23
Mon, Dec
3 New Articles

The "Terrorism" Information Awareness Initiative

Commentary
Typography
  • Smaller Small Medium Big Bigger
  • Default Helvetica Segoe Georgia Times

Last month's article looked at Trusted Computing and how we might be affected by it. This month, I look at the federal government's efforts to combat terrorism through the use of data, computers, and related technologies and how this affects us as computer professionals.

A Code of Ethics for Computer Professionals

Like people in some other professions, we computer engineers, programmers, and whatnot have to be blindly trusted by society because nobody understands what we do. To help us with this, the Association for Computing Machinery (ACM) long ago defined standards of ethics by which computer professionals should conduct themselves. Founded in 1947, the ACM is the oldest and most esteemed computer society in the world.

The ACM Code of Ethics and Professional Conduct is a collection of 24 imperatives for people who work with computers and data, describing how we should behave under most situations we're likely to face. Imperative number 1 states: "As an ACM member I will contribute to society and human well-being... [and] affirm an obligation to protect fundamental human rights and to respect the diversity of all cultures." Imperative number 7 says: "As an ACM member I will respect the privacy of others... [and] maintain the privacy and integrity of data describing individuals."

The IAO and the TIA

With that said, let's take a look at the U.S. government's Information Awareness Office (IAO). The IAO (whose Latin motto scientia est potential means "knowledge is power") is the federal agency mandated with collecting and analyzing data and is the owner of the Terrorism Information Awareness (TIA) initiative. "TIA" originally stood for "Total Information Awareness," but this name suggested an invasion of citizen privacy by the federal government (collecting your "dossier" and all that). The name was changed in 2003 to "Terrorism Information Awareness," with some funding going to a new faction of TIA called MATRIX (Multistate Anti-Terrorism Information Exchange.)

TIA and MATRIX consist of more than a dozen surveillance and security applications being developed by several branches of government. According to the Defense Advanced Research Projects Agency (DARPA), "The applications are designed to detect suspicious behavior in clusters of people, to identify people in public places, and to determine patterns of behavior by analyzing databases of information." The full TIA prototype is expected in 2007 to 2009.

A central component of TIA is the ability to identify suspects through characteristics of the face and body. High-resolution 3D images are collected and analyzed for dozens of identifying features, including how someone walks. Software called Human Identification at a Distance can identify a person from as far away as 500 feet. Another component, Next Generation Face Technology, uses high-resolution 3D images to read people's faces and determine if they're telling the truth. DARPA also has plans to develop radar, thermal, and infrared sensing to examine human features from side angles, even in bad weather.

Data Analysis by the Government

Perhaps the most controversial TIA ambition is to identify threatening individuals by analyzing databases of information. This project seeks to detect potential terrorists through the transaction records and public records they create while going about their evil business. That is, collected data would include public information like immigration records, licensing, and tax data as well as less-public information like credit card bills, grocery store transactions, education records, airline tickets, car rentals, and utility bills. The government's intent is to establish profiles for terrorists and see who fits them, hoping to identify likely offenders. DARPA claims the data would not be released to others and that the data is already available to businesses anyway.

Not Everyone Is a TIA Fan

Critics of TIA advise caution. Data errors like a misspelled name could result in someone coming under suspicion by mistake. (Once the FBI comes into your place of work and arrests you, even by mistake, others seem to treat you differently from then on.) And perhaps more disturbing, there probably will be no government obligation to correct errors, once found. In a recent decision, the Justice Department ruled the FBI is exempt from the Privacy Act of 1974. That means the FBI does not have to ensure the accuracy of information contained in its National Crime Information Center database.

The IAO touts TIA as a system that will merit our confidence. They say the conclusions drawn by TIA data analysis will be accurate and effective. However, hidden within their assurance is another message. It says that since they think TIA can be trusted, if TIA says you're a terrorist, then you're a terrorist. As with all security systems, the more trusted TIA is, the more vulnerable it is. If TIA is thought to be accurate, yet it falsely identifies an innocent person as threatening, the damage to the person could be irreparable.

"I don't want someone knowing all my movements and everything I've done all day," said Jay Stanley, speaking for the Technology and Liberty Program at the ACLU. "I don't even want that to be recorded. It will change how I act. It will make me less free."

