Editor’s note: This is the second article in a three-part series on security threat group intelligence gathering in corrections. Read the first article here.
In the first article in this series, I discussed the reasons why intelligence gathering in correctional facilities is needed: the growing number of inmates with ties to drug cartels, gangs, extremist groups and other security threat groups. These inmates not only threaten facility security and correctional officer safety; they also represent an opportunity for correctional officers to work with their counterparts outside the facility to prevent and solve violent crimes.
Once we understand that such operations are needed—the why—the next step is to further define the mission and the process—the what.
The Mission of Intelligence Gathering in Correctional Facilities
Five key factors make up the mission of security threat group intelligence gathering operations in a correctional setting:
- Informed decision-making: The capacity for informed decision-making is vital in managing security threat groups or individual inmates who have advanced skills that can be used for criminal enterprise, such as computer expertise.
- Deterrence. Correctional officials need to perform proactive investigations and monitor security threat groups to detect and interdict emerging escape plots, drug introductions, planned violence, work and food strikes, and similar incidents well before they occur.
- Protection. The mission of a correctional institution includes providing a safe, secure environment for inmates and staff while protecting the community. Reducing this philosophy to its lowest common denominator, inmate “incapacitation” includes the prevention of continued criminal conduct, either inside the institution or outside in the community, through correspondence, telephone and video visitations, and in-person visits. The courts and the community have the reasonable expectation that inmates will stop committing crimes once they are incarcerated. To achieve this end, correctional officials must be provided with top-notch, high-quality intelligence.
- “Strategic intelligence.” Much of the preceding discussion has involved what can be defined as strategic intelligence. The identity of security threat groups, membership strength, their rules of membership, recruiting efforts, projected strength, recognition features such as the use of tattoos or symbolism, skill levels, preferred tactics, outside support, treaties, alliances, feuds with other groups, and similar forms of detailed information are all elements of useful strategic intelligence. In addition, foreknowledge of emerging threat groups—such as extremist organizations or white supremacist groups—just entering the criminal justice pipeline may all be defined as strategic intelligence.
- “Operational intelligence.” In contrast, operational intelligence (termed “tactical intelligence” in law enforcement and corrections) involves informed knowledge of current or pending criminal activity, such as drug introduction/distribution, escapes, planned violence, etc. Operational intelligence is a critical element in the capacity to perform proactive, as opposed to purely reactive, investigations. Operational intelligence permits direct deterrence and interdiction of criminal activity and violence before such events occur.
Security threat group intelligence gathering in correctional facilities will have little impact if the final intelligence product is not promptly distributed to those individuals on the front lines.
The Process of Intelligence Gathering in Correctional Facilities
The actual intelligence-gathering process can be broken down into five distinct phases:
#1: Collection. This phase encompasses a wide range of overt and covert collection plans. Most raw information is collected through “open sources” such as the news media, social media accounts, publications by the security threat groups themselves or their competitors, court records, and specialized journals dealing with organized crime, terrorism, and other similar threat issues.
In a correctional setting we can also easily gather “association” information—observations on whom an inmate eats with, walks with, recreates with and so on. This may be of value in defining an inmate’s specific role within a threat group and in any illicit activity being conducted. Although frequently of significant value, intelligence collected via covert means (such as direct surveillance, covert social media accounts, undercover operations, and authorized communications intercepts) represents only a portion of the total collection effort.
#2: Evaluation. Is the information collected credible and is the source reliable? Rumors and speculation may have their place but should be clearly labeled as such. Rumors must be segregated from validated information derived from a credible, informed source.
#3: Collation. The collection and evaluation of information is of little value if it is not sorted, labeled, filed and cross-indexed such as in electronic files or a database, so that it is retrievable by a wide variety of current and future criteria. Therefore, collation is a vital step that directly facilitates the actual analysis. A vast collection of potentially useful information is of small use if it cannot be retrieved in a thorough, timely and labor-effective manner.
#4: Analysis. The analysis function is the heart of the security threat group intelligence process. In this step, the various bits and pieces of sometimes seemingly unrelated information are compared or sequenced in such a manner as to show pattern, linkage and meaning. It is often useful to establish a hypothesis to help establish meaning; this may trigger an expanded collection plan for new pieces of information to test or mature the hypothesis.
#5:Dissemination. The preceding phases of security threat group intelligence gathering in correctional facilities will have little impact if the final intelligence product is not promptly distributed to those individuals on the front lines, who have the need to know. This dissemination phase, in many ways, is the most labor-intensive, and is also frequently the most misunderstood part of the process.
All the strategic value of operational intelligence can be lost if it is distributed so widely as to compromise an investigation in progress. Conversely, strategic intelligence must be distributed widely enough to aid staff in recognizing individual members of security threat groups and their illicit activities. Another concept that tends to greatly affect dissemination decisions is “third-party disclosure.” Many documents received from other agencies may not be directly reproduced and distributed. Instead, they must be used only as reference materials in producing an agency’s own intelligence documents. All this information must be validated in order to be included as security threat group intelligence.
