Medill News Service – Medill National Security Zone http://nationalsecurityzone.medill.northwestern.edu A resource for covering national security issues Tue, 15 Mar 2016 22:20:28 +0000 en-US hourly 1 Involving local authorities, privacy experts in the quest to share criminal information http://nationalsecurityzone.medill.northwestern.edu/blog/2010/03/11/involving-local-authorities-privacy-experts-in-the-quest-to-share-criminal-information/ Thu, 11 Mar 2010 14:36:04 +0000 http://medillnsj.org/?p=435 Continue reading ]]> WASHINGTON – Law enforcement authorities are using a new program aimed at “connecting the dots” in crime-fighting by streamlining and sharing information across a broad network of states, counties and local jurisdictions. And unlike many other federal data sharing and mining programs, this one enlisted civil liberties experts to ensure privacy protection.

Rolled out in three increments in 2008, National Data Exchange – or N-DEx – was designed to bring the FBI into the national incident-based reporting system, a long-established program in which all data collected on a single crime goes to one repository.

But the Justice Department program has become more than just reporting a bank robbery in California that may be of interest in Texas, said David Larson, chief privacy officer in the FBI. It is a vehicle through which the FBI and law enforcement agencies across the country can share case documents that contain incident, arrest, booking, incarceration, and, coming in October, parole and probation data. Investigators can trace identifying clues like aliases, height, weight and tattoos, detect hidden relationships among suspects and pinpoint geographically where and to whom they are linked.

“It takes information already in existence and brings it to one place in a way that cuts down the amount of effort and search time required,” said Jeff Lindsey, National Data Exchange unit chief. “Each increment is designed to add different capacities, different access points and higher, more efficient levels of capability to the folks that use searches.”

Those that can access these searches include authorities within the Department of Justice like the Drug Enforcement Administration and Bureau of Prisons, along with the FBI and local law enforcement agencies, as long as they have all been properly vetted. Analysts from the National Counterterrorism Center also can access information from N-DEx if necessary.

About 1,300 law enforcement agencies currently contribute data to N-DEx, and that number is expected to “increase significantly” in the next year, Lindsey said.

Taking a novel approach

With the number of people who can access and contribute to this system potentially doubling within the next several months, privacy is a real concern, officials say. But the FBI privacy officers behind N-DEx tried not to leave too much room for unanswered questions. They were among the first privacy officials in a federal agency to directly engage the American Civil Liberties Union before the program was implemented.

“We’ve got nothing to conceal. We want to show it to them,” said Damon Villella, supervisory special agent with N-DEx.

Christopher Calabrese, legislative counsel at the ACLU, said he had first heard of N-DEx in 2004 when it was still an idea swirling around the Justice Department. He said because it was a law enforcement tool as opposed to a general surveillance system, it was a “reasonable investigative method.”

“We appreciated the fact that it was not going to contain intelligence information, and instead, it was going to be a compilation of information that law enforcement was already collecting,” he said.

But while the information itself does not pose a threat, Calabrese said, how the information is analyzed can be cause for alarm. In many cases, the FBI is relying on local privacy laws to safeguard the information provided by and used by state and local jurisdictions.

“The real solution is a national data privacy law that controls how much information is collected on people who aren’t suspected of any crime and what’s done with that information,” he said.

He said analysis that tries to predict criminal behavior based on patterns before any crime happens is a new worry that comes with advanced technology.

“There are analytic tools that help you visualize already-existing data that can be very useful,” Calabrese said. “There are also data mining tools that can essentially purport to find crimes before they take place; in other words, they look for patterns based on innocent behavior that can lead a person to commit a crime – that is a concern.”

Working with forces on the ground

Though the first two increments of N-DEx have been deployed over the last two years, there has been no formal auditing process or feedback from local law enforcement agencies. Officials said individual agencies using the program probably will be audited after the final increment is implemented in October.

While there are some police departments like Virginia Beach, Va., which is in the process of getting connected to N-DEx, others like Tucson, Ariz., have been using a data mining program called Coplink for years.

And officials say that, while the advanced technology has made their jobs go faster, it is also building much-needed collaboration between local and federal authorities to root out crime and terrorist threats.

“At the state level, it’s basically the first time it’s been done – where the feds are having information going bi-directionally instead of just going to the feds,” said Tucson detective and Coplink administrator Cindy Butierez. “We’re starting to work really well with them.”

But while the ability to share additional information is helpful and can generate new leads for officers across the nation, Butierez added that the system is only as good as what agents collect.

“I think the biggest thing is just making sure that we maintain our ability to communicate and talk one-on-one,” she said. “You’re supposed to follow up and call the agency and get a formal report, because nothing in that system calls for probable cause.”

In other words, officers are not allowed to make an arrest or act upon criminal data until formal procedure is followed. And technology like N-DEx cannot completely replace the need for communication between police units, several officials said.

“The ultimate tool is still the analyst or investigator,” Lindsey said. “They still have to put together and interpret the data delivered to them in a way that is going to make them successful.”

]]>
Young people most likely to experience identity fraud online, report finds http://nationalsecurityzone.medill.northwestern.edu/blog/2010/02/10/young-people-most-likely-to-experience-identity-fraud-online-report-finds/ Wed, 10 Feb 2010 22:17:12 +0000 http://medillnsj.org/?p=309 Continue reading ]]> WASHINGTON — Young adults are most likely to suffer fraud victimization through social networking sites, according to the Javelin 2010 Identity Fraud Survey Report released this week.

During an online presentation Wednesday by Javelin Strategy & Research, an independent research consulting firm specializing in financial services, data on those who encounter fraud through social networking sites were broken down by age group — and young adults clearly have much to worry about online.

Besides experiencing the highest online theft through social networking, those aged 18 to 24 also took the longest time to detect fraud (132 days) and were victims for the longest period of time (149 days). This age group was also more likely to act after a fraud occurs by changing banks.

In an article posted Jan. 21, BBC News reported that young people are more prone to identity fraud because they shop and “conduct more of their lives” online. A survey by international marketing firm CPP confirmed that “their use of social networking forums increased the possibility of posting sensitive personal information online.”

The news site also reported that in a separate global survey conducted by security group RSA, only 35 percent of those asked felt completely safe when banking online.

One of Javelin’s sponsors, an identity management service called Intersections Inc., posted insights and recommendations in response to the report. It said the recession is partly to blame for the rise in identity theft — the webinar cited an increase to about 11 million people in 2009 from about 10 million in 2008.

Intersections also said those who commit identity fraud are becoming more sophisticated in their methods, and they have a more organized approach online. Some examples, according to the company: 

–Fraudsters are increasingly targeting – and taking over – multiple accounts of their victims, collectively going after checking accounts, credit card accounts, mobile phone accounts, and Internet accounts in one full sweep;  

–Using a combination of sophisticated malware, keystroke logging and phishing attacks, fraudsters are able to use organized crime to steal identities.  And social networking has introduced yet another way that consumers expose their personal information to wider audiences, providing another avenue for fraudsters to conduct their scams.

Do you feel secure banking online? How quickly do you submit personal information through social networking sites? With this survey raising renewed interest in detecting online fraud, it might be something worth thinking about.

]]>