'War on Terror' Allies Form Information Consortium

Wowsers writes us with a story from The Guardian about FBI interest in connectivity between its own database resources and those abroad. It's spearheading a program labeled 'Server in the Sky', meant to coordinate the police forces of the United States, the United Kingdom, Canada, Australia, and New Zealand to better fight international crime/terrorist groups. The group is calling itself the International Information Consortium. "Britain's National Policing Improvement Agency has been the lead body for the FBI project because it is responsible for IDENT1, the UK database holding 7m sets of fingerprints and other biometric details used by police forces to search for matches from scenes of crimes. Many of the prints are either from a person with no criminal record, or have yet to be matched to a named individual. IDENT1 was built by the computer technology arm of the US defence company Northrop Grumman. In future it is expected to hold palm prints, facial images and video sequences."

UKUSA Community

[daveschroeder]

The United States, the United Kingdom, Canada, Australia, and New Zealand make up the "UKUSA Community", which has been sharing information and intelligence in cooperative programs since World War II.

There are three categories of individuals proposed for this initiative:

- internationally recognised terrorists and felons
- major felons and suspected terrorists
- subjects of terrorist investigations or criminals with international links

Categorization makes sense, and information sharing between allies for individuals suspected to travel internationally and who may want to actively target Western nations makes sense.

Every new database or mechanism for tracking or identifying individuals has privacy implications. Those implications must be managed by the laws of each respective nation. But increased information sharing will, by nature, almost always decrease "privacy".

As a DNI official recently noted, "We have a saying in this business: 'Privacy and security are a zero-sum game.'"

Keep in mind, though, that this data is data that the respective nations already gather via law enforcement and investigative means. It is in databases that are already maintained. The proposal is to collectively share the information in these databases. Any argument that there might be privacy implications to voluntarily sharing data between allies, or that simply building the infrastructure and capability to do so creates an opportunity for abuse (with the implication that it should therefore not be done) are very weak arguments. The merits or drawbacks of the proposed program itself are what is at issue; not the technology. Arguing that technology shouldn't be used for the purpose is the same as arguing that law enforcement shouldn't be able to use, say, computers, databases, telephones, cameras, or vehicles because they "enhance" their abilities, and "could be abused". So, when arguing for or against this initiative, please concentrate on the actual initiative itself, not the unsurprising fact that long-time allies are cooperating with one another electronically.

If Northrop Grumman did as well with IDENT1 as it did on Grants.gov in the early stages, we can expect it to not be very functional. ;-) (General Dynamics now holds the Grants.gov contract.)

Re:UKUSA Community

The problem is that the technology can lead to a significant difference in the way the data is used. Just look at Echelon (again, a very similar "data sharing" agreement between the same block of countries).

Although one could also argue with Echelon that "this is data which was already collected by the respective governments", the fact that a country received data that they were legally prohibited from collecting themselves was the issue. I could imagine a similar situation here, when all countries routinely begin collecting fingerprints from everyone entering their borders (as the USA already does).

Such data-collection programs can slip through, because the government says "we just collect the data on foreigners!". The fact that they then immediately make this data available to the other countries, and in return immediately receive access to similar data about their own citizens, is never mentioned.

The technology becomes an issue because it then allows massive trawling through the data. When fingerprint data exchange involved faxing a blurry copy across the Atlantic, abuse is effectively limited _by_the_technology_. When the home-government can instantly search through every fingerprint of every citizen who has ever visited one of the partner countries, it becomes a whole different animal.

Re:UKUSA Community

[Umuri]

Disclaimer: I do not hold the opinion i express in this post. In fact I hold no opinion on this topic whatsoever because I have not read enough to be informed. This is merely presented, like most of my posts, to be a devils advocate to promote looking at the converse arguments to any given statement.

You said that
"Any argument that there might be privacy implications to voluntarily sharing data between allies, or that simply building the infrastructure and capability to do so creates an opportunity for abuse (with the implication that it should therefore not be done) are very weak arguments."

Let me propose a slight different view for you.
Most countries have laws protecting their own citizens private rights, but not those that aren't their citizens.
Now, if more than 2 countries have such a policy, then share information freely, it effectively gives both countries freedom to spy on their own people, without any reprecussions. They just ask their partner country to do it. In most cases they don't even need to ask, it's already in the databases somewhere, due to how vast most foreign policy spying is.

