more on State Department Link Will Open Visa Database to Police Officers

[Dave Farber <dave () farber net>]

------ Forwarded Message
From: Ross Stapleton-Gray <amicus () well com>
Date: Fri, 31 Jan 2003 10:16:26 -0800
To: dave () farber net, ip <ip () v2 listbox com>
Subject: Re: [IP] State Department Link Will Open Visa Database to Police
Officers

At 10:54 PM 1/30/03 -0500, Dave Farber wrote:
> State Department Link Will Open Visa Database to Police Officers
> ...
> WASHINGTON, Jan. 30 - Law enforcement officials across the
> country will soon have access to a database of 50 million
> overseas applications for United States visas, including
> the photographs of 20 million applicants.
> ...
> "The availability of this information will change police
> conduct," said Marc Rotenberg, executive director of the
> Electronic Privacy Information Center, which has advocated
> more Congressional oversight of domestic security
> operations. "You are more likely to stop someone if you
> have the ability to query a database."

I'd go further than Marc, here; availability of such a database, to a huge
community of new users, invites all sorts of flavor of abuse.  We
(citizens, and concerned public servants) ought to demand and ensure
appropriate oversight, and monitoring of how this thing ends up being
used.  That ought to be a general concern: more effective use of
information by government isn't the problem, it's abuse of greater
knowledge that's the problem.

In this particular case, an enormous collection of information is to be
made available to a very large and diverse set of new users, who'll have
various motives (and some, doubtless, less than pure) for use, and who'll
report to various agencies, state and local governments, etc., with varying
degrees of interested and ability to oversee their operations.

One might easily imagine a corrupt police department using the State
Department's database to extract information to further criminal activities
(e.g., putting the squeeze on drug dealers' families), or, worse,
penetrations of U.S. law enforcement by foreign criminal organizations (we
need to avoid the situation where, if the Cali Cartel turns a single
sheriff's office, they can mine the State Department's records--albeit just
"sensitive but unclassified" ones--on anyone, anywhere with an interest in
a U.S. visa).

The State Department has underinvested in information technology for a
long, long time, and I don't imagine it will come out of the box with a
bulletproof solution to what is a hard problem: sharing sensitive
information with a large community with varying "needs to know," and with
little means to authenticate actual users and uses.

I'd be interested in hearing how this develops; having spent a chunk of my
career in the Intelligence Community, and among the foreign embassies in
Washington D.C. (http://www.embassy.org), I know there are a lot of
interesting and useful things that might be done, but there are as many
ways to do them wrong...

Ross
amicus () well com
http://www.fuzzycloud.com





------ End of Forwarded Message

-------------------------------------
You are subscribed as interesting-people () lists elistx com
To unsubscribe or update your address, click
  http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/