[House Hearing, 111 Congress]
[From the U.S. Government Printing Office]





          FLIGHT 253: LEARNING LESSONS FROM AN AVERTED TRAGEDY

=======================================================================

                                HEARING

                               before the

                     COMMITTEE ON HOMELAND SECURITY
                        HOUSE OF REPRESENTATIVES

                     ONE HUNDRED ELEVENTH CONGRESS

                             SECOND SESSION

                               __________

                            JANUARY 27, 2010

                               __________

                           Serial No. 111-51

                               __________

       Printed for the use of the Committee on Homeland Security
                                     











      Available via the World Wide Web: http://www.gpo.gov/fdsys/

                               __________

                  U.S. GOVERNMENT PRINTING OFFICE
56-189 PDF                WASHINGTON : 2011
-----------------------------------------------------------------------
For sale by the Superintendent of Documents, U.S. Government Printing 
Office Internet: bookstore.gpo.gov Phone: toll free (866) 512-1800; DC 
area (202) 512-1800 Fax: (202) 512-2250  Mail: Stop SSOP, Washington, DC 
20402-0001




                     COMMITTEE ON HOMELAND SECURITY

               Bennie G. Thompson, Mississippi, Chairman
Loretta Sanchez, California          Peter T. King, New York
Jane Harman, California              Lamar Smith, Texas
Peter A. DeFazio, Oregon             Mark E. Souder, Indiana
Eleanor Holmes Norton, District of   Daniel E. Lungren, California
    Columbia                         Mike Rogers, Alabama
Zoe Lofgren, California              Michael T. McCaul, Texas
Sheila Jackson Lee, Texas            Charles W. Dent, Pennsylvania
Henry Cuellar, Texas                 Gus M. Bilirakis, Florida
Christopher P. Carney, Pennsylvania  Paul C. Broun, Georgia
Yvette D. Clarke, New York           Candice S. Miller, Michigan
Laura Richardson, California         Pete Olson, Texas
Ann Kirkpatrick, Arizona             Anh ``Joseph'' Cao, Louisiana
Ben Ray Lujan, New Mexico            Steve Austria, Ohio
William L. Owens, New York
Bill Pascrell, Jr., New Jersey
Emanuel Cleaver, Missouri
Al Green, Texas
James A. Himes, Connecticut
Mary Jo Kilroy, Ohio
Eric J.J. Massa, New York
Dina Titus, Nevada
                    I. Lanier Avant, Staff Director
                     Rosaline Cohen, Chief Counsel
                     Michael Twinchek, Chief Clerk
                Robert O'Connor, Minority Staff Director













                            C O N T E N T S

                              ----------                              
                                                                   Page

                               Statements

The Honorable Bennie G. Thompson, a Representative in Congress 
  From the State of Mississippi, and Chairman, Committee on 
  Homeland Security..............................................     1
The Honorable Peter T. King, a Representative in Congress From 
  the State of New York, and Ranking Member, Committee on 
  Homeland Security..............................................     2
The Honorable Laura Richardson, a Representative in Congress From 
  the State of California:
  Oral Statement.................................................     5

                               Witnesses

Ms. Jane Holl Lute, Deputy Secretary, Department of Homeland 
  Security:
  Oral Statement.................................................    24
  Prepared Statement.............................................    26
Mr. Patrick F. Kennedy, Under Secretary, Management, Department 
  of State:
  Oral Statement.................................................    31
  Prepared Statement.............................................    33
Mr. Michael E. Leiter, Director, National Counterterrorism 
  Center:
  Oral Statement.................................................    36
  Prepared Statement.............................................    38

                             For the Record

The Honorable Bennie G. Thompson, a Representative in Congress 
  From the State of Mississippi, and Chairman, Committee on 
  Homeland Security:
  Statement Submitted by Eileen R. Larence, Director, Homeland 
    Security and Justice Issues, and Stephen M. Lord, Director, 
    Homeland Security and Justice Issues, Government 
    Accountability Office........................................     6
  Statement Submitted by the American Civil Liberties Union......    17

                                Appendix

Questions Submitted by Honorable Sheila Jackson Lee for Jane Holl 
  Lute, Deputy Secretary, Department of Homeland Security........    81
Questions Submitted by Chairman Bennie G. Thompson for Michael E. 
  Leiter, Director, National Counterterrorism Center.............    84
Questions Submitted by Honorable Christopher P. Carney for 
  Michael E. Leiter, Director, National Counterterrorism Center..    84

 
          FLIGHT 253: LEARNING LESSONS FROM AN AVERTED TRAGEDY

                              ----------                              


                      Wednesday, January 27, 2010

             U.S. House of Representatives,
                    Committee on Homeland Security,
                                            Washington, DC.
    The committee met, pursuant to call, at 10:03 a.m., in Room 
311, Cannon House Office Building, Hon. Bennie G. Thompson 
[Chairman of the committee] presiding.
    Present: Representatives Thompson, Harman, DeFazio, Jackson 
Lee, Carney, Clarke, Richardson, Kirkpatrick, Lujan, Owens, 
Pascrell, Cleaver, Green, Himes, Kilroy, Titus, King, Souder, 
Lungren, Rogers, McCaul, Dent, Bilirakis, Broun, Miller, Olson, 
and Austria.
    Chairman Thompson [presiding]. The Committee on Homeland 
Security will come to order. The committee is meeting today to 
receive testimony on ``Flight 253: Learning Lessons from an 
Averted Tragedy.''
    Good morning. I would like to thank our witnesses for being 
here today. Today's hearing will examine the circumstances 
surrounding the attempted Christmas day bombing of Northwest 
Flight 253. This committee will examine what happened, why it 
happened, and what this Nation can do to make sure it does not 
happen again.
    We all know the facts. Abdulmutallab boarded Northwest 
Flight 253 in Amsterdam bound for Detroit. As the plane entered 
Detroit's airspace, he removed chemicals concealed in his 
clothing and mixed them together with the intention of causing 
an explosion. Thankfully, he failed. Courageous passengers and 
crew subdued and restrained him until the plane landed, and he 
was taken into custody.
    Since September 11, this Nation has spent billions of 
dollars to fix the aviation security system, yet 9 years later 
it is clear that the safeguards put in place during the last 
administration did not prevent another terrorist from boarding 
a plane and trying to do harm to Americans.
    This single failed terrorist act has brought those unsolved 
security vulnerabilities into sharp focus. Security weaknesses 
in the process of gaining legal admission to this country, gaps 
in the collection and dissemination of information, a confusing 
plethora of lists used to identify dangerous individuals, 
stovepipes that impede the progress of information analysis and 
sharing, and inconsistencies in the use of screening technology 
all combine to create the situation faced by the passengers on 
Flight 253.
    The 9/11 Commission identified many of these problems, and 
while the previous administration engaged in much movement to 
solve these problems, it appears that movement and progress are 
not the same. Within 2 weeks of this incident, President Obama 
issued his preliminary report. The President's report found 
incoherent, systematic weaknesses, and human errors were the 
root cause of the intelligence failures that led to this 
incident.
    To any reasonable observer, one fact was certain. The 
system did not work. In fact, the President ordered a series of 
corrective actions, a clear and unflinching assessment followed 
by quick action designed to address this long-known 
vulnerability must be commended.
    But it is important for all of us to realize that we will 
not address our problems with terrorism in a blink of an eye 
with a single technology. This Nation must begin to adopt a 
layered approach to achieve a secure environment. We must not 
begin our security assessment at the airport gate.
    I want to thank our witnesses, and I look forward to their 
testimony.
    The Chairman now recognizes the Ranking Member of the full 
committee, the gentleman from New York, Mr. King, for an 
opening statement.
    Mr. King. Thank you, Mr. Chairman. Like you, I want to 
thank the witnesses for their testimony here today.
    I think this is an especially critical hearing. Everyone 
knows mistakes are made. Mistakes do happen. I think what 
concerns us and what should concern us as we go forward is how 
those mistakes are addressed and what is being done to protect 
our Nation in the future and to protect those types of mistakes 
from happening again.
    Mr. Chairman, one of the concerns I have is what appears to 
me an uncoordinated response from the intelligence community. I 
say that not just based on what we have learned over the past 
month, but also from watching the Senate hearings last week, 
from looking at the testimony, listening to what former 
Congressman Hamilton had to say yesterday.
    I say that is I still can't determine who is in charge, who 
makes the decisions. If we go back to the 2006 event, the 
liquid explosives from London, clearly, the Department of 
Homeland Security was in charge. It was Secretary Chertoff who 
was out front. It was Kip Hawley, head of TSA, who was out in 
front.
    This time there was really no one in front. Secretary 
Napolitano made several appearances. Mr. Brennan made several 
appearances. But it appears that there was no one who was 
coordinating this from beginning to end. There was no one who 
was going to be out in front.
    I am concerned what the role--I asked Deputy Secretary Lute 
just during her testimony what DHS sees as its role as being, 
and I know in your statement, I have heard Secretary Napolitano 
say this, that the Department is a consumer of intelligence. I 
thought when the Department was created, we expected more of an 
affirmative role by the Department, again, as what did occur, I 
thought, in the last several years of the previous 
administration.
    I am not making this a political issue, but if this 
administration is deciding to change emphasis, then I think we 
should know that, as to who is going to be the main coordinator 
here.
    Also, I think it is important for the President to come 
forward and to establish some order in the intelligence 
community. I saw Lee Hamilton said yesterday, ``I do not 
believe the President yet has a firm grasp of the intelligence 
community.''
    All of us are aware that in the past 6 or 8 months, there 
has been an open dispute between Admiral Blair and Director 
Panetta. That has not been resolved, and if it is resolved, it 
is resolved at the margins. That feud, if you will, is still 
there.
    We find out that the main decisions, some of the key 
decisions that were made on December 25 were not made by anyone 
in the intelligence community, but apparently by the Justice 
Department, and then after that it appears the main player was 
the White House itself, John Brennan, neither of whom is part 
of the intelligence community.
    If we are going to have an effective response and effective 
defense set up, I believe that the professionals in the 
intelligence field should have more to say. The departments and 
agencies that have been created for that purpose should be in 
the forefront.
    So the whole issue of the Miranda warning--currently, no 
one--no one here today, nor Director Blair nor Director Panetta 
were consulted when that decision was made. It was made by the 
Justice Department, apparently.
    Similarly, let me add on that, when it comes to the Justice 
Department being involved, it was the attorney general, who we 
have learned, and some of us have known it for a while, but it 
has now become public, when he made the decision to bring the 
9/11 trials to New York, he never consulted with one person, 
not one person in New York--police commissioner, anyone of the 
State police, anyone of the U.S. Marshals.
    No one was consulted about the security implications of 
that, which appears to be what was repeated on Christmas day 
when the Justice Department made this decision without getting 
any input from anyone else in the intelligence community.
    Let me also make a point here, and I want to make this very 
clearly. I hope this will be a bipartisan point. I am outraged 
by the lack of information we have gotten from this 
administration since Christmas day. The previous 
administration--I will ask the Chairman to vouch for me on 
this--again, using the liquid explosive incident in London, 
from the night before and for every day and every hour after 
that, we received any information we asked for, that we 
requested. It was given to us. We were told what was 
classified, what was not to be made public.
    In this case on Christmas night, the White House--and I 
have heard this from a number of people--told other agencies 
and departments not to give information out. We could not get 
anything. Whatever we got was on our own. We were not given any 
information. I believe John Brennan has set up an iron curtain 
of secrecy in the White House and wants to control the 
intelligence community. He wants to control the information.
    I ask the Chairman, again, to back me on this, and he can 
disagree if he wishes. I don't know one item in the last--when 
I was Chairman or he was Chairman or either of us was Ranking 
Member, one bit of information that was given to us that was 
ever leaked out if it was classified. We never got one 
complaint from the Department of Homeland Security or from NCTC 
or CIA or anyone.
    But now going back to September, but especially this 
Christmas day, I believe that the White House is trying to 
control intelligence, is trying to control counterterrorism, 
and it is doing it in a way which is highly restricting the 
powers of the departments here involved and is cutting off the 
Congress from the information we have to have.
    We have constituents, we have responsibilities. This cannot 
be something where the White House gets all the information, 
massages it, manages it, and then puts out the facts later on. 
So I am putting that at the foot of John Brennan.
    I am putting it also at the foot of Attorney General Holder 
the fact that decisions are being made by him almost 
unilaterally that should be made by the professionals in the 
field, certainly in consultation with people who can agree or 
disagree on these decisions. But to have them unilaterally made 
by someone who is outside what I believe is the intelligence 
world is wrong. I think the President should address that.
    I also believe that as far as Congress, we have a different 
role of that information. We have time and time again have had 
to bring resolutions frequently to get information. On this in 
particular, I know that an iron curtain came down on Christmas 
night. That was wrong.
    It doesn't matter who is in power, whether Republican or 
Democrat, we need information as Members of Congress to get the 
job done. We are not getting it done, and I fault this 
administration. It is disgraceful and outrageous, and I put 
that at John Brennan.
    I yield back.
    Chairman Thompson. Thank you very much.
    Ranking Member King is partially correct in terms of the 
committee's need to know with respect to any of this. I 
absolutely support his premise that this committee has a 
function. It cannot function without information in real time. 
That information should not be gleaned from the news media, but 
it should be gleaned from the proper source. It should not be 
screened.
    But I would also say that the Secretary Lute, Deputy 
Secretary Lute, did contact me the night of Christmas on this 
event, and I think she probably reached out to you. But now, I 
am not aware of anybody else who tried to get in touch with us.
    Mr. King. Deputy Secretary Lute reached out to me, 
discussed what was going to be done as far as the future, as 
far as airline precautions, but nothing about the facts of this 
case.
    Chairman Thompson. Okay, well----
    Mr. King. We were told by other agencies they could not 
give us any information.
    Chairman Thompson. Well, no question the committee has the 
right to know, and others have a responsibility to provide it, 
and we will pursue that also.
    Other Members of the committee are reminded that under 
committee rules, opening statements may be submitted for the 
record.
    [The statement of Hon. Richardson follows:]
            Prepared Statement of Honorable Laura Richardson
                            January 27, 2010
    Mr. Chairman, thank you for convening this very important hearing 
today focusing on the circumstances surrounding the attempted terrorist 
bombing of Northwest Flight 253 on December 25, 2009. It is important 
for the House to get answers regarding the events of that day. I thank 
our distinguished panel of witnesses for appearing before us today to 
share with us the lessons learned from this averted tragedy.
    Like millions of Americans, I am a frequent air traveler, which 
makes the events of December 25 particularly personal to us all. While 
air travel still ranks as one of the safest ways to travel, this is an 
industry where a single incident can become an enormous tragedy. Beyond 
the lives lost and the damage to our economy, both the air travel 
industry and the Nation suffers as the public loses confidence in the 
integrity of our homeland security system.
    It is disturbing to think what could have happened without the 
brave actions of the passengers aboard Flight 253. Those passengers are 
heroes and we cannot thank them enough for what they did. But what the 
committee is focusing on today is what should have happened, what 
systems should have worked, before we reached that point.
    There are several questions to be explored today: (1) Why our 
intelligence agencies did not connect the dots regarding the suspect, 
(2) the efficiency of our visa and watch lists systems, (3) the 
expanding nature of al-Quaeda, and (4) what technology we use, or 
should be using, that would have prevented the events of December 25.
    Also, I think we need to address why all the Members of this 
committee were not notified and briefed in a timely fashion.
    In the days and hours immediately after Christmas day, Members of 
this committee were not briefed by the administration or TSA. As 
Members of the committee tasked with jurisdiction over the agencies 
responsible for security, that cannot be allowed to happen again. I 
look forward to working with the Chairman, my colleagues, and the 
administration to ensure that timely and meaningful consultation and 
information sharing takes place.
    I look forward to the testimony of our distinguished panel of 
witnesses. We need to know exactly what went wrong and what we can do 
to prevent these repeated mistakes from happening again.
    Thank you again, Mr. Chairman, for convening this hearing. I yield 
back the balance of my time.

