Editor’s note: This column was co-authored by Emmett McGroarty.
As the Commission on Evidence-Based Policymaking (CEP) decides how much data the federal government should be allowed to collect and share on American citizens, it’s prudent to consider what damage has resulted from misuse of the data the government already has. Just two examples – one newly discovered – illustrate the danger of giving the government more and more access to citizen data, even with good intentions.
CEP was created by bipartisan legislation to review current data-collection by the federal government and develop “recommendations for increasing the availability and use of this data in support of rigorous program evaluation.” One of the proposals CEP is considering – advocated by wealthy and powerful players – is to create a centralized database where the various federal data silos could be linked to create one-stop shopping for researchers and program evaluators.
But evidence of government misuse of confidential citizen data raises alarms about taking this step toward a Chinese-style dossier system.
The first example comes from recently declassified government documents submitted to the FISA (Foreign Intelligence Surveillance Act) court. These documents reveal that, contrary to assurances from former Director James Comey and other FBI officials, the FBI illegally shared raw intelligence about Americans with unauthorized third parties. This intelligence came from the NSA which, under FISA, is allowed to disclose to the FBI communications of Americans with “foreign targets.” This disclosure bypasses the usual requirement that the FBI obtain a warrant before collecting surveillance data on American citizens.
As revealed by a report from the news outlet Circa, the evidence of illegal disclosures came from both FBI officials and an Inspector General’s report. The Circa report described “instances of ‘disregard’ for rules, inadequate training and ‘deficient’ oversight and even one case of deliberately sharing spy data with a forbidden party.” In other words, the FBI admitted that confidential information on American citizens was either negligently or intentionally disclosed to parties not authorized to see it. And the scale of the impropriety has been described as “staggering.”
These documents also revealed that the FISA court issued a “harsh rebuke” of the Obama administration’s practices related to the NSA database. After the court berated them for “institutional lack of candor,” administration officials admitted that only days before the 2016 election, government employees were illegally snooping into the NSA database.
The other example illustrates the misuse of citizen data for partisan political reasons. Beginning in 2010, shortly after Texas resident Catherine Engelbrecht filed for 501(c)(3) (non-profit) status for groups called King Street Patriots and True the Vote, her family and businesses were “subjected to more than 15 instances of audit or inquiry by federal agencies.” These intrusions included personal and business income tax audits; an OSHA inspection that resulted in $20,000 in fines, though no serious violations were found; “comprehensive audits” of her businesses by the Bureau of Alcohol, Tobacco & Firearms; and demands from the FBI on six separate occasions that she turn over her organizations’ donor lists.
Clearly, information from Engelbrecht’s tax records was disclosed to these other agencies. Her crime, it can only be concluded, was that her political activities were objectionable to someone in the administration.
Examples of improper handling of confidential information are plentiful: The IRS discloses a politically disfavored non-profit’s donor list to a politically favored non-profit; State Department employees rummage through passport records of political candidates, athletes, and entertainers; a Social Security Administration employee accesses records of his ex-wife and former girlfriends.
And federal agencies have so poorly protected their databases that massive breaches have already occurred (as with the Office of Personnel Management and the Interior Department) or the data troves are sitting ducks for a mega-breach (as with the Department of Education).
This is the context in which CEP contemplates centralizing mountains of federal data – creating what the Principal of Booz Allen Hamilton (former employer of Edward Snowden) advocated as a “Pinterest of data.” When a federal employee is negligent in handling data, his negligence would affect not only the information in one system but that from multiple systems. When a federal employee accesses data illegally, he would have infinitely more information to feed his criminality. And when a data system operates with less-than-airtight controls, the inevitable breach would be far more devastating to individual American citizens.
The philosophical reasons for prohibiting such a centralized government database in a free society are profound. But as these examples show, the practical objections have already been validated, time and again. The CEP must recommend against establishing a mother lode of citizen data.
Emmett McGroarty and Jane Robbins are senior fellows at American Principles Project.