Latin King Federal Racketeering Case Review
A case at a mid-sized county correctional facility in West Michigan where I was a sergeant and operations supervisor illustrates the effectiveness of the security threat group intelligence process within correctional institutions.
Strategic intelligence indicated that members of the Almighty Latin Kings were present within our inmate population. Specifically, one high-ranking member had been an active participant of inmate-on-inmate assaults, where several members of the Latin Kings would enter a rival gang member’s cell and proceed to conduct a group beating on that inmate. Intelligence information also indicated this same high-ranking member was still calling shots and issuing orders on the streets, all while being incarcerated inside our facility.
The box contained five years of collected “jail-house” intelligence on the Latin King organization operating out of our county as well as intelligence on all its individual members.
Years of previous intelligence indicated the Latin Kings were known to have committed acts of violence in furtherance of the gang, including attempted murder, shootings, fire bombings, beatings, stabbings and acts of witness intimidation in our community, which stretched as far back as back two decades.
Operational intelligence, developed through a confidential informant who was also incarcerated in our facility, and corroborated through various forms of surveillance, indicated the Latin Kings were continuing to operate their criminal enterprise from within the walls of our correctional facility. Due to strategic intelligence developed prior to this specific case, an intelligence collection plan was put into action to focus on this threat group as well as other groups known to have pledged to mutual-aid agreements with the Latin Kings.
WATCH: The author provides details on gang activity in the local
correctional facility and community
The intelligence gathering operation we began at the facility eventually proved to have a national payoff. In 2008, federal investigators approached me while I was an Operations Sergeant at our correctional facility. The investigators said they had heard I was “the local gang expert” and had some insight on the Latin King organization operating within the institution and in the community.
The federal investigators explained they were in the process of building a federal racketeering case against the local Latin Kings and wanted to solicit my help to begin collecting intelligence information within our facility on the Kings and its individual members. To start with, they were interested in jail records, bond records, inmate trust account records, visitation and telephone recordings.
With a smile on my face, I asked the investigators to stand by for a couple of minutes as I walked back to my office and retrieved a large box. I returned to the investigators and jokingly apologized for not placing a bow on the large box. Handing the box over to the investigators, I said the price for such a gracious gift was to coordinate a seat for me at the big table of other investigators working this case. I added that a steak dinner would be nice.
As the federal investigators opened the large box, a big smile gleamed over their faces. “You will have that seat at the table, and we will get you the biggest steak dinner that you can handle,” one of the investigators said.
Why were the investigators so pleased? The box contained five years of collected “jail-house” intelligence on the Latin King organization operating out of our county as well as intelligence on all its individual members. The information included thousands of hours of visitation and telephone recordings of known and suspected Latin King gang members; hundreds of copies of letters and communication between Latin King gang members; hundreds of screen shots and photos, videos and other communications from their social media accounts; and copies of the Almighty Latin King Manifesto (Constitution), Kings Prayer, Kings Oath and other Latin King replated documentation.
In a correctional setting we can also easily gather “association” information—observations on whom an inmate eats with, walks with, recreates with and so on.
I also provided them with a copy of our gang database, which listed all the local Latin Kings gang members and associates, street names, identifying scars, marks and tattoo images. I provided the investigators with five of my covert Facebook accounts, which included rival security threat groups and its members.
Ultimately, the database contained hundreds of validated security threat group members throughout the state of Michigan and into Chicago. The intelligence was key to the federal RICO case, which investigators built over several years, leading to the indictment of 31 gang members in 2013.
Playing a role in getting those criminals off the streets was not only the highlight of my career at the sheriff’s office. It also underscored the power of security threat group intelligence gathering in correctional facilities—and the role it plays in keeping our communities safe.
- Bureau of Justice Assistance. 28 CFR Part 23 Online Training. Accessed 1/30/21 from https://28cfr.ncirc.gov/
- Code of Federal Regulations. Part 23: Criminal Intelligence Systems Operation Policies. Accessed 1/30/21 from https://ecfr.federalregister.gov/current/title-28/chapter-I/part-23
- Cornell Law School. 28 CFR Part 23 – Criminal Intelligence Systems Operating Policies. Accessed 1/30/21 from https://www.law.cornell.edu/cfr/text/28/part-23
- Federal Prisons Journal
- Federal Register (7/31/2008). Criminal Intelligence Systems Operating Policies. Accessed 1/30/21 from https://www.federalregister.gov/documents/2008/07/31/E8-17519/criminal-intelligence-systems-operating-policies
- Homeland Security Digital Library. Guideline: 28 CFR Part 23, Criminal Intelligence Systems Operating Polices. Accessed 1/30/21 from https://www.hsdl.org/?abstract&did=441926
- Institute for Intergovernmental Research
- National Criminal Intelligence Resource Center
- National Criminal Justice Reference Service
- National Institute of Corrections Information Center. Gangs (Security Threat Groups). Accessed 1/30/21 from https://nicic.gov/gangs-security-threat-groups
- Regional Information Sharing Systems
- United States Department of Justice: The United States Attorney’s Office, Western District of Michigan