The IT Law Wiki
The IT Law Wiki

National Security[]

TIA was originally the acronym for the "Total Information Awareness Project." The name was later changed to "Terrorism Information Awareness" before it was substantially restricted.[1]

Overview[]

Following the 9/11 terrorist attacks, many questions were raised about the country's intelligence tools and capabilities, as well as the government's ability to detect other so-called "sleeper cells," if, indeed, they existed. One response to these concerns was the creation of the Information Awareness Office (IAO) at the Defense Advanced Research Projects Agency (DARPA) in January 2002. The role of IAO was "in part to bring together, under the leadership of one technical office director, several existing DARPA programs focused on applying information technology to combat terrorist threats."[2] DARPA also recognized that new programs would be needed to fully address the technology requirements of a complete prototype system/network to respond to the particular demands of the terrorist threat. DARPA envisions TIA as the system/network-level integration program while other IAO programs were designed to furnish technologies and components that compose the overall program. As conceived by DARPA, TIA would integrate these technologies and provide some or all of them to various organizations for experiments, while assessing the system's utility in various operationally relevant contexts.

The mission statement for IAO suggested that the emphasis on these technology programs was to "counter asymmetric threats by achieving "total information awareness" useful for preemption, national security warning, and national security decision making."[3] To that end, the TIA project was to focus on three specific areas of research, anticipated to be conducted over five years, to develop technologies that would assist in the detection of terrorist groups planning [[attack]s against American interests, both inside and outside the country. The three areas of research and their purposes were described in a DOD Inspector General report as:

language translation, data search with pattern recognition and privacy protection, and advanced collaborative and decision support tools. Language translation technology would enable the rapid analysis of foreign languages, both spoken and written, and allow analysts to quickly search the translated materials for clues about emerging threats. The data search, pattern recognition, and privacy protection technologies would permit analysts to search vast quantities of data for patterns that suggest terrorist activity while at the same time controlling access to the data, enforcing laws and policies, and ensuring detection of misuse of the information obtained. The collaborative reasoning and decision support technologies would allow analysts from different agencies to share data.[4]

In public statements DARPA frequently referred to the TIA program as a research and development project designed to create experimental prototype tools,[5] and that the research agency would only use "data that is legally available and obtainable by the U.S. Government."[6] DARPA further emphasized that these tools could be adopted and used by other agencies, and that DARPA itself would not be engaging in any actual-use data mining applications, although it could "support production of a scalable leave-behind system prototype."[7] In addition, some of the technology projects being carried out in association with the TIA program did not involve data mining.[8]

Data mining[]

However, a key component of the TIA program was the deployment of data mining technologies to sift through data and transactions to find patterns and associations to discover and track terrorists. The idea is that "if terrorist organizations are going to plan and execute attacks against the United States, their people must engage in transactions and they will leave signatures in this information space. . . ." TIA planned to mine transaction data for terrorism-related indicators to uncover terrorists plans or attacks.

Privacy considerations[]

According to the Department of Defense,[9] the TIA research and development efforts addressed both privacy and civil liberties in the following ways:

  • The DoD would fully comply with the laws and regulations governing intelligence activities and all other laws that protect the privacy and constitutional rights of U.S. persons.
  • As an integral part of its research, the TIA program itself would seek to develop new technologies that would safeguard the privacy of U.S. persons.
  • TIA's research and testing activities would be conducted using either real intelligence information that the federal government had already legally obtained, or artificial synthetic information that would not implicate the privacy interests of U.S. persons.

Criticism[]

The TIA program's overall emphasis on collecting, tracking, and analyzing data trails left by individuals served to generate significant and vocal opposition soon after John Poindexter made a presentation on TIA at the DARPATech 2002 Conference in August 2002.[10]

The opposition arose in part because of shifting explanations of how the TIA's proposed technology (described as, among other things, "data mining" or "knowledge discovery" tools) would operate. For instance, the TIA left ambiguous whether its technology would be used to search transactional data only for information about specific subjects of terrorism investigations or to find suspicious patterns that matched analysts' hypotheses of how potential terrorists might launch an attack, and thereby identify individuals requiring further scrutiny. Similarly, it was never clear whether the TIA envisioned technology that would allow the government to aggregate private sector data into one centralized government database, or technology that would allow the government to search across private sector databases while leaving the data in private hands. Moreover, the TIA's defenders never adequately explained the extent to which transactional data of U.S. citizens would be searched using the agency's technology.

