Schneier on Security

A blog covering security and security technology.

« No Funding for Homeland Security | Main | New Kind of Door Lock »

March 21, 2006

DHS Privacy and Integrity Report

Last year, the Department of Homeland Security finally got around to appointing its DHS Data Privacy and Integrity Advisory Committee. It was mostly made up of industry insiders instead of anyone with any real privacy experience. (Lance Hoffman from George Washington University was the most notable exception.)

And now, we have something from that committee. On March 7th they published their "Framework for Privacy Analysis of Programs, Technologies, and Applications."

This document sets forth a recommended framework for analyzing programs, technologies, and applications in light of their effects on privacy and related interests. It is intended as guidance for the Data Privacy and Integrity Advisory Committee (the Committee) to the U.S. Department of Homeland Security (DHS). It may also be useful to the DHS Privacy Office, other DHS components, and other governmental entities that are seeking to reconcile personal data-intensive programs and activities with important social and human values.

It's surprisingly good.

I like that it is a series of questions a program manager has to answer: about the legal basis for the program, its efficacy against the threat, and its effects on privacy. I am particularly pleased that their questions on pages 3-4 are very similar to the "five steps" I wrote about in Beyond Fear. I am thrilled that the document takes a "trade-off" approach; the last question asks: "Should the program proceed? Do the benefits of the program...justify the costs to privacy interests....?"

I think this is a good starting place for any technology or program with respect to security and privacy. And I hope the DHS actually follows the recommendations in this report.

Posted on March 21, 2006 at 03:07 PM • 13 Comments • View Blog Reactions

To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.

Comments

The distinction between "prevention" and "interdiction" is unclear to me. For example, strengthening cockpit doors seems to fall under both definitions.

Posted by: Filias Cupio at March 21, 2006 04:59 PM

Their questions on pages 3-4 are close enough to your five steps from "Beyond Fear" I think they should have cited you, Bruce.

Posted by: Pat Cahalan at March 21, 2006 07:14 PM

We used to call it 'plagiarism'. Now I think it's called 'research'. Well, better that they steal it and put it to use than not use it at all.

Posted by: roy at March 21, 2006 07:38 PM

... and at least they plagiarised a good source !

Posted by: Rob Mayfield at March 21, 2006 08:01 PM

"The distinction between 'prevention' and 'interdiction' is unclear to me. For example, strengthening cockpit doors seems to fall under both definitions."

All of those terms are fuzzy. Everything public, for example, has a deterrence effect -- and that's a form of prevention.

Posted by: Bruce Schneier at March 21, 2006 08:14 PM

"Their questions on pages 3-4 are close enough to your five steps from 'Beyond Fear' I think they should have cited you, Bruce."

I citation would have been nice, but I'm not bothered by it at all. Good ideas are meant to be used.

Posted by: Bruce Schneier at March 21, 2006 08:31 PM

A lot of credit is due you, Bruce, for an influential (because its understandable) discussion of security and trade-offs in Beyond Fear. It played an important part in the development of my thinking and in the drafting of the document. But it would be unfair to discount the dozens of people - members of the committee, witnesses before the committee, and members of the public - who contributed. Now, like you said, let's hope the DHS (and our committee) follows the recommendations in the report.

Posted by: Jim Harper at March 21, 2006 09:26 PM

But what do I know? I don't have any real privacy experience. :-P

Posted by: Jim Harper at March 21, 2006 09:49 PM

"The distinction between 'prevention' and 'interdiction' is unclear to me. For example, strengthening cockpit doors seems to fall under both definitions."

I always thought that 'interdiction' referred to stopping an ongoing activity, whereas 'prevention' referred to stopping something before it begins. Some things (such as strong cockpit doors) may do both. By way of contrast, a network firewall would interdict hostile traffic, but not prevent it.

Posted by: packrat at March 22, 2006 01:32 AM

''We used to call it 'plagiarism'. Now I think it's called 'research'.''

...as Tom Leherer said :-)

Posted by: Paul Crowley at March 22, 2006 03:56 AM

From your article on the five steps: "We don't allow torture (officially, at least). Why not? Sometimes a security measure, even though it may be effective, is not worth the costs."

Congratulations, Bruce, it seems the President himself is reading your articles. Unfortunately, it seems he disagrees with you about whether it's worth the costs.

Posted by: Kne at March 22, 2006 08:25 AM

"From your article on the five steps: 'We don't allow torture (officially, at least). Why not? Sometimes a security measure, even though it may be effective, is not worth the costs.'

"Congratulations, Bruce, it seems the President himself is reading your articles. Unfortunately, it seems he disagrees with you about whether it's worth the costs."

I think we also disagree about whether or not it's effective.

Posted by: Bruce Schneier at March 22, 2006 02:15 PM

DHS has admitting in its official website the practice of conducting "MAPPINGS" on all U.S. Naturalized citizens. DHS can tell and show where all U.S. Naturalized citizens are. DHS also gives a definition of who a naturalized citizen is: someone who is above a "green card" alien lawful permanent resident with limited citizenship rights. DHS just changed the 14th Amendment first sentence.

Posted by: Dr. Miguel A. Contreras at November 18, 2006 06:41 AM