Homeland Security Requires Internet-Based Thinking—Not Just Technology

W. David Stephenson

January 2002

Three fundamental characteristics of the Internet and World Wide Web—their ability to empower individuals, to close the loop, and to link everything—make them the ideal “digital nervous system” for a unified homeland security system.[1] Building on a foundation of federal e-government initiatives already under way, such as the State Department’s Overseas Presence Interagency Collaboration System and President Bush’s e-Government Task Force, can jump-start such an integrated Internet strategy—as well as hasten realizing the benefits of the President’s e-Government recommendations. It can even stimulate the economy.

However, the most difficult aspect of this transition is more organizational than technological. The Internet now allows us to think and act in fundamentally different ways. Those methods, especially thinking in terms of whole systems (including how to integrate homeland security and other initiatives to improve governmental efficiency and reduce costs) and in terms of cyclical, iterative processes, are radically different than those possible when communication was of necessity linear. They are ways that are ideally matched to the challenge at hand, but difficult to grasp for those rooted in conventional communication.

The record so far shows a considerable gap between the potential of Internet technology in homeland security and the way it has actually been deployed, especially in the crucial first hours on 11 September and in the early days of the anthrax crisis.[2] According to a November 2001 article in Federal Computer Week, Immigration and Naturalization Service technology director Scott Hastings finds that shift in thinking lacking: “It’s scary to see where we’re leaping to. There is no clearly defined federal architecture” and there are no business objectives.[3] It is likely that the reason for the gap is the lag between new technology and internalizing new ways of thinking to capitalize upon it.

This article outlines the shift to “Internet thinking” for homeland security and its benefits. It dwells at length on how each of the three aspects of the Internet’s structure will facilitate critical components of a unified homeland security system, but only if we couple the technological options the Internet’s structure presents with parallel changes in thinking:

Conventional Communication Versus Internet Thinking: From Railroads to Webs

In the past, when the primary forms of communication and information exchange were based on either paper or phone conversations, we were severely constrained in how we communicated. That in turn constricted thinking into linear, sequential forms. These limits are now so ingrained that, although the Internet allows us to transcend them technologically, it will take a conscious effort to do so.

For example, documents, especially ones dealing with complex and highly significant issues (such as security and defense), had to go through slow and linear review and approval processes. A superior had to review the document, return it to the author for comment, and then repeat the process as it moved up the chain of command. It was slow, but there was no alternative. Similarly, phone-based or face-to-face conferencing required that all participants be available at the same time: there was no provision for those with a scheduling conflict to participate.

These technology limitations were severe enough in their own right. Even worse, they artificially constrained the ways we thought to linear and hierarchical ones. To visualize the kind of thinking that old communications media encouraged, the best analogy would be to the mighty symbol of that era, the railroad. It was powerful, overwhelmed obstacles by obliterating them, and could do two things well: go forward and go backward. The railroad, and linear thought and communications, built the United States into an industrial colossus.

Unfortunately, the challenges we face in homeland security can’t be solved by might or by linear thinking. We need to adapt to rapidly changing conditions and to communicate and think in terms of all options and relationships. For that, a more appropriate analogy would be to the spider web. The spider creates a new web every day, and one that adapts to current circumstances rather than trying to impose itself. The ideal communications tool for such a challenge is the World Wide Web, and a new kind of thought: Internet thinking.

In 1945, presidential science advisor Vannevar Bush raised the idea of what he called the memex, a device that would free communication from linear constraints. It would mimic the mind’s way of working—organizing information not in a linear fashion but by association, “creating an intricate web of trails interconnecting the memories and data stored within the mind,” according to Leon Bantjes.[4] This device would let the user create a wide range of paths between individual pieces of information. “The memex would also allow the user to annotate any piece of information, enter their own information, and link it to the existing web of trails.” Bush’s article, “As We May Think,” which appeared in Atlantic Monthly in July 1945, is now generally acknowledged as the theoretical origin of hypertext and the World Wide Web.

