New Vetting Center Is Flipping the Script on Watchlisting

To guard America’s borders against a lengthening list of threats, the new interagency National Vetting Center (NVC) is flipping the script on watchlisting, officials said Monday.

Instead of compiling lists of individuals believed linked to terrorism or some other threat, the NVC is figuring out how to leverage all the information held by U.S. government agencies about any individual applying for entry to the country, the center’s director, Monte Hawkins, told AFCEA International’s Federal Identity Forum and Expo in Tampa, Florida.

“We have vast amounts of identity intelligence data across the federal government,” said Hawkins, describing NVC's task as: “How do we bring that together to create a better picture around a person, both for analysis and vetting?”

Since it was stood up in December of last year, the center has been providing analytical support to adjudication decisions for the Electronic System for Travel Authorization, or ESTA, which takes online applications from people wanting to come to the U.S. from favored ally nations under the Visa Waiver Program.

Under the NVC’s implementation plan, the center will take on one or two more programs next year—in each case acting as a governmentwide clearing house for classified information about applicants for some kind of visa or immigration benefit.

“We do not take the approach of developing a particular pool” of suspected persons, added Casie Antalis, the center’s chief of staff. “What we are looking at is anyone applying under the ESTA program and then looking to see if there’s any information on those individuals.”

The center was established by the second of a pair of Trump administration presidential memoranda, NSPMs seven and nine — both designed to expand the post 9/11 information-sharing apparatus built to stop terrorists entering the U.S. to cover foreign hackers, weapons proliferators, international organized criminals and other kinds of threat actors—and extending it to aliens already in the country who apply for citizenship or other immigration benefits.

Since the orders were signed, the NVC and the parallel machinery inside the U.S. intelligence community established by NSPM seven have been building out policy frameworks and governance structures to facilitate this holistic approach to vetting, officials told attendees at a pre-conference training session of the Federal ID Forum.

“We’re establishing a policy framework that’s supported by technology,” said Emily Barbero, who works for the Department of Homeland Security chief information officer inside the department’s Intelligence and Analysis division. The idea, she added, was to “allow for use [of the data] in a much more real-time and dynamic basis by these agencies as their use cases come online.”

That process is complex and difficult because different agencies collect data under different authorities and have different rules about how it can be used, pointed out Kathleen Lane, the identity intelligence executive in the Office of the Director of National Intelligence.

“A lot of the challenges are policy related, not technological,” she said. “There are legal concerns about what data is being shared and who is it being shared with and what [purposes] is it being shared for.”

Although information sharing agreements have long existed to facilitate watchlisting of suspected terrorists, DHS analysts supporting ESTA adjudications, or other decisions about immigration benefits, still ended up relying on jury-rigged, stovepiped arrangements with intelligence or law enforcement agencies, explained former U.S. counterterrorism official Charles Bartoldus.

Sometimes, Bartoldus noted, the response to a query would come too late to be useful and in an unhelpful form. “The FBI would come back two months later … ‘OK, that person is in the country [now] and I can’t tell you what I know about them, but I may or may not have a concern,’” he said.

“There was no single system in place to take these people who needed to be vetted by the government … and return the information in a concise and useable format” to the adjudicators charged under law with making the decisions. “They had the responsibility … but they didn’t have access to all the data,” he said.

“Now the goal is to start with a person who is applying for a benefit or a privilege and say holistically, ‘What do we know about that person?’” said Bartoldus, now a senior advisor to consultants CT Strategies.

Lane explained that the new approach was trying to standardize sharing. “We’re trying to work to do one to many [interagency] agreements,” she said. “Historically, we’ve used one to one.”

The new approach, officials said, is building an infrastructure that’s mission-agnostic, rather than the existing machinery which is focused solely on counterterrorism. “By inverting watchlisting, the NVC is creating a really powerful tool that could change how government does identity intelligence for good,” said Janice Kephart, former 9/11 commission staffer and CEO of Identity Strategy Partners.