DOD rapped on Web tracking

If the Defense Department continues buying information on school kids' Internet-surfing habits, it may set a dangerous precedent for industry and government, privacy advocates say.

The Pentagon's Defense Manpower Data Center awarded a nine-month, nearly $15,000 contract in January to Roper Starch Worldwide, a New York marketing firm partnered with N2H2 Inc., whose Internet- filtering software is installed on school computers across the country. N2H2 markets its software to schools, parents and employers who want to filter Internet content of a dubious nature and to protect user privacy.

More than 13 million students in North America viewed more than 4 billion Internet pages delivered by the N2H2 software last year alone, according to the company's Web site.

The two companies will provide DOD with "Class Clicks" reports, which include data about how many times 23 specific military Web sites are viewed by students at the schools using N2H2's software. The Web sites include the main sites for each military service, the National Guard, the Army Reserve and the Coast Guard. The information will be used to see how effectively the military is reaching kids.

The information "is not even used for recruiting purposes. It's more along the lines of how many people are coming in and visiting our sites," said Maj. Tim Blair, a Pentagon spokesman.

The irony, according to critics, is that schools and libraries buy filtering software in part because the Children's Internet Protection Act requires that they do so in order to obtain federal funding. The law was intended to protect children's privacy, but some critics contend it is having the opposite effect.

"We argued that [the information] was going to be used in exactly this way when [the children's act] was before Congress, but it didn't get the attention it deserved," said Ari Schwartz, policy analyst at the Center for Democracy and Technology in Washington, D.C.

Allen Goldblatt, director of corporate communications for N2H2, denied the school is violating privacy rights because the data being provided does not identify individual kids or even "whether they're girls or boys." Identifying individuals in case of any incident requiring investigation would require the full cooperation of the school, Goldblatt said.

That distinction does not console the critics. "They say this is done in an anonymous way. We disagree," Schwartz said. "They have the Web logs, and it can be tracked back to an individual if need be, especially when sold to an agency with national security and law enforcement concerns."

For example, he said, if a student were to illegally hack into a military network using a school computer, the Pentagon might compel the school and the companies to identify the student involved. "There are better ways to find hackers than by using software that is supposed to protect privacy."

Schwartz added that other government agencies — especially law enforcement or national security agencies — could follow DOD's lead. "And that's unfortunate. Let's make that clear," he said.

Commercial Alert, an organization that aims to protect children from marketing and advertising, protested the business transactions in a Jan. 29 letter to Defense Secretary Donald Rumsfeld, referring to N2H2 as a "corporate predator that snoops on schoolchildren for monetary gain." It asked the Pentagon to cut all business ties with N2H2.

"It is not the role of schools to have market research extracted from them. This is the use of schools to extract information from students for marketing purposes," said Gary Ruskin, spokesman for Commercial Alert. "It's a misuse of state power."

Goldblatt insists that the software is not intended to be intrusive. "We are not spying on school kids. We have always been about protecting school kids. That's what we do, and we would not compromise that."