Additional Resources

Additional Resources

The ISE Core Awareness Training is currently unavailable.

 

The ISE Core Awareness Training Course is designed for federal agency ISE partners and provides a broad overview of the underpinnings of the ISE, its mission partners, its impact on the Nation’s security, and includes a significantly expanded discussion on privacy, civil rights, and civil liberties protections for the ISE.

Structured, standards-driven approaches to technology and enterprise data management are the foundation for responsible information sharing that protects privacy, civil rights, and civil liberties. Standards provide a common lexicon to enable information exchanges.

 

The ISE Common Information Sharing Standards (CISS) program provides standards for technology implementation, information sharing processes, and products for the ISE. The CISS program focuses on two types of standards:


Functional standards

 

These standards are rules or guidelines for creating and sharing reports or other documents. An example of a functional standard developed by ISE mission partners is the Nationwide Suspicious Activity Reporting (SAR) Initiative (NSI). The ISE-SAR Functional Standard includes the business rules and formats for exchanging SARs that were agreed to both by operating organizations (frontline law enforcement) and privacy and civil liberties advocacy groups.


Technical standards

 

These standards are the schemas or frameworks that enable technical data exchanges between systems. Learn more by checking out blog posts about technical standards.

 

Links to ISE Guides and Best Practices:

 

Protecting Privacy, Civil Rights, and Civil Liberties in the ISE.

 

The protection of privacy, civil rights, and civil liberties (P/CRCL), mandated by Section 1016 of the Intelligence Reform and Terrorism Prevention Act of 2004 (IRTPA), is a core tenet, foundational element, and enabler of the ISE. PM-ISE works with ISE mission partners at all levels of government and across the domains to put in place safeguards to ensure the protection of privacy, civil rights, and civil liberties (P/CRCL) of citizens.

 

In 2005, the Administration called for the development of a protection framework, resulting in the development of ISE Privacy Guidelines to provide uniform protections for P/CRCL in information sharing activities.

 

The ISE Privacy Guidelines establish a P/CRCL protection framework, which requires both federal entities and non-federal entities seeking to access “Protected Information” in the ISE to:

 

  1. Develop and adopt written privacy policies,
  2. Designate a privacy and civil liberties officer,
  3. Provide training to ISE personnel on P/CRCL protections, and
  4. Integrate the P/CRCL protections and requirements into business processes and systems.

 

As federal departments and agencies develop and use the Information Sharing Environment (ISE), they are required to implement the ISE Privacy Guidelines within their organizations. To assist them in their efforts, the Program Manager for the Information Sharing Environment has issued several documents, collectively known as the Privacy and Civil Liberties Implementation Manual, to support agencies in understanding and implementing the ISE Privacy Guidelines while minimizing duplication of effort. The Manual includes:

 

  1. The Privacy and Civil Liberties Implementation Guide for the Information Sharing Environment (September 2007), which provides a suggested process and outlines best practices to assist federal agencies in implementing the ISE Privacy Guidelines.
  2. The Privacy and Civil Liberties Implementation Workbook for federal agencies (version 1.2), which translates elements of the ISE Privacy Guidelines into a step-by-step process for agencies to follow in generating their ISE Privacy Protection Policy.
  3. The Key Issues Guidance, which covers topics such as accountability, enforcement, and audit; redress; data quality; data security; and notice mechanisms.
  4. The Civil Rights and Civil Liberties Protections Guidance, which provides guidance on interpreting the ISE Privacy Guidelines requirements; explains how ISE participants' collection and subsequent use and sharing of information may implicate a person's civil rights and civil liberties; and provides guidance and examples for common civil rights and civil liberties issues that might be encountered by federal, state, local, territorial, and tribal (FSLTT) ISE mission partners.  

Additional privacy documents and resources are in the table below.

 

Privacy and Civil Liberties Resources for State and Local Agencies  
DHS / DOJ Privacy and Civil Liberties Web Portal  

Vision

 

National security through responsible information sharing

 

 

Mission

 

  • Advance responsible information sharing to further counterterrorism, homeland security, and cybersecurity missions
  • Improve nationwide decision making  by transforming from information ownership to stewardship
  • Promote partnerships across federal, state, local, and tribal governments, the private sector, and internationally

 

Mission Objectives

 

Advance responsible information sharing to further counterterrorism, homeland security, and cybersecurity missions

 

  • Transform the domestic information sharing architecture to better identify and respond to threats
  • Build and deliver capabilities to manage, integrate, and make sense of vast stores of information
  • Enhance cybersecurity information sharing by extending the use of ISE tools

