Review of the United States Marshals Service Judicial Security Process
Report No. I-2004-004
March 2004

On December 30, 2003, the Office of the Inspector General (OIG) sent copies of the draft report to the United States Marshals Service (USMS) with a request for written comments. The USMS responded to us in a memorandum dated February 4, 2004.

The USMS Response

The USMS's general concerns with our findings are its belief that we did not provide sufficient information about the USMS's efforts since September 11, 2001, to protect the Judiciary, and that some information presented in the report was inaccurate or incomplete. The USMS claims that the OIG failed "to demonstrate an even basic understanding of how the USMS Judicial Security process works" and misrepresents the effectiveness of the Judicial Security Program. Our disagreement with that statement is explained in the analysis that follows. Moreover, we note that although the USMS expressed concerns about some of the report's findings, it concurred with all six of the recommendations and agreed to implement them. Our detailed analysis of the USMS's response to our report and recommendations follows.

USMS's Efforts Since September 11, 2001

The USMS states that its highest priority is judicial security, and during the years before September 11, 2001, it "successfully secured thousands of high risk trials." The USMS states that after September 11, 2001, it "renewed and strengthened its commitment to protecting the Judiciary," and implemented numerous initiatives "to enhance an already strong Judicial Security program," which the USMS claims the OIG report does not acknowledge. The USMS provided four examples of its accomplishments, including the hiring of 807 new Deputy Marshals, the training of approximately 100 employees as threat investigators, the deployment of over 800 Automated External Defibrillators, and the purchase of new high capacity firearms for more than 4,000 Court Security Officers.

OIG Analysis. At the initiation of this review, we requested that the USMS provide a list of judicial security improvements since September 11, 2001, so that we could evaluate the improvements during our review. On June 13, 2003, the USMS provided a minimal list, consisting primarily of generic building security improvements implemented government-wide in the months subsequent to the September 11 terrorist attacks (Appendix A). No additional information of this nature was provided during our review until the February 4, 2004, USMS response to the draft report. Consequently, we did not have an opportunity to examine some of the post-September 11, 2001, efforts the USMS now cites, and we did not validate the accuracy of the new information or its relevance to improving the capability of the Judicial Security Program. However, the USMS's new claims about increased staff and equipment do not undermine the core criticisms our review made about the operation of the Judicial Security Program.

Inaccurate or Incomplete Information

The USMS also asserts that the report misrepresents the effectiveness of the USMS Judicial Security Program because it does not acknowledge the numerous trials that the USMS has successfully protected. The USMS states that "the draft report leaves an inaccurate, or at least, incomplete picture," and uses "anecdotal and/or incomplete information." The USMS cites four examples of information from the report that it considers to be inaccurate or incomplete.

1. The USMS believes that the OIG report incorrectly relied on two recent assaults on federal judges to question the effectiveness of its Judicial Security Program. The response states that "the USMS believes that one of the two incidents mentioned in the draft report was actually a random street robbery that had nothing to do with the judge's identity or duties."

   OIG Analysis. The USMS's statement that one of the assaults we cited was a random street robbery is incorrect. The two assaults described in our report were cited in "The Attorney General's 2001 Performance Report, Strategic Goal Seven: Protect the Federal Judiciary." That report specifically describes assaults on two federal judges in their courtrooms.

2. The USMS believes that the OIG report incorrectly implies that Congress was concerned about the USMS's ability to secure the judiciary, when Congress was actually only concerned about the USMS's failure to follow budgetary earmarks. The USMS challenges the OIG report citation of congressional concerns, stating that "[t]he draft report never fully explains what the [Congressional] concern actually was and whether or not it was validated." The USMS goes on to state that "Congress was concerned that the USMS was not using Judicial Security funding as it had been 'earmarked' in the appropriation." The USMS further states that the 2003 OIG audit "failed to find a single case where the USMS spent these funds other than as Congress intended."

   OIG Analysis. The USMS suggestion that congressional concern was limited to a single issue (i.e., earmarks) is incorrect. The OIG report cites several concerns related to the effectiveness of the Judicial Security Program that Congress has expressed to the USMS in hearings, questions for the record, and other correspondence. These concerns include such issues as the criteria for establishing and removing protective details, protection of the judiciary during high-threat trials, and USMS participation on the Federal Bureau of Investigation's (FBI) Joint Terrorism Task Forces (JTTFs). The report describes several of these concerns (see, for example, pages 2, 4, 16, 21, and 22), and recommends improvements to use the resources Congress has provided more effectively.

