On Jan. 5, the Homeland Security Dept. launched the U.S. VISIT Program, which will take digital fingerprints and photographs of foreign nationals entering and exiting the country at 115 airports and popular seaports. Pundits' reactions ranged from alarm to scorn: Terrorism experts argued, correctly, that the program would do little to prevent terrorists from entering the country, mostly because of 27 visa-waiver countries -- Western Europe plus a few other choice nations -- that are exempt from the profiling.
Richard Reid, the alleged shoe bomber, boarded in London, after all, and most of the flights that have been canceled in recent weeks were scheduled to depart from London and Paris. Nor could U.S. VISIT prevent terrorism, critics rightly pointed out, if it logs only visitors who arrive by air and sea. Just 24 million of the 500 million foreign visitors annually enter America by plane or boat.
TRACKING RECORD. It seems Homeland Security is beginning to understand that privacy matters. "We know a lot more information about this program than most government initiatives. It's a really positive sign," says Ari Schwartz, associate director of Washington [D.C.]-based civil liberties advocacy group the Center for Democracy & Technology.
Much of the credit goes to Nuala Kelly, Homeland Security's chief privacy officer. Originally, the department had argued that a civil-liberties assessment wasn't necessary since the program didn't affect U.S. citizens. Kelly disagreed: "We try to encourage all programs to assess privacy for any new substantial change that affect citizens and noncitizens. We believe this is in the spirit, if not the letter, of the law."
Appointed last April, Kelly is the first privacy officer in the federal government required by statute. Previously she served as privacy officer at the Commerce Dept. and vice-president for data protection at online-marketing company DoubleClick. Her grasp of the issues is clear throughout U.S. VISIT's privacy assessment.
TOO MUCH INFO. The PIA maps the data flow. For example, digital fingerprints and photos will be fed, along with commercial-carrier information, into the Arrival & Departure Information System [ADIS] and cross-referenced with the Student & Exchange Visitor Information Service [SEVIS]. The PIA also addresses the five fundamental rules of data protection: Who has access to the data? What security procedures are in place? How and with whom will the information be shared? How long will data be retained? What is the process of redress if errors are discovered?
Last year, Kelly's agency saw Congress kill funding for the Defense Dept.'s Orwellian Total Information Awareness [TIA] Project, which was designed to aggregate citizens' personal information from banks, credit agencies, and elsewhere to predict future terrorist attacks. Homeland's own CAPPS 2 program, a new computerized airport-tracking system, also came under congressional attack for not spelling out how the technology would affect travelers' privacy or how the agency would protect data [see BW Online, 12/18/02, "Snooping in All the Wrong Places" and 4/17/03, "The System that Doesn't Safeguard Travel"].
Of course, far too many what-ifs still exist. But it's more Homeland Security's lack of clarity about how the program will ultimately work that's to blame --- not a lack of transparency. Gone is the department's standard bravado. Kelly is remarkably candid about what still needs to be done.
That's an awfully long time, as Kelly admits: "I was surprised when I saw those numbers. In the past, [the Immigration & Naturalization Service] kept that data as a public service or to extract patterns of immigration. We want it kept only for the length of time needed. I anticipate that ultimately it will be kept for shorter periods of time."
Kelly is also sensitive to so-called mission creep -- when data is collected for one purpose but down the line is used for another, perhaps more insidious, reason. Homeland Security Secretary Tom Ridge has said the information will be used mainly for enforcement purposes and to locate criminals.
"We need to be up-front about the scope and purpose for which [data] is collected," Kelly says. "We're currently working on documents that will be handed to people at the time they provide their data to inform them of the full range of ways their data may be used."
TO-DO LIST. Privacy advocates continue to have their concerns. And they want answers now. Marcia Hoffman, staff counsel at the Electronic Privacy Information Center, a Washington [D.C.]-based advocacy group, is particularly worried about the right of redress. Sure, Homeland Security has provided an e-mail and postal address for complaints, but what happens if someone is denied access to enter the country because of inaccurate information --- say a misspelled Arabic name or failure to record a previous departure from the U.S.?
"They're up-front about the fact that these inconsistencies and errors could result in a heightened degree of risk.... But all they tell you is that this problem will be mitigated by the fact there's a privacy officer. I want to know what they're going to do about it," says Hoffman.
Still, even Hoffman agrees the document is a "thoughtful" evaluation of the privacy implications of U.S. VISIT. It maps how a complex, far-reaching program that cobbles together existing technology systems and databases from dozens of government agencies could affect millions of people's personal information.
Just how much sway Kelly will have isn't yet clear. But it's comforting to know she does report directly to Ridge and also has to report to Congress, much like an agency inspector general. U.S. VISIT's privacy assessment is a good start. It's up to Nuala Kelly to keep up the good work.