US suspends vast ADVISE data-sifting system
The pilot programs ignored privacy safeguards, says a recent Homeland Security report.
from the August 28, 2007 edition
Page 2 of 3
Last week the Pentagon shut down its TALON terrorism database program, which had been found to hold files on peace activists. In 2003, another military data-mining project – the Total Information Awareness project – was also ended following a congressional uproar over privacy fears.
Congress last fall ordered its Government Accountability Office to audit the program for privacy and effectiveness. It asked the OIG to do the same. In February, the GAO recommended a full-blown data-privacy review of the ADVISE system. Without that, its report said, ADVISE holds "potential for erroneous association of individuals with crime or terrorism and the misidentification of individuals with similar names."
In his report to Congress, publicly released earlier this month, DHS Inspector General Richard Skinner revealed that:
•From late 2004 to mid-2006, three ADVISE pilot programs – one focused on biological threats, another on weapons of mass destruction, and a third classified program to identify emerging threats – were not mere test beds working out technical bugs. Instead, they were "operational" and used "personally identifiable" data, without having conducted any privacy-risk assessments.
•All three pilot programs were quietly halted in March pending formal privacy impact assessments on the vulnerability of personal data. A privacy impact assessment is a type of information audit that ensures that government is only using personal information when it is necessary and lawful to be revealed.
•While submissions were made to begin the process, full-blown "privacy impact assessments" of the three programs did not begin until early 2007 – about two years after they became operational and began hunting terrorists, the OIG's office reported. It also said the March shutdown to assess privacy implications has damaged ADVISE's prospects, giving rise to skepticism within DHS about the utility and cost of the program and leaving it "at risk" of cancellation by 2008.
Failure to ensure data privacy is a problem that has torpedoed other counterterror programs, says Lee Tien, an attorney with the Electronic Frontier Foundation, a privacy advocacy group..
"The OIG's report clearly shows major breakdowns in the system we're depending on to protect people's private data," says Mr. Tien. "Whatever the data ADVISE used, the outputs are clearly important for people's privacy. The biodefense pilot program, for instance, presumably involves information about people's medical condition and emergency-room reporting."
RSS feed
