Needed Steps Forward on the Privacy and Civil Liberties Oversight Board

Thanks to terrific privacy blogger Melissa Ngo and privacy scholar and change maker Peter Swire, I’ve learned about some exciting developments about the Privacy and Civil Liberties Oversight Board.  One might say: “Privacy and Civil Liberties Oversight Board, what?”  And that ignorance would not be surprising–it’s been dormant for too long, at least until some recent activity.  The 9/11 Commission recommended the creation of a privacy and civil liberties oversight board, which was created in 2004 and placed within the White House.  The original Board members included Carol E. Dinkins, of Texas, Chairwoman; Alan Charles Raul, of the District of Columbia, Vice Chairman; Theodore B. Olson, of Virginia; and Francis X. Taylor, of Maryland. The Chairwoman and Vice Chairman were confirmed by the Senate on February 17, 2006.  In 2008, Congress passed and President Bush signed the “Implementing the 9/11 Commission Recommendations Act of 2007,” which took the Privacy and Civil Liberties Oversight Board out of the White House and established it “as an independent agency within the executive branch.”  One of the Board’s tasks was to review the FBI’s use of national security letters.  Terms for the original board expired in January 2008, but President Bush delayed the nomination of new board members for many months and none were confirmed by the Senate.  That’s pretty much where things stayed–a Privacy and Civil Liberties Oversight Board with no members and no action.

Last year, President Obama nominated the terrific James X. Dempsey, Vice President for Public Policy at the Center for Democracy and Technology, and Elisebeth Collins Cook, who worked in the Justice Department in the Bush administration. In turn, privacy groups, including Melissa Ngo’s Privacy Lives, called for the nomination and confirmation of  experts to the board.   In December 2011, the White House has announced that President Obama has sent more nominations to the oversight board to the Senate: Rachel L. Brand, of Iowa, to be a Member of the Privacy and Civil Liberties Oversight Board for a term expiring January 29, 2017; David Medine, of Maryland, to be Chairman and Member of the Privacy and Civil Liberties Oversight Board for a term expiring January 29, 2018, and Patricia M. Wald, of the District of Columbia, to be a Member of the Privacy and Civil Liberties Oversight Board for a term expiring January 29, 2013.  It’s a terrific group, and hopefully the Senate won’t take its time moving forward.

Without question, this is a crucial step forward.  We need oversight on a host of issues, from airport screening and cyber security to fusion centers.  As my co-blogger Frank Pasquale and I have documented, state run and federally funded fusion centers are in dire need of accountability, network accountability to be precise.  At any one of the existing 72 fusion centers, one might find state law enforcement working alongside DHS, FBI, and DEA agents as well privacy security analysts.  In the case of the Washington Joint Analytical Center, an employee from Boeing is co-located at the fusion center, having access to information from the fusion center and sharing Boeing’s intelligence capabilities.  As a Boeing executive said, the company hopes to “set an example of how private owners of critical infrastructure can get involved in such centers to generate and receive criminal and anti-terrorism intelligence.”  Let’s think through what this means: private sector partners have access to intelligence that certain individuals, possibly job candidates, pose potential “threats.”  We’ve seen from fusion center blunders that ordinary citizens engaging in political speech have been placed on watch lists.  In one case, the Maryland fusion center shared inaccurate and damaging information with the Information Sharing Environment.  It reported to the DEA and NSA and others that 53 activists from Greenpeace and Moms Against the War, including two Catholic nuns and a Democratic candidate for local office, were “terrorists.”  And as we have seen, much to the chagrin of serious Republican contender Ron Paul, the Missouri Information Analysis Center’s 2009 report to highway patrolmen explained that “violent extremists” typically associate with third party candidates, such as Ron Paul and Bob Barr, and that “potential threats” included anti-immigration and anti-tax advocates.  According to the report, violent extremists could be identified through their use of bumper stickers  indicating support for libertarian groups.  In a similar vein, a California fusion center warned local police to expect violence at antiwar protests: “You can make an easy kind of link that, if you have a protest group protesting a war where the cause that’s being fought against is international terrorism, you might have terrorism at that protest.  You can almost argue that a protest against the war is a terrorist act.”  Ever hear about the First Amendment’s freedom of expression and association?  Oversight is in order.

H/T: Peter Swire

Wikimedia Commons Image (NJ fusion center)

You may also like...

4 Responses

  1. Peter Swire says:

    Danielle: It’s worth giving some background about David Medine, who was nominated to be the Chairman. David has been a leader in privacy since his time in the early 1990’s as a leader of the financial practices division of the Federal Trade Commission, which oversaw the Fair Credit Reporting Act. In the mid-90s, he was instrumental in the Federal Trade Commission’s early privacy activities, including its first enforcement cases in the late 90’sand it’s successful push to get industry to post privacy policies for the first time. Late in the Clinton Administration, he was detailed to the White House’s National Economic Council, so he has important executive branch experience to help oversee the executive branch privacy and civil liberties issues. After leaving government, he practiced with the law firm of Wilmer, Hale, so he knows the ins and outs of private sector actions as well as his experience in consumer protection, privacy, and security. David, in my view, is an outstanding choice for this position — expert, thoughtful, and able to work with a wide range of stakeholders.

  2. Frank says:

    Terrific post, Danielle. I think it’s very important that we also have someone on the board who deeply understands the technology. The Princeton CITP has a number of gifted technologists; its director (Ed Felten) presently works at the FTC and would be great on this board. Or Chris Soghoian. Or Jean Camp or Lorrie Cranor.

    Additionally, Julia Angwin of the WSJ was recently nominated as “privacy policymaker” of the year for her series at She and her team have exposed privacy problems that the “privacy establishment” has barely noticed. A committed and brilliant journalist like her would make a fantastic addition, and should at the very least be frequently advising the board.

  3. A.J. Sutter says:

    Dumb question: what’s a “fusion center,” in this context?

  4. Frank Pasquale says:

    Here’s our article on them, AJ:

    “Federal agencies, including the DHS, gather information in conjunction with state and local law enforcement officials in what Congress has deemed the “information sharing environment” (“ISE”). The ISE is essentially a network, with hubs known as “fusion centers” whose federal
    and state analysts gather and share data and intelligence on a wide range of threats.”

    But don’t invest too much energy into learning these names…as soon as they get controversial, they’ll change. The lessons of TIA, and Blackwater/Xe/Academi.