Twenty years later, Ted Nelson formalized the concept and coined the term hypertext. It refers to “non-sequential writing—text that branches and allows choices to the reader … a series of text chunks connected by links which offer the reader different pathways.”[5]

With hypertext, and especially with the limitless linkages allowed by HTML, the system to create links that underlies the World Wide Web, we can now go beyond linear thinking. Instead, we can link a wide range of ideas and thoughts that leave the power in the hands of the reader to explore related topics rather than just a single linear argument.

However, allowing us to link various thoughts in a nonlinear fashion is one thing. Capitalizing on it is another, and that’s the challenge facing homeland security as well: the issue transcends any one agency, any one data base, even any one country, and can be addressed and ultimately solved only by overcoming ingrained habits of protecting and rewarding proprietary information. Some businesses have addressed the problem in part by including financial incentives for those who share information with their peers. Doubtless, other incentives will be introduced over time. However, at present, the best incentive is for the senior policy makers in each agency to lead by example, sharing information with others in the homeland security “community of interest,” exhorting their staff to follow suit, and—when all else fails—disciplining those who don’t follow their example.

How, then, does this new way of thinking manifest itself, and how can it improve homeland security?

”Internet Thinking” Empowers Individuals

First, the Internet must be used to empower individuals in the homeland security effort.

Informed, empowered individuals can act on their own either in a crisis or in preventing one, without having to wait helplessly until they are told what to do or jamming already overtaxed phone lines with requests for information. Because of such a shift, emergency response would become a partnership between the public and government, instead of requiring authorities to micromanage the entire effort. The need for such a partnership is dictated in part by reality: with most American communication infrastructure owned by the private sector, partnership is a necessity. It would be similar to the World War II civilian volunteer involvement in civil defense, when people used spotter cards showing the outlines of Axis planes to watch the skies for possible invaders, then reported them.

The limits of the existing emergency broadcast system, the Emergency Alert System, have undermined any effort to build such a partnership. “The existing warning system in this country is quite ineffective,” Peter Ward, of Partnership for Public Warning, told The Boston Globe.[6] One must be near a radio or TV in order to be alerted to an emergency, whether manmade or natural, and the communication is only one-way. The inability to tailor the response steps needed based on the individual’s precise location at the time if evacuation or other steps are necessary means that the messages broadcast must be uniform and of the lowest common denominator. We see the results every hurricane season, when traffic jams the main evacuation routes.

Contrast that uniformity and lack of relevant detail with individual Internet users’ ability to customize the information they receive from the Internet. That is especially true with portal technology that lets individuals choose from a wide range of content what is best suited to their own needs. Within corporations, intranet portals make workers more productive.[7] President Bush’s e-Government Task Force has made creating portals a priority, as a way both to empower federal employees and to allow individual citizens to find and use those services, out of the vast array offered by the federal government, that are most appropriate to their needs.[8]

Electronic Variation on WWII Spotter Cards

A combination of wireless devices such as personal digital assistants (PDAs) and cell phones, with content customized via a portal, could be the contemporary equivalent of the plane spotters’ cards for homeland security. As 11 September illustrated, their mobility and their ability to still operate during a disaster, when fixed wire communications may be interrupted, make wireless devices ideal for this function.[9] The next generation of wireless devices will integrate PDA and phone functions, increasing their versatility and the amount of information that can be stored in advance for reference in an emergency. Such a wireless emergency system is particularly important because the burden for response to emergencies usually falls on municipalities, which have widely varying capacities and may be financially overwhelmed if they have to assume new functions. Such a system would allow for localized response without requiring municipalities to add expensive new infrastructure.

