Suche innerhalb des Archivs / Search the Archive All words Any words

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[] WPO 08.05.03: (TIA) Balancing Data Needs And Privacy,

Washington Post
May 8, 2003
Pg. E1


Balancing Data Needs And Privacy

By Leslie Walker

PALO ALTO, Calif.-- It's hard to believe much good will come of the Bush 
administration's plan for a grandiose surveillance network that would scour 
trillions of data snippets worldwide hunting for signs of terrorism. I 
think civil libertarians are right to worry about the dangers lurking in 
the massive governmental snooping expedition known as Total Information 
Awareness (TIA), especially since it rests on the unproven notion that 
machines can automatically detect terrorism patterns in seemingly unrelated 
transactional data.

Nonetheless, if such a system can be made to work while respecting the 
privacy of law-abiding Americans, Teresa Lunt likely will play a key role.

Lunt is the computer security expert here at the Palo Alto Research Center 
(PARC) hired by the Pentagon's research arm to create a "privacy appliance" 
prototype for the electronic surveillance network. Lunt's research team 
snared a $3.5 million grant last month from the Pentagon's Defense Advanced 
Research Projects Agency to do work over the next 42 months. Hers was one 
of more than two dozen projects DARPA chose to fund from among 180 
proposals submitted to piece together the technology required for the 
electronic surveillance network. Lunt's work is already starting, even 
though Congress voted in February to freeze funding for the surveillance 
network pending a DARPA report due by May 20.

Mind you, I'm not saying the government shouldn't update its technology for 
analyzing data it already has legal access to, but I do believe the 
potential for computer errors and abuse in a system probing everything from 
our telephone habits to our library logs is simply enormous. The point was 
well made in a letter to Congress a few months ago by the U.S. Association 
for Computer Machinery's policy committee. "We believe that the vast amount 
of information and misinformation collected by any system resulting from 
this program is likely to be misused to the detriment of many innocent 
Americans," the computer scientists wrote.

Still, Lunt's project intrigues me. It falls into a relatively young field 
of computer science dubbed "data privacy," in which researchers are 
exploring ways to scrub databases of personally identifiable information 
without trashing the usefulness of the digital repositories for socially 
valuable research.

"It is an emerging and important field," said Latanya Sweeney, the computer 
scientist who directs Carnegie Mellon University's Laboratory for 
International Data Privacy.

Sweeney's team recently did data-privacy development work for the federal 
government that is just starting to be used in the Washington region for 
early detection of bioterrorist attacks, through screening such records as 
emergency-room visits. "It allows the sharing of information for 
bioterrorism surveillance with guarantees that no one can be identified," 
Sweeney said.

Lunt's charge is to do similar work for the Total Information Awareness 
initiative, although her effort also involves controversial ways to let the 
government selectively peel away the privacy protections it creates. Her 
central goal is creating an information filter to magically strip 
personally identifying information from query results delivered to analysts 
searching for terrorist patterns in "ultra-large" data warehouses. Those 
could include such sensitive records as credit card receipts, phone logs, 
chemical purchases, bank statements and travel reservations -- along with 
visual images from the expanding number of surveillance cameras positioned 
in cities all over the world.

While no one would quibble with protecting privacy and everyone should 
cheer the capture of terrorists, critics worry that Lunt's "privacy 
appliance" may be veneer slapped onto the data-mining network to blunt 
charges that it would infringe the privacy of Americans.

"You can't escape the fundamental contradiction of privacy research being 
conducted around a half-a-billion-dollar program of national surveillance," 
said Marc Rotenberg, executive director of the Electronic Privacy 
Information Center, a Washington-based advocacy group. "It is like building 
environmentally friendly nuclear power plants."

Lunt is acutely aware of the firestorm surrounding the counterterrorism 
project but contends her work has other potentially valuable uses. It may 
not wind up being used by the government at all, she noted, but could prove 
helpful in the commercial sector.

History may be on her side. For one thing, Lunt is working in the storied 
lab created by Xerox Corp. where researchers invented the graphical user 
interface and Ethernet networking. Moreover, the agency overseeing her 
work, DARPA, has commissioned plenty of military research that ended up 
having greater impact on civilians than soldiers -- including the Internet, 
an uber-network if there ever was one.

In an interview in her light-filled corner office, Lunt said she, too, 
worries that technology is chipping away at privacy faster than laws and 
policymakers seem to be coping. But she expressed optimism that her 
research will help fashion tools to let society exploit the power of 
databases without trampling on privacy.

Her work for DARPA involves creating a mix of software and hardware to 
allow data scanning and "selective revelation" of personally identifiable 
information. What gets revealed, she said, depends on the kind of 
authorization each analyst has, perhaps including court orders and 
subpoenas. Lunt said her contraption would sit between government data 
detectives and the databases they want to mine. "If a private source 
decides they are willing to share information with the government, they 
would keep their database in their own hands and put this appliance in 
front of their database," she said. "Government queries would have to go 
through the appliance before getting access to the data. It will do 
filtering so no personally identifying information is returned to the 
analysts unless they can demonstrate they have authority."

Lunt's team is devising computational methods to figure out what 
information might combine to uniquely identify individuals. They are 
fashioning "aliasing" systems to replace real names and birth dates, and an 
"inference analysis" tool to prevent deduction of people's identities even 
after aliases are created. The appliance also will create an elaborate 
audit trail to record the time, nature and authorship of all queries -- 
then encrypt the audit log and store it in fragments with independent 
organizations to protect its integrity.

Lunt said the technology could prove useful for doing more than hunting 
down terrorists. An appliance that kept patient data anonymous, for 
example, could provide a faster way for medical researchers to figure out 
effective surgical treatments for certain diseases. No longer would they 
have to get consent from thousands of patients to have their records 
scanned. "What you want is their medical history, treatment and outcome so 
you can study that and improve treatment for others in the future," said Lunt.

Carnegie Mellon's Sweeney agrees that data-privacy software ultimately 
should help society ease the growing tension between security and privacy.

"In the absence of good privacy technology, society is left to make a crude 
decision -- whether we have to give them the data to keep America safe, or 
we don't give them the data to maintain privacy," she said. "And for the 
most part, neither option is comfortable for the long term."

Liste verlassen: 
Mail an infowar -
 de-request -!
- infopeace -
 de mit "unsubscribe" im Text.