 

Improve nationwide decision making by transforming from information ownership to stewardship

 

  • Achieve greater interoperability through standards-based acquisition
  • Drive responsible information sharing by interconnecting existing networks and systems with strong identity, access, and discovery capabilities
  • Standardize, reuse, and automate information sharing policies and agreements with strong protection of privacy, civil liberties, and civil rights

 

Promote partnerships across federal, state, local, and tribal governments, the private sector, and internationally

 

  • Build organizational capacity through engagement, coordination, training, and management support
  • Encourage cultural change through communities of action

In the aftermath of the September 11 terrorist attacks, the United States began a historic transformation aimed at preventing future attacks by improving the ability to share terrorism-related information. Improved intelligence collection and analysis have helped paint a more complete picture of the threat, while enhanced information sharing has provided us a greater capacity for coordinated and integrated action.

Since September 11, significant laws have been enacted to enhance information sharing capabilities:

  • Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT) Act of 2001 removed barriers that once restricted the sharing of information between the law enforcement and intelligence communities, while at the same time protecting our fundamental liberties.
  • The Homeland Security Act of 2002 established the Department of Homeland Security (DHS) in part to improve the sharing of information among Federal, State, and local government agencies and the private sector, in order to enhance the ability to detect, identify, understand, and assess terrorist threats to and vulnerabilities of the homeland, to better protect the Nation's critical infrastructure, integrate our emergency response networks, and link State and Federal Governments. Additionally, on July 29, 2003, the President issued EO 13311, addressing key information sharing provisions in the Homeland Security Act.
  • The Intelligence Reform and Terrorism Prevention Act of 2004 (IRTPA) reorganized the Intelligence Community and established the position of Director of National Intelligence to serve as the President's chief intelligence advisor and the head of the Intelligence Community, and to ensure closer coordination and integration of the 16 agencies that make up the Intelligence Community.
  • IRTPA also established the National Counterterrorism Center (NCTC) to serve as a multiagency center analyzing and integrating all intelligence pertaining to terrorism, including threats to U.S. interests at home and abroad.

Building upon these organizational and institutional changes strengthen information sharing. The following actions specifically relate to the establishment of the Information Sharing Environment:

  • In his immediate response to the Recommendations of the 9/11 Commission, the President issued Executive Order 13356, Strengthening the Sharing of Terrorism Information to Protect Americans, August 27, 2004. In it, the President directed agencies to give the "highest priority" to the prevention of terrorism and the "interchange of terrorism information [both] among agencies" and "between agencies and appropriate authorities of States and local governments." The President further directed that this improved information sharing be accomplished in ways that "protect the freedom, information privacy, and other legal rights of Americans."
  • Section 1016 of the Intelligence Reform and Terrorism Prevention Act of 2004 , embraced the key principles of EO 13356 and directed the establishment of the Information Sharing Environment.

    • The President was charged to create the ISE, designate its organization and management structure, and determine and enforce the policies and rules to govern the ISE's content and usage. The law further required the ISE be "a decentralized, distributed, and coordinated environment" that "to the greatest extent practicable, ... connects existing systems ... ; builds upon existing systems capabilities currently in use across the Government; ... facilitates the sharing of information at and across all levels of security; ... and incorporates protections for individuals' privacy and civil liberties."
    • In addition, the law required the President designate a Program Manager for the ISE. The role of the Program Manager is to manage the ISE, oversee its implementation, assist in the development of ISE standards and practices, and monitor and assess its implementation by federal departments and agencies.
    • The law also established an Information Sharing Council to advise the President and the Program Manager on the development of ISE policies, procedures, guidelines, and standards, and to ensure proper coordination among federal departments and agencies participating in the ISE. Under President Barack Obama's Administration, the Information Sharing Council was integrated into the White House policy process through the Information Sharing and Access Interagency Policy Committee (IPC), so that the work of the ISC will move forward under the auspices of the Executive Office of the President.
    • On October 25, 2005, the President issued EO 13388, Further Strengthening the Sharing of Terrorism Information to Protect Americans, superseding Executive Order 13356, to facilitate the work of the Program Manager, expedite the establishment of the ISE, and restructure the Information Sharing Council.
    • On December 16, 2005, in accordance with section 1016 of the Intelligence Reform and Terrorism Prevention Act of 2004, the President issued a Memorandum to Heads of Executive Departments and Agencies prescribing the guidelines and requirements in support of the creation and implementation of the ISE. The Memorandum contained two (2) requirements and five (5) guidelines which prioritize efforts the President believes are most critical to the development of the ISE and assigned Cabinet officials responsibility for resolving some of the more complicated issues associated with information sharing.