    Chairman Thompson. Before I welcome our witnesses, I want 
to indicate that Secretary Napolitano was invited to this 
hearing. We were told that she would be out of the country. I 
now understand she is no longer out of the country, but she is 
not here, so maybe Deputy Secretary Lute, you can pull us in on 
where the Secretary is.
    Our first witness is Dr. Jane Holl Lute, the Deputy 
Secretary for the Department of Homeland Security. Dr. Lute has 
been before the committee a number of times and has been very 
straightforward in her presentations, and we appreciate that.
    Our second witness is Mr. Patrick Kennedy, Under Secretary 
of Management at the Department of State. Our final witness is 
Mr. Michael Leiter, Director of the National Counterterrorism 
Center.
    Without objection, the witnesses' full statement and a 
statement provided by GAO and a statement by the ACLU will be 
inserted into the record. I now ask each witness to summarize 
their statement for 5 minutes, beginning with Deputy Secretary 
Lute.
    [The statements of the Government Accountability Office and 
the American Civil Liberties Union follow:]
Statement of Eileen R. Larence, Director, Homeland Security and Justice 
 Issues, and Stephen M. Lord, Director, Homeland Security and Justice 
                Issues, Government Accountability Office
                            January 27, 2010
                             gao highlights
    Highlights of GAO-10-401T, a statement for the record to the 
Committee on Homeland Security, House of Representatives.
Why GAO Did This Study
    The December 25, 2009, attempted bombing of Flight 253 raised 
questions about the Federal Government's ability to protect the 
homeland and secure the commercial aviation system. This statement 
focuses on the Government's efforts to use the terrorist watch list to 
screen individuals and determine if they pose a threat, and how 
failures in this process contributed to the December 25 attempted 
attack. This statement also addresses the Transportation Security 
Administration's (TSA) planned deployment of technologies for enhanced 
explosive detection and the challenges associated with this deployment. 
GAO's comments are based on products issued from September 2006 through 
October 2009 and selected updates in January 2010. For these updates, 
GAO reviewed Government reports related to the December 25 attempted 
attack and obtained information from the Department of Homeland 
Security (DHS) and TSA on use of the watch list and new technologies 
for screening airline passengers.
What GAO Recommends
    GAO is not making new recommendations, but has made recommendations 
in prior reports to DHS, the Federal Bureau of Investigation (FBI), and 
the White House Homeland Security Council to enhance the use of the 
watch list and to TSA related to checkpoint technologies. The agencies 
generally agreed and are making some progress, but full implementation 
is needed.
homeland security.--better use of terrorist watch list information and 
 improvements in deployment of passenger checkpoint technologies could 
                      further strengthen security
What GAO Found
    The intelligence community uses standards of reasonableness to 
evaluate individuals for nomination to the consolidated terrorist watch 
list. In making these determinations, agencies are to consider 
information from all available sources. However, for the December 25 
subject, the intelligence community did not effectively complete these 
steps and link available information to the subject before the 
incident. Therefore, agencies did not nominate the individual to the 
watch list or any of the subset lists that are used during agency 
screening processes, such as the ``No-Fly'' list. Weighing and 
responding to the potential impacts that changes to the nomination 
criteria would have on the traveling public will be an important 
consideration in determining what changes may be needed. Also, 
screening agencies stated that they do not check against all records in 
the watch list, partly because screening against certain records may 
not be needed to support a respective agency's mission or may not be 
possible because of the requirements of computer programs used to check 
individuals against watch list records. In October 2007, GAO reported 
that not checking against all records may pose a security risk and 
recommended that DHS and the FBI assess potential vulnerabilities, but 
they have not completed these assessments. TSA is implementing an 
advanced airline passenger prescreening program--known as Secure 
Flight--that could potentially result in the Federal Government 
checking passengers against the entire watch list under certain 
security conditions. Further, the Government lacks an up-to-date 
strategy and implementation plan--supported by a clearly defined 
leadership or governance structure--which are needed to enhance the 
effectiveness of terrorist-related screening and ensure accountability 
for the process. In the 2007 report, GAO recommended that the Homeland 
Security Council ensure that a governance structure exists that has the 
requisite authority over the watch list process. The council did not 
comment on this recommendation.
    As GAO reported in October 2009, since TSA's creation, 10 passenger 
screening technologies have been in various phases of research, 
development, procurement, and deployment, including the Advanced 
Imaging Technology (AIT)--formerly known as the Whole Body Imager. TSA 
expects to have installed almost 200 AITs in airports by the end of 
calendar year 2010 and plans to install a total of 878 units by the end 
of fiscal year 2014. In October 2009, GAO reported that TSA had not yet 
conducted an assessment of the technology's vulnerabilities to 
determine the extent to which a terrorist could employ tactics that 
would evade detection by the AIT. Thus, it is unclear whether the AIT 
or other technologies would have detected the weapon used in the 
December 25 attempted attack. GAO's report also noted the problems TSA 
experienced in deploying another checkpoint technology that had not 
been tested in the operational environment. Since GAO's October report, 
TSA stated that it has completed the testing as of the end of 2009. We 
are currently verifying that all functional requirements of the AIT 
were tested in an operational environment. Completing these steps 
should better position TSA to ensure that moving ahead with a costly 
deployment of AIT machines will enhance passenger checkpoint security.
    Mr. Chairman and Members of the committee: We are pleased to submit 
this statement on the progress Federal agencies have made and the 
challenges they face in key areas of terrorism information sharing and 
the deployment of checkpoint technologies. The December 25, 2009, 
attempted bombing of Flight 253 has led to increased scrutiny of how 
the Government creates and uses the consolidated terrorist screening 
database (the watch list) to screen individuals and determine if they 
pose a security threat, and highlighted the importance of detecting 
improvised explosive devices and other prohibited items on passengers 
before they board a commercial aircraft. The White House's initial 
review of these events exposed gaps in how intelligence agencies 
collected, shared, and analyzed terrorism-related information to 
determine if the subject--Umar Farouk Abdulmutallab--posed enough of a 
threat to warrant placing him on the watch list, which could have 
altered the course of events that day. To enhance its ability to detect 
explosive devices and other prohibited items on passengers, the 
Transportation Security Administration (TSA) is evaluating the use of 
Advanced Imaging Technology (AIT)--formerly called the Whole Body 
Imager--as an improvement over current screening capabilities.
    In October 2007, we released a report on the results of our 
review--conducted at your request--of how the watch list is created and 
maintained, and how Federal, State, and local security partners use the 
list to screen individuals for potential threats to the homeland.\1\ As 
a result of that review, we identified potential vulnerabilities, 
including ones created because agencies were not screening against all 
records in the watch list. We made a number of recommendations aimed at 
addressing these potential vulnerabilities and helping to enhance the 
effectiveness of the watch list process, which the agencies have not 
yet fully addressed. These recommendations--which we discuss later in 
this statement--are still important to address and can inform on-going 
reviews of the December 25 attempted terrorist attack.
---------------------------------------------------------------------------
    \1\ GAO, Terrorist Watchlist Screening: Opportunities Exist to 
Enhance Management Oversight, Reduce Vulnerabilities in Agency 
Screening Processes, and Expand Use of the List, GAO-08-110 
(Washington, DC: Oct. 11, 2007).
---------------------------------------------------------------------------
    Also, in January 2005, we designated information sharing for 
homeland security a high-risk area because the Government faced 
formidable challenges in analyzing and disseminating this information 
in a timely, accurate, and useful manner.\2\ Since then, we have been 
monitoring and making recommendations to improve the Government's 
efforts to share terrorism-related information, not only among Federal 
agencies but also with their State, local, Tribal, and private sector 
security partners.\3\ Addressing this high-risk area is important to 
help remove barriers that lead to agencies maintaining information in 
stove-piped systems, and to hold them accountable to the Congress and 
the public for ensuring terrorism information is shared, is used, and 
makes a difference. We are continuing to review Federal agencies' 
efforts to share terrorism-related information and expect to report the 
results of this work later this year.\4\
---------------------------------------------------------------------------
    \2\ See GAO, High-Risk Series: An Update, GAO-09-271 (Washington, 
DC: January 2009), for our most recent update.
    \3\ See, for example, GAO, Information Sharing: The Federal 
Government Needs to Establish Policies and Processes for Sharing 
Terrorism-Related and Sensitive but Unclassified Information, GAO-06-
385 (Washington, DC: Mar. 17, 2006); Information Sharing Environment: 
Definition of the Results to Be Achieved in Improving Terrorism-Related 
Information Sharing Is Needed to Guide Implementation and Assess 
Progress, GAO-08-492 (Washington, DC: June 25, 2008); and Information 
Sharing: Federal Agencies Are Sharing Border and Terrorism Information 
with Local and Tribal Law Enforcement Agencies, but Additional Efforts 
Are Needed, GAO-10-41 (Washington, DC: Dec. 18, 2009).
    \4\ We have three on-going reviews of terrorism-related information 
sharing that are being conducted based on separate requests from your 
committee, the House Committee on Oversight and Government Reform, and 
the Senate Committee on Homeland Security and Governmental Affairs.
---------------------------------------------------------------------------
    In addition, in October 2009, we released a report on TSA's efforts 
to deploy checkpoint technologies and the challenges the agency faces 
in these efforts.\5\ We made eight recommendations related to the 
research, development, and deployment of these technologies. The 
Department of Homeland Security (DHS) agreed with our recommendations 
and identified actions planned or under way to implement them. While 
DHS is taking steps to address our recommendations related to 
conducting risk assessments, the actions DHS reported that TSA had 
taken or plans to take do not fully address the intent of the majority 
of our recommendations.
---------------------------------------------------------------------------
    \5\ GAO, Aviation Security: DHS and TSA Have Researched, Developed, 
and Begun Deploying Passenger Checkpoint Screening Technologies, but 
Continue to Face Challenges, GAO-10-128 (Washington, DC: Oct. 7, 2009).
---------------------------------------------------------------------------
    This statement for the record discusses: (1) The Government's 
efforts to use the terrorist watch list to screen individuals and 
determine if they pose a threat, as well as how aspects of this process 
contributed to the December 25 attempted terrorist attack and (2) TSA's 
planned deployment of the AIT for enhanced explosive detection and the 
challenges associated with this deployment.
    This statement is based on products GAO issued from September 2006 
through October 2009.\6\ In conducting our prior work, we reviewed 
documentation obtained from and interviewed officials at the various 
departments and agencies with responsibilities for compiling and using 
watch list records. We also reviewed documentation and obtained 
information on current checkpoint screening technologies being 
researched, developed, and deployed. Our previously published reports 
contain additional details on the scope and methodology for those 
reviews. In addition, this statement contains selected updates 
conducted in December 2009 and January 2010. For the updates, GAO 
reviewed Government reports and other information related to the 
December 25 attempted attack, obtained information from DHS and TSA on 
the use of watch list records and new technologies for screening 
airline passengers, and interviewed a senior TSA official. We conducted 
our updated work in December 2009 and January 2010 in accordance with 
generally accepted Government auditing standards.
---------------------------------------------------------------------------
    \6\ See GAO, Terrorist Watch List Screening: Efforts to Help Reduce 
Adverse Effects on the Public, GAO-06-1031 (Washington, DC: Sept. 29, 
2006); GAO-08-110; Aviation Security: TSA Has Completed Key Activities 
Associated with Implementing Secure Flight, but Additional Actions Are 
Needed to Mitigate Risks, GAO-09-292 (Washington, DC: May 13, 2009); 
and GAO-10-128.
---------------------------------------------------------------------------
                               in summary
    Because the subject of the December 25 attempted terrorist attack 
was not nominated for inclusion on the Government's consolidated 
terrorist screening database, Federal agencies responsible for 
screening activities missed several opportunities to identify him and 
possibly take action. We have previously reported on a number of issues 
related to the compilation and use of watch list records, such as the 
potential security risk posed by not checking against all records on 
the watch list. We also identified the need for an up-to-date strategy 
and implementation plan--one that describes the scope, governance, 
outcomes, milestones, and metrics, among other things--for managing the 
watch list process across the Federal Government. Such a strategy and 
plan, supported by a clearly defined leadership or governance 
structure, can be helpful in removing cultural, technological, and 
other barriers--such as those problems that the December 25 attempted 
terrorist attack exposed--that inhibit the effective use of watch list 
information.
    With regard to the deployment of technology to detect explosives on 
passengers, TSA expects to have installed almost 200 AITs in airports 
by the end of calendar year 2010, and plans to procure and install a 
total of 878 units by the end of fiscal year 2014. While recently 
providing GAO with updated information to our October 2009 report, TSA 
stated that operational testing for the AIT was completed as of the end 
of calendar year 2009. We are in the process of verifying that TSA 
tested all of the AIT functional requirements in an operational 
environment. Moreover, we previously reported that TSA had not yet 
conducted an assessment of the technology's vulnerabilities to 
determine the extent to which a terrorist could employ tactics that 
would evade detection by the AIT. While we recognize that the AIT could 
provide an enhanced detection capability, completing these steps should 
better position TSA to have the information necessary to ensure that 
moving ahead with a costly deployment of AIT machines will enhance 
passenger checkpoint security.
                               background
Terrorist Watch List Process
    The Terrorist Screening Center (TSC)--administered by the Federal 
Bureau of Investigation (FBI)--is responsible for maintaining the U.S. 
Government's consolidated watch list and providing it to Federal 
agencies as well as State, local, and selected foreign partners for 
their use in screening individuals. TSC receives the vast majority of 
its watch list nominations and information from the National 
Counterterrorism Center (NCTC), which compiles information on known or 
suspected international terrorists from Executive branch departments 
and agencies.\7\ In addition, the FBI provides TSC with information on 
known or suspected domestic terrorists who operate primarily within the 
United States. To support agency screening processes, TSC first 
determines if each nomination contains specific minimum derogatory 
information for inclusion in its terrorist screening database. TSC then 
sends applicable records from the terrorist watch list to screening 
agency systems for use in efforts to deter or detect the movements of 
known or suspected terrorists. For instance, applicable TSC records are 
provided to TSA for use in prescreening airline passengers; to a U.S. 
Customs and Border Protection (CBP) system for use in screening 
travelers entering the United States; to a Department of State system 
for use in screening visa applicants; and to an FBI system for use by 
State and local law enforcement agencies pursuant to arrests, 
detentions, and other criminal justice purposes.\8\
---------------------------------------------------------------------------
    \7\ By law, NCTC, which is within the Office of the Director of 
National Intelligence, serves as the primary organization in the U.S. 
Government for analyzing and integrating all intelligence pertaining to 
terrorism and counterterrorism, except for intelligence pertaining 
exclusively to domestic terrorists and domestic counterterrorism. See 
50 U.S.C. 404o(d)(1).
    \8\ See GAO-08-110 for additional details on the compilation and 
use of terrorist watch list records.
---------------------------------------------------------------------------
Airline Passenger Screening Using Checkpoint Screening Technology
    Passenger screening is a process by which screeners inspect 
individuals and their property to deter and prevent an act of violence 
or air piracy, such as the carrying of any unauthorized explosive, 
incendiary, weapon, or other prohibited item on board an aircraft or 
into a sterile area.\9\ Screeners inspect individuals for prohibited 
items at designated screening locations. TSA developed standard 
operating procedures for screening passengers at airport checkpoints. 
Primary screening is conducted on all airline passengers before they 
enter the sterile area of an airport and involves passengers walking 
through a metal detector and carry-on items being subjected to X-ray 
screening. Passengers who alarm the walkthrough metal detector or are 
designated as selectees--that is, passengers selected for additional 
screening--must then undergo secondary screening, as well as passengers 
whose carry-on items have been identified by the X-ray machine as 
potentially containing prohibited items.\10\ Secondary screening 
involves additional means for screening passengers, such as by hand-
wand; physical pat-down; or, at certain airport locations, an 
explosives trace portal (ETP), which is used to detect traces of 
explosives on passengers by using puffs of air to dislodge particles 
from their bodies and clothing into an analyzer. Selectees' carry-on 
items are also physically searched or screened for explosives, such as 
by using explosives trace detection machines.
---------------------------------------------------------------------------
    \9\ Sterile areas are generally located within the terminal where 
passengers are provided access to boarding aircraft, and access is 
controlled in accordance with TSA requirements.
    \10\ A nonselectee passenger who alarms the walk-through metal 
detector on the first pass is offered a second pass. If the passenger 
declines the second pass, the passenger must proceed to additional 
screening. If the nonselectee passenger accepts the second pass and the 
machine does not alarm, the passenger may generally proceed without 
further screening.
---------------------------------------------------------------------------
 assessing potential vulnerabilities related to not screening against 
 all watch list records and ensuring clear lines of authority over the 
      watch list process would provide for its more effective use
Agencies Rely Upon Standards of Reasonableness in Assessing Individuals 
        for Nomination to TSC's Watch List, but Did Not Connect 
        Available Information on Mr. Abdulmutallab to Determine Whether 
        a Reasonable Suspicion Existed
    Federal agencies--particularly NCTC and the FBI--submit to TSC 
nominations of individuals to be included on the consolidated watch 
list. For example, NCTC receives terrorist-related information from 
Executive branch departments and agencies, such as the Department of 
State, the Central Intelligence Agency, and the FBI, and catalogs this 
information in its Terrorist Identities Datamart Environment database, 
commonly known as the TIDE database. This database serves as the U.S. 
Government's central classified database with information on known or 
suspected international terrorists. According to NCTC, agencies submit 
watch list nomination reports to the center, but are not required to 
specify individual screening systems that they believe should receive 
the watch list record, such as the No-Fly list of individuals who are 
to be denied boarding an aircraft.\11\ NCTC is to presume that agency 
nominations are valid unless it has other information in its possession 
to rebut that position.
---------------------------------------------------------------------------
    \11\ As discussed later in this statement, agencies generally do 
not use the full terrorist watch list to screen individuals. Rather, 
they generally use subsets of the full list based on each agency's 
mission and other factors.
---------------------------------------------------------------------------
    To decide if a person poses enough of a threat to be placed on the 
watch list, agencies are to follow Homeland Security Presidential 
Directive (HSPD) 6, which states that the watch list is to contain 
information about individuals ``known or appropriately suspected to be 
or have been engaged in conduct constituting, in preparation for, in 
aid of, or related to terrorism.''\12\ HSPD-24 definitively established 
the ``reasonable suspicion'' standard for watchlisting by providing 
that agencies are to make available to other agencies all biometric 
information associated with ``persons for whom there is an articulable 
and reasonable basis for suspicion that they pose a threat to national 
security.''\13\ NCTC is to consider information from all available 
sources and databases to determine if there is a reasonable suspicion 
of links to terrorism that warrants a nomination, which can involve 
some level of subjectivity. The guidance on determining reasonable 
suspicion, which TSC most recently updated in February 2009, contains 
specific examples of the types of terrorism-related conduct that may 
make an individual appropriate for inclusion on the watch list.
---------------------------------------------------------------------------
    \12\ The White House, Homeland Security Presidential Directive/
HSPD-6, Subject: Integration and Use of Screening Information 
(Washington, DC, Sept. 16, 2003).
    \13\ The White House, Homeland Security Presidential Directive/
HSPD-24, Subject: Biometrics for Identification and Screening to 
Enhance National Security (Washington, DC, June 5, 2008).
---------------------------------------------------------------------------
    The White House's review of the December 25 attempted terrorist 
attack noted that Mr. Abdulmutallab's father met with U.S. Embassy 
officers in Abuja, Nigeria, to discuss his concerns that his son may 
have come under the influence of unidentified extremists and had 
planned to travel to Yemen.\14\ However, according to NCTC, the 
information in the State Department's nomination report did not meet 
the criteria for watchlisting in TSC's consolidated terrorist screening 
database per the Government's established and approved nomination 
standards. NCTC also noted that the State Department cable nominating 
Mr. Abdulmutallab had no indication that the father was the source of 
the information. According to the White House review of the December 25 
attempted attack, the U.S. Government had sufficient information to 
have uncovered and potentially disrupted the attack--including by 
placing Mr. Abdulmutallab on the No-Fly list--but analysts within the 
intelligence community failed to connect the dots that could have 
identified and warned of the specific threat.
---------------------------------------------------------------------------
    \14\ The White House, Summary of the White House Review of the 
December 25, 2009, Attempted Terrorist Attack (Washington, DC, Jan. 7, 
2010).
---------------------------------------------------------------------------
    After receiving the results of the White House's review of the 
December 25 attempted attack, the President called for members of the 
intelligence community to undertake a number of corrective actions--
such as clarifying intelligence agency roles, responsibilities, and 
accountabilities to document, share, and analyze all sources of 
intelligence and threat threads related to terrorism, and accelerating 
information technology enhancements that will help with information 
correlation and analysis. The House Committee on Oversight and 
Government Reform has asked us, among other things, to assess 
Government efforts to revise the watch list process, including actions 
taken related to the December 25 attempted attack.
    As part of our monitoring of high-risk issues, we also have on-
going work--at the request of the Senate Committee on Homeland Security 
and Governmental Affairs--that is assessing agency efforts to create 
the Information Sharing Environment, which is intended to break down 
barriers to sharing terrorism-related information, especially across 
Federal agencies.\15\ Our work is designed to help ensure that Federal 
agencies have a road map that defines roles, responsibilities, actions, 
and time frames for removing barriers, as well as a system to hold 
agencies accountable to the Congress and the public for making progress 
on these efforts. Among other things, this road map can be helpful in 
removing cultural, technological, and other barriers that lead to 
agencies maintaining information in stove-piped systems so that it is 
not easily accessible, similar to those problems that the December 25 
attempted attack exposed. We expect to issue the results of this work 
later this year.
---------------------------------------------------------------------------
    \15\ The Intelligence Reform and Terrorism Prevention Act of 2004, 
as amended, defines the Information Sharing Environment as ``an 
approach that facilitates the sharing of terrorism and homeland 
security information, which may include any method determined necessary 
and appropriate for carrying out [section 1016].'' See Pub. L. No. 108-
458,  1016(a)(2), 118 Stat. 3638, 3665 (codified as amended at 6 
U.S.C.  485(a)(3)). See also Homeland Security Act of 2002, 6 U.S.C.  
482 (requiring the establishment of procedures for the sharing of 
homeland security information, as defined by this section).
---------------------------------------------------------------------------
By Not Placing Mr. Abdulmutallab on the Consolidated Watch List or Its 
        Subsets, the Government Missed Opportunities to Use These 
        Counterterrorism Tools
    Following the December 25 attempted terrorist attack, questions 
were raised as to what could have happened if Mr. Abdulmutallab had 
been on TSC's consolidated terrorist screening database. We created 
several scenarios to help explain how the watch list process is 
intended to work and what opportunities agencies could have had to 
identify him if he was on the watch list. For example, according to 
TSC, if a record from the terrorist screening database is sent to the 
State Department's system and the individual in that record holds a 
valid visa, TSC would compare the identifying information in the watch 
list record against identifying information in the visa and forward 
positive matches to the State Department for possible visa revocation. 
If an individual's visa is revoked, under existing procedures, this 
information is to be entered into the database CBP uses to screen 
airline passengers prior to their boarding, which we describe below. 
According to CBP, when the individual checks in for a flight, the on-
site CBP Immigration Advisory Program officers already would have been 
apprised of the visa revocation by CBP and they would have checked the 
person's travel documents to verify that the individual was a match to 
the visa revocation record. Once the positive match was established, 
the officers would have recommended that he not be allowed to board the 
flight.
    Under another scenario, if an individual is on TSC's terrorist 
screening database, existing processes provide CBP with the opportunity 
to identify the subject of a watch list record as part of the checks 
CBP is to conduct to see if airline passengers are eligible to be 
admitted into the country. Specifically, for international flights 
departing to or from the United States (but not for domestic flights), 
CBP is to receive information on passengers obtained, for example, when 
their travel document is swiped. CBP is to check this passenger 
information against a number of databases to see if there are any 
persons who have immigration violations, criminal histories, or any 
other reason for being denied entry to the country, in accordance with 
the agency's mission. According to CBP, when it identifies a U.S.-bound 
passenger who is on the watch list, it coordinates with other Federal 
agencies to evaluate the totality of available information to see what 
action is appropriate. In foreign airports where there is a CBP 
Immigration Advisory Program presence, the information on a watchlisted 
subject is forwarded by CBP to program officers on-site. The officers 
would then intercept the subject prior to boarding the aircraft and 
confirm that the individual is watchlisted, and when appropriate based 
on the derogatory information, request that the passenger be denied 
boarding.
    In a third scenario, if an individual is on the watch list and is 
also placed on the No-Fly or Selectee list, when the person checks in 
for a flight, the individual's identifying information is to be checked 
against these lists. Individuals matched to the No-Fly list are to be 
denied boarding. If the individual is matched to the Selectee list, the 
person is to be subject to further screening, which could include 
physical screening, such as a pat-down. The criteria in general that 
are used to place someone on either of these two lists include the 
following:
   Persons who are deemed to be a threat to civil aviation or 
        National security and should be precluded from boarding an 
        aircraft are put on the No-Fly list.
   Persons who are deemed to be a threat to civil aviation or 
        National security but do not meet the criteria of the No-Fly 
        list are placed on the Selectee list and are to receive 
        additional security screening prior to being permitted to board 
        an aircraft.\16\
---------------------------------------------------------------------------
    \16\ Of all of the screening databases that accept watch list 
records, only the No-Fly and Selectee lists require certain nomination 
criteria or inclusion standards that are narrower than the ``known or 
appropriately suspected'' standard of HSPD-6. The most recent guidance 
related to the No-Fly and Selectee list criteria was issued in February 
2009.
---------------------------------------------------------------------------
    The White House Homeland Security Council devised these more 
stringent sets of criteria for the No-Fly and Selectee lists in part 
because these lists are not intended as investigative or information-
gathering tools or tracking mechanisms, and TSA is a screening but not 
an intelligence agency.\17\ Rather, the lists are intended to help 
ensure the safe transport of passengers and facilitate the flow of 
commerce. However, the White House's review of the December 25 
attempted terrorist attack raised questions about the effectiveness of 
the criteria, and the President tasked the FBI and TSC with developing 
recommendations for any needed changes to the nominations guidance and 
criteria.
---------------------------------------------------------------------------
    \17\ The Homeland Security Council originally was established in 
2001 by Executive Order and subsequently codified into law by the 
Homeland Security Act of 2002 for the purpose of more effectively 
coordinating the policies and functions of the Federal Government 
relating to homeland security. See Exec. Order No. 13,228; Pub. L. No. 
107-296, tit. IX, 116 Stat. 2135, 2258-59 (codified at 6 U.S.C.  491-
496). On May 26, 2009, the President announced the full integration of 
White House staff supporting National security and homeland security 
into a new ``National Security Staff'' supporting all White House 
policy-making activities relating to international, transnational, and 
homeland security matters. The Homeland Security Council was maintained 
as the principle venue for interagency deliberations on issues that 
affect the security of the homeland, such as terrorism, weapons of mass 
destruction, natural disasters, and pandemic influenza.
---------------------------------------------------------------------------
    Weighing and responding to the potential impacts that changes to 
the nominations guidance and criteria could have on the traveling 
public and the airlines will be important considerations in developing 
such recommendations. In September 2006, we reported that tens of 
thousands of individuals who had similar names to persons on the watch 
list were being misidentified and subjected to additional screening, 
and in some cases delayed so long as to miss their flights.\18\ We also 
reported that resolving these misidentifications can take time and, 
therefore, affect air carriers and commerce. If changes in criteria 
result in more individuals being added to the lists, this could also 
increase the number of individuals who are misidentified, exacerbating 
these negative effects. In addition, we explained that individuals who 
believe that they have been inappropriately matched to the watch list 
can petition the Government for action and the relevant agencies must 
conduct research and work to resolve these issues. If more people are 
misidentified, more people may trigger this redress process, increasing 
the need for resources. Finally, any changes to the criteria or process 
would have to ensure that watch list records are used in a manner that 
safeguards legal rights, including freedoms, civil liberties, and 
information privacy guaranteed by Federal law.
---------------------------------------------------------------------------
    \18\ GAO-06-1031.
---------------------------------------------------------------------------
Agencies Do Not Screen Individuals Against All Records in the Watch 
        List, Which Creates Potential Security Vulnerabilities; GAO 
        Continues to Recommend That Agencies Assess and Address These 
        Gaps
    In reacting to the December 25 attempted terrorist attack, 
determining whether there were potential vulnerabilities related to the 
use of watch list records when screening--not only individuals who fly 
into the country but also, for example, those who cross land borders--
are important considerations. Screening agencies whose missions most 
frequently and directly involve interactions with travelers generally 
do not check against all records in the consolidated terrorist watch 
list. In our October 2007 report, we noted that this is because 
screening against certain records may not be needed to support a 
respective agency's mission or may not be possible because of computer 
system limitations, among other things.\19\
---------------------------------------------------------------------------
    \19\ GAO-08-110.
---------------------------------------------------------------------------
    For example, CBP's mission is to determine if any traveler is 
eligible to enter the country or is to be denied entry because of 
immigration or criminal violations. As such, CBP's computer system 
accepts all records from the consolidated watch list database that have 
either a first name or a last name and one other identifier, such as a 
date of birth. Therefore, TSC sends CBP the greatest number of records 
from the consolidated watch list database for its screening. In 
contrast, one of the State Department's missions is to approve requests 
for visas. Since only non-U.S. citizens and nonlawful permanent 
residents apply for visas, TSC does not send the department records on 
citizens or lawful permanent residents for screening visa applicants.
    Also, the FBI database that State and local law enforcement 
agencies use for their missions in checking individuals for criminal 
histories, for example, also receives a smaller portion of the watch 
list. According to the FBI, its computer system requires a full first 
name, last name, and other identifier, typically a date of birth. The 
FBI noted that this is because having these identifiers helps to reduce 
the number of times an individual is misidentified as being someone on 
the list, and the computer system would not be effective in making 
matches without this information. Finally, the No-Fly and Selectee 
lists collectively contain the lowest percentage of watch list records 
because the remaining ones either do not meet the nominating criteria, 
as described above, or do not meet system requirements--that is, 
include full names and dates of birth, which TSA stated are required to 
minimize misidentifications.
    TSA is implementing a new screening program that the agency states 
will have the capability to screen an individual against the entire 
watch list.\20\ Under this program, called Secure Flight, TSA will 
assume from air carriers the responsibility of comparing passenger 
information against the No-Fly and Selectee lists.\21\ According to the 
program's final rule, in general, Secure Flight is to compare passenger 
information only to the No-Fly and Selectee lists.\22\ The 
supplementary information accompanying the rule notes that this will be 
satisfactory to counter the security threat during normal security 
circumstances. However, the rule provides that TSA may use the larger 
set of watch list records when warranted by security considerations, 
such as if TSA learns that flights on a particular route may pose 
increased risks. TSA emphasized that use of the full terrorist 
screening database is not routine. Rather, TSA noted that its use is 
limited to circumstances in which there is information concerning an 
increased risk to transportation security, and the decision to use the 
full watch list database will be based on circumstances at the time. 
According to TSA, as of January 2010, the agency was developing 
administrative procedures for utilizing the full watch list when 
warranted.
---------------------------------------------------------------------------
    \20\ GAO-09-292.
    \21\ Pub. L. No. 108-458, 4012(a), 118 Stat. 3638, 3714-15 
(codified at 49 U.S.C.  44903(j)(2)(C)).
    \22\ See 73 Fed. Reg. 64,018 (Oct. 28, 2008) (codified at 49 C.F.R. 
pt. 1560).
---------------------------------------------------------------------------
    In late January 2009, TSA began to assume from airlines the watch 
list matching function for a limited number of domestic flights, and 
has since phased in additional flights and airlines. TSA expects to 
assume the watch list matching function for all domestic and 
international flights departing to and from the United States by 
December 2010. It is important to note that under the Secure Flight 
program, TSA requires airlines to provide the agency with each 
passenger's full name and date of birth to facilitate the watch list 
matching process, which should reduce the number of individuals who are 
misidentified as the subject of a watch list record. We continue to 
monitor the Secure Flight program at the Congress's request.
    In our October 2007 watch list report, we recommended that the FBI 
and DHS assess the extent to which security risks exist by not 
screening against certain watch list records and what actions, if any, 
should be taken in response.\23\ The agencies generally agreed with our 
recommendations but noted that the risks related to not screening 
against all watch list records needs to be balanced with the impact of 
screening against all records, especially those records without a full 
name and other identifiers. For example, more individuals could be 
misidentified, law enforcement would be put in the position of 
detaining more individuals until their identities could be resolved, 
and administrative costs could increase, without knowing what 
measurable increase in security is achieved. While we acknowledge these 
tradeoffs and potential impacts, we maintain that assessing whether 
vulnerabilities exist by not screening against all watch list records--
and if there are ways to limit impacts--is critical and could be a 
relevant component of the Government's on-going review of the watch 
list process. Therefore, we believe that our recommendation continues 
to have merit.
---------------------------------------------------------------------------
    \23\ GAO-08-110.
---------------------------------------------------------------------------
Identifying Additional Screening Opportunities and Determining Whether 
        There Are Clear Lines of Authority for and Accountability Over 
        the Watch List Process Would Help Ensure Its Effective Use
    As we reported in October 2007, the Federal Government has made 
progress in using the consolidated terrorist watch list for screening 
purposes, but has additional opportunities to use the list. For 
example, DHS uses the list to screen employees in some critical 
infrastructure components of the private sector, including certain 
individuals who have access to vital areas of nuclear power plants or 
transport hazardous materials. However, many critical infrastructure 
components are not using watch list records, and DHS has not finalized 
guidelines to support such private sector screening, as HSPD-6 mandated 
and we previously recommended.\24\
---------------------------------------------------------------------------
    \24\ The identification of critical infrastructure components that 
are not using watch list records for screening is considered Sensitive 
Security Information that cannot be disclosed in a public statement.
---------------------------------------------------------------------------
    In that same report, we noted that HSPD-11 tasked the Secretary of 
Homeland Security with coordinating across other Federal departments to 
develop: (1) A strategy for a comprehensive and coordinated 
watchlisting and screening approach and (2) a prioritized 
implementation and investment plan that describes the scope, 
governance, principles, outcomes, milestones, training objectives, 
metrics, costs, and schedule of necessary activities.\25\ We reported 
that without such a strategy, the Government could not provide 
accountability and a basis for monitoring to ensure that: (1) The 
intended goals for, and expected results of, terrorist screening are 
being achieved and (2) use of the watch list is consistent with privacy 
and civil liberties. We recommended that DHS develop a current 
interagency strategy and related plans.
---------------------------------------------------------------------------
    \25\ The White House, Homeland Security Presidential Directive/
HSPD-11, Subject: Comprehensive Terrorist-Related Screening Procedures 
(Washington, DC, Aug. 27, 2004).
---------------------------------------------------------------------------
    According to DHS's Screening Coordination Office, during the fall 
of 2007, the office led an interagency effort to provide the President 
with an updated report, entitled, HSPD-11, An Updated Strategy for 
Comprehensive Terrorist-Related Screening Procedures.\26\ The office 
noted that the report was formally submitted to the Executive Office of 
the President through the Homeland Security Council and reviewed by the 
President on January 25, 2008. Further, the office noted that it also 
provided a sensitive version of the report to the Congress in October 
2008. DHS provided us an excerpt of that report to review, stating that 
it did not have the authority to share excerpts provided by other 
agencies, and we were unable to obtain a copy of the full report. The 
information we reviewed only discussed DHS's own efforts for 
coordinating watch list screening across the Department. Therefore, we 
were not able to determine whether the HSPD-11 report submitted to the 
President addressed all of the components called for in the directive 
or what action, if any, was taken as a result. We maintain that a 
comprehensive strategy, as well as related implementation and 
investment plans, as called for by HSPD-11, continue to be important to 
ensure effective Government-wide use of the watch list process.
---------------------------------------------------------------------------
    \26\ DHS established the Screening Coordination Office in July 2006 
to enhance security measures by integrating the Department's terrorist-
and immigration-related screening efforts, creating unified screening 
standards and policies, and developing a single redress process for 
travelers.
---------------------------------------------------------------------------
    In addition, in our October 2007 report, we noted that establishing 
an effective governance structure as part of this strategic approach is 
particularly vital since numerous agencies and components are involved 
in the development, maintenance, and use of the watch list process, 
both within and outside of the Federal Government. Also, establishing a 
governance structure with clearly-defined responsibility and authority 
would help to ensure that agency efforts are coordinated, and that the 
Federal Government has the means to monitor and analyze the outcomes of 
such efforts and to address common problems efficiently and 
effectively. We determined at the time that no such structure was in 
place and that no existing entity clearly had the requisite authority 
for addressing interagency issues. We recommended that the Homeland 
Security Council ensure that a governance structure was in place, but 
the council did not comment on our recommendation.
    At the time of our report, TSC stated that it had a governance 
board in place, comprised of senior-level agency representatives from 
numerous departments and agencies. However, we also noted that the 
board provided guidance concerning issues within TSC's mission and 
authority. We also stated that while this governance board could be 
suited to assume more of a leadership role, its authority at that time 
was limited to TSC-specific issues, and it would need additional 
authority to provide effective coordination of terrorist-related 
screening activities and interagency issues Government-wide. In January 
2010, the FBI stated that TSC has a Policy Board in place, with 
representatives from relevant departments and agencies, that reviews 
and provides input to the Government's watch list policy. The FBI also 
stated that the policies developed are then sent to the National 
Security Council Deputies Committee (formerly the Homeland Security 
Council) for ratification. The FBI noted that this process was used for 
making the most recent additions and changes to watch list standards 
and criteria. We have not yet been able to determine, however, whether 
the Policy Board has the jurisdiction and authority to resolve issues 
beyond TSC's purview, such as issues within the intelligence community 
and in regard to the nominations process, similar to the types of 
interagency issues the December 25 attempted attack identified. We 
maintain that a governance structure with the authority for and 
accountability over the entire watch list process, from nominations 
through screening, and across the Government is important.
    On January 7, 2010, the President tasked the National Security 
Staff with initiating an interagency review of the watch list process--
including the business processes, procedures, and criteria--and the 
interoperability and sufficiency of supporting information technology 
systems. This review offers the Government an opportunity to develop an 
updated strategy, related plans, and governance structure that would 
provide accountability to the administration, the Congress, and the 
American public that the watch list process is effective at helping to 
secure the homeland.
   recent work highlights the importance of conducting vulnerability 
    assessments and operational testing prior to deployment of new 
                        checkpoint technologies
While TSA Has Not Yet Deployed Any New Checkpoint Technologies 
        Nationwide, It Plans to Have Installed Almost 200 AITs by the 
        End of 2010
    As we reported in October 2009, in an effort to improve the 
capability to detect explosives at aviation passenger checkpoints, TSA 
has 10 passenger screening technologies in various phases of research, 
development, procurement, and deployment, including the AIT (formerly 
Whole Body Imager).\27\ TSA is evaluating the AIT as an improvement 
over current screening capabilities of the metal detector and pat-downs 
specifically to identify nonmetallic threat objects and liquids. The 
AITs produce an image of a passenger's body that a screener interprets. 
The image identifies objects, or anomalies, on the outside of the 
physical body but does not reveal items beneath the surface of the 
skin, such as implants. TSA plans to procure two types of AIT units: 
One type uses millimeter wave and the other type uses backscatter X-ray 
technology. Millimeter wave technology beams millimeter wave radio 
frequency energy over the body's surface at high speed from two 
antennas simultaneously as they rotate around the body.\28\ The energy 
reflected back from the body or other objects on the body is used to 
construct a three-dimensional image. Millimeter wave technology 
produces an image that resembles a fuzzy photo negative. Backscatter X-
ray technology uses a low-level X-ray to create a two-sided image of 
the person. Backscatter technology produces an image that resembles a 
chalk etching.\29\
---------------------------------------------------------------------------
    \27\ GAO-10-128.
    \28\ According to TSA, this description of the millimeter wave 
technology applies only to the machine manufactured by L3 and does not 
apply to other millimeter wave technologies that TSA is evaluating, 
such as the Smiths millimeter wave AIT.
    \29\ Research and development of the AIT technology is continuing, 
specifically, to develop passive terahertz (THz) and active gigahertz 
(GHz) technologies to improve detection performance and reduce 
operational costs of commercially available systems.
---------------------------------------------------------------------------
    As we reported in October 2009, TSA has not yet deployed any new 
technologies Nation-wide. However, as of December 31, 2009, according 
to a senior TSA official, the agency has deployed 40 of the millimeter 
wave AITs, and has procured 150 backscatter X-ray units in fiscal year 
2009 and estimates that these units will be installed at airports by 
the end of calendar year 2010. In addition, TSA plans to procure an 
additional 300 AIT units in fiscal year 2010, some of which will be 
purchased with funds from the American Recovery and Reinvestment Act of 
2009.\30\ TSA plans to procure and deploy a total of 878 units at all 
category X through category IV airports.\31\ Full operating capability 
is expected in fiscal year 2014. TSA officials stated that the cost of 
the AIT is about $130,000 to $170,000 per unit, excluding installation 
costs. In addition, the estimated training costs are $50,000 per unit.
---------------------------------------------------------------------------
    \30\ According to TSA, some of the 300 AIT units to be procured in 
fiscal year 2010 will begin to be deployed to airports in the latter 
half of fiscal year 2010.
    \31\ TSA classifies the commercial airports in the United States 
into one of five security risk categories (X, I, II, III, and IV). In 
general, category X airports have the largest number of passenger 
boardings, and category IV airports have the smallest. Categories X, I, 
II, and III airports account for more than 90 percent of the Nation's 
air traffic.
---------------------------------------------------------------------------
    While TSA stated that the AIT will enhance its explosives detection 
capability, because the AIT presents a full body image of a person 
during the screening process, concerns have been expressed that the 
image is an invasion of privacy. According to TSA, to protect passenger 
privacy and ensure anonymity, strict privacy safeguards are built into 
the procedures for use of the AIT. For example, the officer who assists 
the passenger never sees the image that the technology produces, and 
the officer who views the image is remotely located in a secure 
resolution room and never sees the passenger. Officers evaluating 
images are not permitted to take cameras, cell phones, or photo-enabled 
devices into the resolution room. To further protect passengers' 
privacy, ways have been introduced to blur the passengers' images. The 
millimeter wave technology blurs all facial features, and the 
backscatter X-ray technology has an algorithm applied to the entire 
image to protect privacy. Further, TSA has stated that the AIT's 
capability to store, print, transmit, or save the image will be 
disabled at the factory before the machines are delivered to airports, 
and each image is automatically deleted from the system after it is 
cleared by the remotely located security officer. Once the remotely 
located officer determines that threat items are not present, that 
officer communicates wirelessly to the officer assisting the passenger. 
The passenger may then continue through the security process. Potential 
threat items are resolved through a direct physical pat-down before the 
passenger is cleared to enter the sterile area.\32\ In addition to 
privacy concerns, the AITs are large machines, and adding them to the 
checkpoint areas will require additional space, especially since the 
operators are segregated from the checkpoint to help ensure passenger 
privacy.
---------------------------------------------------------------------------
    \32\ TSA stated that it continues to evaluate possible display 
options that include a ``stick figure'' or ``cartoonlike'' form to 
provide greater privacy protection to the individual being screened 
while still allowing the unit operator or automated detection 
algorithms to detect possible threats.
---------------------------------------------------------------------------
TSA Reports That It Is Taking Steps to Operationally Test AITs but Has 
        Not Conducted Vulnerability Assessments
    We previously reported on several challenges TSA faces related to 
the research, development, and deployment of passenger checkpoint 
screening technologies and made a number of recommendations to improve 
this process.\33\ Two of these recommendations are particularly 
relevant today, as TSA moves forward with plans to install a total of 
878 additional AITs--completing operational testing of technologies in 
airports prior to using them in day-to-day operations and assessing 
whether technologies such as the AIT are vulnerable to terrorist 
countermeasures, such as hiding threat items on various parts of the 
body to evade detection.
---------------------------------------------------------------------------
    \33\ GAO-10-128.
---------------------------------------------------------------------------
    First, in October 2009, we reported that TSA had relied on 
technologies in day-to-day airport operations that had not been proven 
to meet their functional requirements through operational testing and 
evaluation, contrary to TSA's acquisition guidance and a knowledge-
based acquisition approach. We also reported that TSA had not 
operationally tested the AITs at the time of our review, and we 
recommended that TSA operationally test and evaluate technologies prior 
to deploying them.\34\ In commenting on our report, TSA agreed with 
this recommendation. A senior TSA official stated that although TSA 
does not yet have a written policy requiring operational testing prior 
to deployment, TSA is now including in its contracts with vendors that 
checkpoint screening machines are required to successfully complete 
laboratory tests as well as operational tests. The test results are 
then incorporated in the source selection plan. The official also 
stated that the test results are now required at key decision points by 
DHS's Investment Review Board. While recently providing GAO with 
updated information to our October 2009 report, TSA stated that 
operational testing for the AIT was completed as of the end of calendar 
year 2009. We are in the process of verifying that TSA has tested all 
of the AIT's functional requirements in an operational environment.
---------------------------------------------------------------------------
    \34\ Operational testing refers to testing in an operational 
environment in order to verify that new systems are operationally 
effective, supportable, and suitable.
---------------------------------------------------------------------------
    Deploying technologies that have not successfully completed 
operational testing and evaluation can lead to cost overruns and 
underperformance. TSA's procurement guidance provides that testing 
should be conducted in an operational environment to validate that the 
system meets all functional requirements before deployment. In 
addition, our reviews have shown that leading commercial firms follow a 
knowledge-based approach to major acquisitions and do not proceed with 
large investments unless the product's design demonstrates its ability 
to meet functional requirements and be stable.\35\ The developer must 
show that the product can be manufactured within cost, schedule, and 
quality targets and is reliable before production begins and the system 
is used in day-to-day operations.
---------------------------------------------------------------------------
    \35\ GAO, Best Practices: Using a Knowledge-Based Approach to 
Improve Weapon Acquisition, GAO-04-386SP (Washington, DC: January 
2004).
---------------------------------------------------------------------------
    TSA's experience with the ETPs, which the agency uses for secondary 
screening, demonstrates the importance of testing and evaluation in an 
operational environment. The ETP detects traces of explosives on a 
passenger by using puffs of air to dislodge particles from the 
passenger's body and clothing that the machine analyzes for traces of 
explosives. TSA procured 207 ETPs and in 2006 deployed 101 ETPs to 36 
airports, the first deployment of a checkpoint technology initiated by 
the agency.\36\ TSA deployed the ETPs even though agency officials were 
aware that tests conducted during 2004 and 2005 on earlier ETP models 
suggested that they did not demonstrate reliable performance. 
Furthermore, the ETP models that were subsequently deployed were not 
first tested to prove their effective performance in an operational 
environment, contrary to TSA's acquisition guidance, which recommends 
such testing. As a result, TSA procured and deployed ETPs without 
assurance that they would perform as intended in an operational 
environment. TSA officials stated that they deployed the machines 
without resolving these issues to respond quickly to the threat of 
suicide bombers. In June 2006, TSA halted further deployment of the ETP 
because of performance, maintenance, and installation issues. According 
to a senior TSA official, as of December 31, 2009, all but 9 ETPs have 
been withdrawn from airports and 18 ETPs remain in inventory. TSA 
estimates that the 9 remaining ETPs will be removed from airports by 
the end of calendar year 2010. In the future, using validated 
technologies would enhance TSA's efforts to improve checkpoint 
security. Furthermore, retaining existing screening procedures until 
the effectiveness of future technologies has been validated could 
provide assurances that use of checkpoint technologies improves 
aviation security.
---------------------------------------------------------------------------
    \36\ TSA deployed the ETPs from January to June 2006. Since June 
2006, TSA removed all but 9 ETPs from airports because of maintenance 
issues.
---------------------------------------------------------------------------
    Second, as we reported in October 2009, TSA does not know whether 
its explosives detection technologies, such as the AITs, are 
susceptible to terrorist tactics. Although TSA has obtained information 
on vulnerabilities at the screening checkpoint, the agency has not 
assessed vulnerabilities--that is, weaknesses in the system that 
terrorists could exploit in order to carry out an attack--related to 
passenger screening technologies, such as AITs, that are currently 
deployed. According to TSA's threat assessment, terrorists have various 
techniques for concealing explosives on their persons, as was evident 
in Mr. Abdulmutallab's attempted attack on December 25, where he 
concealed an explosive in his underwear. However, TSA has not assessed 
whether these and other tactics that terrorists could use to evade 
detection by screening technologies, such as AIT, increase the 
likelihood that the screening equipment would not detect the hidden 
weapons or explosives. Thus, without an assessment of the 
vulnerabilities of checkpoint technologies, it is unclear whether the 
AIT or other technologies would have been able to detect the weapon Mr. 
Abdulmutallab used in his attempted attack. TSA is in the process of 
developing a risk assessment for the airport checkpoints, but the 
agency has not yet completed this effort or clarified the extent to 
which this effort addresses any specific vulnerabilities in checkpoint 
technology.
    TSA officials stated that to identify vulnerabilities at airport 
checkpoints, the agency analyzes information such as the results from 
its covert testing program. TSA conducts National and local covert 
tests, whereby individuals attempt to enter the secure area of an 
airport through the passenger checkpoint with prohibited items in their 
carry-on bags or hidden on their persons. However, TSA's covert testing 
programs do not systematically test passenger and baggage screening 
technologies Nation-wide to ensure that they identify the threat 
objects and materials the technologies are designed to detect, nor do 
the covert testing programs identify vulnerabilities related to these 
technologies. We reported in August 2008 that while TSA's local covert 
testing program attempts to identify test failures that may be caused 
by screening equipment not working properly or caused by screeners and 
the screening procedures they follow, the agency's National testing 
program does not attribute a specific cause of a test failure.\37\ We 
recommended, among other things, that TSA require the documentation of 
specific causes of all National covert testing failures, including 
documenting failures related to equipment, in the covert testing 
database to help TSA better identify areas for improvement. TSA 
concurred with this recommendation and stated that the agency will 
expand the covert testing database to document test failures related to 
screening equipment.
---------------------------------------------------------------------------
    \37\ See GAO, Transportation Security: TSA Has Developed a Risk-
Based Covert Testing Program, but Could Better Mitigate Aviation 
Security Vulnerabilities Identified Through Covert Tests, GAO-08-958 
(Washington, DC: Aug. 8, 2008).
---------------------------------------------------------------------------
    In our 2009 report, we also recommended that the Assistant 
Secretary for TSA, among other actions, conduct a complete risk 
assessment--including threat, vulnerability, and consequence 
assessment--for the passenger screening program and incorporate the 
results into TSA's program strategy, as appropriate. TSA and DHS 
concurred with our recommendation, but have not completed these risk 
assessments or provided documentation to show how they have addressed 
the concerns raised in our 2009 report regarding the susceptibility of 
the technology to terrorist tactics.
    Mr. Chairman, this concludes our statement for the record.
                                 ______
                                 
