|
June 1, 2005
SCRAP THREAT WARNING SYSTEM AND
REINVENT TSA, HARMAN SAYS
--- In speech to San Jose Commonwealth Club, Harman says privacy protections
also needed for electronic health records ---
WASHINGTON D.C. ---- In a speech today on security issues at the San
Jose Commonwealth Club, Rep. Jane Harman (D-Venice), Ranking Member of
the House Intelligence Committee and a member of the Homeland Security
Committee, called for scrapping the current Threat Warning System, overhauling
the Transportation Security Administration (TSA) and implementing strong
privacy protections for health information networks.
"The color-coded warning system is more useful as an interior decorating
tool than for providing critical information to first responders,"
Harman said. "It may have been a good idea when it was initiated,
but it has not worked."
Harman said the current warning system does not give law enforcement
officials or the pubic adequate direction about what to look for and what
to do in the case of a heightened alert. Harman called for a new structure
that provides more regional and specific threat information and data.
Calling on TSA to transition from a base line to a risk-management approach,
Harman said throwing more dollars and bodies at this problem won't solve
it.
"New and improved steps in our approach means standards for biometrics
and iris scans, as well as an accurate and complete check of passenger
lists with names in a radically improved Terrorist Screening Database,"
Harman said.
She urged the TSA to leverage the latest technologies to ensure the development
of better stress-tested database systems and the faster dissemination
of real time information.
Harman closed her speech with a discussion on the need for an interoperable
network of health information. She said the data-sharing system should
not be a centralized database of information, but a "network of networks"
built from the outside in.
"Such a system, modeled after the new intelligence reform law, would
allow for information to be transferred and accessed where needed, immediately
and securely," Harman said. "It has the potential to save billions
of dollars and, more importantly, save lives by reducing medical errors."
Harman is currently drafting legislation that would instruct Health and
Human Services Secretary Michael Leavitt to create a cross-agency project
to plan, design and charter a National Health Information Standards and
Policy Board. The board would be a non-profit government enterprise that
would identify and set standards and policies regarding interoperability,
privacy and data security for an emerging National Health Information
Network.
"Without strong protections for privacy, patients will not be comfortable
using technology, and the whole project will fail," Harman said.
###
The complete text from Harman's speech to the Commonwealth Club is contained
below.
TEXT FROM REP. JANE HARMAN'S SPEECH TO
THE SAN JOSE COMMONWEALTH CLUB
Wednesday, June 1, 2005
Thank you, Zoe, for that warm introduction. And thanks to the San Jose
Commonwealth Club for inviting me here today - and to AMD for providing
the cool venue.
Almost two years ago, I spoke to the San Francisco Commonwealth Club.
It's remarkable how different, and not so different, things are now. The
northern and southern parts of our state continue to wrestle over water,
the Dodgers continue to make the Giants miserable, and another Governor
is getting low marks.
Last week I returned from my 13th trip to the Mideast as a Member of
Congress. I re-visited Israel, Jordan, and for the first time, Lebanon.
Previous trips have included garden spots like Iraq, Afghanistan, Pakistan,
Qatar, Turkey, Morocco, Libya (where I met with Qaddafi in a tent outside
of his birthplace of Cirte), and Saudi Arabia. Exotics places, yes. Interesting,
you bet. But I don't think they would make Travel and Leisure's Top 10
list.
In every meeting with key regional leaders, my focus always came back
to the tough security issues facing the U.S. and the Middle East region.
For some of my new friends here, I live and breathe national security
issues, 24/7. It's just what I do.
My discussions helped refine my views on the big questions facing America
in our long-term fight against terrorism.
The first, who are we fighting?
The second, what will it take to win?
The enemy has changed.
On 9/11, Al Qaida was a fairly centralized organization, operating out
of Afghanistan and led by Osama Bin Ladin, Ayman al-Zawahiri, and Khalid
Sheik Mohammed. Think "IBM" - with a centralized, top-down leadership.
Al Qaida's sanctuary in Afghanistan was assured by the Taliban. Its bank
account was regularly replenished by the Saudis. Its ability to communicate
was virtually uninhibited - and yes, the pun is intended.
Today, the Al Qaida organization is badly damaged. With the exception
of Bin Ladin and Zawahiri, most of its top leaders have either been killed
or captured.
The takedown last month of Abu Faraj al-Libi, widely believed to be Khalid
Sheik Mohammed's replacement as chief of operations, is the latest major
blow.
