Privacy Groups Protest Massive DHS Database of Secret Watchlists

Homeland Security plans to operate a massive new database of names, photos, birthdays and biometrics called Watchlist Service, duplicated from the FBI's Terrorist Screening Database which has proven not to be accurate many times in the past. DHS wants to exempt the Watchlist Service from Privacy Act provisions, meaning you will never know if you are wrongfully listed. Privacy groups worried about inaccurate info and mission creep have filed a protest, arguing the Privacy Act says DHS must notify subject of government surveillance.

Homeland Security has a plan to expand its Watchlist Service by duplicating the FBI's existing system of watchlist records and then feed that info into a massive database in which more government people would have immediate access. According to the FBI, the consolidated Terrorist Watchlist is "one of the most effective counterterrorism tools for the U.S. government." But according to the ACLU, FBI spying on free speech is nearly at Cold War levels and that the FBI lied to the Justice Department about continuing improper surveillance of peace groups. So it's not some kind of conspiracy theory, it's a fact that innocent people end up on terrorist watchlists.

So now Homeland Security has proposed to exempt portions of its Use of the Terrorist Screening Database System of Records "from Privacy Act provisions because of criminal, civil, and administrative enforcement requirements." The system of records to be duplicated and expanded into the DHS Watchlist Service will include each suspected terrorists' name, place and date of birth, driver's license and passport info, photos and biometric data, and other personal info.

This newly proposed DHS Watchlist Service will combine four different DHS systems of records including the TSA-managed Transportation Security Threat Assessment System and TSA's Secure Flight Records, Treasury Enforcement Communication System (TECS) managed by Custom and Border Protection (CBP) Passenger Systems Program Office, and IDENT which is managed by the US-VISIT Program. In case you were unaware, according to the July 13th testimony before the Senate Committee on Homeland Security, the US-VISIT's IDENT is "fully interoperable" with the FBI's "10-fingerprint-based" identity system to run against the watchlist and the "FBI's entire criminal master file of over 69 million identities in near real time."

The DHS proposal did not please the Electronic Privacy Information Center. EPIC then led a coalition of privacy groups and civil rights organizations to file a protest to Homeland Security's plan to centralize and expand access to the FBI's suspected terrorist database. The privacy groups are challenging Homeland Security's plan to change the Watchlist Service, "a secretive government database filled with sensitive information. The agency has solicited comments on the program, which entails developing a real-time duplicate copy of the database and expanding the groups and personnel with immediate access to the records."

The statement filed by EPIC and the other privacy and civil right groups [PDF], points out that DHS has admitted that it "does not control the accuracy of the information in system of records" and that "individuals do not have an opportunity to decline to provide information." Additionally, the DHS Watchlist Service attempts to circumvent privacy protections established by the Privacy Act. Congress previously found that "the privacy of an individual is directly affected by the collection, maintenance, use, and dissemination of personal information by Federal agencies. Congress also emphasized that "the right to privacy is a personal and fundamental right protected by the Constitution of the United States."

The joint letter argues that the 1974 Privacy Act requires Homeland Security to "notify subjects of government surveillance in addition to providing a meaningful opportunity to correct information that could negatively affect them." Furthermore, "secretive government lists without any meaningful safeguards present a very real risk of 'mission creep,' in which a system is pressed into unintended or unauthorized uses. Under this proposal, the agency would have the right to maintain and rely upon information it does not know to be accurate, relevant, timely, or complete without recourse—the right to subject citizens to arbitrary decisions."

On OMB Watch, Gavin Baker wrote, "DHS' approach twists the purpose of the Privacy Act exemptions almost beyond recognition. Exemptions should be limited to the time when they're needed, and no longer. But the proposed exemptions would never expire, even if the subjects in the database aren't under active investigation. This isn't necessary to protect the integrity of investigations, and it invites abuses. As our comment to DHS notes, 'the notion of an investigation that is ongoing in perpetuity and without completion would be absurd.'"

There were already not enough people in Intelligence to properly analyze and verify all the suspicious reports, but Homeland Security's push for "See Something Say Something" just adds to the data flood and is too easily used in a grudge-match by neighbors who report neighbors as suspicious. Each year, the number of people added to no-fly and terrorist watchlists doubles, according to calculations done by SHFTplan. "At this rate, there will be about 550,000,000 people on the watch list by 2019, which exceeds the population of the United States and then some. By 2023, the watch list will actually exceed the population of the entire earth - at which point one can speculate that the government of the U.S. will restrict all air travel."

While we certainly don't want terrorists running around free to commit mayhem, the way Homeland Security is wanting to expand and duplicate the watchlist, yet keep it a complete secret from We the People is ludicrous. It's also fairly scary stuff, America. Not everyone is a terrorist. How many thousands are wrongfully on the watchlist right now? Eventually, as SHFTplan suggests, will everyone who does not work for the government wind up on the watchlist? If DHS gets its way, you can ask if you are on it, but it will never tell you.

Like this? Here's more posts:

• Wham Bam Google Ban: No Pseudonyms on Google Plus Profiles
• Cyberwar Strategy: Will Dual-Hatted NSA Plug Holes in Leaky Pentagon?
• Privacy and Technology: WTF Happened to Your Constitutional Rights?
• They ARE Listening: Law Enforcement Wiretapping Jumps 34%
• Anonymous, Hackers, Citizens: Know Your Rights!
• Project PM Leaks Dirt on Romas/COIN Classified Intelligence Mass Surveillance
• ACLU to Congress: Cancer of Gov't Secrecy Is Killing America
• Argh! Another Facebook Zuckerberg Wants to Kill Off Anonymity
• In this digital age, what the heck happened to the Constitution?
• Hunting for an email service with extreme wishlist for privacy and security?
• FBI Eyeing Microsoft Technologies to Assist Law Enforcement

Follow me on Twitter @PrivacyFanatic

• Data Center

• Security

• Software

• Security

• 1974 Privacy Act

• civil liberties

• Constitution terrorists

• databases

• DHS

• DHS Watchlist Service

• domestic spying

• EPIC

• FBI

• government surveillance

• Homeland Security

• privacy

• Privacy Act

• security

• watchlist database