From: CDT Info [mailto:[log in to unmask]]
Sent: 15 January 2003 17:23
To: [log in to unmask]
Subject: CDT Policy Post 9.02: Concerns Over Datamining Grow
CDT Policy Post Volume 9, Number 2, January 14, 2003
A Briefing On Public Policy Issues Affecting Civil Liberties Online
from
The Center for Democracy and Technology
Contents:
(1) Broad Coalition Calls for Moratorium, Hearings on Federal Datamining
(2) Senators Raise Questions About TIA
(3) Datamining Unproven; Scope Undefined, Legal Basis Unclear,
Guidelines Lacking
____________________________________________
(1) Broad Coalition Calls for Moratorium, Hearings on Federal Datamining
A broad coalition of public interest organizations sent a letter to
Congress yesterday (1/14/03) asking for a moratorium on the Defense
Department's Total Information Awareness (TIA) program until key
questions about the "datamining" initiative have been answered.
CDT joined the ACLU, Americans for Tax Reform, and other groups in
sending a letter to the chairs and ranking members of four
congressional committees, urging that Congress put the brakes on TIA
and similar datamining operations until officials have demonstrated
the technique's effectiveness and explained how it will be controlled
to protect privacy.
The federal government already has invested $128 million in TIA, but
very little is known about how it works and whether Americans'
privacy is being protected. In particular, the letter seeks
information about the sources of the information used by TIA and
similar programs; the datamining applications already developed and
sent on to federal agencies; the uses of any information generated by
TIA or similar datamining programs; and how errors in the data or
applications might affect innocent Americans.
The organizations signing the letter include: CDT, the American
Civil Liberties Union; American Conservative Union, Americans for Tax
Reform; the Center for National Security Studies; the Eagle Forum;
the Electronic Frontier Foundation; the Electronic Privacy
Information Center; and the Free Congress Foundation.
The coalition's letter and other materials on datamining are
available at
http://www.cdt.org/security/usapatriot/implementation.shtml#surveillance
____________________________________________
(2) Senators Raise Questions About TIA
Last Friday (1/10/03), three Senators requested detailed information
from Attorney General Ashcroft about the Justice Department's use of
datamining. The letter from Senators Leahy (D-VT), Feingold (D-WI)
and Cantwell (D-WA) requested detailed information about ongoing
datamining operations underway within the Justice Department,
including details about where the Department is getting its
information, whether it is relying on any safeguards to ensure the
reliability of that data, and whether it views the Privacy Act as
imposing any restrictions on its datamining activities. The Senators
also asked about the Justice Department's work with the Total
Information Awareness project.
The letter further seeks justification for the seemingly redundant
Foreign Terrorist Tracking Task Force, a new Justice Department
entity that maintains its own "lookout list" and conducts
intelligence analysis -- despite the fact that the FBI already keeps
a Terrorism Watch List and has an Office of Intelligence established
to gather and analyze counter-terrorism intelligence.
Finally, the Senators' letter asks whether the Justice Department
intends to transfer its datamining operations to the new Department
of Homeland Security, the one agency statutorily tasked with
integrating information from various sources.
The Leahy/Feingold/Cantwell letter is also at
http://www.cdt.org/security/usapatriot/implementation.shtml#surveillance
____________________________________________
(3) Datamining Unproven; Scope Undefined, Legal Basis Unclear,
Guidelines Lacking
It is entirely desirable that the federal government make effective
use of information technology to prevent terrorism. However,
information collection and analysis proposals, like any other
anti-terrorism measure, must be subject to scrutiny and control at
two levels:
* Will the proposed measure be effective?
* Can the proposal be implemented in a way that is consistent with
Constitutional principles? (In the case of information systems, how
can the measure avoid unfairness, mistake and undue intrusions on
privacy?)
One of the most controversial information technology applications
being proposed in the fight against terrorism involves the technique
known as "datamining" - which includes the broad scanning of personal
data in government and private sector databases looking for patterns
that might offer predictions of terrorist conduct.
The federal government's use of datamining could grow dramatically.
The new Department of Homeland Security will be a center for analysis
of data from a wide range of sources. Also, in addition to the
Pentagon's TIA office, the FBI with its Trilogy program and the
Transportation Security Administration through its Computer Assisted
Passenger Profiling System (CAPPS II) are developing new abilities to
retrieve and analyze information maintained in their own databases
and in the databases of other government agencies and private
companies.
There is growing concern in Congress that these proposals are being
pursued before resolving key questions about scope, effectiveness,
and legality. For example, how will the government obtain the data -
by compulsory process, by purchase, by subscription, or by voluntary
sharing?
Even if the effectiveness of datamining is demonstrated, access to
non-public information should not proceed until guidelines have been
developed to govern the collection, retention and dissemination of
information. Attention must be paid to
* what information will be used,
* who will have access to it,
* what standards of accuracy and timeliness will be applied,
* how will "hits" be verified,
* how will results be characterized and disseminated,
* how will individuals be able to correct mistakes.
There also should be effective audit trails and robust review
mechanisms to protect against unauthorized access and inappropriate
use of information.
An initial discussion of these issues is found in the report of the
Markle Task Force on National Security in the Information Age:
http://www.markletaskforce.org/
____________________________________________
Detailed information about online civil liberties issues may be found
at http://www.cdt.org/ .
This document may be redistributed freely in full or linked to
http://www.cdt.org/publications/pp_9.02.shtml .
Excerpts may be re-posted with prior permission of [log in to unmask]
Policy Post 9.02 Copyright 2003 Center for Democracy and Technology
_______________________________________________
http://www.cdt.org/mailman/listinfo/policy-posts
************************************************************************************
Distributed through Cyber-Society-Live [CSL]: CSL is a moderated discussion
list made up of people who are interested in the interdisciplinary academic
study of Cyber Society in all its manifestations.To join the list please visit:
http://www.jiscmail.ac.uk/lists/cyber-society-live.html
*************************************************************************************
|