The privacy implication is that by sharing information, you are allowed to violate laws in your own country by letting countries where its not illegal do it then give you the ill gotten gains.

Re:UKUSA Community

[BobMcD]

Supposing an overseas privateer runs off with this data, whose jurisdiction would attach?

Any argument that there might be privacy implications to voluntarily sharing data between allies, or that simply building the infrastructure and capability to do so creates an opportunity for abuse (with the implication that it should therefore not be done) are very weak arguments. They aren't weak at all. They are quite valid considering the fact that there isn't any such thing as a world government that can intervene when things go wrong. And humans being what they are, things WILL go wrong eventually. This isn't like Texas and Arkansas sharing information, as those belong to the same greater nation. Likewise, there exists a European Union across the pond. If you can't imagine the issues when sovereign nations start trading protected information without an enforceable body of law to govern its use, well, I don't know what to say to you...

What would you say, by the way, if we were trading this information with Iran, Russia, China and/or Nigeria? Same difference?

So, when arguing for or against this initiative, please concentrate on the actual initiative itself, not the unsurprising fact that long-time allies are cooperating with one another electronically. It may well seem natural, but I still contend that we have ZERO control of what these allies do with our data once we hand it over. This alone is a good reason to abstain. Instead, why not attach the principle of 'minimum necessary'? Isn't that still an axiom in security?

Re:UKUSA Community

[daveschroeder]

The US government makes quite extensive use of open source software. In the Intelligence Community alone, some of the examples of open source software in use on Intelink, the IC's three networks that run at UNCLASSIFIED, SECRET, and TOP SECRET/SCI levels:

- LAMP (Linux, apache, PHP, MySQL) stacks to support a wide variety of applications, such as some below
- MediaWiki powers Intellipedia, the highly successful wikis that run on the three iterations of Intelink
- phpBB powers Intelink Forums
- WordPress MU enables the current generation of Intelink Blogs
- Jabber provides the IC-wide Intelink Instant Messaging
- tag|Connect is a social bookmarking tool based on del.icio.us
- Zimbra powers the uGov Collaboration Suite
- RSS, XML, and other open standards are used extensively
- ...and much more

These services are run in robust, highly available environments, and have gotten great support within various IC components. In fact, much of the social software movement within the IC is reliant on open source software and open standards, and they have been embraced. For a great overview of what the IC is doing with social software, see:

- 'The Intellipedians' The social software movement within the U.S. Intelligence Community, Federal Computer Week, 16 August 2007

And if you don't want to sit through the presentation (it is a bit long, though quite good), see:

- Open-Source Spying, New York Times Magazine, 3 December 2006
- A Wikipedia of Secrets, Washington Post, 5 November 2006

And on the newest initiative, A-Space:

- Logged In and Sharing Gossip, er, Intelligence, New York Times, 2 September 2007
- Classified social-networking system promises to help U.S. spies talk, collaborate, Associated Press, 5 September 2007

Some of the articles are a little over-simplified, but the reality is that social software running on open source platforms and environments is taking off in the Intelligence Community.

Re:UKUSA Community

[vegiVamp]

> "UKUSA Community"

Now why did I read that as Yakuza community ?

Re:UKUSA Community

[Shakrai]

Otherwise known as the Anglo Saxon alliance, South Africa got kicked out for some reason.

There is no "Anglo Saxon alliance". The Anglosphere is made up of English speaking countries that share a common culture and history. South Africa is definately considered to be part of the Anglosphere.

There are many overlapping alliances and agreements between members of the Anglosphere (the "special relationship" between the US/UK, the Anzus treaty, the US/Canadian Joint Board of Defense, NORAD, etc, etc) but there is no one "Anglo-Saxon alliance" as far as I'm aware and the members of the Anglosphere have their share of disputes (trade disputes between the US and Canada, New Zealand banning nuclear vessels from their ports, US treaty obligations to Latin-America that conflict with the goals of other Anglosphere nations, etc, etc).

