A Dual-Edged Sword: Providing Information, Stealing Privacy
A former National Security Council cyberspace expert explains how government technology can be used to simultaneously provide useful data--and steal privacy.
The power of new technologies to do good is often inextricably linked to their ability to cause harm.
Think about it. Early steam engines afforded enormous benefits--but, until labor laws were enacted, they allowed men, women, and children to work appallingly long days in mills and mines. Automobiles gave us freedom of movement--but, before public outrage resulted in new safety standards, auto accidents killed thousands needlessly. And, of course, the same nuclear energy that provides much of our electricity alarms us when despots threaten to use it in weapons of mass destruction, real or imagined.
Advanced information technologies are today's new "dual-edged sword." Computers can gather and analyze trillions of pieces of personal information about us, but we haven't yet faced up to what these powerful technologies can do in the hands of law enforcement.
Last summer, we saw a Pentagon proposal to "protect" the nation from crime and terrorism. The Total Information Awareness, or TIA, program would deploy cutting-edge information technologies to gather all available information about almost everybody. Using new data-mining techniques to comb this data, officials would look for patterns and try to identify which of us were the "bad guys."
When the plans for TIA were disclosed, the public immediately reacted with such furor that Congress quickly killed the program.
But since then, other questionable ideas have stepped into the breach. The Multistate Anti-Terrorism Information Exchange (yes, it's known as Matrix) is still not getting the level of public attention it warrants. Matrix gives participating law-enforcement agencies the ability to almost instantly build files on individuals, using essentially the same data-collection and analysis approaches the Pentagon's TIA program proposed.
Matrix officials won't reveal exactly what data sets might be tapped, but, at a minimum, we can expect the details of our drivers' licenses and traffic violations, property-tax records, lists of business associates, and marriage and divorce records to be included, along with available images. The files will also comprise vast amounts of data purchased from private companies that make it their business to track our purchasing and other behaviors. And, if pilot projects are an indication, any appearance in police files--even as a victim, complainant, or witness--will land us in the Matrix.
Matrix helps law-enforcement personnel make predictions--Is this person a good guy? A bad guy? Apt to be problematic?--through "factual data analysis" algorithms. Those highly educated guesses are produced through the system's enormous computing power.
Matrix outrages many people because of its possible privacy and civil-liberty violations. But even if privacy issues don't disturb you, Matrix presents at least four other serious concerns:
Matrix as a system may have fatal design flaws. At its core, Matrix is a human/software system that collects information, collates it, and analyzes it. Each of these steps has potentially fatal flaws. "Garbage in, garbage out" is as true today as it ever was. Data can be wrong, out of date, or generated by those with malicious motivations. Information will be added from jurisdictions with different laws, standards, interpretations, and expectations for accuracy. No amount of sophisticated technology can make up for bad data.
And when it comes to analyzing this data, both machines and humans can fail. Data-mining techniques to tease out patterns or correlations in complex databases are still very much in their infancy. Those in charge of interpreting these patterns will certainly have wide variations in training, capability, and interest. In the age of paper files and faxes, this might not have mattered much. But now, at the push of a button, hundreds and perhaps thousands of innocent people can come under police suspicion.
5 Top Federal Initiatives For 2015As InformationWeek Government readers were busy firming up their fiscal year 2015 budgets, we asked them to rate more than 30 IT initiatives in terms of importance and current leadership focus. No surprise, among more than 30 options, security is No. 1. After that, things get less predictable.
Top IT Trends to Watch in Financial ServicesIT pros at banks, investment houses, insurance companies, and other financial services organizations are focused on a range of issues, from peer-to-peer lending to cybersecurity to performance, agility, and compliance. It all matters.
Join us for a roundup of the top stories on InformationWeek.com for the week of September 18, 2016. We'll be talking with the InformationWeek.com editors and correspondents who brought you the top stories of the week to get the "story behind the story."