Oversight bringing TIA into check

The Defense Advanced Research Projects Agency did a poor job of planning for the privacy and civil liberties concerns that the Terrorism Information Awareness program created, but the program is now on the right path, a Defense Department official said today.

Michael Wynne, the acting undersecretary of Defense for acquisition, logistics and technology, said that DARPA personnel are visionaries who must look beyond current weapons and technologies, but "in this particular case, the vision exceeded their grasp."

However, Wynne noted that increased congressional, internal and external oversight has brought the program back in line. TIA, originally called Total Information Awareness, would access databases run by airlines, financial and educational institutions, and other groups to find patterns that might indicate terrorist activity.

"The debate between security and privacy I think is robust," Wynne said during remarks before the first public meeting of the Technology and Privacy Advisory Committee, an external oversight board established by DOD in February. "They're developing collaborative programs and were marketing them as broader than they were."

TAPAC was established to ensure that TIA moves forward with proper regard for constitutional rights and statutory laws, as well as existing privacy protection laws and policies. An internal DOD committee has the same mission. Wynne said a report to Congress last month, which spelled out how DARPA will continue development with privacy safeguards in mind, was a definite step in the right direction, but more work is needed.

In the report, DARPA officials said they would comply with laws governing intelligence activities and protecting constitutional rights. The system would use only foreign intelligence and counterintelligence information that is legally obtained and legally usable by the government. The system would also use information from artificial data generated to model behavior patterns. Further, as part of its TIA research, DARPA will develop new technologies that ensure privacy.

Wynne said written procedures have been developed that any agency must follow in order to use information gathered through TIA.

"What [DARPA] was trying to do is really emphasize what they considered to be standard knowledge, and that's insufficient," he told FCW following a question-and-answer session with TAPAC. "They needed procedures to directly address privacy and tell them to do things like protect information or sign a confidentiality agreement. DARPA is mostly engineers who are not versed in establishing those kinds of procedures . . . and they needed to get them down on paper."

DARPA's role is really just in developing the system, and maybe some marketing, Wynne said, but in this case the "marketing got ahead of itself."

TAPAC chairman Newton Minow, director of the Annenberg Washington Program and Annenberg Professor of Communications Law and Policy at Northwestern University, asked members of the task force if they would endorse the continuation of the TIA program. The membership includes representatives from the legal, education and public policy communities.

Every member said the program should continue with privacy and oversight stipulations, but Jerry Berman, executive director of the Center for Democracy and Technology, agreed only if three requirements were met:

* Adding privacy and civil liberties protection to the TIA mission.

* Having DARPA's research protocols monitored by an oversight board.

* Including the input of other government agencies, especially the Homeland Security Department, and other potential TIA customers.

"Unless DARPA feeds [TIA information] into the Department of Homeland Security and there is a coordination among all their customers, you could end up with stranded investment, duplicative work or privacy insensitivity," Berman told FCW. "I think it will happen because Congress will not let it go forward unless these questions are answered."

Minow said TAPAC has until next March to submit its report on TIA and is currently in a "fact-finding, opinion-listening and learning mode." He added that future meetings would include representatives from the private sector, the government customer base and DARPA.


  • Cybersecurity
    cybersecurity (Rawpixel/Shutterstock.com)

    CMMC clears key regulatory hurdle

    The White House approved an interim rule to mandate defense contractors prove they adhere to existing cybersecurity standards from the National Institute of Standards and Technology.

  • Comment
    cloud (Phaigraphic/Shutterstock.com)

    A call for visionary investment

    Investing in IT modernization is not an either-or proposition, Rep. Connolly writes. This pandemic has presented Congress a choice: We can put our head in the sand and pretend these failures didn't happen, or we can take action to be prepared for the future.

Stay Connected