Surveillance

NSA gets patent on Internet location hunting

2005-12-10T12:25:00.000-08:00

Declan McCullagh of CNET has reported on a patent recently granted to the NSA that allows it to map where someone might be accessing the Internet from. The article describes the process this way:

"The NSA's patent relies on measuring the latency, meaning the time lag between computers exchanging data, of 'numerous' locations on the Internet and building a 'network latency topology map.' Then, at least in theory, the Internet address to be identified can be looked up on the map by measuring how long it takes known computers to connect to the unknown one."

It’s not really clear just how scary or helpful this tech is going to be. There are some limitations to the algorithm that the CNET article points out (dialup service users are tougher to find). In addition, other commercial companies are coming up with their own ideas for geo-location that they are selling to advertisers wanting to show geo-specific ads or credit card companies wanting another weapon in the fight against online shopping fraud.

What’s notable is:

1) that it is the National Security Agency that applied for the patent – since they don’t post that many ads online, we can only imagine what purpose the tech will be used for and

2) that a government agency is getting a patent at all. As Daniel Brookshier (A.K.A. Turbogeek) suggests in a post on p2pnet, the government shouldn’t be patenting any technology that tax dollars have funded.

The learning from all this for us average folks is that the business of tracking where we are continues to expand…

Laser Printer ID Codes

2005-11-18T11:11:00.000-08:00

Just a little bit of paranoia thanks to the Electronic Frontier Foundation. In July, the group asked for help on a new project seeking to understand how color laser printers can be used to track us.

Last Fall, PC World reported that the US Secret Service had requested printer manufacturers to develop technology that could print the printer’s serial number and manufacturer’s name on each document so that it was an indiscernible marking. Several companies have apparently done just this.

Both printer manufacturers and the government have pursued the use of codes to help crack down on counterfeiters, but with the ACLU’s recent discovery that the FBI had amassed a file on their activities that is over 1,100 pages long, the EFF has suggested that information encoded on printouts of political pamphlets or protest letters could be used in an investigation.

In order to monitor the program, the EFF is asking anyone with legitimate access to a color printer to print out and send them a series of test sheets.

UPDATE: The EFF has cracked the code for Xerox DocuColor printer models. The information printed in a series of yellow dots tells the date and time a document was printed as well as the serial number of the computer.

Fusion Centers

2005-11-18T11:03:00.000-08:00

Using the vaguely utopian name of “Fusion Centers”, the philosophical successor to MATRIX is gathering speed.

According to a report in the Washington Technology Week, “Fusion centers, which are collaborative efforts to combine and analyze anti-terrorism information from multiple sources, have becoming increasingly popular as part of homeland security.

A number of states, including Arizona, Colorado, Illinois, Kansas, Maryland, Massachusetts and New York, currently operate so-called fusion centers, and many more states, such as Missouri, are considering doing so.”

Recently, the Department of Justice issued a report to help states create centers and coordinate their activities. Although the report contains many suggestions on protection of privacy and civil liberties, the “Fusion Center Guidelines also suggests that the centers use a broad variety of databases. Info sources include drivers’ licenses, motor vehicle registrations, criminal justice and corrections sources, as well as unnamed “public and private” databases.

Help for Hassled Flyers

2005-09-27T10:36:00.000-07:00

A recent piece in Wired points us to the TSA’s page on how to obtain clearance status if you suspect your name appears on the No Fly List.

Fed Ex Tracking More than Packages

2005-06-15T10:37:00.000-07:00

(also posted in Lists, Lists, Lists)

What you ship to people via FedEx is being tracked. This is hardly news. FedEx makes a big deal of how you can follow a shipment via their website by typing in a package’s tracking number.

In today’s world of technology mission creep, however, all of the information collected by FedEx is now being used as a tool to fight terrorism.

Robert Block of the Wall Street Journal reports that if you send a package overseas, customs inspectors can look at your data in FedEx’s customer database and cross reference it with their own lists.

FedEx has also trained its 250,000 employees – including the drivers who walk into countless offices and homes - to watch out for suspicious shipments and report them to the Department of Homeland Security via their own version of a hotline.

And finally, when you sign the waiver to ship a package you also consent to having the packages inspected – without a warrant.

The civil liberties and privacy implications of making the contents and history of what you ship available to a government that is supposed not to repurpose data collected on its citizens doesn't impress FedEx’s CEO.

