[Med-privacy] InformationWeek: A Dual-Edged Sword: Providing Information, Stealing Privacy

[DPeelMD@aol.com]

-------------------------------1079413782
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Content-Language: en

A Dual-Edged Sword: Providing Information, Stealing Privacy

A former National Security Council cyberspace expert explains how
government technology can be used to simultaneously provide useful
data--and steal privacy.

By Jeffrey Hunker, Ph.D., InformationWeek

March 15, 2004

URL:
http://www.informationweek.com/story/showArticle.jhtml?articleID=3D18311890

The power of new technologies to do good is often inextricably linked to
their ability to cause harm.

Think about it. Early steam engines afforded enormous benefits--but,
until labor laws were enacted, they allowed men, women, and children to
work appallingly long days in mills and mines. Automobiles gave us
freedom of movement--but, before public outrage resulted in new safety
standards, auto accidents killed thousands needlessly. And, of course,
the same nuclear energy that provides much of our electricity alarms us
when despots threaten to use it in weapons of mass destruction, real or
imagined.

Advanced information technologies are today's new "dual-edged sword."
Computers can gather and analyze trillions of pieces of personal
information about us, but we haven't yet faced up to what these powerful
technologies can do in the hands of law enforcement.

Last summer, we saw a Pentagon proposal to "protect" the nation from
crime and terrorism. The Total Information Awareness, or TIA, program
would deploy cutting-edge information technologies to gather all
available information about almost everybody. Using new data-mining
techniques to comb this data, officials would look for patterns and try
to identify which of us were the "bad guys."

When the plans for TIA were disclosed, the public immediately reacted
with such furor that Congress quickly killed the program.

But since then, other questionable ideas have stepped into the breach.
The still-little-known Multistate Anti-Terrorism Information Exchange
(yes, it's known as Matrix) gives participating law-enforcement agencies
the ability to almost instantly build files on individuals, using
essentially the same datacollection and analysis approaches the
Pentagon's TIA program proposed.

Matrix officials won't reveal exactly what data sets might be tapped,
but, at a minimum, we can expect the details of our drivers' licenses
and traffic violations, property-tax records, lists of business
associates, and marriage and divorce records to be included, along with
available images. The files will also comprise vast amounts of data
purchased from private companies that make it their business to track
our purchasing and other behaviors. And, if pilot projects are an
indication, any appearance in police files--even as a victim,
complainant, or witness--will land us in the Matrix.

Matrix helps law-enforcement personnel make predictions--Is this person
a good guy? A bad guy? Apt to be problematic?--through "factual data
analysis" algorithms. Those highly educated guesses are produced through
the system's enormous computing power.

Matrix outrages many people because of its possible privacy and
civil-liberty violations. But even if privacy issues don't disturb you,
Matrix presents at least four other serious concerns:

=E2=80=A2 Matrix as a system may have fatal design flaws. At its core, Matri=
x is
a human/software system that collects information, collates it, and
analyzes it. Each of these steps has potentially fatal flaws. "Garbage
in, garbage out" is as true today as it ever was. Data can be wrong, out
of date, or generated by those with malicious motivations. Information
will be added from jurisdictions with different laws, standards,
interpretations, and expectations for accuracy. No amount of
sophisticated technology can make up for bad data.

And when it comes to analyzing this data, both machines and humans can
fail. Data-mining techniques to tease out patterns or correlations in
complex databases are still very much in their infancy. Those in charge
of interpreting these patterns will certainly have wide variations in
training, capability, and interest. In the age of paper files and faxes,
this might not have mattered much. But now, at the push of a button,
hundreds and perhaps thousands of innocent people can come under police
suspicion.

=E2=80=A2 Matrix may be insecure. No one relishes the possibility of
unauthorized access to, or tampering with, highly sensitive personal
information. Everyone is familiar with computer break-ins and virus
attacks, but theseare only a small part of a growing cybersecurity
problem for our nation.

