Review of the Terrorist Screening Center
(Redacted for Public Release)

Audit Report 05-27
June 2005
Office of the Inspector General

Chapter 2: Identifying the Need for a Screening Agency

After the terrorist attacks of September 11, 2001, the federal government reorganized its approach to homeland security and intelligence operations. Prior to September 11, the federal government was using information from multiple databases to attempt to preclude suspected terrorists from obtaining visas or entering the United States illegally and for tracking terrorists within the country. After the September 11 attacks, the President, Congress, and others recognized the problems with such fragmentation and called for the creation of an organization to unify the government’s screening efforts.

Terrorist "Watch Lists"

The GAO report mentioned in Chapter 1 identified 12 separate "watch lists" used by the government in various screening venues.22 According to the GAO report, each of these watch lists was developed in response to the individual agencies’ mission as well as its respective legal, cultural, and information technology systems. The GAO found that these separate watch lists contributed to a decentralized and nonstandard effort in the U.S. border security mission.

Further, the GAO reported that many of the lists included redundant, but not identical, data. In addition, policies and procedures governing how the information was shared varied greatly among the federal agencies. Much of the information maintained by the federal agencies was not shared with state and local law enforcement agencies.

The following are summary descriptions for the 12 systems identified by the GAO.

  • TIPOFF System – Beginning in 1987, the Department of State’s Bureau of Intelligence and Research began keeping watch list (lookout) records on known and suspected international terrorists in its "TIPOFF" system. The Department of State obtained information for lookout records from intelligence community terrorism-related reports, Visa Viper cables generated by consular officers stationed abroad, law enforcement agencies, and other sources.23 This information was stored in the classified TIPOFF system. To operate as a watch list, declassified TIPOFF records were exported to databases used by the State Department’s Bureau of Consular Affairs as well as systems accessed by border patrol and immigration agents.

    In September 2003, the new Terrorist Threat Integration Center (TTIC) assumed the responsibility for establishing and maintaining a single repository for international terrorist information. As a result, the State Department transferred the TIPOFF system to TTIC as a foundation for the new system.24

    NCTC plans to replace TIPOFF with a new database – the Terrorist Identities Datamart Environment (TIDE), which is expected to come on line in mid-2005. According to officials at NCTC, TIDE incorporates analysis with the "watch list" component of the TIPOFF database to create a system capable of utilizing watch list data to make analytical associations that identify terrorist threats.

  • Violent Gang and Terrorist Organizations File – The FBI’s Violent Gang and Terrorist Organizations File (VGTOF), created in October 1995 to track individuals associated with gangs and terrorist organizations, is a component of the National Crime Information Center (NCIC).25 Each record within the file is identified as either a gang or a terrorist record. The universe of terrorist records in the NCIC/VGTOF file represents individuals of interest to law enforcement due to suspected or known ties to international or domestic terrorism.

  • Interagency Border Inspection System – The Interagency Border Inspection System (IBIS) resides on the DHS’s Treasury Enforcement Communications System, or TECS, a large computerized information system containing more than a billion records in 700 tables, designed to identify individuals, businesses, and vehicles suspected of or involved in violation of federal law. TECS is also a communications system permitting message transmittal between law enforcement offices and other federal, state, and local law enforcement agencies. The database provides access to the FBI's NCIC and the National Law Enforcement Telecommunications System (NLETS).26 The TECS database serves as the principal information system supporting border management and the law enforcement mission of the DHS’s U.S. Customs and Border Protection (CBP) and other federal law enforcement agencies.

    CBP personnel located at air, land, and sea ports of entry, as well as law enforcement and regulatory personnel from more than 20 other federal agencies or bureaus, can access IBIS. The IBIS system is used to expedite the clearance process at ports of entry and to keep track of information on suspect individuals, businesses, vehicles, aircraft, and vessels. Therefore, IBIS is considered a watch listing system.

  • National Automated Immigration Lookout System – The National Automated Immigration Lookout System (NAILS) was a database created by the former Immigration and Naturalization Service (INS). It contained biographical and case data for aliens who may be inadmissible to the United States or were being sought by officials for other reasons related to immigration and law enforcement. Included in this information were lookouts for individuals associated with terrorism, representing a watch list of individuals that posed a threat to national security.