            Statement of the American Civil Liberties Union
                            January 27, 2010
    Chairman Thompson, Ranking Member King, and Members of the 
committee: The American Civil Liberties Union (ACLU) has more than half 
a million members, countless additional activists and supporters, and 
53 affiliates Nation-wide. We are one of the Nation's oldest and 
largest organizations advocating in support of individual rights in the 
courts and before the Executive and Legislative branches of Government. 
In particular, throughout our history, we have been one of the Nation's 
pre-eminent advocates in support of privacy and equality. We write 
today to express our strong concern over the three substantive policy 
changes that are being considered in the wake of the attempted terror 
attack on Christmas day: the wider deployment of whole body imaging 
(WBI) devices, the expanded use of terror watch lists and increased 
screening of individuals from fourteen so-called nations of interest. 
The ACLU believes that each of these changes greatly infringe on civil 
liberties and face serious questions regarding their efficacy in 
protecting airline travelers.
    The President has already identified a failure of intelligence as 
the chief cause of the inability to detect the attempted terror attack 
on Christmas day. As such, the Government's response must be directed 
to that end. These invasive and unjust airline security techniques 
represent a dangerous diversion of resources from the real problem. 
This diversion of resources promises serious harm to American's privacy 
and civil liberties while failing to deliver significant safety 
improvements.
                            i. introduction
    WBI uses millimeter wave or X-ray technology to produce graphic 
images of passengers' bodies, essentially taking a naked picture of air 
passengers as they pass through security checkpoints. This technology 
is currently deployed at 19 airports and the Department of Homeland 
Security (DHS) recently announced the roll-out of 300 more machines by 
year end.\1\ While initially described as a secondary screening 
mechanism, DHS is now stating that WBI will be used for primary 
screening of passengers.\2\
---------------------------------------------------------------------------
    \1\ Harriet Baskas, Air security: Protection at privacy's expense? 
Msnbc.com, January 14, 2010. http://www.msnbc.msn.com/id/34846903/ns/
travel-tips/.
    \2\ Paul Giblin and Eric Lipton, New Airport X-Rays Scan Bodies, 
Not Just Bags, New York Times, February 24, 2007.
---------------------------------------------------------------------------
    Another way of screening passengers is through terror watch lists. 
The terror watch lists are a series of lists of names of individuals 
suspected of planning or executing terrorist attacks. The master list 
is maintained by the Terrorist Screening Center (TSC) and contains more 
than one million names.\3\ Subsets of this list include the No-Fly list 
(barring individuals from air travel) and the Automatic Selectee list 
(requiring a secondary screening). The names on this list and the 
criteria for placement on these lists are secret.\4\ There is no 
process allowing individuals to challenge their placement on a list or 
seek removal from a list.
---------------------------------------------------------------------------
    \3\ The Federal Bureau of Investigation's Terrorist Watchlist 
Nomination Practices, Justice Department, Office of the Inspector 
General, Audit Report 09-25, May 2009, pg 3. http://www.justice.gov/
oig/reports/FBI/a0925/final.pdf.
    \4\ Id at 70.
---------------------------------------------------------------------------
    Finally, individuals who were born in, are citizens of, or are 
traveling from fourteen nations will receive additional scrutiny under 
a policy announced by the U.S. Government after the attempted terror 
attack. As of January 19, 2010 these nations are Afghanistan, Algeria, 
Cuba, Iran, Lebanon, Libya, Iraq, Nigeria, Pakistan, Saudi Arabia, 
Somalia, Sudan, Syria and Yemen.
    The ACLU believes that Congress should apply the following two 
principles in evaluating any airline security measure:
   Efficacy. New security technologies must be genuinely 
        effective, rather than creating a false sense of security. The 
        wisdom supporting this principle is obvious: Funds to increase 
        aviation security are limited, and any technique or technology 
        must work and be substantially better than other alternatives 
        to deserve some of the limited funds available. It therefore 
        follows that before Congress invests in technologies or employs 
        new screening methods, it must demand evidence and testing from 
        neutral parties that these techniques have a likelihood of 
        success.
   Impact on Civil Liberties. The degree to which a proposed 
        measure invades privacy should be weighed in the evaluation of 
        any technology. If there are multiple effective techniques for 
        safeguarding air travel, the least intrusive technology or 
        technique should always trump the more invasive technology.
 ii. screening techniques and technologies must be effective, or they 
                    should not be utilized or funded
    The wider deployment of whole body imaging (WBI) devices, expanded 
use of terror watch lists and increased screening of individuals from 
fourteen so-called nations of interest each face significant questions 
regarding their efficacy in protecting air travelers and combating 
terrorism.
Whole Body Imaging
    There are no magic solutions or technologies for protecting air 
travelers. Ben Wallace, a current member of the British parliament who 
advised a research team at QinetiQ, a manufacturer of body screening 
devices, has stated that their testing demonstrated that these 
screening devices would not have discovered a bomb of the type used on 
Christmas day, as they failed to detect low density materials like 
powders, liquids and thin plastics.\5\ A current QinetiQ product 
manager admitted that even their newest body scan technology probably 
would not have detected the underwear bomb.\6\ The British press has 
also reported that the British Department for Transport (DfT) and the 
British Home Office have already tested the scanners and were not 
convinced they would work comprehensively against terrorist threats to 
aviation.\7\
---------------------------------------------------------------------------
    \5\ Jane Merrick, Are planned airport scanners just a scam? The 
Independent, January 3, 2010.
    \6\ Id.
    \7\ Id.
---------------------------------------------------------------------------
    In addition we know that al-Qaeda has already discovered a way to 
work around this technology. In September a suicide bomber stowed a 
full pound of high explosives and a detonator inside his rectum, and 
attempted to assassinate a Saudi prince by blowing himself up.\8\ While 
the attack only slightly wounded the prince, it fully defeated an array 
of security measures including metal detectors and palace security. The 
bomber spent 30 hours in the close company of the prince's own secret 
service agents--all without anyone suspecting a thing. WBI devices--
which do not penetrate the body--would not have detected this device.
---------------------------------------------------------------------------
    \8\ Sheila MacVicar, Al Qaeda Bombers Learn from Drug Smugglers, 
CBSnews.com, September 28, 2009
---------------------------------------------------------------------------
    The practical obstacles to effective deployment of body scanners 
are also considerable. In the United States alone, 43,000 TSA officers 
staff numerous security gates at over 450 airports and over 2 million 
passengers a day.\9\ To avoid being an ineffective ``Maginot line,'' 
these $170,000 machines will need to be put in place at all gates in 
all airports; otherwise a terrorist could just use an airport gate that 
does not have them. Scanner operators struggle constantly with boredom 
and inattention when tasked with the monotonous job of scanning 
thousands of harmless individuals when day after day, year after year, 
no terrorists come through their gate. In addition to the expense of 
buying, installing, and maintaining these machines, additional 
personnel will have to be hired to run them (unless they are shifted 
from other security functions, which will degrade those functions).
---------------------------------------------------------------------------
    \9\ http://www.tsa.gov/what_we_do/screening/
security_checkpoints.shtm.
---------------------------------------------------------------------------
    The efficacy of WBI devices must be weighed against not only their 
impact on civil liberties (discussed further below) but also their 
impact on the U.S. ability to implement other security measures. Every 
dollar spent on these technologies is a dollar that is not spent on 
intelligence analysis or other law enforcement activity. The President 
has already acknowledged that it was deficiencies in those areas--not 
aviation screening--that allowed Umar Farouk Abdulmutallab to board an 
airplane.
Watch Lists
    The events leading up to the attempted Christmas attack are a 
telling indictment of the entire watch list system. In spite of damning 
information, including the direct plea of Abdulmutallab's father, and 
other intelligence gathered about terrorist activity in Yemen, 
Abdulmutallab was not placed into the main Terrorist Screening 
Database. We believe that fact can be directly attributed to the 
bloated and overbroad nature of the list--now at more than a million 
names.\10\ The size of the list creates numerous false positives, 
wastes resources, and hides the real threats to aviation security. As 
we discuss below it also sweeps up many innocent Americans--falsely 
labeling them terrorists and providing them with no mechanism for 
removing themselves from the list.
---------------------------------------------------------------------------
    \10\ DOJ OIG Audit Report 09-25, pg 3. http://www.justice.gov/oig/
reports/FBI/a0925/final.pdf.
---------------------------------------------------------------------------
    These problems are not hypothetical. They have real consequences 
for law enforcement and safety. An April 2009 report from the Virginia 
Fusion Center states

``According to 2008 Terrorism Screening Center ground encounter data, 
al-Qa'ida was one of the three most frequently encountered groups in 
Virginia. In 2007, at least 414 encounters between suspected al-Qa'ida 
members and law enforcement or government officials were documented in 
the Commonwealth. Although the vast majority of encounters involved 
automatic database checks for air travel, a number of subjects were 
encountered by law enforcement officers.''\11\
---------------------------------------------------------------------------
    \11\ Virginia Fusion Center, 2009 Virginia Terrorism Threat 
Assessment, March 2009, pg 27.
---------------------------------------------------------------------------
    Every time a law enforcement officer encounters someone on the 
terrorist watch list (as determined by a check of the National Crime 
Information Center (NCIC) database) they contact the TSC. So in essence 
Virginia law enforcement is reporting that there are more than 400 al-
Qaeda terrorists in Virginia in a given year. This is difficult to 
believe.\12\ In reality most, if not all, of these stops are false 
positives, mistakes regarding individuals who should not be on the 
list. These false positives can only distract law enforcement from real 
dangers.
---------------------------------------------------------------------------
    \12\ The report does not state that any of these individuals were 
arrested.
---------------------------------------------------------------------------
    A 2009 report by the Department of Justice Inspector General found 
similarly troubling results. From the summary:

``We found that the FBI failed to nominate many subjects in the 
terrorism investigations that we sampled, did not nominate many others 
in a timely fashion, and did not update or remove watch list records as 
required. Specifically, in 32 of the 216 (15 percent) terrorism 
investigations we reviewed, 35 subjects of these investigations were 
not nominated to the consolidated terrorist watch list, contrary to FBI 
policy. We also found that 78 percent of the initial watch list 
nominations we reviewed were not processed in established FBI 
timeframes.

``Additionally, in 67 percent of the cases that we reviewed in which a 
watch list record modification was necessary, we determined that the 
FBI case agent primarily assigned to the case failed to modify the 
watch list record when new identifying information was obtained during 
the course of the investigation, as required by FBI policy. Further, in 
8 percent of the closed cases we reviewed, we found that the FBI failed 
to remove subjects from the watch list as required by FBI policy. 
Finally, in 72 percent of the closed cases reviewed, the FBI failed to 
remove the subject in a timely manner.''\13\
---------------------------------------------------------------------------
    \13\ DOJ OIG Audit Report 09-25, pg iv-v. http://www.justice.gov/
oig/reports/FBI/a0925/final.pdf.

    This is only the latest in a long string of Government reports 
describing the failure of the terror watch lists.\14\ In order to be an 
effective tool against terrorism these lists must shrink dramatically 
with names limited to only those for whom there is credible evidence of 
terrorist ties or activities.
---------------------------------------------------------------------------
    \14\ Review of the Terrorist Screening Center (Redacted for Public 
Release), Justice Department, Office of the Inspector General, Audit 
Report 05-27, June 2005; Review of the Terrorist Screening Center's 
Efforts to Support the Secure Flight Program (Redacted for Public 
Release), Justice Department, Office of the Inspector General, Audit 
Report 05-34, August 2005; Follow-Up Audit of the Terrorist Screening 
Center (Redacted for Public Release), Justice Department, Office of the 
Inspector General, Audit Report 07-41, September 2007; The Federal 
Bureau of Investigation's Terrorist Watchlist Nomination Practices, 
Justice Department, Office of the Inspector General, Audit Report 09-
25, May 2009; DHS Challenges in Consolidating Terrorist Watch List 
Information, Department of Homeland Security, Office of Inspector 
General, OIG-04-31, August 2004; Terrorist Watch Lists Should Be 
Consolidated to Promote Better Integration and Sharing, GAO Report to 
Congressional Requesters, GAO-03-322, April 2003; Congressional Memo 
Regarding Technical Flaws in the Terrorist Watch List, House Committee 
on Science and Technology, August 2008.
---------------------------------------------------------------------------
Aviation Screening on the Basis of Nationality
    Numerous security experts have already decried the use of race and 
national origin as an aviation screening technique.
    Noted security expert Bruce Schneier stated recently:

``[A]utomatic profiling based on name, nationality, method of ticket 
purchase, and so on . . . makes us all less safe. The problem with 
automatic profiling is that it doesn't work.

``Terrorists can figure out how to beat any profiling system.

``Terrorists don't fit a profile and cannot be plucked out of crowds by 
computers. They're European, Asian, African, Hispanic, and Middle 
Eastern, male and female, young and old. Umar Farouk Abdul Mutallab was 
Nigerian. Richard Reid, the shoe bomber, was British with a Jamaican 
father. Germaine Lindsay, one of the 7/7 London bombers, was Afro-
Caribbean. Dirty bomb suspect Jose Padilla was Hispanic-American. The 
2002 Bali terrorists were Indonesian. Timothy McVeigh was a white 
American. So was the Unabomber. The Chechen terrorists who blew up two 
Russian planes in 2004 were female. Palestinian terrorists routinely 
recruit ``clean'' suicide bombers, and have used unsuspecting 
Westerners as bomb carriers.

``Without an accurate profile, the system can be statistically 
demonstrated to be no more effective than random screening.

``And, even worse, profiling creates two paths through security: one 
with less scrutiny and one with more. And once you do that, you invite 
the terrorists to take the path with less scrutiny. That is, a 
terrorist group can safely probe any profiling system and figure out 
how to beat the profile. And once they do, they're going to get through 
airport security with the minimum level of screening every time.''\15\
---------------------------------------------------------------------------
    \15\ http://roomfordebate.blogs.nytimes.com/2010/01/04/will-
profiling-make-a-difference/.

    Schneier is not alone in this assessment. Philip Baum is the 
---------------------------------------------------------------------------
managing director of an aviation security company:

``Effective profiling is based on the analysis of the appearance and 
behavior of a passenger and an inspection of the traveler's itinerary 
and passport; it does not and should not be based on race, religion, 
nationality or color of skin . . .

``Equally, the decision to focus on nationals of certain countries is 
flawed and backward. Perhaps I, as a British citizen, should be 
screened more intensely given that Richard Reid (a.k.a. ``the 
Shoebomber'') was a U.K. passport holder and my guess is there are 
plenty more radicalized Muslims carrying similar passports. Has America 
forgotten the likes of Timothy McVeigh? It only takes one bad egg and 
they exist in every country of the world.\16\
---------------------------------------------------------------------------
    \16\ Id.

---------------------------------------------------------------------------
    Former Israeli airport security director Rafi Ron:

``My experience at Ben Gurion Airport in Tel Aviv has led me to the 
conclusion that racial profiling is not effective. The major attacks at 
Ben Gurion Airport were carried out by Japanese terrorists in 1972 and 
Germans in the 1980s. [They] did not belong to any expected ethnic 
group. Richard Reid [known as the shoe bomber] did not fit a racial 
profile. Professionally as well as legally, I oppose the idea of racial 
profiling.''\17\
---------------------------------------------------------------------------
    \17\ Katherine Walsh, Behavior Pattern Recognition and Why Racial 
Profiling Doesn't Work, CSO Online, (Feb. 1, 2006), at http://
www.csoonline.com/article/220787/
Behavior_Pattern_Recognition_and_Why_Racial_Profiling_Doesn_t_Work.

This should be the end of the discussions. Policies that don't work 
have no place in aviation security. When they are actively harmful--
wasting resources and making us less safe--they should be stopped as 
quickly as possible.
 iii. the impact on privacy and civil liberties must be weighed in any 
               assessment of aviation security techniques
    Each of the three aviation security provisions discussed in these 
remarks represents a direct attack on fundamental American values. As 
such they raise serious civil liberties concerns.
Whole Body Imaging
    WBI technology involves a striking and direct invasion of privacy. 
It produces strikingly graphic images of passengers' bodies, 
essentially taking a naked picture of air passengers as they pass 
through security checkpoints. It is a virtual strip search that reveals 
not only our private body parts, but also intimate medical details like 
colostomy bags. Many people who wear adult diapers feel they will be 
humiliated. That degree of examination amounts to a significant assault 
on the essential dignity of passengers. Some people do not mind being 
viewed naked but many do and they have a right to have their integrity 
honored.
    This technology should not be used as part of a routine screening 
procedure, but only when the facts and circumstances suggest that it is 
the most effective method for a particular individual. And such 
technology may be used in place of an intrusive search, such as a strip 
search--when there is reasonable suspicion sufficient to support such a 
search.
    TSA is also touting privacy safeguards including blurring of faces, 
the non-retention of images, and the viewing of images only by 
screeners in a separate room. Scanners with such protections are 
certainly better than those without; however, we are still skeptical of 
their suggested safeguards such as obscuring faces and not retaining 
images.
    Obscuring faces is just a software fix that can be undone as easily 
as it is applied. And obscuring faces does not hide the fact that rest 
of the body will be vividly displayed. A policy of not retaining images 
is a protection that would certainly be a vital step for such a 
potentially invasive system, but it is hard to see how this would be 
achieved in practice. TSA would almost certainly have to create 
exceptions--for collecting evidence of a crime or for evaluation of the 
system (such as in the event of another attack) for example--and it is 
a short step from there to these images appearing on the internet.
    Intrusive technologies are often introduced very gingerly with all 
manner of safeguards and protections, but once the technology is 
accepted the protections are stripped away. There are substantial 
reasons for skepticism regarding TSA promised protections for WBI 
devices. In order for these protections to be credible Congress must 
enshrine them in law.
    Finally, the TSA should invest in developing other detection 
systems that are less invasive, less costly, and less damaging to 
privacy. For example, ``trace portal detection'' particle detectors 
hold the promise of detecting explosives while posing little challenge 
to flyers' privacy. A 2002 Homeland Security report urged the 
``immediate deployment'' of relatively inexpensive explosive trace 
detectors in European airports, as did a 2005 report to Congress, yet 
according to a 2006 Associated Press article, these efforts ``were 
frustrated inside Homeland Security by `bureaucratic games', a lack of 
strategic goals and months-long delays in distributing money Congress 
had already approved.''\18\ Bureaucratic delay and mismanagement should 
not be allowed to thwart the development of more effective explosive 
detection technologies that do not have the negative privacy impact of 
WBI devices.
---------------------------------------------------------------------------
    \18\ John Solomon, Bureaucracy Impedes Bomb Detection Work, 
Washington Post, Aug. 12, 2006, at: http://www.washingtonpost.com/wp-
dyn/content/article/2006/08/12/AR2006081200269.html.
---------------------------------------------------------------------------
Watch Lists
    The creation of terrorist watch lists--literally labeling 
individuals as a terrorist--has enormous civil liberties impact. It 
means on-going and repetitive harassment at all airports--foreign and 
domestic, constant extra screening, searches and invasive questions. 
For the many innocent individuals on the lists this is humiliating and 
infuriating.
    For some it is worse. Individuals on the No-Fly list are denied a 
fundamental right, the right to travel and move about the country 
freely. Others are threatened with the loss of their job. Erich 
Sherfen, commercial airline pilot and Gulf War veteran, has been 
threatened with termination from his job as a pilot because his name 
appears on a Government watch list, which prevents him from entering 
the cockpit.\19\ Sherfen is not the only innocent person placed on a 
terror watch list. Other individuals who are either on a list or 
mistaken for those on the list include a former Assistant Attorney 
General, many individuals with the name Robert Johnson, the late 
Senator Edward Kennedy and even Nelson Mandela.\20\
---------------------------------------------------------------------------
    \19\ Jeanne Meserve, Name on government watch list threatens 
pilot's career, CNN.com, August 22, 2008, http://www.cnn.com/2008/US/
08/22/pilot.watch.list/index.html?iref=newssearch.
    \20\ For details on these individuals and many other please see: 
http://www.aclu.org/technology-and-liberty/unlikelysuspects.
---------------------------------------------------------------------------
    The most recent case--revealed just last week--is that of Mikey 
Hicks, an 8-year-old boy who has been on the Selectee list seemingly 
since birth. According to Hicks' family their travel tribulations that 
began when Mikey was an infant. When he was 2 years old, the kid was 
patted down at airport security. He's now, by all accounts, an 
unassuming bespectacled Boy Scout who has been stopped every time he 
flies with his family.\21\
---------------------------------------------------------------------------
    \21\ Lizette Alvarez, Meet Mikey, 8: U.S. Has Him on Watch List, 
New York Times, January 13, 2010.
---------------------------------------------------------------------------
    In addition, to stops at the airport watch list information is also 
placed in the National Criminal Information Center database. That means 
law enforcement routinely run names against the watch lists for matters 
as mundane as traffic stops. It's clear that innocent individuals may 
be harassed even if they don't attempt to fly.
    Nor is there any due process for removing individuals from the 
list--there is simply no process for challenging the Government's 
contention that you are a terrorist. Even people who are mistaken for 
those on the list face challenges. A September 2009 report by the 
Inspector General of the Department of Homeland Security found that the 
process for clearing innocent travelers from the list is a complete 
mess.\22\
---------------------------------------------------------------------------
    \22\ Effectiveness of the Department of Homeland Security Traveler 
Redress Inquiry Program, Department of Homeland Security, Office of the 
Inspector General OIG 09-10, September 2009. http://www.dhs.gov/xoig/
assets/mgmtrpts/OIG-09-103r_Sep09.pdf.
---------------------------------------------------------------------------
    In light of the significant and on-going harm to innocent Americans 
as well as the harm to our National security caused by the diversion of 
security resources these watch lists must be substantial reduced in 
size and fundamental due process protections imposed. Innocent 
travelers must be able to remove themselves from the list both for 
their sake and the sake of National security.
Aviation Screening on the Basis of Nationality
    This history of the civil rights movement in the 20th and 21st 
Century is a long, compelling rejection of the idea that individuals 
should be treated differently on the basis of their race or nation of 
origin. Because of that, the administration's decision to subject the 
citizens of fourteen nations flying to the United States to intensified 
screening is deeply troubling. Long-standing constitutional principles 
require that no administrative searches, either by technique or 
technology, be applied in a discriminatory matter. The ACLU opposes the 
categorical use of profiles based on race, religion, ethnicity, or 
country of origin. This practice is nothing less than racial profiling. 
Such profiling is ineffective and counter to American values.
    But the harm that profiling on the basis of national origin does to 
civil liberties is not an abstraction--it also has direct impact on 
American security interests. These harmful policies have a direct 
impact on the Muslim and Arab communities. The Senate Homeland Security 
and Government Affairs committee has heard testimony from several 
witnesses who cited the growth of Islamophobia and the polarization of 
the Muslim community as risk factors that could raise the potential for 
extremist violence.\23\ Unfairly focusing suspicion on a vulnerable 
community tends to create the very alienation and danger that we need 
to avoid.
---------------------------------------------------------------------------
    \23\ See for example, Hearing of the Senate Homeland Security and 
Governmental Affairs Committee, Violent Islamist Extremism: The 
European Experience, (June 27, 2007), particularly the testimony of 
Lidewijde Ongering and Marc Sageman, available at: http://
hsgac.senate.gov/public/
index.cfm?FuseAction=Hearings.Hearing&Hearing_ID=9c8ef805-75c8-48c2-
810dd778af31cca6.
---------------------------------------------------------------------------
    Indeed a recent United Kingdom analysis based on hundreds of case 
studies of individuals involved in terrorism reportedly identified 
``facing marginalization and racism'' as a key vulnerability that could 
tend to make an individual receptive to extremist ideology.\24\ The 
conclusion supporting tolerance of diversity and protection of civil 
liberties was echoed in a National Counterterrorism Center (NCTC) paper 
published in August 2008. In exploring why there was less violent 
homegrown extremism in the United States than the United Kingdom, the 
authors cited the diversity of American communities and the greater 
protection of civil rights as key factors.
---------------------------------------------------------------------------
    \24\ National Counterterrorism Center Conference Report, Towards a 
Domestic Counterradicalization Strategy, (August 2008)
---------------------------------------------------------------------------
    At the January 7, 2009 White House briefing regarding the security 
failures surrounding the Christmas attack, DHS Secretary Janet 
Napolitano raised a question about ``counterradicalization.''\25\ She 
asked, ``How do we communicate better American values and so forth, in 
this country but also around the globe?'' Of course the Secretary 
should know American values are communicated through U.S. Government 
policies, which is why adopting openly discriminatory policies can be 
so damaging and counterproductive to our National interests.
---------------------------------------------------------------------------
    \25\ Briefing by Homeland Security Secretary Napolitano, Assistant 
to the President for Counterterrorism and Homeland Security Brennan, 
and Press Secretary Gibbs, 1/7/10, at: http://www.whitehouse.gov/the-
pressoffice/briefing-homeland-security-secretary-napolitano-assistant-
president-counterterroris[sic].
---------------------------------------------------------------------------
                             iv. conclusion
    Ultimately security is never absolute and never will be. It is not 
wise security policy to spend heavily to protect against one particular 
type of plot, when the number of terrorist ideas that can be hatched--
not only against airlines, but also against other targets--is 
limitless. The President has identified a failure ``connect the dots'' 
by intelligence analysts as the main reason that Umar Farouk 
Abdulmutallab was able to board a flight to the United States.\26\ We 
must not lose sight of that reality. Limited security dollars should be 
invested where they will do the most good and have the best chance of 
thwarting attacks. That means investing them in developing competent 
intelligence and law enforcement agencies that will identify specific 
individuals who represent a danger to air travel and arrest them or 
deny them a visa.
---------------------------------------------------------------------------
    \26\ Jake Tapper and Sunlen Miller, Obama: Intelligence Community 
Failed to ``Connect the Dots'' in a ``Potentially Disastrous Way'', 
ABCNews.com, January 05, 2010. http://blogs.abcnews.com/politicalpunch/
2010/01/obamaintelligence-community-failed-to-connect-the-dots-in-a-
potentially-disastrous-way.html.
---------------------------------------------------------------------------
    Invasive screening mechanisms, enlarging already bloated watch 
lists, targeting on the basis of national origin--none of these 
approaches go to the heart of what went wrong on Christmas day. Instead 
they are a dangerous sideshow--one that harms our civil liberties and 
ultimately makes us less safe.

