Return to the USDOJ/OIG Home Page
Return to the Table of Contents

The Federal Bureau of Investigation's Efforts to Improve the Sharing of Intelligence and Other Information

Report No. 04-10
December 2003
Office of the Inspector General




        The Federal Bureau of Investigation’s (FBI) authorities in counterterrorism derive from legislation and from several National Security Directives and Presidential Decision Directives (PDD).3  Title 28, United States Code, Section 533 authorizes the Attorney General to appoint officials “to detect and prosecute crimes against the United States.”  Under this authority, the Attorney General has assigned the FBI “lead agency responsibilities in investigating all crimes for which it has primary or concurrent jurisdiction and which involve terrorist activities or acts in preparation of terrorist activities within the statutory jurisdiction of the United States.”  National Security Directive 207, issued in 1986, assigned responsibility to the FBI for responding to terrorist attacks, stating:  “The Lead Agency will normally be designated as follows:  the Department of Justice for terrorist incidents that take place within the U.S. territory.  Unless otherwise specified by the Attorney General, the FBI will be the Lead Agency within the Department of Justice for operational response to such incidents.”

        Following the bombing of the Murrah Federal Building in Oklahoma City in April 1995, the President issued Presidential Decision Directive (PDD) 39, which directs responsible federal agencies to take various measures aimed at:  1) reducing vulnerabilities to terrorism, 2) deterring and responding to terrorism, and 3) preventing and managing the consequences of terrorist uses of weapons of mass destruction (WMD).  The FBI specifically is tasked with reducing the United States’ vulnerability to terrorism through an expanded program of counterterrorism.  PDD 39 also requires the FBI Director to ensure that the FBI’s counterterrorism capabilities are well managed, funded, and exercised.

        In May 1998, the President issued PDD 62, which clarified the roles and activities of many of the agencies involved in the war against terrorism.  The directive addresses the prevention of terrorist acts, apprehension of terrorists, prosecution of terrorists, and consequence management after terrorist acts.  The directive also includes transportation security and the protection of critical computer-based systems.

        Following the September 2001 terrorist attacks, Congress passed and the President signed into law the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001 (Patriot Act).  The Patriot Act lifted legal barriers to the sharing of foreign intelligence information between the federal intelligence community and the federal law enforcement community.  Section 203 of the Patriot Act authorizes the sharing with the FBI of foreign intelligence, counterintelligence, and foreign intelligence information whether obtained through grand jury proceedings or through authorized surveillance methods.  Section 905(a) of the Patriot Act authorizes the Attorney General to disclose to the Director of Central Intelligence, foreign intelligence acquired in the course of a criminal investigation.  As mandated in the Patriot Act, the Attorney General established classified “Guidelines for Disclosure of Grand Jury and Electronic, Wire, and Oral Interception Information Identifying United States Persons” and “Guidelines Regarding Disclosure to the Director of Central Intelligence and Homeland Security Officials of Foreign Intelligence Acquired in the Course of a Criminal Investigation.”

        Further, the Attorney General’s “Guidelines on General Crimes, Racketeering Enterprise and Terrorism Enterprise Investigations,” issued May 30, 2002, govern the dissemination of intelligence in domestic terrorism situations.  Specifically, the guidelines authorize the FBI to disseminate information acquired during the checking of leads, preliminary inquiries, and investigations conducted within the guidelines to another federal agency or to a state or local criminal justice agency when such information:

  • falls within the investigative or protective jurisdiction or litigative responsibility of the agency;
  • may assist in preventing a crime or the use of violence or any other conduct dangerous to human life;
  • is required to be furnished to another Federal agency by Executive Order 10450;4 or
  • is required to be disseminated by statute, interagency agreement approved by the Attorney General, or Presidential Directive.

Intelligence Authorities

        In addition to the FBI’s law enforcement authorities for counterterrorism, the FBI also has authorities for intelligence activities.  The three main authorities for intelligence are Executive Order 12333, the National Security Act of 1947, and a series of Director of Central Intelligence Directives (DCID).5

        Executive Order 12333, issued in December 1981, authorizes the FBI within the United States to collect, produce, and disseminate foreign intelligence.  However, the order states that intelligence community agencies such as the FBI are authorized to collect information on U.S. persons only in accordance with procedures established by the head of the agency concerned and approved by the Attorney General.  The National Security Act of 1947 includes the FBI in its authorization of foreign intelligence activities by the intelligence community.  Such activities include those designed to protect against international terrorist activities.  This foreign intelligence authority supplements the FBI’s investigative authority.

        Under the DCIDs that implement national foreign intelligence requirements, the FBI disseminates foreign intelligence acquired in the course of investigations conducted in accordance with FBI priorities and guidelines.  Thus, when the FBI recruits sources in its investigations to protect the United States from terrorist attack, those sources may be queried on other foreign intelligence topics to meet national requirements.  The DCIDs applicable to the FBI’s management of foreign intelligence collection and production include:

  • DCID 2/3 implements the National Intelligence Priorities Framework, which translates national foreign intelligence objectives and priorities approved by the President into specific prioritization guidance for the intelligence community;
  • DCID 2/1 establishes the authorities and responsibilities of the Assistant DCI for Analysis and Production and the National Intelligence Analysis and Production to oversee, monitor, and evaluate national intelligence production;
  • DCID 3/1 establishes the authorities and responsibilities of the Assistant DCI for Collection and the National Intelligence Collection Board to oversee, monitor, and evaluate intelligence collection;
  • DCID 3/7 concerns the National Human Intelligence Requirements Tasking Center, which coordinates the National Human Intelligence Directives that guide FBI foreign intelligence collection;
  • DCID 6/1 covers security policy for SCI;
  • DCID 6/3 covers the protection of SCI within information systems,
  • DCID 6/6 addresses security controls for the dissemination of intelligence information; and
  • DCID 6/7 establishes policy for the disclosure or release of classified U.S. intelligence to foreign governments and international organizations.

Organization and Resources

        During our audit, the FBI’s Counterterrorism Division (CTD) was completing a major reorganization begun by the FBI Director in the spring of 2002.  In written testimony for the Senate Judiciary Committee in June 2002, the Director stated:

A significant restructuring and expansion of the Counterterrorism Division at FBI headquarters is being proposed for three basic reasons.  First, the more direct role envisioned for the Counterterrorism Division in managing investigations, providing operational support to field offices, and collaborating with law enforcement and the Intelligence Community partners requires additional staff at Headquarters.  Second, implementing a more proactive approach to preventing terrorist acts and denying terrorist groups the ability to operate and raise funds requires a centralized and robust analytical capacity that does not exist in the present Counterterrorism Division.  Third, processing and exploiting the information gathered domestically and from abroad during the course of the PENTTBOM [Pentagon-Trade Towers Bombing Investigation] and related investigation requires an enhanced analytical and data mining capacity that is not presently available.

        The two main operating sections under the FBI’s former structure were the International Terrorism Operations Section and the Domestic Terrorism Operations Section.  An Assistant Director led the CTD, and a Deputy Assistant Director was directly responsible for the two sections.  The National Domestic Preparedness Office, responsible for interagency coordination with state and local emergency responders, also reported to the Deputy Assistant Director.  The two counterterrorism sections contained functional units.  For example, within the International Terrorism Operations Section were the Usama bin Ladin Unit and the Radical Fundamentalist Unit.6

        The reorganization expanded the CTD from two sections to nine.  As shown in the following chart, the new CTD organization created three branches under Deputy Assistant Directors: Counterterrorism Operations, Operational Support, and Counterterrorism Analysis.  The CTD organizational structure is discussed in greater detail in Finding 2 of this report.

Organizational chart of the Counterterrorism Division.  Click the chart for a text version.

        The CTD expansion led the FBI to increase both the number of agents assigned to the division and the number assigned to the Joint Terrorism Task Forces (JTTF).  During an April 10, 2003, appropriations hearing the Director testified that the FBI has shifted about 500 field agents from criminal investigations to counterterrorism investigations and activities.7  According to the U.S. General Accounting Office (GAO), in fiscal year (FY) 2003 about 36 percent of the FBI’s field agents worked on counterterrorism, counterintelligence, and cyber matters compared to 26 percent in FY 2002.8  The CTD Assistant Director stated in February 2003 that the FBI had [CLASSIFIED INFORMATION REDACTED] agents assigned to counterterrorism matters, of which [CLASSIFIED INFORMATION REDACTED] are covering international terrorism and 500 are covering domestic terrorism.  The Assistant Director also stated that of the total agents assigned to counterterrorism, [CLASSIFIED INFORMATION REDACTED] are assigned to JTTFs.  As of March 14, 2003, the CTD had [CLASSIFIED INFORMATION REDACTED] support personnel onboard and another [CLASSIFIED INFORMATION REDACTED] pending background checks.  The CTD has undertaken a major hiring effort to fill new positions required to support the war on terrorism.  The expansion of the division and the increased staffing levels are directly related to a steady increase in the Division’s budget.  The CTD budget allocation increased from [CLASSIFIED INFORMATION REDACTED] in 2002 to [CLASSIFIED INFORMATION REDACTED] in 2003.  In its 2004 budget submission, the FBI has requested [CLASSIFIED INFORMATION REDACTED] for the CTD.

