22 May 2003


Wall Street Journal, 22 May 2003

WAR ON TERROR

Use of Data Collection Systems
Is Up Sharply Following 9/11

By ANN DAVIS

Staff Reporter of The Wall Street Journal

In the 20 months since Sept. 11, 2001, little-known government and commercial databases that track the movements and backgrounds of everyday Americans have steadily ballooned.

Developed as counterterrorism tools, the systems are aimed at bridging gaps in information that let the 9/11 hijackers slip past law enforcement. But they also make it easier for the government to gather information about American citizens who aren't suspected of anything criminal.

Public attention has focused almost entirely on two "data-mining" projects that have drawn objections from privacy advocates: a new airline-passenger profiling system known as Capps, intended to block suspected terrorists from flying, and the Pentagon's Total Information Awareness program, aimed at detecting patterns of terrorist activity. Concerns about Total Information Awareness flared again this week, when the Pentagon said it had renamed the initiative Terrorist Information Awareness but still outlined plans to use vast amounts of government and commercial data on U.S. citizens to sniff out suspicious activity.

While debates rage about these two programs, though, myriad other government agencies and private companies are building similar kinds of massive, easily searched databases on a broad range of people, all in the name of the war on terror. The emerging systems link databases that didn't communicate previously, mixing public records, such as indictments and prosecutions, with intelligence based largely on investigators' hunches.

The idea is to use sophisticated software to "see things that a human being can't possibly see," says Steve McCraw, the Federal Bureau of Investigation's assistant director in the agency's office of intelligence. "We collect such voluminous amounts of data that we need to be able to find previously unknown links, relationships and associations hidden within our own data."

But critics say the more information of varying credibility is amassed in one place, the greater the risk of overloading investigators with irrelevant leads that cast needless suspicion on innocent people. "What we're talking about here is unverified information and not necessarily very accurate information," says James Dempsey, executive director of the Center for Democracy and Technology, an online policy group in Washington.

Some examples of what's in the works:

 The FBI is working with outside contractors to build an unprecedented "data mart." By importing data from other federal agencies and linking to local police intelligence databases, the Terrorism and Intelligence Data Information Sharing Data Mart will get instant access to a broad range of people. "Text-mining" software will then scan for common elements in more than a billion documents from FBI field offices across the country.
 
 An FBI database called the Violent Gang and Terrorist Organization File is expanding rapidly. When it was launched in 1995, VGTOF was mainly used to track violent urban street gangs. Early last year, its purpose was quietly expanded to include all subjects of FBI domestic or international terrorist investigations. A February 2002 memo citing the 2002 Winter Olympics shows how the FBI's definition of potential terrorists has broadened: It encompasses such categories as "anarchists," "militia," "white supremacist," "black extremist," "animal rights extremist," "environmental extremist," "radical Islamic extremist" and "European origin extremist."

Because police even check VGTOF at traffic stops -- and it includes suspects with no criminal record -- inclusion in the database is supposed to be limited to people who pose a significant threat, says Roy Weise, senior adviser to the FBI's Criminal Justice Information Services Division. But the terrorism listings now include more than 7,000 names, alongside the tens of thousands of gang members.

 Police intelligence files are being shared more widely. In a pilot project, several police agencies in the St. Louis region are combining their files with the FBI's into a single database. And a police intelligence network called Rissnet has emerged as a national bulletin board for police to post information about people suspected, but not necessarily convicted, of criminal activity. Since October, the Justice Department has been connecting Rissnet to other networks so that information on people of interest to local law enforcement -- including protest groups suspected of crimes, motorcycle gangs and members of organized crime -- can be cross-checked by federal investigators.

The degree to which there are mistakes in such systems isn't known. The public can't browse most of these databases. Challenging one's inclusion is hard, because most agencies won't confirm that individuals are on a watch list. And privacy laws contain many exemptions for national security.

Examples of how local police records can live on in federal databases are surfacing in Denver, where the police department recently released documents in response to a lawsuit by the American Civil Liberties Union. They show the police intelligence unit had secretly built a computer database full of personal details about people active in political groups. Included were a Quaker peace-advocacy group called the American Friends Service Committee and right-wing causes such as the pro-gun lobby.

The Denver department is purging people not suspected of a crime from the records. But last summer, when a man listed in the Denver files as a gun-rights group member got into a fender bender, a police officer checking VGTOF found him described as "a member of a terrorist organization" and part of a "militia." According to a Denver police memo, the officer reported the stop to the FBI as a "terrorist contact." The Denver police and the FBI decline to comment on how the man ended up in VGTOF.

Despite the reach of such databases, there are still obstacles to making them as powerful as the government wishes -- or as opponents fear. A General Accounting Office report last month cited incompatible computer languages and operating systems as a hurdle to merging dozens of watch lists kept by various agencies.

Still, there's no question that data banks and the potential for linkages are growing. The Department of Homeland Security is collecting passenger manifests from airlines and cruise lines for every international trip to and from the U.S. It puts information about U.S. citizens traveling abroad into easily searchable form for the first time.

Commercial databases are also compiling data from as many sources as they can find. Regulatory DataCorp International was set up by a consortium of banks to comply with Patriot Act requirements forbidding transactions with terrorists. It has gathered lists of arms dealers, people mentioned in the media as being under investigation or indictment, people sanctioned by regulators, and foreign rulers and their aides, friends and families. "We have a database of 1.5 million names and growing," says CEO Bill Catucci.

Write to Ann Davis at ann.davis@wsj.com

Updated May 22, 2003