White House officials said a January memo aimed at encouraging information sharing and issued in response to the Christmas Day attempted bombing of a commercial jet, should not be perceived as a revival of the controversial data-sifting program that the Bush administration launched after the 9/11 terrorist attacks.
The comment came in response to a public interchange on Tuesday among three security and information technology specialists who said President Obama's plan for "knowledge discovery," a term included in the memo, resembles the Total Information Awareness program, which the Defense Advanced Research Projects Agency initiated unsuccessfully in 2002.
TIA was halted in 2004, after the public criticized it as a violation of civil liberties. The Defense Department, at the time, wanted a program that would probe private information, including citizens' personal credit card accounts, medical data and cell phone records. Privacy advocates say they still are uneasy about the intelligence community's power to probe private data networks.
"The Obama administration considers an individual's privacy and civil rights of critical importance, and [intelligence community] actions concern government data sets, not outside data sources. In no way should the corrective actions memo be construed as requiring a TIA-like IT solution. The term 'knowledge discovery' does not mean TIA," White House spokesman Nick Shapiro said on Wednesday.
He was referring to a January memo intended to repair systemic weaknesses identified after the failed attempt to bring down a Detroit-bound plane on Christmas Day. "The IT requirement is a need to fuse existing data in IC holdings, not aggregate commercial U.S. persons' data from private data sources. In the 12/25 case all the relevant information was in one IC location, just not pulled together," he added.
At an information-sharing talk hosted by the Information Technology and Innovation Foundation on Tuesday, K. A. Taipale, executive director of the Stilwell Center for Advanced Studies in Science and Technology Policy and a member of the Markle Foundation Task Force on National Security in the Information Age, and two other technology experts said the tools being developed under the TIA program and the technologies outlined in the memo sound very similar.
But in a comment posted with the original Nextgov article, Taipale said he did not imply the tools should be applied to non-government databases. "The discussion was specifically about how advanced analytic tools could potentially help avoid the 'Christmas bomber' situation in which available threat information in different GOVERNMENT INTELLIGENCE DATABASES was not being correlated to 'connect the dots,'" he wrote. "My point was that by defunding TIA eight years ago based on hyperbole we lost years of development work on both the analytic tools themselves and, importantly, on the privacy and oversight policies we need to effectively deploy these tools while protecting civil liberties today.
"Further, it was noted by others that because of this history -- that is, the political frenzy over TIA in 2002 -- there is still a disinclination for government to develop and deploy the legitimate capabilities needed to correlate intelligence data because any public research programs in this area are likely to attract the same kind of knee-jerk reaction from the privacy lobby and press."
In the memo, the president instructed the director of national intelligence to clarify the role of counterterrorism analytics in "synchronizing, correlating and analyzing all sources of intelligence related to terrorism" and expedite IT upgrades to improve "knowledge discovery, database integration, cross-database searches, and the ability to correlate biographic information with terrorism-related intelligence."
The TIA program focused on the development of "a large-scale counterterrorism database"; the invention of "new algorithms for mining, combining and refining information for subsequent inclusion into the database"; and "revolutionary new models, algorithms, methods, tools and techniques for analyzing and correlating information in the database to derive actionable intelligence," according to DARPA's Web site.
Privacy advocates said language in the memo is disconcerting, given that government data does not exclude private information collected legally under what they believe are the nation's loose privacy laws.
"We don't have any problem with the government becoming better and more efficient and smarter in sharing legitimately collected law enforcement information," said Jay Stanley, public education director for the American Civil Liberties Union Technology and Liberty Program, but "the devil is in the details and the details of the memo are vague."
He added, "Because our privacy laws are not adequate, the government is able to access mass troves of data. If that's the input into the analytics then it does begin to resemble TIA."
Other civil liberties groups said Obama's memo should have specified what kind of information would be analyzed during knowledge discovery.
"Given the interpretation of the people who participated in that discussion, the White House needs to clarify," said Lillie Coney, associate director of the Electronic Privacy Information Center. "I'm hoping that this administration is smart enough not to repeat the [TIA] errors. I want to know if they think DNI should be going after private data networks."
She said the problem post-9/11 and last year was not a lack of information, but a lack of communicating the information that officials already had at their fingertips.
After hearing the Obama administration's response to concerns about another TIA, Stanley said, "I'm not sure that I am reassured -- just because the national security establishment is a large and sprawling thing and we do know there is a large context of interest in data mining and weak privacy laws."