Prior Reviews

        In September 2002, the Office of the Inspector General (OIG) issued an audit report entitled, “A Review of the Federal Bureau of Investigation’s Counterterrorism Program:  Threat Assessment, Strategic Planning, and Resource Management” (Report 02-38).  This audit focused on:  1) the FBI’s progress toward developing a national-level risk assessment of the terrorist threat to the United States; 2) whether the FBI’s strategic planning process provides a sound basis to identify counterterrorism requirements; and 3) the amount of resources dedicated to the FBI’s counterterrorism program from 1995 to April 2002.  In addition, the audit assessed the FBI’s management of its training and after-action reporting as they relate to counterterrorism operations.

        The OIG’s audit found that the FBI had not developed a comprehensive written assessment of the risk of terrorist threat facing the United States and that its strategic plan had not been updated.  The OIG also found that the level of resources that the FBI dedicated to counterterrorism and counterintelligence increased dramatically between 1995 and 2002.  The OIG made 14 recommendations to the FBI.

        The GAO has performed audits and has testified frequently about the federal government’s efforts to combat terrorism, including the FBI’s role.  In June 2003, the Comptroller General testified before the Subcommittee on Commerce, Justice, State, and the Judiciary, Committee on Appropriations, House of Representatives on the FBI’s reorganization efforts.9  In April 2003, the GAO reported that to protect the nation’s borders, federal agencies maintain 12 different watch lists.10  One of the watch lists cited was the FBI’s Violent Gang and Terrorist Organization File.  The GAO recommended that the Department of Homeland Security (DHS) lead an effort to consolidate and standardize the disparate watch lists.  The GAO also has reported and testified on the need for better interagency coordination.  For example, in September 2001 the GAO reported on overlapping functions among several agencies with counterterrorism responsibilities,11 and in October 2002 the Comptroller General stated the following in testimony before the Senate Select Committee on Intelligence and House Permanent Select Committee on Intelligence.12

The success of a homeland security strategy relies on the ability of all levels of government and the private sector to communicate and cooperate effectively with one another.  Activities that are hampered by organizational fragmentation, technological impediments, or ineffective collaboration blunt the nation’s collective efforts to prevent or minimize terrorist acts.

        As we note in the following sections of this report, the FBI has been taking steps to improve its counterterrorism and intelligence capabilities, including the sharing of information both within and outside the FBI.13

  1. A complete list of abbreviations appears in Appendix 2.
  2. Executive Order 10450 establishes security requirements for government employees. Section 5 states: "Whenever there is developed or received information indicating that the retention in employment of any officer or employee of the Government may not be consistent with the interest of national security, such information shall be forwarded to the head of the employing department or agency…"
  3. DCIDs are the principal means by which the Director of Central Intelligence (DCI) provides guidance, policy, and direction to the intelligence community pursuant to authorities of the DCI as the head of the intelligence community. DCIDs are normally coordinated through the Intelligence Community Deputies Committee and intelligence community working groups.
  4. Although this name is often spelled "Osama bin Ladin," within the FBI the name is spelled as "Usama bin Ladin," so we will use that spelling in this report.
  5. Hearing of the Commerce, Justice, State, and Judiciary Subcommittee of the Senate Appropriations Committee on the Fiscal Year 2004 Appropriations for the FBI (April 10, 2003).
  6. The report is entitled: "FBI Reorganization: Progress Made in Efforts to Transform, but Major Challenges Continue" (GAO-03-759T, June 18, 2003).
  7. The testimony is entitled "FBI Reorganization: Progress Made in Efforts to Transform, but Major Challenges Continue" (GAO-03-759T) and updates June 2002 testimony entitled "FBI Reorganization: Initial Steps Encouraging but Broad Transformation Needed" (GAO-02-865T).
  8. The report is entitled "Information Technology: Terrorist Watch Lists Should Be Consolidated to Promote Better Integration and Sharing" (GAO-03-322, April 15, 2003).
  9. The report is entitled "Combating Terrorism: Selected Challenges and Related Recommendations" (GAO-01-822, September 20, 2001).
  10. The testimony is entitled "Homeland Security: Information-Sharing Activities Face Continued Management Challenges" (GAO-02-1122T, October 1, 2002).
  11. Our objectives, scope, and methodology appear in Appendix 1. The details of our work are contained in the Findings and Recommendations sections of the report.