Bennie Thompson (D-Miss.), chairman of the US House Committee on Homeland Security, has asked Department of Homeland Security Secretary Michael Chertoff to provide a detailed listing of all IT programs that have been canceled, discontinued or modified because of privacy concerns.
He also asked for details on the amount of money the DHS spent on each program, the names of contractors who were awarded the projects, and information about the measures being taken to address privacy issues.
Thompson's demand was prompted by the recent cancellation of the agency's Analysis Dissemination Visualization Insight and Semantic Insight (ADVISE) data-mining program, which was shelved because of privacy concerns after US$42 million had been poured into it. In a letter to Chertoff yesterday, Thompson expressed concern about the "apparent litany" of DHS programs that have been canceled or otherwise modified after millions of dollars have been spent because of a failure to assess their privacy ramifications early on.
DHS officials could not be reached for comment.
Pointing to the ADVISE program, Thompson noted that the data-mining tool could have helped the DHS and law enforcement agencies sift through large volumes of data to identify terrorists. However, a report by the department's inspector general showed that the DHS's privacy office did not even know that an ADVISE pilot program had been implemented using live data, Thompson noted in his letter.
The same inspector general's report also noted that ADVISE program managers did not even begin the first step in the privacy assessment process until "one to two years after the systems had been deployed," Thompson said. "What is particularly bothersome about the cancellation of ADVISE is that this is not an isolated failure. To the contrary, the department has spent hundreds of millions of taxpayer dollars on projects and programs without first thoroughly evaluating the legal basis for the program and determining whether the operation of the program will violate the privacy rights of Americans."
Over the last three years, four such programs were canceled after millions of dollars were spent on them, he said. If the programs were still operational, they would have violated the privacy rights of millions of Americans he said.
The programs listed in Thompson's letter included the following:
- The US$100 million Computer Assisted Passenger Prescreening System II program. CAPPS II was designed to use commercial databases and intelligence data to identify potential terrorists before they boarded commercial aircraft. It was shut down in August 2004 because of privacy concerns.
- The Multi-State Anti-Terrorism Information Exchange (or Matrix) pilot project, which was shut down in April 2005 after US$8 million had been sunk into it. Matrix did not garner the public support it needed because of its lack of privacy safeguards. The Transportation Security Administration's Secure Flight effort, which was suspended in February 2006 after the Government Accountability Office discovered 144 known security vulnerabilities in the program. At the time it was suspended, the DHS had already spent about US$140 million, and at least another US$80 million was needed for proposed privacy and security improvements.