A Briefing On Public Policy Issues Affecting Civil Liberties Online
from
The Center For Democracy and Technology
(1) Broad Coalition Calls for Moratorium, Hearings on Federal Datamining
(2) Senators Raise Questions About TIA
(3) Datamining Unproven; Scope Undefined, Legal Basis Unclear, Guidelines Lacking
A broad coalition of public interest organizations sent a letter to Congress yesterday (1/14/03) asking for a moratorium on the Defense Department's Total Information Awareness (TIA) program until key questions about the "datamining" initiative have been answered.
CDT joined the ACLU, Americans for Tax Reform, and other groups in sending a letter to the chairs and ranking members of four congressional committees, urging that Congress put the brakes on TIA and similar datamining operations until officials have demonstrated the technique's effectiveness and explained how it will be controlled to protect privacy.
The federal government already has invested $128 million in TIA, but very little is known about how it works and whether Americans' privacy is being protected. In particular, the letter seeks information about the sources of the information used by TIA and similar programs; the datamining applications already developed and sent on to federal agencies; the uses of any information generated by TIA or similar datamining programs; and how errors in the data or applications might affect innocent Americans.
The organizations signing the letter include: CDT, the American Civil Liberties Union; American Conservative Union, Americans for Tax Reform; the Center for National Security Studies; the Eagle Forum; the Electronic Frontier Foundation; the Electronic Privacy Information Center; and the Free Congress Foundation.
The coalition's letter and other materials on datamining are available at http://www.cdt.org/security/usapatriot/implementation.shtml#surveillance
Last Friday (1/10/03), three Senators requested detailed information from Attorney General Ashcroft about the Justice Department's use of datamining. The letter from Senators Leahy (D-VT), Feingold (D-WI) and Cantwell (D-WA) requested detailed information about ongoing datamining operations underway within the Justice Department, including details about where the Department is getting its information, whether it is relying on any safeguards to ensure the reliability of that data, and whether it views the Privacy Act as imposing any restrictions on its datamining activities. The Senators also asked about the Justice Department's work with the Total Information Awareness project.
The letter further seeks justification for the seemingly redundant Foreign Terrorist Tracking Task Force, a new Justice Department entity that maintains its own "lookout list" and conducts intelligence analysis -- despite the fact that the FBI already keeps a Terrorism Watch List and has an Office of Intelligence established to gather and analyze counter-terrorism intelligence.
Finally, the Senators' letter asks whether the Justice Department intends to transfer its datamining operations to the new Department of Homeland Security, the one agency statutorily tasked with integrating information from various sources.
The Leahy/Feingold/Cantwell letter is also at http://www.cdt.org/security/usapatriot/implementation.shtml#surveillance
It is entirely desirable that the federal government make effective use of information technology to prevent terrorism. However, information collection and analysis proposals, like any other anti-terrorism measure, must be subject to scrutiny and control at two levels:
One of the most controversial information technology applications being proposed in the fight against terrorism involves the technique known as "datamining" - which includes the broad scanning of personal data in government and private sector databases looking for patterns that might offer predictions of terrorist conduct.
The federal government's use of datamining could grow dramatically. The new Department of Homeland Security will be a center for analysis of data from a wide range of sources. Also, in addition to the Pentagon's TIA office, the FBI with its Trilogy program and the Transportation Security Administration through its Computer Assisted Passenger Profiling System (CAPPS II) are developing new abilities to retrieve and analyze information maintained in their own databases and in the databases of other government agencies and private companies.
There is growing concern in Congress that these proposals are being pursued before resolving key questions about scope, effectiveness, and legality. For example, how will the government obtain the data - by compulsory process, by purchase, by subscription, or by voluntary sharing?
Even if the effectiveness of datamining is demonstrated, access to non-public information should not proceed until guidelines have been developed to govern the collection, retention and dissemination of information. Attention must be paid to
There also should be effective audit trails and robust review mechanisms to protect against unauthorized access and inappropriate use of information.
An initial discussion of these issues is found in the report of the Markle Task Force on National Security in the Information Age: http://www.markletaskforce.org/
Detailed information about online civil liberties issues may be found at http://www.cdt.org/.
This document may be redistributed freely in full or linked to http://www.cdt.org/publications/pp_9.02.shtml.
Excerpts may be re-posted with prior permission of ari@cdt.org
Policy Post 9.02 Copyright 2003 Center for Democracy and Technology
