly withdrew its bid, and EOSA T became the winner by default. 20
+The Department of Commerce negotiated an agreement with EOSA T that became effective in September 1985 under which the company would operate Landsats 4 and 5 and market their data. The existing ground and space segments would continue to be owned by the U.S. government, but new hardware -including two follow-on satellites, for which the government would provide $250 million over five years plus launch costs- would belong to EOSA T. As specified in the 1984 Landsat legislation, the company would be required to maintain a non-discriminatory data access policy and abide by international treaties and agreements that affected its activities.21
+Policies and agreements are only as good as their implementation, and this is where the Landsat arrangement faltered, immediately and repeatedly. A month after the agreement went into effect, DoC
+submitted its FY87 budget request but neglected to include funding for EOSAT. Meanwhile, a $90
+million supplemental had been obtained to carry EOSA T through 1986, allowing development of the next satellite to begin. However, in mid-1986, OMB Director Stockman refused to release funds from the supplemental, prompting a reaction from industry lobbyists and the Senate Commerce Committee.
+
+When a compromise was reached, the subsidy was approved, but EOSA T had to provide additional assurances that it would produce two satellites and forego an escalation clause in its agreement that could have allowed the subsidy to increase. Additionally, it was specified that there would be no guarantee of data purchases by the government. These added risks forced a financial restructuring at EOSAT. 22
+The House approved $75 million for Landsat in July 1986, but none of this amount was earmarked for EOSA T.23 Subsequently, Congress appropriated only $27.5 million for the transition of Landsat operations to the private sector. As a result, the hardware development subsidy dried up in September
+1986 and EOSA T kept the work going with internal funds until December. 24 Around that time, DoC
+once again failed to include EOSA T in its annual (FY88) budget request, and a squabble ensued between the two organizations as to whether the company should be expected to produce two satellites as originally promised. The next release of hardware funding did not occur until October
+1987, and the amount was just $5 million.
+
+Something had to give if the program was to move ahead, so in April 1988 the DoC awarded a $220
+million hardware development contract to EOSAT and reduced the company's requirement to one satellite instead of two. A small portion of this award was actually a loan- $2.5 million per year was to be returned, up to a total of$10.8 million. 25
+The Reagan administration did not request funding to sustain Landsat operations for FY89. With the Landsats expected to expire in a short time, Congress appropriated $9.4 million, enough to continue operations for about six months.26 NOAA temporarily shut down data collection operations at U.S.
+
+ground stations in November 1988 to cut costs, although satellite control and data downlinks to foreign stations were maintained. To the surprise ofEOSAT, NOAA announced that it had entered negotiations with the French space agency CNES on a possible merger of the Landsat and SPOT
+programs to share costs and the customer base.27
+By March 1989, the situation had gotten so bad that NOAA announced the imminent shutdown of Landsats 4 and 5, prompting the White House National Space Council, newly formed by the George H.W. Bush administration, to intervene. The Space Council brokered a deal in which NASA, DoD, Interior, and Agriculture contributed a few million dollars to keep Landsat alive. A similar arrangement kept Landsat going through 1990 using contributions from DoD ($5.6 million), Agriculture ($3 million), and USGS ($900,000). In the process, the Space Council acknowledged the government's continuing role in satellite remote sensing, recognizing that Landsat could never be fully commercial.28
+EOSA T was unable to get on its feet financially despite the fact that data prices soared from the early
+1980s to the beginning of the 1990s. The price per scene jumped from a few hundred dollars to
+$4400, and redistribution of the imagery was restricted. This priced many data users out of the market, driving some to switch to the free low-resolution data being captured by meteorological satellites. According to Rep. George Brown, who was chairman of the House Science, Space, and Technology Committee in 1991, the scientific community purchased up to 70,000 Landsat images per year in the late 1970s, but this number shrank to around 300 per year a decade later.
+
+29 Furthermore, Landsat was no longer the only game in town. The French SPOT satellite had broken the U.S.
+
+monopoly in 1986.
+
+During the period from the mid-l980s through the 1990s, Landsat system calibration suffered and coverage was far less thorough because data typically was collected only when there was an established customer. As a result, many observations that could have contributed to scientific study were missed. For government agencies, this was a disincentive to making hefty investments in computer hardware and software for a system with unreliable performance and an uncertain future. 30
+The failure of Landsat privatization since the 1984 legislation prompted the Bush administration in
+1992 to put forth a new strategy calling for completion of Landsat 6, continued operation of Landsats
+4 and 5 until Landsat 6 was operational, development of a government-owned Landsat 7, and the crafting of a plan for management, funding, operation, dissemination, and archiving for the Landsat program, including options for the system beyond Landsat 7. 31 The Land Remote Sensing Policy Act of 1992, which repealed the 1984 statute, became law later that year (discussed further in Part 2).
+
+The Landsat experience from the 1970s through the 1990s was an example of inefficient and ineffective policy-making. For several years prior to its legislative action in 1984, the Cof1gress had discussed many scenarios for Landsat operations (e.g., a weather satellite model or a Comsat/Intelsat model). Then, goaded by the administration, it joined the executive branch in supporting an approach that was unlikely to succeed given the lack of technical and market maturity of civil remote sensing.
+
+For its part, the White House failed to achieve its goal of removing Landsat from dependence on taxpayer dollars. Unreasonable expectations, faulty implementation, and a roller-coaster relationship between the contractor and the government sealed the fate of the privatization plan. The ultimate losers were the Landsat data users and the value-added entrepreneurs who were attempting to create a new industry. It should not be surprising that no other companies applied for licenses to operate commercial remote sensing satellites until after the passage of the 1992 Act.
+
+## 1.5 Factors Affecting The Viability Of Commercial Remote Sensing
+
+Several factors stand in the way of rapid, widespread acceptance of remote sensing services.
+
+Ironically, the fact that remote sensing has such a wide variety of applications can be a hindrance to building a user community. Non-technical users, and even potential professional users who are unfamiliar with the technology and the multitude of data interpretation techniques, have difficulty comprehending its value. Productive use of remote sensing imagery requires special training, unlike satellite communications and navigation services that can deliver benefits through simple-to-use devices.
+
+In its early years, civil remote sensing did not share the advantages that sparked rapid acceptance of satellite communications at around the same time. While demand for satellite imagery is substantial, it does not have the universal appeal of communications. The basic product, raw digital imagery, is ill-defined, in sharp contrast to homogeneous services like telephone calls or television programming.
+
+Consumers around the world will use communications routinely, for entertainment and personal needs as well as for revenue-generating activities. Not so with remote sensing- potential users require considerable convincing that the imagery provides them with added value worth the price.
+
+Satellite communications also had the advantage that the necessary physical and regulatory infrastructure was already in place around much ofthe globe when it emerged on the scene. Once the ground stations were plugged into the grid, they merged into the network in much the same way as relay towers or undersea cables. Such a network did not exist for satellite remote sensing, and is still in the formative stages.
+
+Although President John F. Kennedy attached great importance to weather satellites as the space age began, 32 no presidential fanfare heralded the appearance of other types of civil remote sensing. Only rarely were decisions regarding this activity raised to the highest levels, and no long-term funding commitment was made. Federal support for U.S. civil remote sensing R&D over the years has been a small and irregular part ofNASA's budget.
+
+Communications satellite systems revolutionized an important industry sector, making it clear to all that they needed to quickly become operational systems. This won them early acceptance into the mainstream of daily activities. In contrast, perhaps the biggest factor holding back the evolution of civil remote sensing in the U.S. was insistence that Landsat remain an experimental system. NASA is partly responsible for this situation. The space agency wanted to keep pushing the state of the art in space-based sensors rather than serve operational users, and also wanted to retain control of the system for as long as possible. OMB drove planning in this direction well before the first Landsat flew by insisting that once a remote sensing system moved from experimental to operational it should no longer be funded by the government.
+
+The resulting program was planned and implemented across several agencies that split the responsibilities and was overseen by numerous congressional committees. Landsat was assigned experimental frequencies, and no provision was made for rapid processing and distribution oflarge volumes of data (at the insistence of OMB), guaranteeing its inability to function adequately in an operational environment. 33
+Sorting out the appropriate roles of the government and the private sector has been complicated by the fact that remote sensing is a public good - an appropriate undertaking for the government - as well as a revenue-generating activity. Sometimes both of these characteristics are present in a single image. So far, private operators have found that the majority of their sales are to government entities, both domestic and foreign, and the public good/private profit debate continues.
+
+## 1.6 Foreign Interest Leads To A Proliferation Of Orbital Observers
+
+In addition to delivering domestic benefits, the U.S. government's non-discriminatory ("open skies")
+data policy that was established early in the Landsat program helped civil remote sensing become a successful soft-power tool that contributed to American foreign policy. Within five years after the launch ofthe first Landsat in 1972, over 130 countries enjoyed access to satellite imagery, and several countries purchased their own ground stations to allow direct downlink of the satellite data.34 For many developing countries, the benefits were quick and significant. For example, countries with large undeveloped regions were able to make their first accurate maps. Brazil was able to correct the recorded positions of Amazon River tributaries, some of which were off by as much as 20 kilometers.
+
+U.S. embassies around the world reported that substantial good will was gained by the sharing of Landsat images. 35
+Some foreign governments raised objections to the sensing of their countries without explicit permission. In their view, open availability of satellite imagery could undermine their national security or economic competitiveness as commercial interests and other governments exploited the data, possibly without the sensed nations even realizing that the data existed. 36 These objections were largely alleviated by the non-discriminatory access policy. All data collected by Landsat was available to all interested parties at the same price. This practice was in keeping with the spirit of the Outer Space Treaty, which states that "The exploration and use of outer space ... shall be carried out for the benefit and in the interests of all countries ... " (Article I) and "States Parties to the Treaty shall be guided by the principle of co-operation and mutual assistance and shall conduct all their activities in outer space ... with due regard to the corresponding interests of all other States Parties to the Treaty" (Article IX). 37
+Foreign concerns about Landsat predated the launch of the first satellite, as did efforts by the United Nations to defuse the problem. The U.N. General Assembly asked the Committee on the Peaceful Uses of Outer Space to address international cooperation in remote sensing in December 1969, but the Committee's legal subcommittee did not begin work on the issue until1974. By that time, nondiscriminatory access was standard practice, easing the urgency for action. 38 However, many nations still wished to establish international norms, especially with operational civil and commercial imaging satellites on the horizon. Agreement was finally reached on remote sensing principles in 1986. In general, these principles reiterate Outer Space Treaty concepts in a manner specific to remote sensing, and encourage international cooperation "taking into particular consideration the needs of developing countries. "39
+While the U.S. struggled with how to make Landsat operational, other countries around the world sought their own indigenous satellite imaging capabilities. The United States' 14-year head start in civil remote sensing eroded quickly after the February 1986launch of the French SPOT satellite.
+
+Developed by the European Space Agency and then handed over to a newly formed commercial organization, SPOT offered better spatial resolution than Landsat (10 meters as opposed to the thematic mapper's 30 meters) but inferior spectral resolution (four bands rather than seven). More significant than the technical specifications was the worldwide marketing effort that started three
+
+Mack, p. 189.
+Charles K. Paul & Adolfo C. Mascarenhas, "Remote Sensing in Development," *Science* (October 9, 1981),
+Vol. 214, pp. 139-145.
+years before SPOT -1 was launched. The Europeans had planned from the beginning that SPOT would be an operational system serving a global customer base, not an experimental one with limited distribution channels like Landsat.
+
+The operating company, Spot Image Corp., currently operates the fifth in the series of SPOT
+satellites. It has maintained an appearance of stability that is unmatched by the Landsat system, an important factor to customers who want an ongoing flow of compatible data products. Spot Image managed to outsell its U.S. competitor by its fourth year of operation.
+
+Soon after the arrival of SPOT, it became clear that other nations would enter the global remote sensing market. Soviet prowess in civil and military applications of space imagery emerged in a diverse assortment of offerings that eventually included photographic, digital, and radar images. The organization Soyuzcarta began by marketing photographic imagery with spatial resolution as good as five meters, although only archival images were for sale and none were made available from areas within Eastern Bloc countries.40 Radar imagery with 15-meter resolution from the Almaz satellite became available in 1991, making the Soviet Union the first nation to launch an operational radar satellite serving commercial users.
+
+Around the world, satellite remote sensing has long been acknowledged to have great value, even though no space imaging system so far has been able to turn a profit without help from a substantial government subsidy. Other nations have followed the lead of the United States, France, and the Soviet Union by investing in their own Earth observing satellites in order to join the world market for satellite imagery. Sometimes this has meant pursuing a niche area that is important to particular national needs. For example, Japan, home to the world's largest fishing fleet, began operating its Marine Observation Satellite in 1987.
+
+In general, the pretension that remote sensing satellites are profit-making ventures has been disproven so far, as some level of government support has continued to be necessary. Fully equipped spacecraft like Landsat and SPOT have required up to five years and well over $200 million to build, plus launch and ongoing operations costs. Enhancing, interpreting, and integrating the data as a service to end users is the profitable segment of the business, involving hundreds of"value added" companies that have appeared globally since the late 1970s.
+
+## 2. Civil And Commercial Remote Sensing, 1992-2008
+
+Renewed interest in environmental monitoring and the high priority assigned to the new U.S. Global Change Research Program prompted both Congress and the administration of George H.W. Bush to adjust remote sensing policy in general, and Landsat policy in particular, to better serve the needs of users inside and outside the U.S. government. Executive branch and legislative policy-makers recognized that Landsat privatization had failed, and that the 1984 Act's goals of maintaining leadership in civil remote sensing and preserving national security were not being served.
+
+## 2.1 Corrective Action On Remote Sensing Policy
+
+In the early 1980s, the Reagan administration treated civil remote sensing as a drain on the federal budget, an activity that should be handed off to the private sector to thrive or perish. By the early
+1990s, when it was recognized that full privatization of Landsat was not possible, even the promoters of the previous decade's remote sensing commercialization plan who were still in office had to admit that it wasn't working.
+
+A February 1992 White House directive sought to correct this situation and maintain continuity of Landsat-type data by directing U.S. government agencies to:
+
+-
+Provide data which are sufficiently consistent in terms of acquisition geometry, coverage
+characteristics, and spectral characteristics with previous Landsat data to allow comparisons
+for change detection and characterization;
+-
+Make Landsat data available to meet the needs of national security, global change research,
+and other federal users; and,
+-
+Promote and not preclude private sector commercial opportunities in Landsat-type remote
+sensing.41
+(The Clinton administration's Landsat strategy reiterated these policy goals in 1994 and made adjustments to the Bush strategy to compensate for the launch failure of Landsat 6.42)
+Congress followed in October of that year with the Land Remote Sensing Policy Act of 199243 which repealed the Land Remote Sensing Commercialization Act of 1984. The 1992 Act encompassed the strategic elements outlined in the Bush directive, and more. It brought the Landsat program back under government control starting with Landsat 7. The legislation called for a Landsat advisory committee and a management plan under which NASA and DoD would have responsibility for procurement, launch, and operation of that satellite. These duties eventually were assigned to NASA
+alone. 44
+During the eight years that the 1984 Act's provisions were in effect, no U.S. company applied for a license to operate a private remote sensing space system. In stark contrast, just four months after passage of the 1992 Act, the first license was issued by the Department of Commerce to W orldView Imaging Corp., and license applications from Lockheed and Orbital Sciences Corp. quickly followed.
+
+Changes to pricing restrictions and data access policies made the difference that turned around the business environment for prospective satellite operators.
+
+The 1984 Act required continuation of the non-discriminatory access ("open skies") policy that had been in place since the earliest days of Landsat. In order to address the concerns of foreign governments regarding possible exploitive use of data on their countries by other governments or corporations outside their borders, raw data was made available to all potential users on the same terms. With the U.S. government as the operator, and the price set at the cost of duplication and distribution, this was a workable system. For the commercial operator, however, this eliminated the ability to offer different terms to different customers, such as bulk discounts, priority service, or exclusive imagery sets. Additionally, as prices jumped enormously in an attempt to approximate the product's true market value,45 a large swath of the academic and developing country customer base could no longer afford the imagery. In effect, the non-discriminatory policy had become discriminatory due to high prices. At the same time, the strict interpretation of non-discriminatory access hindered development of a competitive market, thus preventing the product and service innovations that might have brought prices down and driven capabilities up. The 1992 Act recognized that commercial systems need to operate by different rules than Landsat or other government systems. For commercial operators, non-discriminatory access was redefined to require only that companies make raw data available to the governments of sensed states. Imagery sellers could now price and package their products more flexibly for their civil and commercial customers (within limits, as discussed below). While this does not guarantee a successful business plan, it removes a major obstacle.
+
+As the door opened for commercial operators to propose their own remote sensing systems, the door closed for privatization of Landsat. Under the new law, the U.S. government would retain ownership of the system and any follow-on satellites. More importantly for research and other non-profit users, the government would hold title to all unenhanced data and would continue its traditional nondiscriminatory access policy, making the imagery available to all users at the cost of fulfilling data requests. Value-added services would continue to be a private-sector function.
+
+Despite the legislation, the future of the Landsat series continued to be in doubt due to budget shortfalls and ideological resistance from some members of Congress, who believed it was neither necessary nor appropriate for the federal government to be in the civil remote sensing business.
+
+Before discussing the most recent developments in the Landsat story, we now turn to the commercial remote sensing activities enabled by the changed policy environment.
+
+## 2.2 Commercial Remote Sensing Policy Takes Shape
+
+Prior to the 1992 Act, EOSA Thad been the only player in the U.S. commercial remote sensing field.
+
+Through the rest of the 1990s, the picture changed dramatically. As mentioned earlier, Lockheed was an early applicant for a license, which was granted in April 1994 for its proposed Ikonos satellite. Six months later, Lockheed created a subsidiary called Space Imaging to take over the remote sensing business. Space Imaging grew in 1996 by acquiring EOSAT, which still held the license to operate Landsats 4 and 5 and market their data. 46 This gave the company a presence on the imagery market well in advance of the launch of its first satellite. After the first Ikonos was lost in a launch failure in April 1999, the backup spacecraft was successfully orbited that September, becoming the first highresolution commercial satellite. It featured spatial resolution of one meter for panchromatic imagery and four meters for multispectral.
+
+On July 1, 2001, about two years after the successful launches of Ikonos and Landsat 7, Space Imaging returned operational responsibility for Landsats 4 and 5 back to the U.S. government and relinquished its right to commercially market Landsat data. This cleared the way for the U.S.
+
+Geological Survey to sell all Landsat 4 and 5 data, and for Space Imaging to focus on developing the high-resolution imagery market.
+
+With the 1999 launch of Ikonos, commercial remote sensing attained the capability to widely distribute current, militarily useful imagery at a resolution previously available only to the national security components of a few governments. This had been anticipated and addressed by the Clinton administration.
