Text 1884, 376 rader
Skriven 2005-12-16 23:33:04 av Whitehouse Press (1:3634/12.0)
Ärende: Press Release (051216a) for Fri, 2005 Dec 16
====================================================
===========================================================================
Memorandum for the Heads of Executive Departments and Agencies
===========================================================================

For Immediate Release
Office of the Press Secretary
December 16, 2005

Memorandum for the Heads of Executive Departments and Agencies



SUBJECT: Guidelines and Requirements in Support of the Information Sharing
Environment

Ensuring the appropriate access to, and the sharing, integration, and use
of, information by Federal, State, local, and tribal agencies with
counterterrorism responsibilities, and, as appropriate, private sector
entities, while protecting the information privacy and other legal rights
of Americans, remains a high priority for the United States and a necessity
for winning the war on terror. Consistent with section 1016 of the
Intelligence Reform and Terrorism Prevention Act of 2004 (Public Law 108
458) (IRTPA), my Administration is working to create an Information Sharing
Environment (ISE) to facilitate the sharing of terrorism information (as
defined in Executive Order 13388 of October 25, 2005).

Section 1016 of IRTPA supplements section 892 of the Homeland Security Act
of 2002 (Public Law 107 296), Executive Order 13311 of July 29, 2003, and
other Presidential guidance, which address various aspects of information
access. On April 15, 2005, consistent with section 1016(f) of IRTPA, I
designated the program manager (PM) responsible for information sharing
across the Federal Government. On June 2, 2005, my memorandum entitled
"Strengthening Information Sharing, Access, and Integration -
Organizational, Management, and Policy Development Structures for Creating
the Terrorism Information Sharing Environment" directed that the PM and his
office be part of the Office of the Director of National Intelligence
(DNI), and that the DNI exercise authority, direction, and control over the
PM and ensure that the PM carries out his responsibilities under IRTPA. On
October 25, 2005, I issued Executive Order 13388 to facilitate the work of
the PM and the expeditious establishment of the ISE and restructure the
Information Sharing Council (ISC), which provides advice concerning and
assists in the establishment, implementation, and maintenance of the ISE.

On June 2, 2005, I also established the Information Sharing Policy
Coordination Committee (ISPCC), which is chaired jointly by the Homeland
Security Council (HSC) and the National Security Council (NSC), and which
has the responsibilities set forth in section D of Homeland Security
Presidential Directive 1 and other relevant presidential guidance with
respect to information sharing. The ISPCC is the main day-to-day forum for
interagency coordination of information sharing policy, including the
resolution of issues raised by the PM, and provides policy analysis and
recommendations for consideration by the more senior committees of the HSC
and NSC systems and ensures timely responses.

Section 1016(d) of IRTPA calls for leveraging all ongoing efforts
consistent with establishing the ISE, the issuance of guidelines for
acquiring, accessing, sharing, and using information in support of the ISE
and for protecting privacy and civil liberties in the development of the
ISE, and the promotion of a culture of information sharing. Consistent with
the Constitution and the laws of the United States, including section 103
of the National Security Act of 1947, as amended, and sections 1016 and
1018 of IRTPA, I hereby direct as follows:

1. Leveraging Ongoing Information Sharing Efforts in the Development of the
ISE. The ISE shall build upon existing Federal Government policies,
standards, procedures, programs, systems, and architectures (collectively
"resources") used for the sharing and integration of and access to
terrorism information, and shall leverage those resources to the maximum
extent practicable, with the objective of establishing a decentralized,
comprehensive, and coordinated environment for the sharing and integration
of such information.

a. The DNI shall direct the PM to conduct and complete, within 90 days
after the date of this memorandum, in consultation with the ISC, a
comprehensive evaluation of existing resources pertaining to terrorism
information sharing employed by individual or multiple executive
departments and agencies. Such evaluation shall assess such resources for
their utility and integrative potential in furtherance of the establishment
of the ISE and shall identify any unnecessary redundancies.

