What Matters: January 2003
Big Brother Is No Longer Fiction: On the Internet, Everyone Knows You're a Poindexter
By Will Doherty '85
Total Information Awareness (TIA)—a new government R&D program—evokes the specter of a total surveillance state while it purports to defend America against the threat of terrorism. Before I present "information awareness" about how the government is harnessing technology for TIA, let's review the context of recent efforts to fight terrorism and increase the security of U.S. citizens.
Energized by the horrific events of September 11th, the federal government has—rapidly, and with very little debate—enacted draconian measures to enforce a "security" state. Ostensibly designed to crack down on terrorists, these new measures are in fact terrorizing many U.S. residents, rolling back decades of hard-won civil rights protections, and threatening the very basis of our democratic system, the Constitution and the Bill of Rights.
These measures include: The USA PATRIOT Act (the acronym stands for Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism) and the Homeland Security Act, arrests and detentions without charges, secret military tribunals, nullification of judicial safeguards, and unwarranted domestic spying on private citizens and their communications, purchases, even library habits. Technologies under development by the TIA program will create an information security apparatus worthy of George Orwell's 1984 or the cynical-paranoid worldview of Robert Anton Wilson and Robert Shea's The Illuminatus! Trilogy.
If the technologies themselves aren't creepy enough, you might shudder when you see the early logo (above) of the Information Awareness Office (IAO). Recently removed from their website, the chilling graphic featured a Masonic pyramid—recognizable from the back of the U. S. Dollar bill—except in this version the pyramid's all-seeing eye scans the globe with a surreal light beam worthy of science fiction. Perhaps even more disturbing, the office is headed by former Admiral John Poindexter. You might remember him from Iran-Contra, the Reagan administration's secret scheme to support Nicaraguan terrorists with proceeds from illegal arms sales to Iran. As William Safire reminded us in The New York Times:
"A jury convicted Poindexter in 1990 on five felony counts of misleading Congress and making false statements, but an appeals court overturned the verdict because Congress had given him immunity for his testimony."
I work at the Electronic Frontier Foundation (EFF) where we review and respond to legislation and policymaking that affects our digital rights. We struggle to keep up with a deluge of new proposals and legislation such as the USA PATRIOT Act (USAPA). The Act was approved within five weeks with practically no floor debate by a nearly unanimous Congress. Signed into law on October 26, 2001, USAPA gave sweeping new powers to both domestic law enforcement and international intelligence agencies and eliminated the checks and balances previously afforded courts to curb abuses. USAPA gave us expanded surveillance with reduced judicial oversight, overreaching police powers with a lack of focus on terrorism, including a mechanism permitting U.S. foreign intelligence agents to spy on U.S. citizens.
In June 2002, Attorney General John Ashcroft revamped FBI regulations to permit domestic surveillance—including online surveillance—of political, social, or ethnic groups without a subpoena or a court order, even in cases where there is no reasonable suspicion of criminal activity. Ashcroft unleashed the FBI from earlier procedural reforms which were instituted in the '70s following revelation of widespread abuses like the COINTELPRO program. (COINTELPRO was a program under which FBI agents attended political protests, kept dossiers on tens of thousands of U.S. citizens, including the Rev. Martin Luther King, Jr. A throwback to the excesses of McCarthyism, CONTELPRO actively disrupted the lives and careers of those who J. Edgar Hoover and his allies considered disloyal to America.)
The Homeland Security Act (HSA), signed into law on November 25, 2002, authorized the creation of a massive new Department of Homeland Security to coordinate the efforts of twenty-two government agencies.
USAPA established an exception to privacy laws permitting Internet Service Providers (ISPs) to disclose email or other electronic communications to specific law-enforcement agencies without a subpoena or a court order. Under USAPA, an ISP had to have a reasonable belief that an emergency exists where there is immediate danger of death or serious physical injury. The Homeland Security Act downgrades "reasonable belief" to a "good faith" requirement and replaces the death-or-serious-injury requirement with an ill-defined "immediate threat to a national-security interest." The HSA leaves it to commercial businesses (ISPs)—not supposedly accountable public personnel—to decide for themselves what constitutes a national-security interest. It also broadens the disclosure exception to all government agencies, including school principals and potentially even dog catchers, rather than those involved specifically in law enforcement.