+
+Imagery collection from space is a dual-use technology that can contribute to both economic pursuits and national security. Landsats 4 & 5 (30-meter resolution) and the early SPOT satellites (10-meter resolution) did not prompt significant security fears because the military usefulness of their images was limited. But new capabilities in the 1-meter range like Ikonos- able to distinguish, for example, individual vehicles and specific types of airplanes - did raise security concerns if the imagery could be purchased by anyone in the world who could afford it. Presidential direction to head off these concerns came in 1994 with Presidential Decision Directive (POD) 23.47
+PDD-23 wisely did not impose a specific resolution limit on commercial sensors. The interagency team that drafted the directive recognized that the technology, both domestic and foreign, would always be a moving target. Instead, PDD-23 specified case-by-case review of remote sensing license applications, with favorable consideration of systems "whose performance capabilities and imagery quality characteristics are available or are planned for availability in the world marketplace."
+At first glance, this language would seem to force U.S. businesses to always be followers, never leaders on the world market. In practice, licenses have been issued by the Department of Commerce that keep U.S. operators ahead of their foreign competition, at least for optical imaging systems.
+
+Digital Globe and GeoEye today hold licenses that allow them to operate imaging satellites in the submeter range.
+
+The conditions attached to the licenses were developed in the regulatory process in the years after PDD-23, which assigned the regulatory duties to the Commerce Department (with advice from the interagency process). The Secretary of Commerce, in consultation with the Secretaries of State and Defense, has the authority to "require the licensee to limit data collection and/or distribution by the system to the extent necessitated by the given situation."48 This authority is known as shutter control, and has caused controversy due to its implications for operators' business plans and marketability as well as the questions it raises on freedom of speech issues.
+
+Government officials have said that they would prefer never to use shutter control, but such statements provide no guarantees and leave some outside observers doubtful. To date, shuttler control authority has not been exercised, although in the months following the 2001 invasion of Afghanistan a contractual arrangement was implemented that was labeled "checkbook" shutter control. The U.S.
+
+government simply purchased exclusive rights to all high-resolution (1-meter) commercial satellite imagery of Afghanistan that was on the market at the time. This was easy to do because all such imagery came from one satellite (Ikonos) licensed by the U.S. government. Since then, the opportunity has passed for checkbook shutter control to be a viable option. As high-resolution satellite systems proliferate, there is a decreasing likelihood that the U.S. government would be able to buy exclusive rights to all imagery over a particular area for an extended period of time, especially since many capable systems will not be licensed in the U.S.
+
+Commercial remote sensing licenses have contained other restrictive elements in addition to the shutter control provision. For example, commercial systems with foreign ground stations have been required to place limits on the satellite tasking capabilities and distribution rights of those stations, and companies offering imagery with sub-meter resolution have been required to delay distribution for at least 24 hours after it is collected.
+
+Other U.S. laws in addition to the 1992 Act are relevant to remote sensing companies. The most prominent of these, due to its specific applicability to satellite imagery providers, is the Kyl-
+Bingaman Amendment, passed in 1996 as part ofthe 1997 defense authorization act. It allows collection and dissemination of satellite imagery of Israel "only if such imagery is no more detailed or precise than satellite imagery oflsrael that is available from commercial sources."49 To date, this has meant that commercially available imagery of Israel has been limited to about two-meter resolution.
+
+Israel is the only nation to receive U.S. statutory protection from high-resolution observation. It has been justified as a concession to an important U.S. ally that is surrounded by unfriendly neighbors. In the wake of this legislation, other allies, including France and India, sought similar accommodation but did not receive it. 50 However, the value of this arrangement to Israel will be short-lived. As foreign systems join U.S. providers at the one-meter or sub-meter level, the limit on imagery of Israel will change as well, and at some point will become moot.
+
+PDD-23 was superseded by an updated presidential directive (NSPD-27) in April2003. 51 In addition to dealing with the provision of imagery and related technologies to foreign interests, which was the subject matter ofPDD-23, the new directive addressed more broadly the interaction between the U.S.
+
+government and the U.S. satellite remote sensing industry. Its stated goal is to "advance and protect U.S. national security and foreign policy interests by maintaining the nation's leadership in remote sensing space activities, and by sustaining and enhancing the U.S. remote sensing industry." The principal strategy for achieving this goal directs national security and civil federal agencies to "rely to the maximum practical extent on U.S. commercial remote sensing space capabilities" and to develop their own remote sensing space systems only to meet "needs that can not be effectively, affordably, and reliably satisfied by commercial providers because of economic factors, civil mission needs, national security concerns, or foreign policy concerns."
+Conceptually, this is a straightforward approach. Routine government needs, such as updating maps, would use commercial imagery, freeing government assets to perform more specialized or sensitive duties. Ideally, this would ease tasking bottlenecks and workloads of expensive government systems, possibly reducing the number of satellites needed. As commercial systems improve in product quality and service, no utility would be lost, and some new functionality would be gained as the government received a steady stream of unclassified imagery that could be easily shared with uncleared personnel such as domestic first responders or foreign allies.
+
+Implementation ofNSPD-27 has required that entrenched practices and cultural perspectives be addressed, such as:
+
+-
+Reluctance of agency personnel to change habits or procedures.
+-
+Agency accounting practices that make government imagery appear "free" while commercial
+imagery drains the budget. 52
+-
+Persistent belief among government users that inferior quality and slow delivery will always
+plague commercial imagery as compared to government sources.
+-
+Inadequate budgets to cover the routine tasks that are most appropriate for commercial
+suppliers.
+-
+Complications caused by the handling and distribution of an external, unclassified
+information source.
+There has been substantial progress in interagency cooperation and government-industry interaction since NSPD-27 was issued. 53 The policy clarified interagency relationships and procedures to facilitate U.S. government purchase and use of commercial imagery. Since the policy went into effect, some licensing restrictions have been adjusted, allowing greater spatial resolution and removing the requirement for a 24-hour hold on the distribution of imagery with resolution no better than 0.5-meter. Also during this time, commercial remote sensing moved more into the social and economic mainstream as Internet mapping sites featuring satellite imagery quickly became commonly used tools.
+
+By directing the U.S. government to use commercial imagery "to the maximum practical extent,"
+NSPD-27 boosted agencies' ability to help cultivate the remote sensing industry. This is best exemplified in the ClearView and NextView programs, which support U.S. companies by contracting for large data purchases and helping to fund a new generation of commercial satellites. Digital Globe and GeoEye have been the benefactors ofthese programs.
+
+Both of these companies had their origins in the early 1990s, immediately after passage of the 1992
+Act. DigitalGlobe, based in Longmont, Colorado, was founded in 1992 as WorldView, changed its name to Earth Watch in March 1995, and changed to its current name in September 2001. The company obtained licenses for EarlyBird-1 (January 1993) and QuickBird-1 (September 1994), but would suffer failures of both satellites before finally achieving success with QuickBird-2, launched in October 2001. The National Geospatial-Intelligence Agency (NGA) awarded a ClearView contract for Quickbird imagery (.6-meter resolution) in January 2003, worth between $72-$500 million over five years. That was followed eight months later by a Next View contract worth over $500 million to support development of the WorldView-1 satellite featuring half-meter resolution. 54 WorldView-1
+was launched successfully in September 2007, and DigitalGlobe plans to follow up with WorldView-
+2, funded by company resources, in mid-2009. 55 DigitalGlobe reported earnings of$152 million in
+2007. 56
+GeoEye of Dulles, Virginia has roots that go back even farther, accompanied by a complicated gestation resulting in the corporate entity that appeared in January 2006. It started with Orblmage in
+1991, which obtained licenses for the Orb View-1 through 4 satellites in 1994. Orb View-4 was lost in a launch failure in September 2001; the other three were orbited successfully in April1995, August
+1997, and June 2003, respectively. The last of this series, OrbView-3, is capable of 1-meter resolution.
+
+In addition to marketing the data from its own satellites, Orblmage began selling imagery from other platforms, including SPOT and Radarsat, and providing imagery processing services. In March 2004, NGA awarded Orblmage a ClearView contract for at least $27.5 million of imagery purchases over two years.
+
+57 This was followed in September 2004 with a Next View contract worth $500 million over four years for next-generation satellite development. 58
+The parallel development of Space Imaging of Thornton, Colorado, its Ikonos satellite, and its acquisition of EOSA T already have been discussed. Space Imaging also sold imagery from the Landsat, Indian Remote Sensing, and Canadian Radarsat satellites, as well as aerial-derived products collected by its Digital Airborne Imaging System (DAIS-1 ). NGA awarded the company a five-year Clear View contract in January 2003 worth between $120-$500 million. 59 However, its failure to win a Next View contract was a serious blow, putting it at a disadvantage compared to its competitors and setting it up for the acquisition by Orbimage that would follow. Announcement of the acquisition came in September 2005,60 and the merger that created GeoEye became official in January 2006. 61
+GeoEye reported earnings of $184 million in 2007,62 and launched its new high-resolution satellite GeoEye-1 on September 6, 2008. 63
+The discussion of the commercial remote sensing industry so far has focused only on electro-optical
+(EO) imagery in the visible and near-infrared parts of the spectrum. There is a noteworthy absence of U.S. companies in the commercial radar and hyperspectral imagery markets. This is not due to a lack of policy or procedural mechanisms to accommodate the licensing needs of potential operators.
+
+Rather, it is the result of U.S. companies' inability to craft viable business plans without a commitment from the U.S. government similar to Clear View or Next View. Radar and hyperspectral are at earlier stages of development than EO imagery: many potential users are not familiar with these data types; value-added resellers are not fully prepared to handle the data; new processing techniques and applications for the data need to be developed; and the space segment is costly to build and operate (and in the case of radar, requires higher power levels for its active sensor). In other words, both technical and market risk are high. Meanwhile, the competition that U.S. companies would face consists of radar satellite programs that are state-supported (at least in part, through public-private partnerships) such as Canada's Radarsat, Italy's COSMO/Skymed, and Germany's TerraSAR, and hyperspectral imaging systems aboard aircraft that have a head start of about two decades.
+
+## Commercial Remote Sensing Industry Evolution
+
+ClearVIew
+| license        | granted      |
+|----------------|--------------|
+| becomes        |              |
+| launch         |              |
+| becomes        |              |
+| contract       | teams        |
+| buys           |              |
+| to EarlyBird-1 |              |
+| Earth          |              |
+| Watch          |              |
+| failure        | DigltaiGiobe |
+| with           | Keyhole      |
+| Jan            | 1993         |
+| Mar            | 1995         |
+| Nov2000        | Sep          |
+| Jan            | 2003         |
+| Keyhole        |              |
+launched
+contract
+awarded
+launched
+launched
+| Mar201U    |
+|------------|
+| Sep2008    |
+
+From 1988 through 1999, NASA's Stennis Space Center ran a program called the Earth Observations Commercial Applications Program (EOCAP) designed to provide technical and financial support for a limited time to help develop marketable applications for satellite imagery. This was done through partnerships between government, industry, academic, and non-profit organizations in which industry generally held the leadership role and success was measured by achievements in the marketplace. The initial focus was on EO imagery, for which a series of competitions was held through the early 1990s.
+
+Not all selected projects achieved their goals, and some that did achieve them took longer than expected, but overall the NASA investment in this effort yielded a net gain. 64
+EOCAP branched out into hyperspectral imagery by granting 10 awards in 1998. The intention was to do the same for synthetic aperture radar (SAR) imagery in 1999. However, like the EO projects, the hyperspectral and SAR efforts hinged on data to be provided by government-supported satellite systems. In both cases, this resulted in failure of the projects because some of the satellites never made it to orbit (e.g., OrbView-4 suffered a launch failure, LightSAR was canceled) and the science requirements of the government systems were at odds with commercial requirements (e.g., orbital inclination, resolution, single vs. dual frequency radar). In the earlier EOCAP experiences, the most frequent reason that projects failed the market test was unavailability of data, usually because sensors were not deployed in a timely manner by the government. 65 For the hyperspectral and SAR efforts, this was a fatal flaw for all projects. EOCAP ended before commercially available hyperspectral and SAR data could become a factor in any proposed projects. As of this writing, hyperspectral data still is not provided by any operational space system in the global market. SAR data is available from several sources, but none based in the United States.
+
+## 2.3 Recent Developments In Civil Remote Sensing
+
+In addition to the economic benefits and regional public good aspects of remote sensing, interdisciplinary studies of the Earth system have received more attention in recent years, both in the scientific community and in public policy circles. Researchers have known for a long time that global climate change occurs routinely, having documented cyclic appearances oflarge-scale events such as ice ages and mass extinctions. Some of the questions that challenge our knowledge and theories include: Are we now experiencing a global climate fluctuation, and if so, where is it going? What combination of factors is affecting regional changes that are evident to us, and how can these be extrapolated to a global scale? How quickly are the regional and global environments changing? How much of the change is due to human activities? And possibly most important of all, given the potential danger to our species, what can we do about it?
+
+For a study of this scope, scientific disciplines that have been isolated from each other throughout most of their existence must be united to facilitate understanding of complex interactions on a variety of scales- an approach known as Earth System Science. Geology, oceanography, atmospheric sciences, chemistry, and biology, along with their sub-disciplines, must interact in unprecedented ways and across national boundaries. All must have access to large databases established to support integrated study. A substantial portion of the content of those databases will come from orbiting observation platforms. Due to the extraordinary data handling and dissemination requirements, the ground segment for NASA's Earth Observing System (EOS) got more than the usual share of attention. Most of NASA's spaceflight projects devote about three-fourths of their resources to the space segment, with the rest going toward ground support. EOS was unusual in that an estimated 60%
+of the program's budget went to ground support. This is mostly due to the demands ofthe EOS Data and Information System (EOSDIS), which stretched the limits of capabilities in data storage, retrieval, and dissemination. The expected onslaught of incoming data was so huge that new measures were created to describe it. Some data-processing documents refer to terabits of data (trillions of bits), while other sources have used a measure called LOC- the equivalent of all the information contained in the Library of Congress. The program's managers projected that when fully operational, the input to EOSDIS would be on the order of one LOC every few days.
+
+In cooperation with other countries, the U.S. Global Change Research Program has been pursuing this gargantuan task, led by a NASA program originally called Mission to Planet Earth and more recently labeled the Earth Science Enterprise in the agency's Science Mission Directorate. The Goddard Space Flight Center in Greenbelt, Maryland, is the primary field center for this activity, which involves several satellite programs including Landsat, NOAA's polar orbiters, and the EOS program, 66 which emerged in the late 1980s and became a "new start" in FY 1991.
+
+As originally envisioned, EOS would have been a 15-year project using two very large polar-orbiting platforms with about a dozen instruments on each, having a total program cost of around $30 billion.
+
+The rationale behind this approach was to permit an assortment of data to be collected over the same target from the same physical perspective at the same time. This would simplify calibration of data sets from different instruments and avoid data integration errors that tend to creep in when using different platforms (variations in altitude, sun angle, cloud cover, season, etc.). The problems with this approach, at least from the policy-makers' perspective, were that it would take too long, cost too much, and involve too much risk.
+
+EOS plans endured a series of major adjustments throughout the 1990s, all linked to budget cuts. This was partially a result of the fact that funding for the space station program was ramping up at the same time, affecting program budgets throughout NASA. Almost immediately, EOS faced a reduction of$6 billion from the amount originally envisioned over the next decade, requiring a major restructuring of the program. In 1992, budget projections declined by another $3 billion, prompting more re-scoping, including a shift to the use of a common spacecraft bus for some missions. The budget cuts and restructuring continued in 1994, 1995, and at a "biennial review" in 1997 that addressed the program's implementation strategy. The large EOS-A and EOS-B platforms were transformed into six smaller platforms with more focused missions. These would eventually evolve into Terra, Aqua, Aura, and other spacecraft collectively referred to as Earth Probes.
+
+67 These changes served to reduce program risk in the event of a launch failure as well as lower the cost of each launch because the smaller platforms could fit on less costly boosters rather than the expensive Titan 4 as originally planned.
+
+The first phase ofthe Earth Science Enterprise, starting in the early 1990s, was comprised of a variety of free-flying satellites, space shuttle observations, and airborne and ground-based studies. The second phase began with the launch of Terra, the first EOS satellite, in December 1999 and continued with the launch and operations of the other EOS spacecraft during the next decade. Additional space systems providing multispectral and radar imaging of landmasses complement the program because EOS (other than Terra) heavily favors instrumentation to study the oceans and atmosphere and has lower spatial resolution than many existing imaging systems. Setting public policy with regard to global environmental concerns is highly contentious both domestically and internationally, and must be done with the most complete and accurate information available. EOS and related spacecraft are making substantial and timely contributions to the policy debate over climate change and natural vs.
+
+human-induced effects on the Earth's ecosystem.
+
+While EOS and related programs have been a boon to Earth System Science and have led to more informed public debates on environmental and climate issues, their sustainability has been questioned. The Space Studies Board and the Engineering and Physical Sciences division of the National Research Council, in their 2007 report commonly referred to as the Earth Science Decadal Survey, stated that:
+Between 2006 and the end of the decade, the number of operating missions will decrease dramatically, and the number of operating sensors and instruments on NASA spacecraft, most of which are well past their nominal lifetimes, will decrease by some 40 percent. 68
+According to NASA's website there are 19 Earth science missions currently active, including the aging and partially disabled Landsat 7 for the USGS and three weather satellite systems for NOAA. 69
+Twelve of the 15 NASA satellites will be out of service or beyond their design lifetime by the beginning of2009, and two more will expire during the presidential term beginning in that year. (The remaining mission consists of the long-lived LAGEOS 1 & 2 satellites, which are simply laser reflectors.) Six new missions are in development and scheduled for launch from 2008-2012, including two weather satellite projects for NOAA. The four NASA research missions will reach the end of their design lifetime by 2012-2013.
+
+Under current planning, NASA will replace its Earth science missions at a slower rate than they are expiring, meaning that the robustness enjoyed by the Earth science enterprise since the mid-1990s will not last beyond the early part of the next decade - a time when concerns about global climate change and environmental degradation are likely to increase. The Obama administration will be faced with an urgent need to set the course for future Earth science, and can be expected to pursue a subset of the missions recommended by the Decadal Survey, constrained by the funding available.
+
+Meanwhile, a number of European and Asian nations, as well as Canada and Brazil, are increasing their activities in scientific and operational Earth sensing missions. Within a few years, these efforts will surpass U.S. Earth science work as new U.S. systems are deployed at Jess than the attrition rate.
+
+A prime example of growing international activity is the Global Monitoring for Environment and Security (GMES) program, led by the European Commission and the European Space Agency (ESA).
+
+Over a 1 0-year period starting in 2008, the GMES program plans to launch 15 EO and radar satellites to study the land, oceans, and atmosphere for both scientific investigations and ongoing operations. 70' 71 Collectively, Europe is seeking to be the uncontested world leader in Earth observations from space.
