Two stories in the news describe different approaches to government secrecy and citizen privacy:
- White House Orders New Computer Security Rules, By ERIC SCHMITT, New York Times (October 6, 2011)
"The White House plans to issue an executive order on Friday to replace a flawed patchwork of computer security safeguards exposed by the disclosure of hundreds of thousands of classified government documents to WikiLeaks last year.
"...In addition to these immediate measures, Mr. Obama’s order creates a task force led by the attorney general and the director of national intelligence to combat leaks from government workers, or what the White House calls an “insider threat.”
"The directive also establishes a special government committee that must submit a report to the president within 90 days, and then at least once a year after that, assessing federal successes and failures in protecting classified information on government computer networks.
"...[Pentagon issued cyber identity] credentials allow supervisors to track what users are working on."
- Data Mining: DHS Needs to Improve Executive Oversight of Systems Supporting Counterterrorism, Government Accountability Office, GAO-11-742 (September 7, 2011). The report says that, until needed reforms are put in place the Department of Homeland Security and its component agencies "may not be able to ensure that critical data mining systems used in support of counterterrorism are both effective and that they protect personal privacy."
"By not consistently performing necessary evaluations and reviews of these systems, DHS and its component agencies risk developing and acquiring systems that do not effectively support their agencies' missions and do not adequately ensure the protection of privacy-related information."
See also: GAO Report: DHS Data Mining Needs Privacy Oversight, By Grant Gross, IDG News, PC World, (Oct 7, 2011). "One of the most disturbing findings by the GAO was that ICEPIC rolled out its law enforcement sharing component before it was approved by the DHS privacy office."
Electronic System for Travel Authorization’s (ESTA) Approval Required for Visa Waiver Program (VWP) Travelers to Visit the U.S.Submitted by vaidyanathan on Mon, 2009-01-12 09:39.
From today onwards, travelers from the Visa Waiver Program (VWP) countries must get approved via the Electronic System for Travel Authorization (ESTA) before they fly to the United States. “ESTA is a web-based system, initially launched in August 2008, that determines the preliminary eligibility of visitors to travel under the VWP prior to boarding a carrier to the United States.”
The Department of Homeland Security (DHS) declared that all nationals of the VWP countries must follow the new regulation when they travel to the U.S. Currently, the countries that are under the VWP program are: Andorra, Australia, Austria, Belgium, Brunei, the Czech Republic, Denmark, Estonia, Finland, France, Germany, Hungary, Iceland, Ireland, Italy, Japan, the Republic of Korea, Latvia, Liechtenstein, Lithuania, Luxembourg, Malta, Monaco, the Netherlands, New Zealand, Norway, Portugal, San Marino, Singapore, Slovakia, Slovenia, Spain, Sweden, Switzerland, and the United Kingdom.
According to a posting in Slashdot and an Associated Press story, a plan to use U.S. spy satellites for domestic security and law-enforcement missions is moving forward after being delayed for months because of privacy and civil liberties concerns. An office within the Homeland Security Department, called the National Applications Office, "will provide more robust access to needed remote sensing information to appropriate customers". While some agencies such as FEMA have had access to spy satellite imagery for scientific research or to assist in response to natural disasters, the availability of satellite images will be expanded to other agencies to support the homeland security mission. According to Slashdot, this is the first time law-enforcement would be able to obtain a warrant and request access to satellite imagery. The National Applications Office website says that protecting privacy and civil liberties is a priority for the Office and that their activities are regulated under existing laws including the Privacy Act and Executive Order 12333.
There is a new report from the Democratic Caucus, U.S. House of Representatives, entitled "America At Risk: Despite Continued Warnings... America's readiness continues to slide." The 7-page pdf summarizes how the cost of the war in Iraq is straining the budget and affecting the preparedness of the military to protect the country from domestic attack. It includes reports about how budget cutbacks are affecting the National Guards of individual states.
hat tip: beSpacific!
Last month the Washington Post published this piece on how DHS is collecting information on travelers:
"...new details about the information being retained suggest that the government is monitoring the personal habits of travelers more closely than it has previously acknowledged. The details were learned when a group of activists requested copies of official records on their own travel."
The Department of Homeland Security will begin to share spy satellite data with domestic law enforcement agencies next year. The theory is that satellite images will assist in border security. The most interesting news resport I've read on this topic came from Fox News. While all the news reports pointed out concerns about oversight and the effect on privacy, only this article mentioned that *getting* data isn't the end of the story - to be meaningful, someone somewhere has to analyze it and that this kind of data would be likely be of low priority:
Analysts across the intelligence community are already swamped with incoming data from foreign surveillance, and they may have little time for lower-priority work.
In light of recent expansions on wiretapping, this is, well, unnerving.
The Department of Homeland Security has 25 operations centers throughout the U.S., and according to a recent GAO audit, they're not collaborating very well.
Here's the full story:
According to the report, DHS doesn't have a clear set of procedures in place for the operation of its Homeland Security Information Network, which in turn hampers the operations centers' ability to share information related to terrorist threats and the like.
As we saw after 9/11, the lack of coordination between the FBI and CIA put the nation at risk. Obviously, there has to be better cooperation among these 25 centers in order to avoid a similar situation. The same goes for information-sharing prior to, during, and following a natural disaster or other catastrophe.
It's alarming that "basics" like information-sharing policies and procedures are either non-existent or poorly defined at both the regional and national levels, especially given that more complex and technical processes are needed to keep the citizenry safe.