If you think there is an issue here, send your shipments with UPS – which at this point states that it does not share information except under court order.

ACLU campaign to make debate about Patriot Act more open

2005-06-13T12:59:00.000-07:00

Various committees in Congress are marking up the new Patriot Bill. There appears to be a little more debate about its powers than happened last time, but early signs of what Congress is doing are concerning.

One Senate committee approved a provision to allow the FBI to issue search orders without prior judicial approval and to seize personal records from medical facilities, libraries, hotels, gun dealers, banks and other businesses without any specific suspicion of criminal activity, or any specific facts connecting the records sought to an agent of a foreign government.

And they did it behind closed doors…in response, the ACLU has started a campaign to pressure our legislators to open the doors and let us into the discussion.

They’ve also created a handy little quiz to help you determine if you might be someone the FBI could decide to keep a file on.

Another tapping tidbit

2005-05-19T09:20:00.000-07:00

Last September, I wrote a slightly tongue-in-cheek post comparing the number of wiretaps ordered by the US government, which bugs about .001% of the population, with a report on the level of activity from the South Korean government, which tapped about .002% of their citizens.

An article in the March 5th edition of The Economist suggests that, in fact, the nosy US and South Korean officials are mere dilettantes. It seems an Italian mobile-phone operator has recently informed the Italian government that it couldn’t meet the demand for phone taps from law enforcement and the courts. Given that the company had set aside 5,000 duplicate lines just for this purpose, their statement is quite extraordinary. Indeed, based on the number of customers at this company and all the other Italian phone companies, the article’s author estimated that around 15,000 Italians (or more than 2.5% of the country’s population) might be bugged at any given time.

The Italian justice minister confirms that the number of wiretaps in his country is “far higher than for any other European country.” Far higher than a couple of other countries I can think of too…

The Other Matrix

2005-04-30T16:08:00.000-07:00

Fans of the Wachowski brothers futuristic movie series must have hated it. But now its over. On April 15th, the Multistate Anti-Terrorism Information Exchange (MATRIX) project, a controversial effort to data mine information on citizens across the country, ran out of money.

Combining data from a host of sources (including driver’s license records, property records, professional licenses, corporation filings), MATRIX offered a comprehensive directory of US citizens that law enforcement could search in a matter of seconds. A police officer could input a partial license plate and instantly get a list of all license plates that might match, as well as full information on each vehicle’s owner.

During the project’s 2 years, all but four states (Connecticut, Florida, Ohio, and Pennsylvania) dropped out after finding that adequate safeguards to protect the privacy and civil liberties of ordinary citizens were missing. The fears might not have been misplaced. The company that built the database and accompanying analysis software was Seisint, run by an alleged former drug smuggler and recently implicated in the data breach that exposed personal information on almost 300,000 people.

While providing more effective tools to law enforcement can be considered a good thing, the problems with the program induced the Justice Department and Department of Homeland Security not to renew funding, and the project in its current form has been shut down.

As with other controversial data mining projects, however, MATRIX is not going to go away altogether. The State of Florida is currently negotiating with Boca Raton-based Seisint to continue to use it.

How Many Times They Sneaked and Peeked

2005-04-21T10:13:00.000-07:00

As part of review of the Patriot Act, the US Justice Department released a report on how many times the provision allowing for “delayed-notification search warrants” had been used between October 2001 and April 2003. On 108 occasions, police entered a home or office to do things like plant a bug or install a key logger on a computer without the owner’s knowledge.

In a similar light, last year 1,758 applications were made to the Foreign Intelligence Surveillance Court. This is 500 or so more than were made two years ago. As Stephen Aftergood of the Federation of American Scientists Project on Government Secrecy so succinctly put it, this number “established a new annual record for domestic counterintelligence and counterterrorism surveillance and search activity.”

Just because you’re paranoid…

2005-04-18T11:11:00.000-07:00

...doesn’t mean the government isn’t really tracking far more than it’s telling us.

Case in point from Expatica: KLM was flying passengers from Amsterdam to Mexico. Part of the journey took the airplane through US airspace. As the KLM flight approached US territory, its pilots were informed that they would not be granted permission to enter. It seems that two passengers on the flight appeared on the US no-fly list. The flight was forced to turn back to the Netherlands, where the two suspicious passengers were returned to Saudi Arabia without further investigation.