 STATEMENT OF JANE HOLL LUTE, DEPUTY SECRETARY, DEPARTMENT OF 
                       HOMELAND SECURITY

    Ms. Lute. Good morning, Mr. Chairman, Ranking Member King, 
Members of the committee. Thank you for this opportunity to 
testify on the attempted attack on December 25.
    Secretary Napolitano, Mr. Chairman, as you noted, was 
scheduled to be out of the country. In view of that, although 
her plans have changed, we have been in touch with your staff 
that I would be here to testify for the Department.
    As President Obama made clear immediately following the 
attack, at the Department of Homeland Security and across the 
Federal Government, we are determined to find and fix the 
vulnerabilities that led to this breach.
    Protecting the United States against terrorism calls upon 
the expertise and authority of multiple agencies and many 
partners. In addition to the men and women of the Department of 
Homeland Security, this includes the efforts of the departments 
of State, Defense, Justice, FBI, NCTC, and the broader 
intelligence community. It also importantly includes our State 
and local law enforcement agencies and our international 
partners and allies around the world.
    I am very pleased this morning to be joined by my 
colleagues from the Department of State and the National 
Counterterrorism Center.
    As this committee is well aware of, Mr. Chairman, boarding 
the plane means fulfilling three basic requirements. The 
individual must retain proper documentation, including a 
passport, visa, or other travel authorization, a ticket, and 
boarding pass. He or she must pass through the checkpoint 
screening to ensure that they are not concealing a dangerous 
weapon or other dangerous material on their person or in their 
baggage.
    Finally, the individual must be cleared through a pre-
flight screening process that seeks to determine if that 
individual poses a threat to the homeland security and thus 
should be denied permission to fly.
    Within this set of requirements, let me briefly describe 
the specific role the Department of Homeland Security plays. 
First, to conduct pre-flight screening, the Department is one 
of the principal consumers of intelligence gathered by other 
agencies, including the terrorist watch list, which includes 
the No-Fly list. DHS checks passengers against these lists to 
keep potential terrorists from boarding flights and to identify 
travelers who should undergo additional screening.
    Second, within the United States, DHS performs the physical 
screening at domestic airport checkpoints and provides further 
in-flight security measures in order to prevent smuggling of 
weapons or other dangerous materials on airplanes.
    Third, outside of the United States, the Department works 
with foreign governments and airlines to advise them on the 
required security measures for flights bound for the United 
States and on which passengers may prove a threat. TSA nor any 
other part of the Department, however, does not screen people 
or baggage at international airports.
    Let me say emphatically, as the President of the United 
States has said and as the Secretary of Homeland Security has 
said, that with regard to the attempted attack on December 25, 
Omar Farouk Abdulmutallab should never have been allowed to 
board a U.S.-bound airplane with explosives. As Secretary 
Napolitano has detailed in recent weeks, DHS has implemented 
numerous steps and is working closely with our Federal partners 
to fix the vulnerabilities that led to the attempted attack.
    As a consumer or a terrorist watch list information, the 
Department works closely with the FBI, with the Office of the 
Director of National Intelligence and NCTC to improve our 
ability to connect and assimilate intelligence. We are also 
taking steps to strengthen standards for international aviation 
screening and bolstering international partnerships to guard 
against a similar type of attack.
    But to be clear, Abdulmutallab was not on the No-Fly list 
and hence, did not come to our attention prior to his boarding 
the flight in Amsterdam. His presence on this list would have 
flagged him to be prevented from boarding. He was not either on 
the Selectee list, which would have flagged him for secondary 
screening. Furthermore, the physical screenings that were 
performed by foreign authorities at the airports in Nigeria and 
the Netherlands failed to detect the explosive on his person.
    Immediately following the attempted attack, the Department 
took steps to secure incoming and future flights. We directed 
the FAA to alert all 128 flights inbound to the United States 
from Europe of the situation. We increased security measures at 
domestic airports. We implemented an enhanced screening for all 
international flights coming into the United States, and we 
reached out to State and local law enforcement, air carriers, 
international partners, and relevant agencies to provide 
information they needed on the ground to take appropriate 
measures.
    In January 3, Secretary Napolitano dispatched me and my 
colleagues in the Department to meet with international 
leadership on the crisis in aviation security that was 
illustrated through the events of 12/25. We met with senior 
officials from 11 countries, plus the European Union, to 
discuss ways to strengthen aviation security, and we are 
determined to follow through on these contacts. I can report, 
as questioned, Mr. Chairman, on the results of those 
discussions.
    The Secretary has herself been in touch with international 
colleagues to identify ways to strengthen the international 
aviation security standards and procedures.
    As the Secretary said last week, and as the President has 
said, there are no 100 percent guarantees against another 
terrorist attempt to take down a plane or attack us in some 
other fashion. But what we can give you, Mr. Chairman, is the 
100 percent commitment of the Secretary, myself, Department 
leadership, and the hundreds of thousands of men and women who 
work in homeland security to do everything we can to minimize 
the risk of terrorist attack.
    Thank you again for this opportunity, Mr. Chairman, to 
appear before this committee. I look forward to your questions.
    [The statement of Ms. Lute follows:]
                  Prepared Statement of Jane Holl Lute
                            January 27, 2010
    Chairman Thompson, Ranking Member King, and Members of the 
committee: Thank you for this opportunity to testify on the attempted 
terrorist attack on Northwest Flight 253.
    The attempted attack on December 25 was a powerful illustration 
that terrorists will go to great lengths to defeat the security 
measures that have been put in place since September 11, 2001. This 
administration is determined to thwart those plans and disrupt, 
dismantle, and defeat terrorist networks by employing multiple layers 
of defense that work in concert with one another to secure our country. 
This is an effort that involves not just DHS, but many other Federal 
agencies and the international community as well.
    As our part in this effort, DHS is a consumer of the U.S. 
Government's consolidated terrorist watch list, which we use to help 
keep potential terrorists off flights within, over, or bound for the 
United States, and to identify travelers that require additional 
screening. We work with foreign governments, Interpol, and air carriers 
to strengthen global air travel security by advising them on security 
measures, and on which passengers may prove a threat. We also work with 
air carriers and airport authorities to perform physical screening at 
TSA checkpoints and to provide security measures in flight.
    Immediately following the December 25 attack, DHS took swift action 
at airports across the country and around the world. These steps 
included enhancing screening for individuals flying to the United 
States; increasing the presence of law enforcement and explosives 
detection canine teams at airports, and of air marshals in flight; and 
directing the FAA to notify the 128 flights already in-bound from 
Europe about the situation. Nonetheless, Umar Farouk Abdulmutallab 
should never have been able to board a U.S.-bound plane with the 
explosive PETN on his person. As President Obama has made clear, this 
administration is determined to find and fix the vulnerabilities in our 
systems that allowed this breach to occur.
    Agencies across the Federal Government have worked quickly to 
address what went wrong in the Abdulmutallab case. The effort to solve 
these problems is well underway, with cooperation among DHS, the 
Department of State, the Department of Justice, the intelligence 
community, and our international allies, among others. As a consumer of 
terrorist watch list information, the Department of Homeland Security 
welcomes the opportunity to contribute to the dialogue on improving the 
Federal Government's ability to connect and assimilate intelligence. We 
are also focused on improving aviation screening and expanding our 
international partnerships to guard against a similar type of attack 
occurring again. To those ends, today I want to describe the role that 
DHS currently performs in aviation security, how DHS responded in the 
immediate aftermath of the attempted attack on December 25, and how we 
are moving forward to further bolster aviation security.
                dhs' role in multiple layers of defense
    Since 9/11, the U.S. Government has employed multiple layers of 
defense across several departments to secure the aviation sector and 
ensure the safety of the traveling public. Different Federal agencies 
bear different responsibilities, while other countries and the private 
sector--especially the air carriers themselves--also have important 
roles to play.
    DHS oversees several programs to prevent individuals with terrorist 
ties from boarding flights that are headed to, within, or traveling 
over the United States or, in appropriate cases, to identify them for 
additional screening. Specifically, DHS uses information held in the 
Terrorist Screening Database (TSDB), a resource managed by the 
Terrorist Screening Center (TSC), as well as other information provided 
through the intelligence community, to screen individuals; operates the 
travel authorization program for people who are traveling to the United 
States under the Visa Waiver Program (VWP);\1\ and works with foreign 
governments, international, and regional organizations, and airlines to 
design and implement improved security standards worldwide. This 
includes routine checks against Interpol databases on wanted persons 
and lost or stolen passports on all international travelers arriving in 
the United States. The Department also performs checkpoint screenings 
at airports in the United States.
---------------------------------------------------------------------------
    \1\ The 35 countries in the Visa Waiver Program are: Andorra, 
Australia, Austria, Belgium, Brunei, the Czech Republic, Denmark, 
Estonia, Finland, France, Germany, Hungary, Iceland, Ireland, Italy, 
Japan, Latvia, Liechtenstein, Lithuania, Luxembourg, Malta, Monaco, the 
Netherlands, New Zealand, Norway, Portugal, San Marino, Singapore, 
Slovakia, Slovenia, South Korea, Spain, Sweden, Switzerland, and the 
United Kingdom (for the United Kingdom, only citizens with an 
unrestricted right of permanent abode in the United Kingdom are 
eligible for VWP travel authorizations).
---------------------------------------------------------------------------
    To provide a sense of the scale of our operations, every day, U.S. 
Customs and Border Protection (CBP) processes 1.2 million travelers 
seeking to enter the United States by land, air, or sea; the 
Transportation Security Administration (TSA) screens 1.8 million 
travelers at domestic airports; and DHS receives advanced passenger 
information from carriers operating in 245 international airports that 
are the last point of departure for flights to the United States, 
accounting for about 1,600 to 1,800 flights per day. Ensuring that DHS 
employees and all relevant Federal officials are armed with 
intelligence and information is critical to the success of these 
efforts.
Safeguards for Visas and Travel
    One of the first layers of defense in securing air travel consists 
of safeguards to prevent dangerous people from obtaining visas, travel 
authorizations, and boarding passes. To apply for entry to the United 
States prior to boarding flights bound for the United States or 
arriving at a U.S. port of entry, most foreign nationals need visas--
issued by a U.S. embassy or consulate--or, if traveling under a Visa 
Waiver Program country, travel authorizations issued through the 
Electronic System for Travel Authorization (ESTA).\2\
---------------------------------------------------------------------------
    \2\ Exceptions would be citizens of countries under other visa 
waiver authority such as the Western Hemisphere Travel Initiative or 
the separate visa waiver program for Guam and the Commonwealth of the 
Northern Mariana Islands, or those granted individual waivers of the 
visa requirement under the immigration laws.
---------------------------------------------------------------------------
    Issuing visas is the responsibility of the Department of State. At 
embassies and consulates where it is operational, the Visa Security 
Program positions personnel of U.S. Immigration and Customs Enforcement 
(ICE) to assist State Department personnel in identifying visa 
applicants who may present a security threat. For individuals traveling 
under the VWP, DHS operates ESTA, a web-based system through which 
individuals must apply for travel authorization prior to traveling to 
the United States. These systems examine an individual's information to 
assess whether he or she could pose a risk to the United States or its 
citizens, including possible links to terrorism. Without presenting a 
valid authorization to travel to the United States at the airport of 
departure, a foreign national is not able to board a U.S.-bound flight.
    The Department also works with other Federal agencies and our 
foreign partners to try to prevent possible terrorists from obtaining 
boarding passes. These include the application of the No-Fly List and 
the implementation of Secure Flight program, which I explain below.
Pre-departure screening
    As another layer of defense, DHS conducts pre-departure passenger 
screening in partnership with the airline industry and foreign 
governments in order to prevent known or suspected terrorists from 
boarding a plane bound for the United States or, as appropriate, to 
identify them for additional screening. DHS uses TSDB data, managed by 
the Terrorist Screening Center that is administered by the FBI, to 
determine who may board, who requires further screening and 
investigation, who should not be admitted, or who should be referred to 
appropriate law enforcement personnel.
    Specifically, to help make these determinations, DHS uses the No-
Fly List and the Selectee List, two important subsets within the TSDB. 
Individuals on the No-Fly List should not receive a boarding pass for a 
flight to, from, over, or within the United States. Individuals on the 
Selectee List must go through additional security measures, including a 
full-body pat-down and a full physical examination of personal effects.
    Through the Secure Flight Program, the Department is making an 
important change to the process of matching passenger identities 
against the No-Fly List and Selectee List, and fulfilling an important 
recommendation of the 9/11 Commission. Previously, responsibility for 
checking passenger manifests against these lists rested with the air 
carriers themselves. Under the Secure Flight program, DHS began to 
transfer this responsibility to TSA in 2009, and the transition is 
targeted for completion by the end of this year. In addition to 
creating a more consistent matching process for all domestic and 
international travel to the United States and strengthening the 
effectiveness of redress in preventing misidentifications, Secure 
Flight will flag potential watch list matches and immediately trigger 
law enforcement notification and coordination.
    As an additional layer of security, DHS also uses the Passenger 
Name Record (PNR), the Advanced Passenger Information System (APIS), 
and the Immigration Advisory Program (IAP) to assess a passenger's 
level of risk and, when necessary, flag them for further inspection. 
PNR data, obtained from the airline reservations systems, contains 
various elements, which may include optional information on itinerary, 
co-travelers, changes to the reservation, and payment information. PNR 
data is evaluated against ``targeting rules'' that are based on law 
enforcement data, intelligence and past case experience. APIS data, 
which carriers are required to provide to DHS at least 30 minutes 
before a flight, contains important identifying information that may 
not be included in PNR data, including verified identity and travel 
document information such as a traveler's date of birth, citizenship, 
and travel document number. DHS screens APIS information on 
international flights to or from the United States against the TSDB, as 
well as against criminal history information, records of lost or stolen 
passports, and prior immigration or customs violations. APIS is also 
connected to Interpol's lost and stolen passport database for routine 
queries on all inbound international travelers.
    Another layer in the screening process is the Immigration Advisory 
Program (IAP). The CBP officers stationed overseas under the IAP 
program at nine airports in seven countries receive referrals from CBP 
screening against the TSDB, of which the No-Fly list is a subset. IAP 
officers can make ``no board'' recommendations to carriers and host 
governments regarding passengers bound for the United States who may 
constitute security risks, but do not have the authority to arrest, 
detain, or prevent passengers from boarding planes.
Checkpoint Screenings and In-Flight Security
    The third layer of defense for air travel in which DHS plays a role 
is the screening of passengers and their baggage. TSA screens 
passengers and baggage at airports in the United States, but not in 
other countries. When a traveler at a foreign airport is physically 
screened, that screening is conducted by the foreign government, air 
carriers, or the respective airport authority.
    Domestically, TSA employs a layered approach to security, which 
includes measures both seen and unseen by travelers. The 48,000 
Transportation Security Officers at hundreds of airports across the 
country screen passengers and their baggage using advanced technology 
X-ray systems, walk-through metal detectors, explosive trace detection 
equipment, trained canines, vapor trace machines that detect liquid 
explosives, Advanced Imaging Technology, full-body pat-downs, 
explosives detection systems, Bomb Appraisal Officers, and Behavior 
Detection Officers--both at the checkpoint and throughout the airport. 
Through programs such as the Aviation Direct Access Screening Program, 
TSA also uses random and unpredictable measures to enhance security 
throughout the airport perimeter and in limited access areas of 
airports. The $1 billion in Recovery Act funds provided to TSA for 
checkpoint and checked baggage screening technology have enabled TSA to 
greatly accelerate deployment of these critical tools to keep 
passengers safe.
    In an effort to enhance international screening standards, TSA 
conducts security assessments in accordance with security standards 
established by the International Civil Aviation Organization (ICAO) at 
more than 300 foreign airports, which include foreign airports from 
which flights operate directly to the United States and all airports 
from which U.S. air carriers operate. If an airport does not meet these 
standards, TSA works with the host government to rectify the 
deficiencies and raise airport security to an acceptable level. 
Ultimately, it is the foreign government that must work to address 
these security issues.
    In long-term circumstances of non-compliance with international 
standards, TSA may recommend suspension of flight service from these 
airports to the United States. In addition, TSA inspects all U.S. and 
foreign air carriers that fly to the United States from each airport to 
ensure compliance with TSA standards and directives. Should air carrier 
security deficiencies exist, TSA works with the air carrier to raise 
compliance to an acceptable level. If an airport is located within one 
of the 35 VWP countries, DHS conducts additional audits and inspections 
as part of the statutorily mandated VWP designation and review process.
    In terms of in-flight security, Federal Air Marshals (FAM) are 
deployed on high-risk domestic and international flights where 
international partners allow FAMs to enter their country on U.S.-
flagged carriers. Thousands more volunteer pilots serve as armed, 
deputized Federal Flight Deck Officers. Additionally, armed law 
enforcement officers from Federal, State, local, and tribal law 
enforcement agencies that have a need to fly armed provide a force 
multiplier on many flights.
            dhs response to the attempted december 25 attack
    The facts of the December 25 attempted bombing are well established 
and were relayed in the report on the incident that the President 
released on January 7, 2010. On December 16, 2009, Umar Farouk 
Abdulmutallab, a Nigerian national, purchased a round-trip ticket from 
Lagos, Nigeria to Detroit. Abdulmutallab went through physical security 
screening conducted by foreign airport personnel at Murtala Muhammed 
International Airport in Lagos on December 24 prior to boarding a 
flight to Amsterdam Airport Schiphol. This physical screening included 
an X-ray of his carry-on luggage and his passing through a walk-through 
metal detector. Abdulmutallab went through additional physical 
screening, conducted by Dutch authorities, when transiting through 
Amsterdam to Northwest Flight 253 to Detroit, and presented a valid 
U.S. visa. Abdulmutallab was not on the No-Fly or Selectee Lists. 
Accordingly, the carrier was not alerted to prevent him from boarding 
the flight or additional physical screening, nor did the IAP officer 
advise Dutch authorities of any concerns.
    As with all passengers traveling on that flight, and similar to all 
other international flights arriving in the United States, CBP 
evaluated Abdulmutallab's information while the flight was en route to 
conduct a preliminary assessment of his admissibility and to determine 
whether there were requirements for additional inspection. During this 
assessment, CBP noted that there was a record that had been received 
from the Department of State, which indicated possible extremist ties. 
It did not indicate that he had been found to be a threat, or that his 
visa had been revoked. CBP officers in Detroit were prepared to meet 
Abdulmutallab upon his arrival for further interview and inspection. 
The attack on board the flight failed in no small part due to the brave 
actions of the crew and passengers aboard the plane.
Immediate DHS Response
    Following the first reports of an attempted terrorist attack on 
Northwest Flight 253 on December 25, DHS immediately put in place 
additional security measures. TSA directed the Federal Aviation 
Administration to apprise 128 U.S.-bound international flights from 
Europe of the attempted attack and to ask them to maintain heightened 
vigilance on their flights. Increased security measures were put in 
place at domestic airports, including additional explosive detection 
canine teams, State and local law enforcement, expanded presence of 
Behavior Detection Officers, and enhanced screening. That evening, DHS 
issued a security directive for all international flights to the United 
States, which mandated enhanced screening prior to departure and 
additional security measures during flight.
    From the first hours following the attempted attack, Secretary 
Napolitano worked closely with the President, senior Department 
leadership, and agencies across the Federal Government. Secretary 
Napolitano and I communicated with international partners and Members 
of Congress. The Secretary also engaged in dialogue with State and 
local leadership, the aviation industry, and with National security 
experts on counterterrorism and aviation security. The results of these 
communications culminated in two reports to the President: one on New 
Year's Eve and the second on January 2, 2010.
    One of our most important conclusions was that it is now clearer 
than ever that air travel security is an international responsibility. 
Indeed, passengers from 17 countries were aboard Flight 253. 
Accordingly, DHS has embarked upon an aggressive international program 
designed to raise international standards for airports and air safety. 
On January 3, 2010, Secretary Napolitano dispatched me and Assistant 
Secretary for Policy David Heyman to Africa, Asia, Europe, the Middle 
East, Australia, and South America to meet with international 
leadership on aviation security. In total, we met with senior officials 
from 11 countries, plus the European Union in order to discuss new ways 
to bolster collective tactics for improving global aviation security. 
Last week, Secretary Napolitano travelled to Spain to meet with her 
European Union counterparts in the first of a series of global meetings 
intended to bring about broad consensus on new, stronger, and more 
consistent international aviation security standards and procedures.
    In addition to these efforts, the Department has been in close 
contact with Congress, our international partners, the aviation 
industry and State and local officials across the country since the 
afternoon of the attempted attack. On December 25, the Department 
issued a joint bulletin with the FBI to State and local law enforcement 
throughout the Nation; conducted calls with major airlines and the Air 
Transport Association; distributed the FBI-DHS joint bulletin to all 
Homeland Security Advisors, regional fusion center directors and Major 
City Homeland Security Points of Contact in the country; and notified 
foreign air carriers with flights to and from the United States of the 
additional security requirements. DHS has maintained close contact with 
all of these partners since the attempted attack, and will continue to 
do so.
    On January 3, TSA issued a new Security Directive, effective on 
January 4, mandating enhanced passenger screening.
               steps forward to improve aviation security
    While these immediate steps helped strengthen our security posture 
to face current threats to our country, as President Obama has made 
clear, we need to take additional actions to address the systemic 
vulnerabilities highlighted by this failed attack. On January 7, 
Secretary Napolitano was joined by Assistant to the President for 
Counterterrorism and Homeland Security John Brennan to announce five 
recommendations DHS made to the President as a result of the security 
reviews ordered by President Obama. At the President's direction, DHS 
will pursue these five objectives to enhance the protection of air 
travel from acts of terrorism.
    First, DHS will work with our interagency partners to re-evaluate 
and modify the criteria and process used to create terrorist watch 
list, including adjusting the process by which names are added to the 
No-Fly and Selectee Lists. The Department's ability to prevent 
terrorists from boarding flights to the United States depends upon 
these lists and the criteria used to create them. As an entity that is 
primarily a consumer of this intelligence and the operator of programs 
that rely on these lists, the Department will work closely with our 
partners in the intelligence community to make clear the kind of 
information DHS needs from the watch list system.
    Second, DHS will establish a partnership on aviation security with 
the Department of Energy and its National Laboratories in order to use 
their expertise to bolster our security. This new partnership will work 
to develop new and more effective technologies that deter and disrupt 
known threats, as well as anticipate and protect against new ways that 
terrorists could seek to board an aircraft with dangerous materials.
    Third, DHS will accelerate deployment of Advanced Imaging 
Technology to provide capabilities to identify materials such as those 
used in the attempted December 25 attack, and we will encourage foreign 
aviation security authorities to do the same. TSA currently has 40 
machines deployed at nineteen airports throughout the United States, 
and plans to deploy at least 450 additional units in 2010. DHS will 
also seek to increase our assets in the area of explosives-trained 
canines, explosives detection equipment, and other security personnel.
    Fourth, DHS will strengthen the presence and capacity of aviation 
law enforcement. As an interim measure, we will deploy law enforcement 
officers from across DHS to serve as Federal Air Marshals to increase 
security aboard U.S.-flag carriers' international flights. At the same 
time, we will maintain the current tempo of operations to support high-
risk domestic flights, as we look to longer-term solutions to enhance 
the training and workforce of the Federal Air Marshal Service.
    Fifth, as mentioned earlier, DHS will work with international 
partners to strengthen international security measures and standards 
for aviation security. Much of our success in ensuring that terrorists 
do not board flights to the United States is dependent on what happens 
in foreign airports and the commitments of our foreign partners to 
enhance security--not just for Americans, but also for their nationals 
traveling to this country.
    In all of these action areas to bolster aviation security, we are 
moving forward with a dedication to safeguard the privacy and rights of 
travelers.
                               conclusion
    President Obama has made clear that we will be unrelenting in using 
every element of our National power in our efforts around the world to 
disrupt, dismantle, and defeat al-Qaeda and other violent extremists.
    While we address the circumstances behind this specific incident, 
we must also recognize the evolving threats posed by terrorists, and 
take action to ensure that our defenses continue to evolve in order to 
defeat them. We live in a world of ever-changing risks, and we must 
move as aggressively as possible both to find and fix security flaws 
and anticipate future vulnerabilities in all sectors. President Obama 
has clearly communicated the urgency of this task, and the American 
people rightfully expect swift action. DHS and our Federal partners are 
moving quickly to provide just that.
    As Secretary Napolitano said last week, there is no 100 percent 
guarantee that we can prevent a terrorist from trying to take down a 
plane or attack us in some other fashion. That is not the nature of the 
world we live in, nor of the threats that we face. What we can give 
you, however, is the 100 percent commitment of the Secretary, myself, 
DHS leadership, and the entire DHS enterprise to do everything we can 
to minimize the risk of terrorist attacks.
    Chairman Thompson, Representative King, and Members of the 
committee: Thank you for this opportunity to testify. I am happy to 
answer any questions you may have.

    Chairman Thompson. Thank you for your testimony, Dr. Lute.
    I now recognize Under Secretary Kennedy to summarize his 
statement for 5 minutes.

 STATEMENT OF PATRICK F. KENNEDY, UNDER SECRETARY, MANAGEMENT, 
                      DEPARTMENT OF STATE

    Mr. Kennedy. Thank you, sir. Chairman Thompson, Ranking 
Member King, distinguished Members of the committee, thank you 
for the opportunity to appear before you today.
    After the attempted bombing of Flight 253, Secretary 
Clinton stated, ``We are all looking hard at what did happen in 
order to improve our procedures, to avoid human errors, 
mistakes, oversights of any kind, and we are going to be 
working hard with the rest of the administration to improve 
every aspect of our effort.''
    This introspective review and the concurrent interagency 
review are on-going. We appreciate this committee's interest 
and support as we continue this review process, noting in 
particular the recent committee staff visit to our consular 
facility in London. We recognize the gravity of the threat we 
face, and we consider ourselves the first line of defense in 
our National security efforts. We acknowledge that processes 
need to be improved, and here are the steps we have already 
taken.
    The State Department misspelled Umar Farouk Abdullah's name 
in our Visas Viper report. As a result, we did not have that 
information about his current U.S. visa in that report. To 
prevent that from occurring again, we instituted new procedures 
to ensure comprehensive visa information is included in all our 
Visas Viper reporting. This will highlight the visa application 
and issuance material also available already in the data that 
we have shared with our National security partners.
    We are also reevaluating the procedures and criteria used 
to revoke visas. The State Department has broad and flexible 
authority to revoke visas. Since 2001, we have revoked over 
51,000 visas for a variety of reasons, including over 1,700 
suspected links to terror.
    New watchlisting information coming from the intelligence 
and law enforcement community is continually checked every day 
against the database of previously issued visas. We can and do 
revoke visas and circumstances where an immediate threat is 
recognized. We can and do revoke visas to the point of people 
seeking to board aircraft, preventing their boarding in 
coordination with the FBI's National Targeting Center. We 
revoke visas under these circumstances almost daily. We are 
standardizing procedures for triggering revocations from the 
field and are adding revocation recommendations to the Visas 
Viper report.
    At the same time, expeditious coordination with our 
National security partners is not to be underestimated. There 
have been numerous cases where a State Department unilateral 
and uncoordinated revocation would have disrupted important 
investigations that were under way by one of our National 
security partners.
    The individual involved was under active investigation, and 
our revocation action would have disclosed the United States 
Government's interest in that individual and ended our National 
security colleague's ability to pursue the case and identify 
terrorist plans and co-conspirators.
    We will continue to closely coordinate visa revocation 
processes with our intelligence and law enforcement partners, 
while also constantly making enhancements to the security and 
integrity of the visa process. Information sharing and 
coordinated action are foundations of the border security 
systems put in place since 9/11, and they remain sound 
principles.
    The State Department has close and productive relationships 
with our interagency partners, particularly with the Department 
of Homeland Security, which has statutory authority for visa 
policy. The State Department brings unique assets and 
capabilities to this partnership. Our global presence, 
international expertise, and highly trained personnel provide 
us singular advantages in supporting the visa function 
throughout the world.
    We developed and implemented intensive screening processes 
requiring personal interviews and supported by a sophisticated 
global information network. This front line of border security 
has visa offices in virtually every country of the world and 
are staffed by highly trained, multilingual, culturally aware 
personnel of the State Department.
    We support them with the latest technology and access to 
enhanced screening tools and information systems. We are 
introducing a new generation of visa software to more 
efficiently manage our growing mission and the increasing 
amounts of data we handle. We are pioneers in the use of 
biometrics, a leader in the field of facial recognition, and we 
are expanding into the field of iris screening. We have and 
will continue to automate processes to reduce the possibility 
of human error.
    The State Department makes all visa information available 
to other agencies, giving them immediate access to over 13 
years of data. We introduced on-line visa applications in 2009, 
which expanded our data collection tenfold and provide new 
information readily available for analysis by the State 
Department and by other agencies. This system is being rolled 
out worldwide in a few months.
    We embrace a layered approach to border security screening, 
which results in multiple agencies having an opportunity to 
review information and requires separate reviews at both the 
visa application and admission stage. No visa--no visa--is 
issued without it being run through security checks against our 
partners' databases. We screen applicants' fingerprints against 
U.S. databases, and we run our facial recognition software 
against the photo array provided by the intelligence community.
    At the same time we believe that U.S. interests in 
legitimate trade, travel, and educational exchanges are not in 
opposition to border security. In fact, the United States must 
strive to meet both goals to guarantee our long-term security.
    Again, the multi-agency team effort to which each agency 
brings its particular strengths and expertise results in a 
robust and secure process, a process based on broadly shared 
information. We remain fully committed to correcting mistakes 
and remedying deficiencies that inhibit the full and timely 
sharing of information.
    We fully recognize that we are not perfect in our reporting 
in connection with this case. However, we are working and will 
continue to work not only to address shortcomings, but to 
continually enhance our border security screening capabilities 
and the contributions we make to this interagency effort.
    Thank you very much, Mr. Chairman. I look forward to your 
questions.
    [The statement of Mr. Kennedy follows:]
                Prepared Statement of Patrick F. Kennedy
                            January 27, 2010
    Chairman Thompson, Ranking Member King and distinguished Members of 
the committee, thank you for the opportunity to address you today. As a 
result of the attempted terrorist attack on Flight 253, the President 
ordered corrective steps to address systemic failures in procedures we 
use to protect the people of the United States. Secretary Clinton 
reiterated this direction when she stated, ``we all are looking hard at 
what did happen in order to improve our procedures to avoid human 
errors, mistakes, oversights of any kind. We in the State Department 
are fully committed to accepting our responsibility for the mistakes 
that were made, and we're going to be working hard with the rest of the 
Administration to improve every aspect of our efforts.'' Therefore, the 
Department of State now is working on reviewing visa issuance and 
revocation criteria and determining how technological enhancements can 
facilitate and strengthen visa-related business processes.
    Our immediate attention is on addressing the deficiencies 
identified following the attempted attack on Flight 253. At the same 
time we continue to plan for the future, incorporating new technology, 
increasing data sharing and enhancing operational cooperation with 
partner agencies. We have a record of quickly adapting and improving 
our procedures to respond to security imperatives. We have a highly 
trained global team working daily to protect our borders and fulfill 
the overseas border security mission and other critical tasks ranging 
from crisis management to protection of American interests abroad. 
Within the Department we have a dynamic partnership between the Bureau 
of Consular Affairs and the Bureau of Diplomatic Security that adds a 
valuable law enforcement and investigative component to our 
capabilities. We will use these strengths to address the continuing 
security threats.
    In the case of Umar Farouk Abdulmutallab, on the day following his 
father's November 19 visit to the Embassy, we sent a cable to the 
Washington intelligence and law enforcement community through proper 
channels (the Visas Viper system) that ``Information at post suggests 
[that Farouk] may be involved in Yemeni-based extremists.'' At the same 
time, the Consular Section entered Abdulmutallab into the Consular 
Lookout and Support System database known as CLASS. In sending the 
Visas Viper cable and checking State Department records to determine 
whether Abdulmutallab had a visa, Embassy officials misspelled his 
name, but entered it correctly into CLASS. As a result of the 
misspelling in the cable, information about previous visas issued to 
him and the fact that he currently held a valid U.S. visa was not 
included in the cable. At the same time the CLASS entry resulted in a 
lookout using the correct spelling that was shared automatically with 
the primary lookout system used by the Department of Homeland Security 
(DHS) and accessible to other agencies.
    We have taken immediate action to improve the procedures and 
content requirements for Visas Viper cable reporting that will call 
attention to the visa application and issuance material that is already 
in the data that we share with our National security partners. All 
officers have been instructed to include complete information about all 
previous and current U.S. visa(s). This guidance includes specific 
methods to comprehensively and intensively search the database of visa 
records so that all pertinent information is obtained.
    In addition to this change in current procedures to search visa 
records, we immediately began working to refine the capability of our 
current systems. When dealing with applications for visas, we employ 
strong, sophisticated name searching algorithms to ensure matches 
between names of visa applicants and any derogatory information 
contained in the 27 million records found in CLASS. This strong 
searching capability has been central to our procedures since automated 
lookout system checks were mandated following the 1993 World Trade 
Center bombing. We will use our significant experience with search 
mechanisms for derogatory information to improve the systems for 
checking our visa issuance records.
    The Department of State has been matching new threat information 
with our records of existing visas since 2002. We have long recognized 
this function as critical to the way we manage our records and 
processes. This system of continual vetting has evolved as post-9/11 
reforms were instituted and is now performed by the Terrorist Screening 
Center (TSC). All records added to the Terrorist Screening Database are 
checked against the Department's Consolidated Consular Database (CCD) 
to determine if there are matching visa records. Matches are sent 
electronically from the TSC to the Department of State to flag cases 
for visa revocation. In almost all such cases, visas are revoked. In 
addition, we have widely disseminated our data to other agencies that 
may wish to learn whether a subject of interest has a U.S. visa. Cases 
for revocation consideration are forwarded to us by DHS/Customs and 
Border Protection's (CBP) National Targeting Center (NTC) and other 
entities. Almost every day, we receive requests to review and, if 
warranted, revoke visas for potential travelers for whom new derogatory 
information has been discovered since the visa was issued. Our 
Operations Center is staffed 24 hours per day/7 days per week to work 
these issues. Many of these requests are urgent because the person is 
about to board a plane. The State Department then uses its authority to 
prudentially revoke the visa.
    Since the Presidentially-ordered Security Review, there have been 
changes in the thresholds for adding individuals to the Terrorist 
Screening Database, No-Fly, and Selectee lists. The number of 
revocations has increased substantially as a result. This revocation 
work is processed electronically in the Department. As soon as 
information is established to support a revocation, an entry showing 
the visa revocation is added electronically to the Department of 
State's lookout system and shared in real time with the DHS lookout 
systems used for border screening.
    In addition to these changes, the Department is reviewing the 
procedures and criteria used in the field to revoke visas and will 
issue new instructions to our officers. Revocation recommendations will 
be added as an element of reporting through the Visas Viper channel. We 
will be reiterating our guidance on use of the broad discretionary 
authority of visa officers to deny visas on security and other grounds. 
Instruction in appropriate use of this authority has been a fundamental 
part of officer training for several years.
    The State Department has broad and flexible authority to revoke 
visas and we use that authority widely to protect our borders. Since 
2001, we have revoked 51,000 visas for a variety of reasons, including 
over 1,700 for suspected links to terrorism. We have been actively 
using this authority as we perform internal scrubs of our data with 
watch list information provided by partner agencies. For example, we 
are re-examining information in our CLASS database on individuals with 
potential connections to terrorist activity or support for such 
activity. We are reviewing all previous Visas Viper submissions as well 
as cases that other agencies are bringing to our attention from the No-
Fly and Selectee lists, as well as other sources. In these reviews, we 
have identified cases for revocation and we have also confirmed that 
substantial numbers of individuals in these classes hold no visas and 
of those few who did, many were revoked prior to the current review. We 
recognize the gravity of the threat we face and are working intensely 
with our colleagues from other agencies to ensure that when the U.S. 
Government obtains information that a person may pose a threat to our 
security, that person does not hold a visa.
    We will use revocation authority prior to interagency consultation 
in circumstances where we believe there is an immediate threat. 
Revocation is an important tool in our border security arsenal. At the 
same time, expeditious coordination with our National security partners 
is not to be underestimated. There have been numerous cases where our 
unilateral and uncoordinated revocation would have disrupted important 
investigations that were underway by one of our National security 
partners. They had the individual under investigation and our 
revocation action would have disclosed the U.S. Government's interest 
in the individual and ended our colleagues' ability to quietly pursue 
the case and identify terrorists' plans and co-conspirators.
    In addition to revocation efforts, consular officers refused 
1,885,017 visas in fiscal year 2009. We now are renewing guidance to 
our officers on their discretionary authority to refuse visas under 
section 214(b) of the Immigration and Nationality Act with specific 
reference to cases that raise security concerns. No visa is issued 
without it being run through security checks against our partners' 
data. And we screen applicants' fingerprints against U.S. databases as 
well.
    The Department has a close and productive partnership with DHS, 
which has authority for visa policy. Over the past 7 years both 
agencies significantly increased resources, improved procedures, and 
upgraded systems devoted to supporting the visa function. DHS receives 
all of the information collected by the Department of State during the 
visa process. DHS has broad access to our entire CCD, containing 136 
million records related to both immigrant and nonimmigrant visas and 
covering visa actions of the last 13 years. Special extracts of data 
are supplied to elements within DHS, including the Visa Security Units 
of Immigration and Customs Enforcement (ICE). These extracts have been 
tailored to the specific requirements of those units. We are working 
closely with ICE Visa Security Units established abroad and with 
domestic elements of DHS, such as CBP's National Targeting Center.
    We gave DHS access to U.S. passport records, used by CBP to confirm 
the identity of citizens returning to the United States. We developed 
new card-type travel documents that work with the automated systems CBP 
installed at the U.S. land borders. We are collecting more information 
electronically and earlier in the process. Expanded data collection 
done in advance of travel will give DHS and partner agencies richer 
information and more time for analysis.
    We make all of our visa information available to other involved 
agencies, and we specifically designed our systems to facilitate 
comprehensive data sharing. We give other agencies immediate access to 
over 13 years of visa data, and they use this access extensively. In 
November 2009, more than 16,000 employees of DHS, the Department of 
Defense (DOD), the FBI and Commerce made 920,000 queries on visa 
records. We embrace a layered approach to border security screening and 
are fully supportive of the DHS Visa Security Program.
    The Department of State is at the forefront of interagency 
cooperation and data sharing to improve border security, and we 
embarked on initiatives that will position us to meet future challenges 
while taking into consideration our partner agencies and their specific 
needs and requirements. We are implementing a new generation of visa 
processing systems that will further integrate information gathered 
from domestic and overseas activities. We are restructuring our 
information technology architecture to accommodate the unprecedented 
scale of information we collect and to keep us agile and adaptable in 
an age of intensive and growing requirements for data and data sharing.
    We proactively expanded biometric screening programs and spared no 
effort to integrate this expansion into existing overseas facilities. 
In partnership with DHS and the FBI, we established the largest 
biometric screening process on the globe. We were a pioneer in the use 
of facial recognition techniques and remain a leader in operational use 
of this technology. In 2009 we expanded use of facial recognition from 
a selected segment of visa applications to all visa applications. We 
now are expanding our use of this technology beyond visa records. We 
are testing use of iris recognition technology in visa screening, 
making use of both identity and derogatory information collected by 
DOD. These efforts require intense on-going cooperation from other 
agencies. We successfully forged and continue to foster partnerships 
that recognize the need to supply accurate and speedy screening in a 
24/7 global environment. As we implement process and policy changes, we 
are always striving to add value in both border security and in 
operational results. Both dimensions are important in supporting the 
visa process.
    The Department of State is an integral player on the border 
security team. We are the first line of defense. Our global presence, 
foreign policy mission, and personnel structure give us singular 
advantages in executing the visa function throughout the world. Our 
authorities and responsibilities enable us to provide a global 
perspective to the visa process and its impact on U.S. National 
interests. The issuance and refusal of visas has a direct impact on 
foreign relations. Visa policy quickly can become a significant 
bilateral problem that harms U.S. interests if handled without 
consideration of foreign policy impacts. The conduct of U.S. visa 
policy has a direct and significant impact on the treatment of U.S. 
citizens abroad. The Department of State is in a position to anticipate 
and weigh those possibilities.
    We developed and implemented intensive screening processes 
requiring personal interviews, employing analytic interview techniques, 
incorporating multiple biometric checks, all built around a 
sophisticated global information technology network. This frontline of 
border security has visa offices present in virtually every country of 
the world. They are staffed by highly trained and multi-lingual 
personnel of the Department of State. These officials are dedicated to 
a career of worldwide service and provide the cultural awareness, 
knowledge, and objectivity to ensure that the visa function remains the 
frontline of border security.
    In addition, we have 145 officers and 540 locally employed staff 
devoted specifically to fraud prevention and document security, 
including fraud prevention officers at overseas posts. We have a large 
Fraud Prevention Programs office in Washington, DC that works very 
closely with the Bureau of Diplomatic Security, and we have fraud 
screening operations using sophisticated database checks at both the 
Kentucky Consular Center and the National Visa Center in Portsmouth, 
New Hampshire. Their role in flagging applications and applicants who 
lack credibility, who present fraudulent documents, or who give us 
false information adds a valuable dimension to our visa process.
    The Bureau of Diplomatic Security adds an important law enforcement 
element to the Department's visa procedures. There are now 50 Assistant 
Regional Security Officer Investigators abroad specifically devoted to 
maintaining the integrity of the process. They are complemented by 
officers working domestically on both visa and passport matters. These 
Diplomatic Security officers staff a unit within the Bureau of Consular 
Affairs that monitors overseas visa activities to detect risks and 
vulnerabilities. These highly trained law enforcement professionals add 
another dimension to our border security efforts.
    The multi-agency team effort on border security, based upon broadly 
shared information, provides a solid foundation. At the same time we 
remain fully committed to correcting mistakes and remedying 
deficiencies that inhibit the full and timely sharing of information. 
We have and we will continue to automate processes to reduce the 
possibility of human error. We fully recognize that we were not perfect 
in our reporting in connection with the attempted terrorist attack on 
Flight 253. We are working and will continue to work not only to 
address that mistake but to continually enhance our border security 
screening capabilities and the contributions we make to the interagency 
effort.
    We believe that U.S. interests in legitimate travel, trade 
promotion, and educational exchange are not in conflict with our border 
security agenda and, in fact, further that agenda in the long term. Our 
long-term interests are served by continuing the flow of commerce and 
ideas that are the foundations of prosperity and security. Acquainting 
people with American culture and perspectives remains the surest way to 
reduce misperceptions about the United States. Fostering academic and 
professional exchange keeps our universities and research institutions 
at the forefront of scientific and technological change. We believe the 
United States must meet both goals to guarantee our long-term security.
    We are facing an evolving threat. The tools we use to address this 
threat must be sophisticated and agile. Information obtained from these 
tools must be comprehensive and accurate. Our criteria for taking 
action must be clear and coordinated. The team we use for this mission 
must be the best. The Department of State has spent years developing 
the tools and personnel needed to properly execute the visa function 
overseas and remains fully committed to continuing to fulfill its 
essential role on the border security team.

