US government faces clash over data mining

Privacy groups have demanded that the US Congress halt the creation of a federal database of airline-passenger profiles until...

Privacy groups have demanded that the US Congress halt the creation of a federal database of airline-passenger profiles until more details are available, such as who would be included and how it would be operated.

Meanwhile, the White House's chief information officer questioned yesterday at a US House of Representatives hearing whether that data-mining program would be effective.

At that hearing, a law professor and a congressman disagreed over whether Congress should regulate government data-mining efforts, while most witnesses praised the use of data analysis for everything from reducing credit card abuse in government to catching terrorists.

Jeffrey Rosen, a law professor at George Washington University and legal affairs editor of The New Republic magazine, said that "suspicionless surveillance of large groups of people" would violate the Fourth Amendment to the US Constitution, which guarantees freedom from unreasonable searches and seizures.

Rosen said the US Department of Defense's Total Information Awareness (TIA) research project, which focuses on surveillance through mass data mining, and the Transportation Security Administration's proposed second version of the Computer Assisted Passenger Prescreening System (CAPPS II), are examples of such "mass dataveillance".

"It's possible to design data-mining technologies in ways that strike better rather than worse balances between liberty and security," Rosen told the Subcommittee on Technology, Information Policy, Intergovernmental Relations, and the Census. That subcommittee falls under the House Committee on Government Reform.

"I urge Congress to accept the task of learning about the design choices inherent in these technologies. You have it in your power to strike a thoughtful balance between liberty and security, and all you need now is the will," he said.

Congress has decided to put a hold on the hotly debated TIA project, but Tom Davis, a Republican from Virginia who chairs the full government reform committee, questioned whether regulating data mining would slow the benefits of such technology.

Calling information retrieval the "oil of the 21st century," Davis said the benefits of data analysis are many. "My theory is we need to be slow about coming in and over-regulating sometimes," he said. "You let the industry come up with its own protocols before the government comes in and starts imposing a regulatory and taxing regime that could really stifle the growth and potential of this."

Rosen asked Davis to consider whether data sharing appropriate in private industry would be appropriate in national security agencies. "Much of the history of our privacy laws for the past 50 years have been based on the idea that completely unregulated information sharing is not consistent with the values of the Constitution or American citizens," Rosen said.

"We don't want every low-level information officer in the field to know ... that I'm late on my child-support payments or that I'm late on my credit card. Complete transparency of information, total unregulated use, which many Silicon Valley people are urging, wouldn't be consistent with the values of the Fourth Amendment."

Meanwhile, a coalition of civil liberties and privacy groups, including the Electronic Frontier Foundation, the Electronic Privacy Information Center and the Center for Democracy and Technology, wrote a letter to Davis and ranking committee Democrat Henry Waxman, urging Congress to stop the CAPPS II program unless it was proven to be effective and consistent with privacy principles. Saying CAPPS II would attempt to assess the security risk of every single airline passenger based on commercial and government data, the letter asks Congress to "start asking questions about CAPPS II now".

But Mark Forman, associate director for information technology and e-government in the White House's Office of Management and Budget, said at the hearing that he too was waiting for details about CAPPS II, and that the Transportation Security Administration was tardy in answering his request. Forman said it did not make sense for the government to spend "hundreds of millions of dollars on a new IT system with very pretty screens" if it did not protect the US against terrorism.

The Transportation Security Administration didn't have an immediate comment on the letter or Forman's comments.

Beyond the proposed CAPPS II or TIA, the federal government does not seem to have the kind of mass data-mining programs Rosen is worried about, Forman added. In a search of government resources in preparation for the House hearing, Forman said he found no data-mining efforts that searched databases without first pinpointing a suspect.

However, a series of witnesses praised the potential of some data-mining applications. Paula Dockery, a state senator from Florida, said the state has used data mining to gather more information on suspected criminals, but the state required a reasonable suspicion before its Financial Crime Analysis Center turned its data analysis on a suspect.

Gregory Kutz, director of financial management and assurance for the US General Accounting Office, said his agency has used data mining to catch government employees misusing office credit cards.

Rosen said he did not object to targeted investigations like those at Kutz's agency, but he said mass sharing of data between government agencies may violate federal privacy laws.

"If you're in any way concerned about restrictions on information sharing ... you're going to have to think about this issue afresh and decide to craft essential regulations for these new technologies," he told the subcommittee.

More information about CAPPS II can be found at

Read more on IT legislation and regulation