Eyeing the Spying to Guard Americans’ Privacy
From today's guest blogger, our colleague Greg Gordon, McClatchy Washington bureau investigative reporter:
To carry out a recommendation from the Sept. 11 Commission aimed at preventing terrorists from ever again capitalizing on the lack of U.S. intelligence sharing, the Department of Homeland Security has since 2004 quietly facilitated the creation of 58 to 60 ``fusion centers’’ that blend local, regional, state and federal agents.
One pregnant question has been how closely these agencies have been observing state and federal privacy laws as information, sucked up from eavesdropping, informants, surveillance and government records, flows among the feds, state and local agencies down to cops on the beat.
In a Privacy Impact Assessment released today, Homeland Security officials ticked off no fewer than seven ways in which each center, with its own organizational structure, poses risks to Americans’ privacy. Among them:
-- Justifying the centers’ existence, best done in local communities by forming a privacy committee and keeping transparent.
-- Lack of rigorous controls over data mining, in which computer programs search for patterns among massive bits of information.
-- ``Ambiguous lines of authority,’’ a problem because Homeland Security and FBI employees are governed by federal laws, while state laws guide other agents.
-- The centers’ excessive secrecy, a veil that can by lifted somewhat by publishing documents to show compliance with privacy laws.
-- Dissemination of inaccurate or incomplete information that can hurt individuals.
-- Involvement of the military and private sector, which might have no grounds to see personal data.
-- Mission creep, because some of the centers are
increasingly being used to pursue all crimes, not just
The assessment is an alphabet soup of acronyms for various laws, committees and policies governing the flow of ``personally identifiable information’’ – also known as PII. It seeks to implement a set of Fair Information Practice Principles (FIPP, of course) to embed privacy protections into the centers.
The assessment echoes warnings from the Congressional Research Service, the Government Accountability Office and even the American Civil Liberties Union about potential breaches of individuals’ privacy. The most critical prevention tools are basic: written policies and training of everyone involved to ensure they know what information is to go nowhere.
When mistakes are made, DHS’ Privacy Office recommends that agents ``acknowledge the error and take corrective action,’’ allowing harmed individuals to seek redress.
Caroline Fredrickson, director of the ACLU’s Washington Legislative Office, said the fusion centers ``remain a mysterious and troubling trend in local law enforcement,’’ especially given the history of domestic spying by police and the FBI. She said her group and the DHS’ Privacy Office agree on the same set of risks.
``The use of data mining, participation by the private sector, ambiguous lines of authority and the general lack of transparency all pose hazards for Americans’ privacy,’’ Fredrickson said.