My co-worker Lee Tien has written a devastating analysis of the report on Total Information Awareness that was just presented to Congress.
Accountability in the use of TIA
Privacy Act concepts like the right to a copy of one's records, the right to dispute or correct information believed to be inaccurate, the right to know how one's personal information is used and who has access to it, and the right to know what institutions and record systems contain personal information all revolve around accountability. But the Report doesn't discuss these issues — even though TIA is already being tested on real data about real people. For the ordinary person, TIA is a giant suspicion-generating machine. TIA's most obvious purpose is to identify suspected terrorists (although, given the recent allegations about the use of the Homeland Security Department to track Democratic legislators in Texas, one should be concerned that TIA will be used for other purposes). How do you clear your name if a TIA analyst, aided by an "intelligent agent," mistakenly decides that you're suspicious? Will you even know? Amazingly, while EFF worries about the accuracy and quality of the data that TIA would use, the Report blithely dismisses the issue: "TIA does not, in and of itself, raise any particular concerns about the accuracy of individually identifiable information." R-32. The Report's logic is that TIA is "simply a tool for more efficiently inquiring about data in the hands of others," and this concern about data quality "would exist regardless of the method employed." R-32-33. It's remarkable that the government can so easily ignore the harm that suspicion based on bad data might cause to people, given the problems we already see with "no-fly" and other watchlists.
