Nationwide Suspicious Activity Reporting Initiative

Last updated February 15, 2024

The Nationwide Suspicious Activity Reporting (SAR) Initiative (NSI) is a program of the United States government used to collect and share reports of suspicious activity by people in the United States.^[1]^[2] The Nationwide SAR Initiative (NSI) builds on what law enforcement and other agencies have been doing for years — gathering information regarding behaviors and incidents associated with criminal activity — but without the customary restrictions on collecting data on individuals in the absence of reasonable suspicion or probable cause. The program has established a standardized process whereby SARs can be shared among agencies to help detect and prevent terrorism-related criminal activity. This process is in direct response to the mandate to establish a "unified process for reporting, tracking, and accessing [SARs]" in a manner that rigorously protects the privacy and civil liberties of Americans, as called for in the 2007 National Strategy for Information Sharing (NSIS),^[3] which in turn was authorized by the Intelligence Reform and Terrorism Prevention Act of 2004.^[4] Reports of suspicious behavior noticed by local law enforcement or by private citizens are forwarded to state and major urban area fusion centers as well as DHS and the FBI for analysis. Sometimes this information is combined with other information to evaluate the suspicious activity in greater context. The program is primarily under the direction of the US Government & U.S Department of Justice.^[2]^[5]

Background

Suspicious activity is defined in the ISE-SAR Functional Standard (ISE-SAR FS) Version 1.5^[6] as "observed behavior reasonably indicative of pre-operational planning related to terrorism or other criminal activity." It is important to note that the NSI is a behavior-focused approach to identifying suspicious activity. Factors such as race, ethnicity, national origin, or religious affiliation are not considered as factors that create suspicion (except if used as part of a specific suspect description). The behaviors outlined in the ISE-SAR FS were identified by subject-matter experts; validated through implementation in the Los Angeles, California, Police Department and the application of ten years of State and Local Anti-Terrorism Training (SLATT) Program ^[7] experience; and then adjusted based on input by privacy advocacy representatives. At the completion of this process, in May 2009, the ISE-SAR FS was published, with the entire SAR process anchored on behaviors of suspicious activity, not ethnicity, race, or gender.

The NSI is currently being implemented through a partnership between the national network of fusion centers and key federal agencies that will coordinate with law enforcement officers in their states. This partnership spans the spectrum of customized technology solutions and includes training and the development of comprehensive privacy, civil rights and civil liberties policies at both the federal and fusion center levels. This approach also provides for a decentralized process that respects the state's unique requirements but maintains national standards that permit the interoperability of information exchanges and the consistent application of a privacy framework, and is consistent with the allocation of responsibilities to the 72 designated State and major urban area fusion centers.

On December 17, 2009, the U.S. Department of Justice was named the Executive Agent to establish and operate the Program Management Office (PMO) for the NSI, taking on responsibility for coordinating existing resources and managing additional support to further develop and deploy the NSI. In March 2010, the PMO was established within the Bureau of Justice Assistance. ^[8] This interagency office, led by senior staff from the Bureau of Justice Assistance, Department of Homeland Security (DHS), and Federal Bureau of Investigation (FBI), also coordinates closely with other federal, state, local, and tribal partners.

The goal of the PMO is to facilitate the implementation of the NSI across all levels of government, and assist participating agencies to adopt compatible processes, policies, and standards that foster broader sharing of SARs, while ensuring that privacy and civil liberties are protected in accordance with local, state, and federal laws and regulations. Primary functions of the Program Management Office include advocating on behalf of the NSI, providing guidance to participants at all levels, and coordinating various efforts within the NSI. Given the criticality of privacy and civil liberties issues, the PMO works collaboratively with, and is supported by, the DOJ Privacy and Civil Liberties Office.

