US plans massive data sweep
Little-known data-collection system could troll news, blogs, even e-mails. Will it go too far?
(Page 3 of 3)
Amid the furor over electronic eavesdropping by the National Security Agency, Congress may be poised to expand its scrutiny of government efforts to "mine" public data for hints of terrorist activity.Skip to next paragraph
Subscribe Today to the Monitor
"One element of the NSA's domestic spying program that has gotten too little attention is the government's reportedly widespread use of data-mining technology to analyze the communications of ordinary Americans," said Sen. Russell Feingold (D) of Wisconsin in a Jan. 23 statement.
Senator Feingold is among a handful of congressmen who have in the past sponsored legislation - unsuccessfully - to require federal agencies to report on data-mining programs and how they maintain privacy.
Without oversight and accountability, critics say, even well-intentioned counterterrorism programs could experience mission creep, having their purview expanded to include non- terrorists - or even political opponents or groups. "The development of this type of data-mining technology has serious implications for the future of personal privacy," says Steven Aftergood of the Federation of American Scientists.
Even congressional supporters of the effort want more information about data-mining efforts.
"There has to be more and better congressional oversight," says Rep. Curt Weldon (R) of Pennsylvania and vice chairman of the House committee overseeing the Department of Homeland Security. "But there can't be oversight till Congress understands what data-mining is. There needs to be a broad look at this because they [intelligence agencies] are obviously seeing the value of this."
Data-mining - the systematic, often automated gleaning of insights from databases - is seen "increasingly as a useful tool" to help detect terrorist threats, the General Accountability Office reported in 2004. Of the nearly 200 federal data-mining efforts the GAO counted, at least 14 were acknowledged to focus on counterterrorism.
While privacy laws do place some restriction on government use of private data - such as medical records - they don't prevent intelligence agencies from buying information from commercial data collectors. Congress has done little so far to regulate the practice or even require basic notification from agencies, privacy experts say.
Indeed, even data that look anonymous aren't necessarily so. For example: With name and Social Security number stripped from their files, 87 percent of Americans can be identified simply by knowing their date of birth, gender, and five-digit Zip code, according to research by Latanya Sweeney, a data-privacy researcher at Carnegie Mellon University.
In a separate 2004 report to Congress, the GAO cited eight issues that need to be addressed to provide adequate privacy barriers amid federal data-mining. Top among them was establishing oversight boards for such programs.
November 2002 - The New York Times identifies a counterterrorism program called Total Information Awareness.
September 2003 - After terminating TIA on privacy grounds, Congress shuts down its successor, Terrorism Information Awareness, for the same reasons.
Department of Homeland Security
February 2003 - The department's Transportation Security Administration (TSA) announces it's replacing its 1990s-era Computer-Assisted Passenger Prescreening System (CAPPS I).
July 2004 - TSA cancels CAPPS II because of privacy concerns.
August 2004 - TSA says it will begin testing a similar system - Secure Flight - with built-in privacy features.
July 2005 - Government auditors charge that Secure Flight is violating privacy laws by holding information on 43,000 people not suspected of terrorism.