Naturally, Matrix takes pains to emphasize its impressive security
features. Nonetheless, as a former National Security Council
cybersecurity official, I know well how software
vulnerabilities--sometimes secretly installed--can be used to break into
and manipulate computers. Increasingly, cybercriminals and terrorists
spend their time finding these vulnerabilities. Because of this, you
should never believe any software developer who claims that a system is
secure. And the fact that the Matrix software was developed by a company
run by an alleged drug informer should make you even more concerned.

=E2=80=A2 Matrix lacks oversight or citizen accountability. Organizationally=
,
Matrix seems as if it were designed to deliberately obstruct any sort of
citizen accountability, either to remove bad data or stop practices that
incorrectly target innocent people.

Matrix officially is managed by the Florida State Police but is actually
run by a private company (founded by that alleged drug-ring insider).
This convoluted system doesn't have any public accountability--all the
personal data is consolidated in private hands, and much of the data is
bought from other private companies.

Even a state governor has been burned by Matrix. Employing the
time-honored "need to know" principle, state bureaucrats decided that
the new Utah governor didn't need to know about Utah's state police
participation in Matrix. When she finally found out, Utah was out of
Matrix within hours.

=E2=80=A2 Matrix is only the beginning of a new wave of technologies. The
technological capability to compile and analyze vast amounts of personal
data, resulting in predictions of personal behavior, is here to stay.

The private sector does this every day to predict and influence what we
buy. What's different about Matrix is that its users can arrest or
subpoena you, not just sell you cookies or cars.

So what should we do? Two paths would be most effective, each supporting
the other.

In the short term, we need an understanding that Matrix, and other
programs like it, require an effective, mandatory system of public
oversight. Participating states must work together, perhaps under
federal coordination, to create a system that includes independent--and
effective--audits and regular public reports. A public governing board
would ensure that such new law-enforcement systems work as they are
claimed and that abuses are corrected immediately and publicly.

For the longer term, we need to begin a national discussion about the
limits we want to place on the ability to gather, collate, and analyze
trillions of pieces of personal data. Indeed, despite its other possible
problems, the most troubling fact about Matrix is that it has emerged
without a widespread public discussion about its implications. Congress
should feel ashamed.

In the case of Matrix and its ilk, our time-honored standards of privacy
are at stake, and they're rapidly deteriorating. We can shape this new
technology, or let it shape us. Which will we choose?

Jeffrey Hunker, Ph.D., was senior director for critical infrastructure
at the National Security Council, specializing in cybersecurity. He is
principal of Jeffrey Hunker Associates, consulting with both the public
and private sectors, and is also professor of technology and public
policy at Carnegie Mellon University. Dr. Hunker can be reached at
hunker@jeffreyhunker.com or through www.jeffreyhunker.com.

3/15/2004
http://informationweek.com/shared/printableArticle.jhtml?articleID=3D1831189=
0

-------------------------------1079413782
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Content-Language: en

