Sunday musings: Privacy is becoming an issue, big brother and big marketer are watching


This satirical video, created by The Onion more than a year-and-a-half ago, is too close to the truth. What is even more worrying is that the public hasn’t demanded more controls on personal information collected and shared by websites.

The issue of privacy and data protection is going to be taking center stage in the coming years focused on travel. Airlines, hotels and rental car companies are collecting more and more information about travelers without protections of personally identifiable information (PII). So far, this has been ignored by the media.

However, the public is waking up to the extent of information that is now at the government’s fingertips through requests of email providers and social media sites (note the uncovering of General Patreus’ affair), rules regarding protection of credit card information, and the proliferation of cameras, license plate trackers and facial recognition technology.

In the name of terrorism prevention, both the FBI and DHS have revealed programs where phones are being tapped, tweets are being scanned, Facebook traffic is being tracked and gmail perused by computers. Where once privacy was a major consideration, all pretenses of privacy have been abandoned and this data is approved for retention for 99 years.

The rules now allow the little-known National Counterterrorism Center to examine the government files of U.S. citizens for possible criminal behavior, even if there is no reason to suspect them. That is a departure from past practice, which barred the agency from storing information about ordinary Americans unless a person was a terror suspect or related to an investigation.

Now, NCTC can copy entire government databases — flight records, casino-employee lists, the names of Americans hosting foreign-exchange students and many others. The agency has new authority to keep data about innocent U.S. citizens for up to five years, and to analyze it for suspicious patterns of behavior. Previously, both were prohibited. Data about Americans “reasonably believed to constitute terrorism information” may be permanently retained.

Where once the government had to surreptitiously and, often illegally, spy on citizens, the public is volunteering the information to websites that are creating massive databases.

The government has easy access to our tax information, stock trades, phone bills, medical records and credit-card spending, and it is just getting started. In Bluffdale, Utah, according to Wired magazine, the National Security Agency is building a $2 billion, one-million-square-foot facility with the capacity to consume $40 million of electricity a year, rivaling Google’s biggest data centers.

Google gets over 15,000 criminal investigation requests from the U.S. government each year, and the company says it complies 90 percent of the time. The Senate last week had a chance to block the feds from being able to read any domestic emails without a warrant— which would put some restraint on gSpy — but lawmakers passed it up.

Colleagues have exclaimed that this kind of action must be illegal. The government is not allowed to amass this kind of data. But, they are simply naive.

The Fourth Amendment of the Constitution says that searches of “persons, houses, papers and effects” shouldn’t be conducted without “probable cause” that a crime has been committed. But that doesn’t cover records the government creates in the normal course of business with citizens.

Congress specifically sought to prevent government agents from rifling through government files indiscriminately when it passed the Federal Privacy Act in 1974. The act prohibits government agencies from sharing data with each other for purposes that aren’t “compatible” with the reason the data were originally collected.

But the Federal Privacy Act allows agencies to exempt themselves from many requirements by placing notices in the Federal Register, the government’s daily publication of proposed rules. In practice, these privacy-act notices are rarely contested by government watchdogs or members of the public. “All you have to do is publish a notice in the Federal Register and you can do whatever you want,” says Robert Gellman, a privacy consultant who advises agencies on how to comply with the Privacy Act.

When we had a Republican president in power back in 2002, this exact type of data mining faced loud protests. Total Information Awareness that sought to analyze both public and private databases for terror clues was excoriated by the press, progressives and pundits.

Where are they now? The government is assembling an even more expansive data mining program designed to connect the dots and even more personal information is being aggregated by websites in the name of advertising efficiency and available for government subpoena.

We don’t know how this battle between personal information and the government’s need-to-know will play out, but it is certainly one of the most important issues facing our country and the world.