It’s a simple task: renewing a bank check card. But first, the Wells Fargo Bank clerk requires personal information, “to help the government fight the funding of terrorism.”
How long have you been at your current address? he asks. Are you a U.S. citizen? What are your Social Security and driver’s license numbers? Your date of birth? Your home phone number?
“It’s part of the USA Patriot Act,” explains Sherry Kamkar, the manager of the Santa Monica branch.
Since new security laws were introduced following the Sept. 11, 2001, terrorist attacks, information-gathering has crept into the most basic transactions of American life. Mortgage brokers’ identification procedures must, in the words of one Treasury Department directive, help “determine whether the customer appears on any list of suspected terrorists.” American Airlines recently became the third airline, after Northwest and JetBlue, to acknowledge giving the personal records of millions of passengers to the government.
But other unprecedented information demands are unrelated to the national security drive. Earlier this year, for example, the Justice Department unsuccessfully attempted to subpoena abortion records from hospitals and Planned Parenthood offices, ostensibly to scrutinize enforcement of late-term abortion laws, saying consumers no longer had a “reasonable expectation” of medical record confidentiality.
These forays into areas previously deemed off-limits are part of a growing culture of official information gathering that has some critics calling for scrutiny.
A chorus of concerned citizens, local officials and organizations -- ranging from municipal and state governments to the American Civil Liberties Union, gun rights groups and conservative Republican legislators -- is calling for a rollback of portions of the Patriot Act, the sweeping law enacted by Congress to fight terrorism six weeks after Sept. 11 that critics contend erodes basic civil liberties.
Technology for accessing personal data has grown by leaps and bounds, creating concerns over the potential misuses of immense troves of personal data -- from addresses and birth dates to Social Security and home phone numbers -- routinely relinquished by consumers everywhere from supermarkets to video and auto-parts stores.
Yet at a time when Western Europe and Canada are responding to this information boom with stricter privacy laws, U.S. privacy guarantees are actually being weakened under the banner of national security, experts say.
The Bush administration says the sweeping new investigative powers are needed to prevent terrorist attacks that could imperil thousands of lives and threaten one of the most basic civil rights: to live without fear.
But a soon-to-be-released report from a panel created by Defense Secretary Donald H. Rumsfeld recommends that the Defense Department take steps to ensure privacy when mining data to fight terrorism. The report also urges Congress to pass stronger privacy laws and calls on the courts and the president to take action to protect Americans in the face of new information-gathering technologies that make anti-terrorism privacy issues “not the tip of the iceberg, but rather one small specimen in a sea of icebergs.”
Never before has so much information on private American citizens been available to so many, said Mark S. Frankel, the director of the scientific freedom, responsibility and law program of the American Assn. for the Advancement of Science, which co-sponsored a forum on the issue in Washington a few weeks ago called “Can Anonymity Survive in a Post-9/11 Society?”
“There seem to be more and more efforts to collect information on the assumption that it is going to help protect me against terrorists or provide better business to my customers,” Frankel said. “It’s happening in different sectors, some private, some government and some state. No one is really looking at the whole picture and saying, ‘Wait a minute.’ Slowly but surely, and in different ways, we are giving up our private information.”
One of the greatest risks, he said, is identity theft, which victimized 10 million Americans last year.
Another concern is that information collected under the banner of national security could be misused to monitor or stifle dissidence, Frankel said. Last summer, when Texas Democrats famously took off for Oklahoma in a successful attempt to kill a congressional redistricting plan, Texas officials requested a small unit of the U.S. Department of Homeland Security help search for the plane of one of the filibustering legislators.
The FBI can now gather information on businesses suspected of financing terrorism without informing the businesses. In Washington, D.C., video security cameras monitor protest marches, but they can also be used to keep track of who participates, Frankel said.
“The potential for abuse is not insignificant at all,” Frankel said. “The Nixon administration’s enemies list was well known. We know that the IRS, in the past, has been accused of collecting data on people requested by the White House, saying, ‘Let’s see if we can get them on their taxes and make trouble for them.’ ” A number of Americans are growing more protective of their privacy. The telemarketing “no-call” list was met enthusiastically by more than 58 million subscribers. While a Harris poll conducted in March found that 76% of respondents were confident that U.S. law enforcement agencies will use their expanded surveillance powers properly, some 57% also believed the airlines should have received travelers’ permission before handing over their data.
But in many ways the cat is already out of the bag. A vast amount of information once stored in dusty boxes under the bed is now freely available, thanks to information services that mine supermarket files and real estate and court records.
To show the ease of obtaining personal information, Barry Steinhardt, the director of the ACLU Technology and Liberty Program, paid less than $40 online to obtain the home address and phone number of Adm. James M. Loy, now the deputy secretary for the Department of Homeland Security. Steinhardt raises the possibility that rogue government employees might push political agendas -- or even help terrorists.
Steinhardt said the potential for misuse “has been greatly accelerated by 9/11, because protections have been weakened at a time we should be developing new protections to keep pace with technological advances.
“America has very primitive privacy laws,” he said. “There is a pitched battle going on now in the courts, and in the courts of public opinion, about what is a reasonable expectation of privacy in 20th century America. How that battle is resolved is going to determine how much privacy we have left.”
