Jackson outlines vision for Secure Freight data clearinghouse
A centralized data repository of international supply chain transaction data would help advance a harmonized, global cargo security system, improve data privacy and help speed up the cross-border flow of legitimate goods, the No. 2 man at the U.S. Department of Homeland Security argued Tuesday.
Speaking to a skeptical audience at the annual conference of the American Association of Exporters and Importers in New York, Deputy Secretary Michael Jackson said that a third-party data warehouse owned and operated by the private sector “would allow us to pull supply chain data from multiple computer systems” to improve the automated risk assessment tools currently used to determine which ocean containers to inspect at foreign and U.S. ports.
The concept of a global freight exchange designed to collect commercial transaction data from all parties in the supply chain who have contracted or provided services for the production and movement of international shipments would form the third leg of the department’s Secure Freight Initiative. Jackson’s brainchild has been superseded since it was unveiled 18 months ago by an experimental program to test the concept of conducting integrated X-ray and radiation detection scanning of containers at foreign ports without the normal types of delays associated with such security measures. DHS also plans to collect a dozen commercial data elements from importers and carriers — the so-called “10+2” effort — 24 hours prior to vessel loading to help it target high-risk shipments.
Jackson’s speech provided the most extensive comments on the controversial data-mining concept since he introduced it at the department’s 2005 Trade Symposium. Jackson provided few additional details on how the global data exchange would work, but indicated that the department intended this summer to issue specifications and solicit contract offers to implement a limited data fusion center on a trial basis.
Jackson said he wants customs officers to be able to see purchase orders, fulfillment schedules and other types of commercial transactions soon after they are issued so that analysis can be done to identify any potential criminal or terrorist threat to smuggle contraband or weapons into the United States or other countries. Other types of trade data that would appear to fall within Jackson’s security domain are production management records, inventory records and advance ship notices from foreign suppliers.
Jackson said the supply chain data fusion center is analogous to a system used by the New York City Police Department. The police department uses dozens of databases to link arrest records, call complaints, traffic stops and other islands of information. The department recently fused all those types of information within minutes of a significant crime to find a perpetrator, he said.
The global trade exchange would not require additional investment in software or hardware to link to government systems, as is the case with the Automated Manifest System and the upcoming security filing of a dozen data elements about the shipper and receiver of freight because the data would come straight from existing databases, Jackson said.
“There’s a substantial amount of data resident in different operating systems of actors within the supply chain and our job is to get access to it,” he said.
Instead, an intermediary organization can aggregate the supply chain data and then flow it to the country of shipment destination so it can carry out an advance risk assessment. One country’s export data can become another country’s import data for security purposes and prevent countries from duplicating efforts to collect various streams of information multiple times at each border crossing. A more global, harmonized system is better than the current U.S.-centric approach towards cargo security and data requirements, he said.
The World Customs Organization has developed an umbrella security blueprint for customs organizations to follow. Jackson maintained that security standards don’t need to be identical, just organized in a similar fashion to reduce complexity for traders doing business in many countries.
The Secure Freight Initiative is the next generation program that builds off of the Container Security Initiative and the Customs-Trade Partnership Against Terrorism to push the nation’s borders out, according to Jackson. Those existing programs will then be able to be fundamentally restructured because they were good post-9/11 responses, but are not practical for the long run in their current form.
Under CSI, for example, the United States stations Customs officers at foreign ports to help identify suspicious containers for local authorities to inspect with imaging and radiation detection equipment. U.S. supply chain specialists travel the world to check security practices for foreign suppliers of importers seeking expedited clearance for implementing shipment controls.
Sending inspectors to dozens of countries, which in turn do the same thing to protect their inbound shipments, would “result in a massive movement of people all around the globe and burdening the cost of commerce,” Jackson said, suggesting that data sharing and outbound automated detections can eliminate the need for on-site officers around the world.
The data fusion centers, some contend, could also be the locus for uploading the imaging and radiation detection scans as well as video of physical inspections so that customs officers in one country can verify that it was done properly by their overseas counterpart.
“So we need networks to look at the information, harmonize the inspection processes according to minimum standards of security and then begin to do appropriate type of information sharing,” Jackson said.
Jackson said he welcomed the congressionally mandated “10+2” security filing as another good tool that can reduce the need for physical inspections, but also sounded ambivalent about it when he called it a “first generation response to terrorism.”
The data warehouse and mining approach may result in DHS pulling out the same data elements as are in the security filing, he suggested. Jackson said he is all for going back and killing programs that are no longer necessary or have been superseded by new technological innovations.
The government will pay for the pilot program, but eventually the cost of a third-party data repository will primarily be borne by the private sector users of the shipping system, Jackson said, pointing to the Hong Kong terminal operators model in setting up an integrated scanning model. The terminal operators there proposed installing the equipment and scanning every container through the gates and passing those read outs to the customs authorities for a per box fee.
Jackson said companies would find value in a system that creates efficiency and security at the same time.
“I believe that we can raise the bar to reduce the amount of hassle you get from moving goods in commerce (which) has value in terms of profitability and help you exercise your just-in-time systems,” Jackson said. The current approach “doesn’t give us the capacity to understand how to be flexible with fast cycle times” and the extra, more timely information can allow authorities to “disaggregate” supply chain movements so interceptions can occur during an early trucking leg, for example, rather than when everything gets bollixed up at the port, he said.
Anticipating criticism that DHS is going on a fishing expedition for sensitive business data, Jackson said he is “very sensitive about making sure we are not overly grasping in our desire for data” beyond what is necessary to reduce the risk of terrorists using the global shipping industry to secrete a destructive weapon and deliver it to the point of attack.
Having an intermediary organization that can aggregate supply chain data can actually ensure data privacy, he said.
“You can’t have Wal-Mart or Target having their confidential business being shared or leaked or not secured,” Jackson said.
Deborah Spero, deputy commissioner of Customs and Border Protection, said in a speech the day before that her agency has done a good job of protecting commercial data in its systems.
But Lee Sandler, a partner in Miami-based law firm Sandler, Travis & Rosenberg, noted that companies see their confidential business information leaked through loopholes in the system that allows business reporting services such as PIERS to publish commodity trade data and manifest information. Importers are allowed to request confidential treatment of their shipment information, but Sandler said if the name of the company entered differs by one character or space from the listing on file, or the data fields don’t match perfectly, the system does not recognize them as the same and spits out the information for public consumption.
Several trade specialists in the audience expressed extreme reservations about sharing their corporate data with a private sector entity with which they did not have a contractual relationship or with foreign governments, many of which have a worse track record than the United States of protecting data. A persistent worry is that corrupt officials may secretly sell the information they obtain to domestic competitors of foreign companies.