+
+The strong push by many foreign interests in civil remote sensing seems to contrast with the challenges faced in U.S. civil remote sensing efforts. Proposed programs to advance the state of the art, or to simply maintain data continuity for existing programs, often must endure a lengthy process to overcome organizational, programmatic, and budgetary hurdles. Recent developments in the Landsat program provide a telling example.
+
+After the April 1999launch of Landsat 7, the questions of what would come next in the series, who would operate it, and how it would be paid for needed to be answered. These questions were thought to be settled more than five years later (August 2004) by a White House memorandum directing that a Landsattype sensor be placed on board the National Polar-orbiting Operational Environmental Satellite System
+(NPOESS). 72 Technical, schedule, and budgetary problems prompted the removal ofthe Landsat sensor from the NPOESS spacecraft. Sixteen months passed before Dr. John Marburger, Director of the Office of Science and Technology Policy (OSTP), signed a new memorandum in December 2005 that directed NASA to acquire a single free-flyer spacecraft for the Landsat Data Continuity Mission (LDCM). 73
+NASA selected Ball Aerospace to be the builder of the LDCM instrument, the Operational Land Imager
+(OLI), on July 16, 2007. 74 General Dynamics Advanced Information Systems was chosen on April22,
+2008 to build the spacecraft. 75
+The December 2005 memo also created the Future of Land Imaging Interagency Working Group, which included representatives from fifteen federal agencies convened under the National Science and Technology Council. The Working Group was charged with developing a sustainable plan to continue the collection of moderate resolution multispectral remote sensing data, a task it completed 20 months later.
+
+The Working Group's report offered three recommendations:
+
+-
+The U.S. must commit to continue the collection of moderate-resolution land imagery.
+-
+The United States should establish and maintain a core operational capability to collect moderateresolution land imagery through the procurement and launch of a series ofU.S.-owned satellites.
+-
+The United States should establish the National Land Imaging Program (NLIP), hosted and
+managed by the Department ofthe Interior, to meet U.S. civil land imaging needs.
+76
+According to the report, the NLIP should lead, coordinate, and plan for future U.S. civil operational moderate-resolution land imaging, and promote wide public and private use of land imagery in the United States. The NLIP should acquire global, moderate-resolution land imagery data; manage all U.S. civil moderate-resolution land imaging technologies, satellites, and systems; ensure archival preservation of U.S.-acquired moderate-resolution land imagery; and perform research, development, and training. The program should accommodate private, nonprofit, academic, commercial, and international users, state and local government, and the satellite and land imaging data industries. Implementation of the plan will be a challenging new task for the Interior Department, and it remains to be seen if future administrations and Congresses will provide sufficient resources. As ofthis writing, the plan already has hit a funding snag:
+the House Appropriations subcommittee responsible for the Interior Department's budget has denied a $2
+million request to fund the NLIP in FY09 because of a reluctance to initiate new space operations responsibilities at Interior. 77
+Thirty-five years elapsed between the first Landsat launch and the official recognition that the collection of moderate-resolution satellite imagery is an operational function that fulfills national needs and is worthy of being sustained. Unlike weather monitoring from space, it has been treated as an experimental function supporting scientific research with no guarantee of continuous data flow. Under these circumstances, it took more than eight years after the launch of Landsat 7 to come to a decision on what to do next - and the decision would not result in a spacecraft being launched for at least another four years. This and other examples have taught observers that civil remote sensing programs, and the policy guiding both civil and commercial remote sensing, develop at a far slower pace than the relevant technologies and user communities.
+
+## Acronyms
+
+Cabinet Council on Commerce and Trade Centre National d'Etudes Spatiales (French space agency)
+Digital Airborne Imaging System Department of Commerce Department of Defense Electro-optical Earth Observations Commercial Applications Program Earth Observing System Earth Observing Satellite Company Earth Observing System Data and Information System Earth Resources Observations Systems European Space Agency Fiscal year Global Monitoring for Environment and Security Laser Geodynamics Satellite Landsat Data Continuity Mission Library of Congress Multi-Spectral Scanner National Aeronautics and Space Administration National Geospatial-Intelligence Agency National Land Imaging Program National Oceanic and Atmospheric Administration National Polar-orbiting Operational Environmental Satellite System National Security Presidential Directive Operational Land Imager Office of Management and Budget Office of Science and Technology Policy Presidential Decision Directive Research and development Synthetic aperture radar Television and Infrared Observation Satellite Thematic Mapper United Nations United States United States Geological Survey CCCT
+CNES
+DAIS
+DoC DoD
+EO
+EOCAP
+EOS EOSAT EOSDIS
+EROS
+ESA
+FY
+GMES
+LAGEOS
+LDCM
+LOC
+MSS
+NASA
+NGA NLIP NOAA NPOESS NSPD
+OLI OMB OSTP
+POD
+R&D
+SAR
+TIROS
+TM
+U.N.
+
+u.s.
+
+USGS

markdown/misc/russia-election.md

@@ -0,0 +1,375 @@
+## Background To "Assessing Russian Activities And Intentions In Recent Us Elections": The Analytic Process And Cyber Incident Attribution Background To "Assessing Russian Activities And Intentions In Recent Us Elections": The Analytic Process And Cyber Incident Attribution
+
+"Assessing Russian Activities and Intentions in Recent US Elections" is a declassified version of a highly classified assessment that has been provided to the President and to recipients approved by the President.
+
+
+The Intelligence Community rarely can publicly reveal the full extent of its knowledge or the precise bases for its assessments, as the release of such information would reveal sensitive sources or methods and imperil the ability to collect critical foreign intelligence in the future.
+
+Thus, while the conclusions in the report are all reflected in the classified assessment, the declassified report does not and cannot include the full supporting information, including specific intelligence and sources and methods.
+
+## The Analytic Process
+
+The mission of the Intelligence Community is to seek to reduce the uncertainty surrounding foreign activities, capabilities, or leaders' intentions.  This objective is difficult to achieve when seeking to understand complex issues on which foreign actors go to extraordinary lengths to hide or obfuscate their activities.
+
+
+On these issues of great importance to US national security, the goal of intelligence analysis is to provide assessments to decisionmakers that are intellectually rigorous, objective, timely, and useful, and that adhere to tradecraft standards.
+
+The tradecraft standards for analytic products have been refined over the past ten years.  These standards include describing sources (including their reliability and access to the information they provide), clearly expressing uncertainty, distinguishing between underlying information and analysts' judgments and assumptions, exploring alternatives, demonstrating relevance to the customer, using strong and transparent logic, and explaining change or consistency in judgments over time.
+
+Applying these standards helps ensure that the Intelligence Community provides US policymakers, warfighters, and operators with the best and most accurate insight, warning, and context, as well as
+potential opportunities to advance US national security.
+Intelligence Community analysts integrate information from a wide range of sources, including human sources, technical collection, and open source information, and apply specialized skills and structured analytic tools to draw inferences informed by the data available, relevant past activity, and logic and reasoning to provide insight into what is happening and the prospects for the future.
+
+
+A critical part of the analyst's task is to explain uncertainties associated with major judgments based on the quantity and quality of the source material, information gaps, and the complexity of the issue.
+
+When Intelligence Community analysts use words such as "we assess" or "we judge," they are conveying an analytic assessment or judgment.
+
+Some analytic judgments are based directly on collected information; others rest on previous judgments, which serve as building blocks in rigorous analysis.  In either type of judgment, the tradecraft standards outlined above ensure that analysts have an appropriate basis for the judgment.
+
+Intelligence Community judgments often include two important elements: judgments of how likely it is that something has happened or will happen (using terms such as "likely" or "unlikely") and confidence levels in those judgments (low, moderate, and high) that refer to the evidentiary basis, logic and reasoning, and precedents that underpin the judgments.
+
+## Determining Attribution In Cyber Incidents
+
+The nature of cyberspace makes attribution of cyber operations difficult but not impossible.  Every kind of cyber operationmalicious or notleaves a trail.  US Intelligence Community analysts use this information, their constantly growing knowledge base of previous events and known malicious actors, and their knowledge of how these malicious actors work and the tools that they use, to attempt to trace these operations back to their source.  In every case, they apply the same tradecraft standards described in the Analytic Process above.
+
+
+Analysts consider a series of questions to assess how the information compares with existing knowledge and adjust their confidence in their judgments as appropriate to account for any alternative hypotheses and ambiguities.
+
+An assessment of attribution usually is not a simple statement of who conducted an operation, but rather a series of judgments that describe whether it was an isolated incident, who was the likely perpetrator, that perpetrator's possible motivations, and whether a foreign government had a role in ordering or leading the operation.
+
+This report is a downgraded version of a more sensitive assessment; its conclusions are identical to those in the more sensitive assessment but this version does not include the full supporting information on key elements of the influence campaign.
+
+assessment but this version does not include the full supporting information on key elements of the influence campaign.
+
+## Assessing Russian Activities And Intentions In Recent Us Elections
+
+ICA 2017-01D  |  6 January 2017
+
+
+This page intentionally left blank.
+
+
+## Scope And Sourcing Information Available As Of 29 December 2016 Was Used In The Preparation Of This Product. Scope
+
+This report includes an analytic assessment drafted and coordinated among The Central Intelligence Agency (CIA), The Federal Bureau of Investigation (FBI), and The National Security Agency (NSA), which draws on intelligence information collected and disseminated by those three agencies.  It covers the motivation and scope of Moscow's intentions regarding US elections and Moscow's use of cyber tools and media campaigns to influence US public opinion.  The assessment focuses on activities aimed at the 2016 US presidential election and draws on our understanding of previous Russian influence operations. When we use the term "we" it refers to an assessment by all three agencies.
+
+
+
+This report is a declassified version of a highly classified assessment.  This document's conclusions are identical to the highly classified assessment, but this document does not include the full supporting information, including specific intelligence on key elements of the influence campaign.  Given the redactions, we made minor edits purely for readability and flow.
+
+We did not make an assessment of the impact that Russian activities had on the outcome of the 2016 election.  The US Intelligence Community is charged with monitoring and assessing the intentions, capabilities, and actions of foreign actors; it does not analyze US political processes or US public opinion.
+
+
+New information continues to emerge, providing increased insight into Russian activities.
+
+## Sourcing
+
+Many of the key judgments in this assessment rely on a body of reporting from multiple sources that are consistent with our understanding of Russian behavior.  Insights into Russian effortsincluding specific cyber operationsand Russian views of key US players derive from multiple corroborating sources.
+
+Some of our judgments about Kremlin preferences and intent are drawn from the behavior of Kremlinloyal political figures, state media, and pro-Kremlin social media actors, all of whom the Kremlin either directly uses to convey messages or who are answerable to the Kremlin.  The Russian leadership invests significant resources in both foreign and domestic propaganda and places a premium on transmitting what it views as consistent, self-reinforcing narratives regarding its desires and redlines, whether on Ukraine, Syria, or relations with the United States.
+
+## Assessing Russian Activities And Intentions In Recent Us Elections Key Judgments
+
+Russian efforts to influence the 2016 US presidential election represent the most recent expression of Moscow's longstanding desire to undermine the US-led liberal democratic order, but these activities demonstrated a significant escalation in directness, level of activity, and scope of effort compared to previous operations.
+
+We assess Russian President Vladimir Putin ordered an influence campaign in 2016 aimed at the US presidential election.  Russia's goals were to undermine public faith in the US democratic process, denigrate Secretary Clinton, and harm her electability and potential presidency.  We further assess Putin and the Russian Government developed a clear preference for President-elect Trump.  We have high confidence in these judgments.
+
+
+We also assess Putin and the Russian Government aspired to help President-elect Trump's election chances when possible by discrediting Secretary Clinton and publicly contrasting her unfavorably to him.  All three agencies agree with this judgment.  CIA and FBI have high confidence in this judgment; NSA has moderate confidence.
+
+Moscow's approach evolved over the course of the campaign based on Russia's understanding of the electoral prospects of the two main candidates.  When it appeared to Moscow that Secretary Clinton was likely to win the election, the Russian influence campaign began to focus more on undermining her future presidency.
+
+Further information has come to light since Election Day that, when combined with Russian behavior since early November 2016, increases our confidence in our assessments of Russian motivations and
+goals.
+Moscow's influence campaign followed a Russian messaging strategy that blends covert intelligence operationssuch as cyber activitywith overt efforts by Russian Government agencies, state-funded media, third-party intermediaries, and paid social media users or "trolls." Russia, like its Soviet predecessor, has a history of conducting covert influence campaigns focused on US presidential elections that have used intelligence officers and agents and press placements to disparage candidates perceived as hostile to the Kremlin.
+
+
+Russia's intelligence services conducted cyber operations against targets associated with the 2016 US presidential election, including targets associated with both major US political parties.
+
+We assess with high confidence that Russian military intelligence (General Staff Main Intelligence Directorate or GRU) used the Guccifer 2.0 persona and DCLeaks.com to release US victim data
+
+obtained in cyber operations publicly and in exclusives to media outlets and relayed material to WikiLeaks.
+
+Russian intelligence obtained and maintained access to elements of multiple US state or local electoral boards.  DHS assesses that the types of systems Russian actors targeted or compromised were not involved in vote tallying.
+
+Russia's state-run propaganda machine contributed to the influence campaign by serving as a platform for Kremlin messaging to Russian and international audiences.
+
+We assess Moscow will apply lessons learned from its Putin-ordered campaign aimed at the US
+presidential election to future influence efforts worldwide, including against US allies and their
+election processes.
+
+
+## Contents
+
+Scope and Sourcing Key Judgments
+i
+ii
+iv
+
+Contents
+
+## Cia/Fbi/Nsa Assessment: Russia's Influence Campaign Targeting The 2016 Us Presidential Election
+
+1
+
+2
+
+5
+
+Putin Ordered Campaign To Influence US Election Russian Campaign Was Multifaceted Influence Effort Was Boldest Yet in the US Election Operation Signals "New Normal" in Russian Influence Efforts
+5
+
+
+## Annexes
+
+| 6                       |   A:  RussiaKremlin's TV Seeks To Influence Politics, Fuel Discontent in US  |
+|-------------------------|-------------------------------------------------------------------------------|
+| B:  Estimative Language |                                                                           13  |
+|                         |                                                                               |
+|                         |                                                                               |
+
+ Russia's Influence Campaign Targeting the 2016 US Presidential Election
+
+## Russia's Influence Campaign Targeting The 2016 Us Presidential Election Putin Ordered Campaign To Influence Us Election
+
+We assess with high confidence that Russian President Vladimir Putin ordered an influence campaign in 2016 aimed at the US presidential election, the consistent goals of which were to undermine public faith in the US democratic process, denigrate Secretary Clinton, and harm her electability and potential presidency.  We further assess Putin and the Russian Government developed a clear preference for President-elect Trump.  When it appeared to Moscow that Secretary Clinton was likely to win the election, the Russian influence campaign then focused on undermining her expected presidency.
+
+
+We also assess Putin and the Russian Government aspired to help President-elect Trump's election chances when possible by discrediting Secretary Clinton and publicly contrasting her unfavorably to him.  All three agencies agree with this judgment.  CIA and FBI have high confidence in this judgment; NSA has moderate confidence.
+
+In trying to influence the US election, we assess the Kremlin sought to advance its longstanding desire to undermine the US-led liberal democratic order, the promotion of which Putin and other senior Russian leaders view as a threat to Russia and Putin's regime.
+
+Putin publicly pointed to the Panama Papers disclosure and the Olympic doping scandal as US-directed efforts to defame Russia, suggesting he sought to use disclosures to discredit the image of the United States and cast it as hypocritical.
+
+Putin most likely wanted to discredit Secretary Clinton because he has publicly blamed her since 2011 for inciting mass protests against his regime in late 2011 and early 2012, and because he holds a grudge for comments he almost certainly saw as disparaging him.
+We assess Putin, his advisers, and the Russian Government developed a clear preference for President-elect Trump over Secretary Clinton.
+
+
+Beginning in June, Putin's public comments about the US presidential race avoided directly praising President-elect Trump, probably because Kremlin officials thought that any praise from Putin personally would backfire in the United States. Nonetheless, Putin publicly indicated a preference for President-elect Trump's stated policy to work with Russia, and pro-Kremlin figures spoke highly about what they saw as his Russia-friendly positions on Syria and Ukraine. Putin publicly contrasted the President-elect's approach to Russia with Secretary Clinton's "aggressive rhetoric."
+
+Moscow also saw the election of Presidentelect Trump as a way to achieve an international counterterrorism coalition against the Islamic State in Iraq and the Levant (ISIL).
+
+Putin has had many positive experiences working with Western political leaders whose business interests made them more disposed to deal with Russia, such as former Italian Prime Minister Silvio Berlusconi and former German Chancellor Gerhard Schroeder.
+
+Putin, Russian officials, and other pro-Kremlin pundits stopped publicly criticizing the US election process as unfair almost immediately
+after the election because Moscow probably assessed it would be counterproductive to building positive relations.
+We assess the influence campaign aspired to help President-elect Trump's chances of victory when possible by discrediting Secretary Clinton and publicly contrasting her unfavorably to the President-elect.  When it appeared to Moscow that Secretary Clinton was likely to win the presidency the Russian influence campaign focused more on undercutting Secretary Clinton's legitimacy and crippling her presidency from its start, including by impugning the fairness of the election.
+
+
+Before the election, Russian diplomats had publicly denounced the US electoral process and were prepared to publicly call into question the validity of the results.  Pro- Kremlin bloggers had prepared a Twitter campaign, #DemocracyRIP, on election night in anticipation of Secretary Clinton's victory, judging from their social media activity.
+
+## Russian Campaign Was Multifaceted
+
+Moscow's use of disclosures during the US election was unprecedented, but its influence campaign otherwise followed a longstanding Russian messaging strategy that blends covert intelligence operationssuch as cyber activitywith overt efforts by Russian Government agencies, statefunded media, third-party intermediaries, and paid social media users or "trolls."
+
+
+We assess that influence campaigns are approved at the highest levels of the Russian Governmentparticularly those that would be politically sensitive.
+
+Moscow's campaign aimed at the US election reflected years of investment in its capabilities, which Moscow has honed in the former Soviet states.
+
+By their nature, Russian influence campaigns are multifaceted and designed to be deniable because they use a mix of agents of influence, cutouts, front organizations, and false-flag operations.  Moscow demonstrated this during the Ukraine crisis in 2014, when Russia deployed forces and advisers to eastern Ukraine and denied it publicly.
+The Kremlin's campaign aimed at the US election featured disclosures of data obtained through Russian cyber operations; intrusions into US state and local electoral boards; and overt propaganda. Russian intelligence collection both informed and enabled the influence campaign. Cyber Espionage Against US Political Organizations.  Russia's intelligence services conducted cyber operations against targets associated with the 2016 US presidential election, including targets associated with both major US political parties. We assess Russian intelligence services collected against the US primary campaigns, think tanks, and lobbying groups they viewed as likely to shape future US policies.  In July 2015, Russian intelligence gained access to Democratic National Committee (DNC) networks and maintained that access until at least June 2016.