While foreign carriers have agreed to provide limited passenger information to US authorities to identify potentially dangerous passengers, this applies only to flights landing on US soil. In other words, KLM did not feel obligated to share passenger data on the Amsterdam/Mexico flight. And indeed, KLM didn’t. Now they want to know how US authorities got access to their passenger list.

Don’t we all.

More on the No Fly List

2005-03-16T21:10:00.000-08:00

The no-fly list has gotten a fair bit of attention over the past few years (and likely more to come as the TSA rolls out Secure Flight this summer). Probably the biggest problem with the list has been that most of the time folks don’t know for sure that they’re on the list, why they’ve gotten on the list and, unless you’re Senator Kennedy from Massachusetts, how to get off it.

Thanks to the investigative efforts of Hank Ryan of Channel 7 News in Boston, there is at least a little light on how names get added to the no-fly list.

If you ever get caught with contraband in your carryon luggage – say you forgot you had a nail clipper in your briefcase, you could be hit with a warning or a fine of up to $10,000 at the TSA screener’s discretion.

But if you get either, you are definitely and automatically placed on the no-fly list.

Off the Job Surveillance

2005-02-25T20:55:00.000-08:00

Four employees of a Michigan company found themselves in the national spotlight earlier this month when they protested a new policy at their job. Their employer, Weyco, instituted a ban on smoking at the beginning of this year. The problem was that the smoking ban didn’t apply just to the Weyco offices…but instead to the employee’s lifestyle. The company had decided that it didn’t want to employ anyone who smoked anywhere.

While hosts of the morning shows all expressed outraged surprise at this invasion, the truth is that these four employees were raising an issue that has been around for a bit. In the HR lingo, it a type of monitoring called lifestyle discrimination or off-the-job surveillance. This refers to the interest a company takes in what employees do in their free time. That interest can range from being concerned about the fact that a key executive has taken up sky diving and might jeopardize the company’s future to worrying that your growing fondness for junk food is going to drive up medical insurance costs for the group. Grappling with soaring medical insurance costs is cited most frequently by employers who inquire about how an employee behaves in his own home. This was Weyco’s justification.

A handful of states, including California, have passed laws specifically prohibiting workplace discrimination against employees who engage in legal activities. But for the rest, the following cautionary tales should count as a warning:

- A city government would only hire applicants who passed a health screen. Everyone, even the most qualified candidates, who had high cholesterol – in the worst 25% range – was turned away.
- A lock company with a 100 year history of doing business has a policy of not allowing its employees to drink. When one worker admitted to having had a few drinks at a bar years ago, his boss showed him the door.
- The University of Alabama fired its new football coach when they found out he had been cavorting with strippers at a golf tournament.

With a little thinking other cases soon come to mind – teachers with non-mainstream sexual interests, military personnel engaged in extra-marital affairs, sports figures who indulge in gambling. How much interest an employer can reasonably take in your extracurricular behavior is a question that may not be entirely black and white.

Sometimes, of course, an employer’s interest in you can be positive. The Coors Brewing Company rewarded its employees for wearing their seat belts when they drove their cars. However, even if you find Coors’s mission a laudable one, the story might lead you to wonder how they knew who to reward. In truth, the incentive was paid to anyone who merely pledged to wear a seat belt but the question raises some disconcerting possibilities. Exactly what means can an employer use to know what you do when you’re not on the clock?

Weyco required a nicotine test of employees. But for most things, employers who want to know things about you simply ask you directly. It is generally accepted that they can’t follow you home. The lesson, then, is to be careful about what you say at the office.

Carnivore is no more

2005-02-07T11:47:00.000-08:00

A few years ago, cyberactivists were all in arms about a software program commissioned by the FBI that would have unprecedented spying powers. Installed on ISP servers, this software could monitor and tap any online communication of a specific target. The software, later renamed to the less inflammatory and more bureaucratic DCS-1000, apparently never lived up to its hype.

In cases identified by the Electronic Privacy Information Center, information gathered by Carnivore couldn’t be used in court because it was tainted (additional unauthorized information on innocent folks was also captured). What’s more, another report submitted to Congress by the FBI - and also uncovered by EPIC, admits that the software was only used about 25 times between 1998 and 2000. Hardly worth the hoopla of the protestors.

But were the protestors wrong? Although it would now appear that Carnivore has been abandoned by the FBI, the reason isn’t that they’ve stopped trying to hoover up data on suspects. The reason is that commercially available products do a better job…and the FBI is using those products instead of its own.

