Total Outrage

Are privacy and data mining mutually exclusive?

Civil libertarians on both sides of the political fencepost have expressed outrage over the U.S. Department of Defense's Total Information Awareness (TIA) project directed by former national security adviser Adm. John Poindexter. The U.S. Congress has made moves to ban funding until it can "review the data mining issues," such as whether the program would violate federal privacy laws or the U.S. Constitution, and now computer scientists are raising doubts about the feasibility of foolproof privacy safeguards at all.

TIA comprises several technology initiatives, including the development of a centralized, ultra-large database populated with transaction data from financial, medical, communication, and travel records; data mining tools that can sort through massive amounts of information; and biometric systems.

In a letter to the Senate Armed Services committee, the U.S. Association for Computing Machinery — a group of computer scientists and information technology professionals — detailed the privacy and security risks inherent in the TIA architecture and questioned the technical feasibility of the vision.

In response, the Defense Advanced Research Projects Agency has tapped the Xerox Palo Alto Research Center (PARC) to develop ways to hide the names and identifying numbers that link people to the collected transactional data and "inference control" software to prevent analysts from triangulating identities via other information. Xerox PARC will also reportedly supply software to tag abusers of the system.

— Michelle M. Young

In this Issue: