Homeland Security chief proposes screening of customer data

Suggestion could be viewed as “anti-privacy,” Michael Chertoff acknowledges.

The secretary of the Homeland Security Department on Tuesday proposed a screening system that would require companies to retain information about their customers but only require them to surrender information filtered by software.

"One of the proposals that was floated and shot down before I got here was screening for protection," Secretary Michael Chertoff said in answering a question posed by a member of the department's privacy committee.

"Instead of the government retaining data, and collecting it, we would screen against the data, [using a] civilian name, pinging it against a private database and then having the private data holder who has it anyway say 'yea' or 'nay, 'red flag' or 'green flag.' ... That might be a model for some kind of data-retention issue."

Chertoff spoke at a meeting of the Data Privacy and Integrity Advisory Committee, a group of government executives and private-sector volunteers who meet regularly to formulate Homeland Security's privacy policies. His was answering a question from committee member Jim Harper, the information policy studies director at the Cato Institute.

FBI Director Robert Mueller addressed the issue in January at the annual World Economic Forum in Davos, Switzerland. The Financial Times reported that Mueller said, "There can be standardized regulations and rules relating to data retention and secondly a mechanism for the swift exchange of information."

The European Union in December enacted a directive that requires all EU nations to require telecommunications companies to save certain call records and Internet logs for up to two years, and to make them available to law enforcers. The new law must be implemented within the next year-and-a-half.

Chertoff acknowledged that some might view his suggestion as "anti-privacy." But he argued that such proposals should be vetted more thoroughly for their trade-offs before they are dismissed.

"It's too easy to say something is pro-privacy or anti-privacy. ... Some of these are simply trade-offs on different elements of privacy," he said.