Dept of Homeland Security: inexcusable IT waste on ADVISE project

Dept of Homeland Security: inexcusable IT waste on ADVISE project

Summary: Following its $30 billion virtual fence debacle, the Department of Homeland Security (DHS) has disclosed another failed IT-related project, this one costing $42 million. DHS has suspended, and will likely cancel, a massive data-mining initiative on grounds that it violated privacy standards.

SHARE:
22

DepÂ’t of Homeland Security: inexcusable IT waste on ADVISE project

Following its $30 billion virtual fence debacle, the Department of Homeland Security (DHS) has disclosed another failed IT-related project, this one costing $42 million. DHS has suspended, and will likely cancel, a massive data-mining initiative on grounds that it violated privacy standards. Significantly, the program has also suffered from dramatic, severe, and systematic project management failures.

The ADVISE (Analy­sis, Dissemina­tion, Visu­ali­zation, Insight and Semantic Enhance­ment) program, which is still in the prototype and testing stage, is part of a large-scale, anti-terrorism data analysis operation run by DHS. As reported by the Christian Science Monitor, ADVISE is intended to "display data patterns visually as 'semantic graphs' – a sort of illuminated information constellation – in which an analyst's eye could spot links between people, places, events, travel, calls, and organizations worldwide." For additional background, see another Christian Science Monitor article written by Mark Clayton.

The DHS Privacy Office and the DHS Office of Inspector General have both issued reports criticizing the program for violating federal privacy guidelines. The program was also slammed for poor project management and oversight, with questions being raised about whether this custom software should have been written at all.

The DHS Privacy Office report is titled, DHS Privacy Office Review of the Analysis, Dissemination, Visualization, Insight and Semantic Enhancement (ADVISE) Program. From this report (emphasis added):

In response to the use of PII [personally identifiable information] in these ADVISE deployments, the Privacy Office recommends a set of short- and long-term responsive actions.

  • Short-term recommendations focus on ensuring full compliance with privacy protection requirements before continuing with ADVISE deployments and making better use of non-PII data during research and development efforts.
  • Long-term recommendations focus on integrating privacy compliance requirements into S&T’s overall project development processes and developing additional privacy guidance for future S&T programs.

The DHS Office of Inspector General report is titled, ADVISE Could Support Intelligence analysis More Effectively. These excerpts indicate serious program management failures (emphasis added):

The ADVISE program is at risk, due to a number of factors. Specifically, S&T [Science and Technology] program managers did not develop a formal business case for the research and development project, in part because they were unaware of requirements to do so. In addition, program managers did not address privacy impacts before implementing three pilot initiatives to support ADVISE. Further, due to inadequate data access and system usability, Office of Intelligence and Analysis (OI&A) analysts did not use the ADVISE pilot. Finally, because S&T did not effectively communicate and coordinate with DHS leadership about the benefits of ADVISE, departmental components have been unwilling to adopt ADVISE to support their intelligence analysis operations. As a result of privacy concerns, DHS has discontinued the three ADVISE pilots. Further, due to a lack of stakeholder commitment, program managers have stated that continuation of the ADVISE program is in question if an owner cannot be found to pay for future system operations and maintenance costs.

Furthermore, according to the Associated Press:

DHS' Science and Technology directorate "determined that new commercial products now offer similar functionality while costing significantly less to maintain than ADVISE."

Let's parse the comments made above, to see the real meaning:

  1. "Integrating privacy compliance requirements:" In other words, they should respect and obey privacy laws.
  2. According to the Associated Press: "The privacy office concluded that although required privacy analyses were ignored, the Privacy Act itself was not technically violated because the live data used were covered by privacy notices issued earlier for other programs that originally gathered the information." To put it more bluntly, due to technicalities, no one is going to jail over this abuse of privacy power.
  3. "Did not develop a formal business case:" Apparently, they spent $42 million on a hunch, without creating a business plan.
  4. "Unaware of requirements to do so:" How can someone responsible for a $42 million budget not realize planning is required?
  5. "Did not address privacy impacts:" Or, perhaps more accurately, did not care about privacy impacts.
  6. "Due to inadequate data access and system usability, Office of Intelligence and Analysis (OI&A) analysts did not use the ADVISE pilot:" The system was so poorly designed, it couldn't even be used.
  7. "Departmental components have been unwilling to adopt ADVISE to support their intelligence analysis operations:" In plain English, end-users weren't asked their opinions, so they refused to use the new system.
  8. "Lack of stakeholder commitment:" No one wants to touch this baby with a ten-foot pole.
  9. "New commercial products now offer similar functionality:" Meaning, DHS didn't need to build this thing, since they could have bought it off the shelf for a fraction of the cost.

Aside from the privacy issues, the project reads like a textbook case on engineering a spectacular IT failure. I believe the arrogance of this situation can be summed up as follows: "It's our money, we have plenty of it, and why are you hassling us anyway?" If a private sector project were run this poorly, heads would roll.

One bright side: this mess was disclosed, which means certain internal DHS control systems seem to be effective, at least after the fact.