Moreover, Al Qaida's sanctuary is not assured. Its fundraising capability
is compromised. And its communications are limited.
But while Al Qaida is weaker, the threat is not.
The threat now comes from a loosely knit, horizontal network - including
terrorist organizations like Hamas and Hizbollah that predated Al Qaida.
But other new upstarts share Bin Ladin's radical jihadist philosophy and
don't necessarily seek permission to act in his name.
If the old model was IBM, then the new model is McDonald's - radical
terror cells acting as franchises, in the business of causing terror.
And like McDonald's, these terror networks are found in every corner of
the globe.
So, when we ask, "who are we fighting," the answer is a growing
pool of recruits, across many countries, extremely well trained and prepared
to die to defeat the "Infidel" - Jews, Israel, America and the
West.
With Iran and North Korea developing nuclear weapons - and the A.Q. Khan
WMD network not completely dismantled - there is a real danger that the
most deadly weapons could end up in the hands of non-rational, non-state
fanatics. In terms of global security, it is a perfect storm.
Now that we have an idea of whom we are dealing with, what will it take
to win?
We need a two-pronged approach. First, deny our adversaries the ability
to hit us and our allies. Second, defeat their ability to recruit the
next generation.
First, Deny.
Deny them sanctuary and safe passage by continuing to work with our partners,
like Pakistan and Jordan, to keep up the fight against terrorist groups.
We must ratchet up the pressure on Syria and Iran, who harbor and equip
terrorist groups and allow insurgents to flow into Iraq.
Deny them weapons. Harvard professor Graham Allison has predicted that
within 10 years, a nuclear device will detonate in an American city. But
he has also said such an event is entirely preventable.
Allison says comprehensive security measures have been imposed on only
10 percent of sites in the former Soviet Union that house nuclear warheads.
Many have little more than a chain-link fence and a night watchman. If
we're serious about preventing nuclear weapons from being stolen or sold
to the highest bidder, we must do a better job protecting those sites.
Here at home, we must harden our own targets, which is why port security
and container security are among my primary concerns in Congress.
Denying weapons and arresting or killing known terrorists isn't an adequate
solution. We must also defeat the ideology of the broader radical movement.
We must present a more appealing, positive message of our own.
If we define victory as simply rounding up every known terrorist leader,
we'll fail. It's like hammering jello. You can hit these groups in one
place, as hard as you want. They just "squirt out" and gather
somewhere else.
That strategy also doesn't answer a question posed by Defense Secretary
Rumsfeld in an internal memo: "Are we capturing, killing, or deterring
and dissuading more terrorists every day than the madrassas and the radical
clerics are recruiting, training, and deploying against us?"
At the moment, the answer is no.
In this Era of Terror, if we define success as simply a matter of superior
firepower, we may win the battle, but we'll lose the war. We need to win
the "argument" with next generation terrorists and their sympathizers.
It starts with building a global consensus and a global strategy. Alliances
are the key.
Right now, the Arab and Muslim world see conflicting images. They see
Afghans and Iraqis voting. But they also see pictures from Abu Ghraib,
which have done enormous harm. It's not effective to preach democracy
and then fail to practice it ourselves.
So, can we win? Yes - if we are clear-eyed about the challenge and use
every tool at our disposal to meet it.
In my view, we are not doing enough to leverage imagination, ingenuity
and technology. These are the keys to the kingdom, all of which the skilled
workforce in this Valley (and in my South Bay district) bring.
Let me discuss three issues where our capabilities are distinctly lacking:
1) Our Threat Warning System needs to be scrapped and reinvented. I told
former Homeland Security Secretary Tom Ridge, only partially in jest,
that the color-coded system was more useful as an interior decorating
tool than for providing critical information to first responders and the
public.
2) TSA, the Transportation Security Administration, is an analog approach
to a digital problem. We've thrown billions of dollars and thousands of
people at the problem of airport security and I'd argue the return on
that investment has been sorely disappointing.
3) Cargo container security needs a massive infusion of funds, strategy,
and technology.
Container Security
In the recent film "Dirty War," a radioactive bomb is smuggled
into the Port of London and later detonated in the heart of the city,
causing it to be sealed off for 30 years. The film was fiction, but the
threat is all too real.
