GAO report: DHS data mining needs privacy oversight

Some of the agency's data-mining programs don't have privacy impact assessments in place, the report says

Data-mining programs at the U.S. Department of Homeland Security are not fully reviewed by the agency for their effectiveness and, in some cases, for their compliance with privacy protection mandates, according to a report from the U.S. Government Accountability Office.

The GAO report, made public Friday, raises questions about the effect of DHS data mining on the privacy of U.S. residents, said two Democratic lawmakers.

DHS policies don't sufficiently require that the agency evaluate the effectiveness of the data-mining programs, although the agency is planning more intensive reviews of IT investments, the GAO report said. "Until such reforms are in place, DHS and its component agencies may not be able to ensure that critical data mining systems used in support of counterterrorism are both effective and that they protect personal privacy," the report said.

DHS has not completed privacy impact assessments for two of the six data-mining programs the GAO reviewed, the report said.

In addition, DHS violated its own privacy rules by sharing information from the Immigration and Customs Enforcement Pattern Analysis and Information Collection (ICEPIC) program with state and local law enforcement agencies, said Representatives Brad Miller of North Carolina and Donna Edwards of Maryland, both Democratic members of the House Science, Space and Technology Committee.

One of the "most disturbing findings" by the GAO was that ICEPIC rolled out its law enforcement sharing component before it was approved by the DHS privacy office, Miller and Edwards said in a press release. The program violates the DHS privacy impact assessment created for the program, the GAO report said.

CEPIC is used to identify "non-obvious relationship patterns among individuals and organizations that are indicative of violations of customs and immigration laws or terrorist threats," according to DHS.

"Government data mining should have tough-minded oversight if we're going to keep Americans safe from terrorism, avoid wasting tax dollars on one boondoggle technology after another, and protect the privacy of innocent Americans," Miller said in a statement. "The intelligence community has to stop using the legitimate need for some secrecy in counter-terrorism to hide from oversight, and Congress needs to get over our 'gee-whiz' attitude when we deal with the intelligence community."

A DHS spokeswoman didn't immediately respond to a request for comments on the GAO report, but the agency agreed with the GAO recommendations in the report. DHS is committed to ensuring that the data-mining programs are "adequately reviewed, deliver required capabilities, appropriately protect individual privacy, and maintain appropriate transparency to the public," wrote Jim Crumpacker, director of the GAO liaison office at DHS.

The privacy office at DHS has begun an investigation into the ICEPIC program, Edwards and Miller said.

"It is alarming that DHS needed GAO to point out that the agency's data mining program has been violating its own privacy protocols for more than three years by sharing sensitive personal information with local, state, and federal officials," Edwards said in a statement.

Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's e-mail address is grant_gross@idg.com.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags Donna EdwardsGovernment use of ITJim CrumpackersecurityBrad MillerU.S. Department of Homeland SecuritygovernmentU.S. House of Representatives ScienceprivacySpace and Technology CommitteeU.S. Government Accountability Office

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Grant Gross

IDG News Service
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?