Secondary Screening

Archives
By Date
April 2006
March 2006
January 2006
December 2005
November 2005
October 2005
September 2005
August 2005
July 2005
June 2005
May 2005
April 2005
March 2005
February 2005
January 2005
December 2004
November 2004
October 2004
September 2004
August 2004
By Category
Airline Security Measures
Bicycles
Book Reviews
Congress
Data Mining
Department of Homeland Security
Freedom of Information
Government Secrecy
Miscellany
Other People's Writing
Privacy
Security Measures
The Courts
The New Web
Threat Level
Recent Entries
Change of Address
Privatized Registered Traveler On Track
Software Bug Shuts Down Nation's Busiest Airport
HostGator Rocks
But some butter is more butter than other butter
TSA Picks Privacy Player
AT&T Loses A Customer Over NSA Lawsuit
Jetsons Video Phone? Deaf Say Yes!
AT&T *69s EFF
Narus Not in the Know
Published articles
Wired News Articles
Links
Wired News
DefenseTech
Practical Nomad
BeSpacific
DHS Privacy Office
Memory Hole Blog
Electronic Privacy Information Center
Privacy Digest
Electronic Frontier Foundation
Homeland Security Institute
Secrecy News
Emergent Chaos
EPIC West's Chris Hoofnagle
Prawfs Blog with Daniel Solove
Ann Harrison
Reuter's Andy Sullivan
Schneier on Security
Talk Left
Reason's Hit & Run
W. David Stephenson
Phillip Carter's Intel Dump
Project on Government Oversight
Technology Liberation Front
Edward Felten's Freedom to Tinker
Contact
Email me
415.375.3150
Subscribe
Feed: Your Reader
Atom
RSS 1.0
RSS 2.0
RSD
About Ryan Singel
I'm a San Francisco-based freelance journalist who covers antiterrorism programs, civil liberties, the Internet and privacy.
« Privacy Enhancing Terrain | Main | Robot Wine and Casinos in the Sky »
January 15, 2005 | No Reservations About Your Reservations

The FBI has retained more than 250 million passenger records in its criminal database, as part of its investigation into the 9/11 attacks, according to this report by the AP's Leslie Miller.

The revelation came in documents acquired by the Electronic Privacy Information Center using the Freedom of Information Act.

Privacy advocates said they're troubled by the possibility the FBI could be analyzing personal information about people without their knowledge or permission.

"The FBI collected a vast amount of information about millions of people with no indication that they had done anything unlawful," said Marcia Hofmann, a lawyer with the Electronic Privacy Information Center.

The center learned about the data through a Freedom of Information Act request.

"The fact that they're hanging on to the information is inexcusable," she said.

FBI spokesman Bill Carter said the bureau was required to retain its records.

"There are rules that have been set by the National Archives with regard to the retention of records by government agencies," Carter said.

As part of its investigation into the terrorist attacks, the FBI got records from airlines shortly after Sept. 11, 2001.

The airlines turned over the records mostly upon request, though, in one case, investigators used a grand jury subpoena.

The documents (which include a geeky, but fascinating explanation of the FBI's electronic case file system) are here and here (both .pdf).

A couple of things to note.

It's been known for some time that the FBI got airline records. In fact, a Washington Post story some time last year revealed that investigators had printouts of some of this data on the walls of the small room they were using as investigation central.

It's also not surprising that the FBI got the records. In fact, if the agency did not they would be derelict in their duty.

What's at issue here is the current use of that data. Is the FBI using it for "future crime" Total Information Awareness-style data-mining? Are agents who are chasing down mobsters involved in prostitution rings querying the PENTTBOMB database to ferret out the travels of their suspects? If so, are either appropriate uses of the data?

If you look closely at the 12 released pages and the explanation of the release, you will see that this is partly what EPIC was after AND precisely what the FBI refused to disclose.

This part of a pattern by the Justice Department.