   The USMS also mischaracterizes the finding of the 2003 OIG audit by stating that the audit "failed to find a single case where the USMS spent these funds other than as Congress intended." In fact, the audit found that because the USMS does not have a budget execution system that tracks changes, obligations, and expenditures to the budget estimates included in congressional spending instructions, the USMS could not demonstrate adherence to 7 of the 17 FY 2002 spending instructions from the Congress and 9 of the 22 FY 2003 spending instructions.⁵⁴

3. The USMS states that it has no information that any judge is under an express death threat from a terrorist group. The USMS states that it "has no information that any judge is under such a threat," but it does state that "those judges who are at increased risk as a result of their participation in terrorist trials have the highest levels of security possible."

   OIG Analysis. The discussion in the report regarding the personal protective measures that have been maintained on two judges for over eight years is based on our interviews with USMS headquarters and field personnel, as well as our review of documents which describe the threats that were the impetus for the protective measures. The specific statement that the two judges are under express death threats is our unclassified characterization of the description in intelligence documents regarding the threats. Although further discussion of the nature of the threats and how they were received is not appropriate for an unclassified document, we note that the long-term maintenance of these two protective details, supported by direct funding from Congress, would not be appropriate in the absence of a continuing identifiable threat.

4. The USMS objects to the report's conclusions regarding shortcomings in assessing threats, an ad hoc approach to security on high-threat trials and personal protective details, outdated policies, and ineffective allocation of resources. The USMS states that the report's "statements are made without a single example of when these alleged inadequacies resulted in a trial being disrupted or a member of the judicial family being injured."

   OIG Analysis. The USMS's objections to our conclusions focus on the absence of realized threats or actual attacks, rather than on the increased risk to the federal judiciary that accrues from inadequate threat assessment, the lack of a centralized intelligence capability, and the lack of standards for protective measures. In so doing, the USMS response fails to fully comprehend the seriousness of those shortcomings. Our report shows that the process the USMS uses to analyze threats is outdated and untimely; the USMS itself recognized the lack of a centralized intelligence capability as a weakness; and that USMS standards for addressing high-threat trials are inadequate. We address each statement in the USMS response regarding specific shortcomings in turn:

   • Shortcomings in assessing threats. As documented in our report, the USMS does not meet its own standards for assessing threats against the judiciary. Further, internal studies have recognized that the USMS does not have a program for collecting and assessing intelligence and using that intelligence to analyze threats.

   • Ad hoc approach to security on high-threat trials and personal protective details. The USMS defends its ad hoc approach to high-threat trial security by stating that "requirements for every high threat trial…are determined on a case-by-case basis…" and asserting that its operational plans are implemented by "personnel who have received specialized training and who utilize the latest in high tech security equipment." Our conclusion that uniform judicial security standards are needed is based in part on discussions with USMS staff in several districts. The U.S. Marshals and Deputy Marshals we interviewed emphasized the importance of consistent security measures and complained of insufficient criteria for determining the appropriateness of existing measures to guide districts in selecting protections when developing operational plans. We did not assess whether specific protective techniques described in operational plans were "adequate" or "appropriate." Our report concludes that without effective current standards, and routine after-action reports, the USMS cannot identify inconsistent protections, needed improvements, or successful protective measures for ensuring the security of the federal judiciary.

   • Outdated policies. Our conclusions about the lack of up-to-date policies were based on the concerns expressed to us by personnel in the USMS districts who must determine and implement protection techniques that are "adequate" or "appropriate." Our report states:

     [T]en U.S. Marshals and Deputy Marshals that we interviewed noted that the guidance in the Manual does not address many types of trials that present significant risks to the judiciary, such as criminal cases involving espionage, prosecutions of gang violence, and cases with cooperating witnesses. Moreover, a significant defining issue in recent high-threat trials - that the defendants are associated with international terrorist groups - is not included.

   • Ineffectively deployed equipment. Our conclusions regarding the deployment of equipment were based on our discussions with field personnel regarding the availability and use of "high tech" security equipment. For example, we found that one district did not use its new explosives detector because of a lack guidance from headquarters:

     [A] district we visited did not use its new "Itemiser3 Trace Explosive Detector" during a high-threat trial because the district was waiting for guidance from USMS headquarters on where to deploy the equipment (public or freight entrance), who should be screened, and what protective measures should be taken if suspected explosives are detected (e.g., retest for false positive or immediately evacuate the building).

