Business Intelligence, Secret Surveillance and Privacy Where was the Privacy and Civil Liberties Oversight Board?
Originally published July 18, 2013
The last few weeks have been abuzz with the news of the secret NSA programs for obtaining business intelligence about possible terrorist activities by mining emails, social media and telephone communications. Yet the discussion did not focus on the technology aspects of how to capture and store the exabytes of data, or approaches to extract intelligence from the metadata or the semantic analysis techniques applied to big data. No, the debate was more on leakers and whistleblowers and their motivations, Congressional oversight or lack thereof, extradition treaties and their irrelevance, concerns over privacy and the need to protect it, and the mandatory debate over the need to balance civil liberties and national security.
“The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.”In the last half century there have been many statutes with a bearing on privacy. Most of these embrace privacy protection and others condition it when necessary for the greater good. They include: the Freedom of Information Act (1966), the Foreign Intelligence Surveillance Act (1974), the Privacy Act (1978), the PATRIOT Act (2001), the Intelligence Reform and Terrorism Prevention Act (2004), and the Implementing Recommendations of the 9/11 Commission Act (2007), among others.
The Privacy Act (1978) in particular addressed the following four principles:
The PCLOB is intended to advise the president on how to protect privacy and civil liberties in the implementation of all public policy related to counterterrorism, as well as to review the terrorism information sharing practices of executive branch departments and agencies. All members are duly cleared at a high enough level of security so the discussions can take place with full and open disclosure. This was the body where the ins and outs of the surveillance programs currently under question should have been discussed and debated, the privacy implications assessed and recommendations delivered to the White House.
It was also important for the PCLOB to address the technology behind these and other surveillance programs. In addition to the legal, public policy, philosophical, sociological and ethical foundations, the Board members (or subject-matter experts made available to them) should have direct knowledge about privacy preserving tools and techniques, the use of encryption, approaches to de-identification and re-identification of data, the use of trusted systems, anonymization methodologies, social networks, semantic analysis and other similar disciplines.
But all this is theory. Now let’s talk about practice and how Washington really works. It took until June 21, 2013 for the PCLOB to hold its first meeting ever with a full Board. Almost a decade after it was recommended by the 9/11 Commission and created by law, this organization had not yet started to operate or serve its public purpose. Given the concerns over NSA's surveillance programs, it met again on June 22nd and heard from the president himself that he wanted it to look into these programs.
As mentioned, the PCLOB was basically inactive right after its creation in 2004. The principal issue behind its ineffectual launch was that it was initially created as part of the executive branch. A Congressional Research Service report dubbed it a “presidential appendage, devoid of the capability to exercise independent judgment and assessment or to provide impartial findings and recommendations,” and said it had little power to force other agencies to present any documents it might require for its investigations. Congress objected to this and wanted the Board to be more independent and to have more teeth. As a result, it was reconstituted in 2007 as part of the Implementing Recommendations of the 9/11 Commission Act (IR9/11CA).
As Bush departed and Obama came in, nothing much seemed to change. The press, of course, has been asking questions all along. A spate of articles a few years ago slammed the Administration hard.
“Civil Liberties Board Goes Vacant Under Obama,” Newsweek, 3/2/10
The PCLOB only became fully functional in May of this year, shortly before the NSA programs were revealed to the public by Edward Snowden’s leak to the press.
The PCLOB is made up of five members, and it is currently chaired by David Medine, a partner at the WilmerHale law firm and former executive at the Federal Trade Commission. It has just very recently been finally staffed with a full and cleared contingent on its board.
So business as usual in Washington. The PCLOB, almost ten years after its creation, will spring finally into action. On June 22, 2013, the Washington Post ran this story, “Privacy board, Obama talk about surveillance,” by Juliet Eilperin. It opens: “President Obama held his first ever meeting Friday with the Privacy and Civil Liberties Oversight Board – the group charged with ensuring that the executive branch balances privacy and civil liberties needs with its national security efforts.” Further into the text it quotes a Georgetown Law School professor saying, “It’s high time this board was activated.”
Yes, this is the way Washington works. It has little to do with who is president or which party is in power since, as we noted, the PCLOB saga has spanned both Republican and Democratic administrations. The modus operandi inside the beltway says: When all hell breaks loose, pass the buck, cover your ass and, if you can, play "government ex-post-facto."
Lessons learned for us business intelligence practitioners to keep in mind: Technical design elegance and technological excellence in implementation are necessary but not sufficient requirements when attempting to provide solutions to important issues in the public policy domain.
Recent articles by Dr. Ramon Barquin
Copyright 2004 — 2020. Powell Media, LLC. All rights reserved.
BeyeNETWORK™ is a trademark of Powell Media, LLC