    Like IBIS, the NAILS database was housed with the TECS system, and the records of each of these systems interfaced with each other. The NAILS database was absorbed into other DHS systems in January 2005.

  • Consular Lookout and Support System – The Consular Lookout and Support System (CLASS) is the State Department’s tool for vetting foreign individuals applying for visas to the United States. Maintained by the Bureau of Consular Affairs, the CLASS visa database provides information on aliens that is used in the determination of whether visa issuance is appropriate. This database receives information from TIPOFF on individuals associated with or suspected of terrorism and acts as a watch list during the visa issuance process and other processes involving name-checks at State Department Consular Affairs posts throughout the world.

  • No-Fly and Selectee Lists – The Transportation Security Administration’s (TSA) No-Fly list includes names of individuals that are to be denied transport on commercial flights because they are deemed a threat to civil aviation. The TSA Selectee list includes names of individuals whom air carriers are required to "select" for additional screening prior to permitting them to board an aircraft. Known or suspected terrorists can be submitted for inclusion to either list by an FBI case agent or an NCTC analyst. The lists are disseminated to airlines on a daily basis to be used as a watch list for comparison against passenger manifests for all flights that enter or depart U.S. airspace.

  • Integrated Automated Fingerprint Identification System – Maintained by the FBI and operational in July 1999, the Integrated Automated Fingerprint Identification System (IAFIS) is a national fingerprint and criminal history system that provides automated fingerprint and latent search capabilities, electronic image storage, and electronic exchange of fingerprints and responses. According to the FBI, IAFIS is the largest biometric database in the world, containing fingerprints and the corresponding criminal history for more than 47 million subjects.27

    The database includes terrorism-related names and fingerprints and therefore is a watch list of sorts; however, individuals included in this database should also be included in primary watch lists such as TIPOFF or VGTOF. IAFIS supports other watch lists by making additional biometric identifying information such as fingerprints available.

  • Automated Biometrics Identification System – Initially established by the former INS in 1989, the Automated Biometrics Identification System, or IDENT, contains biometric data including fingerprints and photographs used to identify and track illegal aliens who are apprehended trying to enter the United States. The system is also used to identify apprehended aliens suspected of criminal activity such as alien smuggling, aliens subject to removal for conviction of aggravated felonies, and aliens who have been previously deported. On March 1, 2003, the INS and responsibility for IDENT were transferred to the DHS.

  • Warrant Information Network – The United States Marshals Service maintains a Warrant Information Network that contains information on all persons with existing federal warrants.

    The TSC does not consider the information contained within this list to be a terrorist watch list. This information is maintained for the purpose of readily identifying all wanted persons and persons with existing warrants. While used as a source of additional data for terrorist screening, this list provides no independent terrorist watch list function.

  • The Department of Defense Top Ten Fugitives (Air Force) – The Defense Department’s Fugitive Recovery Program, run by the Air Force Office of Special Investigations, was formally implemented in 1997 to concentrate the Air Force’s efforts in retrieving Air Force fugitives.

    Although the TSC has the capability to use this information as an additional source for terrorist screening, this list provides no independent terrorist watch list function. Therefore, the TSC does not consider this list to be a watch list.

  • Interpol Terrorism Watch List – In 2002, Interpol established the Interpol Terrorism Watch List, which is available by secure access to Interpol offices and authorized police agencies in its member countries.28 According to the FBI, the list contained approximately 100 names as of June 2004 and all of the individuals were accounted for on a primary watch list, such as VGTOF or TIPOFF.

While the GAO reported that 9 different federal agencies maintained 12 different lists of terrorist information, as noted above, several are not considered by the TSC to be true watch lists. According to the TSC, the primary watch listing systems were: TIPOFF, NCIC/VGTOF, TECS (and its sub-systems of IBIS and NAILS), CLASS, and the No Fly and Selectee Lists.

Early Discussion of a Consolidated Watch List

The push for a consolidated watch list began after the September 11 attacks. The President’s National Strategy for Homeland Security and Congress’ inquiry into the September 11, 2001, terrorist attacks both discussed the concept of a consolidated terrorist watch list.

