The Project on National Security Reform has released its recommendations in a detailed report.
The Project on National Security Reform has relayed its recommendations to the President, President-elect, and Congress. Pending approval of reforms, the Project is ready to support government leadership in implementing the recommendations through preparation of draft presidential directives, changes to Senate and House rules, and a new National Security Act to replace many provisions of the 1947 legislation.
Of particular interest to me was the section on impediments to information sharing. Among those listed were:
- Poor interoperability on the classified side
- Overclassification
- The proliferation of the “sensitive but unclassified” designation
- Confusing technical connections with collaboration
- Information systems are missing common data abstraction, protocols, and compatible business logic
- Inability of systems to understand business limitations and context of data
These aren’t surprising. If you look at the 2008 Annual CIO Challenges Survey, challenges 2 through 4 are related:
- Balancing information sharing and security/privacy requirements
- Obtaining adequate funding for IT programs and projects
- Simplifying business processes to maximize the benefit of technology
Adequate funding with policy enforcements should help address these challenges.
You can find some on-line analysis/critique/discussion here. Other discussion can be found on twitter. Thanks to John Bordeaux for his work on the PNSR and for Chris Dorobek for his heads up on the CIO report.
{ 2 comments… read them below or add one }
Daniel Tunkelang 12.20.08 at 6:04 pm
I’ve been wondering if technology can address the problem of overclassificaiton. For example, I wonder how often a highly classified document contains identical content to a less classified one. I’m sure it’s rarely that black and white, but I wonder if a de-duping approach could at least reduce the problem.
dave fauth 12.20.08 at 11:09 pm
Daniel,
This is a multi-pronged problem of which technology can solve some of it. One problem is most people over classify information to begin with. It is a lot easier to overclassify than to properly classify information.
Technology can solve part of the problem is the data is properly marked. At that point, data sharing becomes much easier. However, many legacy systems aren’t capable of supporting the markings.
Finally, there are multiple standards for marking. Justice Department, DoD and the ODNI all have different standards.