+
+
+The General Staff Main Intelligence Directorate (GRU) probably began cyber operations aimed at the US election by March 2016.  We assess that the GRU operations resulted in the compromise of the personal e-mail accounts of Democratic Party officials and political figures. By May, the GRU had exfiltrated large volumes of data from the DNC.
+Public Disclosures of Russian-Collected Data. We assess with high confidence that the GRU used the Guccifer 2.0 persona, DCLeaks.com, and WikiLeaks to release US victim data obtained in cyber operations publicly and in exclusives to media outlets.
+
+
+Guccifer 2.0, who claimed to be an independent Romanian hacker, made multiple contradictory statements and false claims about his likely Russian identity throughout the election.  Press reporting suggests more than one person claiming to be Guccifer 2.0 interacted with journalists.
+
+Content that we assess was taken from e-mail
+accounts targeted by the GRU in March 2016 appeared on DCLeaks.com starting in June.
+We assess with high confidence that the GRU relayed material it acquired from the DNC and senior Democratic officials to WikiLeaks.  Moscow most likely chose WikiLeaks because of its selfproclaimed reputation for authenticity.  Disclosures through WikiLeaks did not contain any evident forgeries.
+
+
+In early September, Putin said publicly it was important the DNC data was exposed to WikiLeaks, calling the search for the source of the leaks a distraction and denying Russian "state-level" involvement.
+
+The Kremlin's principal international propaganda outlet RT (formerly Russia Today)
+has actively collaborated with WikiLeaks.  RT's editor-in-chief visited WikiLeaks founder Julian Assange at the Ecuadorian Embassy in London in August 2013, where they discussed renewing his broadcast contract with RT, according to Russian and Western media.  Russian media subsequently announced that RT had become "the only Russian media company" to partner with WikiLeaks and had received access to "new leaks of secret information."  RT routinely gives Assange sympathetic coverage and provides him a platform to denounce the United States.
+These election-related disclosures reflect a pattern of Russian intelligence using hacked information in targeted influence efforts against targets such as Olympic athletes and other foreign governments. Such efforts have included releasing or altering personal data, defacing websites, or releasing emails.
+
+
+A prominent target since the 2016 Summer Olympics has been the World Anti-Doping Agency (WADA), with leaks that we assess to have originated with the GRU and that have
+involved data on US athletes.
+Russia collected on some Republican-affiliated targets but did not conduct a comparable disclosure campaign. Russian Cyber Intrusions Into State and Local Electoral Boards.  Russian intelligence accessed elements of multiple state or local electoral boards. Since early 2014, Russian intelligence has researched US electoral processes and related technology and equipment.
+
+
+DHS assesses that the types of systems we observed Russian actors targeting or compromising are not involved in vote tallying.
+Russian Propaganda Efforts. Russia's state-run propaganda machinecomprised of its domestic media apparatus, outlets targeting global audiences such as RT and Sputnik, and a network of quasi-government trollscontributed to the influence campaign by serving as a platform for Kremlin messaging to Russian and international audiences.  State-owned Russian media made increasingly favorable comments about Presidentelect Trump as the 2016 US general and primary election campaigns progressed while consistently offering negative coverage of Secretary Clinton.
+
+
+Starting in March 2016, Russian Government linked actors began openly supporting President-elect Trump's candidacy in media
+on Putin by airing segments devoted to Secretary Clinton's alleged health problems.
+
+aimed at English-speaking audiences.  RT and Sputnikanother government-funded outlet producing pro-Kremlin radio and online content in a variety of languages for international audiencesconsistently cast President-elect Trump as the target of unfair coverage from traditional US media outlets that they claimed were subservient to a corrupt political establishment.
+
+
+Russian media hailed President-elect Trump's victory as a vindication of Putin's advocacy of
+global populist movementsthe theme of Putin's annual conference for Western academics in October 2016and the latest example of Western liberalism's collapse.
+
+On 6 August, RT published an Englishlanguage video called "Julian Assange Special: Do WikiLeaks Have the E-mail That'll Put Clinton in Prison?" and an exclusive interview with Assange entitled "Clinton and ISIS Funded by the Same Money."  RT's most popular video on Secretary Clinton, "How 100% of the Clintons' 'Charity' Went to...Themselves," had more than 9 million views on social media
+platforms.  RT's most popular English language video about the President-elect, called "Trump Will Not Be Permitted To Win," featured Assange and had 2.2 million views.
+
+For more on Russia's past media efforts including portraying the 2012 US electoral process as undemocraticplease see Annex A: RussiaKremlin's TV Seeks To Influence Politics, Fuel Discontent in US.
+
+Putin's chief propagandist Dmitriy Kiselev used his flagship weekly newsmagazine program this fall to cast President-elect Trump as an outsider victimized by a corrupt political establishment and faulty democratic election process that aimed to prevent his election because of his desire to work with Moscow.
+Russia used trolls as well as RT as part of its influence efforts to denigrate Secretary Clinton. This effort amplified stories on scandals about Secretary Clinton and the role of WikiLeaks in the election campaign.
+
+
+Pro-Kremlin proxy Vladimir Zhirinovskiy, leader of the nationalist Liberal Democratic Party of Russia, proclaimed just before the election that if President-elect Trump won, Russia would "drink champagne" in anticipation of being
+able to advance its positions on Syria and Ukraine.
+
+The likely financier of the so-called Internet
+Research Agency of professional trolls located in Saint Petersburg is a close Putin ally with ties to Russian intelligence.
+RT's coverage of Secretary Clinton throughout the US presidential campaign was consistently negative and focused on her leaked e-mails and accused her of corruption, poor physical and mental health, and ties to Islamic extremism.  Some Russian officials echoed Russian lines for the influence campaign that Secretary Clinton's election could lead to a war between the United States and Russia.
+
+
+A journalist who is a leading expert on the Internet Research Agency claimed that some social media accounts that appear to be tied to Russia's professional trollsbecause they previously were devoted to supporting Russian actions in Ukrainestarted to advocate for President-elect Trump as early as December 2015.
+
+
+
+In August, Kremlin-linked political analysts suggested avenging negative Western reports
+
+
+## Influence Effort Was Boldest Yet In The Us Election Operation Signals "New Normal" In Russian Influence Efforts
+
+We assess Moscow will apply lessons learned from its campaign aimed at the US presidential election to future influence efforts in the United States and worldwide, including against US allies and their election processes.  We assess the Russian intelligence services would have seen their election influence campaign as at least a qualified success because of their perceived ability to impact public discussion.
+
+Russia's effort to influence the 2016 US presidential election represented a significant escalation in directness, level of activity, and scope of effort compared to previous operations aimed at US elections.  We assess the 2016 influence campaign reflected the Kremlin's recognition of the worldwide effects that mass disclosures of US Government and other private datasuch as those conducted by WikiLeaks and othershave achieved in recent years, and their understanding of the value of orchestrating such disclosures to maximize the impact of compromising information.
+
+
+During the Cold War, the Soviet Union used intelligence officers, influence agents, forgeries, and press placements to disparage candidates perceived as hostile to the Kremlin, according to a former KGB archivist.
+
+Putin's public views of the disclosures suggest the Kremlin and the intelligence services will continue to consider using cyber-enabled disclosure operations because of their belief that these can accomplish Russian goals relatively easily without significant damage to Russian interests.
+
+Russia has sought to influence elections across Europe.
+Since the Cold War, Russian intelligence efforts related to US elections have primarily focused on foreign intelligence collection.  For decades, Russian and Soviet intelligence services have sought to collect insider information from US political parties that could help Russian leaders understand a new US administration's plans and priorities.
+
+
+The Russian Foreign Intelligence Service (SVR) Directorate S (Illegals) officers arrested in the United States in 2010 reported to Moscow about the 2008 election.
+We assess Russian intelligence services will continue to develop capabilities to provide Putin with options to use against the United States, judging from past practice and current efforts. Immediately after Election Day, we assess Russian intelligence began a spearphishing campaign targeting US Government employees and individuals associated with US think tanks and NGOs in national security, defense, and foreign policy fields.  This campaign could provide material for future influence efforts as well as foreign intelligence collection on the incoming administration's goals and plans.
+
+
+In the 1970s, the KGB recruited a Democratic Party activist who reported information about then-presidential hopeful Jimmy Carter's campaign and foreign policy plans, according to a former KGB archivist.
+
+
+## Annex A Russia -- Kremlin's Tv Seeks To Influence Politics, Fuel Discontent In Us*
+
+RT America TV, a Kremlin-financed channel operated from within the United States, has substantially expanded its repertoire of programming that highlights criticism of alleged US shortcomings in democracy and civil liberties.  The rapid expansion of RT's operations and budget and recent candid statements by RT's leadership point to the channel's importance to the Kremlin as a messaging tool and indicate a Kremlindirected campaign to undermine faith in the US Government and fuel political protest.  The Kremlin has committed significant resources to expanding the channel's reach, particularly its social media footprint.  A reliable UK report states that RT recently was the most-watched foreign news channel in the UK.  RT America has positioned itself as a domestic US channel and has deliberately sought to obscure any legal ties to the Russian Government.
+In the runup to the 2012 US presidential election in November, English-language channel RT America -- created and financed by the Russian Government and part of Russian Government-sponsored RT TV (see textbox 1) -- intensified its usually critical coverage of the United States.  The channel portrayed the US electoral process as undemocratic and featured calls by US protesters for the public to rise up and "take this government back."
+
+
+RT introduced two new shows -- "Breaking the Set" on 4 September and "Truthseeker" on 2 November -- both overwhelmingly focused on criticism of US and Western governments as well as the promotion of radical discontent.
+
+From August to November 2012, RT ran numerous reports on alleged US election fraud and voting machine vulnerabilities, contending that US election results cannot
+be trusted and do not reflect the popular will.
+
+In an effort to highlight the alleged "lack of democracy" in the United States, RT broadcast, hosted, and advertised thirdparty candidate debates and ran reporting supportive of the political agenda of these candidates. The RT hosts asserted that the US two-party system does not represent the views of at least one-third of the population and is a "sham."
+
+
+
+RT aired a documentary about the Occupy Wall Street movement on 1, 2, and 4 November.  RT framed the movement as a fight against "the ruling class" and described the current US political system as corrupt and dominated by corporations.  RT advertising for the documentary featured Occupy movement calls to "take back" the government.  The documentary claimed that the US system cannot be changed democratically, but only through "revolution." After the 6 November US presidential election, RT aired a documentary called
+"Cultures of Protest," about active and often violent political resistance  (RT, 1- 10 November).
+
+## Rt Conducts Strategic Messaging For Russian Government
+
+RT's criticism of the US election was the latest facet of its broader and longer-standing anti-US messaging likely aimed at undermining viewers' trust in US democratic procedures and undercutting US criticism of Russia's political system.  RT Editor in Chief Margarita Simonyan recently declared that the United States itself lacks democracy and that it has "no moral right to teach the rest of the world" (*Kommersant*, 6 November).
+
+
+Simonyan has characterized RT's coverage of the Occupy Wall Street movement as "information warfare" that is aimed at promoting popular dissatisfaction with the US Government.  RT created a *Facebook* app to connect Occupy Wall Street protesters via social media.  In addition, RT featured its own
+hosts in Occupy rallies ("Minaev Live," 10 April; RT, 2, 12 June).
+
+RT's reports often characterize the United States as a "surveillance state" and allege widespread infringements of civil liberties, police brutality, and drone use (RT, 24, 28 October, 1-10 November).
+
+RT has also focused on criticism of the US economic system, US currency policy, alleged Wall Street greed, and the US national debt.  Some of RT's hosts have compared the United States to Imperial Rome and have predicted that government corruption and "corporate greed" will lead to US financial collapse (RT, 31 October, 4 November).
+
+RT broadcasts support for other Russian interests in areas such as foreign and energy policy.
+
+
+RT runs anti-fracking programming, highlighting environmental issues and the impacts on public health.  This is likely reflective of the Russian Government's concern about the impact of fracking and US natural gas production on the global energy market and the potential challenges to Gazprom's profitability (5 October).
+
+
+
+RT is a leading media voice opposing Western intervention in the Syrian conflict and blaming the West for waging
+"information wars" against the Syrian Government (RT, 10 October-9 November).
+RT anti-fracking reporting (RT, 5 October)
+
+
+In an earlier example of RT's messaging in support of the Russian Government, during the Georgia-Russia military conflict the channel accused Georgians of killing civilians and organizing a genocide of the Ossetian people.  According to Simonyan, when "the Ministry of Defense was at war with Georgia," RT was "waging an information war against the entire Western world" (*Kommersant*, 11 July).
+In recent interviews, RT's leadership has candidly acknowledged its mission to expand its US audience and to expose it to Kremlin messaging.  However, the leadership rejected claims that RT interferes in US domestic affairs.
+
+
+Simonyan claimed in popular arts magazine *Afisha* on 3 October: "It is important to have a channel that people get used to, and then, when needed, you show them what you need to show.  In some sense, not having our own foreign broadcasting is the same as not having a ministry of defense. When there is no war, it looks like we don't need it.  However, when there is a war, it is critical."
+
+According to Simonyan, "the word 'propaganda' has a very negative connotation, but indeed, there is not a single international foreign TV channel that is doing something other than promotion of the values of the country that it is broadcasting from."  She added that "when Russia is at war, we are, of course, on Russia's side" (*Afisha*, 3 October; *Kommersant*, 4 July).
+
+TV-Novosti director Nikolov said on 4 October to the Association of Cable Television that RT builds on worldwide demand for "an alternative view of the entire world."  Simonyan asserted on 3 October in Afisha that RT's goal is "to make an alternative channel that shares information unavailable elsewhere" in order to "conquer the audience" and expose it to Russian state messaging (*Afisha*, 3 October; Kommersant, 4 July).
+
+On 26 May, Simonyan tweeted with irony:  "Ambassador McFaul hints that our channel is interference with US domestic affairs.  And we, sinful souls, were thinking that it is freedom of speech."
+
+## Rt Leadership Closely Tied To, Controlled By Kremlin
+
+RT Editor in Chief Margarita Simonyan has close ties to top Russian Government officials, especially Presidential Administration Deputy Chief of Staff Aleksey Gromov, who reportedly manages political TV coverage in Russia and is one of the founders of RT.
+
+
+Simonyan has claimed that Gromov shielded her from other officials and their requests to air certain reports.  Russian media consider Simonyan to be Gromov's protege (*Kommersant*, 4 July; Dozhd TV, 11 July).
+
+Simonyan replaced Gromov on stateowned Channel One's Board of Directors.
+Government officials, including Gromov and Putin's Press Secretary Peskov were involved in creating RT and appointing Simonyan (*Afisha*, 3 October).
+
+
+
+According to Simonyan, Gromov oversees political coverage on TV, and he has periodic meetings with media managers where he shares classified information and discusses their coverage plans.  Some opposition journalists, including Andrey Loshak, claim that he also ordered media attacks on opposition figures (*Kommersant*, 11 July).
+The Kremlin staffs RT and closely supervises RT's coverage, recruiting people who can convey Russian strategic messaging because of their ideological beliefs.
+
+
+The head of RT's Arabic-language service, Aydar Aganin, was rotated from the diplomatic service to manage RT's Arabic-language expansion, suggesting a close relationship between RT and Russia's foreign policy apparatus.  RT's London Bureau is managed by Darya Pushkova, the daughter of Aleksey Pushkov, the current chair of the Duma Russian Foreign Affairs Committee and a former Gorbachev speechwriter (DXB, 26 March 2009; *MK.ru*, 13 March 2006).
+
+According to Simonyan, the Russian Government sets rating and viewership requirements for RT and, "since RT receives budget from the state, it must complete tasks given by the state."  According to Nikolov, RT news stories are written and edited "to become news" exclusively in RT's Moscow office (Dozhd TV, 11 July; AKT, 4 October).
+
+In her interview with pro-Kremlin journalist Sergey Minaev, Simonyan complimented RT staff in the United States for passionately defending Russian positions on the air and in social media.  Simonyan said:  "I wish you could see...how these guys, not just on air, but on their own social networks, *Twitter*, and when giving interviews, how they defend the positions that we stand on!" ("Minaev Live," 10 April).
+
+## Rt Focuses On Social Media, Building Audience
+
+RT aggressively advertises its social media accounts and has a significant and fast-growing social media footprint.  In line with its efforts to present itself as anti-mainstream and to provide viewers alternative news content, RT is making its social media operations a top priority, both to avoid broadcast TV regulations and to expand its overall audience.
+
+
+According to RT management, RT's website receives at least 500,000 unique viewers every day.  Since its inception in 2005, RT videos received more than 800 million views on *YouTube* (1 million views per day), which is the highest among news outlets (see graphics for comparison with other news channels) (AKT, 4 October).
+
+According to Simonyan, the TV audience worldwide is losing trust in traditional TV broadcasts and stations, while the popularity of "alternative channels" like RT or Al Jazeera grows.  RT markets itself as an "alternative channel" that is available via the Internet everywhere in the world, and it encourages
+interaction and social networking (*Kommersant*, 29 September).
+
+According to Simonyan, RT uses social media to expand the reach of its political reporting and uses well-trained people to monitor public opinion in social media commentaries (*Kommersant*, 29 September).
+
+According to Nikolov, RT requires its hosts to have social media accounts, in part because social media allows the distribution of content that would not be allowed on television (*Newreporter.org*, 11 October).
+
+Simonyan claimed in her 3 October interview to independent TV channel Dozhd that Occupy Wall Street coverage gave RT a significant audience boost.
+The Kremlin spends $190 million a year on the distribution and dissemination of RT programming, focusing on hotels and satellite, terrestrial, and cable broadcasting.  The Kremlin is rapidly expanding RT's availability around the world and giving it a reach comparable to channels such as Al Jazeera English. According to Simonyan, the United Kingdom and the United States are RT's most successful markets.   RT does not, however, publish audience information.
+
+
+According to market research company Nielsen, RT had the most rapid growth (40 percent) among all international news channels in the United States over the past year (2012).  Its audience in New York tripled and in Washington DC grew by 60% (*Kommersant*, 4 July).
+
+RT claims that it is surpassing Al Jazeera in viewership in New York and Washington DC (*BARB*, 20 November; RT, 21 November).
+
+RT states on its website that it can reach more than 550 million people worldwide and 85 million people in the United States; however, it does not publicize its actual US audience numbers (RT, 10 December).
+
+## Formal Disassociation From Kremlin Facilitates Rt Us Messaging
+
+RT America formally disassociates itself from the Russian Government by using a Moscow-based autonomous nonprofit organization to finance its US operations.  According to RT's leadership, this structure was set up to avoid the Foreign Agents Registration Act and to facilitate licensing abroad.  In addition, RT rebranded itself in 2008 to deemphasize its Russian origin.
