Obama Administration Quietly Allowed National Counterterrorism Center To Keep Database Of Info On Innocent Americans
from the total-information-privacy-breach dept
The National Counterterrorism Center (NCTC) is where all intelligence agencies were told to send their leads, after it was determined that there was an intelligence failure that allowed the so-called underwear bomber, Umar Farouk Abdulmutallab, to get on a plane a few years ago. Then came some interagency squabbling over information:
Unfortunately, NCTC didn't have the resources to "exhaustively" pursue the torrent of leads it began receiving. So it fell behind. Late last year, after Homeland Security had given NCTC a database on condition that it purge the names of all innocent persons within 30 days, things came to a head. Homeland Security eventually revoked NCTC's access to the data and NCTC decided it needed to operate under different rules. In particular, it wanted unlimited access to all government agency information for as long as it needed it, including both suspects and non-suspects alike. In March, after discussion at the White House, Eric Holder granted their request.In a separate blog post, Angwin breaks down the specific rule changes from the 2008 document to the 2012 document. They detail just how a system that was initially limited to protect privacy has now turned into the exact opposite of that. Among the rule changes: it used to require a focus on terrorism information. No longer. And then there are the following two changes:
Or, as the original article noted:
Dropping the requirement to remove innocent U.S. person information. The 2008 guidelines required NCTC to remove US person information that is “not reasonably believed to be terrorism information.” In 2012, the guidelines were updated to allow NCTC to keep U.S. person information for “up to five years” and to “continually assess” the information to determine whether it constitutes terrorism information. Adding the ability to do “pattern-based queries” of entire datasets. The 2008 guidelines explicitly prohibit analysts from conducting “pattern-based” queries that are not based on known terrorism datapoints. The 2012 guidelines explicitly allow pattern-based queries that are not based on known terrorism data points. Pattern-based queries are still prohibited for databases that NCTC has not copied in its entirety.
Now, NCTC can copy entire government databases—flight records, casino-employee lists, the names of Americans hosting foreign-exchange students and many others. The agency has new authority to keep data about innocent U.S. citizens for up to five years, and to analyze it for suspicious patterns of behavior. Previously, both were prohibited.This all comes out almost exactly a decade after it was revealed that the feds were planning a "Total Information Awareness" program to troll through all of its databases to try to hunt down evidence of terrorism at work. That resulted in widespread public backlash and an eventual backing down from the program. This time around, since the whole thing was debated outside of the public eye (and they didn't given it an Orwellian name -- or an equally creepy logo), apparently it's just fine.
But, if you actually believe in things like basic civil liberties, the 4th Amendment and a right to privacy, this is all downright scary. It's the type of stuff that we're told over and over again the US government isn't supposed to do. And then it goes and does it anyway.