Re:UKUSA Community

[mr_mischief]

The problem isn't that you might be accused when innocent. That happens, and it's sad, but there's no way to stop that without, as you say, scrapping the whole system. The problem is that if your name has ever been associated with an investigation, even if you weren't the suspect and even if it was somebody else with your same name, they start trying to keep you from traveling freely and start spreading FUD about you anywhere a government agency has a hand in operating something.

The US no-fly list has already suffered from this. You can be fairly sure the NSA domestic spy program has done the same, since it's harder to pin them down as affecting the wrong people. Now, these governments are going to be notified overseas, so that the Anglophonic monoculture in which most Americans have been sheltered for generations provides nowhere to which you can expatriate if you decide the US is not for you because of problems like this. Even if the other countries enter into this program with honorable intent, if they're trusting data from an increasingly corrupt and heavy-handed member nation then their databases are the sentence whether or not you've committed any crime.

Both major parties in the US are in favor of this sort of thing, too. Don't imagine for a second that if the supposed small-government people in the Republican party want more government interference and more power over the people that the Democrats, who think government can solve everything, will get rid of it or clean it up. The only way to keep the government from controlling the people is if it's small enough for the people to control it.

Re:Server in the Sky?

[Broken+Toys]

Why not call it Skynet and just accept the inevitable?

Why not Interpol?

[Mikkeles]

Given that this is really crime rather than military intelligence and the like, I wonder why this isn't done through Interpol. It seems especially silly as most (all!?) of the nations that contain the source of the current generation of terrorists are excluded.

they're trusting us with the database?

[rucs_hack]

Seriously, the UK doesn't exactly have the best record on keeping databases safe.

Not that I care. I'd be willing to bet that 99.9 percent of the contents of any anti terror database is crap kept in there to make it seem important. Or stuff they think is important, but when it comes down to it is worthless.

Really, if sending huge armies to stampede across the middle east didn't work, how is a database going to help? Are we going to send sql queries at them or something?

Re:Server in the Sky?

[$RANDOMLUSER]

Sure, why NOT call it "Server in the Sky"? After all, it's purpose is To Serve Mankind.

I wouldn't worry too much about the FBI

[MikeRT]

Their last major IT projects were spectacular failures that never went anywhere, and I don't see how this is going to end up much different. This will probably go the way of Virtual Case File, among others.

Re:I wouldn't worry too much about the FBI

[I8TheWorm]

the computer technology arm of the US defence company Northrop Grumman

What are you talking about?!? I just did a contract for NG a couple of years ago where I wrote a reporting system for a yet unclassed ship in C# using CR! How could the brilliant minds that come up with that architecture for military vessels be associated with failure?

disclaimer: I needed the money

U.S. government has killed 11,000,000 people...

[Futurepower(R)]

The U.S. government has often used its "cooperation" with the governments of other countries to corrupt those governments. See, for example, Coups Arranged or Backed by the USA. Most or all of that corruption happened for profit, such as kickbacks of U.S. government foreign aid. When the governments of Israel or Pakistan buy weapons from U.S. manufacturers using money from "foreign aid", that is embezzlement of taxpayer money.

The Cooperative Research History Commons is very valuable for those wanting to do their own research.

The poorly edited but very interesting free movie Zeitgeist explains in three parts that 1) People who believe in myths are easily manipulated. 2) It is common that people are manipulated through fear. 3) The U.S. monetary system is controlled for the profit of a few individuals. (Also see The Creature from Jekyll Island, an excellent but not perfect book about financial corruption.)

The U.S. government has killed directly or indirectly caused the death of an estimated 11,000,000 people since the end of the Second World war, partly by invading or bombing 25 countries.

Re:Sounds more like...

[MrMr]

I'd say the 'Puritan Coalition' is closer to the mark, or perhaps 'the coalition of countries that don't talk funny'.

For the People, By the People?

[curmudgeon99]

What the hell has happened to our government? Have they forgotten that they exist to serve us, not to use us. This is another example of how we need to stop our government from intruding so deeply into the privacy of its citizens. What are we fighting for--if we surrender our freedoms in the name of fighting that amorphous all-purpose villain, terrorism?

