Brave New Era for
Privacy Fight

By Kim Zetter
Wired News
As the nation prepares for President Bush's inauguration next week, privacy activists on both sides of the political spectrum are bracing for a White House push to augment controversial domestic surveillance powers gained under the Patriot Act and other legislation passed since 9/11.
"The administration has made it clear that they do intend to continue their move to dramatically reduce privacy and constitutional protection for our citizens," said former Republican congressman Bob Barr, who now works as a speaker and consultant to organizations like the American Civil Liberties Union.
But surveillance legislation isn't the only concern on the minds of privacy advocates. They're also looking at technologies and services coming out of the commercial sector that could seriously affect civil liberties. Some of the important issues to watch this year are:
Patriot Act enhancements
In his state-of-the-union speech last year, Bush urged Congress to renew certain provisions of the Patriot Act that are set to expire at the end of this year.
Barr and other civil liberties advocates expect that the administration, believing it has a mandate to gain the powers it wants, will also try to push through new Patriot Act II provisions, which the administration partly abandoned when their existence came to light and caused an uproar in 2003. Barr expects the administration will pass provisions piecemeal in other legislation to avoid controversy, as it did last year with the Anti-Terrorism Intelligence Tools Improvement Act of 2003, or HR3179.
"This will be a crucial battle over the coming two years to see whether Congress really will stand up for the privacy rights of our citizens," Barr said. "The record so far has not been terribly optimistic."
One possible reason for optimism could be the SAFE Act, introduced in 2003, which Barr sees as a sign that some members of Congress regretted passing the Patriot Act with insufficient checks and balances. The Security and Freedom Ensured Act of 2003, or SB1709, is a bipartisan bill that refines some of the more invasive provisions of the Patriot Act regarding wiretaps, library records and other types of surveillance. The bill has 19 co-sponsors but has been frozen in the Senate for more than a year. A House companion bill (HR3352) has also been stuck.
Data mining
The corporate sector has increasingly been collaborating with government agencies in data-mining projects that whittle away individual liberties. Privacy advocates say this will be the most important issue to watch this year.
Although laws prohibit the government from building dossiers on individuals, they don't prohibit the government from buying information from commercial data aggregators like Acxiom, ChoicePoint and LexisNexis, which collect information about citizens' web surfing, bank transactions, doctor visits and travel itineraries. And there are no laws governing how federal agencies can use the data.
The concern cuts both ways, however. Privacy advocates say there are currently few safeguards governing how private corporations can use information passed to them by government authorities. For example, the Fleet Bank in Boston closed the financial accounts of several customers after law enforcement made inquiries about the customers' transactions in the course of a terrorist investigation. Although authorities never found any reason to charge the customers with a crime, the bank closed their accounts anyway.
Kim Taipale, executive director of the Center for Advanced Studies in Science and Technology Policy, said that monitoring and battling such corporate/government partnerships takes a concerted effort that has, until now, been lacking.
"When the public spotlight is on it, it creates a lot of concern and attracts a lot of attention, but the battle is getting the public spotlight to shine on these plans," Taipale said.
European and Latin American countries are also looking to establish privacy safeguards for data collected by U.S. companies on foreign consumers. According to Marc Rotenberg, executive director of the Electronic Privacy Information Center, U.S. commercial data aggregators have collected information on Latin American consumers and dropped it into border-patrol databases to help officials determine who should be allowed entry to the United States.
"This data from property records and DMV and voter-registration records in those countries should not be going to the U.S. for these purposes," Rotenberg said. "The flow of information around the world will be a very big issue this year."
National ID
Another important issue is the adoption last month of what could become a de facto national ID card. Even though Congress previously nixed a proposal for a national ID card on grounds that it would be too intrusive and prone to abuse, a driver's license provision in the National Intelligence Reform and Terrorism Act, passed before Congress' holiday recess, requires all driver's licenses to be standardized to include machine-readable, encoded data by the end of 2006.
Although the legislation didn't specify what data would be encoded in the cards, it gave authority to the secretary of transportation, in consultation with the Homeland Security secretary, to define the data within 18 months.
Privacy advocates are concerned that rather than just preventing ID fraud, the data on cards could be linked to a national database containing dossiers of information gathered from other sources.
Robert Ellis Smith, publisher of the Privacy Journal, has said the new law "will have more serious consequences for individual liberties of American citizens than any other law enacted in at least two decades."
Privacy legislation and states' rights
Privacy advocates expect ongoing battles between the federal government and states over jurisdiction in privacy matters. California experienced such a scuffle when Congress, bowing to pressure from business lobbyists, passed a law in 2003 that undid a California privacy regulation.
The state law would have let bank and brokerage customers prevent financial institutions from sharing their personal information -- such as bank balances, credit card purchases and stock holdings -- with affiliate companies. California has been a leader in passing privacy legislation, but Rotenberg says the state's moves have made a lot of people inside and outside of corporate boardrooms uncomfortable.
"There's a lot of nervousness in Washington about California's willingness to create privacy laws," Rotenberg said, "and I think you may see some effort to use federal authority to reign in states."
DNA databases
Although Californians have high regard for privacy, this regard didn't extend to criminal suspects last November when residents approved one of the most aggressive DNA measures in the country, which privacy advocates say will likely be copied nationwide.
The DNA Fingerprint, Unsolved Crime and Innocence Protection Act allows authorities to take DNA samples from anyone -- adult or juvenile -- convicted of a felony. Currently, it also lets police collect samples from any adult arrested for specific felonies, such as sexual assault and murder, even before they are convicted.
But in 2009, that authority will expand to allow police to collect DNA samples from any suspect arrested for any felony -- including nonviolent crimes like residential burglary -- whether or not the person is charged or convicted. It's expected that genetic data for 1 million people -- including innocent suspects -- will be added to California's DNA databank by 2009, making it the largest state DNA databank in the country.
"Not long ago, people said we would only collect for felony convictions of sex crimes where there is a high level of concern about recidivism," Rotenberg said. "Now it's dramatically expanded to non-sex crimes and even misdemeanors. I can now imagine the world of perfect DNA matching that (the film) Gattaca depicted."
RFID tags
Radio-frequency ID tags will become a bigger issue in 2005 as their use expands into new areas. Currently, stores and companies embed RFID tags in the packaging of drugs and commercial products to help track product supplies and update orders. But privacy advocates say the tags will soon be embedded in clothing and other products, raising concerns that the tracking might not stop when consumers leave a store with the product.
"The problem is not only about tracking the whereabouts of people but about linking associations," Rotenberg said. "Students with RFID student cards can be grouped and monitored in terms of who they're with."
Chips embedded beneath the skin will also become a larger issue.
Last October, the FDA approved an implantable computer chip that would contain medical information to assist with health care. The military has discussed implanting the chips in soldiers to speed up medical care, and Rotenberg said it's likely the chips will soon be used in prisoners, parolees and eventually children. The concern is with forced chipping, which would take away choice from individuals receiving the chips.
Rotenberg expects 2005 to be a busy year for privacy advocates. But he hopes that individuals won't leave it to organized activists to do all the work to protect privacy rights or think that because a specific right doesn't pertain to them that it's OK for others to lose it.
"It's a mistake to think that privacy is an individualist or atavist right," Rotenberg said. "I really view privacy as a collective right. When someone else is forced to give up their privacy, yours could be the next to go."
© Copyright 2005, Lycos, Inc. All Rights Reserved.,1848,66242,00.html?tw=wn_tophead_1



This Site Served by TheHostPros