Next Tuesday morning, the Bureau of Criminal Apprehension (a part of the Department of Public Safety) is hosting a presentation for legislators and law enforcement to attempt to round up support for the 'Criminal Intelligence Data' bill (Senate File 1103) that would vastly expand their authority to collect, retain and share secret files on Minnesotans, crucial to expanding powers of Minnesota's 'fusion center,' the Minnesota Joint Analysis Center (MnJAC). SF1103 got halted by civil liberties advocates in 2009, but will be back in January. As budget pressures increase(now pegged around a missing $1,200,000,000 statewide), will authorities face data mining cutbacks, or else get support from politicians for locking down and tracking society further?

This week saw a huge defeat for the authorities' data mining & tracking agenda in the state mainstream media, as Ramsey County Sheriff Bob Fletcher's hazily defined GangNet (overview PDF) and the smaller BCA Gang Pointer File were both ripped apart by a report by the University of St Thomas School of Law Community Justice Project and the St. Paul NAACP, led by associate professor & St. Thomas Community Justice Project director Nekima Levy-Pounds. 55% of the people in Pointer File and 42% in GangNet are black, and the corrupt, halted Metro Gang Strike Force was evidently deeply involved in these.

More coverage: PioPress: Mara Gottfried | TCDP: Sheila Regan: Labeled for life | Strib | Grace Kelly notes | Download St. Thomas report (PDF) | Event: Tues. BCA meeting

Below the fold: More on SF1103, Rich Stanek's Facebook patrol, Minnesota's homeland-security industrial complex, Sprint's 8 million GPS queries for the Man, and bonus links to leaked law enforcement compliance manuals for Internet Service Providers!

New exposures on the "lawful interception" national scene: This week a bunch of important items surfaced. Grad student Christopher Soghoian exposed Sprint providing GPS data 8 MILLION times, as he managed to record two sessions from a non-public wiretapping and interception conference wherein top telecom officials bragged about how much subscriber data they export to the government, and perhaps not surprisingly, Sprint has designed a portal for law enforcement to basically log in and get GPS coordinates of cell phones, though they claim this is only under court order. [More in Wired & EFF, 100MB FTP ZIP of craziness]

The other awesome new bit is all the law enforcement compliance manuals that hit cryptome.org, a delightful repository of weird leaked docs. Find out how Yahoo!, Nextel, Cingular, Ameritech, Cox, GTE and more handle demands for IP addresses &etc.

Local (WI) cops using fake identities to create misdemeanor charges: Of course government units are becoming obsessed with gathering personal data through social networks and then using the data to defame people and look busy. In LaCrosse they made a fake female persona to get into photos of people with beer, then issued drinking tickets. The RNC had fake informant personas and groups. The EFF is suing feds for their social media practices.

Stanek wants Yr Facebook: Hennepin County Sheriff Rich Stanek apparently approved dispatching two deputies to make a housecall upon someone who uses Facebook to satirize political figures. Social networks, including what authorities can collect permanently from them, are generally unregulated, which is part of why the BCA/DPS wants SF1103 to give them carte blanche authority to keep secret permanent intelligence files. [It's also an amazing, opaque waste of taxpayer money.]

Today via SF1103, BCA/DPS wants to ensure that the MnJAC fusion center can give as much data as they want to private actors (like big military-industrial corporations building domestic tracking systems) , conceal the record of collected records from everyone else, and supposedly attempt to 'prevent' crimes by collecting permanent secret intelligence files.

It is important to realize that state legislators do NOT trust the federal government with many types of personal data -- often they see federal systems as dangerously insecure and improperly designed. This is a large part of the reason that DFL and GOP legislators unite to defeat REAL ID legislation every year. However there is no discernable public lobby fighting against this agenda. The MN ACLU chapter gives nice statements, but has not really organized the public against this agenda.

Next week's BCA presentation has been criticized because it is designed to provide a captive audience with one side of the story, exalting intelligence collection and overlooking the many problems and deeply troubling dimensions of the authoritarian data mining agenda.

More on this bill, which was halted last year, from Politics In Minnesota.

www.politicsinminnesota.com/2009/mar09/2295/criminal-intelligence-data-or-control-files-new-bca-proposal-offers-glimpse-major-ex 

Criminal intelligence data or control files? New BCA proposal offers glimpse of major expansion in snooping

"Criminal intelligence data may be shared with: ...(2) a law enforcement agency to charge a person with a crime or allege that a juvenile is delinquent..." That's the best schoolmarm line from a wild new bill emanating from the Bureau of Criminal Apprehension (BCA). One could imagine law enforcement wants to finally comb through all those darn pot-smoking kids on MySpace. In fact, in this bill, they'd apparently get open license to do so.

