Hannah Ma Megan Harney Kristen Lovin Jana Lepon Policy of the Department of Homeland Security on Data Aggregation Current Policy The attacks on September 11 2001 turned our country s concept of security upside down On this day our country realized that we are not completely safe nor are we exempt from terrorist attention However the attacks could have been prevented and hundreds of lives saved had our nation s intelligence and police agencies been working together more efficiently Shortly after 9 11 the President formed the Department of Homeland Security the Department in order to streamline the intelligence collection and dissemination process The government has always collected information on suspected individuals and has detected terrorist plots in time to prevent attacks on numerous occasions However in this time of heightened threat its previous methods will not suffice As illustrated on 9 11 when various agencies each held different pieces of intelligence on the hijackers individually gathered information is nearly useless without consolidation It is therefore imperative that national intelligence agencies ie CIA FBI NSA and state and regional law enforcement pool their intelligence information must be shared in order to prevent future terrorist attacks Five years ago this concept of information sharing was one of the foundations of the Department s Strategy for Homeland Security Its aim was to build a system of systems that would bring complete and common awareness of threats to all levels of government private industry and citizens while still protecting sensitive and classified information 1 p 56 To this end it laid out five principles to guide the development of information systems 1 It will balance our homeland security requirements with citizens privacy 2 The homeland security community will view the federal state and local governments as one entity not from the point of view of any agency or level of government 3 Information will be captured once at the source and used many times to support multiple requirements 4 It will create databases of record which will be trusted sources of information 5 The homeland security information architecture will be a dynamic tool recognizing that the use of information technology to combat terrorism will continually evolve to stay ahead of the ability of terrorists to exploit its systems Justification for the Current Policy 1 The National Strategy for Homeland Security Office of Homeland Security Office of Homeland Security July 2002 Available http www whitehouse gov homeland book 1 The current policy provides for the efficient use of collected information The Department for Homeland Security has directed much of its focus on the aggregation of data from disparate government agencies This aggregation has not been toward a centralized database of citizen records but toward the facilitation of easy data sharing The initial diverse information systems of these agencies made the efficient exchange of information difficult if not nearly impossible This has severe implications for homeland security efforts For instance a suspect on a US State Department most wanted list may be watched by the CIA but the US Border Patrol may not be aware of him The state police mostly likely would not be The focus of the Department is to increase the awareness and knowledge of these agencies across levels and geographic regions One way it has pursued information access is through the Homeland Security Information Network The HSIN provides not only secure communication channels but also allows agencies bundled into portals by area law enforcement State etc to upload documents and information Each agency can communicate within its own portal and with the counter terrorism portal which is connected to each This is one example of the central data access model of data aggregation The Department also argues that it may need to partner with business groups to develop a deeper profile of potential terror suspects The combination of governmental information and records with private information can shed light on the activities and associates of terror suspects without direct surveillance Naturally the access of commercial data requires a good deal of oversight and the Department believes that it has created strong frameworks for assessing appropriate access These frameworks will be discussed below 2 The current policy includes safeguards sufficient for protecting individual privacy Although the Department s ability to collect and aggregate information is extremely important for the aforementioned reasons it is also important that the Department not invade citizens privacy unnecessarily or allow false positives to result in the persecution of innocent individuals To this end the Department has several frameworks that should dictate how and when data is collected and aggregated First the Department requires that Privacy Impact Assessments PIA and Memoranda of Understanding be created whenever a new data mining project is undertaken These are fairly traditional security measures but because PIAs are made available to Congress and to the general public they allow for oversight of the Department s activities That said the PIAs and Memoranda created within the Department may not be unbiased and further security and privacy protections are necessary In a recent report by the Department to Congress2 the Department recognized the need to ask and answer the following questions prior to starting any new data mining project 2 Data Mining Report Department of Homeland Security Privacy Office July 6 2006 Available http www Department gov xlibrary assets privacy privacy data 20mining 20report pdf What is the purpose of the project Why is data being collected Does the agency collecting the data have the authority to do so The Department suggests that their own Privacy and Integrity Board be charged with asking and answering these questions While the Department is correct in recognizing the need for oversight of this kind the suggestion that this review be carried out by an internal board is not the best way to maintain reliable or transparent review While the Board consists of a number of individuals appointed from outside the Department transparency might be improved if the Board itself remained beyond Departmental influence These recommendations also make no mention of the types of answers that should cause the intended project to be disbanded In fact there is no suggestion