July 2002 National Strategy for Homeland Security

In July 2002, the President issued the National Strategy for Homeland Security, which was designed to create a "comprehensive plan for using America’s talents and resources to enhance our protection and reduce our vulnerability to terrorist attacks."29 This strategy emphasized that no one agency or computer network at the time integrated all available homeland security information. Rather, the information was contained within several federal, state, and local systems, much of which was redundant or supplemental to other watch list data. Terrorist data contained in one database was unlikely to be systematically shared with all levels of government that needed the information. For example, the President’s strategy highlighted the importance of consolidating this information to avoid potential errors that could result from agents on the borders and at consular posts not checking information against consistent watch lists. Specifically, the President’s strategy stated that "It is crucial to link the vast amounts of knowledge resident within each agency at all levels of government."

The President’s strategy identified two primary barriers to an efficient government-wide information system. The first involved the lack of coordination between agencies when acquiring new information technology systems. The strategy stated that while hundreds of new systems were purchased, they were designed to address specific agency needs alone without considering database compatibility among federal, state, and local agencies. This method of networking was described by the President’s strategy as an obstruction to efficient collaboration. The second issue involved the cultural differences between agencies and the resulting barriers that prevent their distinct information from being integrated with that of other agencies.

The President’s strategy called for the FBI to create a consolidated terrorism watch list that "includes information from a variety of sources and will be fully accessible to all law enforcement officers and the intelligence community." This consolidated watch list would "serve as a central access point for information about individuals of investigative interest," avoiding the uncoordinated and ad hoc approach that agencies were taking to minimize terrorist threats within the United States.

The 9/11 Congressional Joint Inquiry

In its review, the 9/11 Congressional Joint Inquiry Committee reported in December 2002 that the U.S. government was not adequately collecting and integrating terrorism-related information from all domestic and foreign sources or appropriately sharing this information among the intelligence and law enforcement communities. The Committee also noted that the intelligence agencies created unclassified products to provide guidance to groups such as private companies, state and local governments, and the public. As a result, the Committee recommended that the U.S. government create a national watch list center to facilitate the development and use of new technologies to help ensure that information about known or suspected terrorists was appropriately collected, declassified, and shared.

GAO Report

As noted in Chapter 1, the GAO examined the federal government’s watch list efforts and issued its report in April 2003. Although the GAO did not explicitly recommend that all 12 systems that it identified be consolidated, it reported that there was a need to consider some sort of consolidation effort of terrorism-related information.


  1. Not all of the databases identified by the GAO are considered to be true "watch lists" by the TSC. Some are databases of information on people of investigative interest (for example, a person in the Warrant Information Network may be an individual with an existing warrant who may have a terrorism nexus).

  2. The Visa Viper program is a State Department initiative created after the World Trade Center Bombing in 1993, when the State Department realized that hundreds of cables discussing terrorists had been initiated, but did not necessarily direct an individual to be watch listed. As a result, the Visa Viper program required Consular Affairs posts and other participating agencies to coordinate the submission of cables providing this specific direction on known or suspected terrorists. The program is congressionally mandated, and reports on program activities must be submitted to Congress on a monthly basis.

  3. The TTIC was established on May 1, 2003, to develop comprehensive threat assessments through the integration and analysis of terrorist information collected domestically and abroad by the U.S. government. On August 27, 2004, the President signed an Executive Order establishing the National Counterterrorism Center (NCTC) to which all functions and activities of the TTIC were transferred. Regardless of the time period being discussed, all future references to this organization in our report will use the acronym NCTC.

  4. NCIC is a nationwide information system maintained by the FBI that provides the criminal justice community with immediate access to information on various law enforcement data, such as criminal history records and missing persons. The FBI’s Criminal Justice Information Services Division (CJIS), is responsible for managing the NCIC database.

  5. NLETS provides direct access to information from state motor vehicle departments.
  6. Biometrics are discussed in additional detail in Chapter 4.
  7. The stated mission of Interpol is to provide essential services for the international law enforcement community to optimize the effort to combat crime. The three core services that it provides are: 1) a global police communication system, 2) a range of criminal databases and analytical services, and 3) support for police operations throughout the world. The National Central Bureau of Interpol within the DOJ coordinates with the international organization on behalf of the U.S. government.
  8. Office of Homeland Security, National Strategy for Homeland Security (July 2002).

Previous Page Back to Table of Contents Next Page