Citizens' Protection in Federal Databases Act Introduced

SewersOfRivendell writes "Quote from http://boingboing.net/: 'EFF, EPIC, CDT, ACLU and Free Congress have drafted a bill that's been introduced by Senator Wyden today, for a new law called "The Citizens' Protection in Federal Databases Act." This is a hell of a law. It finds that various species of spooks are making avid use of commercial and governmental databases, merging them and aggregating them, without transparency, accountability, or any real understanding of the danger to civil liberties involved in this practice. Accordingly, it requires any Fed agency using non-Fed databases to cut it out and make a full report to Congress on who they're buying database and database-services from, what they're doing to preserve privacy, why they're doing what they're doing, and whether they actually have a realistic chance of catching any bad guys. And it calls into account Feds who abuse their authority and limits the kind of doomsday hypotheticals that can be used to justify such abuse.' PDF draft of the bill here."

It's just a draft

[Motherfucking+Shit]

This probably won't be on any .gov sites yet as it hasn't been introduced... It's just a draft. If you check the PDF, the date of presentation is still blank.

I'd keep an eye on Thomas over the next week or so. Once it's been read on the floor, it'll wind up there.

Re:It's just a draft

[Frobnicator]

This probably won't be on any .gov sites yet as it hasn't been introduced

Who moderated that thing up to informative? It specifically says "introduced by Senator Wyden today" so of course it isn't on Thomas records yet -- it takes at least 1 day for that. The ACLU has Their announcement up though.

Found the links I needed.

[James+A.+A.+Joyce]

This article, while not specific to the topic I mentioned, did have a specific quote which describes exactly what I was trying to explain:

"Just by knowing the birth date and ZIP code of the governor of Massachusetts, Latanya Sweeney, a computer-privacy researcher at Carnegie Mellon University, was able to retrieve his health records from a supposedly anonymous database of state employee health-insurance claims. Sweeney also demonstrated that she could do the same for 69 percent of the 54,805 people on the voting list of Cambridge, Mass."

This is from another article, reprinted from Newsweek :

"...don't get complacent: anonymity is hard to achieve. Where once a company needed a name, address, phone number, or Social Security number to identify a person, database technology has made that unnecessary. "Eighty-seven percent of the population of the US can be uniquely identified [only] by their date of birth, gender, and five-digit zip code," says Latanya Sweeney, ALB '95 assistant professor of computer science and public policy at Carnegie Mellon University in Pittsburgh."

And finally, from Dr. Latanya Sweeney's CV itself:

"Recent work includes:

* Identifiability server -- a computational system that determines the identifiability of given data sets and/or of individuals in the United States based on either field descriptions of the data set or on actual data values. For example, combinations of values such as {date of birth, gender, 5-digit ZIP} combine to uniquely identify 87% of the population in the United States."

Better link ...? Here you go.

[gripdamage]

I am looking at the ACLU news page and it is right on top!
Certainly a better resource than "Boing Boing".

Re:Whoops, its only federal

[Irvu]

My understanding is that the issue is not collation of public data so much as the abuse of private data. There a re many laws on the books that restrict the feds from collecting and sharing some types of information (medical records, purchase records, etc.) without some form of judicial oversight. The goal was to erect firewalls between say the IRS's and the FBI and to prevent the growth of TIA-like systems.

However, there are few if any restrictions on the private sector. This is why most of us receive so much junk mail. In recent years, the FBI and others have begun sidestepping their restrictions by turning to private companies to collect and aggregate data for them.

My understanding of this law is that they want to attack that very issue, government sidestepping the very necessary restraints that we have placed on it.

Liberty and Fear

[blacknight84]

This Senator makes me proud to live in Oregon. I would love to see more people of his mindset elected in the next election. But anyways, what I hope comes of this bill even though it is unlikely to pass is more discussion and a general awareness of what all this government FUD is driving the people to do. I hope that this bill gets a lot of attention, and maybe wakes up the country from it's state of fear and warmongering. Chris Hedges had an excllent book about Nationalism, Fear, and all the troubles that this bill aims to stop. Also this bill does a lot to protect our liberty. I enjoined this link on Liberty so I figured may as well share http://www.isil.org/resources/introduction.html

more information

[bob_jenkins]

It's really really hard to remain anonymous when you have lots of joinable databases. We have lots of joinable databases, and there are more all the time. Outlawing joining of databases to preserve privacy strikes me as a lost cause.

However, if the only goal is to add more public information to databases, namely which databases are being joined and why, that's a good thing. Especially if it can be automated.