Dominios, competencias y desempeños

R

TIA

The IAO Director mentioned the importance of protecting privacy in his speech, and six months earlier, in March 2002, IAO had begun fund- ing research on privacy-enhancing technologies. Nevertheless, the seeds had been sown for serious concerns about privacy. On November 24, 2002, at the height of the debate over enactment of the Homeland Security Act, William Safire wrote a column in the New York Times critical of TIA. Safire wrote:

Every purchase you make with a credit card, every magazine subscription you buy and medical prescription you fill, every Web site you visit and e-mail you send or receive, every academic grade you receive, every bank deposit you make, every trip you book and every event you attend—all these transactions and communications will go into what the Defense Depart- ment describes as “a virtual, centralized grand database.”

To this computerized dossier on your private life from commercial sources, add every piece of information that govern- ment has about you—passport applica- tion, driver’s license and bridge toll records, judicial and divorce records, complaints from nosy neighbors to the F.B.I., your lifetime paper trail plus the latest hidden

camera surveillance—and you have the supersnoop’s dream: a “Total Information Awareness” about every U.S. citizen.70 Although DARPA officials and others argued that Safire misstated facts about TIA, his criti- cism sparked a nationwide reaction. In the seven months between the initial disclosure of TIA and Safire’s column, only 12 press reports had appeared about the program. In the next 30 days, the press carried 285 stories, and by the time TAPAC was created, that figure had risen to 508.

In December 2002, the Assistant to the Secretary of Defense for Intelligence Oversight, who is responsible for ensuring DOD compliance with the laws and regulations governing the collection and use of intelligence information, conducted an internal review of TIA and related programs. The review included not just DARPA, but other units within DOD and the armed services, and The Rand Corporation, a DARPA contractor. The review found that neither DARPA nor IAO are “intelligence organizations,” because they develop but do not use technological tools for information gathering. Nevertheless, the review noted that the same legal constraints that regulate intelligence activities involving data on U.S. per- sons would apply to the use of TIA by any part of the Defense Intelligence Community to “col- lect, retain, or disseminate information” on U.S. persons. The review concluded that no legal obligations or “rights of United States persons” had been violated.71

The review did determine that some DARPA officials, because they were not involved in intel- ligence activities, had only a “limited understand- ing of Intelligence Oversight regulations.” As a result of the review, DARPA “quickly took Intelligence Oversight concerns into account” and “institutionalized training and awareness of Intelligence Oversight for its personnel.”72 _The review remains open and the Assistant to the Secretary of Defense for Intelligence Oversight has committed to engage in “ongoing monitor- ing” so long as DARPA is involved in developing tools for intelligence gathering.

* See the discussion under “Inspector General’s Report” below.

Opposition to TIA, however, continued to mount. In late 2002 Senators Charles E. Grassley (R-Iowa), Chuck Hagel (R-Neb.), and Bill Nelson (D-Fla.) wrote separately to the DOD Inspector General asking him to review TIA. On January 10, 2003, the Inspector General announced an audit of TIA, including “an examination of safe- guards regarding the protection of privacy and civil liberties.”73 _{As discussed below,* the audit} concluded that “[a]lthough the DARPA devel- opment of TIA-type technologies could prove valuable in combating terrorism, DARPA could have better addressed the sensitivity of the technology to minimize the possibility for governmental abuse of power and to help en- sure the successful transition of the technology into an operational environment.”74

On January 23, 2003, the Senate adopted an amendment to the Omnibus Appropriations Act proposed by Senator Ron Wyden (D-Ore.) pro- hibiting the expenditure of funds on TIA unless the Secretary of Defense, the Director of the CIA, and the Attorney General jointly reported to Congress within 90 days of the enactment of the law about the development of TIA, its likely efficacy, the laws applicable to it, and its likely impact on civil liberties. The amendment also prohibited deployment of TIA in connection with data about U.S. persons without specific Congressional authorization.75 _{Congress adopted} the amendment as part of the Consolidated Appropriations Resolution on February 13 and the President signed it into law on February 24.76

M

20, 2003 DARPA R

The report specified by the Wyden Amendment was delivered to Congress on May 20, 2003.77 It divided DARPA’s IAO programs into three categories—TIA, High-Interest TIA-Related Pro- grams, and Other IAO Programs—and described the latter two categories in far greater detail than TIA itself. The report described TIA as:

a research and development program that will integrate advanced collaborative and decision support tools; language trans- lation; and data search, pattern recogni- tion, and privacy protection technologies into an experimental prototype network focused on combating terrorism through better analysis and decision making.78 In addition, the report described eight other “High-Interest TIA-related Programs” being developed by the IAO in connection with TIA, and ten “Other IAO Programs” that “may pro- vide technology as possible components of TIA prototype but are considered of secondary interest within the context of this report.”79

With regard to the privacy issues posed by TIA and related programs, the report provided:

The Department of Defense’s TIA re- search and development efforts address both privacy and civil liberties in the following ways:

• The Department of Defense must fully comply with the laws and regu- lations governing intelligence activi- ties and all other laws that protect the privacy and constitutional rights of U.S. persons.

• As an integral part of its research, TIA program itself is seeking to develop new technologies that will safeguard the privacy of U.S. persons.

• TIA’s research and testing activi- ties are conducted using either real intelligence information that the federal government has already legally obtained, or artificial syn- thetic information that, ipso facto, does not implicate the privacy inter- ests of U.S. persons.80