John Prados is a senior fellow of the National Security Archive in Washington, D.C. His current book is Safe for Democracy: The Secret Wars of the CIA (Ivan R. Dee Publisher).
Nothing seems to prevent the Bush administration from demanding more and more of our personal information. They observe few moral or constitutional barriers. There’s no evidence that all this information increases our security, but that doesn’t slow them down. They just keep coming.
For instance, Alberto Gonzales’ Department of Justice, in little-noticed moves, has proposed to amend a 1994 law governing how the communications industry helps law enforcement to require Internet companies to design their applications so as to be wiretap-friendly . And in June 2006 Justice further proposed the companies be required to retain and store everyone’s Internet transaction records for the feds to pore over. Most recently, the Department of Homeland Security, after efforts to create a massive database on airline passengers not only encountered technical difficulties but were prohibited by Congress, revealed they simply modified a counter-narcotics program to the same end.
With typical cynicism, the Bush administration has continually immersed its initiatives in a web of secrecy, and congressional allies have further muddied the waters. Many remember the Bush fiasco of a few years ago, appointing Reagan-era Iran-Contra figure John Poindexter to head a Total Information Awareness Program that was going to sort through masses of detail gathered from all sources—thus including files on every American—to find terrorists.
Called “data mining,” that would have opened up a plethora of opportunities for abuse. The idea crashed and burned on Capitol Hill. Bush, it turns out, was not deterred. In May 2004 the Government Accountability Office reported that no fewer than 14 data-mining projects were planned or in operation already, 10 of them using personal information, half including non-government data. The function of predicting terrorist actions from this data, the National Journal reported early this year, has been moved inside the National Security Agency (NSA), conveniently sheltered from public scrutiny.
At the same time the civil liberties monitoring board and ombudsman, created respectively by the Patriot Act and the Intelligence Reorganization Act, are inactive, ineffective and essentially moribund, the former left unfunded by this president until this year.
No wonder that two-thirds of Americans believe that federal agencies are intruding on their privacy rights, according to a Washington Post-ABC News poll released December 11.
A majority believe that Congress should hold hearings on how the Bush administration has handled surveillance. One place oversight is sorely lacking is in the whole matter of data mining. The submerged, secret programs require large investments in hardware, computer programming, and database accumulation and manipulation. What have they contributed? Not a single case comes to mind in which security services apprehended a terrorist following identification by data mining.
There are more disturbing problems as well, as Jeff Jonas and Jim Harper argue in a recent policy analysis for the Cato Institute . “Connecting the dots” became a watchword after 9/11 and has been used to justify a great deal since, including data mining, which some argue could have identified some of the 9/11 hijackers. Jonas and Harper show that traditional investigative techniques would have led to the hijackers more reliably and easily, and without costs other than those of improving the focus of those working to defend America. Concerned with the privacy intrusions and civil liberties costs of data mining, they rightly point to the conceptual difficulties embedded in the technique.
As an exercise in information analysis, data mining, by its nature, throws up both false-positive and false-negative results, and the impossibility of deriving a perfect terrorist profile ensures the ratio of false-to-true identifications will always be high. Even a 1 percent error rate, if projected across the U.S. population, would yield a claim of suspicion against three million Americans. The sheer cost of investigating that many persons would be prohibitive and the effort would divert security resources from following leads gained from more traditional techniques. At the same time, 99 percent effectiveness is a virtually unattainable goal. Analyzing 9/11 in retrospect—with 20-20 hindsight—Jonas and Harper show an example with an error rate of more than 90 percent. “Connecting the dots” has spawned a host of squishy ideas.
It is a sorry day for democracy in America, and for all our hard-won liberties, when we as citizens must depend upon the failure of a government initiative—on the probability that waste will consume the allocated monies, that complexities of programming will crash data crunchers, that new systems procured at enormous cost will not perform as advertised—as the only remaining safeguard for our rights. Equally ominous is that huge database will be out there, win or lose, for some government agency to divert to its purposes or some hacker to turn to private gain or crime. Much better never to have this problem in the first place.
