There is strong desire to have one large master federal watchlist, and a new center, the Terrorist Screening Center, will house the master database [Federal Computer Week, 2003]. The center results from Homeland Security Presidential Directive-6 signed by President Bush in September 2003 [Computerworld, 2003].
The number of suspicious characters to be included on the watchlist is estimated at 13 million [New York Daily News, 2003]. The list contains "potential terrorists" making its size of concern to civil libertarians who argue that innocent people may appear on the list and be subject to constant tracking without their knowledge or any legal review.
Another difficulty is identity theft. Actual terorrists that are apt to be on the watchlist are apt to steal identities and to create fraudulent travel documents in order not to be detected, so the utility of the watchlist (based on explicit identification) appears somewhat limited.
Proposal #1. Here is the simplest solution. Ship all the data to a central government repository where it will be mined to match identifying information from the watchlist. What are some benefits of this approach? What are some concerns?
Proposal #2. Recently, the CIA has purchased a solution developed by Jeff Jonas
for approximately $35million [Wall Street Journal, 2004, Newsweek, 2004].
Below is a summary of the Newsweek story:
With funding from the CIA, Systems Research and Development founder Jeff Jonas is developing a data-mining system for weeding out terrorists and other criminals without compromising people's personal privacy. The CIA first became interested in the anti-terrorist potential of Jonas' work when he developed Non-Obvious Relationship Awareness (NORA), a software system that can quickly sift through a massive amount of data to infer whether people are connected to shady characters; NORA was created as a tool Las Vegas casinos could use to protect themselves from mobsters or scam artists. Whereas other systems attempt to deduce the behavior of hypothetical terrorists and root them out from population behavior studies, NORA uses real-world suspects and the people they are connected to. A follow-up system to NORA Jonas developed after 9/11 is ANNA, a still untested scheme to cross-index terrorist watch lists while protecting privacy by "anonymizing" data via an encryption method known as hashing. This approach allows private records to be shared with the government and secret watch lists disseminated to private entities. Encrypted records can be matched, after which judicially-approved authorities can request database owners to supply the suspects' identities. Marc Rotenberg of the Electronic Privacy Information Center skeptically observes, "A switch to anonymize can be set to de-anonymize." However, others say ANNA could help bridge the privacy versus security divide, while audit trials as well as existing law should help check potential abuse of ANNA. Jonas himself admits that data-mining alone cannot ensure total safety: "The real problem is hundreds of thousands of people who are brought up to hate us," he concludes.
Jonas' system works as follows:
[source]
A working example of the basic principle of the systsm is available in a
dynamic spreadsheet
and a
static spreadsheet.
Load these up and see how they work. There is a sample of 500 names drawn from the Cambridge Voter list. Each has a unique hashed ID number. Five percent of the sample, selected randomly, is identified as being on the watchlist. There are 12 locations reporting patrons by hashed id number; the patrons appearing at each location is determined randomly based on a probability of being selected (reported at the top of the column). For example, a location that includes 80% of the population, provides an 80% chance that any particular person will visit in this model. By clicking the delete key in cell A1 (the upper left corner), a time period lapses in which different customers are selected for each location. The static spreadsheet has a frozen instance.
What are some benefits of this approach? What are some concerns?
In the assignment associated with this lab, you will do an assessment of Jonas' system -- i.e., you will identify ways his system may not provide the anonymity claimed.
What is not well described in the articles or in subsequent materials is the exact location of the hashing and access to the hashed values. Below are four scenarios for you to assess. In each scenario, consider the protections afforded (or not) all involved entities.
Model 1: Ship the Explicitly Identified Data to the Government for Analysis
In the model shown above, explicitly identified data is shipped directly to the government for processing. The hashing is done internally and compared to hashed values of the watchlist.
In this scenario, what are the privacy concerns? risks to individuals not on the watch list? risks to the data holders? What are the legal issues? Is there any protection against using the data for other purposes?
What additional information about those not on the watchlist can be gained by the government?
Recall our older measure of risk -- the product of the number of people identified by the data and the amount of information provided. How significant is the risk in this scenario? Who is at risk?
Are there any technical remedies that could be applied to this model? Are there any legal remedies that could assist?
Model 2a: Data holders compute matches locally
In this model, the hashed function and the hashed values of the watchlist (w) are provided to data holders, who in turn compute the hashed values for their customers and report any matches to the government (m).
In this scenario, what are the privacy concerns? risks to individuals not on the watch list? risks to the data holders? What are the legal issues?
What are problems the government may face by relying on the data holders? What are risks associated with providing the hash function and the hashed watchlist to the data holders?
Recall our older measure of risk -- the product of the number of people identified by the data and the amount of information provided. How does risk in this model compare with that in model 1?
Are there any technical remedies that could be applied to this model? Are there any legal remedies that could assist?
Model 2b: Data holders compute matches locally using a secure "appliance"
In this model, the hashed function and the hashed values of the watchlist (w) are provided to data holders, who in turn compute the hashed values for their customers and report any matches to the government (m), as was done in Model 2a above. But in this case, the computation and contents of the watchlist are done by an "appliance," which is a secure, stand-alone, tamper-resistant device with network access having no visible outside controls no connections other than a power cable and a network connection jack.
Consider the questions above related to Model 2a. What changes, if anything, by having the computation performed by a secure appliance?
Model 3: Use of a Trusted Third Party
In this model, a the concept of a "trusted" third party is added. This third party may be Jonas' company or a government entity. The explicitly identified information is provided from the data holders to the third party. The explicitly identified watchlist is provided to the third party. The hashing and comparison is done by the third party and any matches are reported to government agencies.
In the news accounts of the system, a search warrant is needed by the government agency to get the identity of the matched person, but is that really needed? Is that actually enforced by the system?
In this scenario, what are the privacy concerns? risks to individuals not on the watch list? risks to the data holders? What are the legal issues? Is there any protection against using the data for other purposes?
What additional information about those not on the watchlist can be gained by the government?
Recall our older measure of risk -- the product of the number of people identified by the data and the amount of information provided. How significant is the risk in this scenario? Who is at risk?
Are there any technical remedies that could be applied to this model? Are there any legal remedies that could assist?