Twice in the last three months, container security at the Port of Los
Angeles has been breached by stowaways from China - triple the number
of terrorists who attacked us on 9/11. Instead of illegal immigrants seeking
better circumstances, these containers could have held members of a terrorist
cell or components of a dirty bomb. Next time, we may not be as lucky.
There are more than 361 ports in the United States and its territories
- more than 12 million containers enter the Ports of LA and Long Beach
each year! About 95 percent of all imports that enter the country do so
by sea. Clearly, shipping is big business. And disrupting that trade would
have staggering economic consequences - not to mention the potential human
cost.
But here's the kicker: only a fraction of cargo containers are inspected.
Part of the problem is inadequate funding, something Senator Susan Collins
from Maine - my Senate sister - and I are working to correct. We recently
introduced bipartisan, bicameral legislation authorizing the Department
of Homeland Security to establish a grant program based primarily on risk
and funded by custom duties already collected at ports.
But money is not the only answer. We need better, more effective technologies
and new creative partners in this endeavor - private sector initiatives
and fresh ideas that can assist in information sharing, security and threat
detection.
Two initiatives to check containers at the point of embarkation (the
so-called "Container Security Initiative" and the C-TPAT program)
have been criticized recently, but they are potentially very promising
ideas.
I'm sure we've all gotten that call from the credit card company asking
if we recently bought sneakers in Dayton, Ohio. They have data mining
systems that spot inconsistencies and irregularities in our purchases.
Red flags go up.
This is a simple example, but it's a telling one. By analyzing bills
of lading on shipping containers, suspicious cargo can be flagged. Ships
can be stopped and searched on the high seas, before they reach American
ports.
I know that the Port of Oakland recently became the first in the nation
to inspect 100 percent of all international containers for certain types
of radiation - this is a good thing. But if those containers aren't inspected
until they've been off-loaded and set on shore, it might already be too
late.
We need better strategies and technologies to solve the container security
problem.
The Transportation Security Administration and US-VISIT
My guess is that a lot of you travel a great deal. You're familiar with
the security measures at our airports which consume 9 out of 10 transportation
security dollars. I know David Stone, the outgoing head of TSA, and I
think his tenure has corrected many early problems. But TSA must now make
the leap from analog to digital.
TSA desperately needs better technology. A few airports use unique biometric
identifiers, like fingerprint and iris scans, to prove passenger identity.
But theirs is a voluntary and pilot program now. I'm sure you'll agree
this is the future for airport security.
Technology exists - for explosive detection trace portals. We must bring
it to the forefront.
TSA must transition from its baseline system - checking out carry-on
baggage and shoes - to a risk management approach. Throwing more dollars
and bodies at this problem won't solve it. Countries like Israel have
much to teach us.
New and improved steps in our approach means standards for biometrics
and iris scans, as well as an accurate and complete check of passenger
lists with names in the Terrorist Screening Database, maintained by the
Terrorist Screening Center, called the Secure Flight program.
In March, the Government Accountability Office told Congress that the
Secure Flight program has yet to establish real-time connectivity with
air carrier reservation systems, that it lacks an adequate system of redress
for falsely identified passengers, and has not yet fully defined the impacts
on the privacy of passengers in this new operational environment. Despite
GAO's findings, TSA has begun final Secure Flight testing. More needs
to be done in this area. Simply put, we need better stress-tested database
systems and real time information - this is where you can help.
Similar technology is being used in US VISIT, a program that uses digital
fingerscans and photographs for visa applicants and visitors coming and
going from the country. The goal is two-fold: to facilitate trade and
travel and maintain security at entry and exit points. The biometrics
collected are checked against a database of known criminals and suspected
terrorists. The system is currently in place at 115 airports, 15 seaports
and the 50 busiest land entry points.
At the Los Angeles Airport recently a Swiss national was arrested trying
to get into the U.S. on a visa waiver. He was wanted by Interpol as a
suspected pedophile. A murder suspect from Germany was arrested in New
York after his prints were run through the US VISIT system. These are
clearly are people we do not want entering our country.
But, much like TSA's Secure flight program, US-VISIT relies on law-enforcement
and terrorist watch lists. These lists are neither inadequately integrated,
nor updated.
We will be hearing from Secretary Chertoff on his second stage review
of the Department - and I hope in some of his proposals we hear the need
for better technology and systems at TSA to enhance passenger and baggage
screening, as well as for the US-VISIT program.
