House committee chair wants info on cancelled DHS data-mining programs
Millions have been spent on work that was eventually abandoned
Computerworld - Bennie Thompson (D-Miss.), chairman of the House Committee on Homeland Security, has asked Department of Homeland Security Secretary Michael Chertoff to provide a detailed listing of all IT programs that have been canceled, discontinued or modified because of privacy concerns.
He also asked for details on the amount of money the DHS spent on each program, the names of contractors who were awarded the projects, and information about the measures being taken to address privacy issues.
Thompson's demand was prompted by the recent cancellation of the agency's Analysis Dissemination Visualization Insight and Semantic Insight (ADVISE) data-mining program, which was shelved because of privacy concerns after $42 million had been poured into it. In a letter to Chertoff yesterday, Thompson expressed concern about the "apparent litany" of DHS programs that have been canceled or otherwise modified after millions of dollars have been spent because of a failure to assess their privacy ramifications early on.
DHS officials could not be reached for comment.
Pointing to the ADVISE program, Thompson noted that the data-mining tool could have helped the DHS and law enforcement agencies sift through large volumes of data to identify terrorists. However, a report by the department's inspector general showed that the DHS's privacy office did not even know that an ADVISE pilot program had been implemented using live data, Thompson noted in his letter.
The same inspector general's report also noted that ADVISE program managers did not even begin the first step in the privacy assessment process until "one to two years after the systems had been deployed," Thompson said. "What is particularly bothersome about the cancellation of ADVISE is that this is not an isolated failure. To the contrary, the department has spent hundreds of millions of taxpayer dollars on projects and programs without first thoroughly evaluating the legal basis for the program and determining whether the operation of the program will violate the privacy rights of Americans."
Over the last three years, four such programs were canceled after millions of dollars were spent on them, he said. If the programs were still operational, they would have violated the privacy rights of millions of Americans he said.
The programs listed in Thompson's letter included the following:
- The $100 million Computer Assisted Passenger Prescreening System II program. CAPPS II was designed to use commercial databases and intelligence data to identify potential terrorists before they boarded commercial aircraft. It was shut down in August 2004 because of privacy concerns.
- The Multi-State Anti-Terrorism Information Exchange (or Matrix) pilot project, which was shut down in April 2005 after $8 million had been sunk into it. Matrix did not garner the public support it needed because of its lack of privacy safeguards.
- The Transportation Security Administration's Secure Flight effort, which was suspended in February 2006 after the Government Accountability Office discovered 144 known security vulnerabilities in the program. At the time it was suspended, the DHS had already spent about $140 million, and at least another $80 million was needed for proposed privacy and security improvements.
Read more about Business Intelligence/Analytics in Computerworld's Business Intelligence/Analytics Topic Center.
- Gartner Magic Quadrant for Client Management Tools The client management tool market is maturing and evolving to adapt to consumerization, desktop virtualization, and an ongoing need to improve efficiency.
- Audit Ready and Asset Optimized: The Solid Promise of an Intelligent Software Asset Management Solution In this paper Frost & Sullivan examines the benefits of enterprise-grade Software Asset Management solutions, and how these solutions serve as the convergence...
- Pragmatic Endpoint Management: Empowering an SMB Workforce in the Age of Mobility Lacking the time for proper training and education, SMB administrators often resort to taking shortcuts to keep their environment running.This paper discusses the...
- Gartner Magic Quadrant for Application Security The market for application security testing is changing rapidly. Technology trends, such as mobile applications, advanced Web applications and dynamic languages, are forcing...
- Data Protection and Disaster Recovery with iSCSI and VMware Get this on demand webcast now
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users? All Privacy White Papers | Webcasts