WASHINGTON -- President George Bush's plan for a massive antiterrorism database center, announced in his state of the union
address last week, could be up and running within months from a technology standpoint, if the Bush administration chooses
to move that fast, but harder to overcome will be privacy concerns of a non-technical nature, experts said.
Allen Shay, president and chief operating officer of NCR Government Systems' Teradata Division, said the U.S. government could quickly put in place the first phase of a terrorist-tracking data-mining system
by using commercial data-mining software already available.
"They'll take the first, let's say, 15 or 20 databases that are most critical and put an initial system capability in place,
and that can be done in a matter of a few months, rather than years," Shay said. "What the government's trying to do now is
something that the commercial world has been forced into years ago. It's not only do-able; it's been done by commercial companies
for the last 10 plus years."
Other data-mining experts recommend a system built from the ground up, which would take a year or longer. No matter what the
launch date and what technologies are used, the Bush plan is already attracting opposition from privacy groups, and could
run into congressional roadblocks, even though the new proposal seems to be a less ambitious data-mining effort than one being
researched at the U.S. Department of Defense (DoD).
Bush on Jan. 28 proposed a
Terrorist
Threat
Integration
Center
that would "fuse and analyze" data from several federal departments, including the new U.S. Department of Homeland Security,
the U.S. Federal Bureau of Investigation and the U.S. Central Intelligence Agency.
Little information on the center is available, except for an eight-paragraph fact sheet at http://www.whitehouse.gov/news/releases/2003/01/20030128-12.html. The CIA, which will run the center, has little to say about it so far. No information is available about a launch date or
the technologies the center will use, said a CIA spokesman.
"Right now, everything is under discussion," the spokesman added.
The center's data-mining component, however, seems to be focused on pulling information together only from government databases.
In that sense, Bush's proposal may be different from the Total Information Awareness (TIA) research project at the DoD, which privacy advocates and some lawmakers have attacked for its goal of hunting through private databases as well. The
TIA program also has attracted criticism because of its leader, Admiral John Poindexter, a central figure in the Iran-Contra
scandal during President Ronald Reagan's administration in the late 1980s.
The Bush plan seems to be a new twist on the old bait-and-switch sales tactic, said Lee Tien, senior staff attorney with the Electronic Frontier Foundation.
"Are we seeing here a commitment by the administration to the kinds of data-mining fishing expeditions that we associate right
now with Total Information Awareness, but packaging it somewhat differently?" Tien asked. "TIA is sort of an easy target, because its announced and declared purpose is so all-encompassing ... and then you
hit people with something much more limited, and they say, 'Compared to TIA, that's not so bad.'"
The amount of data mined, or where it's mined from, isn't the main concern, Tien said. The bigger issue is what's done with the results of the data, how people are identified as suspects, and how those
people singled out can dispute the results if the CIA falsely identifies them as suspected terrorists.
"How many people are going to be labeled in that 'maybe-maybe not' category, and what does that mean?" Tien asked. "Does that mean that every time they show an ID they're going to be treated a little differently?"
The EFF and other groups want congressional and public scrutiny of the Bush center. The goal of the center seems to be to
help domestic intelligence gathering, or "domestic spying," said Marc Rotenberg, president of the
Electronic
Privacy
Information
Center
. With the CIA potentially involved in domestic spying, some congressional oversight will be needed to protect
U.S.
residents' Fourth Amendment rights against unreasonable searches, he said.
The Bush plan, depending on its scope, could also run into opposition from some members of Congress. Although many members
of Congress are waiting to hear more about the antiterrorism center before commenting on it, an amendment to a spending bill,
passed by the Senate, would limit TIA and other government data-mining efforts to intelligence gathering efforts outside of
the
U.S.
That amendment was not passed in the U.S. House of Representatives version of the spending bill, and for it to move forward,
House members would have to approve the amendment during conference committee negotiations over the differences between the
two versions of the spending bill.
Senator Ron Wyden, the Oregon Democrat who sponsored the amendment, said he'd oppose the Bush center if it also focuses on
U.S.
citizens not suspected of being terrorists. Wyden proposed a database of known and suspected terrorists, what he calls a
"Terrorist Identification and Classification system," several months ago, and he said he'd support the Bush center if that's
what it does.
"A vigorous response to terrorism is necessary, but a system designed to spy on Americans in
America
is not," Wyden said Wednesday. "I will tell you, if someone tries to take the guts of the TIA program and simply transfer
it to the new center, I will do everything I can to stop it."
While Rotenberg said the Bush center seems to be more limited in scope than TIA, Tien is more concerned about the Bush plan than he is about TIA. His fear is that it could launch fairly quickly, with little
debate.
Data-mining experts say the center will not be easy to create. Tying together several government databases in a data warehouse
and writing algorithms to search the data will be huge tasks.
Teradata's Shay recommends a commercial, centralized enterprise data warehouse approach over a distributed database approach, but Michael
Piovoso, an engineering professor at Pennsylvania State University's Great Valley graduate school, suggested a system built from
scratch could better serve the CIA's specific needs. That process would take a large team of people at least a year, Piovoso said.
"I'm sure it's do-able, but it's a huge undertaking," Piovoso said. "One of the problems is there's a lot of things you want to do with that data that people don't typically do."
Like Shay, Naren
Ramakrishnan, a computer science professor at Virginia Polytechnic Institute and State University, recommends a phased-in approach where
the CIA would start small and take "simple steps."
Eventually -- Shay predicted in a year's time -- the government would build the data-mining center to the point where it's
predictive, pushing out results to analysts. The system itself would raise red flags, telling analysts, "something fishy seems
to be happening here," Ramakrishnan said.
Unlike many commercial data analysis tools, the government's antiterrorist system would need to react quickly to massive amounts
of data, he noted. "You don't have time to react to data for 20 hours, you have to act on it."
The potential privacy problems don't bother Shay. The data is likely to be closely held by the CIA, he said, and the technology
would simply tie together information that already exists on government databases, unlike the TIA program.
"I think (TIA) is a much more intrusive kind of issue and it's also a very far out there technology and one that I don't think
is going to see the light of day any time soon," Shay said. "I think what the president is talking about here ... will be
able to be effective very quickly. I think that's what the American public wants. They want something that can be stood up
quickly and can be effective in addressing the problem."
But data-mining experts Ramakrishnan and Piovoso agreed that such a data-mining system could raise privacy concerns. "Certainly there is the potential for abuse," Piovoso said. "You're putting a lot of faith in government that it's not going to abuse that power.
"It's a sad situation, in my opinion," he added. "We're asked to give up some of our freedoms in order to gain more security,
and one of the dangers of that is you may never get it back again."
E-mail
Printer Friendly
Reprints
(InfoWorld) - In the litigious world we live in, deploying a unified communications platform in your enterprise could...