Senator Russ Feingold introduced legislation in January of 2003 to discontinue the TIA projects and other activities of the IAO until Congress could hold a review of the privacy concerns involved. Senator Ron Wyden brought similar legislation that would prevent the IAO from operating within the United States unless specifically authorized by Congress. Further, Senator Wyden's bill would shut the IAO down entirely 60 days after passage unless the Pentagon prepared a report "assessing the impact of IAO activities on individual privacy and civil liberties, or the President certified the program's research as vital to national security interests."

In Congress, legislation was passed in February of 2003 halting activities of the IAO pending a Congressional report of the office's activities. Action in the Congress to attempt to halt a specific internal Department of Defense project occurs extremely rarely, underscoring the grave threat to civil liberties and privacy that many lawmakers perceive in the IAO.

The Dilemma of Privacy Versus Security

When applying imperatives of professional conduct to TIA, there can be no way to separate the ordinary citizens from those who wish us ill based on physical appearance or data analysis. An innocent person may look like a terrorist. A terrorist will walk like an ordinary citizen. A law-abiding exchange student may create the very same public and private transaction records that a terrorist does. The question, then, becomes one of degrees. Persons who fit within a certain level of classifying criteria may be identified as potential threats to the nation. Conversely, terrorists who can successfully avoid trigger transactions may be included in the "non-threatening" group.

On the other hand, few among us would begrudge the loss of a little privacy if it meant the prevention of tragic events and the consequential human suffering. Under one approach to ethics, where the common good is weighed against individual rights, it could be argued that privacy advocates are reacting emotionally and are failing to see the bigger picture. Sure, some mistakes may be made, but the overall benefit to society surely outweighs the occasional individual tragedy.

This issue is a tough nut to crack. Even if we subscribe to the notion that the common good should prevail, how do we know we're not giving up our privacy for nothing? Maybe we're just kidding ourselves with these types of security measures; the bad guys can still find a way.

For computer professionals, the problem is compounded because we're supposed to do what our employers, be they in business or government, want us to, yet their goals may be contrary to the accepted code of ethics. How are we supposed to know when the government agency we work for has overstepped its mandate or the business we work for has violated tenets of privacy? It's hard to say where the line should be drawn, but at some point, it must be. For example, what if our employer decides that we should write a virus that targets a competitor or we should create spyware and sell the data? Sometimes you encounter an employer that you must get away from but at least you can take your ethics with you.

Chris Peters has 26 years of experience in the IBM midrange and PC platforms. Chris is president of Evergreen Interactive Systems, a software development firm and creators of the iSeries Report Downloader. Chris is the author of The OS/400 and Microsoft Office 2000 Integration Handbook, The AS/400 TCP/IP Handbook, AS/400 Client/Server Programming with Visual Basic, and Peer Networking on the AS/400 (MC Press). He is also a nationally recognized seminar instructor. Chris can be reached at This email address is being protected from spambots. You need JavaScript enabled to view it..

BLOG COMMENTS POWERED BY DISQUS

LATEST COMMENTS

Support MC Press Online

$

Book Reviews

Resource Center

  • SB Profound WC 5536 Have you been wondering about Node.js? Our free Node.js Webinar Series takes you from total beginner to creating a fully-functional IBM i Node.js business application. You can find Part 1 here. In Part 2 of our free Node.js Webinar Series, Brian May teaches you the different tooling options available for writing code, debugging, and using Git for version control. Brian will briefly discuss the different tools available, and demonstrate his preferred setup for Node development on IBM i or any platform. Attend this webinar to learn:

  • SB Profound WP 5539More than ever, there is a demand for IT to deliver innovation. Your IBM i has been an essential part of your business operations for years. However, your organization may struggle to maintain the current system and implement new projects. The thousands of customers we've worked with and surveyed state that expectations regarding the digital footprint and vision of the company are not aligned with the current IT environment.

  • SB HelpSystems ROBOT Generic IBM announced the E1080 servers using the latest Power10 processor in September 2021. The most powerful processor from IBM to date, Power10 is designed to handle the demands of doing business in today’s high-tech atmosphere, including running cloud applications, supporting big data, and managing AI workloads. But what does Power10 mean for your data center? In this recorded webinar, IBMers Dan Sundt and Dylan Boday join IBM Power Champion Tom Huntington for a discussion on why Power10 technology is the right strategic investment if you run IBM i, AIX, or Linux. In this action-packed hour, Tom will share trends from the IBM i and AIX user communities while Dan and Dylan dive into the tech specs for key hardware, including:

  • Magic MarkTRY the one package that solves all your document design and printing challenges on all your platforms. Produce bar code labels, electronic forms, ad hoc reports, and RFID tags – without programming! MarkMagic is the only document design and print solution that combines report writing, WYSIWYG label and forms design, and conditional printing in one integrated product. Make sure your data survives when catastrophe hits. Request your trial now!  Request Now.

  • SB HelpSystems ROBOT GenericForms of ransomware has been around for over 30 years, and with more and more organizations suffering attacks each year, it continues to endure. What has made ransomware such a durable threat and what is the best way to combat it? In order to prevent ransomware, organizations must first understand how it works.

  • SB HelpSystems ROBOT GenericIT security is a top priority for businesses around the world, but most IBM i pros don’t know where to begin—and most cybersecurity experts don’t know IBM i. In this session, Robin Tatam explores the business impact of lax IBM i security, the top vulnerabilities putting IBM i at risk, and the steps you can take to protect your organization. If you’re looking to avoid unexpected downtime or corrupted data, you don’t want to miss this session.

  • SB HelpSystems ROBOT GenericCan you trust all of your users all of the time? A typical end user receives 16 malicious emails each month, but only 17 percent of these phishing campaigns are reported to IT. Once an attack is underway, most organizations won’t discover the breach until six months later. A staggering amount of damage can occur in that time. Despite these risks, 93 percent of organizations are leaving their IBM i systems vulnerable to cybercrime. In this on-demand webinar, IBM i security experts Robin Tatam and Sandi Moore will reveal:

  • FORTRA Disaster protection is vital to every business. Yet, it often consists of patched together procedures that are prone to error. From automatic backups to data encryption to media management, Robot automates the routine (yet often complex) tasks of iSeries backup and recovery, saving you time and money and making the process safer and more reliable. Automate your backups with the Robot Backup and Recovery Solution. Key features include:

  • FORTRAManaging messages on your IBM i can be more than a full-time job if you have to do it manually. Messages need a response and resources must be monitored—often over multiple systems and across platforms. How can you be sure you won’t miss important system events? Automate your message center with the Robot Message Management Solution. Key features include:

  • FORTRAThe thought of printing, distributing, and storing iSeries reports manually may reduce you to tears. Paper and labor costs associated with report generation can spiral out of control. Mountains of paper threaten to swamp your files. Robot automates report bursting, distribution, bundling, and archiving, and offers secure, selective online report viewing. Manage your reports with the Robot Report Management Solution. Key features include:

  • FORTRAFor over 30 years, Robot has been a leader in systems management for IBM i. With batch job creation and scheduling at its core, the Robot Job Scheduling Solution reduces the opportunity for human error and helps you maintain service levels, automating even the biggest, most complex runbooks. Manage your job schedule with the Robot Job Scheduling Solution. Key features include:

  • LANSA Business users want new applications now. Market and regulatory pressures require faster application updates and delivery into production. Your IBM i developers may be approaching retirement, and you see no sure way to fill their positions with experienced developers. In addition, you may be caught between maintaining your existing applications and the uncertainty of moving to something new.

  • LANSAWhen it comes to creating your business applications, there are hundreds of coding platforms and programming languages to choose from. These options range from very complex traditional programming languages to Low-Code platforms where sometimes no traditional coding experience is needed. Download our whitepaper, The Power of Writing Code in a Low-Code Solution, and:

  • LANSASupply Chain is becoming increasingly complex and unpredictable. From raw materials for manufacturing to food supply chains, the journey from source to production to delivery to consumers is marred with inefficiencies, manual processes, shortages, recalls, counterfeits, and scandals. In this webinar, we discuss how:

  • The MC Resource Centers bring you the widest selection of white papers, trial software, and on-demand webcasts for you to choose from. >> Review the list of White Papers, Trial Software or On-Demand Webcast at the MC Press Resource Center. >> Add the items to yru Cart and complet he checkout process and submit

  • Profound Logic Have you been wondering about Node.js? Our free Node.js Webinar Series takes you from total beginner to creating a fully-functional IBM i Node.js business application.

  • SB Profound WC 5536Join us for this hour-long webcast that will explore:

  • Fortra IT managers hoping to find new IBM i talent are discovering that the pool of experienced RPG programmers and operators or administrators with intimate knowledge of the operating system and the applications that run on it is small. This begs the question: How will you manage the platform that supports such a big part of your business? This guide offers strategies and software suggestions to help you plan IT staffing and resources and smooth the transition after your AS/400 talent retires. Read on to learn: