Pages

Thursday, October 11, 2012

Fusion centers pose privacy and civil liberties risks, says The Constitution Project



The nation's 77 state and regional fusion centers can pose serious risks to civil liberties, finds a new report from The Constitution Project, which makes a number of recommendations about how the centers should collect and store data.
Among the report's (.pdf) findings is that the threshold for entry of a person's personally identifiable information into a fusion center database--where it could be accessed by other fusion centers--is too low. Ordinarily, federal regulations prohibit state law enforcement agencies that receive federal funding from maintaining personally identifiable information in criminal intelligence databases unless there exists reasonable suspicion that the individual is involved in criminal conduct or that the information is relevant to criminal conduct.
But the Justice Department interprets regulations to exclude from those conditions the data gleaned from suspicious activity reports on the ground that SARs are "tips and lead data" and not criminal intelligence information.
State and federal standards for activities that can cause local law enforcement to file an SAR are broad, the report notes, encompassing behavior such as using binoculars or taking notes. The report doesn't suggest stricter SAR thresholds, stating that such behavior might warrant an initial inquiry, but does say that reports on individuals should not be retained in government databases unless reasonable suspicion can be established.
The center also urges greater federal oversight of fusion centers, recommending that the departments of Homeland Security and Justice should periodically audit fusion centers to ensure compliance with privacy and civil liberties rules.
"One of the most pressing concerns regarding fusion centers is accountability," report authors say, adding that fusion centers should also allow individuals to correct inaccurate information about them in fusion center databases. Some state fusion centers have adopted policies that allow individuals to access their records although with some restrictions, but they don't have a clear process for individuals who seek correction of mistaken information.
Report authors also recommend immutable audit logs for any database accessed by fusion center personnel, whether the database is an outside one hosted by other government agencies or the commercial information reseller databases that many fusion centers subscribe to.


Civil Liberties, Privacy, and Fusion Centers

Fusion Centers
The Constitution Project has published a new report concerning how fusion centers can protect civil liberties while still defending against terrorist threats.
"Fusion centers are information-sharing hubs that facilitate the exchange of critical information among federal and state law enforcement, intelligence agencies, and sometimes even military officials and private sector entities. Fusion centers have the potential to dramatically strengthen the nation’s law enforcement and counterterrorism efforts. However, without effective limits on data collection, storage and use, fusion centers can pose serious risks to civil liberties, including rights of free speech, free assembly, freedom of religion, racial and religious equality, privacy and the right to be free from unnecessary government intrusion."
Some of the key issues outlined in the report include:
  • Risks of Racial, Religious and Political Profiling
  • Suspicious Activity Reports and Privacy
  • Fair Information Practice Principles
  • Transparency
The report contains policy recommendations in the categories of data collection, data storage and use, and accountability.



Related Articles:
Backgrounder: Privacy and Civil Liberties Oversight Board
HSPI: Fusion centers too oriented toward law enforcement
All fusion centers should be 'all hazards,' says DHS OIG

No comments:

Post a Comment