Threat Warning System
As I mentioned, Secretary Chertoff is in the midst of his review of the
Department, its systems, programs and protocols. I know an area he will
addresses is the color-coded Threat Advisory System.
The color-coded threat system may have been a good idea when it was initiated.
But it has not worked. American citizens are not better informed because
of it. Law enforcement officials still do not receive adequate direction
about what to look for and what to do with the new threat reporting information.
We need to move away from the color-coding and to a system that provides
more regional, more specific threat information.
We need a threat vulnerability and risk based assessment to move our
security efforts to those areas that need it most. And we need to solve
the problem of access to classified data: many local responders to not
have security clearances, and need to get tear-line warnings.
Health Care IT
There is one other issue I want to touch on, specifically because of its
heavy tech content.
The issue of privacy and the creation of trusted and smart data networks,
not only for homeland security and intelligence reform purposes but for
health care, are of extreme importance to me.
Think about when you go to your doctor's office. In a majority of doctor's
offices nationwide, critical details about your health, results of lab
tests, drugs you've been prescribed, are all recorded manually, with pen
and paper.
We've successfully mapped the human genome and yet our personal health
information is stuck in the 19th Century.
Studies show that standardized information exchange among healthcare
systems would save our country as much as $100 billion dollars per year,
by reducing unnecessary paperwork, duplicative medical tests, and costly
medical errors.
An interoperable network of health information would also give individuals
and health professionals the ability to access medical information dispersed
in many different places through one electronic portal. This system would
allow for information to be transferred and accessed where needed, immediately
and securely.
This is an incredible theoretical idea, and I think we can all imagine
how it could transform our nation's healthcare industry.
However, there are A LOT of hurdles to clear before we get there. There
is a danger that piecemeal attempts to bring medical records on-line may
result in "dead ends"- systems that cannot "speak"
to each other or transmit information securely and reliably across boundaries.
There are also a lot of serious concerns surrounding privacy and data
integrity. Medical data is extremely sensitive, and polls indicate that
people are very wary of bringing their medical records online.
Patients must be able to trust that their information is being transmitted
securely; whether their information has been accessed, and by whom; and
should fully understand the possible uses of any data they transmit. I
believe that the national health information network should never be a
centralized database of information; rather, it should be a "network
of networks" built from the outside in.
Think of a google search- you could search the network for records under
your name, and all the various medical information you've deposited with
different healthcare providers over the years would be pulled up under
one index.
But to access any of the individual items on the index, you'd have to
be authorized and authenticated. The data itself would never be stored
in one centralized location. And the patient would control access. Without
strong protections for privacy, patients will not be comfortable using
the technology, and the whole project will fail.
Baby steps have been taken. President Bush has established an Office
of the National Coordinator for Health Information Technology - a typical
Washington mouthful - whose mandate is to implement a nationwide network
of interoperable electronic health records within 10 years.
Unfortunately, Congress failed to fund the President's tech office.
I'm trying to do my small part, by working on legislation to establish
a process to develop and establish these policies regarding privacy and
data security, and ensure that systems are interoperable.
My staff and I are drafting legislation to instruct Secretary Leavitt
and the Director of OMB to create a cross-agency project to plan, design,
and charter a National Health Information Standards and Policy Board.
The board would be a non-profit, government enterprise that would identify
and set standards and policies regarding interoperability, privacy and
data security for an emerging National Health Information Network.
This suggestion arose out work supported by the Markle Foundation, a
wonderous place that includes prominent citizens of the Valley on its
Board. Markle's past work includes a national strategy for using information
and information technology in the post-9/11 environment.
In drafting the intelligence reform bill recently enacted into law, Markle
helped us develop principles for an intelligence information sharing network
built from the outside-in - one in which different users with different
levels of security clearance can access the right data in a secure and
timely manner, and in a way that protects the privacy and civil liberties
of American citizens in the process. This is the process we must replicate
for health data.
In conclusion, our nation and our state are blessed with some of the
brightest, most creative and most dedicated minds anywhere in the globe.
This region is the hub for some of the most dynamic forward-thinking anywhere.
There are fantastic resources for us to call upon to help solve critical
problems, from security to health care.
We do too little to leverage private sector talent and technology. We
must do better.
Thank you.
Home | Lobby
| Congresswoman Harman's Office | Press
| Issues | Casework
| District Office | Library
| Webmaster | Privacy
Policy | Contact
|
