U.S. Intelligence Executive Lays Out Identity Agenda

For U.S. intelligence agencies, identity is all about “trying to find bad guys,” said Kathleen Lane, the identity intelligence executive for the Office of the National Director of Intelligence.

In a rare public appearance at the AFCEA International Federal Identity Forum and Expo in Tampa, Florida, Lane explained that her attendance was part of a push by ODNI to be more transparent about the increasing U.S. use of identity intelligence.

She said the ODNI defines identity intelligence as “the collection, analysis, exploitation and protection of identity attributes in support of U.S. national interests,” where “identity attribute is any piece of data that can be used independently or in combination with other data to identify an individual.”

Those attributes could be “biometric, biographical and contextual or behavioral,” she said, adding that the way ODNI thinks about identity is “not that different from what I’ve heard here” at the conference about how law enforcement, civilian agencies and even the private sector are doing so.

One similarity is in the increasing use of big data and the rich contextual information it can provide. With a foreign hacker, for instance, “who cares what their name and address are and you may never get a biometric on them, but you may have different patterns of programming or activity” that can identify them.

Financial information was a particularly useful form of contextual identity data, she said. “If you want to know a lot about me, all you have to do is look at my credit card records. They will tell you where I go day to day, where I travel, where I shop. … It’s a rich source of data that can be used not only to track people … but can tell us about their intent, their relationships.”

Analyzing such “pattern of life, behavioral activity” can also be used to find other, unknown threats, she said. “If you have a known [bad guy] … and he is traveling to these foreign countries and stopping at these particular places … well maybe there’s someone else that has a similar pattern and he might be a nefarious actor as well,” she explained.

Lane, who was appointed last year, is the first person to hold the identity intelligence post, which was created by the second of a pair of Trump administration presidential memoranda, NSPMs seven and nine. The memoranda mandated the nation’s intelligence agencies to collaborate to share identity intelligence about possible threat actors — and to use it to support officials trying to make decisions about who to let into the country.

In setting up this national identity intelligence enterprise, Lane said, she first needed a strategy. “To build a strategy, you have to see everything you have out there,” she said, adding that, “We have identity information all over the [intelligence] community ... How do we want to get that organized in order to maximize our output.”

The two memoranda also mandated for the first time that intelligence agencies “share all that [identity] information not only within the IC but ... all across the U.S. government [for example with] … my DHS colleagues [at the National Vetting Center] in support the vetting activity. That’s new for us.”

The memoranda also expand post 9/11 information sharing mandates from counterterrorism to cover other kinds of threat actors — like foreign hackers and military officials, weapons proliferators, spies and international organized criminals. That last category “enters the realm of law enforcement,” said Lane, “which is sometimes legally dicey for us.”

To ensure that intelligence agencies stay in their lane and within their authorities, Lane said she was looking at both technical architecture and policy frameworks.

There were various kinds of technology that might help, she said. “We are looking at … programming techniques for mass analytics of large volumes of different types of data in different computing environments, without moving the data.” Because moving large volumes of data can be expensive and difficult, even in the civilian world, and is doubly so in intelligence.

“Usually where the data lies, is where the authorities [to collect and analyze it] lie, so by leaving it where it is, we get to skip over some legal issues,” she said.

Technical challenges like that were often the easiest to overcome, she said, but getting timely funding to keep up with changing technology was always an issue. “It’s frustrating sometimes to want to know where you want to go and then wait a year for the money to come in to do it and some things may have changed along the way,” she said.