      • The President directed that the ISE be established by building upon "existing Federal Government policies, standards, procedures, programs, systems, and architectures (collectively "resources") used for the sharing and integration of and access to terrorism-related information, and ... leverage those resources to the maximum extent practicable, with the objective of establishing a decentralized, comprehensive, and coordinated environment for the sharing and integration of such information."
      • He also directed the heads of executive departments and agencies to "actively work to create a culture of information sharing within their respective departments or agencies by assigning personnel and dedicating resources to terrorism-related information sharing, by reducing disincentives to such sharing, and by holding their senior managers accountable for improved and increased sharing of such information."
      • The five specific guidelines were designed to advance the development and implementation of the ISE.

        1. Guideline One: The President directed that common standards be developed "to maximize the acquisition, access, retention, production, use, management, and sharing of terrorism information within the ISE, consistent with the protection of intelligence, law enforcement, protective, and military sources, methods, and activities." These common standards, the President further directed, must accommodate and account for the need to improve upon the sharing of terrorism-related information with State, local, and tribal governments and the private sector.
        2. Guideline Two: The President stressed that "war on terror must be a national effort" and therefore one in which State, local, and tribal governments and the private sector are afforded appropriate opportunities to participate as full partners in the ISE. Accordingly, he directed that a common framework be developed governing the roles and responsibilities of federal departments and agencies relating to the sharing of terrorism information, homeland security information, and law enforcement information among federal departments and agencies, State, local, and tribal governments, and private sector entities.
        3. Guideline Three: The President directed a series of actions be undertaken to improve upon the sharing of Sensitive but Unclassified (SBU) information. Specifically, he directed the heads of particular departments and agencies to submit recommendations for the standardization of SBU procedures for marking and handling terrorism-related information, homeland security information, and law enforcement information, and eventually all other types of information shared within the ISE.
        4. Guideline Four: The President recognized the imperative for the ISE to facilitate and support the appropriate exchange of terrorism information with our foreign partners and allies and, toward that end, directed the development of recommendations to achieve improved sharing in this area.
        5. Guideline Five: The President directed, as he did earlier in Executive Order 13353, that the information privacy rights and other legal rights of Americans must be protected. Accordingly, he required guidelines be developed and submitted for approval to ensure such rights are protected in the implementation and operation of the ISE.

    • On November 16, 2006, pursuant to the President's delegation of authority, the Director of National Intelligence submitted to the Congress a report containing the Implementation Plan for the Information Sharing Environment. The ISE Implementation Plan, among other things, delineates how the President's guidelines and requirements will be implemented by drawing upon recommendations developed pursuant to those guidelines. The plan contains descriptions of the functions, capabilities, resources, and conceptual design of the ISE, a plan for deploying and operating the ISE, and a process for measuring implementation progress and performance. The plan was developed through a collaborative effort among the Program Manager and the ISE member organizations. It also incorporates the perspectives of representatives from State, local, and tribal governments who reviewed the ISE Implementation Plan Report during its development. Since the Plan's submission to the Congress, many of its action items have been implemented.
    • In August of 2007, the Implementing Recommendations of the 9/11 Commission Act of 2007, included amendments to section 1016 of the Intelligence Reform and Terrorism Prevention Act of 2004 and to the Homeland Security Act of 2002. The new law expands the scope of the ISE to explicitly include homeland security information and weapons of mass destruction information. It also endorses and formalizes many of the recommendations developed in response to the President's information sharing guidelines, such as the creation of the Interagency Threat Assessment and Coordination Group, and the development of a national network of State and major urban area fusion centers.
    • On October 31, 2007, President George W. Bush issued the first National Strategy for Information Sharing to prioritize and unify our Nation's efforts to advance the sharing of terrorism-related information. The Strategy integrates ISE-related initiatives and sets forth the Nation's plan to build upon progress made in improving information sharing since the September 11 attacks to establish an integrated National information sharing capability.