Critics of the TIA program were further incensed by two administrative aspects of the project. The first involved the Director of IAO, Dr. John M. Poindexter. Poindexter, a retired Admiral, was, until that time, perhaps most well-known for his alleged role in the Iran-contra scandal during the Reagan Administration. His involvement with the program caused many in the civil liberties community to question the true motives behind TIA.[11] The second source of contention involved TIA's original logo, which depicted an "all-seeing" eye atop of a pyramid looking down over the globe, accompanied by the Latin phrase scientia est potentia (knowledge is power). Although DARPA eventually removed the logo from its website, it left a lasting impression.

Termination/Restrictions of program[]

The continued negative publicity surrounding the TIA program contributed to the introduction of a number of bills in Congress that eventually led to the program's dissolution.[12]

In January 2003, Congress barred funding for domestic deployment of the TIA but allowed research to go forward.[13] Ultimately, in September 2003, Congress eliminated all funding for the TIA program and "any successor program."[14]

However, Section 8131 of the law allowed unspecified subcomponents of the TIA initiative to be funded as part of DOD's classified budget, subject to the provisions of the National Foreign Intelligence Program, which restricts the information processing and analysis of information on U.S. citizens. Thereafter, the TIA could be used only in connection with "lawful military operations of the United States conducted outside the United States" or "lawful foreign intelligence activities conducted wholly overseas, or wholly against non-United States citizens."

This language makes clear that TIA-like activities may be continuing.

Telecommunications[]

See Telecommunications Industry Association

References[]

  1. The name change was due to the fact that the original name created in some minds the impression that TIA was a system to be used for developing dossiers on U.S. citizens, which the DOD claimed was incorrect. Section 8131 of the FY2004 Department of Defense Appropriations Act (Pub. L. No. 108-87) prohibited further funding of TIA as a whole, while allowing unspecified subcomponents of the TIA initiative to be funded as part of DOD's classified budget, subject to the provisions of the National Foreign Intelligence Program, which restricts the processing and analysis of information on U.S. citizens.
  2. Department of Defense, Report to Congress Regarding the Terrorism Information Awareness Program, Executive Summary 2 (May 20, 2003).
  3. Id. at 1 (emphasis added).
  4. Department of Defense, Office of the Inspector General, Information Technology Management: Terrorism Information Awareness Program, at 7 (D2004-033) (Dec. 12, 2003).
  5. DARPA "aspires to create the tools that would permit analysts to data-mine an indefinitely expandable universe of databases" "to analyze, detect, classify and identify foreign terrorists — and decipher their plans — and thereby enable the U.S. to take timely action to successfully preempt and defeat terrorist acts," quoted in Privacy: Total Information Awareness Programs and Related Information Access, Collection, and Protection Laws, at CRS-1.
  6. Department of Defense, DARPA, Defense Advanced Research Project Agency's Information Awareness Office and Total Information Awareness Project, at 1 (full-text).
  7. Id. at 2.
  8. Although most of the TIA-related projects did involve some form of data collection, the primary purposes of some of these projects, such as wargaming, language translation, and biological agent detection, were less connected to data mining activities.[1]
  9. Department of Defense, Report to Congress Regarding the Terrorism Information Awareness Program 5-6 (May 20, 2003).
  10. The slide presentation of Poindexter's presentation is available here.
  11. Shane Harris, "Counterterrorism Project Assailed By Lawmakers, Privacy Advocates," Government Exec. Mag. (Nov. 25, 2002) (full-text).
  12. Among these bills was S. 188, the Data-Mining Moratorium Act of 2003, which, if passed, would have imposed a moratorium on the implementation of data mining under the TIA program by the Department of Defense, as well as any similar program by the Department of Homeland Security. An amendment included in the Omnibus Appropriations Act for Fiscal Year 2003 (Pub. L. No. 108-7) required the Director of Central Intelligence, the Secretary of Defense, and the Attorney General to submit a joint report to Congress within 90 days providing details about the TIA program. Some of the information required includes spending schedules, likely effectiveness of the program, likely impact on privacy and civil liberties, and any laws and regulations that may need to be changed to fully deploy TIA. If the report was not submitted within 90 days, funding for the TIA program could have been discontinued. Funding for TIA as a whole was prohibited with the passage of the FY2004 Department of Defense Appropriations Act (Pub. L. No. 108-87) in September 2003.
  13. Omnibus Appropriations Act for Fiscal Year 2003, H.R.J. Res. 2, Amend. 59, 108th Cong. (2003).
  14. H.R. Conf. Rep. No. 108-283 (2003) (Conference report on H.R. 2658, Department of Defense Appropriations Act, 2004) (24 Sept. 2003) (full-text).

Source[]