In October 1997 a businessman travelled to the US to
attend a two-day business meeting. Having correctly completed
the immigration forms on the plane the businessman was
granted the standard 3 month visa. He returned to the
UK on schedule, 2 days after arriving in the US.
The same businessman travelled to the US two years later,
but upon arrival, was held by IS staff who believed that
he had overstayed on a previous visa. Despite being unable
to prove that he had not overstayed, after a 45 minute
discussion the businessman was allowed to stay for his
trip. This situation was to occur on a further two subsequent
visits where he was held in the same way for the same
reason.
On the fourth visit to the US the businessman was travelling
with his young family, softening the approach of the IS
officials who, on the spot, took the trouble to look into
his case.
Within 5 minutes the IS officer apologised profusely, having
identified that the cause of the problems was nothing to
do with the businessman or his actions, but was a result
of a simple input error. The IS policy is to award 3-month
visa's to visitors applying in transit. The visit took place
in October 1995, thus the visa was due to expire in January
1996. The person entering the data in the "expiry" field
entered "January 1995", having calculated the month of expiry
but forgetting to change the year.
In effect, the businessman's visa had expired 9 months
before it was awarded, something that probably does not
comply with IS policies and procedures.
Identification of Issue
The symptoms of this issue were evident in that the business
man claimed he had not overstayed where as the IS data
suggested he had. Surprisingly this was to happen on more
than one occasion. Despite this the issue went unidentified
for many years.
In reality the issue was finally identified through someone
taking the trouble to look at the actual data, which showed
that the record was created showing a visa to have expired
BEFORE it was awarded, clearly contrary to normal IS policy
and procedure.
Cause
Input error (as believed
by US IS) or application logic error where the application
failed to calculate the correct year.
Implications to the US IS
Management Information
The statistics used for planning and financing this department
will have been in-accurate, showing more "over-stayers"
than there were in reality
Costs
- It is difficult to determine the extent of the costs
as it is impossible to know how much effort the IS invests
in trying to trace someone who was not there. One might
assume that, as the person was so difficult to trace (as
he was not actually there) the IS may have spent more
as a result of believing this person was good at avoiding
them, for some dubious reason.
Resources and efficiency
At the very least the Immigration Service used over one
half of a man-day in talking with the businessman over the
4 visits that followed the error.
Operational Integrity
This incident highlights a particularly concerning facet
of the IS's policies and procedures. The businessman was
allowed to enter the country without having or being able
to prove he had not overstayed on the previous visit. One
assumes that this is because the IS knows there are flaws
in their visa system, such as the entering of the wrong
year, which forces them to accept mere verbal claims of
those wishing to enter the country where IS intelligence
suggest they should not be permitted. This is probably the
most serious of implications that have far more ramifications
given today's age of heightened security.
Solution
Issue Identification
Issue
Resolution
Issue Prevention
A RAS
data audit would have identified this as a single case
amongst the many millions of records held by US IS, and
would have done so in less than 1 day. Just as easily this
would have identified a million records and ten's of millions,
within the same period.
A RAS Rectifier
solution would have enabled the US IS to automate the process
of amending the dates where it was apparent that the input
clerk had failed to amend the year. For example, where a
visa been issues with had an issue date of October of a
particular year, and an expiry in January of the same year
(before it's issue) then as the visa had been issued the
US IS could simply amend the year in the expiry date to
correct the fault, and a RAS
Rectifier solution would have completed this task over
millions of records within hours and without human intervention.
A RAS Enforcer
solution would have notified the input clerk of the error
and prevented the record from being created with this sort
of anomaly. Where a user persisted in trying to create such
a record, RAS Enforcer
would not allow it and, where required, provide an alert
of this sort of activity, thus potentially identifying fraudulent
or other improper activity on the part of the user.
