Wyden presses TIA probe

Wyden's letter to DARPA

Sen. Ron Wyden (D-Ore.) this week said he is still not satisfied that the Defense Advanced Research Projects Agency has accounted for all the privacy and civil liberties issues associated with its proposed Terrorism Information Awareness program.

Earlier this year, Wyden's legislation requiring a comprehensive report on TIA was passed. Today he sent a letter to DARPA Director Anthony Tether stating that the report the agency filed last month to address privacy issues still raises questions about proposed uses of TIA.

The system, originally called Total Information Awareness, would access databases run by airlines, financial and educational institutions, and other groups, in an effort to find patterns that might indicate terrorist activity.

"Your report states that 'the TIA program is not attempting to create or access a centralized database that will store information gathered from various publicly or privately held databases,'" Wyden wrote in his letter. "Nonetheless, it is clear that the TIA program will access any number of such databases and then sort through the information. Accordingly, I remain very deeply concerned that TIA technology will be used to plow through large amounts of private information on individual Americans in search of hypothetical threat situations."

Last week, the Technology and Privacy Advisory Committee (TAPAC), an external oversight board established by the Defense Department in February, held its first public meeting. Michael Wynne, the acting undersecretary for acquisition, logistics and technology, spoke, as did numerous other TIA advocates and critics.

TAPAC was established to ensure that TIA moves forward with proper regard for constitutional rights and statutory laws, as well as in accordance to existing privacy protection laws and policies. An internal DOD committee has the same mission. Wynne said the agency's report to Congress last month was a definite step in the right direction, but more work is needed.

Wyden's letter lists more than 10 points, each with further questions that stem from DARPA's report. Among them:

* Specifically what types of data does the agency intend to obtain for research and testing TIA? How will it be obtained and protected? Will Congress be notified of those intentions?

* Will U.S. citizens be included among the more than 1 million people in the next-generation facial-recognition database? Will that inclusion be voluntary or involuntary? What other nationalities will be included?

* What is the current process to ensure that DARPA and DOD address the committee's concerns?

* How often will the internal department oversight board meet? Will it issue public reports? Will its recommendations be given the same weight as TAPAC?