Investigative Data Warehouse (IDW)

From Cyberlaw

Investigative Data Warehouse (IDW) is an expanding searchable computer system, in operation since 2004, devised and developed for the needs of the FBI. Available is only basic, brief and parenthetical information about it. Michael Morehart of the FBI described it in a testimony before the House Committee on Financial Services in 2005 as "a centralized, web-enabled, closed system repository for intelligence and investigative data”. On August 30, 2006 CBS devoted an article to IDW “FBI's New Data Warehouse A Powerhouse” where the system was defined as an “uber-Google” for more than 650 million records. According to CBS, IDW, an achievement in the process of upgrading Bureau’s information infrastructure, allows sharing information among FBI offices or departments. IDW is purportedly fast and agile, capable of preventing situations like the one that happened two months before 9/11, when a memo about al Qaeda related flight school students, written by an agent in Phoenix, could not reach Minneapolis agents investigating the issue, as there had existed no common information exchange infrastructure at their disposal. Hence, the system may be one of the main tools for protecting Americans against threats to their security. Depending on how efficient it is. Notwithstanding security issues, policies built upon the systems like IDW follow a common pattern of attitude towards civil rights protection. That is that the US government seems to treat the protection as irrelevant as long as, even potentially, it is deemed to be capable of impairing work of law enforcement agencies like the FBI. The less the public knows about how the systems like IDW work, the better for the security, the argument goes. Undoubtedly, blackwashing operational details of how the information is collected and shared would undermine the very crux of the FBI’s mission (you do not expose your tactics to an enemy). Yet, the enemies have learnt already that the FBI has got the uber-system. They have gained knowledge about it from rumors and half-words spread by the U.S. government. The very same policy of the FBI taught them that the agency has been collaborating with Internet providers on collecting information on subjects of investigations using Carnivore systems or programs like Red Hook or DCS-3000— (See e.g. The Implementation of the Communications Assistance for Law Enforcement Act, U.S. Department of Justice, Office of the Inspector General Audit Division, Audit Report 06-13, March 2006, Appendix VII, p. 127, where both Red Hook and DCS-3000 are mentioned as FBI ad hoc solutions). And it takes a brief moment of typing ECHELON into wiki to learn all that the public knows about the most global of all the reported surveillance systems. The U.S. government may calculate that uttering scraps of information about the systems deters potential terrorists from using IT enabled means of communication, still making terrorist activities vulnerable to detection. But not hiding statistics on the number of instances the systems have been really indispensable for law enforcement purposes, the government exposes itself to critics, whose account has been clearly set in one of the blogs:

“Here’s my question, with all this high tech spying and invasion of privacy, what has the FBI and or CIA found? How am I, and my family, safer for your efforts? Enlighten the public as to how many potential national threats, or terrorist plots, that you have foiled with these projects? I won’t hold my breath. I’ll answer for you Mr and Mrs FBI/CIA. You aren’t concerned with terrorist plots anymore. Maybe you never were. After 9/11 the operation was not to keep America safe, it was to keep America united under GOP with tyranny and OIL for the rich.” (“The Most Boring Blog in the World”).

This opinion may be utterly wrong. But concealing information proving to the contrary, the U.S. government is not only unfair to its citizens deprived of knowing whether their taxes are efficiently disposed for national security purposes. It also strains trust and legitimacy in governmental operations if they ensue doubts about civil liberties protection. Against this background Electronic Frontier Foundation filed two FOIA complaints against the Department of Justice in October 2006. One, concerning IDW, the other—on [http://www.eff.org/flag/dcs/dcs_complaint.pdf Red Hook and DCS-3000. On statutory grounds of federal acts protecting privacy, the EFF claims that the Bureau has published neither a “notice of the existence and character of the system of records” under the provisions of the Privacy Act of 1974, 5 U.S.C. § 552a(e)(4), nor a “privacy impact statement,” under the provisions of the E-Government Act of 2002, P.L. 107-347. Now, whose side should the law assume in such cases? Despite the attempts of the activistst, civil rights protection is emasculated in such situations, as the example of TECS SORN reminds. Claiming exemptions established in 5 U.S.C. 552a (j)(2) and (k)(2) the Bureau of Customs and Border Protection avoided discussing most of the civil liberties safeguards that this act establishes, rendering the SORN and Privacy Impact Assessment stripped of their basic function—informing the public about what the government does with the records on individuals. And Sec. 208 (b)(C) of the E-Government Act clearly allows agencies to modify or waive the obligation to make privacy impact assessment publicly available through the website of the agency if security reasons are at stake.