In the ongoing battle for balance between surveillance and safety, we have to remember that government agents aren’t the only ones with access to the tools.

Patriot Act: One Down

2004-11-15T14:41:00.000-08:00

In a ruling that may fuel more like it, a federal judge determined that a special kind of subpoena called a national security letter is unconstitutional. The subpoena is not subject to court review and has been interpreted to carry a gag order denying recipients the right to consult an attorney.

Although created by legislation in 1986, the use of the letter was expanded by the Patriot Act and has been used to compel Internet service providers to supply information on their customers to government anti-terrorism investigators.

The ACLU which brought the suit against the Justice Department is now looking forward to a similar victory in a suit against a provision of the Patriot Act allowing the government to subpoena "tangible evidence".

In both cases, government is being asked to balance allowing law officers to investigate terrorism and not trampling upon the Fourth Ammendment against unreasonable search.

I'm Ready for My Closeup, Mr. Daley

2004-11-10T16:51:00.000-08:00

A lot of cities have installed surveillance cameras outside key public buidlings to combat crime. A few weeks ago, Richard M. Daley, the mayor of Chicago announced plans to take this one step further and create a citywide surveillance network that routes all the video images to a central location by 2006.

Footage from the 2000 plus cameras that watch Chicago residents will be routed to a fortified command center where it will be analyzed by computer programs that alert police to anyone lingering too long outside buildings, pulling onto the shoulder of a highway or leaving a package unattended. Companies with private surveillance cameras, at bank ATM's or convenience stores, will also be able to include their images.

The ability to tie together footage from all of these cameras means that someone could now be followed from door to door (and sometimes inside) as they travel across the city. "Comprehensive" is the word that comes to mind.

Reaction to Daley's plan has been reasonably positive. Community organizers working in high crime areas say that cameras do cut down on problems. Civil servants in emergency management offices are even more upbeat. Indeed, given that so many citizens seem to approve, living under the watchful eye of the police may be something we can all expect. Los Angeles just announced a plan to install cameras in the troubled Hollywood area...the money they are using to buy them was donated by a private citizen.

May I See Your ID Please?

2004-10-29T14:44:00.000-07:00

One of the better David and Goliath stories right now is the case of John Gilmore v. John Ashcroft. Gilmore, a private American citizen, went to the airport on the fourth of July 2002. When he was asked for identification to get on his flight, Gilmore refused, wanting to know what law required him to do so. He was told the law was secret and noone knew the answer!

Needless to say, Gilmore missed his flight that day (and hasn't flown since in fact). But he isn't finished. The whole thing has escalated into a case filed this past August in which Gilmore claims that the ID rule infringes on a citizen's right to travel freely.

As part of the trial, more information on that "secret law" is now coming out. Although they have tried to hide it, the only justification that the government can come up with for requiring ID at airports is an unnoticed maritime rule published in May 2004.

A quick bit of grade school math tells us that this law was NOT in effect on July 4th, 2002. And if that's the best the government can offer, chances are very good that NO law requiring ID was in effect in 2002. Indeed, it's entirely likely that we have all been shoving pictures in the faces of security guards for the past two and half years without any law saying we had to! Last I checked, one government agency couldn't simply decide that we all had to do something without authorization from somewhere. Good on citizen Gilmore for questioning the system...

iSee

2004-10-16T13:31:00.000-07:00

The Institute of Applied Autonomy, an activist group concerned about surveillance, offers a map of Manhattan showing the location of all known surveillance cameras. As they describe it:

"iSee is a web-based application charting the locations of closed-circuit television (CCTV) surveillance cameras in urban environments. With iSee, users can find routes that avoid these cameras - paths of least surveillance - allowing them to walk around their cities without fear of being "caught on tape" by unregulated security monitors."

Although from looking at the map of Manhattan on their website, it's not clear how you'd ever get from point A to point B if you wanted to avoid the cameras.

They also have a report on the growth of surveillance cameras in Manhattan over a 4 year period. Amazing stuff.

Cyber Peeking

2004-10-08T15:18:00.000-07:00

As stunning as it is to imagine, videotaping people in places where they might reasonably expect some privacy, like a bathroom, is 100% legal in a lot of states. And although Federal law made it illegal in the late 60’s to record you while you’re talking on a public phone, it is still okay today to photograph your underwear as you do it. Furthermore, it’s okay to publish that photograph on the Internet for millions of viewers.