In the fall of 2004, I called the DOJ to find out about these records, as well as the records given to the DOJ by Hank Asher's data mining effort, known as the Matrix. For those who don't remember and who haven't yet read Robert O'Harrow's recent book "No Place to Hide" (review here, affiliate url here, spy-free url here), shortly after September 11, Hank Asher, a shadowy figure possibly involved in Iran-Contra shenanigans, gave a number of government agencies a list of 120,000 names of people, ranked by their "terrorist quotient." Little, if nothing, is known about what, if anything, was done with that data.

I called the DOJ repeatedly, and finally, was given a non-answer answer. A spokeswoman, who acted offended by my questions, told me that it was part of the ongoing investigation and they had nothing to say.

That answer is part of the ongoing arrogance of the Justice Department, which routinely treats such questions from journalists and Congress as if they were the pesky intrusions from children who should not speak until given a press release. The department then has the gall to say that it routinely and thoroughly discloses information, when everyone knows the opposite is true. Nothing is revealed unless it has to be, and all and any critics are dismissed as uninformed sympathizers of terrorists.

To wit, here's part of what EPIC asked for, "any records discussing the legal requirements governing Bureau access and use of air passenger data."

They got nothing like that. They only got a description of the data fields in the PNRs (passenger name records) put in the FBI's Oracle database.

In a telling, but artfully hidden section, detailing why certain records and documents were being withheld (exemption b(7) Records or Information Withheld for Law Enforcement Purposes), FBI FOIA officer David M. Hardy wrote this:

"These Airline Data Sets were acquired from the airlines by the FBI for use in its mission of identifying those individuals responsible for the September 11, 2001 terrorist attacks and preventing future acts of terrorism against the United States." (emphasis added)

What's striking here is that the FBI seems to be admitting two astounding things: 1) It is using records given to it by private companies after September 11 for the purpose of unraveling the murderous conspiracy of the hijackings in order to search out future attacks and 2) that it considers that effort as part of the investigation into the September 11 attacks and thus BEYOND and ABOVE public scrutiny.

By that logic, the FBI can get ANY records and use ANY technique to detect the hints of future attacks (as opposed to running down leads about future attacks) and never have to reveal any details to the public. That means the FBI thinks it has the authority to build a Total Information Awareness system without having to tell the public what it is doing since it is part of an investigation. In other words, the PENTTBOMB investigation is the law enforcement version of the never-ending "War on Terror."


And if I'm wrong here and the FBI is revealing everything it has about the use of these records, then the FBI is incredibly negligent about data storage, auditing and protection, since there are no documents here indicating any discussion of, let alone the existence of, policies about the use of this sensitive data about American citizens.

Which means there are two options here: the FBI is either hiding information from the public or it is incompetent.

I'm not sure which option I prefer.

Posted by Ryan Singel at January 15, 2005 04:13 PM

 Trackback Pings

TrackBack URL for this entry:
http://www.secondaryscreening.net/cgi-bin/mt-tb.cgi/91

Listed below are links to weblogs that reference No Reservations About Your Reservations:

» A Disturbing Pattern of Secrecy from The Open Society Paradox
For the few of us out there who think that most people in the law enforcement and intelligence business are doing their best to protect America while guarding civil liberties, the FBI and the Justice Department are making it extremely... [Read More]

Tracked on January 18, 2005 09:48 PM

» RFID passports at CFP from The Practical Nomad
The next move is the RFID-enabled passport, which this week has provided the classic Computers, Freedom, and Privacy blood-on-the-carpet moments and which garnered for itself a couple of Big Brother Award nominations. The personae: Frank Moss, deputy a... [Read More]

Tracked on April 18, 2005 05:40 PM

» RFID passports at CFP. from Privacy Digest: Privacy News (Civil Rights, Encryption, Free Speech, Cryptography)
RFID passports at CFP . [Read More]

Tracked on April 19, 2005 01:22 PM
Powered by
Movable Type 3.2