Privacy SOS

Report: Obama’s plan to harvest and store US persons’ data faced objections at DHS privacy office

Remember the "Disposition Matrix"? The plan to institutionalize the Obama extrajudicial assassination program "to go beyond existing kill lists, mapping plans for the “disposition” of suspects beyond the reach of American drones"? Do you remember that the "matrix" operation to fuse all the various government kill lists is based at the National Counterterrorism Center (NCTC)? And that the Obama administration last year drafted and approved plans to turn the NCTC into a Total Information Awareness style data mining center, targeting US persons?

If you didn't believe the ACLU when we warned you about the Obama administration's plans for the NCTC, maybe you'll believe former the former top privacy official at DHS, who we now learn was also outraged about the plan and spoke out against it in the back rooms of Washington DC and in fiery emails with administration officials.

A muckraking piece by Julia Angwin at the Wall Street Journal, chock full of previously unknown insights from FOIA'd government emails and documents, reveals that former DHS chief privacy officer Mary Callahan fought against the Obama NCTC plan tooth and nail. Needless to say, she (and we) lost.

In "U.S. Terrorism Agency to Tap a Vast Database of Citizens," Angwin writes [emphasis below is mine]:

Through Freedom of Information Act requests and interviews with officials at numerous agencies, The Wall Street Journal has reconstructed the clash over the counterterrorism program within the administration of President Barack Obama. The debate was a confrontation between some who viewed it as a matter of efficiency—how long to keep data, for instance, or where it should be stored—and others who saw it as granting authority for unprecedented government surveillance of U.S. citizens.
The rules now allow the little-known National Counterterrorism Center to examine the government files of U.S. citizens for possible criminal behavior, even if there is no reason to suspect them. That is a departure from past practice, which barred the agency from storing information about ordinary Americans unless a person was a terror suspect or related to an investigation.
Now, NCTC can copy entire government databases—flight records, casino-employee lists, the names of Americans hosting foreign-exchange students and many others. The agency has new authority to keep data about innocent U.S. citizens for up to five years, and to analyze it for suspicious patterns of behavior. Previously, both were prohibited. Data about Americans "reasonably believed to constitute terrorism information" may be permanently retained.
The changes also allow databases of U.S. civilian information to be given to foreign governments for analysis of their own. In effect, U.S. and foreign governments would be using the information to look for clues that people might commit future crimes.
"It's breathtaking" in its scope, said a former senior administration official familiar with the White House debate.
Former DHS privacy officer Callahan reportedly said that the new rules amounted to a "sea change" in the US government's relationship with the people. Her protests inside the administration appear to echo the ACLU's warnings about the program, published when the public first got wind of the plans. What's the problem? In short, the NCTC data harvesting operation opens the door to grave, routine government civil liberties and privacy violations of literally everyone inside the United States who has ever conducted any kind of business with the US government.
As Angwin writes, the Bush administration tried doing something similar back in 2002 under the name "Total Information Awareness." People justifiably freaked out and the government officially shelved the program. But TIA was never actually tossed; the main components of the plan (to collect as much information as possible about as many people as possible and to data mine it looking for "suspicious patterns") lived on at the NSA.
Under the new rules issued in March, the National Counterterrorism Center, known as NCTC, can obtain almost any database the government collects that it says is "reasonably believed" to contain "terrorism information." The list could potentially include almost any government database, from financial forms submitted by people seeking federally backed mortgages to the health records of people who sought treatment at Veterans Administration hospitals.
Previous government proposals to scrutinize massive amounts of data about innocent people have caused an uproar. In 2002, the Pentagon's research arm proposed a program called Total Information Awareness that sought to analyze both public and private databases for terror clues. It would have been far broader than the NCTC's current program, examining many nongovernmental pools of data as well.
"If terrorist organizations are going to plan and execute attacks against the United States, their people must engage in transactions and they will leave signatures," the program's promoter, Admiral John Poindexter, said at the time. "We must be able to pick this signal out of the noise."
Adm. Poindexter's plans drew fire from across the political spectrum over the privacy implications of sorting through every single document available about U.S. citizens. Conservative columnist William Safire called the plan a "supersnoop's dream." Liberal columnist Molly Ivins suggested it could be akin to fascism. Congress eventually defunded the program.
The National Counterterrorism Center's ideas faced no similar public resistance. For one thing, the debate happened behind closed doors. In addition, unlike the Pentagon, the NCTC was created in 2004 specifically to use data to connect the dots in the fight against terrorism.
Part of the public justification for the administration's misguided shift in policy at the NCTC was the failed underwear bomb plot involving Umar Farouk Abdulmutallab on Christmas 2009. A man known to the government as a terrorist threat to United States interests, he was somehow not on any of the government watch-lists that would have raised red flags or barred him from boarding an airplane. The Obama administration said the nearly successful bomb plot necessitated a loosening of the rules at the NCTC, which helps the FBI craft the watch-lists. But Ms. Callahan and her colleague at DHS didn't buy that reasoning.
Ms. Callahan and colleague Margo Schlanger, who headed the 100-person Homeland Security office for civil rights and civil liberties, were concerned about the implications of turning over vast troves of data to the counterterrorism center, these people said.
They and Ms. Libin at the Justice Department argued that the failure to catch Mr. Abdulmutallab wasn't caused by the lack of a suspect—he had already been flagged—but by a failure to investigate him fully. So amassing more data about innocent people wasn't necessarily the right solution.
Instead of making counterterrorism operations more effective, amassing more information about everyone led to to a crippling backlog at the NCTC. But in place of limiting the amount of information the office takes in, it claimed that it needed to store the data longer in order to properly sort through it all. It doesn't take a genius or terrorism "expert" to know why that's foolish policy. Collecting all possible information about everyone just makes the haystack bigger, and therefore makes real threats harder to find.
And even if it was an effective anti-terrorism technique, widespread, warrantless surveillance of every single living human being — suspicious or not — damn sure isn't democratic practice. We are supposed to be innocent until proven guilty in this country, not the other way around.
Unfortunately, the US government appears hell bent on amassing and storing all conceivable information about us, anyway. And it's bigger than just the NCTC. While its analysts sort through our mortgage, flight and tax information looking for reasons to believe we are up to no good, our lawmakers are enabling the continuation of what NSA whistleblower Bill Binney has called a "turnkey totalitarian" state. The Senate is set to reauthorize the warrantless, dragnet surveillance-enabling FISA Amendments Act sometime in the next two weeks. 
Visit the WSJ to see documents from the NCTC FOIA project and to read Angwin's story.

© 2021 ACLU of Massachusetts.