A plan to redefine statewide law enforcement intelligence-gathering has emerged in the form of Sen. Don Betzold's (DFL-Fridley) aptly titled Criminal Intelligence Data bill (SF1103, no House version). SF1103 offers to redefine the state's fundamental perception of its citizens (as well as economic security), by reorganizing and redefining "criminal intelligence data" concerning "terrorist activity," and likely expanding the maintenance of personal information. Blogger Eric Pusey broke the story; now we've found where the bill came from.

Betzold tells PIM that he was sent the bill by the BCA around a week ago; essentially, it's an agency bill, and if there are issues with it, they'll get their time in committee. It's currently in Judiciary and likely to spend time in the Data Practices subcommittee (possibly on Wednesday at 6 p.m., a source tells us). He says that a group of people mostly from BCA worked it out over the interim and talked to him late last year. He'll work on getting the bill through the Senate process, but adds he has nothing to do with shopping the bill to possible House authors.

BCA Director Tim O'Malley tells PIM that his agency wasn't trying to slip anything past anyone; they've already sent it around. Rather, he says people at his agency sincerely want people to look at the balance between privacy and security; it's the "exact debate we need to have." Law enforcement doesn't want to harass people unnecessarily, says O'Malley, but the public wants "to see us prevent crimes" (which certainly requires intelligence).

"This is a prescription for disaster," says ACLU of Minnesota Executive Director Chuck Samuelson, who tells PIM that politicians, first of all, should be frightened away from this bill. After all, secret stuff about people in the public eye could pile up (accurate or not) and attract unsavory people "like flies to honey" looking to get and use it. "You will be manipulated," he warns; the files "will never be secure."

While he trusts the current top folks at the Department of Public Safety and the BCA to guard against abuses, the problem is when bad people get control of these kinds of new systems, he says.

Rooted in a new paradigm of law enforcement data collection, SF1103 expands the gathering of whatintelligence professionals now call "I2" or Identity Intelligence, in a striking and open-ended way. SF1103 turns personal relationships into "association data," and it also says that the "criminal predicate" to snoop is merely the "reasonable possibility that a person is involved in criminal or terrorist activity." As long as this utterly vague condition is met, law enforcement agencies can maintain and disseminate reams of"association data" and "criminal intelligence data."

Permanent pockets of secret data?

This sensitive issue is "worth debating," says O'Malley. There are times it's "not wise" for law enforcement information to get shared with the public, he warns, and odd tips may need to get investigated; in turn, otherwise-mandated data releases could, sometimes, cause irreparable harm.

Critics of SF1103 draw the line between perpetually-secret "intelligence" and temporary "investigative" data gathering. Generally, the secret information for police investigations gets flushed into the sunlight through court and Data Practices requests, which keeps everyone accountable. Critics of SF1103 say this would change everything by creating a pocket of perpetually maintainable secret "intelligence," sure to be gathered on political movements and activists over the long run.

Samuelson says this bill has parallels to the recently exposed Department of Justice policies (some developed by former DOJ attorney and current University of St. Thomas faculty member Robert Delahunty, he notes), taking us back towards the path of the 1960's and early '70s. It's "exactly" like Total Information Awareness, the explosive DARPA program once run by Iran-contra veteran John Poindexter, says Samuelson. "Whoever has the files has the power."

O'Malley says that everyone needs to understand how technology is advancing. The law and technology are "getting out of sync," and this helps reflect what's going on with data sharing and cutting-edge analysis, while trying to make sure officials "do this as transparently as possible."

They can't afford to miss the kinds of information that might lead to the next Zacharias Moussaoui, he warns. "Hold it, assess it," O'Malley advises, but maybe more checks and balances are needed, he concedes.

Samuelson thinks the "juicy" things will land in files without being verified; once it's "put in, it's alive, real"; it's just "human nature to collect gossip."

Samuelson says it also would create a "monopoly" on information, distorting the "marketplace of ideas" by restricting currently required disclosures, he adds, comparing it to how J. Edgar Hoover kept leverage over all of Washington for decades by maintaining sweeping secret dossiers (mostly kept in his personal office safe).

Under SF1103, tracking of individuals would be "wide open," including for people like pot smokers, says Samuelson, though O'Malley says odds are information on possible minor crimes won't be investigated.

Rather similar to the film "Minority Report," where the law punishes possible crimes before they happen, in SF1103 it seems possible to use the gathered intelligence to guess at people's future actions, an emerging science known as "behavioral modeling" that produces startling results when applied to vast pools of information. [Outliers can easily be flagged; contractors are selling plenty of gadgets to fill this niche.]

Since the "criminal intelligence data" is gathered to "anticipate, prevent or monitor possible criminal or terrorist activity by a person," targets like labor leaders, or demonstrators (on the left and the right) could be targeted if the Magic 8 ball of behavioral modeling emits a "reasonable possibility" of illegal actions.

However, law enforcement needs to fill in the "gaps" needed to "prevent horrendous acts," says O'Malley. "We're looking genuinely to understand both sides" and find the "right and accurate balance," says O'Malley.

