Chertoff Shocked(!) at Privacy Uproar Over "Targeting" System
In a fascinating article by Shane Harris in the National Journal, Homeland Security Secretary Michael Chertoff professes great surprise at the public uproar over the Automated Targeting System (ATS). He claims that he has discussed the "collection" and "analysis" of personal data -- including airline Passenger Name Records (PNR) -- "incessantly." The Secretary says that critics of the system -- which assigns "risk assessment" scores to all travelers, including U.S. citizens, and retains them for 40 years -- just haven't been paying attention:
"Yeah, they missed about 100 speeches that I gave," an exasperated Chertoff told National Journal on December 5. "I've talked about... PNR data and biographic data and using it to analyze and connect the dots about people before they come into the country; I have to have given at least 20 speeches about it."
Well, many of us have paid attention, and despite our best efforts, we've been unable to learn much about Homeland Security's collection and use of personal data.
Read on for more after the jump.
As a case in point, let's look at the speech Mr. Chertoff delivered just a few months ago, on September 8, titled September 11: Five Years Later." Yes, it's true that he talked about the collection and analysis of personal information, including PNR data. But he expressed frustration at the current state of those activities:
And my plea in this country, and my plea to the Europeans is this: For God's sake, let us do that before the next 9/11, rather than afterwards. It's much better to be able to do this kind of detective work to stop an attack, rather than to investigate an attack that has already occurred.
And he certainly didn't make it sound as though the U.S. government has been engaging in such data-mining for at least four years (as the Associated Press has reported). Mr. Chertoff continued:
So over the next year, I'm going to be looking forward to working with my European colleagues on building on this kind of information, allowing a full analysis, and still making sure we respect the privacy of those who travel internationally.
In any event, it appears that it wasn't only privacy advocates and members of Congress who were unaware of the ATS data-mining project. In May 2004, the General Accounting Office released a report titled "Datamining: Federal Efforts Cover a Wide Range of Uses." The GAO attempted to present a comprehensive survey and defined data-mining as "the application of database technology and techniques -- such as statistical analysis and modeling -- to uncover hidden patterns and subtle relationships in data and to infer rules that allow for the prediction of future results." And the Congressional watchdog agency used a fairly aggressive methodology to avoid missing something of interest, not only surveying agency officials, but also reviewing published materials that described relevant programs.
The GAO report identified 14 Department of Homeland Security data-mining programs, none of which appear to be at all similar to the Automated Targeting System.
More recently, on July 6, 2006, the DHS Privacy Office issued a "Report to Congress on the Impact of Data Mining Technologies on Privacy and Civil Liberties."
The report was issued in compliance with the requirements the 2005 DHS appropriation, which directed "the DHS Privacy Officer, in consultation with the head of each Department of Homeland Security agency that is developing or using data-mining technology" to account for and describe any such activities.
The report identified six DHS programs, and ATS was not among them.
Finally, in August 2006, the DHS Inspector General's Office released a document titled, "Survey of DHS Data Mining Activities." This report did discuss ATS, but certainly not in a way that would raise any privacy flags: "the Automated Targeting System (ATS) . . . uses electronic shipment data to search criteria that could indicate high-risk cargo."
So we apologize, Mr. Chertoff, for not paying attention when you and your Department "incessantly" tried to alert us to the fact that millions of U.S. citizens were being assigned "risk assessment" scores that will follow us throughout our lives.
In any case, the Secretary is trying to misdirect the debate by casting the issue as whether or not the program was common knowledge. That's a peripheral question in the greater scheme of things. The really important question is whether DHS has violated the law. There's a growing consensus that it has, and we will address that issue in upcoming posts.
Recent DeepLinks Posts
Jul 29, 2016
Jul 29, 2016
Jul 22, 2016
Jul 21, 2016
Jul 21, 2016
- Abortion Reporting
- Analog Hole
- Anti-Counterfeiting Trade Agreement
- Bloggers' Rights
- Broadcast Flag
- Broadcasting Treaty
- Cell Tracking
- Coders' Rights Project
- Computer Fraud And Abuse Act Reform
- Content Blocking
- Copyright Trolls
- Council of Europe
- Cyber Security Legislation
- Defend Your Right to Repair!
- Development Agenda
- Digital Books
- Digital Radio
- Digital Video
- DMCA Rulemaking
- Do Not Track
- E-Voting Rights
- EFF Europe
- Electronic Frontier Alliance
- Encrypting the Web
- Export Controls
- Fair Use and Intellectual Property: Defending the Balance
- FAQs for Lodsys Targets
- File Sharing
- Fixing Copyright? The 2013-2016 Copyright Review Process
- Free Speech
- Genetic Information Privacy
- Government Hacking and Subversion of Digital Security
- Hollywood v. DVD
- How Patents Hinder Innovation (Graphic)
- International Privacy Standards
- Internet Governance Forum
- Know Your Rights
- Law Enforcement Access
- Legislative Solutions for Patent Reform
- Locational Privacy
- Mandatory Data Retention
- Mandatory National IDs and Biometric Databases
- Mass Surveillance Technologies
- Medical Privacy
- Mobile devices
- National Security and Medical Information
- National Security Letters
- Net Neutrality
- No Downtime for Free Speech
- NSA Spying
- Offline : Imprisoned Bloggers and Technologists
- Online Behavioral Tracking
- Open Access
- Open Wireless
- Patent Busting Project
- Patent Trolls
- PATRIOT Act
- Pen Trap
- Policy Analysis
- Public Health Reporting and Hospital Discharge Data
- Reading Accessibility
- Real ID
- Search Engines
- Search Incident to Arrest
- Section 230 of the Communications Decency Act
- Social Networks
- SOPA/PIPA: Internet Blacklist Legislation
- State-Sponsored Malware
- Student Privacy
- Stupid Patent of the Month
- Surveillance and Human Rights
- Surveillance Drones
- Terms Of (Ab)Use
- Test Your ISP
- The "Six Strikes" Copyright Surveillance Machine
- The Global Network Initiative
- The Law and Medical Privacy
- TPP's Copyright Trap
- Trade Agreements and Digital Rights
- Trans-Pacific Partnership Agreement
- Travel Screening
- Trusted Computing
- UK Investigatory Powers Bill
- Video Games