The Government Accountability Office (GAO) says federal agencies obtained and shared social media posts and other publicly available information (open source data) on potential criminal activity prior to January 6, 2021.
GAO issued a sensitive report in February regarding open source data in relation to the January 6 attack on the Capitol. It has now shared some of this information publicly.
All 10 of the agencies that GAO reviewed— including the Federal Bureau of Investigation (FBI) and the Department of Homeland Security (DHS) Office of Intelligence and Analysis who have lead roles in countering domestic terrorism and violent extremism—were aware of open source data about planned events on January 6, and seven were aware of potential violence planned for that day.
Local agencies also had roles in assessing and sharing information and coordinating with federal agencies related to January 6.
GAO found the 10 federal agencies obtained the data through manual web searches, sharing with each other, and social media platforms. Facebook and Parler representatives told the government watchdog that the platforms shared information with “a federal agency” regarding potential violence at the U.S. Capitol on January 6.
Prior to January 6, the FBI reviewed information regarding an online threat that discussed calls for violence, including “Congress needs to hear glass breaking, doors being kicked in, and blood…Get violent…Go there ready for war.” In addition, in mid-December 2020, DHS’s Office of Intelligence and Analysis received information regarding threats to Congress and elected officials and discussions of bringing guns into D.C. on January 6. Further, one agency received data from a social media platform on December 24, 2020, that included a user threatening to kill politicians and coordinate armed forces on January 6.
Seven of the 10 agencies reviewed developed 38 election-related threat products based partly on open source data to inform security planning. Twenty-six of those were about planned events for January 6. Of those, the FBI prepared one and DHS prepared two threat products.
The 26 products included these threats:
- Potential for violence between opposing groups. Six agencies identified that violence could occur if opposing groups came into contact.
- Groups or individuals may be armed. Five agencies identified that individuals or groups planned to attend events while armed.
- Groups or individuals may use improvised weapons. Three agencies identified that individuals may use weapons, such as explosives.
- Extremist groups may commit or incite violence. Seven agencies identified that extremists could incite violence at demonstrations.
- Groups may attack the Capitol or Congress. Two agencies identified the Capitol or Congress as targets of violent attacks based on election results.
This report, which was made public in part on May 2 is the fifth in a series of GAO reports on aspects of the Capitol attack. The watchdog’s planned final report in the series will assess the extent to which agencies shared and used threat-related information, including open source data, to prepare security measures for the events of January 6.
In March, a report by the Office of Inspector General (OIG) at DHS said that inexperienced open source data collectors at the Office of Intelligence and Analysis were unsure about when information should be reported and were critical of the training they had received.
OIG’s review found that Intelligence and Analysis did email threat information to its local partners in the Washington, D.C. area on several occasions before the events at the U.S. Capitol. This would tie in with GAO’s findings that federal agencies did indeed share information. However, OIG found that this data was not as widely disseminated as typical intelligence products. It set out several recommendations for DHS, which the agency is working to complete by July.
GAO’s final report will likely fill in the remaining gaps and reveal any deficiencies that still need to be weeded out in order to improve how open source data is used as vital intelligence to prevent future attacks.