+
+
+According to Simonyan, RT America differs from other Russian state institutions in terms of ownership, but not in terms of financing.  To disassociate RT from the Russian Government, the federal news agency RIA Novosti established a subsidiary autonomous nonprofit organization, TV- Novosti, using the formal independence of this company to establish and finance RT worldwide (Dozhd TV, 11 July).
+
+Nikolov claimed that RT is an "autonomous noncommercial entity," which is "well received by foreign regulators" and "simplifies getting a license."  Simonyan said that RT America is not a "foreign agent"
+according to US law because it uses a US commercial organization for its broadcasts (*AKT,* 4 October; Dozhd TV, 11 July).
+
+Simonyan observed that RT's original Russia-centric news reporting did not generate sufficient audience, so RT switched to covering international and US domestic affairs and removed the words "Russia Today" from the logo "to stop scaring away the audience" (*Afisha*, 18 October; *Kommersant*, 4 July).
+
+RT hires or makes contractual agreements with Westerners with views that fit its agenda and airs them on RT.  Simonyan said on the pro-Kremlin show "Minaev Live" on 10 April that RT has enough audience and money to be able to choose its hosts, and it chooses the hosts that "think like us," "are interested in working in the anti-mainstream," and defend RT's beliefs on social media.  Some hosts and journalists do not present themselves as associated with RT when interviewing people, and many of them have affiliations to other media and activist organizations in the United States ("Minaev Live," 10 April).
+
+## Annex B
+
+
+
+This page intentionally left blank.

markdown/misc/safeguards.md

@@ -0,0 +1,442 @@
+## La-Ur-12-24104 Approved For Public Release; Distribution Is Unlimited.
+
+Title:
+Strengthened IAEA Safeguards-Imagery Analysis: Geospatial Tools for Nonproliferation Analysis
+Author(s):
+Pabian, Frank V
+
+Intended for:
+Nuclear Nonproliferation Safeguards and Security in the 21st Century, 2012-06-11/2012-06-29 (Brookhaven, New York, United States)
+
+Strengthened IAEA Safeguards  Imagery Analysis Frank Pabian Los Alamos National Laboratory
+
+Abstract
+
+This slide presentation focuses on the growing role and importance of imagery analysis for IAEA
+safeguards applications and how commercial satellite imagery, together with the newly available geospatial tools, can be used to promote "all-source synergy."  As additional sources of openly available information, satellite imagery in conjunction with the geospatial tools can be used to significantly augment and enhance existing information gathering techniques, procedures, and analyses in the remote detection and assessment of nonproliferation relevant activities, facilities, and programs.  Foremost of the geospatial tools are the "Digital Virtual Globes" (i.e., GoogleEarth, Virtual Earth, etc.) that are far better than previously used simple 2-D plan-view line drawings for visualization of known and suspected facilities of interest which can be critical to:
+
+1) Site familiarization and true geospatial context awareness
+2) Pre-inspection planning 3) Onsite orientation and navigation 4) Post-inspection reporting 5) Site monitoring over time for changes 6) Verification of states' site declarations and for input to State Evaluation reports
+7) A common basis for discussions among all interested parties (Member States)
+
+Additionally, as an "open-source", such virtual globes can also provide a new, essentially free, means to conduct broad area search **for undeclared nuclear sites and activities**...either alleged through open source leads; identified on internet BLOGS and WIKI Layers, with input from a "free" cadre of global browsers and/or by knowledgeable local citizens (a.k.a.: "crowdsourcing"), that can include ground photos and maps; or by other initiatives based on existing information and in-house country knowledge. They also provide a means to acquire ground photography taken by locals, hobbyists, and tourists of the surrounding locales that can be useful in identifying and discriminating between relevant and non-relevant facilities and their associated infrastructure.  The digital globes also provide highly accurate terrain mapping for better geospatial context and allow detailed 3-D perspectives of all sites or areas of interest.  3-D modeling software (i.e., Google's SketchUp6 newly available in 2007) when used in conjunction with these digital globes can significantly enhance individual building characterization and visualization (including interiors), allowing for better assessments including walk-arounds or flyarounds...and perhaps better decision making on multiple levels (e.g., the best placement for International Atomic Energy Agency (IAEA) video monitoring cameras).
+
+
+Strengthened IAEA Safeguards - Imagery Analysis Strengthened IAEA Safeguards - Imagery Analysis
+
+  Geospatial Tools for
+Nonproliferation Analysis
+    p
+                     y
+
+Frank V. Pabian
+
+## Satellite Imagery Analysis
+
+Satellite Imagery Analysis A Growing Role in State Infrastructure Analysis in the IAEA Safeguards Division A Growing Role in State Infrastructure Analysis in the IAEA Safeguards Division LA-UR 09-03681
+19 June 2009
+http://ungiwg.ctbto.org/meetings/12th-ungiwg-plenary-meeting-0#tabs3
+
+## What Is Imagery Analysis? How Can It Help To Strengthen Iaea Safeguards?
+
+ Imagery Analysis: Image analysis is the extraction of  meaningful
+information from images, which, for this review, is primarily commercial satellite imagery.   Imagery analysis is another means of assessing raw data that can be combined with other safeguards pertinent data, in a manner sometimes referred to
+as "Data Fusion," that can often have significant synergistic results.
+
+For IAEA Safeguards purposes, this means deriving: New, "value-added," information from the raw un-annotated imagery, and then adding that  information to the overall existing body of knowledge with respect to a particular nuclear activity, facility, or program.
+
+Imagery analysis provides answers not only to the questions of What? and Where?, but even more importantly
+Why? How ? and What is the significance?
+but even more importantly... Why?, How ?, and What is the significance?
+
+This briefing will show  how the IAEA now routinely relies on imagery analysis for safeguards monitoring purposes with both Iran and Syria as examples, particularly as it applies to identifying "Undeclared facilities and activities".
+
+Finally, new "Geospatial Tools" have become available that can further facilitate the process of imagery analysis for Safeguards purposes.
+
+## Imagery Analysis: It's A Process
+
+
+Imagery doesn't come with labels...it is just "a pile of pixels" that requires
+human interpretation to add meaning
+
+Among the features of an image that lead to identification and aid in interpretation include:
+
+Size:  the true and relative scale of the objects in the image
+
+Shape: the physical appearance ("manmade" is often angular vice "natural" amorphous)
+
+Shape: the physical appearance ( manmade  is often angular, vice natural  amorphous)
+
+Shadows:  silhouettes provide insights
+
+Shade : brightness and contrast variations of one object compared to another
+
+Surroundings:  the textual and cultural context ...What is the Setting?
+
+Signatures: the *generally* consistent common functional characteristics (particularly when
+associated with the nuclear fuel cycle)
+
+Time: Temporal changes  including construction history, activity levels, operations, etc.
+
+"Convergence of Evidence": If it looks like a duck....
+
+Beware of "Signature Suppression": Deception is a constant threat
+
+Learn to think in           even when only working with 2-D imagery
+
+Enlist collateral information:  All other available sources should be tapped,
+including "the new Geospatial Tools"  and always seek "Peer Review"
+
+Know the nuclear fuel cycle inside and out (materials, processes, equipment, infrastructure)
+
+Know your limitations: Use caveats to convey your confidence level
+
+Try a Quiz?  Go to: http://www.defence.gov.au/DIGO/Imagery_Analysis/imageryQuizT3.htm
+
+## Imagery Analysis: Shadows & Setting Exemplar Imagery Analysis: Shadows & Setting Exemplar
+
+What is this?
+
+(Without shadows, fairly easy)
+
+## Geospatial Tools: What Do We Mean?
+
+ "Virtual Globes" See: http://en.wikipedia.org/wiki/Virtual_globe
+Provide the means to virtual fly to any place on earth and gather information in a 3-D geospatial context and provide a platform for additional overlays
+ BLOGs and WIKIs can provide critical tip-off, background, & locational info  Social Networks (Panoramio Flickr & Twitter for "geotagged" ground imagery)
+ Social Networks (Panoramio, Flickr, & Twitter for geotagged  ground imagery)
+
+ Geospatial Meta-search Engines/Viewers
+
+"GeoHack" (http://toolserver.org/~geohack/)
+
+"GAIAGI" (http://www.gaiagi.com/)
+ Commercial Satellite Imagery  Media, Academia, & NGOs (locational information, ground photos, graphics, etc.)
+U N C L A S S I F I E D U N C L A S S I F I E D
+Operated by Los Alamos National Security, LLC for NNSA Operated by Los Alamos National Security, LLC for NNSA
+You can access much of it on a Smart Phone!
+
+What is this?
+
+(Without shadows, fairly difficult)
+
+"Basir"?
+"Basir"?
+ 2011
+ 2011
+ (Iran)
+ (Iran)
+
+## Additional Thoughts On Imagery Analysis For Safeguards
+
+ Imagery Analysis, employing the new
+geospatial tools, should be viewed as just another form of  "Open  Source Analysis" to help strengthen IAEA Safeguards
+to help strengthen IAEA Safeguards Source: http://www.nro.gov/corona/cor-ab.html http://en.wikipedia.org/wiki/File:Corona_pentagon.jpg
+
+## Satellite Imagery For All: A New Era Of Global Transparency!
+
+"Perhaps this is also a good moment to step back in awe at what modern technology has wrought the ability for any sufficiently concerned citizen or organization to scrutinize any desired spot on Earth within hours of making the request, and then being able to publish the result to a context-rich virtual globe that is universally available. That's a profound shift in favor of accountability, transparency and democracy. **Monitoring the planet has been crowdsourced**."
+Stefan Geens of Ogle Earth
+"*Clearly it has an effect on the way diplomacy will be carried out in the future*", Einar Bjorgo (UNOSAT).
+
+Applications Include:
+- Emergency Response - Disaster Management /Humanitarian Assistance - Risk Prevention
+- Peace-keeping - Environmental Monitoring & Rehabilitation - Post Conflict Reconstruction - Social and Economic/Resource Development
+- Treaty Verification and Monitoring
+http://www.unspecial.org/UNS621/UNS_621_T32.html Sources: http://www.ogleearth.com/2009/09/qum_nuclear_sit.html#comments
+8. Iran's refusal to grant the Agency access to IR-40 could adversely impact the Agency's ability to carry out effective safeguards at that facility, and has made it difficult for the Agency to report further on the construction of the reactor, as requested by the Security Council. The completion of the containment str ct re o er the reactor b ilding and the roofing for the other b ildings on containment structure over the reactor building, and the roofing for the other buildings on the site, makes it impossible to assess further progress on construction inside the buildings without access to the facility. However, satellite imagery suggests that construction is continuing at the reactor site.EROS
+EROS--1B satellite imagery
+1B satellite imagery EROS EROS--1B satellite imagery
+1B satellite imagery
+
+Imagery Type
+Advantages
+Optical/Electro-Optical:
+the visual spectrum in Panchromatic (B&W) and non-visual near-infrared bands
+Very high resolution possible. Near-infrared is optimal because it can penetrate haze and can be merged with true color for more natural appearance as an aid to interpretation.
+Multi-spectral:
+(Incl Hyper-spectral)*
+Provide the means to view sites in a more natural true color setting
+May also
+(Incl. Hyper spectral) Includes both visual bands and non-visual bands
+natural, true color setting.  May also
+provide a means for determining material/chemical composition and material transfer, and for detecting camouflage and concealment activities
+| Thermal infrared                            |
+|---------------------------------------------|
+| Provides a quantifiable measure of heat     |
+| transfer as a basis for determining site    |
+| status such as reactor power operations.    |
+| When correlated with optical could          |
+| determine heat flow, both qualitatively and |
+| quantitatively, from waste ponds, steam     |
+| lines, vents, stacks, cooling towers, etc.  |
+Radar:
+Provides 24-hour monitoring capability, can Processing and interpretation of imagery is much
+penetrate clouds, and  is a useful complement to optical imagery.** Resolution  improved greatly in 2007 with successful launch of the 1-meter capable German built *TerraSAR-X* .
+
+* Irmgard Niemeyer, Satellite Imagery Analysis for Safeguards and Non-Proliferation, *Strengthening detection capability for safeguards*, Institute of Nuclear Materials Management (INMM), Changing The Safeguards Culture: Broader Perspectives And Challenges, Santa Fe, New Mexico, USA, October 30 - November 2, 2005 http://www.inmm.org/topics/contents/wgreport.htm#2; Christopher L. Stork, Heidi A. Smartt, Dianna S. Blair, and Jody L. Smith, "Systematic Evaluation of Satellite Remote Sensing for Identifying Uranium Mines and Mills," Sandia National Laboratories, January 2006 http://www.prod.sandia.gov/cgi-bin/techlib/access-control.pl/2005/057791.pdf; and Q. S. Bob Truong, "Road Map B&W and Colour Imagery,"
+
+## Minimum Overhead Imagery Resolution (In Meters) Necessary For Analysis Of Nuclear Fuel Cycle Related Facilities
+
+Detection: Identify the location of a facility of activity of FMCT/NPT interest (locate and define outline of nuclear related facility in light of  other descriptive or geographically specific information) (Note: It can often be possible to detect and identify characteristic features, such as security fencing or power lines, despite the fact that any given section of such fencing may be of sub-pixel size, or below the given resolution of the image, because they are generally linear and span many pixels.)
+General ID: Determination of general facility or activity type (Discriminate between research lab, mfg. facility, explosives prod, storage site) Precise Building ID: Precise determination of building function (i.e., reactor type/size, propellant mixing/casting, machine shop, administration)
+Resolution and Availability
+5,5 1,5
+Approved for Public Release 09-114
+https://www1.nga.mil/About/WorkingWithUs/CooperativeAgreements/Documents/TOPS%2017%20Feb%20industry%20Day%20final%20Briefed%20Public.ppt VIEW  SLIDE MASTER TO ENTER CLASSIFICATION
+Terrasar-X
+
+## Commercial Satellite Imagery Is Becoming Ubiquitous
+
+U N C L A S S I F I E D U N C L A S S I F I E D
+Operated by Los Alamos National Security, LLC for NNSA Operated by Los Alamos National Security, LLC for NNSA
+Know the cultural setting you are dealing with in order to separate wheat from chaff
+
+## Mistakes Do Happen
+
+http://www.globalsecurity.org/wmd/library/news/iraq/2001/stirevnws01015.htm
+
+## Us Intelligence Imagery Analysis Of Nuclear Facilities Cold War Style
+
+Source: http://www.gwu.edu/~nsarchiv/NSAEBB/NSAEBB186/doc01.pdf
+
+ "Exceptionally"
+ high resolution
+ Gambit photos
+acquired in stereo
+made it possible to
+
+i
+    3
+
+  build 3-D scale
+models to aid in the
+analysis of key sites
+  "STEREO  PAIRS  AVAILABLE
+ IN  ALL  ROLL  POSITIONS  UP  TO
+MAXIMUM  ROLL  CAPACITY  OF  44.45"
+
+Photoanalyst using Stereo-microscope Photoanalyst using Stereo-microscope Sources: http://www.nro.gov/foia/declass/GAMHEX/Videos/1.mov And http://www.nro.gov/foia/declass/GAMHEX/GAMBIT/17.PDF
+From Photo to 3-D Model The best that the IAEA previously had for site visualization
+(circa mid-1990s)
+Source: http://www.iraqwatch.org/un/IAEA/s-1995-1003-a.jpg What has been available to the IAEA since late 1999
+Typical annotated near-nadir view Source: http://www.isis-online.org/images/iran/dg_jan2_2006_ann.jpg Typical plan-view line drawing used during IAEA
+site i ti inspections in Iraq
+
+ NOTE: U-2 and helicopter imagery
+were also used in Iraq, but that was an
+ exception not currently applicable to
+          IAEA Safeguards
+
+    "2 D"
+    "2-D"
+ commercial
+satellite images
+
+## 3--D Visualizations Can Support The Iaea D Visualizations Can Support The Iaea Inspection And Assessment Process Inspection And Assessment Process
+
+Training Center Disputed Chinese/
+Indian Border
+
+## Googleearth Uncovers Concealment And Deception In Sweden Sweden's Spy Hq's Uncovered
+
+not satellite
+
+## More Assessment Tools: "Wikimapia" Layer Exemplar
+
+   Another optional
+  Google Earth layer
+(most input is by locals,
+most in native language
+
+most in native language,
+but only spotty vetting)
+
+## "Panoramio" And "Flickr"" Layer Exemplars
+
+Moscow Engineering Physics Institute More optional Google Earth layers More optional Google Earth layers
+(Ground photos and maps)
+
+WEB LINKS FOR LAYERS:
+KML photos (Flickr)
+http://kmlphotos.metaltoad.com/kml_link.php?kmlphotos=85550f1
+bb7476ac3b0341b81b7e9d3df5ffdeee2
+
+Panoramio
+http://www.panoramio.com/panoramio.kml
+And
+http://www.panoramio.com/panoramio.kml?al
+
+"SS-25 TELs and open single-bay garages, likely for START treaty verification purposes."
+Source: http://geimint.blogspot.com/2009/03/site-news.html More "Crowd-Sourcing" or using "People as Ubiquitous Sensors"
+
+## Georgetown University Makes Headlines
+
+Students locate and describe nucleartipped ballistic missile forces and their concealment their concealment underground in China BLOGS & WIKIs with Google Earth provide synergistic results Other Links to check:
+And You Never Know What You May Find?
+
+Detected Next to the US Nevada Test Site & Area 51 ?...
+
+It Could Be Just Art!
+
+Gigantic Sculpture Created over 36 years!
+
+why not make one that competes with a 747, or the Empire State Building, or the Golden Gate Source: http://doublenegative.tarasen.net/city.html A Double-Edged Sword!
+
+Such Tools Can Be Used by Anyone:
+Adversaries Can Use for Nefarious Purposes!
+
+http://www.cnn.com/2009/TECH/06/05/aerial.images.security/index.html#cnnSTCVideo A Local Law Enforcement Exemplar!
+
+http://www.gearthblog.com/blog/archives/2009/01/marijuana_field_found.html
+
+Right Fielder
+                                        With these new
+                                          commercial
+                                       satellite systems
+
+you can y potentially identify individual people
+5?
+
+Tunnel # 4
+Looking at a Syrian Nuclear Site with Open Sources Looking at a Syrian Nuclear Site with Open Sources
+
+## Bloggers Discuss Magnox Reactors
+
+Sources: http://dni.gov/interviews/20080424_interview.pdf and http://www.armscontrolwonk.com/
+Board of Governors GOV/2009/36
+
+## Implementation Of The Npt Safeguards Agreement In The Syrian Arab Republic Report By The Director General Paragraph 18.   Summary
+
+1)
+The presence of the uranium particles at the Dair Alzour
+(aka Al Kibar) site, the imagery of the site available to the Agency and certain procurement activities remain to be clarified.