NSI Training

To ensure that the behavior-focused approach that is outlined in the ISE-SAR Functional Standard is institutionalized, the NSI created a multifaceted training approach designed to increase the effectiveness of federal, state, local, and tribal law enforcement professionals in identifying, reporting, evaluating, and sharing pre-incident terrorism indicators to prevent acts of terrorism. ^[2] There are currently three briefings/trainings available through the NSI PMO, with several others under development:

Executive Briefing

Law enforcement executives play a vital role in ensuring that the SAR process is not only successfully implemented but effectively supported. The SAR Executive Briefings focus on executive leadership, policy development, privacy and civil liberties protections, agency training, and community outreach. Fusion centers, law enforcement professional associations, and additional entities conduct these types of briefings in a variety of venues.

Analytic Training

Ensuring that SARs are properly reviewed and vetted is critical to promoting the integrity of information submitted; protecting citizens' privacy, civil rights, and civil liberties; and successfully implementing the SAR process. The SAR Analytic Role Training focuses on the evaluation of SARs to identify behaviors that may be associated with pre-incident terrorism planning and the process for sharing terrorism-related SARs nationwide. Through this curriculum, analysts and investigators are trained to recognize terrorism-related pre-incident indicators and to validate—based on a combination of knowledge, experience, and available information—whether the behavior has a potential nexus to terrorism and meets criteria for submission. The training is delivered in an eight-hour workshop format.

Line-Officer Training

Frontline law enforcement personnel are trained to recognize behavior and incidents that may indicate criminal activity associated with terrorism. Their routine duties position them to observe and report suspicious behaviors or activities. The SAR Line Officer Training focuses on the critical role line officers have in the effective implementation of the SAR process by identifying and documenting suspicious activity. To efficiently deliver training to a large number of line officers in a timely manner, this training is delivered through a 15-minute CD that has been posted to several online/distance-learning formats.

Privacy, Civil Rights, and Civil Liberties Protections

NSI program administrators claim they are aware of the importance of protecting the personal privacy, civil rights, and civil liberties of all Americans, and in response have developed and implemented a comprehensive NSI Privacy Protection Framework that is required for agencies at all levels of government prior to participation in the NSI.^[9] Participating agencies must have an approved privacy policy that specifically addresses the SAR process; applies the protections outlined in the ISE-SAR Functional Standard (Version 1.5) ^[6] and the ISE Privacy Guidelines; and participate in each of the three training programs described above. The NSI PMO also requires that participating fusion centers have policies that address how the center incorporates applicable state laws, agency rules, and regulations into the sharing of terrorism-related SAR information.

NSI Privacy Protection Framework

The NSI requires each site to consider privacy throughout the SAR process by fully adopting the following NSI Privacy Protection Framework prior to NSI participation:

Privacy policy: The adoption and implementation of an approved privacy policy that contains ISE-SAR privacy protections that are in compliance with required provisions contained in the ISE-SAR Privacy, Civil Rights, and Civil Liberties Protection Policy Template or the Fusion Center Privacy Policy Development: Privacy, Civil Rights, and Civil Liberties Policy Template. It is important to note that an NSI program requirement exists that requires sites to have a policy developed and adopted prior to the interstate sharing of ISE-SARs.
ISE-SAR Functional Standard: The application of the most current version of the ISE-SAR FS, which reinforces constitutional standards, including the protection of rights guaranteed by the First Amendment and limitations on the use of certain factors—including race, ethnicity, national origin, or religious affiliation—in the gathering, collecting, storing, and sharing of information about individuals.^[6] The standard also includes reliability indicators, included as a result of input from privacy advocates. The functional standard, through the use of Information Exchange Package Documentation (IEPD), allows the originating agency to include or not include fields that contain personal information based upon the agency's rules and policies.
Privacy training: The delivery of privacy training, through which the ISE-SAR FS is effectively communicated to personnel with responsibilities in the ISE-SAR arena, ensures the proper application of this standard. Furthermore, to expedite privacy policy development and implementation, it is strongly recommended that NSI sites have access to the services of a trained privacy officer who is available to provide ongoing advice and assistance regarding the protection of privacy, civil rights, and civil liberties. Three levels of training have been developed for the NSI, all of which include privacy materials. The NSI training levels are chief executive, analyst investigator, and line officer.

