Let us please be civil and as always, Caveat Lector. ======================================================================== Archives Available at:
http://www.mail-archive.com/[EMAIL PROTECTED]/ <A HREF="">ctrl</A> ======================================================================== To subscribe to Conspiracy Theory Research List[CTRL] send email: SUBSCRIBE CTRL [to:] [EMAIL PROTECTED]
To UNsubscribe to Conspiracy Theory Research List[CTRL] send email: SIGNOFF CTRL [to:] [EMAIL PROTECTED]
Om
--- Begin Message --- -Caveat Lector-Digital Agenda: A global assault on anonymity | Thu, 21 Oct 2004 08:44:02 -0400 | Source: news.com.com
The use of data mining represents a technological sea change in the way the federal government gathers, stores and analyzes information on its own citizens--perhaps the most substantial transformation in domestic intelligence since the excesses of FBI Director J. Edgar Hoover led to sweeping privacy law reforms in the mid-1970s.
The trend has already led to a string of colossal public-relations disasters, including defunct initiatives such as the Pentagon's Total Information Awareness program and the CAPPS II airline passenger-screening project, but the promise of data-mining and data-sharing technologies remains too tempting for government agencies to resist.
~~~~~A global assault on anonymityBy John Borland
Staff Writer, CNET News.com
October 20, 2004, 4:00 AM PDTTo show why the government's terrorist-finding database doesn't work, Elizabeth LaForest points to her own case file: While her arrest records are authentic, these days the 89-year-old Roman Catholic nun doesn't often run afoul of the law when taking part in peace demonstrations.
So Sister LaForest joined the American Civil Liberties Union this year to sue the state of Michigan, charging that a controversial law enforcement data-sharing program there was breaking the state's privacy laws.
"I have been very concerned about our privacy rights--they're all being taken away," she said in an interview from her retirement home in Oakland County, Mich. "That's one of the rights we have in the Constitution."
Privacy organizations have fought an uphill battle on Fourth Amendment protections since the terrorist attacks of Sept. 11, 2001, particularly in the area of high-tech surveillance. But the debate has taken on particular urgency with advancements in "data mining," a technology used to identify patterns based on the millions of bits of information stored in public and commercial computer systems.
The use of data mining represents a technological sea change in the way the federal government gathers, stores and analyzes information on its own citizens--perhaps the most substantial transformation in domestic intelligence since the excesses of FBI Director J. Edgar Hoover led to sweeping privacy law reforms in the mid-1970s.
The trend has already led to a string of colossal public-relations disasters, including defunct initiatives such as the Pentagon's Total Information Awareness program and the CAPPS II airline passenger-screening project, but the promise of data-mining and data-sharing technologies remains too tempting for government agencies to resist.
Civil libertarians say they recognize the importance of such technologies in counterterrorism efforts but stress that these programs must be accompanied by parallel changes in laws. Rather than deal with objections after the fact, they say the government must build privacy protections into these programs from their inception.
"We need to write those rules, and they need to be part of the system," said
Can computers predict terrorists?
In theory, data-mining technologies are supposed to yield millions of bits of information on background and activities, creating patterns that might eventually help authorities identify terrorists before they strike. But no technology is perfect, and civil-rights advocates warn about the prospect of bad data and "false positives," or an incorrect identification match, in an era when terrorist suspects are held for months or years without being charged.The most ambitious data-mining proposal came quickly after Sept. 11 in the form of the Total Information Awareness project, launched in 2002 and run by retired Rear Adm. John Poindexter at the Defense Advanced Research Projects Agency (DARPA). Poindexter, a key figure in the Iran-Contra scandal, envisioned "ultra-large-scale" database technologies that would search commercial and government databases while monitoring information streams such as retail transactions to identify "signature" behaviors of terrorists.
"We must become much more efficient and more clever in the ways we find new sources of data, mine information from the new and old, generate information, make it available for analysis, convert it to knowledge and create actionable options," Poindexter
After an outcry among civil liberties groups, the TIA program was scaled back before Congress eliminated its funding. Many technologists, led by the
CAPPS II (Computer Assisted Passenger Prescreening System)--a proposed successor to today's rudimentary passenger-screening system--met a similar fate after its own flirtation with what the government calls "automated risk assessment."