      • The Strategy was developed using a collaborative process and based on significant input provided by the federal Information Sharing Council and State, local, tribal, and private sector officials from across the nation.
      • The Strategy helps to ensure those responsible for combating terrorism and protecting our local communities have access to the timely and accurate information they need by:

        • Providing a framework for enhanced information sharing among federal, state, local, and tribal officials, the private sector, and foreign partners to aid their individual missions and to help secure the homeland.
        • Describing the Federal Government's approach to support State and major urban area fusion centers, as well as National efforts to fight crime and make our local communities safer.
        • Recognizing that as information sharing capabilities are enhanced, it is imperative that the legal rights of Americans continue to be protected, especially in the area of privacy and civil liberties.

Introduction

Following the attacks of September 11, the National Commission on Terrorist Attacks Upon the United States, commonly called the 9/11 Commission, identified a number of information sharing failures and recommended a series of reforms to prevent such failures in the future.    

 
Establishing an Information Sharing Environment 2004-2006

In response to 9/11 Commission recommendations, President George W. Bush issued several executive orders, including Executive Order 13356, “Strengthening the Sharing of Terrorism Information to Protect Americans,” on August 27, 2004, which required the heads of departments and agencies to share terrorism information, mandating that “in the design and use of information systems . . . the highest priority” must be given to the “interchange of terrorism information among agencies.”  

 

Congress also responded to the 9/11 Commission, both by removing legal barriers and by establishing particular information sharing initiatives.  In Section 1016 of the Intelligence Reform and Terrorism Prevention Act of 2004 (IRTPA), the Congress established the Information Sharing Environment (ISE) which it defined as “an approach that facilitates the sharing of terrorism information, which may include any methods determined necessary and appropriate for carrying out this section.”  Section 1016 also established a Program Manager for the ISE, an Information Sharing Council, and mandated the issuance of guidelines to protect privacy and civil liberties.

 

Executive Order 13388, “Further Strengthening the Sharing of Terrorism Information to Protect Americans,” (2005) replaced EO 13356 and reinforced the IRTPA approach, restating the imperative for agencies to share terrorism information with each other subject to the requirement to protect privacy and civil liberties.

The ISE adopted a distributed, decentralized model which, instead of relying on a central database of terrorism information, requires an ISE that connects existing systems, a model which enables cooperation across federal agencies and among state, local, tribal, private sector and international partners. This model also lessens the risks of privacy abuses, compromise, or data breaches. 


2007-2010: EXPANDING THE INFORMATION SHARING PRIORITY

In 2007, the Congress enacted the Implementing Recommendations of the 9/11 Commission Act (“9/11 Act”), a major update to IRTPA.  In so doing, Congress indefinitely extended the term of the Program Manager for the ISE (which had previously been limited to two years), added homeland security and weapons of mass destruction information to the ISE’s scope, and included several new ISE attributes for information sharing.

 
2010 – PRESENT: INCREASING INFORMATION SHARING AND SAFEGUARDING

The next major development in ISE history concerns safeguarding shared information. In 2010, the website WikiLeaks, in cooperation with leading newspapers, published a trove of secret diplomatic cables allegedly provided to WikiLeaks by U.S. Army Private Bradley Manning.  This led some to question whether sharing had gone too far, endangering sources and methods.

 

Following a comprehensive interagency review, President Obama issued Executive Order 13587, “Structural Reforms to Improve Sharing and Safeguarding of Classified Information on Computer Networks," which established several new interagency bodies to coordinate efforts to improve security on classified networks, including a Senior Information Sharing and Safeguarding Steering Committee, an Insider Threat Task Force, and an Executive Agent for Safeguarding comprised of the National Security Agency and the Department of Defense.  

 

PM-ISE was placed within the Office of the Director of National Intelligence (ODNI) Partner Engagement (PE) to better coordinate the office's terrorism-related information sharing mission with the DNI's mission to improve intelligence information sharing. As part of the integration, PM-ISE became PE-ISE.


THE FUTURE OF RESPONSIBLE INFORMATION SHARING

The Administration continues to advance responsible information sharing. As the director of the national office for responsible information sharing, the ISE is working to:

  • advance responsible information sharing to further the counterterrorism and homeland security missions
  • lead a transformation from information ownership to information stewardship
  • promote partnerships across federal, state, local and tribal governments, the private sector, and internationally

 

FEATURES

HSIN Videos

Homeland Security Information Network users explain how the trusted network supports their homeland security mission operations to share sensitive but unclassified information.

ISE Training

Core Awareness Training provides an overview of the ISE and includes a significantly expanded discussion on privacy, civil rights, and civil liberties protections.

Privacy

ISE mission partners at all levels of government work to put safeguards in place to ensure the protection of privacy, civil rights, and civil liberties of citizens.