Author: Popp, R. & Poindexter, J.
Security and privacy aren’t dichotomous or conflicting concerns—the solution lies in developing and integrating advanced information technologies for counterterrorism along with privacy-protection technologies to safeguard civil liberties. Coordinated policies can help bind the two to their intended use.
The terrorist attacks of September 11, 2001 transformed America like no other event since Pearl Harbor. The resulting battle against ter- rorism has become a national focus, and “con- necting the dots” has become the watchword for using information and intelligence to protect the US from future attacks. Advanced and emerging information technologies offer key assets in confronting a secretive, asymmetric, and networked enemy. Yet, in a free and open society, policies must ensure that these powerful technologies are used responsibly and that privacy and civil liberties re- main protected. In short, Americans want the govern- ment to protect them from terrorist attacks, but fear the privacy implications of the government’s use of powerful technology inadequately controlled by regulation and oversight. Some people believe the dual objectives of greater security and greater privacy present competing needs and require a trade-off; others disagree. This article describes a vision for countering terror- ism through information and privacy-protection tech- nologies. This vision was initially imagined as part of a research and development (R&D) agenda sponsored by DARPA in 2002 in the form of the Information Aware- ness Office (IAO) and the Total Information Awareness (TIA) program. It includes a critical focus and commit- ment to delicately balancing national security objectives with privacy and civil liberties. We strongly believe that the two don’t conflict and that the ultimate solution lies in utilizing information technologies for counterterror- ism along with privacy-protection technologies to safe- guard civil liberties, and twining them together with coordinated policies that bind them to their intended use.
Information and privacy-protection technologies are powerful tools for counterterrorism, but it’s a mistake to view technology as the complete solution to the prob- lem. Rather, the solution is a product of the whole system—the people, culture, policy, process, and tech- nology. Technological tools can help analysts do their jobs better, automate some functions that analysts would otherwise have to perform manually, and even do some early sorting of masses of data. But in the complex world of counterterrorism, the technologies alone aren’t likely to be the only source for a conclusion or decision. Ultimately, the goal should be to understand the level of improvement possible in our counterterrorism opera- tions using advanced tools such as those described here but also to consider their impact—if any—on privacy. If research shows that a significant improvement to detect and preempt terrorism is possible while still protecting the privacy of nonterrorists, then it’s up to the govern- ment and the public to decide whether to change exist- ing laws and policies. However, research is critical to prove the value (and limits) of this work, so it’s unrealistic to draw conclusions about its outcomes prior to R&D completion. As has been reported,6 research and devel- opment continues on information technologies to im- prove national security; encouragingly, the Office of the Director of National Intelligence (ODNI) is embarking on an R&D program to address many of the concerns raised about potential privacy infringements.
Popp, R. and J. Poindexter, “Countering Terrorism through Information and Privacy Protection Technologies,” IEEE Security and Privacy, IEEE Computer Society, vol. 4, no. 6, pp. 18-27, Nov/Dec, 2006.