    Chairman Thompson. Thank you for your testimony.
    I now recognize Director Leiter to summarize his statement 
for 5 minutes.

      STATEMENT OF MICHAEL E. LEITER, DIRECTOR, NATIONAL 
                    COUNTERTERRORISM CENTER

    Mr. Leiter. Chairman Thompson, Ranking Member King, Members 
of the committee, thank you for holding this hearing on the 
events of Christmas day.
    Let me start with the most crystal-clear assertion I can 
make. Omar Farouk Abdulmutallab should not have boarded that 
plane bound for the United States on Christmas day. The 
counterterrorism system failed, and I along with other leaders 
have told the President--I tell you, I am telling the American 
people--we are determined to do better.
    I have also pledged to the President, along with the DNI, a 
fresh and penetrating look at the human and technical factors 
that we think contributed to this failure and try to determine 
ways that we can improve our performance. The President has 
tasked me with two specific responsibilities--one, a 
methodology of pursuing follow-up actions for all threats and 
threads as we detect them, and second, a dedicated capability 
at NCTC to enhance watch list records.
    In addition, I am, of course, working with the DNI, with 
Leon Panetta, with Bob Mueller and other members of the IC to 
work on intelligence community-specific improvements.
    I would like to briefly summarize the events of Christmas 
day from our perspective and what went wrong. I want to start 
by debunking something that has become conventional wisdom, 
that this is a failure just like 9/11. As the President has 
said, this was not, like 2001, a failure to collect or share 
intelligence. Rather, it was a failure to connect, integrate, 
and understand the intelligence.
    Now, one is not necessarily a lead to the more tragic 
consequences than the other, but the differences in those 
failures obviously lead to a different set of reforms that 
might be necessary.
    Although the National Counterterrorism Center and the 
intelligence community have long warned, going back to 2008, 
2009, about the threat posed by al-Qaeda in Yemen, we did not 
correlate the specific information that would have kept 
Abdulmutallab off that flight.
    We did highlight the growing threat of al-Qaeda in Yemen. 
We also focused on targets in Yemen, but in the fall of 2009 we 
increased the need to talk about the possibility of al-Qaeda 
from Yemen targeting the United States. We also in fact 
analyzed the information that al-Qaeda was working with an 
individual who, only again after the fact, did we know to be 
Abdulmutallab.
    Finally, the intelligence community also warned repeatedly 
of the type of explosive device that was ultimately used by 
Abdulmutallab and the ways in which that device could be used 
to undermine U.S. aviation screening. But again, despite having 
identified these overall streams, we failed to make the last 
final connection, what I would refer to as the last tactical 
mile here, linking Abdulmutallab's identity to the plot that 
was in train.
    We indeed had the information that came from his father 
that he was concerned about his son going to Yemen, coming 
under the influence of religious extremists, and that he was 
not going to return home. We also had streams of information 
from other intelligence channels that provide the pieces of the 
story. We had a partial name, an indicator of a Nigerian, but 
there was no single piece of intelligence that brought that 
together, nor did we at NCTC or elsewhere in the intelligence 
community do that in our analysis.
    As a result, although Mr. Abdulmutallab was identified with 
respect to terrorists and placed in the Terrorist Identities 
Datamart Environment, he was not watchlisted based on the 
information that was associated with him, nor was the placed on 
the No-Fly or Selectee list.
    Had all the information the United States had available at 
the time that link together, his name would have been 
watchlisted and thus on the visa screening list and the border 
inspection list. Whether he would have been placed on the No-
Fly and Selectee list, based on the existing standards, would 
have been determined by the strength of our analytic judgment. 
As I have already said, I believe, one of the clear lessons we 
have learned is a need to re-examine the standards for 
inclusion on these various watch lists.
    Finally, and I hope I have made clear I have no desire to 
try to make excuses for what we did not do, because there are 
things that we didn't do well and we didn't do right. I do want 
to give you at least a bit of context about the context in 
which this failure occurred.
    Every day the National Counterterrorism Center receives 
literally thousands of pieces of intelligence related to CT--
more than 5,000 a day; well over 5,000. We review well over 
5,000 names each day. Each day more than 350 individuals are 
actually placed on the watch list.
    Now, in hindsight we can say with a high degree of 
confidence that Abdulmutallab was plotting with AQAP. Although 
we obviously have to do better, we have to recognize that in my 
view there is no single silver bullet, and that is especially 
true as this terror threat we face becomes more multi-
dimensional and more dispersed away from traditional areas of 
promoting terrorism.
    So while watchlisting and intelligence are critical tools 
in this fight, I would echo the Chairman's statement of the 
need for a layered approach to counterterrorism, which includes 
technology, international screening and cooperation and the 
like.
    Now, very quickly, I would like to outline the ways in 
which we are improving the system already. As I have noted, the 
President has assigned to the interagency to review the 
standards for inclusion on the watch lists, including the No-
Fly Selectee list. This has been done.
    In addition, we have immediately moved additional resources 
to focusing on Yemen and other al-Qaeda affiliates that we 
believe pose a threat to U.S. homeland security.
    Third, we are trying to move away from a names-based system 
of pursuing these threats, ensuring that our analysts have the 
time and resources to pursue the small tidbits of information 
so they can in fact associate that with individuals and ensure 
proper watchlisting.
    Finally, as I also noted at the outset, under the 
President's direction we are expanding and deepening our 
allocation of responsibility for specific follow-up actions for 
a wide range of threats, not just those that appear to be high-
priority threats in the beginning.
    With that, Mr. Chairman, I very much look forward to 
working with this committee and fielding your questions as we 
work on this together.
    [The statement of Mr. Leiter follows:]
                Prepared Statement of Michael E. Leiter
                            27 January 2010
    Chairman Thompson, Ranking Member King, and Members of the 
Committee on Homeland Security: Thank you for your invitation to appear 
before the committee to discuss the events leading up to the attempted 
terrorist attack on Christmas day and the improvements the National 
Counterterrorism Center and the intelligence community have underway to 
fix deficiencies.
    It is my privilege to be accompanied by Jane Holl Lute, Deputy 
Secretary of Homeland Security and Patrick Kennedy, Under Secretary of 
State for Management.
    The attempted terrorist attack on Christmas day did not succeed, 
but, as one of several recent attacks against the United States 
inspired by jihadist ideology or directed by al-Qaeda and its 
affiliates, it reminds us that our mission to protect Americans is 
unending.
    Let's start with this clear assertion: Umar Farouk Abdulmutallab 
should not have stepped on that plane. The counterterrorism system 
failed and we told the President we are determined to do better.
    Within the intelligence community we had strategic intelligence 
that al-Qaeda in the Arabian Peninsula (AQAP) had the intention of 
taking action against the United States prior to the failed attack on 
December 25, but, we did not direct more resources against AQAP, nor 
insist that the watchlisting criteria be adjusted prior to the event. 
In addition, the intelligence community analysts who were working hard 
on immediate threats to Americans in Yemen did not understand the 
fragments of intelligence on what turned out later to be Mr. 
Abdulmutallab, so they did not push him onto the terrorist watch list.
    We are taking a fresh and penetrating look at strengthening both 
human and technical performance and do what we have to do in all areas. 
Director of National Intelligence Blair and I have specifically been 
tasked by the President to improve and manage work in four areas:
   Immediately reaffirm and clarify roles and responsibilities 
        of the counterterrorism analytic components of the IC in 
        synchronizing, correlating, and analyzing all sources of 
        intelligence related to terrorism.
   Accelerate information technology enhancements, to include 
        knowledge discovery, database integration, cross-database 
        searches, and the ability to correlate biographic information 
        with terrorism-related intelligence.
   Take further steps to enhance the rigor and raise the 
        standard of tradecraft of intelligence analysis, especially 
        analysis designed to uncover and prevent terrorist plots.
   Ensure resources are properly aligned with issues 
        highlighted in strategic warning analysis.
    Additionally, NCTC has been tasked by the President to do the 
following:
   Establish and resource appropriately a process to prioritize 
        and to pursue thoroughly and exhaustively terrorism threat 
        threads, to include the identification of appropriate follow-up 
        action by the intelligence, law enforcement, and homeland 
        security communities.
   Establish a dedicated capability responsible for enhancing 
        record information on possible terrorist in the Terrorist 
        Identities Datamart Environment for watchlisting purposes.
           the events leading up to the christmas day attack
    I will now briefly discuss some of the details of the bombing 
attempt and what we missed. As the President has said, this was not--
like in 2001--a failure to collect or share intelligence; rather it was 
a failure to connect, integrate, and understand the intelligence we 
had.
    Although NCTC and the intelligence community had long warned of the 
threat posed by al-Qaeda in the Arabian Peninsula, we did not correlate 
the specific information that would have been required to help keep 
Abdulmutallab off that Northwest Airlines flight.
    More specifically, the intelligence community highlighted the 
growing threat to U.S. and Western interests in the region posed by 
AQAP, whose precursor elements attacked our embassy in Sana'a in 2008. 
Our analysis focused on AQAP's plans to strike U.S. targets in Yemen, 
but it also noted--increasingly in the fall of 2009--the possibility of 
targeting the United States. We had analyzed the information that this 
group was working with an individual who we now know was the individual 
involved in the Christmas attack.
    In addition, the intelligence community warned repeatedly of the 
type of explosive device used by Abdulmutallab and the ways in which it 
might prove a challenge to screening. Of course, at the Amsterdam 
airport, Abdulmutallab was subjected to the same screening as other 
passengers--he passed through a metal detector, which didn't detect the 
explosives that were sewn into his clothes.
    As I have noted, despite our successes in identifying the overall 
themes that described the plot we failed to make the final 
connections--the ``last tactical mile''--linking Abdulmutallab's 
identity to the plot. We had the information that came from his father 
that he was concerned about his son going to Yemen, coming under the 
influence of unknown religious extremists, and that he was not going to 
return home. We also had other streams of information coming from 
intelligence channels that provided pieces of the story. We had a 
partial name, an indication of a Nigerian, but there was nothing that 
brought it all together--nor did we do so in our analysis.
    As a result, although Mr. Abdulmutallab was identified as a known 
or suspected terrorist and entered into the Terrorist Identities 
Datamart Environment (TIDE)--and this information was in turn widely 
available throughout the intelligence community--the derogatory 
information associated with him did not meet the existing policy 
standards--those first adopted in the summer of 2008 and ultimately 
promulgated in February 2009--for him to be ``watchlisted,'' let alone 
placed on the No-Fly List or Selectee lists.
    Had all of the information the United States had available, 
fragmentary and otherwise, been linked together, his name would have 
undoubtedly been entered on the Terrorist Screening Database which is 
exported to the Department of State and the Department of Homeland 
Security. Whether he would have been placed on either the No-Fly or 
Selectee list--again based on the existing standards--would have been 
determined by the strength of the analytic judgment. One of the clear 
lessons the U.S. Government has learned and which the intelligence 
community will support is the need to modify the standards for 
inclusion on such lists.
    In hindsight, the intelligence we had can be assessed with a high 
degree of confidence to describe Mr. Abdulmutallab as a likely 
operative of AQAP. But without making excuses for what we did not do, I 
think it critical that we at least note the context in which this 
failure occurred: Each day NCTC receives literally thousands of pieces 
of intelligence information from around the world, reviews literally 
thousands of different names, and places more than 350 people a day on 
the watch list--virtually all based on far more damning information 
than that associated with Mr. Abdulutallab prior to Christmas day. 
Although we must and will do better, we must also recognize that not 
all of the pieces rise above the noise level.
    The men and women of the National Counterterrorism Center and the 
intelligence community are committed to fighting terrorism at home and 
abroad and will seek every opportunity to better our analytical 
tradecraft, more aggressively pursue those that plan and perpetrate 
acts of terrorism, and effectively enhance the criteria used to keep 
known or suspected terrorists out of the United States.

