Privacy groups have demanded that the US Congress halt
the creation of a federal database of airline-passenger profiles
until more details are available, such as who would be included and
how it would be operated.
Meanwhile, the White House's chief information officer
questioned yesterday at a US House of Representatives hearing
whether that data-mining program would be effective.
At that hearing, a law professor and a congressman disagreed
over whether Congress should regulate government data-mining
efforts, while most witnesses praised the use of data analysis for
everything from reducing credit card abuse in government to
catching terrorists.
Jeffrey Rosen, a law professor at George Washington University
and legal affairs editor of The New Republic magazine, said that
"suspicionless surveillance of large groups of people" would
violate the Fourth Amendment to the US Constitution, which
guarantees freedom from unreasonable searches and seizures.
Rosen said the US Department of Defense's Total Information
Awareness (TIA) research project, which focuses on surveillance
through mass data mining, and the Transportation Security
Administration's proposed second version of the Computer Assisted
Passenger Prescreening System (CAPPS II), are examples of such
"mass dataveillance".
"It's possible to design data-mining technologies in ways that
strike better rather than worse balances between liberty and
security," Rosen told the Subcommittee on Technology, Information
Policy, Intergovernmental Relations, and the Census. That
subcommittee falls under the House Committee on Government
Reform.
"I urge Congress to accept the task of learning about the design
choices inherent in these technologies. You have it in your power
to strike a thoughtful balance between liberty and security, and
all you need now is the will," he said.
Congress has decided to put a hold on the hotly debated TIA
project, but Tom Davis, a Republican from Virginia who chairs the
full government reform committee, questioned whether regulating
data mining would slow the benefits of such technology.
Calling information retrieval the "oil of the 21st century,"
Davis said the benefits of data analysis are many. "My theory is we
need to be slow about coming in and over-regulating sometimes," he
said. "You let the industry come up with its own protocols before
the government comes in and starts imposing a regulatory and taxing
regime that could really stifle the growth and potential of
this."
Rosen asked Davis to consider whether data sharing appropriate
in private industry would be appropriate in national security
agencies. "Much of the history of our privacy laws for the past 50
years have been based on the idea that completely unregulated
information sharing is not consistent with the values of the
Constitution or American citizens," Rosen said.
"We don't want every low-level information officer in the field
to know ... that I'm late on my child-support payments or that I'm
late on my credit card. Complete transparency of information, total
unregulated use, which many Silicon Valley people are urging,
wouldn't be consistent with the values of the Fourth
Amendment."
Meanwhile, a coalition of civil liberties and privacy groups,
including the Electronic Frontier Foundation, the Electronic
Privacy Information Center and the Center for Democracy and
Technology, wrote a letter to Davis and ranking committee Democrat
Henry Waxman, urging Congress to stop the CAPPS II program unless
it was proven to be effective and consistent with privacy
principles. Saying CAPPS II would attempt to assess the security
risk of every single airline passenger based on commercial and
government data, the letter asks Congress to "start asking
questions about CAPPS II now".
But Mark Forman, associate director for information technology
and e-government in the White House's Office of Management and
Budget, said at the hearing that he too was waiting for details
about CAPPS II, and that the Transportation Security Administration
was tardy in answering his request. Forman said it did not make
sense for the government to spend "hundreds of millions of dollars
on a new IT system with very pretty screens" if it did not protect
the US against terrorism.
The Transportation Security Administration didn't have an
immediate comment on the letter or Forman's comments.
Beyond the proposed CAPPS II or TIA, the federal government does
not seem to have the kind of mass data-mining programs Rosen is
worried about, Forman added. In a search of government resources in
preparation for the House hearing, Forman said he found no
data-mining efforts that searched databases without first
pinpointing a suspect.
However, a series of witnesses praised the potential of some
data-mining applications. Paula Dockery, a state senator from
Florida, said the state has used data mining to gather more
information on suspected criminals, but the state required a
reasonable suspicion before its Financial Crime Analysis Center
turned its data analysis on a suspect.
Gregory Kutz, director of financial management and assurance for
the US General Accounting Office, said his agency has used data
mining to catch government employees misusing office credit
cards.
Rosen said he did not object to targeted investigations like
those at Kutz's agency, but he said mass sharing of data between
government agencies may violate federal privacy laws.
"If you're in any way concerned about restrictions on
information sharing ... you're going to have to think about this
issue afresh and decide to craft essential regulations for these
new technologies," he told the subcommittee.
More information about CAPPS II can be found at
http://www.tsa.gov/public/display?theme=44&content=535.