[OPE-L] state data mining and profiling

From: glevy@PRATT.EDU
Date: Sat Dec 02 2006 - 07:05:32 EST

Be careful what kind of seating you prefer and what food you
order if travelling to or from the US (See following story.)
This is state-sponsored, racist, computer-assisted profiling
on a massive scale.

It's worth noting that if anyone actually wanted to commit a terrorist
act, it would be the easiest thing in the world to avoid the 'flags',
e.g. not travel directly to or from certain countries, request seats
that are not by an aisle, and order hot dogs, hamburgers, and other
depressingly bland and tasteless "US" foods.

How long will it be (or has it already happened yet?) that there
will be similar data-mining of _all_ credit-card users?

In solidarity, Jerry



U.S. Rates Travelers for Terror Risk
by michael j. sniffen / associated press writer

DEC 1, 2006 4:50 AM EST
WASHINGTON (AP) -- Without their knowledge, millions of Americans and
foreigners crossing U.S. borders in the past four years have been assigned
scores generated by U.S. government computers rating the risk that the
travelers are terrorists or criminals.

The travelers are not allowed to see or directly challenge these risk
assessments, which the government intends to keep on file for 40 years.

The government calls the system critical to national security following the
Sept. 11, 2001, terrorist attacks. Some privacy advocates call it one of
the most intrusive and risky schemes yet mounted in the name of
anti-terrorism efforts.

Virtually every person entering and leaving the United States by air, sea
or land is scored by the Homeland Security Department's Automated
System, or ATS. The scores are based on ATS' analysis of their travel
records and other data, including items such as where they are from, how
they paid for tickets, their motor vehicle records, past one-way travel,
seating preference and what kind of meal they ordered.

The use of the program on travelers was quietly disclosed earlier this
month when the department put a notice detailing ATS in the Federal
Register, a fine-print compendium of federal rules. The few civil
liberties lawyers who had heard of ATS and even some law enforcement
officers said they had thought it was only used to screen cargo.

The Homeland Security Department called the program "one of the most
advanced targeting systems in the world" and said the nation's ability to
spot criminals and other security threats "would be critically impaired
without access to this data."

But to David Sobel, a lawyer at the Electronic Frontier Foundation, a group
devoted to civil liberties in cyberspace: "It's probably the most invasive
system the government has yet deployed in terms of the number of people

Government officials could not say whether ATS has apprehended any
terrorists. Based on all the information available to them, federal agents
turn back about 45 foreign criminals a day at U.S. borders, according to
Homeland Security's Customs and Border Protection spokesman Bill Anthony. He
could not say how many were spotted by ATS.

"Homeland Security ought to focus on the simple things it can do and stop
trying to build these overly complex jury-rigged systems," said Barry
Steinhardt, an American Civil Liberties Union lawyer, citing problems the
agency has had developing a computerized screening system for domestic air

That data-mining project -- now known as Secure Flight -- caused a furor
two years ago in Congress. Lawmakers barred its implementation until it
can pass 10 tests for accuracy and privacy protection.

In comments to the government about ATS, Sobel said, "Some individuals will
be denied the right to travel and many the right to travel free of
unwarranted interference."

Sobel said in the interview that the government notice also raises the
possibility that faulty risk assessments could cost innocent people jobs in
shipping or travel, government contracts, licenses or other benefits.

The government notice says some or all of the ATS data about an individual
may be shared with state, local and foreign governments for use in hiring
decisions and in granting licenses, security clearances, contracts or other
benefits. In some cases, the data may be shared with courts, Congress and
even private contractors.

"Everybody else can see it, but you can't," Stephen Yale-Loehr, an
immigration lawyer who teaches at Cornell Law school, said in an interview.

But Jayson P. Ahern, an assistant commissioner of Customs and Border
Protection, said the ATS ratings simply allow agents at the border to pick
out people not previously identified by law enforcement as potential
terrorists or criminals and send them for additional searches and

"It does not replace the judgments of officers" in reaching a final
decision about a traveler, Ahern said in an interview Thursday.

This targeting system goes beyond traditional watch lists, Ahern said.
Border agents compare arrival names with watch lists separately from the
ATS analysis.

In a privacy impact assessment posted on its Web site this week, Homeland
Security said ATS is aimed at discovering high-risk individuals who "may
not have been previously associated with a law enforcement action or
otherwise be noted as a person of concern to law enforcement."

Ahern said ATS does this by applying rules derived from the government's
knowledge of terrorists and criminals to the passenger's travel records.

Ahern declined to disclose any of the rules, but a Homeland Security
document on data-mining gave this innocuous example of a risk assessment
rule: "If an individual sponsors more than one fiancee for immigration at
the same time, there is likelihood of immigration fraud."

Ahern said ATS was first used to rate the risk posed by travelers in the
late 1990s, using personal information about them voluntarily supplied by
air and cruise lines.

A post-9/11 law vastly expanded the program, he said. It required airline
and cruise companies to begin in 2002 sending the government electronic
data in advance on all passengers and crew bound into or out of the
country. All these names are put through ATS analysis, Ahern said. In
addition, at land border crossings, agents enter license plates and the
names of vehicle drivers and passengers, and Amtrak voluntarily supplies
passenger data on its trains to and from Canada, he said.

In the Federal Register, the department exempted ATS from many provisions
of the Privacy Act designed to protect people from secret, possibly
inaccurate government dossiers. As a result, it said travelers cannot
learn whether the system has assessed them. Nor can they see the records
"for the purpose of contesting the content."

Toby Levin, senior adviser in Homeland Security's Privacy Office, noted
that the department pledged to review the exemptions over the next 90 days
based on the public comment received. As of Thursday, all 15 public
comments received opposed the system outright or criticized its redress

The Homeland Security privacy impact statement added that "an individual
might not be aware of the reason additional scrutiny is taking place, nor
should he or she" because that might compromise the ATS' methods.

Nevertheless, Ahern said any traveler who objected to additional searches
or interviews could ask to speak to a supervisor to complain. Homeland
Security's privacy impact statement said that if asked, border agents would
hand complaining passengers a one-page document that describes some, but
not all, of the records that agents check and refers complaints to Custom
and Border Protection's Customer Satisfaction Unit.

Homeland Security's statement said travelers can use this office to obtain
corrections to the underlying data sources that the risk assessment is
based on, but not to the risk assessment itself. The risk assessment
changes automatically if the source data changes, the statement explained.

"I don't buy that at all," said Jim Malmberg, executive director of
American Consumer Credit Education Support Services, a private credit
education group. Malmberg said it has been hard for citizens, including
members of Congress and even infants, to stop being misidentified as
terrorists because their names match those on anti-terrorism watch lists.
He noted that while the government plans to keep the risk assessments for
40 years, it doesn't intend to keep all the underlying data they are based
on for that long.

Homeland Security, however, is nearing an announcement of a new effort to
improve redress programs and the public's awareness of them, according to a
department privacy official, who requested anonymity because the formal
announcement has not been made.

The department says that 87 million people a year enter the country by air
and 309 million enter by land or sea.


On the Net:

DHS privacy impact statement:

This archive was generated by hypermail 2.1.5 : Sun Dec 31 2006 - 00:00:04 EST