Just after September 11, 2001, thousands of people of Middle Eastern heritage—and many who simply "looked" to be Middle Eastern, Arab or Moslem—were held in indefinite detention without attorneys or even charges brought against them. Some were transported to the Guatanamo U.S. Naval base on Cuba, questioned, investigated, subjected to questionable conditions contrary to the Geneva Convention, and perhaps tried in secret military tribunals. Again in December 2002 and January 2003, the INS rounded up hundreds of men and boys of Middle Eastern descent after requiring all citizens of certain Arab countries in the U.S. to register with the INS. These mass arrests have not yet approached the magnitude of the internment of Japanese, Japanese-Americans, and many who simply looked Japanese, in U.S. camps during World War II, but these are worrisome signs nonetheless.
The political and legal climate is extremely tense and the forces of technology are brought to bear in attempts to find quick fixes to ease that tension.
Air travelers find themselves on secret "no fly" and "maybe fly" lists under the newly established Transportation Security Administration (TSA) now the employer of airport security checkpoint personnel. The new Computerized Assisted Passenger Screening (CAPPS II) passenger profiling system is designed to identify and track travelers.
But the most interesting—and far-reaching—technologies come from the Total Information Awareness research program sponsored by the Information Awareness Office (IAO) at the Defense Advanced Research Projects Agency (DARPA), the military agency which sponsored early development of the Internet. DARPA has accepted the TIA project proposed by Admiral Poindexter. With TIA, he'll seek to use information technology for unprecedented surveillance on a massive scale.
In particular, TIA plans to use transactional data such as financial, education, travel, medical, veterinary, transportation, and housing information, along with biometric data, such as face, fingerprint, gait, and iris recognition to "determine the feasibility of searching vast quantities of data to determine links and patterns indicative of terrorist activities," explained Undersecretary of Defense Pete Aldridge.
TIA projects include technologies beyond even the wildest dreams of Orwell's Big Brother:
- Genisys—ultra-large, all-source terrorist information repositories
- Genoa II—developing information technology needed by teams of intelligence analysts in anticipating terrorist threats
- Evidence Extraction and Link Discovery—linking sparse evidence in large amounts of classified and unclassified data sources
- Wargaming the Assymetric Environment—predictive technology in the context of terrorists' political, cultural, and ideological environment
- Wargaming the Assymetric Environment—predictive technology in the context of terrorists' political, cultural, and ideological environment
- FutureMap—market-based techniques for avoiding surprise and predicting future events
- Bio-Surveillance—early detection of clandestine bio-warfare attack
- Human ID at a Distance—identify humans at border crossing, DoD facilities, etc., from face, gait, and iris recognition
- Effective, Affordable, Resusable Speech-to Text (EARS)—automatic transcription technology for audio signals
- Translingual Information Detection, Extraction and Summarization—multilingual language processing
- Babylon—rapid, two-way, natural language speech translation interfaces for combat environments
- Communicator—enabling warfighters to talk with computers
On the face of it some of these technologies might sound fairly non-threatening to the average American, but in the context of current attacks of civil liberties, TIA technologies have frightening implications and a large potential for abuse by agencies with a history of such abuse.
One pundit illustrated the potential dangers of aggregating personally identifiable information by researching and publishing the names, home addresses, and home phone numbers of Poindexter and several of his neighbors. He urged readers to contact Poindexter to let him know what they think of Poindexter's plans for their personally identifiable information. Perhaps that's why the CVs and biographies of TIA project managers have disappeared from the IAO website, along with the chilling graphic.
