Former U.S. attorney general John D. Ashcroft, whose tenure saw the creation of a burgeoning homeland security industry, has emerged as the highest-ranking former Bush administration official to lobby for and invest in companies in that field.
Nearly two years after he left the Justice Department for a glass-and-marble office tower six blocks away, Ashcroft is building a lucrative consulting company helping security and other firms find business with federal agencies. Federal spending on homeland security is expected to reach nearly $60 billion in fiscal 2007, according to the Office of Management and Budget.
"It's a continuation of the aspiration I have that our nation have access to the best possible resources to fight terror, whether domestic or international," Ashcroft, founder of the Ashcroft Group LLC, said during a phone interview from his 150-acre cattle farm in rural Missouri, where he was spending a working vacation.
During his tenure, Ashcroft championed expanded federal powers to conduct surveillance in counterterrorism investigations. Now, he said, he wants the intelligence and law enforcement agencies to be aided by the tech world's "best of breed."
In all, Ashcroft's firm has 30 clients, many of which make products or technology aimed at homeland security, and about a third of which the firm has not disclosed, to protect client confidentiality. The firm also has equity stakes in eight client companies, a trend the company plans to continue as it gradually turns its focus toward venture capital.
Critics question oversight
Privacy experts and civil libertarians, who battled Ashcroft's policies to enlarge surveillance powers, warned that the types of businesses promoted by the former attorney general and other lobbyists are fast becoming a de facto branch of the government, beyond traditional oversight. They question whether the security offered by these firms, some of which specialize in analysis of government and private data, is balanced by adequate protection for civil liberties.
In an era of unprecedented collection and sharing of data between the government and the private sector, "we need checks and balances to match that paradigm shift," said Peter Swire, who served as a privacy counselor for the Clinton administration and now teaches law at Ohio State University.
Ashcroft's client list includes Nanodetex Corp. in New Mexico, which offers technology that can detect airborne pathogens such as anthrax or liquid explosives such as the type authorities say a group of terror suspects planned to use to blow up passenger jets between Britain and the United States. Another is Exegy Inc., a Missouri firm that does high-speed data mining.
Innova Holdings Inc. makes software that can remotely command robots and drones, or unmanned vehicles, the sort that police borders or fly above the mountains and valleys of Pakistan and Afghanistan searching for al-Qaeda cells. The company, which signed with Ashcroft's firm last week, has developed a technology for robots that will undertake a NASA repair mission to the Hubble Space Telescope.
Still another client is Dulles Research LLC, a small Northern Virginia firm that claims its technology can detect illicit networks like the group of men who went on to hijack four planes on Sept. 11, 2001. The firm says its technology detects the threat of terrorist behavior by analyzing people's actions -- not their identities, an effort to safeguard individuals' privacy.
"What network-analysis technology does is not look at the individual, but rather at the gravity and weight of relationships between people who appear to be doing something harmful to our interests or in opposition to the law," said Drew Eginton, Dulles Research's founder and chief executive.
For instance, he said, out of a data set that includes transactions of 20 million people with one another, "What you're looking for are the seven people who are doing something normal people don't do, simultaneously buying tickets to the same town with money orders, or sequentially visiting the same place one month apart using airline tickets that were paid with cash, or switching cellphones and every 60 days placing a 10-second voice mail to a person who went to that individual's school in Malaysia. We're looking for these very shadowy and unusual interactions that, based on a prior statistical case, predict the likelihood of trouble.''
Searching for patterns
Behavioral pattern analysis has a good track record in the world of credit card fraud, where "millions" of transactions can be analyzed to extract patterns of illicit behavior, said Jim Dempsey, policy director of the Center for Democracy and Technology.
The problem with detecting terrorist patterns of behavior is that there are not millions of terrorist transactions that can be analyzed on which to base a reliable model, he said.
What is the recourse, Dempsey asked, for people who are wrongly identified and targeted?
But Eginton said the point of using statistical analysis is to avoid the "false positive."
"We do not have a mature and complete mathematical understanding of what these people and networks will do," he said. "But we do have an understanding."
Connecting with ‘the right people’
Another Ashcroft client is ChoicePoint Inc., a data marketer that gathers public records and sells access to them. Though the company already had a contract with the Justice Department dating to 1998, last year it signed on with Ashcroft's firm to help it connect with "the right people within the agencies who could match up our capabilities with their needs," said James Lee, ChoicePoint's chief marketing officer.
When it comes to privacy, Ashcroft, a 54-year-old Republican and former U.S. senator and Missouri governor, said there are "real reasons" why the government should not be in the business of warehousing information. "The private sector does a better job of maintaining and developing information," he said. Another reason, he said, is Americans "don't want government to have access to any more information than necessary."
The Ashcroft Group complies with federal disclosure rules, Ashcroft said. It has disclosed the identities of 17 companies and two trade groups that it represents before Congress or the executive branch. The other clients, for which the firm does not do government work, are covered by non-disclosure agreements.
The firm reported receiving $1.4 million in lobbying fees in the past six months. But that is a small fraction of its earnings. It offers strategic consulting and is set to launch a service to help companies prevent and clean up data breaches.
These days, Ashcroft, whose forthcoming book discusses his experience as attorney general, is relaxed and energized. "Ninety percent" of the people who approach him, he said, thank him for his service. "I think that people have the sense," he said, "that regardless of whether they agree with me or not, they knew that I was doing what I thought I ought to do."
Staff researchers Richard Drezen and Robert Lyford contributed to this report.