SAR Vetting Process

A key aspect of the NSI is the SAR vetting process. Before an agency can move SARs from the agency systems to the ISE, two forms of vetting must occur. Supervisors who initially receive a SAR from law enforcement officers, public safety agencies, private sector partners, or citizens must initially review the SAR to determine whether it has a nexus to terrorism and whether it includes the behaviors identified in the ISE-SAR FS.^[6] Trained analysts must then analyze the SAR against the behaviors identified in the ISE-SAR FS. Throughout the vetting process, privacy, civil rights, and civil liberties are vigilantly and actively protected through the training that analysts receive and through the system attributes that are a part of the NSI.

Community Outreach

The success of the NSI largely depends on the ability of law enforcement agencies to earn and maintain the public's trust, which is accomplished through a transparent process that addresses the concerns of citizens and by engaging collaboratively with advocacy groups. To support a fusion center's efforts to interact with its community, as well as local law enforcement, the NSI Program Management Office (PMO) led the development and participation in the Building Communities of Trust (BCOT) initiative.^[10] This initiative is designed to assist fusion centers in engaging community leaders in a dialogue about the center's functions, including the SAR process, the NSI, and the need for interaction with community leaders. Outreach to advocacy groups has served an essential role in shaping the NSI Privacy Protection Framework and will continue to play an important role in the NSI as it moves forward.

System Attributes

In addition to multiple levels of SAR review by trained personnel, there are system attributes that support privacy protections for the gathering, collection, storage, and sharing of SAR information, such as:

Improved data standards for information sharing using the National Information Exchange Model (www.niem.gov).
Leveraging existing secure systems, networks, and resources, such as the Regional Information Sharing Systems, Law Enforcement Online, the Homeland Security Information Network, the National Criminal Intelligence Resource Center (www.ncirc.gov), and the Federal Bureau of Investigation's eGuardian system.
Built-in design privacy protections, such as user authentication, "investigative purposes only" disclosures upon log-in, articulated investigative reason for accessing the system, clearly stated "for official law enforcement use only" warning before system access, and audit logs for capturing search transactions.
Formatting in accordance with the ISE-SAR FS's IEPD format, which includes the application of privacy fields.

Compliance Verification

The U.S. Department of Justice's (DOJ) Global Justice Information Sharing Initiative ^[11] Criminal Intelligence Coordinating Council ^[12] developed the Privacy, Civil Rights, and Civil Liberties Compliance Verification for the Intelligence Enterprise,^[13] which is a compliance verification document, for the purpose of assisting intelligence enterprises in complying with all applicable privacy, civil rights, and civil liberties protection laws, regulations, and policies while sharing appropriate intelligence and information needed to safeguard America.

Criticism

According to an investigation by the Washington Post, this program, "by far the largest and most technologically sophisticated in the nation's history, collects, stores and analyzes information about thousands of U.S. citizens and residents, many of whom have not been accused of any wrongdoing." Reports of suspicious behavior noticed by local law enforcement, or even by private citizens, are forwarded to the program, and profiles are constructed of persons who are merely under suspicion, without adjudicated evidence or reasonable suspicion that a crime is being committed.^[5] It has been described as "a vast domestic spying network to collect information on Americans".^[14] According to the American Civil Liberties Union, the program's fusion centers "raise very serious privacy issues at a time when new technology, government powers and zeal in the "war on terrorism" are combining to threaten Americans' privacy at an unprecedented level."^[15]

In 2005 and 2006, fifty-three individuals involved with peace groups, the anti-death penalty movement, and other causes were improperly added to a terrorist and drug trafficking data base by the Maryland State Police. Former Maryland Attorney General Stephen Sachs said the 14 months of covert police surveillance, which took place in 2005 and 2006, was "not predicated on any information indicating that those individuals or groups had committed or planned any criminal misconduct."^[16]

Related Research Articles

The USA PATRIOT Act was a landmark Act of the United States Congress, signed into law by President George W. Bush. The formal name of the statute is the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001, and the commonly used short name is a contrived acronym that is embedded in the name set forth in the statute.

Civil liberties are guarantees and freedoms that governments commit not to abridge, either by constitution, legislation, or judicial interpretation, without due process. Though the scope of the term differs between countries, civil liberties may include the freedom of conscience, freedom of press, freedom of religion, freedom of expression, freedom of assembly, the right to security and liberty, freedom of speech, the right to privacy, the right to equal treatment under the law and due process, the right to a fair trial, and the right to life. Other civil liberties include the right to own property, the right to defend oneself, and the right to bodily integrity. Within the distinctions between civil liberties and other types of liberty, distinctions exist between positive liberty/positive rights and negative liberty/negative rights.

The United States Department of Homeland Security (DHS) is the U.S. federal executive department responsible for public security, roughly comparable to the interior or home ministries of other countries. Its stated missions involve anti-terrorism, border security, immigration and customs, cyber security, and disaster prevention and management.

The Electronic Privacy Information Center (EPIC) is an independent nonprofit research center established in 1994 to protect privacy, freedom of expression, and democratic values in the information age. Based in Washington, D.C., their mission is to "secure the fundamental right to privacy in the digital age for all people through advocacy, research, and litigation."

The Privacy Act of 1974, a United States federal law, establishes a Code of Fair Information Practice that governs the collection, maintenance, use, and dissemination of personally identifiable information about individuals that is maintained in systems of records by federal agencies. A system of records is a group of records under the control of an agency from which information is retrieved by the name of the individual or by some identifier assigned to the individual. The Privacy Act requires that agencies give the public notice of their systems of records by publication in the Federal Register. The Privacy Act prohibits the disclosure of information from a system of records absent of the written consent of the subject individual, unless the disclosure is pursuant to one of twelve statutory exceptions. The Act also provides individuals with a means by which to seek access to and amendment of their records and sets forth various agency record-keeping requirements. Additionally, with people granted the right to review what was documented with their name, they are also able to find out if the "records have been disclosed" and are also given the right to make corrections.

The Canada Border Services Agency is a federal law enforcement agency that is responsible for border control, immigration enforcement, and customs services in Canada.

United States Customs and Border Protection (CBP) is the largest federal law enforcement agency of the United States Department of Homeland Security. It is the country's primary border control organization, charged with regulating and facilitating international trade, collecting import duties, as well as enforcing U.S. regulations, including trade, customs and immigration. CBP is one of the largest law enforcement agencies in the United States. It has a workforce of more than 45,600 federal agents and officers. It is headquartered in Washington, D.C.

In financial regulation, a Suspicious Activity Report (SAR) or Suspicious Transaction Report (STR) is a report made by a financial institution about suspicious or potentially suspicious activity as required under laws designed to counter money laundering, financing of terrorism and other financial crimes. The criteria to decide when a report must be made varies from country to country, but generally is any financial transaction that either a) does not make sense to the financial institution; b) is unusual for that particular client; or c) appears to be done only for the purpose of hiding or obfuscating another, separate transaction. The report is filed with that country's Financial Intelligence Unit, which is typically a specialist agency designed to collect and analyse transactions and then report these to relevant law enforcement teams.

Policy appliances are technical control and logging mechanisms to enforce or reconcile policy rules and to ensure accountability in information systems. Policy appliances can be used to enforce policy or other systems constraints within and among trusted systems.

The Law Enforcement Intelligence Unit (LEIU) is an organization designed to facilitate intelligence sharing between state and local law enforcement agencies. It began in 1956 with 26 members and has since expanded to include roughly 250 members, mostly in the United States but also in Canada, Australia, and South Africa. The organization is divided into four zones: Eastern, Central, Northwestern, and Southwestern. According to its website, LEIU's purpose is to "gather, record, and exchange confidential information not available through regular police channels, concerning organized crime and terrorism."

Counterintelligence Field Activity (CIFA) was a United States Department of Defense (DoD) agency whose size and budget were classified. The CIFA was created by a directive from the Secretary of Defense, then Donald Rumsfeld, on February 19, 2002. On August 8, 2008, it was announced that CIFA would be shut down. The Defense Intelligence Agency (DIA) absorbed most of the components and authorities of the CIFA into the Defense Counterintelligence and Human Intelligence Center, which was later consolidated into the Defense Clandestine Service.

