TOPICS
TOPICS
Lawmakers move to halt funds for data-mining plan
House appropriators want to halt funding for a Homeland Security Department data-mining program until the department verifies that adequate privacy protections are in place.
The fiscal 2008 Homeland Security appropriations bill, scheduled to be on the House floor Tuesday, would stop funding for the Analysis, Dissemination, Visualization, Insight and Semantic Enhancement program, which is known as ADVISE. Funding would be withheld until the department submits a privacy-impact assessment for the program.
Under development by Homeland Security's science and technology directorate, ADVISE "is designed to help detect threatening activities by allowing an analyst to search large amounts of information for patterns in the data and to provide visual representations of these patterns," appropriators wrote in a report accompanying the bill. "At this time, DHS has not assessed the privacy risks associated with ADVISE."
Appropriators noted that the Government Accountability Office recently concluded that "until a privacy-impact assessment is conducted, little assurance exists that privacy risks have been rigorously considered and mitigating controls established."
A Homeland Security spokesman said privacy assessments will be done as the department determines how ADVISE will be used and what kind of data will be fed into it. "You can't do a privacy-impact assessment until you determine what data you're going to have," he said.
The spokesman added that four test programs using ADVISE are under way, and the only one using data on individuals is the "threat vulnerability integration system," which is being done within the department. He said a privacy assessment for that system has been submitted to the department's privacy office, and a public notice was issued for the data being used.
"It's all about transparency," the official said. "We want the public to know what we're doing and that we're taking good care of their information. There is nothing devious being done there."
He added that the other test programs are being conducted at Lawrence Livermore National Laboratory. He also said the department's privacy office is working with the science and technology directorate to develop a "privacy and technology implementation guide." He did not know when the guide would be finished.
By the end of last year, the department had spent about $40 million on ADVISE. According to officials at the time, the program was expected to be in a testing phase for at least a year and possibly as long as two years.
Congressional aides noted that similar problems surrounded the Transportation Security Administration's Secure Flight data-mining program for screening airline passengers. The fiscal 2008 appropriations bill would provide $25 million for Secure Flight, which would be $28 million less than the White House requested.
"While TSA recently completed a yearlong initiative to reassess Secure Flight's capabilities and address privacy and other concerns, the agency has not completed a cost estimate for completing development and conducting operational testing of the program," appropriators wrote. "Until TSA develops a detailed expenditure and management plan, it is premature for the committee to fully fund the budget request."
COMMENTS
- Good afternoon, After reading this article it is difficult for me to reasonably comprehend why DHS did not have the privacy considerations for this data mining program evaluated "Before" it considered it and ask for funding for it. From my perspective as a security professional, not doing so strongly indicates that this data mining program was not well thought out if thought out in advance at all. That's very concerning as privacy of consumers data which may be mined in this program, also poses a likely and significant national security concern depending on who's data is being mined and how that data is managed once it has been mined. Regards, Jeffrey A. Williams Spokesman for INEGroup LLA. - (Over 134k members/stakeholders strong!) Jeffrey A. Williams Posted June 14, 2007 4:53 PM
- Okay, I’ll bite. Wasn’t this the job of that political appointee, Hugo Teufel, the DHS Privacy Czar? What ARE we paying him to do and exactly how much? "It's all about transparency," the official said. "We want the public to know what we're doing and that we're taking good care of their information. There is nothing devious being done there." RIGHT! So exactly what has Hugo been doing since he was appointed back in May ‘06? And Maureen Cooney before him? Sen. Widen, D-Ore, questioned Hugo’s experience and background prior to his appointment. I guess he was right. Please correct me if I am wrong but isn’t the ADVICE program merely the latest incarnation of Poindexter’s and Lehman’s DARPA project the Total Information Awareness (TIA) program that has been in development and refinement since at least October 2001? Despite assurances to the contrary, “the program was expected to be in a testing phase for at least a year and possibly as long as two years”, excuse me but DARPA was running tests with commercially available data even prior to 9/11. As a matter of fact, retired Rear Admiral Poindexter, TIA advocate, was instrumental in developing distributed data management systems as the Deputy Commander of the Naval Education and Training Command back in 1987. So I ask; how much of this is really surprising? And how much of this is disinformation designed to lead people to think that such a program may end? I must admit to feeling a tad like Jerry Fletcher, the eccentric taxi driver in The Conspiracy Theory, but all these questions stem from reading the GovExec articles and simply remembering what has been said in the past. As they say, “There is nothing new under the sun.” But disinformation has been taken to an unprecedented level by this administration. Tip off Posted June 12, 2007 10:31 AM