But that will soon change.

Prompted by the explosion of cell phone cameras, both houses of Congress have now passed legislation making it illegal to take secret naked or near-naked photographs of people...as long as they are on Federal property. The bill is meant to encourage states who haven't already done so to pass laws against voyeurism. As soon as the President signs off, perps snapping pix on Federal land could be hit with up to $100,000 in fines and a year in jail.

Securing Flight

2004-10-08T13:00:00.000-07:00

In its ongoing attempt to separate hijackers from innocuous airline passengers, the Transportation Security Administration has launched the successor to the much maligned CAPPS II. This program, dubbed Secure Flight, is different from CAPPS in a few important ways.

First, the government will take on the passenger screening. This is a big step because as crazy as it sounds, when airlines do passenger screening they only get a PARTIAL list of the names the government has decided needs attention. It seems the TSA doesn't want the list to "fall into the wrong hands" so the agency diminishes the list's value by making it incomplete.

Second, more in depth profiling will occur only AFTER names match one on the uber government list. Not BEFORE on EVERYONE as had been the case.

And finally, the government promises - really they do - that they will establish procedures for redress and appeal before the program goes into full swing. This probably became a priority after Senator Ted Kennedy found out the only way he could get his name off the "no fly" list was to call Tom Ridge personally and vent his ire. (Other stories of the travails of less famous folks can be found in my book.)

Anyone wanting to know more about the details of Secure Flight or wishing to send a comment to the TSA on the whole thing can learn more on the TSA website.

UPDATE 10/26/04: 500 citizens and civil liberties groups did file comments. They were pretty critical. The ACLU wrote that the program was doomed to be ineffective and was still subject to mission creep. EPIC wrote that a "judicially enforceable right to access information about them contained in the system, nor to request corretion of information that is inaccurate, irrelevant, untimely or incomplete" was still lacking.

Wiretapping by the Numbers

2004-09-25T14:34:00.000-07:00

The Korea Times reported that the National Intelligence Service, the police and the military have collectively bugged 880 people this year.

Various cops in the US bugged close to 3165 people in 2003 (the last year that we have full figures on).

In a country of 280 million this equates to roughly .001% of the population.

South Korea, with a population of roughly 50 million, has bugged .002% of its inhabitants.

(Some may want to note two very large simplifying assumptions in these numbers. First, wiretap figures actually report "cases" not people...I assume - probably incorrectly - that each case equals one person. Second, the percentages assume that only tallied population - and not guests/visitors are tapped - again, easy to imagine that this is not the case. However, it's probably roughly true that if you spend time in South Korea, you are twice as likely to be bugged as when you spend time in the US. But then Canada isn't quite the kind of neighbor that North Korea is...)

The Fuss Over Voice Over IP

2004-09-17T08:50:00.000-07:00

The House Subcommittee on Telecommunications and the Internet has been holding hearings on whether or not the government should be able to force ISPs to make telephone conversations conducted using the Internet tappable.

It’s been an interesting debate to watch. The most amazing fact to come out of it all is that 10 years after the Communications Assistance for Law Enforcement (CALEA) was passed, some companies are still struggling to comply with its requirement that transmissions be accessible to law enforcement (with things like warrants, of course).

Even people who understand what the fuss is about aren’t quite sure what’s happening (and thanks to Michael Grebb of WIRED for one of the clearest practical explanations I’ve read) so here’s a rundown of where we stand now.

Telecommunications companies were the original target of CALEA. They’ve been in on this from the beginning. The FCC then added cable modem companies to the list.

Now, the Justice Department wants companies providing “information services” to fall under its purview…and the FCC wants to go along. “Information services” are basically any company that sends packets of data over the Internet…and this includes Voice Over IP, or using the Internet to carry your phone call. To you it feels and sounds just like a phone call but the underlying technology isn’t all that dissimilar from what is needed to send an email or load a webpage.

The big problem is that it’s the data, i.e. your conversation, not the technology, that interests the FBI and other cops. The law was written with a certain technology in mind. Much conversation is focused on what Congress originally intended to regulate when it passed the law. No one has come to a decision about that yet.