The Memorial Institute for the Prevention of Terrorism (MIPT) was a non-profit organization founded in response to the 1995 Oklahoma City bombing. Supported by Department of Homeland Security and other government grant funds, it conducted research into the causes of terrorism and maintained the MIPT Terrorism Knowledge Base — which was an online database of terrorist incidents, groups, and other information. MIPT also worked in conjunction with RAND, for some of its research and analysis. The institute provided training and professional development dedicated to improving the skills of law enforcement officers.

In the United States, fusion centers are designed to promote information sharing at the federal level between agencies such as the Federal Bureau of Investigation, the U.S. Department of Homeland Security, the U.S. Department of Justice, and state, local, and tribal law enforcement. As of February 2018, the U.S. Department of Homeland Security recognized 79 fusion centers. Fusion centers may also be affiliated with an emergency operations center that responds in the event of a disaster.

The Privacy and Civil Liberties Oversight Board (PCLOB) is an independent agency within the executive branch of the United States government, established by Congress in 2004 to advise the President and other senior executive branch officials to ensure that concerns with respect to privacy and civil liberties in the United States are appropriately considered in the development and implementation of all laws, regulations, and executive branch policies related to terrorism.

Intelligence-led policing (ILP) is a policing model built around the assessment and management of risk. Intelligence officers serve as guides to operations, rather than operations guiding intelligence.

The counter-terrorism page primarily deals with special police or military organizations that carry out arrest or direct combat with terrorists. This page deals with the other aspects of counter-terrorism:

A suspicious activity report is a report of suspicious activity that may either be a terrorist act, a criminal act, or a non-criminal act considered a precursor to either a terrorist act or criminal act. A SAR may be filed by law enforcement, public safety personnel, owners of critical infrastructure or the general public. The report is the incident level event reported under the National SAR Initiative, a joint project of the United States Department of Justice and the United States Department of Homeland Security. It is run by the SAR Program Office in the Department of Justice. SARs are completed at the local, state or federal law enforcement level and shared with fusion centers who make the information available to local law enforcement agencies, United States Department of Justice and the United States Department of Homeland Security the FBI, the Department of Defense and private partners. Fusion centers have been criticized by a U.S. Senate Committee which found that the fusion centers often produced "irrelevant, useless or inappropriate intelligence reporting".

The Information Sharing Environment (ISE) was established by the United States Intelligence Reform and Terrorism Prevention Act of 2004. Under Section 1016 of IRTPA, the Program Manager for the Information Sharing Environment (PM-ISE) was granted government wide authority to plan for, oversee the implementation of, and manage the ISE.

Intelligence sharing is "the ability to exchange intelligence, information, data, or knowledge among Federal, state, local or private-sector entities as appropriate." Intelligence sharing also involves intergovernmental bilateral or multilateral agreements and through international organizations. Intelligence sharing is meant to facilitate the use of actionable intelligence to a broader range of decision-makers.

The California Privacy Rights Act of 2020 (CPRA), also known as Proposition 24, is a California ballot proposition that was approved by a majority of voters after appearing on the ballot for the general election on November 3, 2020. This proposition expands California's consumer privacy law and builds upon the California Consumer Privacy Act (CCPA) of 2018, which established a foundation for consumer privacy regulations.