    Chairman Thompson. Thank you very much.
    I thank all the witnesses for their testimony.
    I remind each Member that he or she will have 5 minutes to 
question the panel. I will now recognize myself for questions.
    To each one of the panelists, since this occurrence on 
December 25, has any personnel action or disciplinary action 
taken place in your Department relative to this incident?
    Ms. Lute. In the Department of Homeland Security, Mr. 
Chairman, the personnel actions that have been taken have 
related to intensified training, intensified deployment, but 
there have been no disciplinary actions that have taken place.
    Chairman Thompson. So there are no disciplinary----
    Mr. Kennedy. No disciplinary actions, sir.
    Mr. Leiter. We are currently reviewing all the personnel. 
We have made no final decisions.
    Chairman Thompson. If you will, at whatever point you 
complete that review, would you provide the committee that 
which the law allows so we can review it?
    Mr. Leiter. Absolutely, Mr. Chairman.
    Chairman Thompson. So my understanding is, even though this 
was an unfortunate situation, nobody has been disciplined. We 
understand the President took responsibility, and that is good, 
but the question in the minds of a lot of us is, is that good 
enough?
    Now, my next question to each one of you is if that 
situation occurred today, would it be any different?
    Mr. Kennedy. On the State Department, it would be 
different, Mr. Chairman. We had a process that had been worked 
out with the interagency community, and we have discovered that 
we did not have sufficient checkmarks in. There was no 
requirement in our previous rule grid when we reported on the 
Visas Viper, meaning somebody coming into an American embassy 
and saying we have concerns about a third party.
    We reported that immediately, but we did not have in that 
process a checkmark that this individual had a U.S. visa. I 
cannot tell you why that wasn't included. I can tell you 
probably because we had already passed to the law enforcement 
intelligence community the list of everyone who gets a visa on 
a daily basis.
    We have now added that to our process, so any person who 
comes in the embassy and makes a report of terrorist concern, 
not only to report that individual in our Visas Viper message 
to the community, but we add then this person has a United 
States visa, and we have also enhanced the name-checking 
capability in that system to make sure that if there is a 
misspelling----
    Chairman Thompson. Okay. So, all right, so he has a visa. 
So what does that do?
    Mr. Kennedy. What?
    Chairman Thompson. In the process. Does it revoke the visa? 
Does it----
    Mr. Kennedy. As I mentioned in my statement, Mr. Chairman, 
if we unilaterally revoked a visa, and there was the case 
recently up, we have a request from a law enforcement agency to 
not revoke the visa. We came across information. We said, 
``This is a dangerous person.'' We were ready to revoke the 
visa. We then went to the community and said, ``Should we 
revoke this visa?''
    One of the members--and we would be glad to give you that 
in private--said, ``Please, do not revoke this visa. We have 
eyes on this person. We are following this person who has the 
visa for the purpose of trying to roll up an entire network, 
not just stop one person.''
    So we will revoke the visa of any individual who is a 
threat to the United States, but we do take one preliminary 
step. We ask our law enforcement and intelligence community 
partners, ``Do you have eyes on this person and do you want us 
to let this person proceed under your surveillance so that you 
may potentially break a larger plot?''
    Chairman Thompson. I think that the point that I am trying 
to get at is is this just another box you are checking, or is 
there some security value to adding that box to the list?
    Mr. Kennedy. Yes. The intelligence and law enforcement 
community tell us that they believe in certain cases that there 
is a higher value of them following this person so they can 
find his or her co-conspirators and roll up an entire plot 
against the United States, rather than simply knock out one 
soldier in that effort.
    Chairman Thompson. Mr. Leiter.
    Mr. Leiter. I would offer four ways in which I think the 
process would work differently today, Mr. Chairman. First, 
actually beginning in July 2008, right after Mr. Abdulmutallab 
obtained his visa, NCTC began working with State Department in 
reviewing visa applications in a new and more advanced way.
    The way in which we now review that visa, and I can't go 
into it in the open session, would have detected a connection 
with Mr. Abdulmutallab, which would have stamped an automatic 
warning to State Department, DHS, FBI and other intelligence 
community components. So first of all, he might not have even 
gotten the visa in the first place.
    Second, anyone who has a visa that goes on the watch list, 
the default is if that visa is revoked, they also become a no-
fly to ensure that if someone shows up with the visa, if there 
is some confusion there, they are also a no-fly. That is the 
second step.
    Third, we have dedicated teams that don't have any 
responsibility for producing intelligence, but simply for 
following up on these small leads. I believe those teams would 
increase the likelihood we would tap.
    Fourth, we have, as an interagency way, reviewed already 
the standards for placement on No-Fly. Although those standards 
have not yet been formally adjusted, they are being interpreted 
in a manner which allows us to more broadly apply those 
practically.
    Chairman Thompson. Thank you.
    I yield to the Ranking Member for questions.
    Mr. King. Thank you, Mr. Chairman.
    I guess this would go to Mr. Leiter and Deputy Secretary 
Lute. The President first spoke to the Nation on this on 
Monday, December 28, I believe. It was 3 days after the event. 
During that time I assume most of this information was 
available to the intelligence community, whoever was briefing 
the President. Yet when he spoke that day, 3 days after, he 
referred to Abdulmutallab as an isolated extremist.
    Do you know who was responsible for clearing that 
statement, when obviously he was not an isolated extremist? He 
was part of al-Qaeda in the Arabian Peninsula. We had this 
series of information on him. Now, the President seemed to 
correct that the next day. Why did the President go forward and 
use that term? Who is responsible for briefing him? Who is 
responsible for clearing that statement?
    Mr. Leiter. Congressman, I frankly can't speak to the White 
House interactions and who prepared that for the President and 
who briefed him on that. I simply don't know. I would say that 
on the night, on Christmas night, we advised the White House. I 
think the White House, we said that we believe this was an 
attempted terrorist attack.
    I will also add that during this entire look back, an on-
going investigation, as you know, different pieces of 
information have come forward, which have made it more and more 
clear, I think, each day of his connections to al-Qaeda in the 
Arabian Peninsula.
    Mr. King. Secretary Lute.
    Ms. Lute. Congressman, I would echo what Director Leiter 
has said. I was equally not involved in the deliberations 
within the White House to inform the President.
    I can also say, as Director Leiter has said, that from the 
moment we became aware of this incident, there was an extremely 
intensive effort to identify as many facts about this 
individual as we possibly could, including reaching out to 
international partners who held some elements of information. 
That work was intensive over those several----
    Mr. King. Because this interrupts my time, I want to 
interrupt. Again, I am just concerned why 3 days later, with 
all this information available, the President said ``isolated 
extremist.'' Was it John Brennan who briefed him? Was it Leon 
Panetta?
    I mean it would seem to me that in a situation like this, 
there should be one point person, who goes in and tells the 
President, who coordinates everything. Who is that coordinator? 
Do you know? Who would have allowed him to say ``isolated 
extremist'' when he was not isolated?
    Mr. Leiter. Congressman, I know that the National 
Counterterrorism Center and others were providing intelligence 
to the White House on an on-going basis. I simply don't know 
how those statements were produced.
    Mr. King. Okay.
    Secretary Lute and Mr. Leiter, would, you know, either 
yourselves or anyone in the intelligence community who would 
now say that Abdulmutallab should be un-Mirandized at this 
stage? Because, obviously, Director Blair seems to believe it 
was a mistake to have him put into the criminal justice system. 
At this stage, is anyone willing to recommend he be taken out 
of the criminal justice system and put into the military 
tribunal system?
    Ms. Lute. Congressman, what I can say from the Department 
of Homeland Security's perspective and in hindsight--there is a 
lot of hindsight going on--we are focused on those aspects of 
this for which the Department had key responsibility. The 
decisions regarding the Mirandizing of Abdulmutallab are 
appropriately directed to the Justice Department.
    Mr. King. Okay. My understanding was the Secretary of 
Homeland Security is a member of the President's task force on 
interrogation, and that supported the creation of the HIG. I am 
wondering does the Department have a position of whether or not 
at this stage, not doing Monday morning quarterbacking, right 
now as of Wednesday, January 27, do you believe that you should 
be taken out of the criminal justice system and put into the 
military tribunal system?
    Ms. Lute. Congressman, I am not party of all of the 
conversations that have gone in this individual. I am not 
prepared----
    Mr. King. Director Leiter.
    Mr. Leiter. Congressman, I think it is critically important 
that we try to get in as much information from him as we can. I 
think now, several weeks after the arrest and Mirandizing, it 
is not at all clear to me, and I am not close enough to know 
whether or not it would be productive or counterproductive, 
given the current FBI investigation, to do that.
    Mr. King. Secretary Lute, it has been reported in the press 
that CBP was waiting in Detroit to question the terrorist when 
he came off the plane. If that is true, wouldn't that have been 
sufficient information to contact the Netherlands and at least 
ask them to do a secondary inspection?
    Ms. Lute. Congressman, what CBP had was consistent with our 
long-standing practice of examining issues related to 
admissibility, and----
    Mr. King. Okay, but looking at it now--we are going toward 
the future again--I am not trying to Monday morning 
quarterback, but looking toward the future, having that 
information, if there is enough information to question a 
person coming off, is it that difficult to ask another 
government to give him a secondary inspection?
    Ms. Lute. We in fact have changed our practice.
    Mr. King. We have. Okay.
    Ms. Lute. That kind of information will be pushed forward.
    Mr. King. Let me ask Director Leiter and Secretary Lute: 
People have said the system failed, but what really was the 
system failure? Wasn't it judgments that failed? Obviously, we 
always have to adapt the system. But it seems to me the system 
provided enough information that, if it were properly 
interpreted, this would not have happened. Did the system 
actually fail, or are we talking about judgment mistakes?
    Again, I am not trying to Monday morning quarterback. But I 
think rather than just say the system failed, one person 
accepts the responsibility, shouldn't we be--as the Chairman 
seemed to be indicating, and I agree--looking for individuals 
who did make judgment mistakes?
    Mr. Leiter. Congressman, I think there are potentially some 
instances where there was a protocol to be followed, and 
someone didn't follow the protocol. That is one category of 
failure.
    The second category of failing is did you connect these two 
pieces of data? I frankly think that that second category is a 
lot harder to identify and clearly say you made a mistake. We 
want analysts to do that. But whether or not they actually 
could, and piece that all together, given the resources, the 
workload they are facing, I think it is much more difficult to 
say that that was a clear failure.
    I believe the phrase ``systemic failure'' was meant to 
suggest that there are a series of failings in different pieces 
of the system, not that the entire system itself is broken.
    Mr. King. Thank you, Mr. Chairman.
    Chairman Thompson. Thank you very much.
    The Chair now recognizes the gentlelady from California for 
5 minutes. Ms. Harman.
    Ms. Harman. Thank you, Mr. Chairman.
    I would like to welcome our witnesses, but comment on the 
absence of Secretary Napolitano. This is the committee with 
primary jurisdiction over the Department of Homeland Security. 
She is the Secretary of Homeland Security. She is in 
Washington, DC.
    She was invited to testify at this very important hearing, 
and she should have been here, Deputy Secretary Lute. I 
understand that you were prepared and you had accepted our 
invitation, but I am very personally disappointed that she 
isn't here.
    I also want to note for the record that I was briefed 
following the Christmas bomb plot within a few days. I was 
first in my district, and then I was on a family vacation, but 
Secretary Napolitano did call me after she spoke to the 
Chairman. I am quite aware that she had first spoken to him. I 
also exchanged e-mails and had numerous calls with Mr. Leiter, 
who was first in Washington, DC, during the event and then 
subsequently on a short family vacation himself. I know he was 
hard at work.
    Mr. King. Would you just yield for 2 seconds? Just to say 
nobody on this side received those briefings, which I think is 
wrong. It has always been bipartisan.
    Ms. Harman. I agree with you, Mr. King, that there should 
be bipartisan briefings. You know that I agree with that.
    I also want to note that in recent years there have been 
many intelligence community successes. The Zazi plot, the 
Headley plot and others are examples of success, and there had 
been many intelligence community sacrifices, particularly the 
loss recently of seven CIA personnel at the Forward Operating 
Base Chapman in Afghanistan. Obviously, all of us know this and 
want to salute again today the hard-working women and men of 
the intelligence community.
    But despite all those successes and the risks that they 
take, the Christmas day problem does represent a failure. Two 
of you, Mr. Kennedy and Mr. Leiter, have stepped up and taken 
responsibility, as has Mr. Brennan, and I applaud you for doing 
that. I applaud the fact that you have all pledged that you 
would do better.
    Doing better is not optional. A hundred percent security 
can never be achieved, but surely we can do better. At least to 
me, listening to all of this and based on my long experience 
with the Intelligence Reform Act and other efforts to try to 
better, I think that doing better is not about laundry lists. 
It is about leadership.
    Only through leadership will our system of layered security 
become more agile and responsive. Let us understand that the 
enemy that is seeking to harm us is agile and responsive. 
Whatever it is that we now decide to do, they will try to 
figure out a way to get around it. So our system of collection, 
analysis, visa approval, watchlisting and other things should 
get better. But only through strong leadership will that better 
system stay agile and responsive.
    Let me just add one thing as the tag end. This I commend 
the Department of Homeland Security for doing very well, and 
that is preparing, not scaring the public. There is a new tone. 
I applaud that. Let us remember that the successful layer of 
security on Christmas day was a prepared public on that 
airplane.
    So, finally, let me make one other point. There is 
testimony submitted for the record of this hearing by the ACLU, 
and I have read that testimony, and I think it is extremely 
thoughtful. It reminds me that one piece of unfinished business 
since the Intelligence Reform Act of 2004 is the formation of a 
privacy and civil liberties commission that was supposed to 
oversee new practices to keep our country safer.
    I wrote a letter to the President in October with Senator 
Susan Collins of Maine, and the White House has never responded 
to our letter. Insofar as I know, nothing has been done. I 
think that this is unfortunate and will prevent us from 
assuring the public that we are enacting better practices 
consistent with our Constitution.
    But my one question, because time is running out, is to 
each of you. What are you personally going to do to assert 
leadership in the near- and medium-term to make certain that 
the people under your supervision remain agile and responsive 
against an evolving threat by a learning organization?
    Ms. Lute. Congresswoman, perhaps I will begin. You and I 
know each other well. I take very seriously the 
responsibilities of leadership, and I underscore 
responsibility. I personally traveled to 12 countries in 12 
days with colleagues from the Department of Homeland Security 
to bring a message of leadership from the United States to our 
international partners with whom we have to work very closely 
to raise the standard of aviation security.
    I personally spoke with the IAB officer on the ground in 
Amsterdam to understand from his perspective what more can we 
do to change the system and to improve our ability to prevent a 
future event as occurred on Christmas day.
    The Secretary equally has personally made aviation security 
a cornerstone event of our efforts going forward in this, along 
with other parts of the Department, who take very seriously its 
leadership role to help create a homeland where the American 
way of life can thrive. This is something we take extremely 
seriously.
    Mr. Kennedy. Ma'am, the Secretary of State is incredibly 
involved in this, and she has charged me, and I think that I 
would offer in the brief time I have two points, but there are 
others.
    The first, we need to continually increase our software 
capability to take disjointed pieces of material and bring them 
to get together. The second thing we need to do is and I have 
to make sure that is happening, and I think that we also have 
to make sure that we remain and improve our lash-up with the 
National security and the law enforcement community, because we 
are on the frontline.
    But while we are on the frontlines, if we don't have the 
backstopping that is the best that we can lash up, then we 
would fail again. That is my pledge to make sure those happen.
    Mr. Leiter. Congresswoman, I have spent a tremendous amount 
of time since December 25 with my workforce, my analysts, my 
watch listers, my watch standards, and made clear to them many 
things. One, I have to enable them to be able to do the job. If 
they need something, they have to come to me, so I am making 
sure that lines of communication are more open than ever.
    So one of the things I first said to them is I want to know 
from every one of them how do we do our job better. I did an 
open e-mail to my entire organization. I probably got 200 
responses of what they think needs to be done.
    The second thing I said to them in a way relates back to 
what the Chairman asked. I told all of them you have to ask 
yourself whether or not you can keep doing it, because this is 
high pressure. It is high stakes. You are going to get beat up 
in the public realm. You have to make sure that you can commit 
yourself 100 percent to this every single day. There is no 
embarrassment if they can't. We have to make sure that we have 
a well-honed team that really stays on this.
    Finally, the last thing I would say I am doing--I am not 
generally noted to be an especially patient person, but 
whatever patience I have shown in the past in terms of trying 
to negotiate or massage interagency agreement to obtain data or 
to provide cooperation, frankly, I am done with it. I am going 
to ask once politely, and after that I am bringing to the White 
House and Director Blair and saying this has to be done. If it 
can't be done, I can't guarantee you the security that I think 
you and the American people deserve.
    Could I add one thing, Mr. Chairman? I just want to note on 
the record I endorse wholeheartedly the information that this 
committee needs to make a decision. You have my commitment from 
NCTC--I hope we have illustrated that in the past--to provide 
you that completely and on a nonpartisan basis the information 
you need to do your oversight correctly.
    Chairman Thompson. Thank you.
    The gentleman from Indiana for 5 minutes, Mr. Souder.
    Mr. Souder. Thank you, Mr. Chairman.
    First, Mr. Kennedy, I would appreciate for the record if 
you would--you said since 2001 you revoked 51,000 visas and 
1,700 for suspected links to terrorism--could you give us a by-
year number of visas revoked and number for suspected 
terrorism?
    But, secondly, I know my friend from New York kept making a 
point about Monday morning quarterbacking. As a Hoosier, when 
you have Peyton Manning as your quarterback, you don't have to 
do Monday morning quarterbacking. That is important here, 
because it is the person in charge, and the people in charge. 
When they fail is when we do Monday morning quarterbacking.
    It is not the agent who didn't have the information who 
messed up here, that as you see these people at the airports as 
you go around the world, there were signals from the top to 
back off of profiling, don't focus as much, agents not focusing 
as much on capturing people as moving them through, not putting 
things together.
    I have some basic questions that we learned before, and I 
was very disturbed at some of the briefing. My understanding is 
in public record that we didn't know he paid cash, because we 
don't collect the information on cash, because 20 percent or 
some percentage of people who do foreign travel pay by cash and 
that that wasn't in his--we didn't know he paid cash. That is 
public record. Is that true?
    Mr. Leiter. I think it is true that we did not know he paid 
cash. One note, I would say, Mr. Souder. I think you are right. 
Roughly 20 percent of global passengers pay cash. That 
proportion, from the region he came from in Africa, is vastly 
higher, so frankly, a cash payment for a ticket from where he 
bought his ticket really would not raise any suspicion.
    Mr. Souder. We also didn't know that the British had him on 
a no-fly list. Is that correct? That is publicly reported.
    Mr. Leiter. The British did not have him on a 
counterterrorism no-fly list. The British had----
    Mr. Souder. But they had him on a no-fly list.
    Mr. Leiter. He did not have a visa----
    Mr. Souder. He didn't have a visa, so he couldn't fly.
    Mr. Leiter [continuing]. For criminal purposes.
    Mr. Souder. So the question is, and this is what I would 
ask you, in any type of basic tracking or intelligence, in 
narcotics and that type of thing, you build a system. When a 
business is trying to figure out risk of something, they build 
a system.
    The cash would not be relevant in normal, but the cash 
becomes relevant if the father said this, and you knew you were 
watching something from there, and you are tracking a ticket. 
Then all of a sudden the cash is relevant. The fact that he 
didn't have a visa was not relevant, because it wasn't relevant 
to terrorism. But the fact that he was a liar on his visa form 
suddenly becomes relevant, once you know that the father 
called, and he bought cash in that.
    In other words there is a point system. My understanding is 
you don't have a point system. Is that true?
    Mr. Leiter. Congressman----
    Mr. Souder. In other words there is no way to pyramid the 
information.
    Mr. Leiter. Congressman, I don't think that is quite true, 
but I don't want to quibble with your point, because I think 
you are exactly right. Those individually----
    Mr. Souder. Irrelevant things, yes.
    Mr. Leiter [continuing]. Inoffensive bits of data add up to 
a larger picture. I will say that over the past several years, 
as we have tried to ``accumulate data'' so all of that data can 
be shared and analyzed together, one of the consistent 
challenges we have faced at the National Counterterrorism 
Center is these bits of data that aren't terrorism information, 
but could add to that picture.
    That has been one of the most significant obstacles we have 
faced in making sure all that information can be effectively 
analyzed.
    Mr. Souder. But would you not agree that there are things 
where you are building a broad picture, and there are things 
that are specifically relevant to getting on an airplane? In 
other words I know early on until they somewhat improved the 
system, that one time going through the Washington airport, six 
of the seven people in secondary where members of Congress. 
Why? We got out early. We bought e-tickets. We paid cash.
    That those are logical things you watch for in an airplane, 
and they build that, but you might not need them in your full 
terrorism bank. Do you have any ability to separate when you 
are getting on an airplane, when you are getting at something 
else from kind of this general pool? Otherwise, you will have 
so much information that will be indecipherable.
    Mr. Leiter. On that, Congressman, I would really defer to 
Deputy Secretary Lute on their screening----
    Mr. Souder. Then let me tie a question with that, that we 
worked hard in the very original bill to make sure that 
Homeland Security was going to be at as many posts where they 
were doing visas and as many posts at airports. You had 50 
deployments. Are you asking for more?
    In other words the whole point of port security in airports 
is not to kind of arrest them after they have blown everything 
up. It is to get it before it gets here. Are you asking and 
requesting more overseas deployments? Are you going to get this 
kind of information where they can say, okay, this is airplane 
specific, this is harbor specific, as opposed to just general?
    There may be something--for example, somebody's shipping 
orders. That may be relevant in a port, but not relevant to the 
total counterterrorism center.
    Ms. Lute. Congressman, on each of these lines we are doing 
more. As you know, the Department of Homeland Security has no 
authority abroad. But we do have programs where we have people 
deployed for precisely this purpose. These are limited 
programs. We have expanded them as Congress has given us the 
resources to do so. We will expand them again. We have expanded 
them in the wake of this episode.
    Mr. Chairman, if I could just make one thing very clear 
about the Secretary's leadership and your presence today, as 
you know, she had planned--there was international travel that 
conflicted with this hearing today. I was offered in part 
because I went abroad immediately at her direction with my 
colleagues to raise some of the issues that you are raising 
about the kind of information that we are collecting, about the 
kind of technology that we can deploy, about the weaknesses 
that exist in the system and how we can work collectively to 
raise that bar.
    Mr. Chairman, with your staff it was coordinated and agreed 
that that I would appear for that reason.
    Mr. Souder. With all due respect, it isn't true that you 
have no authority abroad. You have the right to reject their 
entry into the United States.
    Ms. Lute. Absolutely right, Congressman. There is no 
question. We do--we can----
    Mr. Souder. A container doesn't have to come in. A person 
doesn't have to come in. We have that authority.
    Ms. Lute. That is correct. But to your point about 
additional information, we have made that change in Homeland 
Security, taking information that previously under our pre-
existing protocols was related to admissibility and not putting 
it in the service of making flying determinations.
    Chairman Thompson. Thank you.
    Time has expired.
    The Chair now recognizes Mr. DiFazio for 5 minutes.
    Mr. DeFazio. Thank you, Mr. Chairman.
    Ms. Lute, you know, we wouldn't have any imaging technology 
capability today if it hadn't been for Kip Hawley. You know, I 
have been a fan of this since I was first exposed to it about 8 
years ago. I kept bumping up against that ``Oh, my God, we are 
going to see people's skin or bodies or images'' or whatever.
    Kip Hawley, you know, after a number of failed 
administrators, really focused on this. He pushed it through. I 
kept saying, ``Isn't it just the way you get software? It 
doesn't have to be your body. It can--'' and Kip finally got 
that done.
    So the point I am making here is we need a TSA 
administrator. I am going to ask this question, which I asked 
Ms. Napolitano last spring. Can't you just get it out of the 
way and allow the people in the TSA to unionize? It will not 
impinge, unlike some wacko Republicans think, on National 
security. Just get that out of the way so that won't be the 
thing that stalls the new TSA administrator.
    She said she wanted to wait for an administrator to get it 
done. You can't wait. She needs to make the decision, get it 
done, give them those rights and get that off the table, and 
then the next administrator can just deal with security issues 
and their history and background, and not this specious issue. 
That is just a message I wish you would deliver to her, because 
she said here, you know, to me quite some time ago she was 
wanting to move this forward, but she wanted to wait for the 
administrator. Can't wait. Get it done.
    Point No. 2, you know, the imaging technology is good. It 
may or may not have worked in this case, but it has to be mated 
with something that does vapor detection. Are we full out there 
working on vapor detection or trace detection? You know, I mean 
dogs are great, but, you know, we need, you know, maybe, you 
know, either we need a heck of a lot of dogs or, you know, we 
need some technology that is more dependable than those puffer 
machines.
    Ms. Lute. You are absolutely right, Congressman. This 
technology does represent an improvement in our overall 
capabilities, but it is only one part of a layered system. 
Other technology has to be brought to bear as well, as well as 
improved processes, improved information gathering across the 
board.
    We are working very closely and have established a high-
level working group with the Department of Energy and the 
National labs to look precisely not only at are we using 
existing technology to best effect, but what are the promising 
new technologies that we can then add to these multiple layers 
to ensure the best safety and defense possible?
    Mr. DeFazio. Okay.
    To anybody, are all--I hate these stupid names; I don't 
know, the Terrorist Identities Datamart entire and, you know, 
whatever, TIDE? Are all the people on the TIDE list now 
selectees? I don't see why they wouldn't be. It is an 
insignificant number of daily passengers compared to the number 
of people who fly daily. It would not be in an imposition. Are 
they now also selectees?
    Mr. Leiter. Congressman, they are not, although I must say 
I very much appreciate your sentiment. Frankly, from my 
perspective as the director of NCTC, it is no skin off of my 
back if they all were.
    Mr. DeFazio. There are 500,000 of them. They are worldwide. 
There are 3 million-something people fly a day. You know, I 
mean it would add significantly to the burden. Does Homeland 
Security object to this?
    Ms. Lute. Homeland Security has no objection to that, to 
any measures that enhance the security of the traveling public.
    Mr. DeFazio. Do you think that would enhance security, that 
anybody who is on the TIDE list is a selectee?
    Ms. Lute. Rather than going----
    Mr. DeFazio. Yes or no. I am running out of time.
    Ms. Lute. If any--it takes----
    Mr. DeFazio. You don't know.
    Ms. Lute [continuing]. It takes layers of defenses--
    Mr. DeFazio. Okay. All right. So you are sort of no.
    Mr. Leiter[continuing]. Respectfully.
    Mr. DeFazio. Yes, yes.
    Mr. Leiter. Again, I respect your views, and I am happy to 
do it, but the pressure on NCTC, on DHS over the past 8 years 
has never been in that direction.
    Mr. DeFazio. All right.
    Mr. Leiter. It has always been in the exact opposite 
direction. So I just want to recognize this is a very changed--
--
    Mr. DeFazio. I understand, but, you know, Congress acted, 
and we pushed, and we have in place now an appeal system. So if 
somebody is on that list, like John Lewis from Georgia, our 
colleague, or, you know, former Senator Kennedy, others who get 
on the list, you know, there is an appeals process. You can get 
off the list.
    But why not err on the side of caution? Anybody on that 
list becomes a selectee. They at least get that slightly higher 
level of screening. They have some interaction with a, you 
know, with an officer, you know. I just think that to me, and 
again, it would be a very, very, very infinitesimal percentage 
addition to the daily workload.
    Mr. Leiter. Congressman, I agree in many ways----
    Mr. DeFazio. Okay.
    Mr. Leiter [continuing]. But would note it would be about a 
40 or 50 times increase in the number of selectees we have 
today.
    Mr. DeFazio. Yes, but I don't think so on a daily basis. It 
is 500,000 people on the list. How many of them fly on a daily 
basis, you know, when there are 3 million people a day flying? 
I mean I just don't think it would be.
    Mr. Leiter. But we currently have 14,000 on the Selectee 
that would increase them 40 to 50----
    Mr. DeFazio. Yes, but I know it would increase the list 
that much, but in terms of daily workload, it would be nowhere 
near that.
    One other quick question to State. You talked about you 
have the authority to immediately revoke a visa. You know, but 
you want to communicate. Then you said, but if it was urgent, 
you would act.
    Have you ever had a recommendation the other way to you, 
that you revoke a visa that you didn't revoke?
    Okay. Thank you.
    Thank you, Mr. Chairman.
    Chairman Thompson. Thank you.
    Thank you very much. We have been told that some votes will 
happen, and I have been fairly lenient with time. But in the 
interest of giving every Member an opportunity to ask 
questions, we will strictly adhere to the time.
    The gentleman from Alabama, Mr. Rogers, for 5 minutes.
    Mr. Rogers. Thank you, Mr. Chairman.
    As everybody on this committee knows, for many years I have 
been a vigorous advocate of canines' use and remain that way, 
and I want to talk mostly about that.
    Before I do, I want to visit the subject that my colleague 
from Oregon brought up about the administrator who was 
proposed. The administration didn't propose him until 
September. I mean they had been in office 8 months, so if this 
was such a priority with the administration, he should have 
been proposed earlier.
    Secondly, you did raise the issue that I care about. That 
is canine use. Right after this Christmas day bombing, 
Secretary Napolitano in her remarks--White House press 
conference--listed three or four items that the Department was 
going to turn to to enhance our security layer system, and one 
of them was enhanced canine use.
    I sent her a letter since then, expressing again, as I have 
in this hearing and in other venues, my concern that we aren't 
utilizing that asset enough. I know for a fact that TSA only 
uses 750 canines. These are very inexpensive, very effective 
means of technology.
    You have stated in your statement, the written statement, 
in two different places that you have increased your use of 
canine detection dogs, explosive dogs, in our transportation 
hubs. Can you tell me where and how many and what your plan is 
on that asset?
    Ms. Lute. In this open setting, Congressman, I am not going 
to detail any of the specific security measures that we have 
taken, but we believe that canines are an important part of the 
multi-layered defenses that we have been talking about. We look 
to use them to the greatest extent possible. We know their 
value. We are convinced of it, and we are going to expand our 
use.
    Mr. Rogers. Okay. But you haven't significantly expanded 
them since the Christmas day bombing.
    Ms. Lute. But we have in fact expanded them. But the 
details of that in this setting I am not prepared to explain.
    Mr. Rogers. That is fine. I do want to get back with you in 
a more private setting, but I want to address a new technology.
    Currently, the Amtrak, the Capitol Police and the Federal 
Protective Service all use a new type of canine explosive 
detection dog called a vapor wake dog. What it is is when 
somebody walks by, the dog detects the vapors in their wake. We 
all leave a wake when we walk by. Explosives in particular 
leave the smell, the odor, there for 15 minutes in that wake. 
So when it comes to transportation hubs like airports, bus 
stations, subways, whatever, the dog doesn't have to smell the 
person directly. It can just step by when the person walks by.
    All these entities use it, but TSA does not use it. The 
Capitol Police, as I said, uses it. The Secret Service is now 
looking at it. They are going to probably start using it. Why 
has TSA been so reluctant to use that technology?
    Ms. Lute. Congressman, we focus on layered defense, as we 
have been discussing here this morning, and we are examining 
all aspects of layers, including the increased use of canines. 
As I mentioned, the Secretary has made very clear her 
determination that we look at promising new technologies, 
techniques, canines, leave no stone unturned to increase the 
security of the traveling public.
    Mr. Rogers. Well, they are used extensively in Europe. One 
of the things I was hoping that Secretary Napolitano would do 
during her trip to Europe--and I thought about it when she 
announced it--was I am hoping that as a part of the agreements 
that we worked out with our allies around the world, that for 
planes that are destined to the United States, that we can at a 
minimum deploy dogs, canines to those airports to be at the 
gate of any plane that is leaving for the United States to make 
sure that at least those passengers are screened with that 
layer of security that we have some control over.
    If they want to let people get on the planes going 
elsewhere, that is their business, but if it is coming to this 
country, I want to make sure they are screened with every tool 
that we have got in our toolbox. A frustration that I have got 
is we are spending billions a year on bells and whistles, and 
we have a very simple technology that works, and we aren't 
using it anywhere close to the level that we should be using 
it. So I would ask you if you are going to make this a priority 
is to go forward and in the near future.
    Ms. Lute. Yes, sir. As the Secretary did make clear to her 
European colleagues when they met together on this issue at her 
request, there are number of measures that need to be taken. 
This is not a business-as-usual environment that we are in, and 
it takes the collaboration of all of us to be able to assure 
the traveling public that we are doing ever we can to keep them 
safe, including measures such as you have outlined.
    Mr. Rogers. Great. Thank you very much.
    Thank you, Mr. Chairman.
    Chairman Thompson. Thank you very much.
    The Chairman now recognizes Representative Cleaver for 5 
minutes.
    Mr. Cleaver. Thank you, Mr. Chairman.
    Ms. Lute, you addressed this already to some degree, and I 
am not sure how much you can discuss this issue here publicly, 
but you had mentioned that you and the Secretary had traveled 
abroad in hopes of working out some cooperative agreements with 
our allies in this fight against terror.
    One of the questions that maybe you can answer here, and I 
would be interested in hearing, you know, some of the more 
detailed information in the right setting, proper setting, but 
is there any willingness abroad to support what we are trying 
to do in terms of aviation safety for other countries to 
contribute financially to enhance technological measures, I 
mean? Or are we the only Western nation that is engaged in 
spending a lot of money in trying to increase the technology or 
create more sophisticated technology?
    Ms. Lute. Congressman, this was an extremely intensive 
trip. My many years in the Army prepared me well for the 
conditions under which we were traveling.
    The dialogue with our international partners could not have 
been more supportive. They recognize almost universally that 
this is not a U.S. problem. This is not a Dutch problem. This 
is not a Nigerian problem. This is an international problem 
that the responsible governments of the world must come 
together to address. Again, they all agree that in the area of 
information gathering and sharing, we need to do better, and we 
can.
    In the area of technology, we are not deploying existing 
technologies to best effect, and there are new and promising 
technologies. We are not the only ones with an investment in 
technology and reliance. It is one of the multiple layers of 
defense that we have in place.
    Equally, there is a recognition that this global system, as 
we saw on Christmas day, with an access to any part of this 
system, you potentially have access to the entire system, so we 
all need to come together, and they recognize those 
responsibilities. The Secretary is leading a series of regional 
dialogues leading to a major conference on this issue so that 
concrete actions can be taken in the information sharing, 
technology, and system strengthening.
    Mr. Cleaver. I have no other questions, Mr. Chairman. Thank 
you.
    Chairman Thompson. Thank you very much.
    The Chairman now recognizes Mr. McCaul for 5 minutes.
    Mr. McCaul. Thank you, Mr. Chairman.
    This was clearly a failure in intelligence. I think all the 
witnesses have agreed to that. The President of the United 
States has as well. It is more than a failure to connect the 
dots, as we talk about so much. It is a failure to identify 
dots or specific threat information coming in and acting upon 
it appropriately.
    We had the Christmas bomber's father going to the embassy, 
warning us about his son. The State Department issued a cable 
that basically stated that and sent it to law enforcement, and 
I assume to the NCTC, stating that information had posted just 
that Farouk may be involved in Yemeni-based extremists.
    I think Members of Congress and the American people don't 
understand why with that type of information and Director 
Leiter with specific intelligence coming in through the IC, the 
intelligence community, why that wasn't linked together, No. 1, 
and why it wasn't acted upon to ensure that this man never got 
on this airplane in the first place.
    I think we agree that this visa should have been revoked 
immediately, given the information. I can't get into the 
classified information that you are privy to, but it was 
specific. What happened here?
    Mr. Leiter. Congressman, some action was taken, but as you 
have identified, as I have talked, we would say it was 
obviously not sufficient, which was his name was entered into 
the Terrorist Identities Datamart Environment, but that didn't 
have automatic repercussions in terms of screening, visa 
revocation, or stopping him from boarding the plane.
    The other intelligence simply wasn't identified and 
associated with this individual. I can tell you that there was 
concern on the intelligence community's part about potential 
attack by al-Qaeda in Yemen, and we were concerned even about 
the timing of that. What we didn't connect was the individual's 
name or where that attack would occur. That was our failure.
    Mr. McCaul. Was that because it was misspelled--the name 
was misspelled? I mean to me, you know, if you type my name 
into Google, for instance, M-C-C-A-U-L, they will say, did you 
mean M-C-C-A-L-L. and so do you not have a similar type of 
capability?
    Mr. Leiter. Actually, the misspelling did not affect NCTC 
in any way. It did affect, as I understand it, and I will defer 
to Under Secretary Kennedy on this, from our perspective when 
his name was sent in, we actually put the spelling in both 
ways. The technology we use, it wouldn't have made a 
difference.
    Mr. McCaul. Did you not have the cable that the State 
Department sent?
    Mr. Leiter. We did, and we inserted the spelling based on a 
number of things.
    Mr. McCaul. Yet you made the decision not to revoke the 
visa, given that information?
    Mr. Leiter. I don't have the authority to revoke a visa. 
That is an authority----
    Mr. McCaul. Right. Can't you call Secretary Kennedy and 
say, ``You know, I think we have got a problem here. We ought 
to think about revoking this visa.''
    Mr. Leiter. The intelligence community can, frankly. That 
normally doesn't occur, if the nomination itself comes from the 
State Department, because----
    Mr. McCaul. Well, I think there needs to be a lot better 
coordination going on here between these two entities.
    Mr. Kennedy, why, given the information that you had, why 
wasn't the visa revoked?
    Mr. Kennedy. Sir, as I mentioned earlier, when we get any 
information, when anyone appears at an American embassy and say 
that they have doubts about someone, we immediately generate 
what is called a Visas Viper message. We send that to the 
entire law enforcement and intelligence----
    Mr. McCaul. My time is running out. I understand the 
process, but you had this information, and you didn't revoke 
the visa.
    Mr. Kennedy. Because----
    Mr. McCaul. I mean the cable I just read----
    Mr. Kennedy. Right.
    Mr. McCaul [continuing]. Makes it pretty clear that this 
man is associated with extremists in Yemen. You didn't revoke 
his visa.
    Mr. Kennedy. What it was, sir, his father said he was 
associated with this, and so we then asked the intelligence and 
law enforcement community if they had any other information. I 
don't want to take much of your time. I would be glad to visit 
with you afterwards.
    Mr. McCaul. Well, I think the father is a very credible 
source. This isn't some anonymous person coming in saying this.
    Mr. Kennedy. We have people coming in, sir, to American 
embassies every day, attacking their relatives.
    Mr. McCaul. Well, let me just--my time--this was a failure 
extraordinaire, and I sure hope it never happens again.
    Deputy Secretary Lute, the last of my remaining time, they 
have identified a vulnerability in our system. I am very 
concerned about future flights now. The system didn't work. The 
screening--you know, they are always a simple genius, you know. 
They use chemical explosives, which would be detected through 
X-ray, but not through the magnetometer.
    I know we are focusing on the 16 countries of interest in 
terms of pat-downs and more enhanced screening, but I am 
concerned about still the majority of the airports out there 
where we are still vulnerable. They could still use this 
technique and get chemical explosives through the magnetometer. 
What is the Department of Homeland Security doing about that?
    Ms. Lute. Congressman, we are not just focused on those 16 
places that you have identified. We are focused on aviation 
security globally and the traveling public, to ensure their 
safety.
    People have talked about silver bullets. We don't look for 
silver bullets in Homeland Security. We know it takes a layer, 
multiple measures of layers, not just by us, but by our 
international partners, and it takes constant vigilance.
    We have made some adjustments internally now to take the 
information that we get, push it forward where we have teams on 
the ground or to authorities in airlines where we don't have 
specific teams. We are looking to expand our teams as well. 
This is not a business-as-usual response. No one will be 
satisfied----
    Mr. McCaul. But my point is there are still many airports 
vulnerable to the same technique deployed by this terrorist.
    Chairman Thompson. The gentleman's time has expired.
    The gentleman from Pennsylvania, Mr. Carney, for 5 minutes.
    Mr. Carney. Thank you, Mr. Chairman.
    I have to echo the sentiments of a number of our colleagues 
today, who I am very dismayed that the Secretary herself is in 
here. I mean it is probably fair to ask where the hell is 
Secretary Napolitano for this hearing, to be quite honest.
    I understand, Deputy Secretary Lute, that you are prepared 
and that is great, but she was invited. She needs to be here to 
address something of this magnitude. My first question is why 
was her first response to the public that the system worked?
    Ms. Lute. Congressman, if I could, and I clarified before, 
the Secretary had international travel that was originally 
conflicted. We coordinated with the Chairman's office. She has 
been in regular talks with the Chairman, other Members of this 
committee. She dispatched me with my colleagues around the 
world to work aggressively with international partners, part of 
the reason my appearance here was coordinated and agreed.
    What the Secretary has made clear in her initial response, 
she was responding to in the environment of what are we doing 
to address this concern now? How are responding to the 
information that we would have to ensure that there are no 
other flights that are subjected to any danger or that pose any 
threat to the American public?
    Mr. Carney. I want to shift gears slightly here. You and I, 
last time we spoke, I believe, was New Year's Eve. That is 
right. How is the QHSR coming? Are we further down the road? 
Are we going to see it soon? Frankly, does the QHSR lay out a 
sort of chain of command that would obviate some of the issues 
we are talking about today?
    Ms. Lute. We did speak late New Year's Eve, in fact. The 
QHSR from our perspective is concluded. It is with the White 
House right now, ensuring final interagency coordination prior 
to release. As I mentioned to you, we are on schedule that I 
discussed with you.
    We look for the QHSR, together with the bottom-up review of 
the Department and a number of other measures that we are 
taking internally to clarify roles and responsibilities in what 
is a significant enterprise for this country--that is, homeland 
security.
    We believe that the QHSR lays this out in a clear fashion, 
the roles and responsibilities of other Members, other parts of 
the Federal Government, State, local, law enforcement. It is an 
enterprise to ensure that this homeland is a place where the 
American values, aspirations, and way of life can thrive.
    Mr. Carney. Okay. Thanks. Just one more question, and you 
didn't answer my second question, my first comment. Do you know 
why the Secretary said the system worked in her first reaction?
    Ms. Lute. Congressman, as she has made clear, she was 
responding to a series of questions that were also related to 
what are you doing in response to this information? What are we 
doing now to ensure that the traveling public is safe--planes 
in the air, airlines? What information are we pushing out?
    Mr. Carney. Thank you.
    Mr. Leiter, I just have a couple of moments left. By the 
way, sir, I respect you enormously and what you bring to the 
table, and I really want to know from your perspective, was 
there a single point of failure, a double point of failure, 
multiple points of failure in the Christmas day attack?
    Mr. Leiter. Multiple.
    Mr. Carney. Multiple.
    Mr. Leiter. Yes.
    I am trying to save you time, Congressman.
    Mr. Carney. We will have a chance at some more questions, 
Mr. Chairman?
    Chairman Thompson. Well, we can, or we can submit them for 
the record and get a response.
    Mr. Carney. Okay.
    Chairman Thompson. Multiple probably could go a long time.
    Mr. Leiter. Congressman, if you would like me to expand, I 
always can, but I was----
    Mr. Carney. Well, no, no, as the Chairman of the Oversight 
Investigation Subcommittee, I think maybe we will have you come 
in and chat with us a little bit. I will appreciate that.
    No more questions, Mr. Chairman.
    Chairman Thompson. Thank you very much.
    I don't want the committee to be misled. I have talked with 
the Secretary 2 days ago. We did not talk about her non-
attendance or attendance at this hearing. Staff did communicate 
based on a directive we received that the Secretary would not 
be here, and we worked on Deputy Secretary Lute's presence.
    That changed. At a minimum, based on that change, somebody 
could have communicated back to the committee one way or the 
other that we told you we weren't going to be here, we are here 
now, but we still can't come because of some other things. That 
is the courtesy I think the committee still deserves, and it 
does not require comment.
    The gentleman from Pennsylvania, Mr. Dent.
    Mr. Dent. Thank you, Mr. Chairman.
    Mr. Leiter, based on your testimony, your written testimony 
and also your testimony that you gave last week before the 
Senate, it appears you believe that the Federal Government did 
in fact collect the dots, but did not recognize the linkages 
between those pieces of information. Is that a fair assessment 
of your statement, your position?
    Mr. Leiter. Yes, definitely.
    Mr. Dent. Isn't it true that the NCTC is designed to be a 
major, if not the premier intelligence fusion and analysis 
center?
    Mr. Leiter. We have the statutory responsibility to be the 
primary analytic center for counterterrorism, and we along with 
the CIA have primary responsibility on it.
    Mr. Dent. Thank you.
    I also understand that the Intel Authorization Act of 2010 
that passed the House Permanent Select Committee on 
Intelligence, but was not considered on the House floor, 
included sharp decreases in staffing levels for the Office of 
Director of National Intelligence. Isn't it true that your 
staffing at the National Counterterrorism Center is included in 
those DNI staffing levels and could have been very negatively 
impacted?
    Mr. Leiter. Congressman, that is correct. As Director Blair 
noted, I believe, last week, my discussions with him in 
December were about how I was going to absorb cuts of up to 20 
percent of my personnel areas to include analytic and 
watchlisting personnel.
    Mr. Dent. So then do you have enough analysts to connect 
these dots?
    Mr. Leiter. Well, believe me, it is a very, very small 
silver lining and not a silver lining I really wanted, but 
those initial cuts have now been canceled for us. We have been 
working with the DNI and the----
    Mr. Dent. So you do have enough analysts?
    Mr. Leiter. No. I have already discussed with the DNI, and 
he has discussed with the Office of Management and Budget the 
need for additional analysts and individuals to work on 
watchlisting. So we enhanced those watchlisting records, so the 
right people are on the No-Fly list, the Selectee list. Right 
now I don't have enough people to do that.
    Mr. Dent. So you are saying, then, additional analysts, and 
not fewer analysts, as HPSI proposed, that would help you 
accomplish your intelligence fusion mission?
    Mr. Leiter. Yes, but I do want to make clear I don't look 
at this as this great opportunity to grow.
    Mr. Dent. I understand.
    Mr. Leiter. I look at it as the realization that we can't 
do the mission as expected, and we weren't doing as well as we 
did because of the assets we didn't have and the assets we were 
potentially losing.
    Mr. Dent. Thank you, sir.
    To Deputy Secretary Lute, I understand that while at the 
Schiphol Airport in Amsterdam, they have these full body 
imagers, as you know. They were not used at the checkpoints for 
the flights bound for the United States on Christmas day. In 
fact, within the United States we have only 40 of these 
machines at about 19 airports.
    While I know that you can not guarantee protection, 
particularly when you are relying on human interpretation of an 
image, do you believe that the whole body imager would have had 
a better chance of detecting or identifying Abdulmutallab's 
explosive device than the current technologies employed at 
airports?
    Ms. Lute. Congressman, we believe it represents an 
improvement over our current capabilities, but again, it is 
only part of a layered system.
    Mr. Dent. Understood. In order to address privacy concerns, 
some of the local vendors have developed these so-called auto 
detection software for their whole body imaging equipment with 
the goal of getting the TSA image observer out of the process. 
This auto detection technology, I am told, is currently being 
tested over in Schiphol and in Amsterdam.
    Is the TSA, the Transportation Security Lab, or the S&T 
director examining this auto detection technology? If so, when 
can we expect to see some preliminary results?
    Ms. Lute. We are examining all aspects of advanced imaging 
technology, whole body imaging. We are aware of some of the 
technologies that exist out there, and we are also engaging in 
dialogue with our international partners like the Dutch to see 
what they have, what they are using. We believe this is an 
enhancement.
    We take the privacy concerns very seriously. There are a 
number of measures in place with respect to whole body imaging 
now, the dislocation of the observer, the non-retention of 
image. But we believe that this is an area where we don't want 
to settle for just existing technology, but also want to 
explore most promising new.
    But we also don't want this to take forever. We want to put 
tools in the hands of screeners now to enhance security.
    Mr. Dent. Good. Then I hope you will certainly communicate 
with our friends in the Senate that stripped the amendment that 
was placed in the TSA authorization by the House that would 
restrict the use of these whole body imagers.
    Finally, there appears to be a debate on which advanced 
technology system is better--backscatter radiation or the 
millimeter wave technology. Have you done an analysis on the 
health and safety of both of those types of systems? Did you 
identify any risks in multiple daily exposures?
    Ms. Lute. So, Congressman, I am aware that there are 
differences. I am not a scientist. Our science and technology 
folks, together with the Department of Energy and the National 
labs, are working with TSA on this and other technologies as 
part of a layered defense.
    Mr. Dent. Could somebody report back to us? Could somebody 
send a report back to us, which is the better technology?
    Ms. Lute. Yes.
    Mr. Dent. Thank you.
    I yield back.
    Chairman Thompson. Thank you.
    We will get the gentleman's question answered by the 
Department. Be happy to.
    The gentlelady from Ohio for 5 minutes, Ms. Kilroy.
    Turn your microphone on.
    Ms. Kilroy [continuing]. The responsibility for failing 
within their respective organization. I think coming before 
this committee is part of that acknowledgment of responsibility 
and the oversight that it ruled as given to this body and to 
the United States Congress.
    I think it is critically important that once we acknowledge 
the errors, that we also provide a plan or hear from you your 
plan to fix, to correct the problem, to make sure that people 
aren't becoming complacent in the years since 9/11 and protect 
the flying public. I thank those of you who made very clear 
statements in your testimony, as you did, Director Leiter, 
about that level of responsibility.
    The more I hear about the Christmas bomber, the more I am 
amazed at how he got on the plane. That continues today to 
really stun me, that given the level of information, granted in 
different parts of the system, that there was sufficient 
information that, at least to me, it seems that he should not 
have been allowed onto that plane.
    I keep learning things through hearings, through briefings, 
and through public news reports, that news reporters managed to 
get some information that had not been shared with the 
committee in prior briefings. But there was sufficient 
information, apparently, for him to be tagged for questioning 
when he got off the plane. I don't understand, I guess, why the 
Customs and Border Protection was the agency that was charged 
with questioning him when he got off the plane.
    Ms. Lute. Congresswoman, that is we have standing protocols 
that have been in place in this case since 2006 related to 
admissibility issue questions. The Customs and Border 
Protection persons were prepared on the basis of that 
information to question him when he arrived.
    We have changed that process. We now take that kind of 
information and push it forward to a pre-boarding opportunity 
that individuals be questioned before they get on planes, 
precisely because we recognize now that there is important 
information that can help us understand whether or not an 
individual poses a threat to aviation security, and so we have 
changed that process.
    Ms. Kilroy. Well, I appreciate that things have moved 
forward and people will be getting questioned ahead of the 
process.
    But when you have this incident that has occurred--and 
thank God that actions were taken that all passengers and crew 
were able to get off that plane safely--but once you have this 
person, who has attempted this atrocious act, when and who, 
what agency should be involved in taking custody of that 
person? Who is trained to interrogate a terrorist? Who has 
ultimate authority in the chain of command in this type of 
situation?
    Ms. Lute. I can only speak to the part about the 
information that we had regarding admissibility. No one is 
satisfied that this individual got on this plane with this 
material. It should never have happened, and we have to do 
everything we can so it doesn't happen again.
    We are taking the information we have about admissibility. 
He was at no time identified as a No-Fly or Selectee, which 
would have triggered certain actions prior to his boarding.
    Ms. Kilroy. I understand that, but he took actions on the 
plane. Everybody on the plane was aware of that. People on the 
ground were aware of that. So are Customs and Border Patrol 
agents trained in the science of interrogating a terrorist that 
has been taken into custody?
    Ms. Lute. He was handed over to the Department of Justice 
and the FBI.
    Ms. Kilroy. So the reports that I read that Customs and 
Border Protection interrogated him for an hour before he was 
turned over to the FBI--you are saying that would be incorrect, 
then?
    Ms. Lute. No. Customs and Border Protection had him upon 
presentation for entry, and he was handed over to law 
enforcement officials.
    Mr. Leiter. Congresswoman, if I--I got it.
    Ms. Kilroy. Yes.
    Mr. Leiter. He was initially arrested by the Customs and 
Border Protection officers, who were there at the airport. 
Immediately upon being removed from the aircraft, he was 
immediately turned over to the Federal Bureau of Investigation.
    Ms. Kilroy. I also want to endorse the line of questioning 
that Congressman Rogers led with respect to the use of canines, 
because I think that they have amazing abilities to detect, and 
they are very observant of body language as well as their use 
of different senses.
    With respect to the changes in the visa process, have there 
been any changes in the length of visas that are going to be 
offered, allowed to people so they could come to this country?
    Mr. Kennedy. Mr. Chairman, should I answer the question?
    Chairman Thompson. The gentleman will answer the question.
    Mr. Kennedy. I will be glad to see the Congresswoman and 
come visit with her and discuss that or submit an answer for 
the record, whichever you prefer, sir. I am prepared now.
    Chairman Thompson. You can answer the question now.
    Mr. Kennedy. Ma'am, it really doesn't matter whether a visa 
has a validity of 1 day or 1 year. If information comes to us 
on the day after a visa issue or 30 days after or 90 days 
after, if the intelligence or law enforcement community comes 
to us and said, ``You cleared this person, because there was no 
record when you cleared them. We now have something new on this 
person. That is, he or she is a danger to National security,'' 
we revoke the visa that day.
    Ms. Kilroy. Thank you.
    Chairman Thompson. Thank you.
    The gentleman from Georgia for 5 minutes, Mr. Broun.
    Mr. Broun. Thank you, Mr. Chairman. Mr. Chairman, during 
your opening statement you seemed to blame the Bush 
administration on this instance on Christmas day. To me there 
is a whole lot more going on here than just blaming President 
Bush and his administration, because I think this 
administration has a lot to blame, too.
    Deputy Secretary Lute, I assume that you are just a good 
soldier and carrying out the orders that you were given by your 
chain of command. You mentioned attempted attack, and they have 
actually--before your testimony, you just talked about that 
during your discussion about the Secretary not being here.
    I am incensed, frankly, that she is not here. Even the 
foreign visit was to brief people in Europe, and she ought to 
be here briefing these people in this committee who have 
responsibility to ensure the safety of the American public.
    Also, the Secretary said that the system worked, which is 
hogwash. The Chairman asked if there was any disciplinary 
action being taken, and all of you all said no. Frankly, I am 
incensed by that, and I think the President of the United 
States should ask for the resignation of Secretary Napolitano 
and get somebody there who is not in la-la land. Frankly, I 
think she is in la-la land.
    I don't know who else in your Department is, but whoever he 
is, they need to go, because the safety of the American people 
absolutely is critical on having good leadership at the top. I 
don't think we have that here in this country.
    So I am incensed. I think other Members of this committee 
are incensed that the Secretary won't take her time to come 
here and face this committee. I hope the President will take 
disciplinary action and get rid of her and get rid of anybody 
else in your-all's Department who are in denial, frankly, about 
the seriousness of this.
    In the United States Marine Corps, I was taught to know 
your enemy. I have heard testimony from some other of the 
members of this panel. They seem to get it. But I don't think 
the Department of Homeland Security, and I am not sure the 
President and his administration, get it.
    We are facing not a war on terror. We are facing a war 
against a group of fascists in this country who hate this 
Nation, hate everything we stand for, including the freedom, 
including the freedom we give to women, and they want to 
destroy this Nation. We must as a Nation start facing the fact 
that these are Islamic fascist terrorists, who want to use that 
tactic in a war. Terrorism is only a tactic. We are not 
fighting terrorism. We need to stop talking about that.
    To me the failure here is political correctness gone amok. 
There are many Members of this committee, principally on the 
other side, who don't want profiling. We just had a hearing 
about the undocumented attendees to a State dinner. We have got 
a lot of undocumented attendees in this Nation that the State 
Department allows to come into this country, and some that are 
documented.
    We need to change the whole philosophy of how we are trying 
to protect this Nation. I don't think we are doing a proper 
job. Frankly, I am incensed. I hope the President will start 
paying attention to what is going on here and will stop this 
inane thought of not profiling people that are entities that we 
know hate our Nation and will do what is necessary to protect 
the American public and keep this Nation safe.
    Mr. Pascrell. Will the gentleman yield?
    Mr. Broun. No, I won't.
    Mr. Pascrell. You won't yield?
    Mr. Broun. No, I won't.
    Mr. Pascrell. Okay.
    Mr. Broun. Because I have got just a minute left, and so I 
want----
    Mr. Pascrell. I will just say it later, so it doesn't 
matter.
    Mr. Broun. But it is absolutely critical that this 
administration take serious our enemy. America needs to know 
its enemy. It is radical--it is a bunch of radical folks all 
over the world, who want to destroy it. They are going to 
continue to attack us.
    Whole body imaging is not going to prevent, and even the 
canines are not going to prevent, bombings. There is no way 
unless we search every body cavity on every person who wants to 
come into this Nation.
    But we know one of the big, glaring, flashing dots is 
radical Islam. We have got to start focusing upon that. There 
is absolutely no question about that. Our people are going to 
die. Those who are worshiping at the altar of political 
correctness are going to--that worshiping at the altar of 
political correctness and not profiling our enemies is going to 
result in killing American citizens.
    With that, Mr. Chairman, I yield back. My time is up.
    Chairman Thompson. Thank you very much.
    The gentleman's time has expired.
    We have two votes scheduled, and we expect to return in 
about 25 minutes. The committee stands in recess.
    [Recess.]
    Chairman Thompson. We would like to reconvene the recessed 
meeting.
    We now will begin questioning with the gentlelady from 
Nevada, Ms. Titus.
    Ms. Titus. Thank you very much, Mr. Chairman. I do have a 
couple of questions. I would like to start with Mr. Leiter.
    On several points in your written testimony, maybe not so 
much in your oral testimony, you note that the intelligence 
community possessed strategic intelligence regarding al-Qaeda 
in the Arabian Peninsula, and you note that they had--and I put 
this in quotes--``had the intention of taking action against 
the U.S. prior to the failed attack on December 25, but we did 
not direct more resources against them nor insist that the 
watch list criteria be adjusted prior to the event.''
    You also note that the NCTC and intelligence community had 
long warned of the threat posed by this group in the Arabian 
Peninsula. But it appears that despite your intelligence on 
this and your concern about it expressed here, that the 
necessary steps weren't taken to prevent this.
    So I want to ask you who was receiving your reports about 
this intelligence? Why do you think they didn't respond to it 
in the appropriate way?
    Mr. Leiter. Congresswoman, I think everything you said is 
correct in terms of encapsulating my statement. All of the 
intelligence we write goes to a broad array of consumers 
ranging from the President to the members of the Cabinet, 
deputy secretaries and the like.
    I wouldn't say, though, that nothing was done. It is that 
the things that were done turned out not to have been ones that 
stopped this threat. There was forceful action taken on a 
number of fronts to try to disrupt various threats from al-
Qaeda in Yemen. What it didn't do is detect this thread or stop 
this particular individual.
    Now, steps were taken. Why do I think that we didn't shift 
enough focus onto this individual? I do think that al-Qaeda in 
the Arabian Peninsula, although we saw a desire and a 
possibility to strike the homeland, I don't think we fully 
realized the speed with which they had moved and actually put 
that desire into action.
    Ms. Titus. Well, I would ask you going forward, which is 
the important thing, do you think we are putting enough 
resources and enough attention on this growing threat in the 
Arabian Peninsula?
    Mr. Leiter. I think we have begun to move those resources. 
I still don't believe we have all the resources we need. I 
would also add that I remain particularly concerned, as I have 
testified before this committee and others previously, I remain 
particularly concerned not just about Yemen, but also in 
Somalia and the flow of Americans of largely Somali descent to 
Somalia. I think that poses a similar threat. Although Yemen is 
the subject of today's hearing, we have to remain very, very 
focused again on Somalia and, of course, on Afghanistan and 
Pakistan.
    Ms. Titus. Do you feel like the people who are higher up, 
all this group that you report to, are taking your warnings 
seriously?
    Mr. Leiter. I think without a doubt. I believe the 
President's immediate direction on shipping resources, Director 
Blair's intervention here to make sure we have the resources, 
and the rest of the intelligence community, I think we have.
    Ms. Titus. Well, we need to. There is no question about 
that.
    Mr. Leiter. I agree with you wholeheartedly.
    Ms. Titus. Just one other quick question for Ms. Lute. I 
would ask you--now, we have put so much focus on the 
international flights, because this incident was an 
international flight, but we can't forget that 9/11 involved 
domestic flight. We are not ignoring them or letting them go by 
the wayside as we now suddenly focus on Schiphol, are we?
    Ms. Lute. Absolutely right, Congresswoman. We are not 
neglecting any part of the aviation security systems, nor are 
we neglecting our land and sea borders, as we have this 
particular focus on air. We have a number of measures in place 
across the board to enhance our vigilance, increase our 
information gathering and sharing, as we have been discussing, 
working with technology in this multi-layer defense 
domestically as well as internationally.
    Ms. Titus. Thank you, Mr. Chairman. I yield back.
    Chairman Thompson. Thank you very much.
    The gentlelady from Michigan, Mrs. Miller, for 5 minutes.
    Mrs. Miller. Thank you very much, Mr. Chairman.
    You know, there have been lots of questions from my 
colleagues about the process and the failures of our protocol, 
et cetera. Many people have commented about the absence of 
Secretary Napolitano, and I would associate myself with those 
remarks.
    However, I will also say that it is stunning to me that 
Attorney General Holder or nobody from the Department of 
Justice is here to talk to this committee and to testify to 
this committee. I would respectfully request that at some point 
he does testify before this committee.
    Our responsibility is to have oversight, and I want to 
focus, I think, on what has happened since the attempted act of 
war, because that is what it was. It wasn't a criminal act. It 
was an act of war by a terrorist, an enemy combatant. I was 
stunned that this terrorist was not turned over to the 
military.
    Again, I am just incredibly dismayed no one from the DOJ is 
here. Yet, it was they, under the direction of Attorney General 
Holder, that made this decision to turn this terrorist over to 
the FBI, and not as an enemy combatant. He made the decision. I 
believe that the attorney general is creating a culture at the 
Department of Justice that fosters an ideology of approaching 
this war on terror like a simple police action.
    I will cite a couple examples of why I say that, because I 
do believe it is dangerous to our security, and I am very 
concerned about it. We know, for instance, that before becoming 
the attorney general, Eric Holder and his law firm represented 
accused terrorists that were in the custody of the military, 
and he urged their release to the civilian justice system. That 
includes Jose Padilla. They were very proud about giving free 
pro bono legal service to 17 Yemeni and one Pakistani, who 
currently are at Gitmo.
    We know that he and President Obama have placed many of 
these attorneys in high-ranking positions at the Justice 
Department--again, attorneys that provided free, top-flight 
legal assistance to enemy detainees.
    I mean my husband's an attorney. I know a lot of attorneys. 
You might have pro bono work for a child abuse case, domestic 
violence case. This is what they decided they wanted to give 
free legal advice to: Enemy detainees.
    We also know that the attorney general has stonewalled 
Senator Grassley, who is attempting to discover who these high-
ranking Justice officials are and what their role is in making 
these decisions.
    We know that the attorney general has been a huge advocate 
to close Gitmo and to bring these detainees to the United 
States. We know that the attorney general has made the decision 
to bring KSM and others implicated in the 9/11 conspiracy to 
New York City for trial without consulting any security 
officials in New York or other high-ranking officials in the 
military or intelligence communities.
    Our Ranking Member mentioned that he had not consulted 
them--actually, I think it was on the Jim Lehrer Show, where he 
said he consulted his wife and his brother before he made that 
decision. So I have concern with that.
    We also know that in this instance the attorney general did 
not share, in the instance of the Christmas day bomber, that he 
did not share the intelligence gleaned from the Christmas day 
bomber with the military or intelligence officials before 
giving the Miranda rights to this terrorist.
    I know the President has said that no one is accountable, 
or that no one will be held accountable, no single person, but 
I believe that President Obama must hold Attorney General Eric 
Holder responsible for the loss of additional intelligence that 
would have been gained to protect our citizens from future 
attack.
    He has been rather flippant, I would say, in saying that he 
is not afraid of Khalid Sheikh Mohammed being given a platform 
to spout his anti-American rants in our justice system. He says 
we have nothing to fear from giving terrorists constitutional 
rights and access to our court. I disagree.
    I am the only Member of this committee from the Detroit 
area, and this incident may have faded in the front of many 
papers, newspapers, and media across our Nation, but I will 
tell you in Detroit we are looking every single day at this 
terrorist, this enemy combatant, an act of war against America, 
who was treated at the University of Michigan Burn Center, 
which is probably the best burn center in the entire world, and 
not only given one free court-appointed, taxpayer-funded 
attorney, he has three--three--attorneys.
    We are looking every day at what is happening at the 
Federal building in the city of Detroit, all of the expense 
that is being taken on by the Detroit Police Department at a 
time they can't afford that kind of expense, and other security 
officials, just to make sure that we have no incident there.
    The first thing this guy hears when he gets off the 
airplane is, ``You have the right to remain silent.'' Here is 
your great justice system that we are having here in America. 
It makes me crazy.
    In the absence of anyone from the Department of Justice, 
let me just ask Director Leiter. Do you think that Attorney 
General Eric Holder's decision to Mirandize this guy denied us 
the opportunity to garner very valuable information? Do you 
think that if we got a terrorist in Afghanistan or Yemen or in 
theater and we only interrogated him for 50 minutes, that that 
would be adequate?
    Mr. Leiter. Congresswoman, I will try to answer, of course. 
I mean I am not from the Department of Justice. One thing I do 
want to correct, though. I don't believe it is correct that the 
information that was garnered during those initial 50 minutes 
of interrogation was not shared with the intelligence community 
or with the Department of Defense. I say that, because I was on 
the video teleconference that evening, and----
    Mrs. Miller. If you could, just a moment. I recognize he 
did share the information, but he did not share the information 
that he was going to Mirandize this, and that was my point. 
Nobody was asked about that. That was Attorney General Eric 
Holder's decision, apparently.
    Mr. Leiter. I apologize, Congresswoman. I understood. I 
just did want to make clear that the information that they 
garnered was immediately shared with the intelligence 
community. It was put to action. I think there was information 
that was garnered from that initial 50 minutes of interrogation 
that has been quite valuable.
    Mrs. Miller. Well, my time has expired, so I would just 
simply say that, Mr. Chairman, we are facing a new type of 
enemy who doesn't consider the battlefield to be just in Yemen 
or in theater. The battlefield that day was Seat 19A on that 
Northwest flight, and these are enemy combatants. I think it is 
dangerous for America to treat them as civil criminals. Thank 
you.
    Chairman Thompson. Thank you very much.
    For the record, as you know, the Minority has an 
opportunity to request a witness, and it could have very well 
been the Minority's option to request Attorney General Holder 
for this hearing, and they did not.
    The Chairman recognizes the gentlelady from New York, Ms. 
Clarke, for 5 minutes.
    Ms. Clarke. Thank you. Thank you very much, Mr. Chairman.
    Let me just say that as a New Yorker, I know that it is 
possible that we have under previous administrations tried 
individuals who seek to do us harm--terrorists, if you will--in 
civilian courts and been very successful there. So, you know, I 
think that this is an issue we can go back and forth with.
    But I think that we have to also make sure that in doing so 
we don't manifest through our conversations just the outcomes 
that we are seeking to prevent. That is encouraging others, by 
labeling enemy combatants, to become enemy combatants.
    I think that we have the power and an expertise in our 
Nation to address all of these concerns, and that is why we are 
here today to encourage one another to use those talents and 
expertise to do what needs to be done to protect the American 
people. Certainly, as we review our failures and our mistakes, 
we learn from them to strengthen ourselves as a Nation, to do 
what has to be done to protect the American people.
    So having said that, my concern has to do with our ability 
to manage these databases. I have felt all along since, really, 
hearing from constituents in my constituency that they have had 
a very hard time getting off these lists, that we were building 
a quagmire. I say that, because at a certain point the list 
becomes the proverbial trying to find the needle in a haystack, 
when you are not purging it, when you are not moving people 
through the cleared list.
    So I am just concerned that as we build out this data 
infrastructure to be able to find individuals, to communicate 
in real-time about individuals that we may have on one list, 
but may not be on another, that the time that it takes to scan, 
to data input, because it is my understanding that particularly 
in the TIDE database, that there are people with similar names 
in addition to the actual name. I am sure once you sort of plug 
in a name, you are going to get a list of names.
    I want to raise the question with each of you about how we 
refine our capacity through data maintenance and gathering to 
be able to do that type of ID in real-time. The GAO has found 
that agencies involved in screening international visitors to 
the United States do not screen individuals against all records 
in the watch list.
    Can we say that the system has become too cumbersome for 
accuracy of screening to become more difficult over time? I 
would like to get that response from each of you.
    Ms. Lute. Congresswoman, perhaps I will begin, and then 
Director Leiter may want to add to it.
    There is an enormous amount of data being gathered. It is 
one of the tools that we use for aviation screening, and we use 
it for other purposes as well. We are constantly refining our 
processes to ensure that we have the accurate information of an 
individual that is in these databases.
    One of the issues that I raised in my conversations with 
international colleagues, and the Secretary certainly 
emphasized as well, is creating a standard for passenger name 
records so that we have as much information as we possibly can 
about individuals. Are they who they say they are, and are they 
fulfilling the intent they declare?
    We do and have created a sort of one-stop for de-
confliction when people find themselves on a database 
erroneously. It is called the Travelers Redress Information 
Program. It is not yet a perfect system, and we acknowledge 
that, but we are working very hard to address it.
    Mr. Leiter. Congresswoman, believe me, I am very 
sympathetic to your concerns, because I have the responsibility 
to get through all of this data and make sure it is clean. We 
want it as clean a system as we could have. I will note a 
couple of things.
    First, I think it is important to note that United States 
persons make up a very small percentage of our high database, 
very small percentage. In fact, you can only be in our database 
if you are the subject of an active FBI investigation. Within 
24 hours of that investigation being closed, you are purged. I 
think we have a very good record for meeting that standard. So 
I think that is point No. 1.
    Point No. 2, are there simply better ways of doing this? 
There undoubtedly are. Any names-based screening system has 
inherent weaknesses. It requires not just a name, but you also 
want additional data about that person if you can, whether it 
is a birth date or a passport number.
    The next step, really, is moving towards greater 
integration of biometrics. Under Secretary Kennedy has already 
noted some of those advances that we have made. I think both at 
the initial screening when someone is getting on an aircraft, 
but certainly when they are getting a visa, when they arrive at 
a port of entry, the integrated use of biometrics, which is 
there already, is extremely helpful.
    It has to be expanded. There is a significant resource 
tail, and there is also a significant civil liberties concern 
that have to be addressed as we do this. But we know that is 
the right way to go.
    Chairman Thompson. Thank you very much.
    The Chairman now recognizes for 5 minutes, Mr. Olson.
    Mr. Olson. Thank you very much, Mr. Chairman.
    Before I get started on my line of questioning, I would 
like to identify myself with my colleague from Michigan's 
remark on the decision to use the criminal justice system of 
our country instead of the military justice system to prosecute 
this individual.
    Very briefly, what I have understood is when he was brought 
off that aircraft after he had tried to kill all the people 
aboard that plane, he was taken into custody, was taken to the 
hospital for medical treatment.
    Two FBI agents began asking questions. He was giving them 
actionable intelligence for at least 50 minutes, intelligence 
that saves lives. Those agents that were asking those 
questions--there is an exception to the Miranda rights that if 
you believe there is imminent information that is going to save 
lives--there is another bomb on an aircraft or, as we saw 
unfortunately on September 11, there are other aircraft in the 
air with bombers like Mr. Abdulmutallab on it--then they have 
discretion to ask questions. Again, for 50 minutes, by reports, 
they got actionable intelligence information.
    Five hours later, another group, a ``clean team,'' showed 
up. The first thing they did was read him his Miranda rights. 
No surprise, he hasn't talked since then. We will never know 
what information we have lost and what risks and what damage we 
may put to our country by not interrogating him fully and 
getting all the information he had to learn about what al-
Qaeda's doing in Yemen.
    I would like to change tactics here, change the tone of 
my--I want to talk a little bit about--you know, one thing that 
I believe is the most information we can have and the quicker 
we get it, the earlier in the whole process, the better chance 
we have to thwart it.
    As we know Mr. Abdulmuttalab, it seems to be that he got, 
at least from the information I have had, that his 
radicalization, his radicalization happened while he was going 
to school in Great Britain in England. The British intelligence 
states he is--Islamic student organization in their fight 
against extremism. Abdullahmatal--I am sorry--Abdulmutallab was 
the fourth president of an organization like that in Great 
Britain to be charged with a terrorism-related offense.
    My question is is extremism on college campuses something 
that the intelligence community is focused on, both abroad and 
here at home?
    Mr. Leiter. Congressman, I would be happy to talk about 
this more in a closed hearing. I will say we have worked very 
closely with the British as they look at their groups. We have 
consistently seen connections between terrorists threatening 
the United States and terrorist activity in the United Kingdom.
    One of the things we have done as a response to this is 
reinvigorate that information sharing to make sure that we have 
full visibility into whether or not it is the schools or the 
garage mosques or simply the splinter groups. I agree with you. 
We have to make sure this information is shared very quickly.
    Mr. Olson. Have we seen anything here domestically akin to 
what is going on in Great Britain?
    Mr. Leiter. Congressman, we have never seen within the 
United States nearly the scale, scope, depth of radicalization 
that we have seen in the United Kingdom. We have pockets of it, 
and we are concerned with it. I wouldn't associate it with any 
single environment within the United States.
    Mr. Olson. Thanks for that.
    One more question. Maybe I appreciate if it is two 
sentences across the line in the classification system. But one 
individual I am concerned about, and I hope I pronounced this 
right, is Sheikh Anwar al-Awlaki, who had contact, we know, 
with Mr. Abdulmuttalab, probably in Yemen, probably as part of 
the, you know, the organization that helped him get trained and 
certainly can keep him indoctrinated.
    Also concerned as a Member from Texas. Apparently, there 
were e-mail contacts between him and Captain Hasan who, as you 
know, killed 13 soldiers at Fort Hood. I am just concerned. Do 
you know of any other? He is using 21st century technology--
videos, teleconferencing technology, particularly, you know, of 
sending that signal to England and Great Britain again. I know 
I am harping on them, but is there any evidence that he has 
been doing that home here in our country?
    Mr. Leiter. Congressman, I really can. I can't go into 
great depth here. I will tell you that the intelligence 
community has been concerned with the activities of Anwar al-
Awlaki for some time. He was initially investigated in 
association with the events of 9/11, when he was an imam in San 
Diego, later in Northern Virginia.
    I can tell you that even well before Major Hasan, but 
certainly after the events of Fort Hood, NCTC, the FBI and 
other agencies have been very, very focused on Awlaki, but also 
other individuals like Awlaki, who are savvy to Western ways, 
Western technology, modern technology, and their ability to 
reach into our border through this technology.
    Mr. Olson. I see that I have run out of time. Thank you 
very much. Stay on him. Thanks.
    Chairman Thompson. Thank you very much.
    The gentleman from New Jersey, Mr. Pascrell.
    Mr. Pascrell. Chairman, thank you.
    Mr. Chairman, many of us have stressed one thing as Members 
of this committee. If there is one thing we have stressed, it 
is that the bureaucracy itself is as great a threat to our 
National security as anything else. You heard the bureaucracy 
today, part of it.
    Let me just point out that Congress is not exempt from this 
criticism. Indeed, this is at least the fourth of different 
full committees to hold a hearing on the attempted attack of 
December 25. This strikes me as entirely counterproductive to 
what we are trying to accomplish.
    It seems crystal clear to me that the events of December 25 
were allowed to occur, because once again we have failed to 
connect things in the information that we already had, we 
already knew about. Once again, our intelligence agencies 
failed to communicate with each other. This is a human error, 
not an electronic error.
    We spend a lot of time talking about the state-of-the-art 
of these machines that are in airports and aren't in airports. 
We have not told the American people the truth. Many binary 
explosives are not detectable at this point.
    We established a Director of National Intelligence, the 
DNI, to serve as the head of the intelligence community. It 
consists of 16 different agencies spread throughout the Federal 
Government--16. Each of these intelligence agencies have 
different standards for their personnel--each of them. 9/11 9 
years ago--they still have different standards.
    I would conclude that you are not going to get the proper 
relationship amongst these agencies until you have basic 
standards. In fact, the agency within all of the 16 that has 
the toughest standards is the CIA. I would begin there.
    But we established that position of Director of National 
Intelligence to finally provide some leadership and guidance 
over the intelligence community so that we could finally close 
the gaps in this information sharing. Clearly, we are not there 
yet.
    What troubles me most about this incident was that we 
allowed this individual to receive a visa in the first place to 
enter the United States. I think of all those families who have 
tried to get united and were denied a visa, because they 
thought if they came to the United States, that they wouldn't 
go back. Many of those cases were adjudicated correctly. Many 
of them were not.
    We never took steps to revoke his visa before he entered a 
foreign airport to travel. We already had negative information 
on this individual. Not only had the State Department spoken to 
his father, but we knew that he traveled to Yemen. For young 
men to travel from Nigeria to Yemen with no known legitimate 
purpose--that should raise a number of red flags.
    Mr. Leiter, Director Leiter of the National 
Counterterrorism Center, is often described as the arm of our 
intelligence community that is responsible for--I hate the 
phrase, and probably you do, too--connecting the dots on 
intelligence gathering. Do you agree that is your primary role 
and responsibility? If so, doesn't that hold you primarily 
responsible for the failure to connect the dots on the 
intelligence we already had on this individual?
    Mr. Leiter. Absolutely. I said several times, Congressman, 
NCTC is the primary analytic organization. It was our 
responsibility to do this. We didn't do that. There was another 
organization that also had responsibility under the DNI's 
standards. That didn't occur there either.
    Mr. Pascrell. Do you wonder why some of us have concluded 
that maybe we have added an extra layer of bureaucracy to the 
intelligence apparatus that is slowing us down to get to the 
goal line? Do you wonder why we think that at times? Or do you 
think that the DNI is absolutely necessary to stop those who 
wish to bring harm to our families, to our neighborhoods, and 
to our borders? What are your thoughts? I know you work for 
them. What are your thoughts?
    Mr. Leiter. Congressman, I think the DNI is a useful 
construct to advance intelligence reform. I do not think that 
the DNI in this case, this construct or the layers, was the 
problem. I mean I think many of the weaknesses you have 
identified are fair weaknesses. I just don't think they were 
the issue that caused this failure here today.
    Mr. Pascrell. Do you have the authority you need to work 
with intelligence across our Federal departments and agencies? 
Do you have the authority to do that?
    Mr. Leiter. Congressman, it is not easy for an----
    Mr. Pascrell. I am not saying it is easy. Believe me, I am 
not, Mr. Leiter. But my question is very specific.
    Mr. Leiter. I do not, nor do I believe the DNI, as 
currently constructed, has all of the authority necessary to 
move all of the information in a way that will maximize the 
likelihood of detecting these plots.
    Mr. Pascrell. Mr. Chairman, I hope that--and I know you 
were listening, and the Ranking Member, to the last answer. The 
gentleman has been forthright. I thank him for his service to 
his country. We have created--my conclusion, not their 
conclusion--a monster. We will never get the safety of the 
American citizens as we build these levels of bureaucracy that 
do not get to the heart of the issue.
    I would ask you to go back----
    I would ask you to go back, Ms. Lute----
    I would ask you to go back, Mr. Kennedy--to look at this 
bureaucracy as being the systemic problem. This is human error, 
but maybe it is human error precipitated by the fact that we 
have created a bureaucratic nightmare so that no one is held 
accountable. That is why you create bureaucracies, you know.
    Thank you, Mr. Chairman.
    Chairman Thompson. Thank you very much.
    The gentleman's time has expired, but we always recognize 
his leadership.
    Mr. Leiter, In light of your question, we are going to ask 
you to provide us what authority you think you need in order 
for you to do your job in a manner you deem necessary.
    Mr. Leiter. Mr. Chairman, I am happy to do that, and I 
would work with the DNI. I would add that although I say that, 
I don't have any particular authorities right now that would 
quickly ensure that every bit of this data is shared with every 
other component of the intelligence community.
    Chairman Thompson. I understand, but you just said in 
response to the gentleman from New Jersey's question that you 
don't have it.
    Mr. Leiter. Mr. Chairman, I am happy to go back, and we 
will come back with recommendations to you.
    Chairman Thompson. Thank you very much.
    The gentleman from Texas, Mr. Green, for 5 minutes.
    Mr. Green. Thank you, Mr. Chairman.
    I thank the witnesses for appearing today.
    I believe, as has been indicated, this was a failure of 
intelligence, but I would like to make sure that I state that 
it was not a failure of all intelligence personnel. I say this, 
because we have many people who risk their lives on a daily 
basis. Some, by the way, lose their lives, as was evidenced by 
the recent event that we need not go into.
    Their families--they see these hearings. I don't want their 
families to assume that I have concluded that all intelligence 
officers are failures, because I want them to have the morale 
necessary to do a very difficult job under circumstances that 
are extremely complicated, and sometimes almost impossible, if 
not impossible.
    I believe that the structural integrity of a plane at 3,000 
feet traveling at 500 miles per hour is of paramount 
importance. It is as important as anything that we deal with. 
Because the structural integrity of that plane is so important, 
I want a system that will reveal and allow us to capture the 
Omar Farouk Abdulmutallab.
    But I also want a system that will capture the 
Abdulmutallab who doesn't pay cash, the Abdulmutallab who 
doesn't ask for Seat 19A, the Abdulmutallab whose father 
doesn't turn them in. I want a system that will capture the 
Abdulmutallab whose religion I am not aware of.
    If we focus only on connecting the dots that could have 
been connected to the exclusion of designing a system that will 
allow us to capture the Abdulmutallabs who are not obvious, who 
are not intuitively obvious to the most casual observer, if you 
will, it would be a mistake.
    We must have a system that will reveal the Abdulmutallab 
who is Anglo-Saxon and has blond hair, because this beast that 
we have to deal with continually metamorphoses. It becomes 
something else somewhere else. If we only assume that it will 
be tomorrow what it is today, we will make today's mistake, and 
it will impact tomorrow.
    So the system that I am looking for is one that will allow 
us to understand, in my opinion, that the last line of defense 
is the airport. That is the last line of defense. The American 
people don't ask us to do the impossible. They do demand, 
however, that we do all that we can--that we do all that we 
can.
    At some point the excuse that we didn't do all that we 
could is not going to be enough for the American people. So we 
have got a duty at these airports to do all that we can. We owe 
it to the intelligence officers who risk their lives every day 
to make sure that we do all that we can at the airports, our 
last line of defense.
    A quick question, if I may. Did we know the religion of 
Richard Reid prior to December 2001?
    Mr. Leiter. I don't believe so. I don't think we knew 
anything----
    Mr. Green. I think that that answer suffices. The reason I 
asked is because if we focus on religion and then some other 
adjectives, we are missing a point here. I want to capture the 
culprit whose religion may not be the religion du jour for our 
purposes. This is serious business, and it goes beyond the 
ability to simply identify that which is superficial, the 
superficial social analyst who can come in after the fact and 
connect all of the dots and see how clearly we could have saved 
the day, had we connected the dots.
    So I suppose I had more of a statement than questions for 
you, because I just absolutely believe that we must not allow 
ourselves to be trapped by religion and by ethnicity and place 
of origin. It is bigger than that.
    Thank you, Mr. Chairman. I yield back the balance of my 
time.
    Chairman Thompson. Thank you very much.
    The gentleman's time has expired.
    The gentleman from California for 5 minutes, Mr. Lungren.
    Mr. Lungren. Thank you very much, Mr. Chairman. I 
appreciate the time. I am sorry I couldn't be here during all 
of this, but I am divided between three different committees, 
and we just voted to impeach a Federal judge. I think it is 
only eight times in history we have done that, so I had to be 
there for that vote.
    Yes, I hope we are not prisoners of wrong impressions 
either. But I also hope we are not prisoners of PC. We are in a 
war declared on us by radical jihad, radical Islam. That 
happens to be a fact. We didn't pick the war. They picked the 
war. I haven't seen too many Irish Catholic nuns blow 
themselves up.
    Sometimes we do stupid things like having my 6-month-old 
granddaughter a couple of years ago taken out for a secondary 
search when they searched her diaper. That kind of stupidity 
hurts us, I think, even though we do it to make sure that we 
have some egalitarian approach to this.
    Mr. Kennedy, let me ask you something. That is if the State 
Department had the information about Abdulmutallab from his 
father prior to issuing a visa, would we have issued a visa?
    Mr. Kennedy. Sir, if we had the information the father had 
presented before----
    Mr. Lungren. Yes, that is my question.
    Mr. Kennedy. Yes, sir. What we would have done is we would 
have not issued the visa. We would have sent in to the 
intelligence and law enforcement communities a security and 
advisory opinion, ask them what additional information they 
had, and then made the decision on the basis of what additional 
information they provided as well.
    Mr. Lungren. So if that is the case, why wouldn't we move 
to revoke the visa if we have that information?
    Mr. Kennedy. Because we sent the request in to the Visas 
Viper, sir, went into the intelligence and law enforcement 
community and ask them if they had any additional information 
on Mr. Mutallab.
    Mr. Lungren. Does someone have a constitutional right to 
come to the United States?
    Mr. Kennedy. No, sir.
    Mr. Lungren. Does someone have some sort of international 
right to come to the United States?
    Mr. Kennedy. Absolutely not.
    Mr. Lungren. A visa is a discretionary action by the United 
States, right?
    Mr. Kennedy. Absolutely, sir.
    Mr. Lungren. The granting of a visa. So why would you even 
hesitate about not granting someone a visa if he had that 
information from the father such as was given by Mr. 
Abdulmutallab's father?
    Mr. Kennedy. Two reasons, sir. First is context. We turn 
down almost two million--1.9 million visas a year. So we do 
not----
    Mr. Lungren. Okay. I don't care about the other. I am 
asking you about this specific case. That is why I am asking.
    Mr. Kennedy. No, because, sir, there are people who come 
into embassies every day, every month, family members, 
disgruntled business partners, and others who say that so-and-
so might be a terrorist. So we have been very carefully 
analyzing that. We consult with our partners.
    Mr. Lungren. Okay. I understand that. Let me ask you this, 
then. So do we have a lot of fathers who have experience such 
as Mr. Abdulmutallab's father did, who turn their sons in with 
that kind of information?
    Mr. Kennedy. There have been family members.
    Mr. Lungren. So there are a lot of them.
    Mr. Kennedy. There have been family members who----
    Mr. Lungren. You know, I appreciate it. I don't like people 
getting cute with me. This is very serious business.
    Mr. Kennedy. Absolutely.
    Mr. Lungren. The American people are asking us. I was just 
home. People are saying, ``How in God's name can you screw up 
like this?'' We have spent billions of dollars trying to do it, 
and we say, ``Well, you know, a father comes in like this with 
this guy's pedigree. He says that about it. Yes, we got a lot 
of them.'' I would argue that you don't get a lot of them, and 
I would argue that you ought to be a little more serious about 
this then doing that.
    Mr. Kennedy. Sir, I am----
    Mr. Lungren. Now, you know, it is easy to be a second, you 
know, on Monday morning quarterback, but when you tell me that, 
it bothers me a great deal.
    Mr. Kennedy. If I could just finish my sentence.
    Mr. Lungren. You can finish your sentence, but we are in a 
serious question here about people who want to kill us, and you 
talk to me. It sounds like the State Department is doing things 
the way they used to do it.
    Mr. Kennedy. No, sir. The second part of my sentence, sir, 
is that we are reviewing all of our procedures. We regard 
ourselves as the first line of defense, and we have every 
intention. We are committed to----
    Mr. Lungren. Well, you weren't the first line of defense 
here, were you?
    Mr. Kennedy. I believe we were, sir.
    Mr. Lungren. This is amazing. I am sorry. It is amazing to 
me. So you don't--it didn't work the way it should, though, did 
it?
    Mr. Kennedy. Absolutely not.
    Mr. Lungren. Okay.
    Mr. Kennedy. I said that in my testimony, sir.
    Mr. Lungren. So you are reviewing the procedures and 
criteria. So what would do differently now, if you got this 
information? Or would you do anything differently, except make 
sure it went up the line?
    Mr. Kennedy. If he had been a visa applicant, we would have 
coded that information. We would have sent the inquiry to 
Washington. We would have asked other people in the 
intelligence community what----
    Mr. Lungren. Okay. So he wasn't a visa applicant. He 
already had a visa.
    Mr. Kennedy. Right.
    Mr. Lungren. So what change would take place now, if you 
are confronted with the same information, not applying for a 
visa, but he has a visa. This information is brought to you at 
one of the embassies.
    Mr. Kennedy. I would think, as you suggested, sir, we would 
do all more in-depth review to make sure that the information 
being presented to us was valid. Then if it was valid, we would 
move to revoke the visa immediately.
    Mr. Lungren. Okay. I would just like you to bring one 
little bit of information back to the State Department. I have 
an adult daughter who was visiting Gambia the week after 
Christmas. She thought it might be important for her to go to 
the embassy to indicate that she was there--American citizen 
there.
    She was told the person that would take that information 
was sick, and the person who was--or, excuse me, was on 
vacation--and the person who was supposed to take that person's 
place was sick. Therefore, she could come back in a week to 
tell them that she was there. She was leaving in a week.
    I just want to tell you she didn't pull anything about 
being my daughter or anything else. I just happen to think that 
kind of a response to a simple American citizen going to a 
country saying, ``You know, you might want to know I am here in 
case anything happens''--not that she thought anything was 
going to happen in that country, but that was the response she 
got.
    Mr. Kennedy. That was totally inappropriate and wrong, and 
I will look into that, sir. We encourage, we request, we have 
web sites to encourage any American traveler to record their--
--
    Mr. Lungren. That is what she did. She was told to come 
back after she had left.
    Mr. Kennedy. That was an error, and we will look into it. 
Why? That is not our procedure.
    Chairman Thompson. The gentleman's time has expired.
    The gentlelady from Texas for 5 minutes, Ms. Jackson Lee.
    Ms. Jackson Lee. Thank you very much, Mr. Chairman.
    To the witnesses, let me thank you.
    I think all of us echo the fact that we know that there are 
men and women on the front line, and we appreciate their 
service. We also appreciate the leadership of the President of 
the United States as the Commander-in-Chief. He should be able 
to expect the highest level of performance of his staff, of his 
Executive staff, that he should also expect the Congress is a 
collaborator with him in team homeland security.
    Unfortunately, I think that there were enormous challenges 
and missteps that did not equate to the team working together 
and playing on the playing field together. I frankly believe 
that part of it is, of course, some of the missteps of the 
United States Congress, some of the inability of the executive 
to listen to the Congress.
    My subcommittee, the Subcommittee on Transportation 
Security and Infrastructure Protection, looked into the 
question of watch lists. We actually made comments about the 
burdensome method of that watch list, of how heavy laden it 
was, how inaccurate it was, to the extent that we had 8-year-
olds, so we had an 8-year-old as a witness. Another 8-year-old 
had been interviewed. It is a simple task to look at that watch 
list and provide the intelligence and the staffing to make it a 
watch list that is credible of the name.
    The other broken part of the system is the responsibility 
still, as I understand it, on airline personnel as people come 
to counters and their names--they go to the back and check 
their names--civilians looking at issues that happen to deal 
with homeland security issues.
    We have a problem and a crisis that needs to be fixed. A 
part of it is that we must acknowledge that we will not have 
people bearing flags running down airports and saying, ``I am a 
terrorist.'' Individual operators and actors, franchising of 
terrorism, seems to be the call of the day, and then taking 
credit for it one way or the other. We know now that Osama bin 
Laden has taken credit for the December 25 action.
    Many of us, who are not inside the Department, were aware 
that there was activity going on around the holiday. We know 
that that is the modus operandi of terrorists. Go when a 
country is focusing on something else. So my questions go to 
this whole question of interrelatedness.
    Quickly to Secretary Kennedy, are your consul offices--do 
they have a direct connection to the watch list effort of 
Deputy Secretary Lute and the counterterrorism efforts of 
Director Leiter so that the Nigerian consulate person would 
have had that direct connection?
    Chairman Thompson. Please use your microphone.
    Mr. Kennedy. My apologies.
    We get daily and----
    Ms. Jackson Lee. Can they call back and contact a human 
being?
    Chairman Thompson. Madam, well, just, I don't think he 
finished it.
    Ms. Jackson Lee. I understand, but my question is can 
they--I hear what he is going to say. The question is----
    Chairman Thompson. Now, I didn't hear what he was going to 
say. Just let him answer. You have got plenty of time. I am 
going to be very nice.
    Go ahead, Mr. Kennedy.
    Mr. Kennedy. The law enforcement and Homeland Security and 
intelligence communities provide us with information every day 
on new threats. We load that into our database, and that 
information is available to every embassy and consulate 
throughout the world.
    Ms. Jackson Lee. Does the consular general have the 
authority or the ability, or the individual who dealt with the 
father of the alleged perpetrator in the incident at December 
25, to be able to call back on the telephone, on a cable, on an 
e-mail, or whatever is secure, to ask questions out of the 
Deputy Secretary Lute area or the counterterrorism area?
    Mr. Kennedy. What they do is they call the visa office at 
the State Department, which is our central repository and which 
is in daily contact via all the secure means with both as the 
National Counterterrorism Center, the Department of Homeland 
Security, the FBI's Terrorist Screening Center. Yes, ma'am. We 
are in contact with daily. That is one of the major 
improvements since 9/11. We are all lashed up as partners----
    Ms. Jackson Lee. But if you are in contact, what does that 
mean? Does that mean that the person who engaged with the 
father of the alleged perpetrator had the ability to get on the 
phone and call and get a quick answer of the person who 
answered the phone in Washington, DC? I am suspicious. There is 
an individual here talking about activity of an individual that 
has a visa.
    Was there a direct link for there to be a response by 
checking live intelligence by way of a direct call to the 
counterterrorism or direct call to the watch list? Those are in 
two different areas.
    Mr. Kennedy. Yes, sir. He was not on the watch list. He was 
not on the Selectee list. The State Department, when the father 
came in, talked to an embassy officer, who then immediately 
reported to the consular section that this is the information 
that was received, and that information was immediately sent to 
Washington.
    Ms. Jackson Lee. Have you made changes to ensure that 
information that would describe someone as suspicious can be 
responded to quickly? Because frankly I believe that all that 
the father said was enough information for a well-trained 
official, whether they are State Department or not, that we are 
living in a different climate and maybe I should do something 
about it? Have you had a re-training of your staff around the 
country--around the world, rather?
    Mr. Kennedy. Yes, ma'am. We have sent out revised and 
updated instructions, and we emphasize that we have added 
additional information to the immediate report that is sent 
in--it is called Visas Viper--that notifies the Homeland 
Security and intelligence and law enforcement communities that 
the State Department has come into piece of information that 
may well be important, and here it is.
    Ms. Jackson Lee. Deputy Secretary Lute, if I might, on the 
watch list, which has been one of the major complaints and a 
burdensome list that is both, I believe, inaccurate. In many 
instances it plays into my colleague's comments about profiling 
for the basis of religion and otherwise, which does nothing to 
fight the war on terror.
    My question is the distinction between the watch list and 
the No-Fly list. In this instance this person should have 
definitely been on the No-Fly list, and so my question is what 
is the strategy for a comprehensive and coordinated 
watchlisting and screening approach into a prioritized 
implementation and investment plan that describes the scope, 
governance principles, outcomes, milestones, training 
objectives, metrics, cost and schedule of necessary activities 
as relates to the watch list to be able to move to the No-Fly 
list?
    If I may also raise to Director Leiter so I can have these 
questions out, which I think is very important. I hope that 
when we are on notice that an incident is occurring, all hands 
will be on deck, similar to making sure that embassy personnel, 
who we have great respect for, are at their desks at 
appropriate times, because all times of the schedule, if you 
will, the calendar, people are coming and going. I hope if 
there is a terrorist act, we have all hands on deck on this 
information.
    Director Leiter, and I would say my question is there has 
been a lot of discussion about the failure. This was not a 
failure to connect the dots, but to analyze what we had. It has 
been said that the intelligence community, to build a more 
robust analytical capability, specifically what steps are being 
taken to accommodate this goal in training, system design and 
technological changes, but more importantly, on the human 
intelligence and behavioral assessment, which, if you had done 
that on the gentleman's actions, he would have been on the No-
Fly list.
    Deputy Secretary Lute.
    Ms. Lute. Yes, ma'am. Thank you. As you know, the 
Department of Homeland Security does not own or control the 
watchlisting. Abdulmutallab was neither No-Fly nor Selectee.
    But we are working very closely with our colleagues 
throughout the interagency to identify the kinds of information 
that is necessary for us to take steps related to ensuring 
aviation security.
    In fact, in the wake of this incident, we will take 
information such as Under Secretary Kennedy was talking about 
and put that in the hand of our immigration advisory 
professionals that are stationed abroad in nine locations so 
that they can engage in additional questioning and examination 
of persons who come on that list. That is an important step in 
the direction of increased security, and we are looking at 
others as well.
    You also mentioned the frustration with the ensuring the 
accuracy of the list. We share that frustration. It is 
important that we do have lists on which we rely for ensuring 
the safety of the traveling public, that these be accurate 
lists. We are working very intensively to establish an easy way 
for people to de-conflict information when it is erroneous and 
to ensure that those lists are the accurate, important tool 
that we need them to be.
    But we also know that we are facing a determined adversary, 
who is looking to use people who are unknown to any system. In 
this regard we need to evaluate their activities, travel 
patterns, and other activities which can tip us off that this 
person may be dangerous, certainly is worth additional 
screening and questioning, and working intensively with our 
interagency colleagues to get better systems in place for those 
contingencies.
    Mr. Leiter. Congresswoman, thank you for the question. I 
think you are exactly right, that we have to improve the 
ability of these analysts to understand the characteristics of 
this information as they are coming in so they get a true feel 
for when a father walks in, why is the father walking in? Why 
this report?
    We are doing a number of things on this front. Most 
importantly, we are creating specific teams that are not bound 
to writing daily intelligence. When they get that bit from the 
father and dive into it and connect that intelligence in a way, 
that you do have all the information necessary to make that 
determination about whether someone should be or should not be 
on the No-Fly list.
    So you also do not get people on the No-Fly list that you 
don't want on the No-Fly list, because the only way you are 
going to get the bad guys off the plane is to also ensure that 
the good guys can get on the plane. Otherwise, the system just 
becomes unwieldy.
    So we have already begun additional training. The Director 
of National Intelligence is studying how we can advance that 
training more. We are creating teams to pursue these to ensure 
that they have the time and they have the resources to track 
down these free pieces of information and put them together.
    Mr. Kennedy. Congresswoman, you also asked is the State 
Department on duty in addition to the embassy people you 
mentioned. We have somebody responsible that is in our 
operation centers 7 days a week, 24 hours a day, 365 days a 
year. If a question comes in from an embassy--it may be in a 
different time zone--or comes in from our partners in the 
National security community, that officer knows who to reach 
out to to get the right information they need immediately.
    Ms. Jackson Lee. Mr. Chairman, may I just say a point on 
the record?
    I thank the witnesses.
    The one point that I heard Deputy Secretary Lute say is 
that Homeland Security does not have ownership of the watch 
list. I think it speaks to, again, the work we have to do and 
have been doing to get the synergism so that we have some 
mutually interrelatedness on trying to help all of these 
persons and that we can get an understanding everybody has 
ownership of the watch list, the No-Fly list.
    We have got to find a way to weave in our security so that 
there are no gaps, not putting the fault on these public 
servants, but there has to be a cleaning up of the cracks in 
the system that will allow this kind of breach to happen. It 
has to be a combination, Mr. Chairman, of the Executive working 
with us as team homeland security, and no distinction between 
Republicans and Democrats, team homeland security.
    I hope in that spirit that we will have the appointee 
necessary for the running of the Homeland Security Department 
to move as quickly as possible to be appointed and confirmed on 
the behalf of the American people. I look forward to working 
with them.
    I thank you, Mr. Chairman, for yielding.
    Chairman Thompson. Thank you very much.
    I want to thank the witnesses for their valuable testimony 
and the Members for their questions.
    Mr. Kennedy, if you would provide the committee with the 
instructions you referenced Chairwoman Jackson Lee that have 
been implemented since the December 25 incident with respect to 
training and other information. Now, if that is classified, 
just let us know, we will still govern ourselves accordingly.
    Mr. Kennedy. Mr. Chairman, I will be pleased to get that to 
you, sir. Thank you.
    Chairman Thompson. Thank you.
    Mr. Leiter, you said you want to make sure that good guys 
get on the plane. There is a good guy here who is a Member of 
Congress that has an awful difficult time getting on planes. He 
is Congressman John Lewis in Georgia.
    Deputy Secretary Lute, can you look into that and figure 
out a way how he can not be flagged for secondary screening and 
other things, because he is in fact John Lewis? Now, there is 
another John Lewis out there. We still ought to have a system 
to figure out how to handle this.
    Ms. Lute. Yes, sir, we should. I am on it.
    Chairman Thompson. Okay. Thank you very much. I am sure he 
would appreciate it.
    Mr. Leiter. Mr. Chairman. Can I make one note on that 
front?
    Chairman Thompson. Yes.
    Mr. Leiter. Not knowing the facts of Congressman Lewis' 
case and certainly not accusing him of being a known or 
suspected terrorist, I do want to flag for the committee--I 
think it is important to understand--that a desire to have more 
people on the watch list will inevitably lead to more false 
positives. We have to accept that, I believe, as a cost.
    There is nothing we can do technologically or with the 
human to eliminate those false positives from occurring--again, 
not speaking directly to the Congressman's case, but accepting 
that this will be a byproduct of ensuring that some bad people 
don't get on the plane.
    Chairman Thompson. Well, and I understand, but that is 
going forward. This has been from day 1. So we are not even to 
the next generation. But, obviously, we assume the 
inconvenience that adding to the list will bring, but these are 
different times.
    Mr. Kennedy, last question. Can you provide the committee 
with either, if you know right now or at a later date, how many 
people we actually have working in the visa office in your shop 
here in Washington?
    Mr. Kennedy. Mr. Chairman, let me get that for the record. 
I can get within a swag, but I will submit that for the record, 
sir.
    Chairman Thompson. Thank you very much.
    Mr. King. Thank you for the testimony. Thank you for their 
service. I yield back.
    Thank you, Chairman, for the hearing.
    Chairman Thompson. Thank you.
    Before concluding, I remind the witnesses that the Members 
of the committee may have additional questions for you, and we 
ask that you respond expeditiously in writing to those 
questions.
    Hearing no further business, the committee stands 
adjourned.
    [Whereupon, at 1:21 p.m., the committee was adjourned.]


