DOD panel calls for regulatory framework
- By Dawn S. Onley
- Jun 06, 2004
A panel of military experts last month called for the Defense Department to create a regulatory framework for all data mining in order to protect citizens' privacy.
The Technology and Privacy Advisory Committee also recommended that DOD establish a high-level privacy officer and a panel of external advisers to identify and resolve privacy issues.
Members of the committee, appointed by Defense secretary Donald Rumsfeld, first met in February 2003 to examine ways the government could use advanced IT to identify terrorists before they act.
The committee worked as Congress held a heated battle with officials in the Defense Advanced Research Projects Agency over its Terrorism Information Awareness data mining program.
TIA was a terrorist tracking system designed to collect and correlate information from disparate databases, such as financial and health systems operated by agencies or businesses. Congress terminated most of the program's funding last fall.
The committee sought ways DOD could develop safeguards to ensure that data mining techniques complied with federal privacy laws.
Over the course of its background briefings, research and public hearings, committee members heard testimony from more than 60 witnesses from DOD, other government agencies, industry, academia and advocacy groups.
While supporting research that improves the accuracy and effectiveness of data mining, the committee said that Rumsfeld should recommend that Congress and President Bush establish one framework of legal, technological, training and oversight mechanisms to guarantee the privacy of citizens.
The privacy panel recommended exempting some types of data mining from new privacy protections, such as data searches that focus on specific suspects or federal government employees, or lawful foreign intelligence activity.
'The committee believes that data mining plays a critical role in the fight against terrorism, but that it should be used'and can be effective'only in ways that do not compromise the privacy of U.S. persons,' committee chairman Newton N. Minow said in a letter to Rumsfeld.
The committee noted that TIA was only one of numerous programs in DOD and other government agencies that uses, or have the potential to use, data mining technologies.
Other data mining projects include DOD's Joint Protection Enterprise Network, which lets military agencies share information across commands via a Web system. Through one project, Threat Alerts and Locally Observed Notices, military officials aggregate and share information about people who are denied access to, or who are observed behaving suspiciously around, military bases.
Other federal data mining efforts include the Transportation Security Administration's Computer-Assisted Passenger Prescreening System, and operations mandated by the Homeland Security Act and USA Patriot Act.
'The common feature of all of these programs is that they involve sifting through data about identifiable individuals, even though those individuals have done nothing to warrant government suspicion, in search of useful information,' the report stated.