However, to achieve the full potential of mobile communications in homeland security, the FCC must enforce the mandate for wireless E911 systems, which could locate to within 50 to 100 feet a mobile device sending an emergency message. Despite an FCC deadline of 1 October 2001, E911 at present is in effect statewide only in Rhode Island.[10]

Many Benefits for Such a System

Such a system could have a variety of important uses:

• Issue instant text-based alerts in case of an emergency. One private vendor, Textgram, is already creating what it calls a National Wireless Emergency Alert System that allows government emergency agencies to broadcast warnings of terrorist attacks, biochemical warfare, and ecological disasters to anyone with a mobile phone.[11]
• Provide emergency building evacuation information that a businessperson could download before attending a meeting in an unfamiliar high-rise building (that means the same information would also be available to terrorists, but the benefits would seem to outweigh the risks). Similarly, Aether Systems’ PocketRescue lets fire and emergency personnel wirelessly access (and, in non-emergency daily operations, update) building records that include occupancy data, certifications, and hydrants. An assistant chief of Broward County Fire Rescue, which has tested the application, told Mobileinfo.com that the application helps the “fire prevention staff to complete accurate re-inspections while reducing time spent thumbing through paper files.”[12]
• Disseminate an electronic variation on the Post Office 10 Most Wanted lists. This could include digital photos of wanted terrorists that people could use to easily compare with suspicious persons they might have seen in public. The system could also be programmed to alert authorities to a suspicious person through a single-button text-based system that wouldn’t put the tipster at risk.

Eventually, it might mean real-time, customized notices that would send individuals differing evacuation routes depending on their exact positions at the time of an emergency, potentially reducing traffic jams. Trucking companies already benefit from similar location-based systems, using software based on the simplex method of optimization.[13]

Need Interactive System to Report Tips—And Protect the Innocent

To foster the active involvement of empowered individuals in homeland security, an interactive system would make it easy for individuals to alert the FBI and other agencies to a potential terrorist threat and to do so in a methodical way.

The hundreds of thousands of tips to the FBI since 11 September show that the public wants to help. However, unless those designing response systems think in terms of the Internet’s potential to alter communications, well-meaning tipsters may both clog the system and soon feel that their efforts are meaningless. For example, the “Tips and Public Leads” form on the FBI Web site doesn’t distinguish between helpful, but non-critical, tips and immediate threats to a nuclear plant. An interactive reporting form including a decision tree that would guide a person through criteria to assign a potential threat to one of several levels of urgency for response would educate the public both about how to recognize potential threats and how to prioritize their tips.

Equally important, if the tip form were revised, the resulting structured data could be instantly available, using XML (see below) to all relevant law enforcement and intelligence personnel, under the PATRIOT Act. Critical information could be acted upon immediately, rather than having to wait until a clerk had gotten around to transferring information from the tip Web site to other data bases.

Back-end analysis tools to interpret this data could be effective to help investigators identify priorities and make the investigative process more efficient.[14]

Such an aggregation of information about individuals raises serious civil liberty concerns. However, bringing all of this information together automatically might actually protect individuals.

In the author’s opinion, the Justice Department’s record since 11 September of locking up people who were later released without any charges being filed, simply on the basis of mistaken identity, their appearance, or “tips” from spiteful ex-wives, etc., has been deplorable and will be treated harshly by history. It undermines much of the United States’ claims to moral superiority in the fight for global public opinion. A seamless flow of information might show arresting authorities that in fact a person has a blemish-free record and that they should act with discretion.

Internet Thinking Leads to Closed-Loop Processes

Second, we must use the Internet to design closed-loop processes to speed learning and apply it rapidly.

Breaches in airport security before 11 September were reported to authorities but weren’t acted upon, unbeknownst to those filing the reports. Individual agencies were aware in advance that at least one hijacker (Mohammed Atta) was in the country illegally, but they didn’t share information to coordinate a response. Even worse, the deaths of postal workers who weren’t tested for anthrax showed retroactively what happens without real-time information sharing by all involved and mapping processes (see below) that would have made it easy to document who might have been involved in a process such as mail sorting.

Businesses used to suffer from similar lapses of information sharing when paper-based reporting and linear communication were the only available method. Now, companies use Internet-enabled Customer-Relationship Management software so that all information about an individual customer is at the fingertips of the person dealing with that customer. Seizing on the similarity between that need and government’s needs to give those dealing with a potential terrorist information gathered by all agencies, one leading Customer-Relationship Management vendor, Siebel Systems, is marketing a “Solutions for Homeland Security” package. It allows agencies to coordinate information sources (including maps and other spatial data) and communicate it via phone, fax, email, Web, or face to face.[15]

In the case of homeland security, if there were cyclical processes, a tipster would be notified automatically that her complaint wasn’t acted on within a given period, and a supervisor would be automatically notified, who could both act and discipline the non-responder.