   • Ineffective allocation of resources among threats. We could not validate the USMS's comment that "94 per cent of all requests for special assignment resources are approved." In fact, during our review, in response to our request for funding data on high-threat trials, a representative of the Judicial Security Division (JSD) told us that, "JSD does not keep a data bank for the amount of requests that come to JSD, JSD keeps a data bank on the amount of requests that are approved." Moreover, "approval" does not mean that all resources requested were provided.

Effectiveness of the Judicial Security Program

The USMS response states as a general theme that the OIG report misrepresents the effectiveness of the Judicial Security Program. To the contrary, our report appropriately warns of significant vulnerabilities in critical elements of the USMS's program. The intelligence and threat assessment capabilities we examined were implemented in response to the assassinations of two federal judges in 1988 and 1989. The fact that no member of the judiciary has been assassinated in the past 15 years is not a valid response to the need to correct shortcomings we identified in the USMS's threat analysis capability or the lack of a centralized intelligence capability. Further, the USMS's argument that neither of the judges attacked in 1988 and 1989 was overtly threatened prior to being attacked reinforces our concern that the USMS lacks the intelligence and analytical capabilities it needs to effectively and timely detect and respond to nascent threats.

Finally, the USMS's argument that the lack of recent attacks equates to a lack of vulnerabilities reinforces our conclusion that the USMS needs to improve its ability to self-assess its operations and recognize weaknesses before failures occur. To meets its Strategic Performance Measure of allowing "zero assaults" on the judiciary, we believe the USMS should improve its ability to recognize and take prompt action on deficiencies, such as the ones we identified.

RECOMMENDATIONS

Recommendation 1: Ensure that all threats to the judiciary are assessed within established timeframes.

Summary of USMS Response. The USMS agrees with the recommendation that all threats should be assessed according to policy. The USMS will revise its policy on timeframes for the Analytical Support Unit (ASU) to complete assessments. The new policy will establish criteria that categorize requests according to urgency. Once the policy is implemented, adherence to the timeframes will be made a factor in the annual performance evaluations of the ASU staff. The USMS estimates that the new policy will be implemented by the end of August 2004. The USMS also will review the workload of the ASU and will request additional resources during the FY 2006 budget process, if necessary.

OIG Analysis. Recommendation 1 is Resolved - Open. The actions planned by the USMS to revise its policy concerning ASU assessment timeframes are responsive to our recommendation. Please provide us with a copy of the new policy by September 30, 2004.

Recommendation 2: Update the historical threat database or develop a new database to perform comparative assessments.

Summary of USMS Response. The USMS agrees with the recommendation that the threat database should be updated. In addition, the USMS believes that the threat database is a valuable part of the overall threat assessment and response process. However, the USMS believes that the draft report greatly overstates the role of the database and the adverse impact of not having it current. The USMS bases its assessment, at least in part, on a recent validation of the historical threat database prompted by our draft report, concluding that the validity of the database remains relatively high. This may be true for resource allocations based on the database, but an estimate of validity based on results alone has little or no applicability to the use of the database as an assessment tool. Similar results may be attributable to different variables, particularly when the database has not been updated since 1996. The USMS stated that a requirements analysis on updating the database is underway and should be completed by March 15, 2004. Once completed, the cost and time to complete the project will be determined.

OIG Analysis. Recommendation 2 is Resolved - Open. We disagree with the USMS's opinion that the report overstates the role of the historical threat database and the adverse impact of it being out-of-date. The database was part of the improvements implemented after two judges were assassinated in the 1980s, and it is intended to, among other things, assist in ensuring that appropriate personal protective measures are taken at the district level. An out-of-date threat assessment tool affects it value and decreases the potential that a threat against a member of the federal judiciary will be assessed accurately. Notwithstanding the USMS's assertions regarding the database, the actions planned by the USMS are responsive to our recommendation. Please provide us with a copy of the completed requirements analysis and the project's implementation plan by April 30, 2004.

Recommendation 3: Assign full-time representatives to all 56 FBI field office JTTFs and ensure effective USMS liaison with intelligence agencies (e.g., the U.S. Secret Service's National Threat Assessment Center, the Central Intelligence Agency, and the National Security Agency).

Summary of USMS Response. The USMS agrees that having a full-time representative on all JTTFs is desirable. The USMS states that it has been steadily increasing its JTTF representation since September 11, 2001, without the appropriation of positions specifically for that purpose. The USMS will seek additional positions in the FY 2006 budget to assign at least one full-time employee on each of the FBI's JTTFs. In addition, the USMS stated that it has assigned personnel to, and has an active and ongoing relationship with, external intelligence agencies.