Whether or not DARPA keeps Poindexter on amidst the controversy about his role in TIA is irrelevant. Total Information Awareness projects will have a life of their own and they set the stage for creation of a Big Brother-style information security apparatus that will irrevocably alter our democracy.
Times are tough. The economy is weak and government spending may be the only way to keep many corporations afloat or even prosperous. Writer Bruce Sterling refers to the President's Critical Infrastructure Protection Board "National Strategy to Secure Cyberspace" plan drafted in September 2002 as the "Cybersecurity Industrial Complex."
Questions remain: How many of the laws passed by Congress and the programs funded by the U.S. government will actually increase security and decrease the threat of terrorism? How many are just traditional pork-barrel payoffs to stimulate the economy and enrich the wealthy? How many will senselessly abridge our civil liberties and our quality of life in the process?
What we need are sensible strategies for increasing security while ensuring privacy so that we protect Americans not only from terrorism but also from unwarranted abrogation of our civil liberties.
Nota bene
As this column was going to press (January 15, 2003), a broad coalition of advocacy groups from across the political spectrum announced its opposition to TIA. In a letter to the House Armed Services Committee, nine groups including EFF, the ACLU, and the American Conservative Union said: "Congress should not allow the Defense Department to develop unilaterally a surveillance tool that would invade the privacy of innocent people inside the United States." At the same time, U. S. Senator Russell Feingold has introduced legislation calling for a moratorium on data mining, the Data-Mining Moratorium Act of 2003. "The untested and controversial intelligence procedure known as data-mining is capable of maintaining extensive files containing both public and private records on each and every American," Feingold said.
Further updates (February 19, 2003)
The government has proposed even wider expansion of surveillance powers. As Decalan McCullagh reports on CNET: "Attorney General John Ashcroft wants even more power to snoop on the Internet, spy on private conversations and install secret microphones, spyware and keystroke loggers."
Read the Center for Public Integrity's analysis of "PATRIOT 2" and EFF's commentary on "Son of Patriot."
The New York Times reports that Members of a House-Senate Conference have adopted Senator Wyden's Amendment limiting the Total Information Awareness (TIA) program. Funding will terminate for the program unless DARPA submits a detailed report to Congress within 90 days. Additionally, TIA cannot be deployed against US Citizens without Congressional approval. For more information, see the EPIC TIA Page.
For more information:
"Homeland Insecurity: Is Your Privacy in Danger?" San Francisco Chronicle, December 12, 2002
"The Domestic Spying Renaissance" Security Focus, June 24, 2002
"Cities Say No to Federal Snooping" Wired News, December 19, 2002 (and on the same page in the right column) "Overview of Changes to Your Legal Rights" Associated Press.
About the Author
As founder and first Executive Director of the Online Policy Group, Will Doherty '85 has demonstrated a strong commitment to protecting and expanding rights of access, privacy, and safety on the Internet. Doherty has also worked since January 2001 as the Media Relations Director of the Electronic Frontier Foundation.
Prior to founding the Online Policy Group, he served as the Director of Online Community Development at the Gay & Lesbian Alliance Against Defamation, where he focused on the online rights of lesbian, gay, bisexual, and transgender communities. He managed GLAAD's Digital Media Resource Center in San Francisco, cultivating strategic partnerships in Silicon Valley and beyond.
Will Doherty has twenty years of experience as a computing consultant and online activist. In the early 1980's, he worked on the ARPANET, precursor to the Internet. He served as the Globalization Operations Manager at Sybase, Inc., and as a Localization Program Manager and a Technical Writer for Sun Microsystems, Inc. He has designed and implemented Internet strategies and websites for dozens of nonprofit community and advocacy organizations. In addition to a BS in Computer Science and Writing from MIT, Will has an MBA from Golden Gate University.
What Matters is a guest opinion column written by a different MIT alumnus or alumna. The views expressed are entirely those of the author and do not necessarily represent the views of the Alumni Association or MIT. Interested in writing a column? Email whatmatters@mit.edu.
