White House CIO Asked About NSA Data Collection, Explains How Metadata Can Reveal A Lot

from the time-to-get-some-press-training dept

Over the entire course of the Obama administration’s terms in office, there’s been something of a conflict. While there’s been a ridiculous amount of secrecy — from NSA spying scandals, to refusals to respond to FOIA requests — at the same time, President Obama also set up a federal CTO and federal CIO position, each of which have had two occupants who seem very, very focused on increasing openness and transparency in government (and who really do seem sincere). Over the past few years, they’ve put together a variety of projects trying to help provide more open data as it relates to the government (though, it appears they’ve run into the expected frustrations of dealing with one of the largest, if not the largest, bureaucracies in the world).

But given the conflicting messages — openness over here, extreme secrecy over there — it was inevitable that someone would be asked a question about this. Fast Company has an interview with the current federal CIO, Steve Van Roekel, where he’s asked about the NSA’s surveillance and the “conflict” between openness and privacy. Van Roekel seems to go out of his way to not actually say anything about the NSA, while at the same time (we assume) inadvertently pointing out that tiny bits of metadata, when combined with other tiny bits of metadata can reveal a ton of information about someone — something that defenders of the “just metadata” regime have been trying to pretend isn’t true:

I think this notion of the U.S. government treating data as an asset that’s open to everyone is interesting. I’d be remiss if I didn’t mention what’s happening with the NSA controversy–it seems like you have to walk a fine line between being open while also protecting citizens’ privacy.

One of the important parts of formulating the digital strategy and open data policy was to be very clear to people on two fronts. One was that with government data, you need to have a process by which we are not releasing any data that is confidential, that violates any citizens’ or Americans’ privacy, or has any national security implications.

The second part is examining something called the mosaic effect. That means if I released some data independently, there is high likelihood that that data released doesn’t have any private or publicly identifiable information in it. But if I release that data along with another piece of data, and overlay those two sources, then I could garner some identifiable information. For example, if I have a report on geographically dispersed diseases in this relatively unpopulated state, like North Dakota, then release another piece of data that details who lives in certain census blocks, you could suddenly tell who has that disease. That’d break personally identifiable information guidelines. So we’ve asked agencies to set up governance and be very diligent on issues related to privacy, confidentiality, or national security.

How have the recent NSA leaks affected that strategy? Have you tweaked anything in your approach?

Our conversation today isn’t about the NSA, but I can say that our diligence hasn’t waned even before any of this related to protecting confidentiality. The mission here–the mission of government–is how do we best serve the American people, and make sure they are safe, secure, and getting benefits from the services the government provides. That requires a lot of good governance, good security, good cyber-security, and really smart thinking about how we release data–making sure we don’t release any personally identifiable information or anything that would lose the trust of the American citizen.

Note the bolded part of the first answer above. That’s the very point that critics of the fact that the government has been collecting so much metadata have been pointing out — but it’s a point that the federal government, including Van Roekel’s boss, have been actively denying for months. They keep insisting that “just metadata” doesn’t violate anyone’s privacy. Yet here is Van Roekel, who understands this stuff, straight up admitting what plenty of people have realized: metadata can reveal an awful lot, especially when you have a few different collections of metadata that you can overlay with one another.

Filed Under: , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “White House CIO Asked About NSA Data Collection, Explains How Metadata Can Reveal A Lot”

Subscribe: RSS Leave a comment
Anonymous Coward says:

Again everything you’ve heard dealing with the NSA and the executive has all been lies. If they’ve said ‘we don’t do it’, its a sure sign they do or have some program worse than what you are suspecting.

They don’t have data they hold more than 5 years… unless it has a trigger to hold it longer, or unless they want in AT&T’s database good for 25 years and counting. Yeah they ain’t owned up to that one yet but if its being done for the local yokel cop club, NSA has their fingers in it too.

Brazilian Guy says:

Question: If the NSA decided to take all the garbage of every place, labeled by adress but not by personal names of every occupant, and then created a database of all the garbage by adress, of every DNA strand in the garbage, and then just stored their findings on a database to research whenever they’ve would deem apropriate – would anyone believe that information obtained through such method would not be personal information, or could not be used to invade the privacy of someone?

Anonymous Coward says:

Metadata only details a person’s past, present and possible future travel locations. Who you called and who calls you. Your name, address and telephone number. Call times, call lengths and who you call most often.

The web pages you visit, the applications you download, the software you use, credit card orders, online chat and email contacts.

What time you go to sleep, wake up, where you work and what time you get off work.

That’s all.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...