OIG Analysis. Recommendation 3 is Resolved - Open. The actions undertaken and planned by the USMS are generally responsive to our recommendation. However, the delay until a request for additional resources is submitted and approved postpones addressing the USMS's intelligence vulnerability until 2006 or later. By April 30, 2004, and quarterly thereafter until full representation on JTTFs is achieved, we request that the USMS provide us with a roster of all its full-time and part-time representatives on JTTFs.

Recommendation 4: Create a centralized capability to identify, collect, analyze, and share intelligence with USMS districts, as well as with the USMS JTTF representatives and other intelligence liaisons.

Summary of USMS Response. The USMS agrees with the recommendation. The USMS response states that prior to the OIG review it already had created an Office of Intelligence with a senior Criminal Investigator designated as its Chief. To establish the office as a functioning entity, the USMS will seek the resources needed to fully staff the office as part of the FY 2006 budget process. In the meantime, the USMS will explore ways to provide additional staffing to the office on a temporary duty basis.

OIG Analysis. Recommendation 4 is Resolved - Open. The actions undertaken and planned by the USMS are responsive to our recommendation. Please provide us with a copy of the Office of Intelligence's mission statement, staffing requirements, and implementation plan by April 30, 2004.

Recommendation 5: Require that all Chief Deputy Marshals and USMS JTTF representatives have Top Secret clearances, and ensure that each district has secure communication equipment.

Summary of USMS Response. The USMS agrees with the recommendation. However, the USMS states that the OIG did not address the progress that the USMS has made in increasing the number of employees with security clearances since September 11, 2001. According to the USMS, all 94 U.S. Marshals and 77 of the 94 Chief Deputy Marshals currently hold a Top Secret clearance. The remaining 14 Chief Deputies are being processed for Top Secret clearances (three Chief Deputy positions are vacant at this time). The USMS also responded that of the 49 USMS employees it has assigned to JTTFs, 42 have Top Secret or interim Top Secret clearances.

The USMS responded that the current Chief Deputy Marshals and JTTF representatives without Top Secret clearances will receive their clearances within 30 days of completion of their OPM background investigations. In addition, newly appointed Chief Deputy Marshals and JTTF representatives will have background investigations initiated within 15 days of their appointment, and interim Top Secret clearances within 30 days of appointment.

Concerning the issue of secure telephone communications equipment, the USMS states that it has increased the number of districts with this capability to 63 (from 51 on August 20, 2003) and that this equipment is on order for the other 31 districts. The remaining secure telephone communications equipment is scheduled to be deployed by June 30, 2004.

OIG Analysis. Recommendation 5 is Resolved - Open. The actions undertaken and planned by the USMS are responsive to our recommendation. Please provide us with a copy of the USMS policy for issuance of security clearances by April 30, 2004. Also, please include the clearance information for each representative on the quarterly reports requested under recommendation 3. In addition, please provide us with a status report on the installation of secure telephone communications equipment in each of the 94 districts by July 30, 2004.

Recommendation 6: Revise the 1993 Judicial and Court Security Manual and the 1999 Offsite Security Booklet for Judicial Officers to establish risk-based standards and require after-action reports for high-threat trials and protective details.

Summary of USMS Response. The USMS agrees with the recommendation. However, the USMS states that the basic information and guidance in both the 1993 Judicial and Court Security Manual and the 1999 Offsite Security Booklet for Judicial Officers are still sound and that nothing in either document would jeopardize security if followed.

The USMS recently completed a new protocol for conducting judicial threat assessments and has developed risk-based criteria to be used when planning high-risk trials, protective details, and threat investigations. The USMS has posted this protocol and risk-based criteria on the USMS intranet web site and provided copies to the OIG. Further, the USMS states that revisions to the 1993 Judicial and Court Security Manual, the 1999 Offsite Security Booklet for Judicial Officers, and after action-report requirements will be completed by the end of August 2004.

OIG Analysis. Recommendation 6 is Resolved - Open. The actions undertaken and planned by the USMS are responsive to our recommendation. The USMS's statement that following the guidance in the 1993 and 1999 documents would not in itself jeopardize security is not persuasive. The documents are out-of-date and the guidance contained in them is incomplete. The revisions that the USMS agrees to make must include all the actions necessary to ensure the protection of the federal judiciary. Please provide us with a copy of the revised Judicial and Court Security Manual, the Offsite Security Booklet for Judicial Officers, and after action-reporting requirements by September 30, 2004.

54. Department of Justice, Office of the Inspector General, Budget Execution in the United States Marshals Service During Fiscal Years 2002 and 2003, Report No. 04-02, October 2003, pages 8 and 19.