Let me tell you a story

[Zeinfeld]

Let me tell you a story, a true one as it happens. Its about how I became a leftie.

As some folk on the net know I come from a political family. My cousin was chairman of the UK Conservative party. Other members of the family have been in pretty much every movement you can imagine. One of my great aunts chained herself to the gates of Greenham common at the age of 80 or so.

When I arrived at University I knew a couple of things. First I distrusted the jingoism of the Tory party, I thought their economic policy sucked but I thought that whatever their intentions might be on the cold war they did at least stand up for freedom.

First week a member of SUCA, Southampton University conservative Association tells me about the blacklist the party ran through an organization called the Economic League. Circulated to employers in the engineering and defense industries. Anyone who signed up for radical politics would be on it.

Fuck you I thought. Joined the Labour party the same day. When you have a political party resorting to Stalinist tactics its time to get rid of them. Lets have denouncement boxes at every corner like they had in East Germany.

I found out later, when the FCS was wound up by the Tory central office, that this particular Stalinist scheme was one of the reasons. I have no way of knowing if my particular complaint made it through but there were many others.

The list became public after Robert Maxwell bought a copy and dumped it at the Labour party conference. I was not on it, which of course I took as an insult. But every member of the SUCA committee was. They had basically been reporting on each other during their perpetual faction fights.

When a government has as much power as the Bush administration has claimed, when it considers the first ammendment and compliance with the Geneva Conventions optional extras rather than the law of the land, when it starts wars on stovepiped intelligence and dismisses real intelligence that does not comply with its opinions, when prosecutors who charge corrupt politicians of the President's party or refuse to bring trumped up charges against the opposition are dismissed, when other prosecutors who do the reverse keep their jobs, when no member of the Cabinet can give a straight definition of torture, when all of these are true and more, it is time to say that this is a government that must have less power and not more. We must fear the Bush administration far more than any of the bogeymen they keep to scare us.

Re:Let me tell you a story

[an.echte.trilingue]

Let me tell you a story, a true one as it happens. Its about how I became a leftie. Very interesting post. However, you never said how you lost your right hand...

Just remember...

[Jtheletter]

It's not illegal for the US to spy on British citizens, and vice versa. This is a potential conduit for getting around pesky little details like domestic wiretapping laws.

IFF [sic] they keep to their mandate of tracking only international criminal suspects, then this is a good thing and merely links DBs that already exist. It's the potential expansion of sharing all data for any reason that may be cause for worry.

Re:Server in the Sky?

[Ajehals]

That name was already taken.

nothing to hide?

[lysse]

Anyone trotting out the "if you have nothing to hide you have nothing to fear" line should be forced to use toilets with security cameras installed in the cubicles. (Unless they already are, and it's Stockholm Syndrome speaking.)

Re:Server in the Sky?

[djasbestos]

Add automated snatch vans and it becomes more like a federal EasyBake oven...

Greenbaum "Spirit in the Sky"

[toddhisattva]

The song is already a Jihadi song, you only need to change one word!

"Spirit in the Sky" by Norman bin Greenbaum:

When I die and they lay me to rest
Gonna go to the place that's the best
When I lay me down to die
Goin' up to the spirit in the sky
Goin' up to the spirit in the sky
That's where I'm gonna go when I die
When I die and they lay me to rest
Gonna go to the place that's the best

Prepare yourself you know it's a must
Gotta have a friend in Muhammad
So you know that when you die
He's gonna recommend you
To the spirit in the sky
Gonna recommend you
To the spirit in the sky
That's where you're gonna go when you die
When you die and they lay you to rest
You're gonna go to the place that's the best

Never been a sinner I never sinned
I got a friend in Muhammed
So you know that when I die
He's gonna set me up with
The spirit in the sky
Oh set me up with the spirit in the sky
That's where I'm gonna go when I die
When I die and they lay me to rest
I'm gonna go to the place that's the best
Go to the place that's the best

Re:Server in the Sky?

[Ucklak]

So we have the program "Star Wars" and now we have "Skynet".
Before you know it, they will want to 'recycle' people when they turn 30 and
there will probably be a 'Green' company to provide high energy biscuits to people and the company name will be "The Soylent Biscuit Company".

Has imagination left mankind?