Schwartz: Let's not relive TIA

Total Information Awareness (TIA), the Defense Advanced Research Projects Agency's effort to collect mountains of information about individuals to find potential terrorists, caused an uproar among privacy advocates in the early days of its conception following the Sept. 11, 2001, terrorist attacks.

By fall 2003, Congress had cut off TIA's funding, giving the impression that the government had retreated from using commercial data for homeland security purposes. To the contrary, other government agencies continue to explore the use of commercial data for counterterrorism and other law enforcement and intelligence goals. Private companies also continue to develop and offer services and systems based on aggregating and analyzing personally identifiable information available from commercial firms.

For such projects to succeed, officials must do a better job of ensuring privacy protection from the start.

The information available in private databases includes details about insurance coverage, travel plans, finances and retail purchases, as well as information compiled from government sources, such as court papers, licenses and property records. Reflecting trends that began before Sept. 11 and that have accelerated since then, the new data environment has two unprecedented features: the depth and breadth of personally identifiable information available from private sources and the technological capacity to analyze such data and draw patterns, inferences and knowledge from it.

Even many proponents of the use of private databases for counterterrorism purposes acknowledge that these technologies can raise questions about due process and privacy. However, work continues on the development and implementation of data-analysis techniques even though no suitable legal framework exists.

Some legal constraints limit the government's use of commercial data for counterterrorism purposes, but they are fragmentary, outdated and unresponsive to homeland security issues. That lack of guidelines has led promoters of such systems to find their progress blocked by privacy-conscious lawmakers just as the systems are ready to be implemented.

However, supporters are not the only ones whose interests are served by discussing issues, revising privacy laws and drafting guidelines for use.

Prior to the technologies' development, privacy advocates had generally relied on government inefficiencies alone to protect privacy. If information is not being used well by the government, then misuse cannot occur, people thought.

But we should not take solace in the government's failures in using information technology. Inefficiency poses threats to civil liberties when the government has broad discretionary authority to acquire or access commercial data but few guidelines on how to use it.

That state of affairs creates a high risk for erroneous decisions with no due process mechanisms to correct them. Given the current emphasis on terrorism prevention via screening and other means outside the criminal justice context, rules that guide governmental use of information would also serve civil liberties by making decisions more reliable, transparent and accountable.

We all bear strong responsibility for ensuring privacy and due process protections in new data-mining and pattern-analysis systems. Because of the valid arguments and pressure from both sides of the debate, failure to build privacy and due process rules for the use of new systems will simply result in reliving the TIA debacle.

Schwartz is associate director of the Center for Democracy and Technology.

Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.