CALEA SCORECARD

CALEA definitely applies to:
Telecommunications companies
Cable modem companies (and this includes any VoIP services they offer)

CALEA might or might not apply to:
“Information Services”
Small VoIP only providers (who are technically “information services”)

Those who believe CALEA applies to VoIP:
Justice Department
FBI
FCC

Those who don’t:
Center for Democracy and Technology
Electronic Privacy Information Center

New DOJ FOIA Guide

2004-08-11T16:41:00.000-07:00

The Justice Department Office of Information and Privacy has
published a newly updated May 2004 edition of its Freedom of Information Act Guide.

The Guide is a comprehensive treatment of the Act's provisions,
extensively annotated with footnotes to the ever-growing body of
case law. A good resource for anyone seeking insight into
FOIA practice and procedure.

Suspicion by Relation

2004-08-05T13:39:00.000-07:00

Here's a new twist on how databases of DNA information can be used.

On April 19th, Craig Harman was convicted in a British court of throwing a brick from an overpass that killed a passerby below. It was a random kind of crime. Harman was drunk. He hadn't planned on hurting anyone. He had never met his victim.

Most of the time, crimes like this are very difficult to solve. When there is no obvious motive or connection between criminal and victim, it is hard even to find a suspect.

So how did the police find Harman? The brick that he threw bore traces of his blood. DNA tests of the blood didn't turn up a name in Britain's National DNA Database but police did identify a handful of people who shared 11 or more genetic markers with the unnamed suspect. Statistically, two people chosen at random may share 6 or 7 markers but 11 or more suggests a blood relation. Police narrowed down the list of possible relations and eventually went to interview Harman's brother. From there the story came out.

While American courts examining the constitutionality of DNA databases are weighing how much information is actually conveyed by a DNA sample - can DNA predict that a criminal will develop cancer? - it would seem that Britain has uncovered a whole other area of potential misuse - suspicion by relation.

Seems like it's worth assuring safeguards against abuse of this particular avenue of inquiry...

Capps II is dead; Long live Capps II

2004-08-04T16:58:00.000-07:00

This headline in Jame's Hasbrouk blog (the Practical Nomad and an active anti-CAPPS crusader) is truer than you think. Let's think for a moment about what the phrase "the king is dead; long live the king" really means. When loyal subjects lamented the passing of one regent, they immediately proclaimed their allegiance to the NEW guy taking the throne. The second half wasn't wishful thinking about reincarnation. It was an immediate and unflinching statement that anarchy was not the new game in town. That a new king was on his way.

And that's how the government is thinking about it. Almost as soon as Tom Ridge announced the termination of CAPPS II development due to unresolved privacy issues, other Homeland Security officials began talking about its successor:

"A department spokeswoman Thursday said she couldn't elaborate on technology issues that hindered CAPPS II, but she did say that the project would be redirected to take into account data privacy concerns. "Homeland Security is still highly committed to replacing the antiquated passenger pre-screening program already in place [known as CAPPS], which Transportation Security Administration inherited," she said. There is no yet timetable for the new project." Information Week

While there is no timetable, there is clearly an agenda. It is inevitable that we will participate in some kind of more aggressive passenger screening at airports. If you want to weigh in on what that screening might look like, now is a VERY good time to write your Congressperson.

Deja Vu

2004-07-31T11:53:00.000-07:00

Hats off to the Electronic Privacy Information Center. Using on a Freedom of Information Act request, they uncovered Census Bureau activity that should make all of us take a breath.

In August 2002 and December 2003, the Census Bureau responded to requests from the Department of Homeland Security and provided information on where Arab-Americans lived. The Census Bureau didn't list names - that is clearly illegal - but it did break out Arab-American populations, sorted by country of origin, down to the zip code level.

Official explanations for the need for the data can easily be dismissed. According to a spokewoman for the Customs and Border Protection Division, the agency was undertaking an education campaign on travel regulations and the profiles were used to determine what airports should be targeted for Arabic, as well as English, versions.

The problem with this explanation is that the same language - Arabic - is spoken in all Arab countries. The detailed information breakdown required by the Customs and Border Protection Division doesn't make sense. Unless, of course, the data is actually being used for something else...

It was only in 2000, that the Census Bureau officially apologized for allowing its data to be used in finding and interning Japanese-Americans during World War II. Now the comment (in the New York Times) from a Census Bureau official is "We understand that groups can be affected by what we give out, and we understand that can be sensitive. But that is a societal debate, not a census debate."

Well, then...let the debate begin...