Smeal PhD Renewal Report

Download Report

Transcript Smeal PhD Renewal Report

Information Security Management
The Implicit Need for
Privacy Requirements
or
How Ignoring Privacy
Can Kill Your Program
Quick Time™ an d a TIFF ( Un compr ess ed ) de co mpr es sor are ne ede d to se e this picture .
Background
Quick Time™ an d a TIFF ( Un compr ess ed ) de co mpr es sor are ne ede d to se e this picture .
• DARPA funds “high risk/high reward” research for the
DoD and Intelligence Community (IC)
• Basic and applied research, but always with the DoD/IC
application in mind; may be classified
• Look for 2 order of magnitude improvement in
something
• Examples of major successes:





Arpanet became the prototype for the Internet
The mouse
Aircraft stealth technology
High performance computing (Thinking Machines, TERA)
Decision Support Systems
Total Information Awareness (TIA)
Quick Time™ an d a TIFF ( Un compr ess ed ) de co mpr es sor are ne ede d to se e this picture .
• Goal: tools to generate and “connect the dots”
• A suite of programs including
 Language transcription, translation, interpretation, “metadata”
creation, “gisting”
 Human ID at a distance
 Collaborative analysis tools for teams of diverse experts with
supporting, interactive search and data analysis
 Data mining and link analysis: mining, graphical representation,
relationship extraction, link discovery, pattern learning (GENOA
project)
Data mining and link analysis
Quick Time™ an d a TIFF ( Un compr ess ed ) de co mpr es sor are ne ede d to se e this picture .
‘The project calls for the development of "revolutionary
technology for ultra-large all-source information
repositories,” which would contain information from
multiple sources to create a "virtual, centralized, grand
database." This database would be populated by
transaction data contained in current databases such
as financial records, medical records, communication
records, and travel records as well as new sources of
information. Also fed into the database would be
intelligence data.’
---Electronic Privacy Information Center (www.EPIC.org)
Timeline: Getting Started
Quick Time™ an d a TIFF ( Un compr ess ed ) de co mpr es sor are ne ede d to se e this picture .
• Announced in March 2002 in a “Broad Area
Announcement”
• Several components already under
development in earlier DARPA programs.
• New contracts awarded in Spring 2002.
• Project described to the public at DARPATECH
in summer 2002 by Program Director John
Poindexter.
 “Investigating Privacy Technology”
 No further description of privacy approach in the talk
or on the DARPA web site.
Timeline: The Controversy
Quick Time™ an d a TIFF ( Un compr ess ed ) de co mpr es sor are ne ede d to se e this picture .
• Nov 9, 2002, questions of privacy in TIA are raised in the press:
 “If deployed, civil libertarians argue, the computer system would
rapidly bring a surveillance state. They assert that potential terrorists
would soon learn how to avoid detection in any case.” (NY Times)
• Nov 21, 2002, former Nixon speech writer William Safire writes an
Op-Ed piece about TIA with the title “You Are a Suspect”
• Nov-Dec 2002: more questions raised in congress, the press.
• Defensive comments from DARPA, Rumsfeld, etc., but no
discussion of how to enforce privacy.
• Description of TIA, program managers names/contact information
removed from public DARPA web site
Timeline: Response Spring 2002
Quick Time™ an d a TIFF ( Un compr ess ed ) de co mpr es sor are ne ede d to se e this picture .
• Jan, 2002: DARPA signs contract with PARC (formerly Xerox
PARC) to look into privacy technology.
• US congress votes to limit TIA funding pending a report to
congress on what they are doing and how privacy would be
preserved.
• DARPA changes program name to Terrorist Information
Awareness, and claims they will only use data about non-US
citizens
• Tony Tether, head of DARPA, presents report defending TIA
privacy to congress.
• General Accounting Office report questions privacy in TIA.
• Congress cuts all funding for TIA.
The TIA Privacy Concern
Quick Time™ an d a TIFF ( Un compr ess ed ) de co mpr es sor are ne ede d to se e this picture .
• Virtual database of information from numerous government
(unclassified and classified), corporate, and public databases
• Data objects may contain identifying information about individuals,
organizations, etc. (entities)
• Analysts and “bots” need to search database for “interesting” links
• Many analysts and others in law enforcement need to search
database for information about specific entities
• Entity identity may be protected by complex law and policy rules
until there is a strong indication of improper actions
• Privacy rules may vary based on the source of the data (foreign,
domestic), the entity (US citizen), and the type of data
• Protection is needed against both internal abuses and external
threats
Is TIA dead?
Quick Time™ an d a TIFF ( Un compr ess ed ) de co mpr es sor are ne ede d to se e this picture .
• Some states use MATRIX, a commercial product using
commercially available data
 Many who signed up originally have dropped out due
to privacy concerns, including NY (liberal) and Utah
(very conservative)
• CIA and FBI use NORA (Non Obvious Relationship
Analysis), originally developed for use by Las Vegas
casinos to identify gamblers with potential mob
connections. An “annonymizing” version, ANNA, is
being developed. Issue: what data are they using?
• Much of the data used by TIA is in commercial
databases, available for use for a fee. ChoicePoint
(among others) sells a service to aggregate information
about an individual for a fee.