<HTML><HEAD>
<META charset=3DUTF-8 http-equiv=3DContent-Type content=3D"text/html; charse=
t=3DUTF-8">
<META content=3D"MSHTML 6.00.2800.1276" name=3DGENERATOR></HEAD>
<BODY style=3D"FONT-SIZE: 10pt; FONT-FAMILY: Arial; BACKGROUND-COLOR: #fffff=
f">
<DIV>A Dual-Edged Sword: Providing Information, Stealing Privacy<BR><BR>A fo=
rmer National Security Council cyberspace expert explains how<BR>government=20=
technology can be used to simultaneously provide useful<BR>data--and steal p=
rivacy.<BR><BR>By Jeffrey Hunker, Ph.D., InformationWeek<BR><BR>March 15, 20=
04<BR><BR>URL:<BR>http://www.informationweek.com/story/showArticle.jhtml?art=
icleID=3D18311890<BR><BR>The power of new technologies to do good is often i=
nextricably linked to<BR>their ability to cause harm.<BR><BR>Think about it.=
 Early steam engines afforded enormous benefits--but,<BR>until labor laws we=
re enacted, they allowed men, women, and children to<BR>work appallingly lon=
g days in mills and mines. Automobiles gave us<BR>freedom of movement--but,=20=
before public outrage resulted in new safety<BR>standards, auto accidents ki=
lled thousands needlessly. And, of course,<BR>the same nuclear energy that p=
rovides much of our electricity alarms us<BR>when despots threaten to use it=
 in weapons of mass destruction, real or<BR>imagined.<BR><BR>Advanced inform=
ation technologies are today's new "dual-edged sword."<BR>Computers can gath=
er and analyze trillions of pieces of personal<BR>information about us, but=20=
we haven't yet faced up to what these powerful<BR>technologies can do in the=
 hands of law enforcement.<BR><BR>Last summer, we saw a Pentagon proposal to=
 "protect" the nation from<BR>crime and terrorism. The Total Information Awa=
reness, or TIA, program<BR>would deploy cutting-edge information technologie=
s to gather all<BR>available information about almost everybody. Using new d=
ata-mining<BR>techniques to comb this data, officials would look for pattern=
s and try<BR>to identify which of us were the "bad guys."<BR><BR>When the pl=
ans for TIA were disclosed, the public immediately reacted<BR>with such furo=
r that Congress quickly killed the program.<BR><BR>But since then, other que=
stionable ideas have stepped into the breach.<BR>The still-little-known Mult=
istate Anti-Terrorism Information Exchange<BR>(yes, it's known as Matrix) gi=
ves participating law-enforcement agencies<BR>the ability to almost instantl=
y build files on individuals, using<BR>essentially the same datacollection a=
nd analysis approaches the<BR>Pentagon's TIA program proposed.<BR><BR>Matrix=
 officials won't reveal exactly what data sets might be tapped,<BR>but, at a=
 minimum, we can expect the details of our drivers' licenses<BR>and traffic=20=
violations, property-tax records, lists of business<BR>associates, and marri=
age and divorce records to be included, along with<BR>available images. The=20=
files will also comprise vast amounts of data<BR>purchased from private comp=
anies that make it their business to track<BR>our purchasing and other behav=
iors. And, if pilot projects are an<BR>indication, any appearance in police=20=
files--even as a victim,<BR>complainant, or witness--will land us in the Mat=
rix.<BR><BR>Matrix helps law-enforcement personnel make predictions--Is this=
 person<BR>a good guy? A bad guy? Apt to be problematic?--through "factual d=
ata<BR>analysis" algorithms. Those highly educated guesses are produced thro=
ugh<BR>the system's enormous computing power.<BR><BR>Matrix outrages many pe=
ople because of its possible privacy and<BR>civil-liberty violations. But ev=
en if privacy issues don't disturb you,<BR>Matrix presents at least four oth=
er serious concerns:<BR><BR>=E2=80=A2 Matrix as a system may have fatal desi=
gn flaws. At its core, Matrix is<BR>a human/software system that collects in=
formation, collates it, and<BR>analyzes it. Each of these steps has potentia=
lly fatal flaws. "Garbage<BR>in, garbage out" is as true today as it ever wa=
s. Data can be wrong, out<BR>of date, or generated by those with malicious m=
otivations. Information<BR>will be added from jurisdictions with different l=
aws, standards,<BR>interpretations, and expectations for accuracy. No amount=
 of<BR>sophisticated technology can make up for bad data.<BR><BR>And when it=
 comes to analyzing this data, both machines and humans can<BR>fail. Data-mi=
ning techniques to tease out patterns or correlations in<BR>complex database=
s are still very much in their infancy. Those in charge<BR>of interpreting t=