+
+2) The information provided by Syria to date does not adequately 2) The information provided by Syria to date does not adequately support its assertions about the nature of the site. 3) In order for the Agency to complete its assessment, Syria needs to be more cooperative and transparent.
+
+## Beware Of Imagery Data Manipulation (Aka:  "Fauxtography") As It Can Lead To Erroneous Conclusions!
+
+Date: 5 June 2009
+
+Using the New Google Earth to Locate
+Using the New Google Earth to Locate
+         a Newly Revealed
+         a Newly Revealed
+
+Underground Plutonium Production Complex in China
+"150-meter chimney" ventilation stack Sandbag barricade Project 816 "Reactor Hall with Nuclear Reaction Cauldron"
+Source: http://www.china.org.cn/china/2010-05/24/content_20106476.htm Video Capture of Interior Layout "Panorama" Video Capture of Interior Layout "Panorama" Overlain on Google Earth Overlain on Google Earth
+(Not to be construed as definitive) (Not to be construed as definitive)
+"150-meter chimney"
+Area marked in yellow reported as
+"open to the public"
+Vehicle Vehicle Entrance Entrance Geospatial "Crowdsourcing" North Korea http://gizmodo.com/5277184/north http://gizmodo.com/5277184/north--korea korea--secrets secrets--uncovered uncovered--in in--google google--earth earth--by by-amateur amateur--spies spies http://online.wsj.com/article/SB124295017403345489.html#project%3DNKGOOGLE0509%26articleTabs%3Dinteractive http://www.nkeconwatch.com/north-korea-uncovered-google-earth/
+Experimental Light Water Reactor Newly roofed Turbine Generator Hall Reactor containment structure LWR Reactor Dome Experimental Light Water Reactor Reactor containment structure Port for maintenance and replacement of equipment LWR Reactor Dome Newly roofed Turbine Generator Hall Exemplar Port for maintenance and replacement of equipment Reactor (shut down)
+Ground photo showing complete context DPRK DPRK
+Interiors as reported by onsite observers Showing layout of control room Cascade Hall, Yongbyon NRC, DPRK
+(Just a place holder...items placed in Recovery Room are not meant to be realistic)
+DPRK
+West Observation Window Initially, single exterior photo used to locate reported site of DPRK Strategic Rocket Forces Headquarters on Google Earth Earth http://www kcna kp/kcnadata/kor/photo/2012/3/311339 1 jpg Reported Strategic Rocket Forces HQ's Identified from photo
+(Located between Kangdong and So'ngch'o'n Counties)
+Underground Entrance Mosaic composite of two images compared with Google Earth imagery Second Economic Committee Executive Offices now reportedly include Strategic Rocket Forces Headquarters Monument Big Evergreen Tree Tree Tree Bridge & Dam across river ( a tributary of the
+
+Kim Jong Un being shown an historical
+satellite image of the site from ~2005
+(Google Earth?)
+on a large flat screen monitor!
+
+Nearly Identical satellite Images Nearly Identical satellite Images
+
+## Final Ctbto Estimate Of The Location Of The Dprk Tests
+
+http://www.ctbto.org/press-centre/highlights/2009/homing-in-on-the-event/
+Support Area Small buildings/trailers East Tunnel Portal must be near upper end of tailings spoil pile Small buildings/trailers
+2011 est.)
+Digital Globe Digital Globe tunnel
+~.5 Km tunnel
+~220 meters DoB
+Future event?
+
+Derived Epicenters of North Korean Nuclear Tests from 2006 and 2009
+2009 event Pabian/Hecker est.
+
+(using Murphy, et al., relative location plot)
+~one to 1 1 Km tunnel one to 1.1 Km tunnel
+2009 event Pabian/Hecker est.
+
+(using Murphy, et al., relative location plot)
+2006 event Pabian/Hecker est.
+
+(using Murphy, et al., relative location plot)
+(Physically impossible, given that the relative location plot would place the 2009 event across the valley from the west portal)
+2006 event Pabian/Hecker est.
+
+(using Murphy, et al., relative location plot)
+~one to 1.1 Km tunnel ~one to 1.1 Km tunnel Derived Epicenters Relative to Predicted Future Event Location Using Google Earth
+~2.3  Kilometers
+2009 Event
+(Pabian/Hecker est.)
+~2.4  Kilometers West Portal Area South Portal Area Estimated Nuclear Yield based on Depth of Burial as Derived from Google Earth Topographic Elevation Data
+2006 Event
+(Pabian/
+Hecker est.)
+East Portal Area
+(under this mountain)
+
+Tailings spoil pile
+Tailings spoil pile
+Tailings spoil pile
+Tailings spoil pile
+
+Mining carts train on a tailings spoil pile at a mine Vehicle Tracks on Tailings spoil pile rails Engine Mining carts train?
+
+Small buildings/ trailers Tunnel Portal Nuclear device container on rails Mucking machine Mine carts Engine Flat car South Tunnel Portal Drainage ditch Mining carts train on a tailings spoil pile at a mine Unidentified object Vehicle Tracks on Tailings spoil pile rails Engine Mining carts train?
+
+Tunnel Portal Nuclear device container on rails Mucking machine Mine carts Engine Flat car New Small building New Small building New Small building
+(since 18 April 2012)
+building South Tunnel Portal Drainage ditch Small buildings Inside the Nuclear Test Tunnel, Ras Koh Nuclear Test Site, Pakistan Nuclear Test Tunnel, Ras Koh Nuclear Test Site, Five tests reportedly occurred simultaneously Tunnel Portal
+19 June 1998
+Fresh Rockslides Support Camp
+19 June 1998
+Instrumentation/Fire control cabling
+19 June 1998
+(Note: This is not an accurate portrayal of the West Portal Area, as no buildings are shown nearby in the opening sequence)
+Cabling Rail line Third Blast/debris Trap Door 5 Door 5
+Door 8
+Door 9
+Door 7
+West Portal & Door 10?
+
+Second Blast/debris Trap Google Earth is a Growing Part of Global Pop-Culture https://plus.google.com/100156589101321820776/posts/NfaRHQgsmVP
+Nuclear Test Device Emplacement Point Door 6
+First Blast/debr is Trap Door 4
+Door 1
+Door 2
+Door 3
+"Fauxtography" is a potential problem:
+But MUCH less so for satellite imagery than with ground imagery as there are: multiple satellites- from multiple vendors- and from multiple nations http://thelede.blogs.nytimes.com/2008/07/10/in-an-iranian-image-a-missile-too-many/
+Original Ground Image: Un-"Photoshopped"
+http://thelede.blogs.nytimes.com/2008/07/10/in-an-iranian-image-a-missile-too-many/
+July 2008 Iranian missile launch was "Photoshopped"
+http://thelede.blogs.nytimes.com/2008/07/10/in-an-iranian-image-a-missile-too-many/
+Why Stop at Just Four?
+
+http://www.armscontrolwonk.com/1955/missile-palooza
+
+## Students Making A Difference With Ge Students Making A Difference With Ge
+
+www.intelligenceonline Using the New Geospatial Tools: Putting All the Pieces Together Using the New Geospatial Tools: Putting All the Pieces Together Using the New Geospatial Tools: Putting All the Pieces Together Using the New Geospatial Tools: Putting All the Pieces Together Wikis Commercial Satellite I Imagery Open Source "*Crowdsourcing*" + Geospatial Tools = Global Transparency
+* Exemplars are NOT meant to be viewed as exhaustive * Exemplars are NOT meant to be viewed as exhaustive Blogs
+
+## Conclusions: Google Earth Is A Critical Tool For Monitoring & Verification
+
+ You No Longer Have To Be a Super Power!
+ Google Earth is a Great Starting Point for Any Assessments  Ideal Global Visualization Tool  Broad Area Search Tool  Historical Imagery Archive
+ **Virtual Global Transparency**:
+Free "Open Source" "Crowdsourcing" cadre
+(>1.1 Billion downloads!)
+ Ground-Based Imagery Layers:  Panoramio, Street View
+
+## Questions??
+
+http://blog.wired.com/defense/2008/07/attack-of-the-p.html

markdown/misc/socnet.md

@@ -0,0 +1,716 @@
+traditionally determined through the use of surveys which ask questions such as: "Who among your co-workers do you typically go These techniques are described briefly below for reference.
+
+Hierarchical
+~ Clustering is a technique that clusters
+(i.e., groups individuals or objects) in descending order
+-to for help or advice when you encounter a problem or have a question at work?"
+or
+"Check the names of all those who you talk of the strength of the connections in each cluster based on the measure applied to virtually every day about work-related matters" (Krackhardt, 1996:165, 170).
+
+Once all of these surveys are
+(Borgatti,
+1994:78).
+
+A number of other clustering approaches and distance measures exist.
+
+The aim of cluster analysis procedures is to
+"classify n objects or individuals, upon which
+
+measurements have been taken, into m clusters"
+(Godehardt, 1990:29). Godehardt notes that there are four broad types of clustering procedures:
+(1) disjoint clustering where n objects are split into a m non-overlapping, collected, the relationships revealed are plotted on either directed or undirected graphs based on the type of study under consideration (Krackhardt, 1996:165).
+
+The resulting graph allows one to make certain observations about the given social network.
+
+For example, the number of edges
+(representing the relationship elicited in the survey tool) incident on a node (representing a person or group) indicates the relative importance of that node in the social network
+(Krackhardt,
+1996:166).
+
+ This relative importance may be far different than that node's (person's) formal position in the given organization under consideration.
+
+In disjoint clusters, (2) non-disjoint clustering where objects may belong to more than one cluster at the same time,
+(3) hierarchical clustering where objects and groups of objects are arranged in the form of a tree representing the hierarchy, or
+(4)
+quasihierarchical clustering where clusters at each level of the hierarchy may overlap
+(Godehardt, 1990:42-43).
+
+Inferences based on Hierarchical Clustering must be based on the measure applied.
+
+For example, if one used the measure of number of communications then fact, one cannot directly infer from a formal organizational chart the underlying social network (Krackhardt, 1996:171).
+
+Nor can one "infer from the network pictures how to solve their particular problems
+... [unless]
+accompanied by a local sense of the problems" (Krackhardt, 1996:172).
+
+Relationships in a SNA network can be quantified in several ways, allowing further analysis. One measure of "strength"
+is counting the number of edges incident on the individuals involved. Depending on the survey tool used, other countings may also be possible;
+for example, counting the number of times pairs of individuals communicate in a fixed time period.
+
+For cases where these measures exist, they can the closest people are those who communicate most frequently and the resulting clusters are those containing people who communicate with each other frequently.
+
+This type of analysis does not, however, clarify why these people communicate.
+
+Further, Hierarchical Clustering is restricted to the context of the measure applied.
+
+Multidimensional Scaling (MDS)
+is another SNA technique commonly found in use by Social Scientists.
+
+Multidimensional Scaling "provides a visual representation of be used to weight the edges in the SNA
+graph.
+
+Using a weighted SNA graph, there are existing techniques utilized by Sociologists to conduct further analysis.
+
+the pattern of proximities (i.e., similarities or distances)
+among a set of objects
+[or people]" (Borgatti, 1996:29). MDS requires however, results must be considered in light the same data matrix as Hierarchical Clustering and a stress function that measures
+"the degree of correspondence between distances
+[or similarities]"
+(Borgatti, 1996:32).
+
+Borgatti suggests the use of the metric Kruskal stress function, of these limitations.
+
+Correspondence Analysis is a technique very similar to Multi-Dimensional Scaling for cases where data is non-metric
+(Anderson,
+1992:340).
+
+Correspondence analysis, however, only preserves ordinal relationships at most and provides no order relationships when nominal
+(categorical)
+data is used
+(Anderson,
+1992:340).
+
+Correspondence Analysis, a qualitative technique similar to MDS, is of limited use which is defined as:
+Stress
+=
+((ZZ;
+aydy)/(Z%; dg)"* where dy is the Enclidean distance between points i and j based on the coordinates assigned in the MDS algorithm
+(Borgatti, 1996:32).
+
+Using the MDS
+ approach, particularly when two-dimensional spaces in extending SNA techniques to analytical Operations Research methods.
+
+It has all of are used, it is possible to plot the coordinates of people in the social network where those people who are closer to each other are, based on the theory of this technique, closer socially in the context of the measure applied.
+
+Borgatti notes that,
+"the best possible configuration in two dimensions may be a very poor, highly distorted, representation of your data.
+
+If so, this will the same mathematical problems of MDS
+and additional problems associated with the non-metric data.
+
+While SNA
+and related analysis techniques provide a foundation for developing an analytical model, these techniques have several weaknesses where improvement must be made in order to create a robust model.
+
+The survey-based approach to collecting data is not practical in be reflected in a high stress value" (Borgatti,
+1996:31). Any stress value greater than zero indicates that the representation of relationships is distorted.
+
+Borgatti suggests all situations.
+
+In addition, the questions currently asked are fairly simple and are only taken in one context (problems at work, that even in the presence of stress, "you can rely on the larger distances as being accurate" (Borgatti, 1996:35).
+
+for example).
+
+Further, the survey questions may lead to a bounding of the number of connections (for example, if one is asked to check up to three names of co-workers with whom they associate).
+
+In addition, such questions do not capture the relative weight Borgatti further. notes that, "four or more dimensions render MDS
+virtually useless as a method of making complex data more accessible to the human mind" as there is no way to visually observe the results in a single. graph (Borgatti, 1996:31).
+
+He also maintains that the axes and the orientation of of the relationship.
+
+Although SNA can be used to consider either individuals or groups, it is not presently intended to consider both individuals and groups in the same graph. Further, the analysis techniques the MDS plot are "meaningless"
+as there may be multiple orientations that have the same minimum stress and the axes are only proportional in nature (Borgatti,
+1996:35).
+
+for SNA graphs described have the noted mathematical problems.
+
+The problems inherent to analysis techniques such as MDS, the most robust of the methods discussed, stem in part from a lack of advantageous properties of the measures applied (they may be non-metric, In addition, since MDS is based on the same data matrix as Hierarchical Clustering, MDS has all the problems inherent to making inferences based on such data.
+
+These problems do not make MDS
+unusable;
+for example), the dimensionality of the space may be ill defined, and a lack of multi-context data may lead to higher stress as significant social connections may be neglected
+(Borgatti,
+1996:36).
+
+Mapping social network analysis to a flow model representation resolves many of the problems found in existing SNA techniques.
+
+## Social Network Analysis Mapped To Flow Problems
+
+different single-criteria measures, even within the same .context, that Ax) #-g(x);
+however, for any f(x)
+or g(x)
+an inverse function will exist for all ratio type measures used in this study.
+
+For the purpose of the analysis presented in this study, only social closeness measures are considered and are assumed to have positive monotonicity, on a positivevalued scale where zero represents the absence of social closeness
+(or no relationship whatsoever).
+
+For measures not defined on this scale, the stated conditions may be achieved through a simple mathematical transformation without loss of detail or generality.
+
+For example, social distance (with negative monotonicity) may The fundamental concept of mapping social network analysis to a classic flow problem is that pairwise measures of social closeness represents the capacity of the potential influence
+* between individuals
+(Borgatti: 1999, 59).
+
+This means that social closeness, distance, similarities, or differences can be represented as capacities on the influence between individuals.
+
+Influence measured by social closeness, distance, similarities, or differences are, thus, the commodities flowing over the network where the magnitude of their flow be converted to social closeness
+(with positive monotonicity)
+by multiplying all values by
+-1.
+
+Measures that take on negative values may be rescaled to a positive scale.
+
+For example, one could simply add any number greater than the absolute value of the smallest valued measure to all measures.
+
+For measures where zero does not represent the absence of social closeness, it is also possible to rescale is their relative influence. We define social closeness and similarities to be strictly positive monotonic
+(greater magnitude implies greater influence).
+
+Likewise social distance and differences are defined to be in a similar manner.
+
+Such linear transformations are admissible for measures strictly negative monotonic
+ (greater magnitude implies less influence).
+
+These strictly monotonic functions are related as follows.
+
+If x and y are both measures of social closeness, and if x <y, then f(x) < f(y) where the function f is the relative influence in a particular context.
+
+If x and y are both measures of social distance, and if x <
+y, then g(x) > g(y) where the function g is the relative influence in a particular context. Within the same context, then, f(x) = -g(x)
+.
+
+In other words, within the same context, g is the inverse function of f (Apostol, 1974:94).
+
+If fix) #-g(x)
+, then that are at least ratio in nature (Knuze: 1971,
+67-68).
+
+A discussion of measures violating these assumptions may be found in Modeling and Analysis of Social Networks
+(Renfro, 2001).
+
+Maximum flow problems, with both single and multiple sources and sinks, are useful for the analysis of several issued related to the social networks.
+
+Maximum flow problems can address questions such as how much A
+sources influence B sinks, where sets A and B exist in the set of all nodes in the social network N (4, B
+N).
+
+The case where A and B have cardinality of fix)
+and g(x)
+do not measure the same influence (i.e., one or both of f(x) and g(x)
+are incomplete measures).
+
+It is possible for
+1 is the situation where one person desires to influence only one other person in the network.
+
+The case where A has cardinality of 1 and B = N - A indicates that one person,
+
+sj=-a(sa),a>0,i % j k=1, Vijkl
+n
+.
+Further,
+s;
+need
+not equal sl
+.
+A in this case, attempts to influence an entire network, N - A. Cases where the cardinality
+
+Social Closeness is therefore defined as a set
+denoted S, where S contains V's;. S is, thus,
+a subset of R.
+of A
+is greater than
+1
+represents a combination of people attempting to influence one or more individual in a network.
+
+When data is available, achieving specified threshold levels of influence, the effects of predispositions, misunderstanding the message, and other such problems of interested may also be modeled in the flow network representation (Renfro, 2001:86).
+
+We define Social Closeness, in general, as a non-metric measure, as follows:
+The underlying assumptions of a linear program are linearity, additivity, proportionality, divisibility, and certainty
+(Winston, 1994:53-54).
+
+Any mathematical program with a linear objective function, linear constraints, and Social Closeness measures may be represented as a linear program.
+
+Social Closeness, in network modeling terms, is a capacity on potential Definition.
+
+Social Closeness is defined by influence
+(Evans,
+1992:10).
+
+Potential sij  R* (where R" is the set of positive real numbers)
+and is the maximum potential influence one person or group (i) has upon another person or group
+(j) in a set of N
+people or groups in a given scenario. The set influence may, therefore, be modeled as a commodity (Evans, 1992:10).
+
+As such, the flow of influence across a social network, as measured by Social Closeness, may be appropriately modeled as a traditional network flow problem.
+
+Since Social Closeness meets the necessary assumptions of N people or groups and their associated s;
+measures completely define a social network whens=a(su),a>0,i # jk#
+I, Vi j k of classic flow models, all such flow models are appropriate for analysis of social networks without exception.
+
+Table
+1
+lays the foundation for mapping social networks to classic flow models.