BCA & ACLU agree: Fusion centers a meeting point for Minnesota data, policy

Gathering mass data collection into a giant stream, likely monitored in real-time, is required for an emerging feature of American law enforcement: the "fusion center," sometimes called "centers of excellence" (or on a smaller scale, emergency management centers).

Interestingly, O'Malley and Samuelson agree that fusion centers are related to SF1103. O'Malley says an advisory group, with representatives from law enforcement, the ACLU, defense attorneys and others, met more than a year ago to develop a privacy policy (PDF) for the Minnesota Joint Analysis Center (MNJAC), the major Minnesota fusion center, and also "provided the philosophy" behind SF1103. O'Malley characterizes the MNJAC as a key data link between the federal government and the state. (In 2007 the Strib noted MNJAC had little power to push local data into federal systems.)

Samuelson says that policies like SF1103 are all about feeding data into fusion centers, and certainly a way to keep operations—and what they're collecting—secret. He points out there's a tradition of separating federal and local data, but if unverified "tips" could flow into federal computer networks, there would be very little chance of getting those permanently erased, it seems. In December, MPR did a story on the ACLU, BCA policy and fusion centers.

Purportedly needed mainly for anti-terrorism, these centers have generated intrusive busywork to justify their existence and funding: in North Texas a fusion center was caught ordering up monitoring of anti-war groups and lobbying organizations. The ACLU has derided these centers as heavily dependent on contractors, with odd tie-ins to the military and decidedly unaccountable lines of authority. The federal stimulus bill borrowed $250 million to build more.

[PIM previously reported that Lockheed-Martin and the North American Super-Corridor Coalition, or NASCO, are partnered with many local government entities along Interstate 35 to implement the "total transportation domain awareness centers of excellence," essentially transportation fusion centers tied to an RFID-powered tracking system. Lockheed would sell the business data from tracking the containers at their Eagan unit, the docs released from MnDOT said.]

Intel preventing economic "debilitation"?

Another thread: SF1103 could join the long history of anti-labor security laws in Minnesota, first the 1917 Criminal Syndicalismlaw, then the 2002 Anti-Terrorism law (aka the "Minnesota Patriot Act," which says "furtherance of terrorism" is any premeditated felony of "violence to persons or property" beyond $1000 can get 50% more time; the "RNC8" have 16 of these). This could be another tool for law enforcement against disruptive labor tactics, though O'Malley says this kind of angle never came up.

There's a silver lining for people that don't like stuff like SF1103 (but business lobbyists might sense a liability for competitive clients!). By directing "criminal intelligence data assessments" to "a person or government entity when the dissemination is needed to protect the person, government entity or property from the threat of imminent serious harm," it seems like any hostile business moves that might, say "debilitate" a private business become a kind of intelligence or security threat. (O'Malley says the bill was never considered applicable to economic intelligence like this; it never came up.)

RNC data array: What classification for that stuff?

O'Malley says the bill doesn't have much to do with the Republican National Convention, but Samuelson feels it serves to shield the information held by law enforcement after the event: "They don't want that to come out." For example, did hundreds of mass arrestees that never got charged wind up marked in databases? [St. Paul attorney Ted Dooley and others have demanded more of this data in recently filed lawsuits.]

As PIM previously noted, a leaked Minnesota Homeland Security presentation shows how complex data sharing can be for events like the RNC. From the busy days of the RNC's Multi-Agency Communications Center (MACC), the fusion center-like hub of police, Secret Service and military presence in St. Paul, to the many months of intelligence gathered before it, there are tons of RNC-related items in law enforcement computer systems, both nationally and within the state.

[It's interesting stuff. After all, the RNC created lots of complex interactions; weird documents were generated all over from gathered and disseminated intelligence. So would they be made harder for watchdogs to collect?]

The RNC example of the system in action: The defunct federal Department of Homeland Security/American Trucking Associations' "Highway Watch" partnership, which produced horrible RNC intel[PDF] from sensitive pre-RNC intelligence files. (The analysis linked many groups and, WAMM member Coleen Rowley says, propagated defamatory errors around law enforcement circles.]

Public relations specialists note: we like the potential PR spin within "Criminal intelligence data assessments may be shared with... the public to promote public health or safety or to dispel widespread rumor or unrest."

A recent example of spinning privileged RNC data: the Ramsey County Sheriff's Department gave the Heffelfinger/Luger RNC panel urinanalysis tests of the famed alleged urine buckets -- but the County Attorney hasn't gotten around to giving the defense attorneys the same stuff in discovery. Thus, National Lawyers Guild attorney Bruce Nestor complained in a townhall meeting, the whole thing was designed to discredit his RNC8 client without giving him a chance to fire back.

Intelligence or control files?

One grizzled veteran of the covert Central-American plots of the 1980s, shadow finance guru Al Martin, called the dirty data the government keeps on people the "control files." They create leverage and alter decisions simply by their existence. A final data point: SF1103 would use the criminal intelligence data assessments for background checks for government jobs. Too many control files, and you could never reach the inner loop in the first place.