Topics: Privacy, Security, Software

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

22 comments
Log in or register to join the discussion
  • Lots of backscratching, I'm sure

    This is what happens when lobbyists and insiders capture contracts. No need to really provide a working anything. Throw around jargon, promise the moon, befuddle and obfuscate. Just get them to sign on the dotted line and give out the money. A few well-placed phone calls, some money to grease the wheels and, voila, you have a contract.

    Call me cynical.
    ordaj@...
    • Call you cynical?

      No way. I would call you "experienced" in the IT sector. This type of program management is common throughout industry not just government.
      Art Royce
      • Its a common IT issue

        This situation represents internal arrogance and lack of accountability. It's an internal project, therefore, this is not a contracts or procurement issue.
        mkrigsman@...
        • Its a common ISSUE

          I believe your analysis is spot on. This attitude of personal and departmental arrogance combined with the apparent lack of any timely oversight at DHS breeds this sort of boondoggle. Worse, this is the department that is mandated to manage this country and it's citizens in the event of a declared national emergency. If that thought doesn't give you an adrenalin spurt I suspect you are already dead.
          sonoffar@...
  • Boy, don't you ALL feel so SECURE, now?

    :)
    OButterball
    • Actually, I did feel secure

      until DHS was formed. Then I started worrying that I and my neighbors were being sold a bill of goods.

      I never understood, and this only adds to my befuddlement, why do we need DHS? Civil Defense was doing fine until this administration took over.
      fuzzy2k
  • RE: Dept of Homeland Security: inexcusable IT waste on ADVISE project

    Another Govt. boondoggle that combined with all the other ones costs the taxpayers billions each year. No one is ever held accountable!!!!
    jerrygol2@...
  • RE: Dept of Homeland Security: inexcusable IT waste on ADVISE project

    Many people should be held accountable for this horrible waste of taxpayer money. We have to start policing our government and not the other way around. We MUST hold these people accountable for their ignorance and lack of respect for the taxpayer. I want to see some heads roll.

    Our rights and our pocketbooks are being trampled more and more every day and I couldn't be the tiniest bit more tired of it.
    Protector
    • The first principle of government..

      ..."Of the people, by the people, and for the people" is apparently "Screw the people."

      <p>And that's not real likely to change.
      Henrik Moller
    • Searching for scapegoats

      If heads have to roll, there are always square pegs to be rooted out. Like anyone who objected to doing the project this way. No one likes to hear "I told you so", and blaming him for the project failure has a certain rough justice.

      Very rough.

      In any organization, responsibility is spread widely among people who have no true connection to the potential fiasco. When everyone owns the project, no one owns the project. So blame can be placed as randomly as the parental justice discussed in the movie "Christmas Story".

      But you know that.
      Anton Philidor
  • RE: Dept of Homeland Security: inexcusable IT waste on ADVISE project

    Tipical Bush Admin Cronyism. No-body knowing what they are doing except "Take The Money and run"
    mels133@...
  • Homeland Security

    What about the Clinton years. They destroyed thousands of dollars worth of computer acc when they left the whitehouse. Oh I forgot he was a democrat and they never do any wrong. Just give secrets away to the Chinese.
    Bobby Joe Reed
    • Spoken like a TRUE suds-headed, ...

      ... three-first-names-no-surname Redneck. How about yer heroes Ronnie Raygun, King Bush I and Donny Rummysfeld shakin' hands with Saddam Hussein and talkin' about what a GREAT guy he was?

      Plenty of blame ta go around, Bobby Joe, from The Amazing Spineless Democraps to the Man/Boy-Loving-Bathroom-Footsie-Playin' Republicon Hypocrites.
      OButterball
    • Join the rest of us in the 21st Century.

      Clinton is not the president any more. Has not been for a long time.

      Get over it. If you spend your life walking backwards, you will trip over every obstacle you might have seen, were you facing forward.
      fuzzy2k
  • RE: Dept of Homeland Security: inexcusable IT waste on ADVISE project

    It's nothing more than 'Make work' to steal tax-payer dollars. The people we should be watching are the politicians and CEOs.
    ZenaPrincess
    • I'ts not "make work"

      Actually, it's work that was poorly planned by people who have no accountability how they spend $42 million.
      mkrigsman@...
  • RE: Dept of Homeland Security: inexcusable IT waste on ADVISE project

    This project is being publicly ended, and privately being outsourced to Singapore - where there is no oversight or restrictions on the invasion of personal privacy. Look for this to be funded with a "black" budget item and carried forward off the books. The feds are already gulping, processing and mining a terabyte per minute with their wide-net approach. Poindexter and his crew have been working on this for over 20 years. Like they'd just give up and walk away. Uh huh.
    Yo-Duh
    • This is a joke, right?

      I researched your comment and concluded this is a joke. If it's serious, please let me know. Thanks!
      mkrigsman@...
  • RE: Dept of Homeland Security: inexcusable IT waste on ADVISE project

    The Department of Homeland Security is a farce. They are mainly concerned with rearranging the deck chairs on the Titanic.
    stand3
    • Was the name of my former blog

      "Rearranging the Deck Chairs" was this blog's title before I moved over here to ZDNet.
      mkrigsman@...