Equally important, Internet-based systems—and thinking—would allow information to be fed back so that security processes could be continuously revised based on real-life experience. This is particularly important in a situation such as the current crisis, in which officials must deal with situations that were unimaginable in prior scenario planning. That’s unfortunate, but at least we can make certain that as seat-of-the-pants learning does occur, others may share from the insights without having to repeat the same errors.

Systems Thinking Overcomes Isolation

Designing in feedback loops and facilitating information sharing will require two important changes in government thinking processes to capitalize on the full power of new Internet technology.

The first is systems thinking. Pioneered by Prof. Jay Forrester at MIT (and popularized as a business tool by his student Peter Senge in The Fifth Discipline),[16] systems thinking involves looking at all aspects of a complex situation as they interrelate and influence each other, rather than simply analyzing each component in isolation, and to understand the underlying patterns of interrelationships that are responsible for behavior and the events. As systems theorist Barry Richmond says, it requires seeing both forests and trees.[17]

A crucial tool for systems thinking is process mapping. You identify the participants in a process, the kinds of information gathered and action taken, and how that information flows from one step to another (see the example below of a process map that Richmond did using High Performance Systems’ iThink software to model the growth of terrorism and steps to control it).[18]

This is the sort of process that had to be done on a crisis basis retroactively to trace the route of anthrax-contaminated letters. Had process mapping been done prospectively, as part of an effort to streamline mail delivery, lives—and money—might both have been saved. The crucial goal in a process-mapping–based systems approach to homeland security would be to identify all of the places where information gathered by one agency should flow automatically because that data could also be valuable to others. It should also identify current processes that conclude in a “dead end,” where data is simply archived (vs. being acted upon), isn’t revised on a timely basis, and does not provide insights to revise processes based on relevant experience.

Ideally, with such a system, the old linear, paper-based information flows—which of necessity meant that important information would end up in file cabinets or data bases—should now be replaced with cyclical ones. They should be designed so that information automatically flows back to the beginning of a process so that the process can be fine-tuned—or eliminated if it doesn’t provide value.

Figure 1: Process map of possible anti-terrorism strategy, by Barry Richmond, keynote address,
2001 Systems Thinking in Action Conference.

Systems Thinking Also Requires Knowledge Management

Second, systems thinking requires government-wide knowledge management (KM) programs.

KM uses Internet-based technology to identify all of the knowledge resources residing within an organization, from documents to data bases, and, most important, the tacit knowledge formerly residing only in the memory and thoughts of individual workers. KM then brings this information together in ways that everyone working on a new problem can tap the legacy of experience and insights. According to KM expert Karl-Erik Sveiby, it requires a shift in thinking that would be daunting for any organization, let alone one as complex as the federal government: “You have to be able to visualize your organization as consisting of nothing but knowledge and knowledge flows. This is a different mind set from the industrial era paradigm.”[19]

State Department System Takes the Lead

Encouragingly, the State Department, working with consultants from Accenture, has created an important first step toward such a KM system, with the prototype for the Overseas Presence Interagency Collaboration System. This project was launched in response to the lack of intelligence revealed by the 1998 bombings of the U.S. embassies in Kenya and Tanzania.

The system will provide “leading-edge knowledge management and collaboration tools over an intranet to 40 federal agencies with overseas operations.” Fortunately, according to State Department CIO Fernando Burbano, “Even though [this system] is for foreign-affairs agencies, it’s the same 40 agencies that need to communicate domestically [for homeland security]. The same software and hardware could be used.”[20]

Burbano understands the need for a shift in thinking to KM, not just sharing data. “The big thing here is knowledge management. This isn’t just a network. What is knowledge management? In my view, it’s getting the right information to the right people at the right time regardless of their location to support decision-making in a distributive fashion.”