+
+le N
+(ie., Social Closeness is a ratio measure). When s; = 0 = O(sy) and s;; = 0
+Vi, there exists no potential influence.
+
+Since s;; is directed and the network may be asymmetric, -s;; denotes the inverse of flow between i and j and has the property
+
+| Flow           | Model       | Properties    |
+|----------------|-------------|---------------|
+| Social         | Closeness   | Terms         |
+| People         | or          | groups        |
+| transshipment) |             |               |
+| Connectivity   | or          | affinity      |
+| Capacitated    | arcs        | (or           |
+| between        | nodes       |               |
+| Social         | Closeness   | Capacity      |
+| Influence      | Commodity   |               |
+| Potential      | Influence   | Quantity      |
+| People         | or          | groups        |
+| influence      | in          | the           |
+| Target         | people      | or            |
+| be             | influenced  |               |
+| People         | or          | groups        |
+| Transshipment  | node(s)     |               |
+| in             | influencing |               |
+
+The flow model mapping has several
+
+## Single-Commodity Flow
+
+advantageous theoretical properties:
+
+1.
+The single-commodity flow representation of a social network is defined
+
+2.
+in this section.
+
+First, it is necessary to define a notional source node (denoted s)
+and a notional sink node (denoted ). Node s is then assigned incident notional directed arcs with infinite capacity (or at least large enough capacity so as not to artificially bound the solution) terminating in the actual source nodes under consideration in the problem.
+
+An alternative representation is to capacitate the edges from node s based on the ability of the decision-maker to influence Flow models do not require metric measures (Renfro, 2001:95).
+
+Flow models are well defined and accepted.
+
+The flow model representation is applicable to multiple problem classes.
+
+Formal sensitivity analysis may be conducted. Applicable problem classes may be extended through the use of Goal Programming and other techniques. Lack of fit may only result by improperly defining the network structure,
+-
+The optimal solution includes both aggregate flow and path information.
+
+This paper describes and demonstrates the single-commodity flow case.
+
+Multi-commodity flow model applications follow naturally from the single-commodity development.
+
+the actual source nodes.
+
+This alternative representation allows for course of action analysis as part of the flow problem rather than as post-processing analysis.
+
+The actual source nodes are those individuals who will initiate the influence represented by the flow in the network.
+
+Node  will have notional directed arcs with infinite capacity from the actual sink nodes under consideration in the problem terminating in node
+.
+
+These actual sink nodes are the individuals to be influenced.
+
+The objective of this problem representation is to maximize the flow (i.e., To better understand the singlecommodity flow representation of a social network, an example based on influencing maximize the influence) from s to
+#.
+
+The capacity from node i to node j in the network is dij where dy is the selected monotonically increasing social closeness measure between from node i to j. Note that the Iranian government is considered in detail.
+
+di need not necessarily equal dj for all
+
+## Sample Case: Iranian Government
+
+The purpose of this case study is to understand the relative influence of individuals in the Iranian government.
+
+Specifically, this case demonstrates using cases.
+
+The actual flow from node i to j is denoted x;; where x;; < d; since no gains are allowed in this formulation.
+
+In addition, note that Y X = 3 x;; since no losses are allowed in this formulation.
+
+For other scenarios, losses and gains may be used to represent predispositions, miscommunication, mistranslation, and other similar properties (Renfro 2001:86).
+
+The related mathematical program the flow model representation to determine who among Iran's senior leaders has the greatest ability to influence the key Iranian government decision making bodies.
+
+Such for this problem is (Evans, 1992:178):
+an individual might then be considered the Let x;; = the flow of influence over the edge from node i to j Maximize z (where z is the maximum flow)
+best target for an influencing campaign focused at the overall decision-making process of the Iranian government.
+
+In other words, the individual with the maximum influence is a pressure point.
+
+Note that the best operational approach to influencing the target pressure point, a specific individual Subject to:
+2iX-2=0
+2iXij-25%i=0V
+i z-2ixp=0
+OSXideij V iandj This formulation is demonstrated in the following example.
+
+Social closeness measures may be countings of communications over one or means of communication
+(phone calls, for example, may or may not be directly applying resources to the target pressure point, depending on access and means available to the decision-maker desiring to influence the given social network.
+
+Especially in non-cooperative cases, decision-makers outside the social network may need to work through co-opted intermediaries, for example.
+
+The example used in this paper is a geo-political scenario based on Iran.
+
+Sample case data comes from Foundation faxes, emails, meetings, and so on), elicited from people in the social network, or more complex psychological profile based measures.
+
+Aggregations
+(summations, averages, and so on)
+of social closeness measures, when properly defined, are also for Democracy in Iran
+(FDI)
+(http://www.iran.org). FDI provides data for Iran in
+1997
+with regard to President Khatami's Cabinet, the Council of Expediency and Discernment, the Council of Guardians, the Judiciary Branch, the Maijlis, and the Supreme National Security Council.
+
+social closeness measures.
+
+Analysis results may be no more accurate than the input data.
+
+When uncertainty exists, traditional sensitivity analysis may be applied as a corrective measure if better data is not available or possible to collect.
+
+In the graphical representation in Figure
+1, the membership in organizations other than senior leaders has been
+
+2.
+Edges are directed based on the rules
+that:
+(1) people influence other people
+and
+groups
+down
+their
+chain-ofcommand and (2) groups influence other groups.
+This weighting is done for example purposes only.
+
+Actual operational weights and measures must be developed from the fusion of open source, expert opinion, and data collected by national technical means.
+
+The data, while representative of the 1997
+aggregated into
+.
+
+their respective organizations.
+
+= The number of people aggregated into an organizational node is denoted in parentheses below its name.
+
+Membership in an organization need not be mutually exclusive
+(for example, the Executive Branch has
+31
+members, this includes the 22 Cabinet members, the 8 Vice Presidents, and President Khatami).
+
+The weighting of connections is depicted by the width of the edges in the graph.
+
+Notional weighting is provided for example purposes based on the following Social Closeness measure:
+
+1.
+Social Closeness between members of a group they are primarily
+a member of
+are
+three
+times
+that
+of
+only
+administrative connections.
+Secondary
+group membership is twice as important
+Iranian government, should not be taken as authoritative as FDI is an Iranian opposition group which advocates the overthrow of the existing regime
+(i.e., the data was not provided by the Iranian government or approved for use by any domestic of foreign government agency).
+
+The Iranian government social network is depicted in Figure 1.
+
+as
+administrative
+connections.
+Therefore, there
+is
+a ratio of 1:2:3 for
+administrative:secondary:primary
+connections.
+Consider, for example, the problem of identifying who among Iran's senior non-metric, ratio. social closeness measure defined based on primary, secondary, and administrative organizational membership.
+
+leaders depicted
+(i.e., sources)
+in the network
+(Khatami, Rafsanjani, Nouri, Mohammad, Jannati, and Firouzabadi) has the greatest potential, represented in terms of maximum flow, to influence the key
+
+| Source      |   Maximum  |
+|-------------|------------|
+| Khatami     |        17  |
+| Rafsanjani  |         9  |
+| Nouri       |        15  |
+| Mohammad    |         9  |
+| Jannati     |         8  |
+| Firouzabadi |         3  |
+
+Iranian government bodies
+(i.e., sinks)
+depicted in the network (Executive Branch, Council of Expediency and Discernment, Majlis, Supreme National Security Council, Judiciary, and Council of Guardians).
+
+This problem is a single-commodity maximum flow problem.
+
+The results of this analysis are given The maximum flow solution is depicted graphically in Figure 2.
+
+in Table
+2.
+
+President Khatami has the maximum flow
+(indicating maximum potential influence) of 17 in terms of the The results of this sample problem all of the major governmental departments, and likely informally retains some or all those membership ties. Further, observe that Khatami served under Rafsanjani when he was President.
+
+It is now possible to update are not unexpected.
+
+The social closeness measure applied essentially represents strength in terms of the given organizational hierarchy.
+
+Therefore, the result that President Khatami would exercise the greatest influence in the formal hierarchy of the Iranian social network with this multiple context data and recalculate the maximum flow problem.
+
+For illustrative purposes only, additional notional edges have been added to represent Rafsanjani's influence in the government of Iran is expected.
+
+As noted, to fully wunderstand influence both formal and informal contexts must be considered.
+
+Observe, for example, the informal context with a weight of 2 on that Rafsanjani was once the President of the same scale used in the pervious analysis.
+
+Iran, a member of or closely associated with These results indicate that Rafsanjani The results of the analysis for the Multi-
+Context problem are given in Table 3.
+
+actually has a greater potential to influence key Iranian government decision-making bodies than Khatami.
+
+This result implies
+
+Source
+Maximum Flow
+
+that targeting Rafsanjani would result in a greater potential to influence the decisions
+
+| Khatami    |   17  |
+|------------|-------|
+| Rafsanjani |   21  |
+
+of the Iranian government than targeting any other individual senior Iranian leader.
+
+This maximum flow is depicted graphically in Figure 4.
+
+| Nouri       |   15  |
+|-------------|-------|
+| Mohammad    |    9  |
+| Jannati     |    8  |
+| Firouzabadi |    3  |
+
+modeling approach to social network While additional data on all of the relevant contexts of influence applicable to the analysis.
+
+Iranian government social network are needed for a formal analysis, this notional example demonstrates the value of the flow
+
+## Conclusions
+
+Operations Research may contribute to furthering the ability to describe and predict social network behavior.
+
+Social network analysis is of broad interest to both private sector and government analysis.
+
+ The methods developed in this research adds to The theoretical development of the flow model representation and sample case analysis reinforces the conclusion that mapping social network analysis to a flow model is an analytically correct and very useful methodology.
+
+Conceptually, it is easy to conceive that this methodology may be extended to modeling gains and losses to represent predispositions and properties of the existing capability of social network analysis.
+
+:
+This research began with, and is founded on, the complementary lineage of Psychological, Sociological, Anthropological, and other theories that form a starting point for understanding social networks.
+
+The methodological focus of this research was placed on relevant areas the communication environment
+(loss of information, translation problems, misunderstandings, and so on).
+
+Maximum flow analysis provides solutions to many relevant problem classes of social network of Operations Research, including Graph Theory, Optimization, and Network Models, that may add insight to the analysis of social networks.
+
+The methods described in this research, expand on these existing Operations Research methods by extending them to social network analysis applications.
+
+analysis, as discussed and demonstrated.
+
+In addition, minimum cost flow analysis may be applied for cases where resource constraints are applicable
+(for example, communication costs per minute or based on geographic distance).
+
+ Multi-commodity flow may be used to represent different overlapping contexts with multiple means of influencing
+(i.e., commodities).
+
+Goal programming may be wused to model multiple possibly competing, objectives
+(Renfro, 2001:109).
+
+First, the methodology formally defines a class of non-metric measures termed Social Closeness.
+
+ These measures were then mapped to a flow model representation of a social network.
+
+The flow model representation provides a robust, transparent, analytically correct problem specification for the analysis of multiple social network problem classes.
+
+This paper has introduced the concept of social network analysis, discussed the current capabilities of the Social Sciences for modeling social networks, and described areas where
+
+## Reference List
+
+Anderson, Rolph, et al. Multivariate Data Analysis. Third Edition. New York: Macmillan
+Publishing Co., 1992.
+Apostol, Tom M. Mathematical Analysis. Second Edition. Menlo Park: Addison-Wesley
+Publishing Co., 1974.
+Borgatti, Stephen P. Anthropac 4.0 Methods Guide. Natick: Analytic Technologies, 1996.
+Borgatti, S.P., M.G. Everett, and L.C. Freeman. UCINET 5.0 for Windows User's Guide.
+Version 1.00. Natick: Analytic Technologies, 1999.
+Brennan, Niambh, et al. "National Networks of Corporate Power: An Irish Perspective." Journal
+of Management and Governance, Vol. 2, No. 4, 355-377 (1999).
+Evans, James R. and Edward Minieka. Optimization Algorithms for Networks and Graphs.
+Second edition. New York: Marcel Dekker, Inc., 1992.
+Godehardt, Erhard. Graphs as Structural Models. Second Edition. Braunschwieg: Viewag and
+Sohn Verlagsgesellschaft , 1990.
+Government of Iran." Excerpt from unpublished article.
+n. pag. Http:/www.iran.org. 15
+October 2001.
+Krackhardt, David. "Social Networks and the Liability of Newness for Managers." Trends in
+Organizational Behavior,Vol. 3., 159-173 (1996).
+Kunze, Ray and Kenneth Hoffman. Linear Algebra. Second Edition. Englewood Cliffs:
+Prentice Hall, 1971.
+Renfro, Robert S. II. Modeling and Analysis of Social Networks. Air Force Institute of
+Technology (AU), Wright-Patterson AFB, OH, December 2001.
+Winston, Wayne L. Operations Research, Applications and Algorithms. Third edition. Belmont:
+Duxbury Press, 1994,
+
+## Bibliography
+
+Aarts, Emile and Jan K. Lenstra. Local Search in Combinatorial Optimization. Chichester: John
+Wiley and Sons, 1997.
+Advances in Organizational Development. Ed. Fred Massarik. Norwood: Ablex Publishing
+Corp., 1990.
+Ahuja, Ravindra, Thomas Magnanti, James Orlin. Network Flows. Englewood Cliffs: Prentice
+Hall, 1993.
+Ahlstrand, Bruce, Joseph Lapel, and Henry Mintzberg. Strategic Safari. New York: The Free
+Press, 1998,
+_
+Alderfer, Clayton P. Existence, Relatedness, and Growth. New York: The Free Press, 1972.
+Atkinson, John W., Russell A. Clark, and Edgar
+L. Lowell. The Achievement Motive. New
+York: Irvington Publishers, Inc., 1976.
+Atkinson,
+John W. and Norman T. Feather. A Theory of Achievement Motivation. New York:
+John Wiley & Sons, Inc., 1966.
+Arquilla, John, et al. The Zapatista Social Netwar in Mexico. Santa Monica: Rand, 1998.
+_
+Askenazi, Manor, et al. The Swarm Simulation System: A Toolkit for Building Multi-agent
+Simulations. Santa Fe: Santa Fe Institute, 1996.
+'Aydin, Carolyn E. and Ronald E. Rice. "Social Worlds, Individual Differences, and
+Implementation." Information and Management, Vol. 20, 119-136 (1991).
+Barbera, Salvador, et. al. Handbook of Utility Theory. Dordrecht: Kiuwer Academic
+Publishers, 1998.
+Barucky, Jerry, et. al. Evaluation of Cross-Cultural Models for PSYOP. Final Technical Report.
+Armstrong Laboratory, 1998.
+Bazaraa, Mokhtar S., et al. Linear Programming and Network Flows. Second edition. New
+York: John Wiley and Sons, 1990.
+Bekerian, Debra A. and Janet L. Jackson. Offender Profiling: Theory, Research, and Practice.
+New York: Wiley Press, 1997.
+Bell, Duran. "Wealth Transfers Occasioned by Marriage: A Comparative Reconsideration."
+Kinship, Networks, and Exchange. Eds. Thomas Schweizer and Douglas R. White.
+Cambridge: Cambridge University Press, 1998.
+Berry, David. Central Ideas in Sociology. London: Constable, 1974..
+Boehnke, Karen, Andrea C. DiStefano, Joesph J. DiStefano. Leadership for Extraordinary
+Performance. IEEE Engineering Management Review, 1999,
+Borgatti, Stephen P. "Ego Networks." Http://www.analytictech.com/networks/egonet.htm.
+Dated August 9, 2000.
+Borgatti, Stephen P. "How to Explain Hierarchical Clustering." Connections, Vol. 17, No. 2,
+78-80 (1994).
+Bondy, J.A. and U.S.R. Murty. Graph Theory with Applications. New York: North-Holland,
+1976.
+Burt, Ronald S. Toward a Structural Theory of Action. New York: Academic Press, Inc., 1982.
+Burke, Eve M. Quality Function Deployment from an Operations Research Perspective. Masters
+Thesis, AFIT/GOR/ENS/99M-03. Wright-Patterson AFB, March 1999.
+Carlson, Christopher, and Pirkko Walden. "AHP in Political Group Decisions: A Study in the
+Art of Possibilities." Interfaces, Vol. 25, No.4, 14-29 (July-August 1995).
+Clemen, Robert T. Making Hard Decisions. Belmont: Duxbury Press, 1991.
+Cropper, S.A., et al. Operational Research and the Social Sciences. New York: Plenum Press,
+1989.
+Curphy, Gordon J., Richard L. Hughes, and Robert C. Ginnett. Leadership. Homewood: Irwin,
+1993,
+DPL Advanced Version User Guide. Belmont: Duxbury Press, 1995.
+
+Evans, James R. and Edward Minieka. Optimization Algorithms for Networks and Graphs.
+Second edition. New York: Marcel Dekker, Inc., 1992.
+Faust, Katherine and Stanley Wasserman. Social Network Analysis: Methods and Applications.
+New York: Cambridge University Press, 1994.
+Fitch, Thomas A. and Edward A. McCarty. A Test of the Theory of Reasoned Action at the
+Group Level] of Analysis. Masters Thesis, AFIT/GLM/LAR/93S-16. Wri ght-Patterson
+AFB, September 1993.
+.
+Flamagne, Jean-Claude. "Stochastic Token Theory." Journal of Mathematical Psychology.
+Vol. 41: 129-143, 1997.
+Glover, Fred, Darwin Klingman, and Nancy V. Phillips. Network Models in Optimization and
+Their Applications in Practice. New York: John Wiley and Sons, Inc., 1992.
+Goldman, Daniel. What Makes A Leader?. IEEE Engineering Management Review, 1999.
+Hage, Per, and Frank Harary. "Applications of the Minimum Spanning Tree Problem to
+Network Analysis." Kinship, Networks, and Exchange. Eds. Thomas Schweizer and
+Douglas R. White. Cambridge: Cambridge University Press, 1998.
+Hammond, John S., Ralph L. Keeney, and Howard Raiffa. Smart Choices. Boston: Harvard
+Business School Press, 1999,
+Handy, Charles. Understanding Organizations. New York: Oxford University Press, 1993.
+Haring, Douglas G. Personal Character and Culture Milieu. Syracuse: Syracuse University
+Press, 1949.
+Herzberg, Fredrick, Bernard Mausner, and Barbara Block Snyderman. The Motivation to Work.
+Second Edition. New York: John Wiley & Sons, Inc., 1959.
+Hillier, Fredrick S. and Gerald J. Lieberman. Introduction to Operations Research. Fifth
+Edition. New York: McGraw-Hill Publishing Co., 1990.
+Hofstede, G. H. Culture's Consequences: International Differences in Work-Related Values.
+Beverly Hills: Sage Publications, 1984.
+Hsee, Christopher K., and Elke U. Weber. "Cross-National Differences in Risk Preference and
+Lay Predictions." Journal of Behavioral Decision Making, Vol. 12, 165-179 (1999).
