The 'Multistate Anti-Terrorism Information Exchange' program threatens privacy
On October 30, 2003, the American Civil Liberties Union (ACLU) filed simultaneous requests in Connecticut, Michigan, New York, Ohio and Pennsylvania for information about those states' participation in the "Matrix" program. (The program's formal name is the "Multistate Anti-Terrorism Information Exchange.") In addition to those five states, four others -- Alabama, Florida, Georgia, and Utah --are participating.
The ACLU's requests seek to find out what information sources the Matrix uses, who has access to the database and how it's being used. They were made pursuant to each states' Freedom of Information Act (FOIA). In October, the ACLU had sought similar information under the federal version of FOIA and in Florida, where the program originated.
What is the Matrix, and why is the ACLU so concerned? Those are the two questions I will address in this column. I will also argue that readers should be concerned, too.
The Total Information Awareness program
Last September, Congress voted to close down the Pentagon's Total Information Awareness (TIA) program. As I discussed in an earlier column, TIA would have allowed the federal government to search and combine the vast amount of data that exists in government and commercial (for profit) databases to create individual profiles of each of us.
TIA was premised on a belief that compiling as much information as possible about as many people as possible in a large-scale database would help thwart terrorist activity. The idea -- called "data mining" -- was that government officials would search the database for information, or patterns of information, that might identify terrorists.
Congress should be applauded for shutting TIA down. First, Congress banned the use of TIA against American citizens, in light of privacy concerns, as well as concerns about the potential for erroneous identifications of innocent persons as terrorists. The program was then renamed Terrorist Information Awareness. Then, Congress shut down that program as well.
Unfortunately, however, the same data mining ideas that inspired TIA have appeared again-- this time, in the guise of the Matrix.
What the Matrix is, and how it works
The Matrix is run by a private corporation -- Seisint Inc. of Boca Raton, Florida, -- on behalf of a cooperative group of state governments. However, it is, at least in part, federally funded -- and may, in future, allow federal access.
The program has received $4 million from the Justice Department. It has been promised a further $8 million from the Department of Homeland Security. In addition, news reports indicate that Matrix officials have said they are considering giving access to the CIA.
What does the Matrix do? According to Congressional testimony and news reports, it appears to do just what TIA would have done, if enacted: Tie together government and commercial databases to allow federal and state law enforcement entities to conduct detailed searches on particular individuals' dossiers.
The Matrix Web site states that the data compiled will include criminal histories, driver's license data, vehicle registration records, and significant amounts of public data record entries. Company officials have refused to disclose more specific details about the nature and sources of the data. According to news reports, the data may also include credit histories, driver's license photographs, marriage and divorce records, Social Security numbers, dates of birth, and the names and addresses of family members, neighbors and business associates.
Moreover, there is no guarantee that the type of data that the Matrix compiles will not be further expanded. And information in today's commercial databases encompasses purchasing habits, magazine subscriptions, income and job histories, and much more. Soon, we may be profiled based on what we read and buy, and how we live.
In Congressional testimony, a Florida lawmaker, Paula B. Dockery, described how the Matrix works: It combines government records with information from "public search businesses" into a "data-warehouse." There, dossiers are reviewed by "specialized software" to identify "anomalies" using "mathematical analysis." If "anomalies" are spotted, they will then be scrutinized by personnel who will search for evidence of terrorism or other crimes.
As with TIA, the idea is plainly that of data mining -- the concept that searches for patterns in this data (including so-called "anomalies") that can identify individuals possibly involved in terrorist or other criminal activity. But as with TIA, this kind of "data mining" may be ineffective, and has severe downsides, including its privacy costs.