California research center at heart of data-mining storm

For the next few years, Teresa Lunt, principal scientist at the Palo Alto Research Center in California, is expected to be on the front lines of the government's efforts to analyze the nation's commercial databases for potential terrorist activity while also protecting individuals' privacy.

She is the leader of one research project to be funded by the Defense Department's Information Awareness Office. Lunt's project aims to develop a "privacy firewall" that weeds out identifying information in searchable databases while providing government analysts with enough information to try to identify terrorists. The project was one of 26 chosen out of 180 proposals and is expected to receive about $1 million a year for the next three years.

"What the [Defense officials] are trying to do is prevent future Sept. 11 events, and their feeling is that though they have a lot of information ... they need tools to help them discover suspicious activity within that information," Lunt said in an interview last week. "Our job, at heart, is to develop technology that will let them do that but still protect individuals' private information."

The Information Awareness Office, part of the Defense Advanced Research Projects Agency (DARPA), has been controversial since its director, John Poindexter, announced his goal of Total Information Awareness (TIA): the consideration of every information source available worldwide to try to identify terrorists.

The data-mining idea sparked fears that TIA would erode Americans' privacy and led Congress to halt full TIA funding for 90 days, until DARPA can provide a report to Congress on what it is doing to protect privacy while working on TIA. In the meantime, the Electronic Privacy Information Center (EPIC), through a Freedom of Information Act request the group filed last year, made public the names of Lunt's center and other contractors for TIA.

"There is some interesting research" to be funded by TIA, EPIC Executive Director Marc Rotenberg said of Lunt's privacy project. "But the problem is that these programs are being funded with the expectation that it will result in massive surveillance of the American public."

Lunt said she understands people's concerns and believes that those people working at TIA also are worried about the privacy implications. As she envisions the program, the government would not have control over commercial information; rather, the data would remain in the private sector.

Her privacy firewall would block the release to government of people's names, addresses, phone numbers, credit cards, license-plate numbers, Social Security numbers and other individually identifying information. At the same time, it would allow searches for particular type activities that, based on a model developed within the government's intelligence community, could indicate potential terrorist behavior.

"A concern of civil libertarians is that if these models are developed, too many innocent people will meet that profile," Lunt said. "So the model has to be refined so that it only applies to a few people ... and then you can get some authorization to obtain identifying information that meets your model."