                            A P P E N D I X

                              ----------                              

  Questions From Honorable Sheila Jackson Lee of Texas for Jane Holl 
        Lute, Deputy Secretary, Department of Homeland Security
    Question 1. In response to a recommendation by the 9/11 Commission 
about improving passenger pre-screening, the Secure Flight program is 
being implemented so that TSA will be assuming the duty, which now 
rests with the air carriers, of checking passengers against the No-Fly 
and Selectee databases. I understand TSA is first implementing Secure 
Flight domestically, but with there being a significant threat 
concerning international in-bound flights, how will the Department 
conduct watch list passenger pre-screening for in-bound flights to the 
United States? How will this be incorporated with existing CBP programs 
like the Advanced Passenger Information System?
    Answer. DHS is implementing Secure Flight through a phased process. 
The Transportation Security Administration (TSA) anticipates that 
Secure Flight deployments for domestic aircraft operators will be 
completed in spring 2010. TSA has also initiated Secure Flight 
deployments for foreign aircraft operators and expects to assume watch 
list matching for all flights, international and domestic, by the end 
of calendar year 2010.
    All aircraft operators, both foreign and domestic, who have not 
transitioned to Secure Flight are responsible for conducting watch list 
screening of their passengers against the No-Fly and Selectee lists.
    Currently, U.S. Customs and Border Protection (CBP) screens 
travelers arriving into or departing from the United States against the 
Terrorist Screening Database (TSDB, the U.S. Government's Terrorist 
Watch List), including No-Fly and Selectee records. All commercial and 
private aircraft operators with flights arriving into or departing from 
the United States are required to transmit passenger manifest 
information through the Advance Passenger Information System (APIS) to 
U.S. Customs and Border Protection (CBP). APIS is used for terrorist 
watchlist screening, law enforcement analytical work, passenger 
facilitation, and departure monitoring. As part of program alignment, 
on February 19, 2008, CBP started screening all APIS manifest 
submissions against the No-Fly and Selectee watch lists with the 
screening results being provided to the TSA Office of Intelligence 
(TSA-OI) for resolution. CBP has been working closely with TSA and the 
airline industry to align the APIS program with TSA Secure Flight 
watchlist screening. When TSA's Secure Flight Program is fully 
implemented, the No-Fly and Selectee screening will transition from the 
APIS system to Secure Flight. CBP will continue to process APIS 
manifest information for its law enforcement and traveler facilitation 
mission.
    Question 2. Ms. Lute, It is my understanding that ``Puffer 
Machines'' or Explosive Trace Portal Machines worked great when they 
were tested in the lab testing but during field testing they had a high 
breakdown rate caused by dust and dirt entering the machines. I have 
been told by TSA that there are currently 9 machines currently in the 
field, but TSA has no intention to field any more because of the 
breakdown rate. Is any effort being made to revise or improve this 
technology?
    Answer. At this time there are only two deployed Explosive Trace 
Portals (ETP), one at Gulfport-Biloxi International Airport and one at 
Phoenix Sky Harbor International Airport, and both are slotted for 
removal this year. As we deploy Advanced Imaging Technology (AIT) at an 
airport we remove obsolete equipment at the same time. This minimizes 
disruption of the airport operations and increases resource and cost 
efficiencies.
    While the ETP devices previously purchased by Transportation 
Security Administration (TSA) experienced operational performance 
issues that hindered their effectiveness in the field, TSA and the 
Department of Homeland Security Science and Technology Directorate 
continue to evaluate a variety of trace detection technologies.
    Question 3. Ms. Lute, it is my understanding that every checkpoint 
in the United States has portable Explosive Trace Technology devices. I 
realize it is not practical to test every person in every airport with 
this device because of time limitations, but can TSA increase the 
amount of passengers randomly selected for the explosive trace 
technology swab test? Has TSA taken any steps to increase their use?
    Answer. To restate your question more accurately, every checkpoint 
in the United States has tabletop Explosive Trace Technology devices. 
Explosive Trace Detection (ETD) technology is a critical tool in our 
ability to stay ahead of evolving threats to aviation security. In 
fact, the Transportation Security Administration (TSA) has recently 
expanded the random use of ETD technology at airports Nation-wide as an 
additional layer of security. Since it will be used on a random basis, 
passengers should not expect to see the same thing at every airport or 
each time they travel. TSA will continue to evaluate the numbers of 
passengers screened and work to maximize the effectiveness of ETD 
screening as commensurate with resource levels and airport operations.
    Question 4. Ms. Lute, it is my understanding that a pilot program 
that was recently completed by TSA called ``e-Logbook'' would allow TSA 
to instantly be able to know if a FAM or LEO flying armed is on-board 
an aircraft. I have been informed this pilot program was a success 
however, it is my understanding that no funding has been requested yet 
for this program to go up Nation-wide. I would like to know what the 
current status is and what plan does TSA have to role out this program 
Nation-wide?
    Answer. The Federal Air Marshal Service (FAMS) has a dedicated 
system in place to continually track, in real time, Federal Air Marshal 
(FAM) presence on domestic and international flights.
    With regard to the Electronic Logbook (e-Logbook) pilot program, 
the Transportation Security Administration (TSA) is seeking to 
establish an automated process for providing situational awareness for 
other armed law enforcement officers (LEOs) on-board any given 
aircraft. The e-Logbook pilot program was tested in Washington (Reagan 
National Airport, Dulles International) and San Francisco and TSA is 
currently considering a Nation-wide implementation. In the interim, 
TSA's Transportation Security Operations Center (TSOC) currently tracks 
State and local armed LEOs on commercial aircraft through a National 
Law Enforcement Telecommunications System (NLETS) solution implemented 
last year. Although functional, the NLETS solution relies on manual 
processes and is limited to State and local LEOs.
    Also, on February 1, 2010, TSA began a pilot implementation of an 
enhanced credential verification procedure for Federal Law Enforcement 
personnel flying while armed.
    The enhanced identification procedures require each Federal LEO 
flying armed in accordance with 49 C.F.R.  1544.219 and respective 
agency policy, to be in possession of a Unique Federal Agency Number 
(UFAN). The UFAN is an agency-specific alpha-numeric number TSA issues 
to Federal agencies/entities upon request. The UFAN is known only to 
TSA and the respective agency/entity. Each agency/entity must ensure 
its eligible law enforcement personnel are aware of this number to be 
used in conjunction with the LEOs badge, credential, a secondary form 
of Government-issued identification, and airline-issued LEO flying 
armed paperwork. The UFAN number is an additional form of verification 
and will be requested of the LEO at the LEO checkpoint prior to entry 
into the boarding area.
    Question 5. Ms. Lute, it has come to my intention that some flights 
have both FAMS agents and LEO's flying armed, while other flights have 
neither. Is the Department taking any steps to create a scheduling 
system to maximize the use of FAMS with LEO's flying armed?
    Answer. The Federal Air Marshal Service (FAMS) provides mission 
coverage to the Nation's civil aviation system using a concept of 
operations (CONOPs) that is essentially a threat-based matrix 
prioritizing scheduled flight coverage well in advance of the flight 
date. FAMS, on the other hand, can be made available to cover emergent 
threats when necessary. In order to perform the FAMS' mission, all 
Federal Air Marshals (FAM) undergo intensive specialized training far 
exceeding requirements for law enforcement officers (LEOs) flying 
armed.
    With regard to the matter of other armed LEOs, the FAMS has 
determined that flight schedules from other agencies (Federal, State, 
and local) are flexible by nature, often booked within days of the 
flight date (allowing virtually no advance FAMS planning) and are not 
sufficiently reliable to ensure daily coverage of flights. 
Overburdening airlines and TSA's Mission Operation Center with 
additional last moment cancellations/bookings to ensure proper coverage 
of high priority flights presents operational and logistical challenges 
best overcome by the FAMS making its own schedule independent of other 
LEOs traveling on flights.
    Question 6. Ms. Lute, does the Department plan to hire more FAMS 
agents? If so, how many?
    Answer. The President's fiscal year 2011 budget request does seek 
to increase the Federal Air Marshal Service funded staffing level. 
Specifically, the budget request seeks to hire 499 additional FAMS 
personnel in fiscal year 2011.
    Question 7. I have recently become aware of ``event-driven'' as 
compared to ``person-driven'' software. As I understand it, ``event-
driven'' software is very efficient and can instantly capture and 
process extremely large volumes of information. I understand that 
electronic signals generated by events serve as input into specialized 
event-driven software. I am told that based on its processing rules 
with predetermined expectations and constraints, it can intelligently 
process the information to constantly revaluate individuals' risk 
profiles, connect the intelligence-revealing dots, and automatically 
and immediately communicate the derived intelligence or alerts to all 
the appropriate people that need to know, or need to take action.
    I am told that this event-driven software has been successfully 
used for years in extremely complex manufacturing environments such as 
Aerospace and Defense, as well as many other challenging industries. 
The processing of travel and security ``events'' is apparently no 
different and I understand that the software can be deployed very 
quickly. It appears there is a possibility that with this software the 
``events'' leading up to the Christmas day bomber incident would have 
set off the alarms for everyone, even if the bomber was not on any 
watch list. How long do you estimate it will take before the American 
people can be protected by comprehensive ``event-driven'' software?
    Answer. DHS is aware that event-driven systems have proven useful 
in such large-scale applications as manufacturing, financial and 
investment management, aircraft and spaceflight, and project 
management. Common to all these applications is some on-going process, 
workflow, or lifecycle. For example, a production line; an investment 
policy based on a series of price or monetary changes; a series of 
engine thrust, altitude, heading, weather, and fuel (and many other) 
measurements, which describe the health of an aircraft; or a 
development cycle for a software design. The ``event'' refers to a 
point along the process, workflow, or lifecycle, where an automated 
decision is made by the system to proceed or to take one of several 
alternatives. Using our manufacturing or aircraft and spaceflight 
examples, this could be deciding to insert a new throttle assembly 
because the old one was ineffective or setting a series of thrusters or 
making altitude adjustments on the Space Shuttle to ensure a safe re-
entry trajectory. For event-driven systems to function, at least three 
elements are necessary. These are: (1) A constrained set of rules that 
determine how decisions are made, (2) access to all the data or 
databases that are necessary to make a decision, and (3) sensors to 
detect an event or measurements that are continuously made along the 
process or lifecycle.
    In the context of the attempted attack on December 25, 2009, for an 
individual and an explosive material, a set of rules does exist for 
deciding what happens if one or the other is detected, therefore the 
first element for an event-driven system is present and functioning. 
The second element, access to all data, was incomplete. In the case of 
the individual, while he used his real identity (e.g., he did not try 
to use a false passport or another name), DHS screening systems lacked 
any data indicating that he presented an imminent threat. In 
particular, he was not on the U.S. Government's terrorist watch list.
    Similarly, while DHS had sufficient information to know that the 
particular substance could be explosive, our foreign partners did not 
have systems or processes in place to detect it.
    In summary, an event-driven system applied to the attempted attack 
on December 25 would not have functioned because the individual was not 
watchlisted and because the screening equipment was not sensitive 
enough to detect the explosive material. Had the individual been 
watchlisted or had the equipment been sensitive enough to detect the 
explosive materials, an event-driven system would not have been 
necessary as the existing information-based and physical screening 
processes would have prevented him from boarding the aircraft. DHS is 
working with our counterparts within the U.S. Government and our 
foreign partners to close these vulnerabilities.
    Event-driven systems could prove useful for some homeland security 
applications. However, should the Department identify event-driven 
systems as a practical technology solution for air passenger screening, 
it will take time to integrate into the existing enterprise.
    Question 8. The findings of the administration's report released 
Jan 7, 2010, included: ``The information that was available to 
analysts, as is usually the case, was fragmented and embedded in a 
large volume of other data'', and that ``NCTC and CIA personnel who are 
responsible for watchlisting did not search all available databases to 
uncover additional derogatory information that could have been 
correlated with Mr. Abdulmutallab''.
    My understanding is that most of the analysis is currently a 
process of manual searches of the various databases.
    Could this goal be achieved with automation, through the use of 
clever technology that can process large volumes of information 
efficiently and if so, are you currently looking at putting such 
technology in place?
    Answer. The Department of Homeland Security (DHS) is investigating 
ways to improve searches across the large number of databases in the 
Department. Even before 25 December, in response to terrorist activity, 
the Department established a DHS Threat Task Force (DTTF) and provided 
access to 47 databases to a single co-located team in order to conduct 
name traces. While this is a step forward and has yielded actionable 
insights, the greater need is the ability to search across databases at 
the same time, combining search results. Rather than search each 
database individually, a federated search would allow us to more 
quickly make analytic connections.
    A cross-database search capability could enable DHS to conduct 
searches on individual names, submit lists of names for search, and set 
up alerts which are tripped when new information on individuals of 
interest arrives. Various statistical and probabilistic algorithms 
could be used to prioritize the search results based on context and 
frequency.
    DHS is exploring options for a federated search capability. While 
federating searches across multiple databases is technically feasible, 
it is challenging when dealing with numerous datasets of different eras 
and structures, and it must also be done in a manner consistent with 
DHS information use policies including implementation of the Fair 
Information Practice Principles. In advance of creating this 
capability, moreover, the Department will also develop applicable 
System of Records Notices (SORN) and Privacy Impact Assessments (PIA) 
to ensure that we use the databases in a manner consistent with what we 
have publicly stated about them. The Department will continue to work 
through these issues to make available for search the kinds of 
sensitive U.S. persons data that are currently not easily shared with 
the intelligence community in a manner that protects privacy, civil 
rights and civil liberties, and ensuring DHS can achieve its mission to 
detect threats to the homeland.
    Question 9. Does our technology today enable us to assess every 
single passenger's risk profile, considering all contributing factors, 
in order to determine his/her specific risk level at any given point in 
time, and to immediately communicate an elevated risk to the security 
agencies for extra screening or follow up? If not, are you aware of a 
technology that could accomplish this?
    Answer. For international flights, in addition to screening against 
the No-Fly and Selectee lists that are part of the Terrorist Screening 
Database, DHS uses a decisions support tool that compares traveler 
information against intelligence and other enforcement data by 
incorporating risk-based targeting scenarios and assessments. The 
primary purpose is to target, identify, and prevent terrorists and 
terrorists' weapons from entering the country. All individuals entering 
the country by commercial air and sea carriers are run through this 
system. Based on results of the targeting systems, DHS will determine 
appropriate next steps, which include denying boarding, additional 
screening before departure or upon arrival, denying admission to the 
United States, or arrest upon arrival.
 Questions From Chairman Bennie G. Thompson of Mississippi for Michael 
         E. Leiter, Director, National Counterterrorism Center
    Question 1. What disciplinary or other personnel action has your 
agency taken in response to the events leading up to the failed attack 
on Flight 253?
    Answer. Response was not received at the time of publication.
    Question 2. Does NCTC have the authority it needs to fulfill its 
mission to the American people? Specify any additional authorities 
needed to operate effectively.
    Answer. Response was not received at the time of publication.
    Question 3. Under what circumstances are names removed from the 
TIDE database? Describe relevant procedures and the time intervals 
associated with these procedures.
    Answer. Response was not received at the time of publication.
   Question From Honorable Christopher P. Carney of Pennsylvania for 
     Michael E. Leiter, Director, National Counterterrorism Center
    Question. Mr. Leiter, at the hearing when asked about how many 
points of failure occurred within our intelligence and homeland 
security systems, ``Was there a single point of failure, a double point 
of failure or multiple points of failure?'', you answered ``Multiple''. 
Please list these failures and rank them in terms of severity and what 
needs to be done to fix them.
    Answer. Response was not received at the time of publication.