References

↑ "Nationwide SAR Initiative webpage". US Department of Justice. Retrieved December 22, 2010.
1 2 3 "Overview of the Nationwide SAR Initiative" (PDF). US Department of Justice. Retrieved December 22, 2010.
↑ "2007 National Strategy for Information Sharing". Executive Office of the President of the United States. Retrieved December 22, 2010.
↑ "2012 National Strategy for Information Sharing and Safeguarding" (PDF). White House. Retrieved October 17, 2018.
1 2 Dana Priest and William M. Arkin (December 20, 2010). "Monitoring America: How the U.S. Sees You". CBS News.
1 2 3 4 "Information Sharing Environment, Suspicious Activity Reporting Functional Standard, version 1.5" (PDF). US Department of Justice. Archived from the original (PDF) on March 12, 2011. Retrieved December 22, 2010.
↑ "State and Local Anti-Terrorism Training Program webpage". US Department of Justice. Retrieved December 22, 2010.
↑ "'US Department of Justice, Bureau of Justice Assistance webpage". US Department of Justice, Bureau of Justice Assistance. Archived from the original on June 24, 2009. Retrieved December 22, 2010.
↑ "Nationwide SAR Initiative Privacy Briefing webpage" (PDF). US Department of Justice. Archived from the original (PDF) on November 5, 2010. Retrieved December 22, 2010.
↑ "Building Communities of Trust overview" (PDF). US Department of Justice. Retrieved December 22, 2010.
↑ "DOJ Global Justice Information Sharing Initiative webpage". US Department of Justice. Retrieved December 22, 2010.
↑ "DOJ Global Justice Information Sharing Initiative CICC webpage". US Department of Justice. Retrieved December 22, 2010.
↑ "Nationwide SAR Initiative, Privacy, Civil Rights, and Civil Liberties Compliance Verification for the Intelligence Enterprise" (PDF). US Department of Justice. Retrieved December 22, 2010.
↑ "Government builds vast domestic spying network: report". AFP. December 20, 2010.
↑ "What's Wrong With Fusion Centers - Executive Summary". American Civil Liberties Union. December 5, 2007.
↑ Jennifer Broadwater (April 2, 2009). "Terrorist is a pretty horrible word". Howard County Times.

External links

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] "Nationwide SAR Initiative webpage". US Department of Justice. Retrieved December 22, 2010.

[NSI_Overview-2] 1 2 3 "Overview of the Nationwide SAR Initiative" (PDF). US Department of Justice. Retrieved December 22, 2010.

[3] "2007 National Strategy for Information Sharing". Executive Office of the President of the United States. Retrieved December 22, 2010.

[4] "2012 National Strategy for Information Sharing and Safeguarding" (PDF). White House. Retrieved October 17, 2018.

[Priest_Arkin-5] 1 2 Dana Priest and William M. Arkin (December 20, 2010). "Monitoring America: How the U.S. Sees You". CBS News.

[ISE-SAR_FS_1.5-6] 1 2 3 4 "Information Sharing Environment, Suspicious Activity Reporting Functional Standard, version 1.5" (PDF). US Department of Justice. Archived from the original (PDF) on March 12, 2011. Retrieved December 22, 2010.

[7] "State and Local Anti-Terrorism Training Program webpage". US Department of Justice. Retrieved December 22, 2010.

[8] "'US Department of Justice, Bureau of Justice Assistance webpage". US Department of Justice, Bureau of Justice Assistance. Archived from the original on June 24, 2009. Retrieved December 22, 2010.

[9] "Nationwide SAR Initiative Privacy Briefing webpage" (PDF). US Department of Justice. Archived from the original (PDF) on November 5, 2010. Retrieved December 22, 2010.

[10] "Building Communities of Trust overview" (PDF). US Department of Justice. Retrieved December 22, 2010.

[11] "DOJ Global Justice Information Sharing Initiative webpage". US Department of Justice. Retrieved December 22, 2010.

[12] "DOJ Global Justice Information Sharing Initiative CICC webpage". US Department of Justice. Retrieved December 22, 2010.

[13] "Nationwide SAR Initiative, Privacy, Civil Rights, and Civil Liberties Compliance Verification for the Intelligence Enterprise" (PDF). US Department of Justice. Retrieved December 22, 2010.

[14] "Government builds vast domestic spying network: report". AFP. December 20, 2010.

[15] "What's Wrong With Fusion Centers - Executive Summary". American Civil Liberties Union. December 5, 2007.

[16] Jennifer Broadwater (April 2, 2009). "Terrorist is a pretty horrible word". Howard County Times.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]

[14]

[15]

[16]