House Democrats Criticize Bush Administration on Cyber Security and Use of IT

January 16, 2004. The Democrats on the House Homeland Security Committee released a report [18 pages in PDF] titled "America At Risk: The State of Homeland Security: Initial Findings". While the report criticizes the Bush administration across all areas of homeland security, it levels numerous accusations related to information technology vulnerabilities and problems.

The report asserts that "the United States remains vulnerable to terrorist attack". It continues that "The men and women who patrol our borders, inspect cargo at our ports, analyze intelligence, and respond to emergencies, are setting the standards for excellence, but they are not receiving the leadership or support they deserve. Although the Department of Homeland Security (DHS) has been in existence for almost a year, our national homeland security efforts continue to be woefully inadequate."

The report offers several allegations regarding Bush administration failures in the area of cyber security. First, it states that "In the December 2003 ``Computer Security Report Card´´ issued by the House Committee on Government Reform, eight of the agencies surveyed, including DHS, received an ``F´´ on the security of their own computer network systems."

See, grade card [1 pages in PDF] titled "Federal Computer Security Report Card" and the House Government Reform Committee's web page on this issue.

Second, it states that "In February 2002, the Administration released a ``National Strategy to Secure Cyberspace´´, setting forth five cybersecurity priority areas, including the development of a cybersecurity response team, a threat and vulnerability reduction program, and awareness and training programs, as well as plans for securing government computers and developing national security and international cooperation. Implementation of the plan has been delayed for nearly a year and two Presidential advisors on cybersecurity have left the government, one after only two months."

Third, it states that "In addition to losing its top cybersecurity officials, the Administration has dismantled the Critical Infrastructure Board. The top cybersecurity position in the government is now the Director of the National Cyber Security Division, buried deep within DHS. There is no longer a Presidential advisor or senior official with the authority to direct all the agencies responsible for cybersecurity should a cyber-crisis occur."

Finally, it states that "To ensure that the United States is better prepared to prevent and combat terrorist attacks on private and government computers, Congress enacted the Cybersecurity Research and Development Act of 2002 which authorized $903 million in research and development funds over five years to the National Science Foundation (NSF) and the NIST. For FY04, the Act specified $100.25 million for NSF. Yet, the President's FY04 budget only requested $35 million for the NSF's cybersecurity efforts.

The Democrats' report then addressed, and repeated statements contained in, a pair of reports prepared by the Markle Foundation, including a report [171 pages in PDF] released last month titled "Creating a Trusted Network for Homeland Security".

The Democrats' report states that "The Markle Foundation reports concluded that the Administration's failure to formulate a policy framework to assess both the privacy implications of using new technologies and the value of gathering information available in the private sector has limited the effective use of information in the war against terror."

The Democrats' report continues that "Because of this failure, efforts to use new technologies and collect and analyze information ``have been met with outcries of invasion of privacy and repeatedly shut down,´´ according to the Markle Foundation.

The Democrats' report cites as examples the Total Information Awareness (TIA) program of the Defense Advanced Research Projects Agency (DARPA), and the Computer Assisted Passenger Prescreening System (CAPPS) II program. See, stories titled "President Signs Defense Appropriations Bill, With Total Information Awareness Ban" and "Homeland Security Appropriations Bill Purports to Restrict Use of Funds for CAPPS II", both published in TLJ Daily E-Mail Alert No. 751, October 2, 2003.

The Democrats' report then contains a section that criticizes the Bush administration's failure to make use of new technologies. It states that "While Secretary Ridge has claimed that the administration is using new technologies, a restructured homeland security organization, and streamlined processes to make the nation significantly more secure, criticism of the Administration's ineffective use of information technology to improve homeland security is nearly universal". The Democrats' report cites two sources for this conclusion -- the Markle Foundation, and the December 2002 Congressional Joint Inquiry into Intelligence Community Activities Before and After the Terrorist Attacks of September 11, 2001.

The Democrat's report also contends that "Management of IT within the DHS is unstable", citing the high rate of turnover for the Chief Information Officers of its divisions.

The Democrats' report also claims that "The Administration is failing to use IT effectively on mission-critical projects, including information sharing and integrating disparate terrorist watch lists". It adds that "While the technology to integrate separate terrorist watch lists is widely available and implementation should take no more than 6-12 months, the Administration, two-and-a-half years after 9/11, has yet to integrate data from separate lists into an integrated and robust terrorist watch list and database."

Rep. Chris CoxRep. Chris Cox (R-CA), the Chairman of the Committee, issued two releases criticizing the Democrats' report. He stated that "substituting rhetoric for responsible oversight will ultimately harm America's security."

Rep. Cox asserted that the report is "unacceptable amateurism", and that "The Minority owes a duty to every American to recognize that the Administration has a comprehensive and coherent strategy that addresses each of the homeland security areas mentioned in their memo".

"The Democrats apparently couldn't wait to kick-off the political season with cynical rhetoric designed to scare people about the security of our nation, and I find that appalling," said Rep. Cox.

Rep. Jim TurnerRep. Jim Turner (D-TX) (at left) is the ranking Democrat on the Committee. He has announced that he will not seek re-election.

He stated in a release [PDF] that "These findings identify the security gaps our country continues to face and reveals major shortcomings in the Administration's homeland security efforts ... In conducting oversight for almost a year now, our Committee members are deeply concerned that our government is not taking strong and swift enough action to protect the homeland."

This release also states that a final report will be released next month. It will include "specific proposals outlining recommendations to close these security gaps".

Rep. Zoe Lofgren (D-CA) is the ranking Democrat on the Subcommittee on Cybersecurity, Science and Research and Development.