DHS Axes All Advisory Committee Members
According to multiple news reports, the Department of Homeland Security has fired all current members of all DHS advisory committees, including the Cyber Safety Review Board. This is a dangerous move, based solely on politics, and is guaranteed to produce committees that will tell DHS what it (or, more accurately) Trump wants to hear. It’s also in flat-out contradiction to how such committees were run in the past.
A bit of personal background first. In the past, I served on or worked with two different DHS advisory committees, the Science and Technology Advisory Committee (HSSTAC) and the Data Privacy and Integrity Advisory Committee (DPIAC). (I’ve also served on many other FACA-regulated committees.) I was appointed to HSSTAC during George W. Bush’s second term and served into Barack Obama’s second term, and I became a subject matter expert for DPIAC around the start of Obama’s first term. In both cases, the DHS folks running the committees were scrupulous about adhering to the rules.
For HSSTAC, I was given a form that asked my political affiliation. The form stated explicitly that the information to be provided was voluntary and that legally they couldn’t require an answer, but that their purpose in asking was to be able to demonstrate to the press and the country that it was politically balanced, that it was not stacked for one party or the other. I declined to answer, but another committee member told me that he wrote down "liberal Democrat"—and they didn’t exclude him.
The membership was ideologically very diverse, with people like a county sheriff, a retired air force general, a high-level executive, several academics, and more. During one meeting, when we were discussing some recommendations, someone proposed an idea that seemed to have support. I asked, "Wouldn’t that be unconstitutional?" Another member, who had both a PhD and a JD, confirmed it—and it was dropped. Never mind ideology or preconception; we all wanted to follow the law.
Mind you, things weren’t perfect. HSSTAC was created by statute, and how much attention was paid to our recommendations depended on who the Undersecretary for Science and Technology was at the time. Some (I worked under several) valued our input; others did not. But there was never a question of partisan politics interfering.
DPIAC was even more interesting. At the very beginning of Obama’s first term, he charged DHS with telling him what to do about cybersecurity. He cared and he wanted an answer as soon as possible, from highly qualifed people. But standing rules still applied. The White House ordered that all members who needed it be given interim TS/SCI clearances. Homeland Security pushed back, saying that the rules did not permit interim SCI clearances—and the White House said, "OK—stick with standing policy." They did not try to override this. One person who was affected (and I won’t say who it was, though if you were my age you’d recognize the name) and had a head stuffed full of far more sensitive stuff than I’d ever dreamed of hearing had to miss some meetings, because his SCI clearance has lapsed. The Obama White House was not going to override standing policy, even though in his case there was almost certainly no risk.
Now, things weren’t perfect, either in terms of what we recommended, what was done with our recommendations, or how we operated. But I can say that no one cared about ideological or party leanings, just expertise. We never once tried to "push agendas that attempt to undermine its national security mission, the President’s agenda or Constitutional rights of Americans." From what I’ve seen of the CSRB’s activity (and that’s the only one I follow these days), they don’t, either.
The CSRB is an extremely vital activity. I’ve advocated for something like it since at least 2012, and have continued to write and speak on the subject, most recently in 2022. As Adam Shostack and I wrote when the Board was first created, it isn’t a perfect structure, but it’s far better than what we had before. If nothing else, the CSRB should be independent of DHS, just like the the National Transportation Safety Board is not part of the Federal Aviation Administration: sometimes, the NTSB has to criticize the FAA’s regulations. Similarly, the CSRB may have problems with how DHS regulates, say, the cybersecurity of critical infrastructure companies.
That said, gutting it for what appears to be political reasons, especially in the middle of something as important as the Salt Typhoon investigation, is seriously counterproductive and harmful to the economy and national security.