hese patterns will certainly have wide variations in<BR>training, capability=
, and interest. In the age of paper files and faxes,<BR>this might not have=20=
mattered much. But now, at the push of a button,<BR>hundreds and perhaps tho=
usands of innocent people can come under police<BR>suspicion.<BR><BR>=E2=80=
=A2 Matrix may be insecure. No one relishes the possibility of<BR>unauthoriz=
ed access to, or tampering with, highly sensitive personal<BR>information. E=
veryone is familiar with computer break-ins and virus<BR>attacks, but thesea=
re only a small part of a growing cybersecurity<BR>problem for our nation.<B=
R><BR>Naturally, Matrix takes pains to emphasize its impressive security<BR>=
features. Nonetheless, as a former National Security Council<BR>cybersecurit=
y official, I know well how software<BR>vulnerabilities--sometimes secretly=20=
installed--can be used to break into<BR>and manipulate computers. Increasing=
ly, cybercriminals and terrorists<BR>spend their time finding these vulnerab=
ilities. Because of this, you<BR>should never believe any software developer=
 who claims that a system is<BR>secure. And the fact that the Matrix softwar=
e was developed by a company<BR>run by an alleged drug informer should make=20=
you even more concerned.<BR><BR>=E2=80=A2 Matrix lacks oversight or citizen=20=
accountability. Organizationally,<BR>Matrix seems as if it were designed to=20=
deliberately obstruct any sort of<BR>citizen accountability, either to remov=
e bad data or stop practices that<BR>incorrectly target innocent people.<BR>=
<BR>Matrix officially is managed by the Florida State Police but is actually=
<BR>run by a private company (founded by that alleged drug-ring insider).<BR=
>This convoluted system doesn't have any public accountability--all the<BR>p=
ersonal data is consolidated in private hands, and much of the data is<BR>bo=
ught from other private companies.<BR><BR>Even a state governor has been bur=
ned by Matrix. Employing the<BR>time-honored "need to know" principle, state=
 bureaucrats decided that<BR>the new Utah governor didn't need to know about=
 Utah's state police<BR>participation in Matrix. When she finally found out,=
 Utah was out of<BR>Matrix within hours.<BR><BR>=E2=80=A2 Matrix is only the=
 beginning of a new wave of technologies. The<BR>technological capability to=
 compile and analyze vast amounts of personal<BR>data, resulting in predicti=
ons of personal behavior, is here to stay.<BR><BR>The private sector does th=
is every day to predict and influence what we<BR>buy. What's different about=
 Matrix is that its users can arrest or<BR>subpoena you, not just sell you c=
ookies or cars.<BR><BR>So what should we do? Two paths would be most effecti=
ve, each supporting<BR>the other.<BR><BR>In the short term, we need an under=
standing that Matrix, and other<BR>programs like it, require an effective, m=
andatory system of public<BR>oversight. Participating states must work toget=
her, perhaps under<BR>federal coordination, to create a system that includes=
 independent--and<BR>effective--audits and regular public reports. A public=20=
governing board<BR>would ensure that such new law-enforcement systems work a=
s they are<BR>claimed and that abuses are corrected immediately and publicly=
.<BR><BR>For the longer term, we need to begin a national discussion about t=
he<BR>limits we want to place on the ability to gather, collate, and analyze=
<BR>trillions of pieces of personal data. Indeed, despite its other possible=
<BR>problems, the most troubling fact about Matrix is that it has emerged<BR=
>without a widespread public discussion about its implications. Congress<BR>=
should feel ashamed.<BR><BR>In the case of Matrix and its ilk, our time-hono=
red standards of privacy<BR>are at stake, and they're rapidly deteriorating.=
 We can shape this new<BR>technology, or let it shape us. Which will we choo=
se?<BR><BR>Jeffrey Hunker, Ph.D., was senior director for critical infrastru=
cture<BR>at the National Security Council, specializing in cybersecurity. He=
 is<BR>principal of Jeffrey Hunker Associates, consulting with both the publ=
ic<BR>and private sectors, and is also professor of technology and public<BR=
>policy at Carnegie Mellon University. Dr. Hunker can be reached at<BR>hunke=
r@jeffreyhunker.com or through www.jeffreyhunker.com.<BR><BR>3/15/2004<BR>ht=
tp://informationweek.com/shared/printableArticle.jhtml?articleID=3D18311890<=
BR><BR></DIV></BODY></HTML>

-------------------------------1079413782--