Interpol Taps IT To Help Prevent Terrorist Attacks

As the U.S. military and its allies hit Taliban targets in Afghanistan, U.S. law enforcement and security agencies have taken on the monumental task of using IT to facilitate information sharing and collaboration, and the International Criminal Police Organization, or Interpol, has stepped up its efforts to provide law enforcement officials worldwide with the information needed to prevent additional terrorist attacks.

"The Sept. 11 attacks on the United States caused us to take stock of the projects we were working," says Peter Nevitt, Interpol's director of information systems since 1997. Rising to the top of the priority list was finding ways to make air travel safer. For example, Interpol has an international database of fingerprints and photographs of criminals that should be made available at check-in, says Nevitt. "Airports are crowded, but there is technology available to take photos and check them against a database." Nevitt says Visionics Corp. demonstrated this type of technology at the 2001 Super Bowl in Tampa, Fla., but it's not been widely deployed.

Since last month's terrorist attacks, a program for tracking stolen identity documents has also become a priority for Interpol. Nevitt, a 30-year veteran of police forces throughout the United Kingdom, says Interpol will roll out two initiatives in the coming months. The first, which will determine when an identifying document has been stolen, will begin pilot-testing next week and will roll out by March, about six months ahead of schedule. The schedule for developing a second program, which will help law enforcement distinguish between genuine and forged documents, has been cut in half to 12 months.

Interpol has also started a pilot study with the FBI to link databases in much the same way supply-chain partners do in the business-to-business IT world. This pilot program focuses on non-sensitive data, such as stolen vehicle reports. Rather than upload that information several times a day to Interpol, there are about 110 countries that can query the FBI's database indirectly via Interpol's site. Nevitt says this type of collaboration will eventually be extended to more critical stolen items, such as weapons and explosives. "The aim is to line up a number of national databases," he says. "At this point, law enforcement officers are looking at only a small percentage of the information available. The new project will enable direct access to international databases, which is not so much a technical challenge as it is one with legal and policy dimensions to overcome."

Nevitt says Interpol has also contacted corporations it's partnered with in the past to find out whether any of their technology has law enforcement applications. Many financial institutions, for example, use data filtering applications to gather intelligence about their clients. Nevitt wonders whether that type of data extraction technology can be used to track the financial activity of criminals.

Interpol was formed in 1923 to coordinate law enforcement and crime fighting efforts of 14 European countries that had been slowed by national boundaries and differences in languages. Law enforcement agencies working at the national level often could not track criminals in other countries, Nevitt says. With Interpol, each member country established its own bureau staffed with professionals who have the language skills needed to communicate with other member bureaus.

Today, Interpol has more than 175 members, each represented by their respective national law enforcement agencies. The United States is represented by the FBI and other federal agencies that use Interpol's database to post and gather information. Interpol bureaus submit information to Interpol via E-mail attachments, which are subjected to a security clearance before the information is posted to the agency's database. Members connect with Interpol's network via X400 protocol, although Interpol is planning to replace its current network with an IP-based virtual private network within the next year.

Each member nation decides what information it sends to Interpol for inclusion in the database, as well as any restrictions regarding who can view this information. "The individual country is the owner of the information, and they also have to certify that it's accurate," Nevitt says.

The Interpol Criminal Information System, written by the agency to manage its law enforcement database, operates on an Oracle 8i platform and is scheduled for upgrade to 9i next year. Nevitt says Interpol chose Oracle over various competitors, such as Informix Corp. and Sybase Inc., because of Oracle's power, support, and functionality.

Boundaries to Interpol's work include funding, political willingness, and access to technology. "There's a significant divide between the technology haves and have-nots, and this is a significant problem for Interpol," Nevitt says. "Part of our mission is also to bridge that gap."