WASHINGTON — A federal panel of policy makers and scientific experts urged a government-wide evaluation Tuesday of programs that sift through databases looking for clues on terrorism, to determine whether the programs are effective and legal.
The federal government has made aggressive use of so-called data-mining tools since the attacks of Sept. 11, 2001, as counterterrorism officials in many intelligence agencies have sought to analyze records on travel habits, calling patterns, e-mail use, financial transactions and other data to pinpoint possible terrorist activity.
The National Security Agency’s program for wiretapping terror suspects without warrants, the screening of suspicious airline passengers and the Pentagon’s ill-fated Total Information Awareness program, shut down by Congress in 2003 because of privacy concerns, have all relied on aspects of data mining.
But in a 352-page government study released on Tuesday, a committee of the National Research Council warned that successfully using these tools to deter terrorism “will be extremely difficult to achieve” because of legal, technological and logistical problems. It said a haphazard approach to using such tools threatened both Americans’ privacy rights and the country’s legitimate national security needs.
Mining through data patterns has been shown to work in commercial settings to predict what kind of toothpaste people may buy and what kind of movie they are likely to rent, or to detect casino card-counters or those engaged in credit card fraud.
But there is little evidence to confirm that the techniques work to actually find terrorists, despite the growing use in the last seven years, committee members said. Part of the problem, they said, is that the sample of known terrorists and actual attacks is so small that it is difficult to establish patterns of suspicious behavior.
The push to accumulate enormous amounts of information has also produced the risk of “a huge number of false leads” that could implicate people with no actual connections to terrorism, the committee said.
“More data does not mean better data,” said William J. Perry, the former defense secretary who was co-chairman of the panel, with Charles M. Vest, president of the National Academy of Engineering.
The National Research Council, a government-chartered nonprofit group, set up the panel in 2005 to study data mining at the request of the Department of Homeland Security and the National Science Foundation.
Matt Blaze, a University of Pennsylvania computer science professor who has studied data mining but was not involved in the study, said one of the most important points made in the report — little understood by the public — was to underscore the “fundamental problems” in adapting commercial data-mining to the hunt for terrorists. The committee, Mr. Blaze said, “has performed a real public service.”
Timothy Edgar, the deputy for civil liberties in the Office of the Director of National Intelligence at the White House, said his office had begun reviewing data-mining programs “on an ad hoc basis,” partly at the direction of Congress. But he said the committee’s recommendations laying out a framework for legal and operational concerns in a data-mining program could help to guide that effort.
“This is something the government could do in a more systematic way,” Mr. Edgar said.
No comments:
Post a Comment