The debate over the US government’s alleged eavesdropping, data mining, and watch listing efforts are littered with misconception and overheated rhetoric. The supporters of the government?s technology-infused counterterrorism efforts argue that data mining, electronic eavesdropping, and watch listing offer the government powerful tools in its battle against a determined and clever adversary. In contrast, detractors of the government?s spying programs argue that aggressive data mining and pervasive eavesdropping are invasions of privacy, pathways to massive government abuse, and ineffective security measures.
There are no easy answers that will solve the vexing question of how the government should best balance privacy and security. To deny the government the right to gather intelligence in an attempt to thwart terrorist attacks is irresponsible. However, to allow the government to conduct wholesale surveillance without oversight is equally irresponsible. Therefore, energy should be invested in developing technologies and policy solutions to ensure that government searches are both ?reasonable and particular? as laid out in the Fourth Amendment. In theory, the proper application of technology and oversight obviates the need to choose between privacy and security.
For example, Anonymous Entity Resolution technology, originally developed by Systems Research and Development and now owned by IBM?s Entity Analytics division, may offer the capability to balance privacy and security within the context of government-run data mining. According to Systems Research and Development founder Jeff Jonas, Anonymous Entity Resolution allows ?a government to take its secret list and anonymize it, [and] allow[s] a cruise line to anonymize their passenger list, and then when there’s a match it would tell the government: ‘record 123.’ So they’d look it up and say, ‘My goodness, it’s Majed Moqed.’ And it would tell them which record to subpoena from which organization. Now it’s back to reasonable and particular.?
Additionally, ?immutable audit trail? technology can help ensure that data is not abused. Immutable audit trails could create a permanent record of all individuals who add, modify, or remove data within the government?s control. This type of audit trail could reduce the willingness of government employees to engage is abuse of surveillance data. According to a report by the Markle Foundation, immutable audit trail technology “increases security, builds trust among users, ensures compliance with relevant policies and guidelines, improves transparency, and provides the ability to conduct oversight by appropriate stakeholders outside of the system.”
However, technology alone should not be viewed as a panacea. While Anonymous Entity Resolution and ?immutable audit trails? offer a degree of privacy and oversight, neither address all potential flaws in a government-sponsored eavesdropping and data mining program. Rigid oversight must be established to ensure that the data that enters the system is accurate. Inaccurate data will lead to a high degree of false accusations that, in turn, will erode public confidence in the government?s data mining and watch listing operation.
As a result, the debate between privacy and security should not be restricted to binary choices between total security and total privacy. Technology and policy should be developed that help ensure that the proper balance between privacy and security can maintained in the face of a new threat environment.