b. To ensure that the ISE supports the needs of executive departments and
agencies with counterterrorism responsibilities, and consistent with
section 1021 of IRTPA, the DNI shall direct the PM, jointly with the
Director of the National Counterterrorism Center (NCTC),

and in coordination with the heads of relevant executive departments and
agencies, to review and identify the respective missions, roles, and
responsibilities of such executive departments and agencies, both as
producers and users of terrorism information, relating to the acquisition,
access, retention, production, use, management, and sharing of terrorism
information. The findings shall be reviewed through the interagency policy
coordination process, and any recommendations for the further definition,
reconciliation, or alteration of such missions, roles, and responsibilities
shall be submitted, within 180 days after the date of this memorandum, by
the DNI to the President for approval through the Assistant to the
President for Homeland Security and Counterterrorism (APHS-CT) and the
Assistant to the President for National Security Affairs (APNSA). This
effort shall be coordinated as appropriate with the tasks assigned under
the Guidelines set forth in section 2 of this memorandum.

c. Upon the submission of findings as directed in the preceding paragraph
(1(b)), the DNI shall direct the PM, in consultation with the ISC, to
develop, in a manner consistent with applicable law, the policies,
procedures, and architectures needed to create the ISE, which shall support
the counterterrorism missions, roles, and responsibilities of executive
departments and agencies. These policies, procedures, and architectures
shall be

reviewed through the interagency policy coordination process, and shall be
submitted, within 180 days after the submission of findings as directed in
the preceding paragraph (1(b)), by the DNI to the President for approval
through the APHS-CT and the APNSA.

2. Information Sharing Guidelines. Consistent with section 1016(d) of
IRTPA, I hereby issue the following guidelines and related requirements,
the implementation of which shall be conducted in consultation with, and
with support from, the PM as directed by the DNI:

a. Guideline 1 - Define Common Standards for How Information is Acquired,
Accessed, Shared, and Used Within the ISE

The ISE must, to the extent possible, be supported by common standards that
maximize the acquisition, access, retention, production, use, management,
and sharing of terrorism information within the ISE consistent with the
protection of intelligence, law enforcement, protective, and military
sources, methods, and activities.

Consistent with Executive Order 13388 and IRTPA, the DNI, in coordination
with the Secretaries of State, Defense, and Homeland Security, and the
Attorney General, shall develop and issue, within 90 days after the date of
this memorandum, common standards (i) for preparing terrorism information
for maximum distribution and access, (ii) to enable the acquisition,
access, retention, production, use, management, and sharing of terrorism
information within the ISE while safeguarding such information and
protecting sources and methods from unauthorized use or disclosure, (iii)
for implementing legal requirements relating to the handling of specific
types of information, and (iv) that include the appropriate method for the
Government-wide adoption and implementation of such standards. Such
standards shall accommodate and reflect the sharing of terrorism
information, as appropriate, with State, local, and tribal governments, law
enforcement agencies, and the private sector. Within 90 days after the
issuance of such standards, the Secretary of Homeland Security and the
Attorney General shall jointly disseminate such standards for use by State,
local, and tribal governments, law enforcement agencies, and the private
sector, on a mandatory basis where possible and a voluntary basis where
not. The DNI may amend the common standards from time to time as
appropriate through the same process by which the DNI issued them.

b. Guideline 2 - Develop a Common Framework for the Sharing of Information
Between and Among Executive Departments and Agencies and State, Local, and
Tribal Governments, Law Enforcement Agencies, and the Private Sector

Recognizing that the war on terror must be a national effort, State, local,
and tribal governments, law enforcement agencies, and the private sector
must have the opportunity to participate as full partners in the ISE, to
the extent consistent with applicable laws and executive orders and
directives, the protection of national security, and the protection of the
information privacy rights and other legal rights of Americans.

Within 180 days after the date of this memorandum, the Secretary of
Homeland Security and the Attorney General, in consultation with the
Secretaries of State, Defense, and Health and Human Services, and the DNI,
and consistent with the findings of the counterterrorism missions, roles,
and responsibilities review under section 1 of this memorandum, shall:

(i) perform a comprehensive review of the authorities and responsibilities
of executive departments and agencies regarding information sharing with
State, local, and tribal governments, law enforcement agencies, and the
private sector; and

(ii) submit to the President for approval, through the APHS-CT and the
APNSA, a recommended framework to govern the roles and responsibilities of
executive departments and agencies pertaining to the acquisition, access,
retention, production, use, management, and sharing of homeland security
information, law enforcement information, and terrorism information between
and among such departments and agencies and State, local, and tribal
governments, law enforcement agencies, and private sector entities.

c. Guideline 3 - Standardize Procedures for Sensitive But Unclassified
Information

To promote and enhance the effective and efficient acquisition, access,
retention, production, use, management, and sharing of Sensitive But
Unclassified (SBU) information, including homeland security information,
law enforcement information, and terrorism information, procedures and
standards for designating, marking, and handling SBU information
(collectively "SBU procedures") must be standardized across the Federal
Government. SBU procedures must promote appropriate and consistent
safeguarding of the information and must be appropriately shared with, and
accommodate and reflect the imperative for timely and accurate
dissemination of terrorism information to, State, local, and tribal
governments, law enforcement agencies, and private sector entities. This
effort must be consistent with Executive Orders 13311 and 13388, section
892 of the Homeland Security Act of 2002, section 1016 of IRTPA, section
102A of the National Security Act of 1947, the Freedom of Information Act,
the Privacy Act of 1974, and other applicable laws and executive orders and
directives.

(i) Within 90 days after the date of this memorandum, each executive
department and agency will conduct an inventory of its SBU procedures,
determine the underlying authority for each entry in the inventory, and
provide an assessment of the effectiveness of its existing SBU procedures.
The results of each inventory shall be reported to the DNI, who shall
provide the compiled results to the Secretary of Homeland Security and the
Attorney General.

(ii) Within 90 days after receiving the compiled results of the inventories
required under the preceding paragraph (i), the Secretary of Homeland
Security and the Attorney General, in coordination with the Secretaries of
State, Defense, and Energy, and the DNI, shall submit to the President for
approval recommendations for the standardization of SBU procedures for
homeland security information, law enforcement information, and terrorism
information in the manner described in paragraph (iv) below.

(iii) Within 1 year after the date of this memorandum, the DNI, in
coordination with the Secretaries of State, the Treasury, Defense,
Commerce, Energy, Homeland Security, Health and Human Services, and the
Attorney General, and in consultation with all other heads of relevant
executive departments and agencies, shall submit to the President for
approval recommendations for the standardization of SBU procedures for all
types of information not addressed by the preceding paragraph (ii) in the
manner described in paragraph (iv) below.

(iv) All recommendations required to be submitted to the President under
this Guideline shall be submitted through the Director of the Office of
Management and Budget (OMB), the APHS-CT, and the APNSA, as a report that
contains the following:

(A) recommendations for government-wide policies and procedures to
standardize SBU procedures;

(B) recommendations, as appropriate, for legislative, policy, regulatory,
and administrative changes; and

(C) an assessment by each department and agency participating in the SBU
procedures review process of the costs and budgetary considerations for all
proposed changes to marking conventions, handling caveats, and other
procedures pertaining to SBU information.

(v) Upon the approval by the President of the recommendations submitted
under this Guideline, heads of executive departments and agencies shall
ensure on an ongoing basis that such recommendations are fully implemented
in such department or agency, as applicable. The DNI shall direct the PM to
support executive departments and agencies in such implementation, as well
as in the development of relevant guidance and training programs for the
standardized SBU procedures.

d. Guideline 4 - Facilitate Information Sharing Between Executive
Departments and Agencies and Foreign Partners

The ISE must support and facilitate appropriate terrorism information
sharing between executive departments and agencies and foreign partners and
allies. To that end, policies and procedures to facilitate such
informational access and exchange, including those relating to the handling
of information received from foreign governments, must be established
consistent with applicable laws and executive orders and directives.

Within 180 days after the date of this memorandum, the Secretary of State,
in coordination with the Secretaries of Defense, the Treasury, Commerce,
and Homeland Security, the Attorney General, and the DNI, shall review
existing authorities and submit to the President for approval, through the
APHS-CT and the APNSA, recommendations for appropriate legislative,
administrative, and policy changes to facilitate the sharing of terrorism
information with foreign partners and allies, except for those activities
conducted pursuant to sections 102A(k), 104A(f), and 119(f)(1)(E) of the
National Security Act of 1947.

e. Guideline 5 - Protect the Information Privacy Rights and Other Legal
Rights of Americans

As recognized in Executive Order 13353 of August 27, 2004, the Federal
Government has a solemn obligation, and must continue fully, to protect the
legal rights of all Americans in the effective performance of national
security and homeland security functions. Accordingly, in the development
and use of the ISE, the information privacy rights and other legal rights
of Americans must be protected.

(i) Within 180 days after the date of this memorandum, the Attorney General
and the DNI, in coordination with the heads of executive departments and
agencies that possess or use intelligence or terrorism information, shall
(A) conduct a review of current executive department and agency information
sharing policies and procedures regarding the protection of information
privacy and other legal rights of Americans, (B) develop guidelines
designed to be implemented by executive departments and agencies to ensure
that the information privacy and other legal rights of Americans are
protected in the development and use of the ISE, including in the
acquisition, access, use, and storage of personally identifiable
information, and (C) submit such guidelines to the President for approval
through the Director of OMB, the APHS-CT, and the APNSA. Such guidelines
shall not be inconsistent with Executive Order 12333 and guidance issued
pursuant to that order.

(ii) Each head of an executive department or agency that possesses or uses
intelligence or terrorism information shall ensure on an ongoing basis that
(A) appropriate personnel, structures, training, and technologies are in
place to ensure that terrorism information is shared in a manner that
protects the information privacy and other legal rights of Americans, and
(B) upon approval by the President of the guidelines developed under the
preceding subsection (i), such guidelines are fully implemented in such
department or agency.

3. Promoting a Culture of Information Sharing. Heads of executive
departments and agencies must actively work to create a culture of
information sharing within their respective departments or agencies by
assigning personnel and dedicating resources to terrorism information
sharing, by reducing disincentives to such sharing, and by holding their
senior managers and officials accountable for improved and increased
sharing of such information.

Accordingly, each head of an executive department or agency that possesses
or uses intelligence or terrorism information shall:

a. within 90 days after the date of this memorandum, designate a senior
official who possesses knowledge of the operational and policy aspects of
information sharing to (i) provide accountability and oversight for
terrorism information sharing within such department and agency, (ii) work
with the PM, in consultation with the ISC, to develop high level
information sharing performance measures for the department or agency to be
assessed no less than semiannually, and (iii) provide, through the
department or agency head, an annual report to the DNI on best practices of
and remaining barriers to optimal terrorism information sharing;

b. within 180 days after the date of this memorandum, develop and issue
guidelines, provide training and incentives, and hold relevant personnel
accountable for the improved and increased sharing of terrorism
information. Such guidelines and training shall seek to reduce obstructions
to sharing, consistent with applicable laws and regulations. Accountability
efforts shall include the requirement to add a performance evaluation
element on information sharing to employees' annual Performance Appraisal
Review, as appropriate, and shall focus on the sharing of information that
supports the mission of the recipient of the information; and

c. bring to the attention of the Attorney General and the DNI, on an
ongoing basis, any restriction contained in a rule, regulation, executive
order or directive that significantly impedes the sharing of terrorism
information and that such department or agency head believes is not
required by applicable laws or to protect the information privacy rights
and other legal rights of Americans. The Attorney General and the DNI shall
review such restriction and jointly submit any recommendations for changes
to such restriction to the APHS-CT and the APNSA for further review.

4. Heads of executive departments and agencies shall, to the extent
permitted by law and subject to the availability of appropriations, provide
assistance and information to the DNI and the PM in the implementation of
this memorandum.

5. This memorandum:

a. shall be implemented in a manner consistent with applicable laws,
including Federal laws protecting the information privacy rights and other
legal rights of Americans, and subject to the availability of
appropriations;

b. shall be implemented in a manner consistent with the statutory authority
of the principal officers of executive departments and agencies as heads of
their respective departments or agencies;

c. shall not be construed to impair or otherwise affect the functions of
the Director of the Office of Management and Budget relating to budget,
administrative, and legislative proposals; and

d. is intended only to improve the internal management of the Federal
Government and is not intended to, and does not, create any rights or
benefits, substantive or procedural, enforceable at law or in equity by a
party against the United States, its departments, agencies, or entities,
its officers, employees, or agencies, or any other person.

GEORGE W. BUSH

# # #

===========================================================================
Return to this article at:
http://www.whitehouse.gov/news/releases/2005/12/20051216-10.html

 * Origin: (1:3634/12)