You are viewing an archived webpage. The information on this page may be out of date. Learn about EPIC's recent work at epic.org.

Suspicious Activity Reporting

Background

Suspicious Activity Reports are defined as "official documentation of observed behavior reasonably indicative of pre-operational planning related to terrorism or other criminal activity." The Nationwide Suspicious Activity Reporting (SAR) Initiative (NSI) is a "unified process for reporting, tracking, and accessing [Suspicious Activity Reports]." The NSI operates within the National Criminal Intelligence Resource Center, which is within the Bureau of Justice at the Department of Justice. The NSI is also supported by the Information Sharing Environment (ISE). ISE is comprised of "major urban area fusion centers" and their federal, state, local, and tribal law enforcement. ISE defines "suspicious activity"to include vandalism, photography, and questioning individuals "at a level beyond mere curiosity" about facility purpose or security procedures. The nationwide ISE-SAR process involves 12 intricate steps that are separated into 5 distinct phases: (1) planning; (2) gathering and processing; (3) analysis and production; (4) dissemination; and (5) reevaluation.

  1. The planning phase involves "production and dissemination of information products about terrorist plans, intentions, and capabilities" made available to ISE participants. These threat assessments are often made by Federal agencies based upon various unspecified information sources.
  2. The gathering and processing phase begins with observations or reports of suspicious activity. Both private citizens and government officials can make these observations. The suspicious activity is then reported to local law enforcement or to local, regional, or national offices of a federal agency. Local or federal agency officials then review the suspicious activity information. After this review, agencies make suspicious activity reports available to state or major urban area fusion centers.
  3. In the analysis and production phase, fusion centers or federal agencies conduct analytical reviews on the suspicious activity report and evaluate the existence of potential terrorist threats. In the event that no potential terrorist threat is found, the suspicious activity report can still be retained in local fusion centers or federal agency files in accordance with retention policies and rules.
  4. In the dissemination phase, potential terrorist threats become official ISE-SARs. ISE-SARs are then stored in fusion centers or ISE Shared Spaces where they can be accessed by law enforcement, homeland security personnel, and other ISE participants.
  5. The reevaluation phase provides feedback to organizations that create ISE-SARs. This feedback is designed to inform organizations their initial suspicions have "some validity" or conversely, to notify when the ISE-SAR was incorrectly designated.

EPIC's Interest

EPIC has a longstanding interest in the privacy implications of domestic surveillance and fusion centers. SAR presents privacy, civil liberties, and civil rights concerns. In particular SAR could be the basis for detaining and arresting people who pose no threat to public safety and who have engaged in no criminal activity. Additionally, SAR does not adhere to well-established legal parameters of probable cause and reasonable suspicion. Moreover, uncorroborated, adverse judgments about individuals are added to federal record systems without the clear protections of the Privacy Act. To the extent that this becomes a widely adopted policing techniques, there are significant implications for Constitutional and statutory rights.

Resources

News Reports

Share this page:

Defend Privacy. Support EPIC.
US Needs a Data Protection Agency
2020 Election Security