Congress struck a blow at the Pentagon last week. The House and Senate aligned to severely restrict a Pentagon program known as Total Information Awareness (TIA).
TIA was developed to monitor personal health, financial, and travel information collected from commercial databases and e-mail carried over the Internet. TIA ties together disparate information so it can be analyzed to help determine if any single individual is about to break the law. The program was accelerated in the face of terrorist threats. Its stated intention is to prevent further terrorist attacks against the United States.
TIA is interesting in part because it sounds like a CRM software product. Personal data is collected from multiple databases. Over time, the data is analyzed to determine patterns, which are used to predict future behavior. The business (or the Pentagon) reacts appropriately based on anticipated future behavior. The big difference, of course, is instead of generating incremental revenues from widgets, TIA prevents evildoers from practicing their trade.
A Wall Street Journal column last April detailed how Siebel, a major CRM software manufacturer, pitched government prospects on the value of its product to fight terrorism. The Journal wrote, "With Siebel software, it seems, exposing even the stealthiest terrorist plot is scarcely more difficult than ordering a book from Amazon. And not only is the software effective, it would be easy to install; Siebel promises that such a system could be up and running at the FBI in 18 months, tops." It continued, "Some industry professionals who viewed the Siebel presentation... were appalled at what they considered its grossly exaggerated promises."
Anyone introduced to CRM through a sales presentation typically comes out believing CRM is the cure for all that ails you. I find it just a tad disconcerting government officials may pin their hopes of halting terrorism on a CRM PowerPoint show. I hope they realize such presentations include bold statements from an industry that's earned a reputation for over-promising and under-delivering. I have no knowledge if Siebel's platform is in any way connected to the TIA initiative. That said, the Siebel presentation circulated through Washington last year. The TIA initiative sounds similar enough to think at the very least, Siebel struck a chord in someone in the Pentagon.
The sheer scope of TIA is daunting. There have been reports information collected would not only include traditional data, such as credit card records and phone logs, but also video surveillance from places such as airports. Implementation would be exponentially more difficult and time consuming than even the most detailed CRM initiative to date.
Knowing TIA would be funded out of taxpayers' pockets, I think about how many $400 ashtrays I've paid for in the past. Those, and the number of corporations suffering significant delays and cost overruns implementing CRM systems that pale in comparison to TIA's scope. In the end, I could justify the program's existence, no matter how long it might take to be operational or how much it may cost. The potential upside of identifying terrorist activities and preventing loss of human life is too great.
Remember, though, Congress severely restricted TIA's use. The issue wasn't cost or time to implementation. Congress was worried about personal privacy. The amendment passed prohibits the Pentagon from using TIA to examine American citizens' personal data. Victory over Big Brother. Privacy hawks were out in force. Sen. Ron Wyden was quoted as saying, "It looks like Congress is getting the message from the American people loud and clear and that is: Stop the trifling with the civil liberties of law-abiding Americans."
Perhaps the Pentagon should try DoubleClick's approach. Separate personally identifiable from non-personally identifiable information, à la Abacus Direct. The Pentagon could go hog-wild analyzing non-personally identifiable information for patterns indicating deviant behavior. When a pattern is uncovered and a terrorist plot identified, it could request it be allowed to tie its data to personally identifiable information to make an arrest. Personally identifiable information would be protected. Access would be permitted only by court order. OK, so maybe it's a bad idea.
Since reading about the congressional amendment, I've debated TIA. I'm a law-abiding American citizen, have concerns about protecting my personal privacy, and am skeptical of how the government may ultimately use information it collects about me. At the same time, I'm a law-abiding American citizen, have nothing to hide, and want to see government take whatever action necessary to prevent another tragedy such as September 11.
I haven't reached a decision as to whether I agree with the amendment. I may be willing to give up my right to personal privacy in the hope it might protect a broader group of people.
We certainly live in interesting times.