+INSNA. "Links to Machine Readable Data Sets."
+Http://www.heinz.cmu.edu/project/INSNA/data_inf.html. Dated December 8, 2000.
+
+Kerchner, Philip M. A Value-Focused Thinking Approach to Psychological Operations. Masters
+Thesis, AFIT/GOR/ENS/99M-07. Wright-Patterson AFB, March 1999.
+Kelton, David W. and Averill M. Law. Simulation Modeling and Analysis. Second Edition.
+New York: McGraw-Hill, Inc., 1991.
+Kinship, Networks, and Exchange. Eds. Thomas Schweizer and Douglas R. White. Cambridge:
+Cambridge University Press, 1998.
+Kirkwood, Craig W. Strategic Decision Making. Belmont: Duxbury Press, 1997.
+Leinhardt, Samuel. Social Networks, A Developing Paradigm. New York: Academic Press,
+Inc., 1977.
+Love, Robert,
+James Morris, and George Wesolowsky. Facilities Location. New York: North-
+Holland, 1988.
+Makridakis, Spyros, et. al. Forecasting:
+Methods and Applications. Second Edition. New
+York: John Wiley and Sons, 1983.
+Maslow, Abraham H. Motivation and Personality. New York: Harper & Row, 1954,
+Massarik, Fred. "Chaos and Change: Examining the Aesthetics of Organization Development."
+Advances in Organizational Development. Ed. Fred Massarik. Norwood: Ablex
+Publishing Corp., 1990 (1-10).
+McGinnis, L. F., and V. Venkata Rao. "On Goal Programming." Proceedings of the 13TM Annual
+Meeting Southeaster Chapter of TIMS. Ed. John Hebert. October, 1977.
+Mendenhall, William, Dennis D. Wackerly, and Richard L. Sheaffer. Mathematical Statistics
+with Applications. Fourth Edition. Belmont: Duxbury Press, 1990 (241-246).
+Mischel, Walter. Personality and Assessment. Mahwah: Lawrence Erlbaum Associates, 1968.
+Myers, Isabel B. Introduction to Type. Sixth Ed. Palo Alto: Consulting Psychologists Press, Inc.,
+1998.
+Pilarz, Wolfgang. "Ways to Different Organizaitons: OD, OT, or HSD? That is Not the
+Question." Advances in Organizational Development. Ed. Fred Massarik. Norwood:
+Ablex Publishing Corp., 1990 (165-196).
+Pospelov, D.A. Situational Control: Theory and Practice. Moscow: Nauka Publishers, 1986.
+Quenk, Naomi L. In The Grip: The Hidden Personality. Palo Alto: Consulting Psychologists
+Press, Inc., 1996.
+Rao, Singiresu S. Engineering Optimization Theory and Practice. Third Edition. New York:
+John Wiley and Sons, Inc., 1996.
+'
+Renfro, Rob, et al. Modeling Individual Behavior. AFIT/CMSA Technical Report 99-01.
+Wright-Patterson AFB, August 1999.
+?
+Romero, Carlos. Handbook of Critical Issues in Goal Programming. Oxford: Pergamon Press
+1991.
+Samenow, Stanton E. Straight Talk About Criminals. Northvale: Jason Aronson, Inc., 1998.
+SIAM User's Manual. Version 3.0. Science Applications International Corporation, September
+1998.
+Schein, Edgar H. "Back to the Future: Recapturing the OD Vision." Advances in Organizational
+Development. Ed. Fred Massarik. Norwood: Ablex Publishing Corp., 1990 (13-26).
+Sokoya, Sesan K. "Hofstede's Cultural Dimensions of Values and Personal Value Orientation of
+Nigerian Managers: Implications for Management Practice." International Journal of
+Value-Based Management, Vol. 11, 225-235 (1998).
+Soukhanov, Anne H., and Kaethe Ellis, Eds. Webster's II: New Riverside University Dictionary.
+Boston: The Riverside Publishing Company, 1984.
+Stanton, William J. Fundamentals of Marketing. Berkeley: McGraw-Hill Book Company,
+1971.
+Tumu, Akii and Polly Wiessner. "The Capacity and Constrains of Kinship in the Development
+of the Enga Tee Ceremonial Exchange Network (Papua New Guinea Highlands)."
+Kinship, Networks, and Exchange. Eds. Thomas Schweizer and Douglas R. White,
+Cambridge: Cambridge University Press, 1998.
+Ulrich, Werner. Critical Heuristics of Social Planning. Chichester: John Wiley and Sons, 1983.
+Watts, Duncan J. Small Worlds. Princeton: Princeton University Press, 1999,
+West, Douglas B. Introduction to Graph Theory. Upper Saddle River: Prentice Hall, 1996.
+White, Jeffery B. "A Different Kind of Threat: Some Thoughts on Irregular Warfare."
+Unpublished paper dated February 2, 1998.

markdown/misc/sovereign.md

@@ -0,0 +1,143 @@
+# I N T E L L I G E N C E  A S S E S S M E N T
+
+(U//FOUO)  Sovereign Citizen Extremist Ideology Will Drive Violence at Home, During Travel, and at Government Facilities
+5 February 2015
+Office of Intelligence and Analysis IA-0105-15
+(U)  **Warning:** This document is UNCLASSIFIED//FOR OFFICIAL USE ONLY (U//FOUO).  It contains information that may be exempt from public release under the Freedom of Information Act (5 U.S.C. 552).  It is to be controlled, stored, handled, transmitted, distributed, and disposed of in accordance with DHS policy relating to FOUO information and is not to be released to the public, the media, or other personnel who do not have a valid need to know without prior approval of an authorized DHS official. State and local homeland security officials may share this document with authorized critical infrastructure and key resource personnel and private sector security officials without further approval from DHS.
+(U)  This product contains US person information that has been deemed necessary for the intended recipient to understand, assess, or act on the information provided.  It has been highlighted in this document with the label **USPER** and should be handled in accordance with the recipient's intelligence oversight and/or information handling procedures.  Other US person information has been minimized.  Should you require the minimized US person information, please contact the I&A Production Branch at IA.PM@hq.dhs.gov, IA.PM@dhs.sgov.gov, or IA.PM@dhs.ic.gov.
+
+# (U//Fouo)  Sovereign Citizen Extremist Ideology Will Drive Violence At Home, During Travel, And At Government Facilities
+
+(U//FOUO)  Prepared by the Office of Intelligence and Analysis (I&A).
+
+Coordinated with FBI.
+
+## (U)  Scope
+
+(U//FOUO)  This *Assessment* is based on an I&A review of 24 law enforcement investigations into acts and threats of sovereign citizen extremist (SCE) violence since 2010, detailing locations, targets of violence, and their statements about the violence, when available.*  It is intended to inform law enforcement at the federal, state, and local levels about the nature and circumstances of SCE violence to help officers prepare for, anticipate, and ultimately avoid violent incidents. Most sovereign citizens are non-violent, and this assessment applies only to those that use violence to advance their goals. This *Assessment* stems from law enforcement feedback on a 2013 analysis of the geographic distribution of SCE violence (see "(U//FOUO) Limited Reporting Suggests Sovereign Citizen Extremist Violence Most Common in Southern and Western United States," dated 27 February 2014). (U//FOUO)  For this review, I&A counted only violence perpetrated by identified SCEs for ideological reasons that involved shootings, assaults, plots to commit violence, and credible violent threats against law enforcement, government personnel, and public officials.  All incidents were reviewed by multiple I&A analysts to validate ideological motives.  This data set may not be comprehensive of all SCE violence and threats of violence, and is limited by the difficulty in discerning the ideological motivations behind some crimes, which could increase the number of violent incidents by SCEs that were not recognized or reported as stemming from ideological reasons.  Additional information from state and local partners could assist efforts to better understand the nature and breadth of these activities.
+* (U//FOUO)  DHS defines SCEs as groups or individuals who facilitate or engage in acts of violence directed at public officials, financial institutions, and government facilities in support of their belief that the legitimacy of US citizenship should be rejected; that almost all forms of established government, authority, and institutions are illegitimate; and that they are immune from federal, state, and local laws.
+
+## (U)  **Key Judgments**
+
+(U//FOUO)  I&A assesses that SCE violence during
+2015 will occur most frequently during routine law
+encounters at a suspect's home, during
+enforcement stops and at government offices.
+
+(U//FOUO)  I&A assesses that SCE violence over the
+next year will remain at the same sporadic level,
+consisting primarily of unplanned, reactive violence
+targeting law enforcement officers during active
+enforcement efforts.
+
+(U//FOUO)  SCE Ideology Will Prompt Violence
+in Specific Circumstances and Locations
+
+(U//FOUO)  I&A assesses that most SCE violence will
+continue to occur most frequently at SCE homes, during
+routine traffic stops, or at government offices due to their
+perception that their individual rights are being violated.
+SCE violence took place in these three circumstances in 19
+of the 24 instances of SCE violence since 2010.  SCEs
+perceive that law enforcement efforts and judicial actions
+infringe upon key personal rights and individual
+sovereigntysuch as the right to travelmost strongly
+during these circumstances.  SCEs believe they personally
+can ignore laws and act according to their own sovereign
+citizen ideology.  Consequently, when SCEs perceive
+government representatives directly infringing on their
+rights and freedoms in an irrevocable waysuch as police
+serving a warrant or a judge ruling against legal filings
+intended to tie up court proceedingsSCEs resort to
+violence.
+
+
+(U)  Victor WhiteUSPER, an Odessa, Texas SCE, engaged
+in a 22-hour armed standoff and gun battle with police in 2010 and was convicted of shooting two officers and a utility worker.  White initiated the violence because the police officer was escorting the utility worker onto
+White's property.  White claimed he was "defending
+and protecting my dignity and the sovereignty of my domain" in a jailhouse interview with media.
+
+(U)  A SCE father and son claimed police had no authority over them and refused to produce identification when stopped for a traffic violation in
+Louisiana in 2012.  The son then allegedly shot and wounded the police officer who stopped them with an AK-47 assault rifle before fleeing the scene.  Later that day, police officers located the suspects at a residence in a mobile home park.  The son emerged from the home and allegedly started shooting, killing two police officers and wounding two others, according to media reports.
+
+(U)  A Denver-based SCE threatened a state employee who handled his unresolved tax dispute with a hoax terrorism letter in 2012.  He was convicted after sending an envelope containing white powder specifically to the employee, resulting in the evacuation of a Colorado Department of Revenue building,
+according to media reports.
+
+## (U)  Sovereign Citizen Extremist Ideology
+
+(U//FOUO)  SCEslike their non-violent sovereign citizen counterpartsbelieve they are immune from federal, state, and local laws and that many Constitutional amendments are false.  They reject the authority of the government, law enforcement, and the courts because they think these entities are actually commercial entities that cannot compel participation in a commercial contract (although many sovereign citizens recognize the law enforcement authority of the elected sheriff).  Many believe that US born citizens can use their birth certificates to access secret US Treasury bank accounts to pay debts and fines.  SCEs believe they have unfettered authority to travel "on the land" and avoid paying taxes and fees.  Sometimes they create their own parallel government institutions, such as courts and grand jurieswhich have no legal authorityto support their claims.
+
+## (U//Fouo)  Sce Violence Is Personal, Not Symbolic
+
+(U//FOUO)  I&A assesses that SCE tactics differ from most violent extremists in that their attacks are reactive and personal, rather than symbolic.  Other domestic terrorists typically attack symbolic targets to oppose laws and policies they disagree with rather than certain individuals.*  By contrast, even when SCEs plot their violence over time or threaten attacks, it is often in direct response to an ongoing personal grievance, such as an arrest or court order.
+In almost all of the 24 incidents we reviewed, the targets were the specific individuals who the SCE perceive violated their rights, rather than public symbols or anonymous representatives of the government.  While other domestic terrorists may be motivated by personal grievances as well as ideology, rarely do they target a specific individual.
+
+
+(U)  A Washington-based SCE was convicted in
+December 2011 for threatening to arrest and kidnap specific law enforcement and government officials involved in giving him a traffic citation, according to the Department of Justice.
+
+(U)  Francis Shaeffer CoxUSPER, an Alaska-based SCE, conspired to kill a US district court judge and an
+intended to intimidate or coerce a civilian population, to influence the policy of a government by intimidation or coercion, or to affect the conduct of a government by mass destruction, assassination, or kidnapping.  A domestic terrorist differs from a homegrown violent extremist in that the former is not inspired by, and does not take direction from, a foreign terrorist group or other foreign actor.
+
+Internal Revenue Service officer in March 2011.  He targeted them in retaliation for their involvement in law enforcement and judicial actions against him, according to media reports of his trial and conviction.
+
+
+(U//FOUO)  Other recent domestic terrorism attacks
+committed by individuals motivated by anti-government ideologies but who are not SCEs targeted random law enforcement and government employees due to their symbolic value as targets rather than a personal grievance against those individuals, according to case documents.  These cases include the shooting attack on three TSA agents at Los
+Angeles International Airport in November 2013 (killing one); the murder of two Las Vegas policemen
+and a civilian in May 2014 by Jerad and Amanda Miller (who were killed during the attack); and Eric Michael FreinUSPER, who allegedly shot and killed a policeman and injured another in September 2014.
+
+## (U//Fouo)  Sces Will Continue To Attack Police Officers Because Of Their Enforcement Role
+
+(U//FOUO)  I&A assesses law enforcement officers will remain the primary target of SCE violence over the next year due to their role in physically enforcing laws and regulations.  While judges and other government officials often earn SCE ire, SCEs typicallythough not alwaysrespond to judicial decrees and regulatory actions by disputing them on paper through extensive legal claims before engaging in violent plots, and rarely attack symbolic targets.  By contrast, law enforcement actions often involve direct personal (and physical) confrontations that SCEs perceive as provoking an immediate physical response for "self-defense."
+
+
+(U//FOUO)  Law enforcement officers were targeted in 83 percent (20 of 24) of violent sovereign citizen
+incidents between 2010 and 2014, according to a review of DHS, law enforcement, and open source data.
+
+(U)  An alleged SCE shot two federal and state law enforcement officers in California in June 2014.  He justified his actions in a local media interview by claiming that the law enforcement officers were there "to provoke me" and "murder me if possible."
+
+(U)  Earl Cranston Harris, an Oregon SCE, was shot
+and killed after threatening to shoot deputies who came to his home to enforce an eviction order stemming from a long-running, but previously peaceful, property dispute in June 2014, according to media accounts.
+
+(U//FOUO)  An alleged SCE made a series of verbal and written threats to CBP and other law enforcement officials at a port of entry between 2010-2013, including mailing threatening statements and manifestos, simply for processing him at the international border.  He threatened to retaliate
+against law enforcement if they continued to stop and question him during border crossings, according to DHS reporting.
+
+## (U)  Outlook
+
+(U//FOUO)  Barring any significant change in SCE ideology, a major event, or a charismatic leader that advocates for more assertive violence in support of SCEs' perceived rights, I&A assesses the sporadic pattern and level of violence at homes, traffic stops, and government sites will continue through 2015.  However, each individual is unique and may have different interpretations of SCE ideology, especially since there is no agreed-upon dogma or national leader.  Some domestic terrorists may combine elements of SCE ideologies with other, more aggressive violent antigovernment perspectivessuch as militia extremism.*
+Consequently, such individuals likely pose a greater threat of proactive violence than other SCEs.
+
+## (U)  Source Summary Statement
+
+(U//FOUO)  This Assessment is based on a large body of law enforcement and open source reporting from DHS, state and local law enforcement, the FBI, court documents and the media.  The law enforcement reports and court documents typically have high credibility and rely on witness testimony and facts established through law enforcement investigation. The media reports range in reliability from moderate to high, but all incidents have also been reviewed by either FBI or local fusion center analysts, giving us **high confidence** in the factual reporting of these cases.  We have **high confidence** in our judgment that SCE violence during 2015 will continue to occur most frequently during routine law enforcement stops and encounters at a suspect's home, followed by government offices, because it is based on our review of these incidents and the consistency of basic sovereign citizen ideology that has been established over many years.  We also have high confidence in our assessment that most SCE violence over the next year will remain at the same sporadic level and will consist primarily of unplanned, reactive violence targeting law enforcement officers during active enforcement efforts.  We have seen no changes in basic SCE ideology and the trends displayed since 2010 stem from this ideology.  Additional FBI reporting on plotting by SCE groups could alter our assessment, but existing reporting supports our assessments above.
+
+## (U)  Report Suspicious Activity
+
+(U)  To report suspicious activity, law enforcement, Fire-EMS, private security personnel, and emergency managers should follow established protocols; all other personnel should call 911 or contact local law enforcement.  Suspicious activity reports (SARs) will be forwarded to the appropriate fusion center and FBI Joint Terrorism Task Force for further action.  For more information on the Nationwide SAR Initiative, visit http://nsi.ncirc.gov/resources.aspx.
+
+(U)  Tracked by: HSEC-8.2, HSEC-8.5, HSEC-8.6, HSEC-8.8, HSEC-8.10
+
+## Office Of Intelligence And Analysis Customer Feedback Form Product Title: (U//Fouo)  Sovereign Citizen Extremist Ideology Will Drive Violence At Home, During Travel, And At Government Fa
+
+1. Please select partner type:                                                           and function: 2. What is the highest level of intelligence information that you receive? 3. Please complete the following sentence: "I focus most of my time on:" 4. Please rate your satisfaction with each of the following:
+5. How do you plan to use this product in support of your mission?  (Check all that apply.)
+
+## 6. To Further Understand Your Response To Question #5, Please Provide Specific Details About Situations In Which You Might Use This Product. 7. What Did This Product Not Address That You Anticipated It Would? 8. To What Extent Do You Agree With The Following Two Statements?
+
+This product will enable me to make better decisions regarding this topic.
+
+This product provided me with intelligence information I did not find elsewhere.
+
+## 9. How Did You Obtain This Product? 10. Would You Be Willing To Participate In A Follow-Up Conversation About Your Feedback?
+
+To help us understand more about your organization so we can better tailor future products, please provide:
+                  Name:
+      Organization:
+Contact Number:
+
+Initiate your own regional-specific analysis Initiate your own topic-specific analysis
+Develop long-term homeland security strategies
+
+
+Submit Request

markdown/misc/uap-fy2023.md

@@ -0,0 +1,12 @@
+CLEARED
+For Open Publication
+
+Oct 17, 2023
+
+Department of Defense OFFICE OF PREPUBLICATION AND SECURITY REVIEW
+
+UAP Attribution: The assessed natural or artificial source of the phenomenon and includes solar, weather, tidal events; U.S. Government, scientific, industry, and private activities; and foreign (allied or adversary) government, scientific, industry, and private activities.
+
+UAP Risk: A safety hazard to persons, materiel, or information (e.g., from collision).
+
+UAP Threat: A force-protection and/or national- security threat to persons, materiel, or information by UAP that demonstrate hostile intent.