One important feature of the Overseas Presence Interagency Collaboration System is that it will allow users to create “communities of interest” that will instantly bring together experts from multiple agencies who must coordinate to track and avoid new threats. According to Network World, global deployment of the system isn’t expected until FY 2004, but Burbano says the schedule could be accelerated.[21]

“Internet Thinking” Links Everything

Finally, Internet thinking allows agencies to link everything.

This characteristic of the Internet—and the new way of structuring government processes that it allows—relates closely to the prior one of designing closed-loop systems and knowledge management systems to share data.

As Mark Forman, the Office of Management and Budget’s associate director for information technology and e-government, wrote in a presentation launching president Bush’s e-government initiative, a key goal of e-government must be to integrate “islands of automation.”[22]

This ability to link everything is the Internet’s most powerful attribute to overcome lack of coordination among the homeland security agencies. With the Internet, for the first time it becomes possible to share data seamlessly and with many users simultaneously.

For example, take the problem of the voluminous data on threats that each agency accumulates, but which is difficult to share. The reasons aren’t just institutional barriers such as agency rivalries, but also technological ones, particularly the cost of replacing legacy databases—compiled using a wide range of vendor technologies—with a current, unified architecture.

XML Is an Essential Tool—And Can Pay Economic Benefits

Companies such as Fidelity Investments facing the same problem of incompatible legacy systems are unifying their databases using Extensible Markup Language, or XML. In the case of homeland security, adding XML “tags” such as <OUTSTANDING ARREST WARRANTS> to existing data bases would let data from one agency flow automatically via the Web to another, where it could be acted upon without human intervention. Intelligence data formerly locked in one agency’s database could be shared seamlessly by others in real time.

“If the systems are legacy ones and a mixture of structured data, such as criminal records, and unstructured data, such as evidence, INS records, etc., XML is really good at encoding documents, by providing an arbitrary system. XML is the only unifying layer,” says Ronald Schmelzer, senior analyst at ZapThink, the only analyst group focused on XML.[23]

XML offers an additional bonus to government given the current harsh economic climate. Widespread adoption of XML could also be an important global economic stimulus, while cutting the cost of delivering government services. That is because an XML subset, ebXML, deals specifically with business process needs. The UN is ebXML’s strongest proponent, seeing it as a way to allow frictionless global commerce, not only between large and small nations, but also large and small businesses.

Similarly, another XML subset, XBRL, or Extensible Business Reporting Language, is used to describe financial statements and was designed to make the business reporting supply chain more efficient and streamlined. According to InfoWorld, XBRL could simplify and speed the tracking of suspicious fund transfers and possible money laundering similar to those allegedly done by al-Barrakat. All U.S. financial institutions must file reports on such activities with the FBI. Because those reports are now on paper, agents were forced to manually read the reports after 11 September to try to document the terrorists’ money trail. “If the FBI and financial institutions used XBRL, the information would be easier to retrieve and do the analysis the FBI needs … The time of processing documents goes from weeks, hours, and days to seconds,” according to Mike Willis, a PricewaterhouseCoopers partner.[24]

What if the global business community were to collaborate with the United Nations and their own governments to implement ebXML, XBRL, and XML in general on a crash basis? Global security would benefit immediately because of the seamless flow of security data. Accelerated, universal rollout of ebXML and XBRL would cut operating costs of governments here and abroad while stimulating the global economy.

“Smart” Passports

The business community would benefit from smart passports, since the passports would cut down on the time spent on the more rigorous security check-ins now required at airports. Economically, these specialized cards would speed public acceptance of “smart” cards in general, which can significantly reduce transaction processing costs, fraud, and other costs.

Will Government Grasp the Internet’s Full Strategic Power?

Inevitably, the Internet will play a major role in the Office of Homeland Security’s planning. The critical test will be whether the Internet is just employed tactically, as an alternative communications medium, or whether the Internet, and the new approaches to crisis planning that it allows—empowering individuals, closing the loop, and linking everything—fundamentally transform the way government acts now and in the future.