Idaho Republican Sen. Larry Craig says it has become a “constant struggle to preserve our right to privacy.” Craig, a board member of the National Rifle Assn., has co-written bipartisan legislation, called the SAFE Act, that would restrict or reign in some aspects of the Patriot Act that allow for the secret government surveillance of medical, financial and library records.
“Libraries were a source of information on political dissidence in the McCarthy era,” Craig said. “It led to blacklists and false convictions. If patrons knew the government knew what they were reading, it would have a chilling effect, which is in itself a form of censure.”
Atty. Gen. John Ashcroft vehemently opposes the SAFE Act. Craig, who counts Ashcroft among his personal friends, says he generally supports the Patriot Act and does not believe it has been abused. But having pushed for the investigation of the 1992 confrontation between federal agents and the Randy Weaver family in Ruby Ridge, Idaho, Craig says his state has firsthand experience with the potential excesses of “zealot” agents.
“I am one of those who has a healthy suspicion of my government. If it costs one person their reputation, their business or their family based on false information, then shame on us.”
Former Assistant Atty. Gen. Viet Dinh, who drafted and negotiated the Patriot Act on behalf of the Bush administration, dismissed the SAFE Act as “politics.” He said criminal investigators already had legal access to such records before the Patriot Act, through grand jury subpoenas and other legal avenues. “We’re in this la-la land where people are insisting on extreme readings of [the act],” said Dinh, now a Georgetown Law School professor. “It may well be that all the attention focused on the [act] should be directed at ... other laws relating to privacy.”
Mount Holyoke professor Chris Pyle, a former Army intelligence officer who is now one of the nation’s foremost experts on domestic surveillance, said many of today’s privacy woes date to the Privacy Act, which was passed in 1974 before the creation of major electronic databases. He said corporate lobbying limited the act’s privacy protections to information held by government agencies.
New federal laws that took effect last year restrict access to medical records. But for the most part, Americans are protected unevenly by a patchwork of privacy laws, many of them at the state level.
California, which has some of the nation’s strictest, has banned the wide sharing of data collected by supermarkets. In many other states, that information is sold to third parties. Data collected by pizza parlors, motels and hotels, however, is unprotected nationwide, Pyle said.
The advent of the computer age in the 1980s made it possible to easily access such information. As a result, vast amounts of up-to-date personal data on Americans are available and easily tapped by the government.
Worried about preventing a terrorist attack over the New Year, government agents, for example, subpoenaed hotels and airline passenger records in Las Vegas -- worrying casino owners whose Sin City ad campaign promises that “what happens here stays here.” Commercial data can also be cross-referenced, Pyle said, with new federal watch lists with names of people deemed suspicious though not charged with any crime. Names can be added by participating local police forces and shared by authorities as far away as Italy or the Middle East -- whether the information is correct or not, he said.
“These are secret databases. You can’t correct them like you could a false credit report,” Pyle said. “This means you and I can be caught up in that kind of information swapping.”
One particular component of the Patriot Act, Section 215, has touched off a national movement. The provision empowers federal agents to obtain permission from a secret court operating under the Foreign Intelligence Surveillance Act to review records -- theoretically, everything from a person’s academic and medical files to bookstore purchases and library use -- and obtain a gag order that binds the store or agency providing the material to secrecy.
Opposition to the provision has mounted steadily, with nearly 300 U.S. communities and several states passing resolutions against it. Last year, officials in Arcata, Calif., warned of a $57 fine for those who don’t “promptly notify the city manager” if federal agents request such assistance.
Legislation pending in Congress would amend Section 215. The SAFE Act bill has received the endorsement of such diverse groups as the ACLU, the Gun Owners of America and the American Conservative Union. Some Republican supporters say the surveillance powers could be used against conservatives by a future Democratic administration.
The American Library Assn. joined with the American Booksellers Assn. and PEN, the writer’s group, to collect a million signatures in support of amendments to Section 215.
“It doesn’t matter to our customers whether federal agents are marching in and out of our stores. It’s that they could,” said Phillip Bevis, the spokesman for the coalition’s Campaign for Readers’ Privacy. “That’s all it takes to have a chilling effect.”
Bevis, a lifelong Republican who volunteered for two Reagan campaigns, has other concerns. He is the owner of Arundel Books in Los Angeles, which was served by FBI agents in August 2001 with a subpoena for six years’ worth of customer records for books purchased for Democratic Sen. Robert Torricelli.
“It was a blatant political fishing expedition,” Bevis said. “What if they found out he was buying novels by gay writers or something? It can be extremely damaging. It’s got nothing to do with national security. It’s about dirt.”
Section 215 has also raised international concerns. The Canadian province of British Columbia halted its acceptance of a bid from a U.S. company to manage its Medical Services Plan records while officials studied whether their records could be accessed by the FBI. “We will not go into an arrangement that puts patient information at risk,” Health Minister Colin Hansen said in March.
Washington’s request for Europe’s airline passenger data for flights into the U.S. was initially opposed by the European Parliament. But last week, the European Union agreed, saying the pact provides consumers “adequate protection.”
Privacy advocates say the increased tracking opens a new area of concern: from stalkers, criminals or even terrorists themselves, hacking into the information systems.
“You can hire mercenaries that can do things with technology,” Frankel said, “if someone is really intent on doing evil.”
Surveillance expert Pyle agreed. “If somebody dislikes you and wants to drop a bomb on your house, they can find you very quickly on the Internet.”
Staff researcher Robin Mayper contributed to this report.