In early 2003, the Transportation Security Administration
Privacy groups complained again, saying the program was a form of discrimination against travelers on the basis of information that could not be checked or challenged. Like Poindexter, the TSA relented and announced last month that a new system called Secure Flight would be put in place instead.
David Stone, assistant secretary of homeland security, said that the new system will check passenger information against a "no fly" list maintained by the government to hunt for those with known terrorist connections but that it will not assign a risk score.
"CAPPS II ultimately got shut down because when you compared the need for information sharing against the rights of the citizens, we found it unbalanced," said Greg Baroni, president of the global public-sector unit at Unisys, a company that has significant technology contracts with the TSA. "That didn't mean that the goal would be thwarted. Alternative plans went into motion."
Despite these setbacks, data sharing and data mining are making steady inroads within federal security agencies. The most immediately realistic tasks have proven to be sharing data between agencies and simultaneous searching of multiple databases in and out of government circles.
One of the most public examples of this kind of new search tool is the program targeted in Sister LaForest's lawsuit, called MATRIX. That system, whose name stands for "We need to write those rules, and they need to be part of the system."
--James Dempsey
executive director, Center for Democracy and TechnologyMATRIX was created largely by Florida technology company Seisint, recently acquired by LexisNexis, with help from state officials and a grant from the Department of Homeland Security. The pilot program has taken public records from five states--information such as driver's license and vehicle registrations--and made that searchable along with Seisint's own mass of commercial data.
That means, for example, that an investigator might type in a partial license plate number seen by a witness and immediately get results for all the possible vehicles within a 50-mile radius of the sighting, as well as driver's license photos for the vehicle owners.
'Just an investigative tool'
Law enforcement officials say privacy concerns stemming from the program are misplaced. The same checks of arrest records, driver's license details, addresses and other information would be done, anyway, they say, but would take days to complete rather than hours."It is a tremendous time-saving tool," said Mark Zadre, chief of investigations at the Office of Statewide Intelligence in Florida's Department of Law Enforcement. "The system does not solve anything--it's just an investigation tool. We hit a 'submit,' not a 'solve,' button."
The Michigan lawsuit against the program is based on a 1980 law that bars Florida from sharing records with out-of-state intelligence agencies.
"We're not asking to stop the world and prohibit technology from moving forward," said Noel Saleh, a lawyer for the ACLU Fund of Michigan. "But if we're going to have this kind of expanded information, we need to have some government and privacy oversight to make sure the rights of individuals are not trampled on."
Mug shots taken with Identix's TouchPrint kit can be automatically inserted into a searchable database.According to documents the ACLU obtained through a Freedom of Information Act request, the original MATRIX program sent 120,000 names to the federal government that scored high on a list of possible terrorist indicators, including age, gender, credit rating and "proximity to 'dirty' addresses."
Other data search tools are potentially even more powerful, though less public.
A recent report from the Government Accountability Office identified a handful of data-mining tools with similar capabilities used by federal agencies. One of these was the
Officials at the defense agency did not return calls asking for further details. Executives from Verity declined to say specifically how their technology was used but did describe in general how it might function.
Verity's K2 is a search and indexing tool, rather than a database itself. It can target many types of sources, such as Web sites, internal intelligence databases or even the flow of information over an agency-monitored network. While not a monitoring device itself, K2 organizes results from these sources and can notify investigators when information relevant to a query comes up.
"The idea of clicking a magic button and having software issue an APB to arrest someone in Iowa is not going to happen, and shouldn't happen," said Andrew Feit, Verity's senior vice president of marketing. But software can "start to look for relationships between events and documents that can be truly data mined out of a database," he said.
The tension between privacy advocates and ambitious technology programs has slowed progress in data tools, and some researchers believe that basic compromises between security and privacy have been ignored by both sides.
