Pentagon makes promises on new surveillance system

WASHINGTON -- The Pentagon changed the name of its planned anti-terror surveillance system Tuesday and promised to use only legally collected personal data but failed to satisfy a coalition of groups with privacy concerns.

The Pentagon's 99-page report on the project also failed to reassure Sen. Ron Wyden, D-Ore., author of Congress' ban on implementing the system to scan databases with information about Americans without specific congressional approval.

"What most Americans don't know is that the laws that protect consumer privacy don't apply when the data gets into the government's hands," Wyden said in an interview. "Lawfully collected information can include anything, medical records, travel, credit card and financial data."

Wyden and Sens. Patrick Leahy, D-Vt., and Russell Feingold, D-Wis., vowed to retain tight congressional control of the data-mining and analysis software being developed by the Defense Advanced Research Projects Agency, or DARPA.

DARPA hopes to predict terrorist attacks by detecting telltale patterns of behavior in electronic records of passport applications, visas, work permits, driver's licenses, car rentals, airline ticket purchases, arrests or reports of suspicious activities.

Other databases to be searched include financial, education, medical and housing records and identification records based on fingerprints, irises, facial shapes and gait.

In the report required by Wyden's amendment, DARPA told Congress the Total Information Awareness program will now be called the Terrorism Information Awareness program.

The old name "created in some minds the impression that TIA was a system to be used for developing dossiers on U.S. citizens. That is not DoD's (the Department of Defense's) intent," DARPA said.

The goal is "to protect U.S. citizens by detecting and defeating foreign terrorist threats before an attack" and the new name was chosen "to make this objective absolutely clear."

While the name changed, the description of the program remained virtually the same. DARPA did emphasize it is awarding contracts to develop privacy protections, like automated records of who sees data and how they use it.

During research and testing, DARPA is only using "foreign intelligence and counter intelligence information legally obtained and usable by the federal government or wholly synthetic (artificial) data."

Testing is already under way or planned at the Army Intelligence and Security Command, National Security Agency, Defense Intelligence Agency, Central Intelligence Agency and several U.S. military commands. The FBI discussed working with DARPA but put that on hold after Wyden's amendment.

DARPA did not propose changing any laws regulating government access to databases of private commercial transactions but did say some privacy issues remain.

Current laws governing some types of private information "may well ... completely preclude deployment of TIA search tools with respect to some data," DARPA said, without specifying which databases fall into this category.

But James X. Dempsey of the Center for Democracy and Technology, a group advocating online privacy, gave a House Judiciary subcommittee a very different analysis Tuesday of existing consumer privacy laws.

"We found no real limitations on government access to commercial databases," Dempsey said in an interview. "The current laws, like the Privacy Act, were adopted in the 1970s and don't apply to these new technologies. Congress needs to catch up."

Dempsey's group joined seven other liberal and conservative advocacy groups in criticizing the report.

"The government can't expect us to forget everything they've said before about this program just by changing its name," said Barry Steinhardt of the American Civil Liberties Union.

"If TIA is relying on personal information contained in databases to determine whether someone is a suspect, what recourse does the person have whose information has been entered incorrectly?" asked Lisa Dean of the Free Congress Foundation.

The groups said an error rate as small as a tenth of a percent could result in more than 30,000 innocent Americans being investigated as terrorists.

Lori Walters of the Eagle Forum said the project "makes us all summary suspects and does so without any guarantees that it will catch the bad guys."

The other four groups were People for the American Way, the Electronic Privacy Information Center, the American Conservative Union and Americans for Tax Reform.