NSA

Earlier this month, I wrote about a case out of Maryland involving a Florida resident who was pulled-over by Maryland Transportation Authority (MDTA) police, and subjected to harassment and intimidation, all because the driver was the holder of a Florida concealed carry permit. The incident raised serious questions about the clear bias against firearm owners in a state with a reputation for being notoriously anti-Second Amendment. More troubling, is the still–unanswered question about how MDTA police even knew of an individual concealed carry permit issued outside of their state.

As egregious as are the circumstances surrounding the Maryland incident, it is just one of a growing number of examples of how information about individuals exercising their constitutional rights, is being data-based and shared by law enforcement databases as “suspicious activity.”

Following its investigation of the September 11, 2001 terror attacks, the 9/11 Commission cited a lack of cooperation and information-sharing among law enforcement agencies, as a major vulnerability in America’s national security. One of byproducts of the Commission’s recommendations was the creation of more than 40 state and urban area fusion centers. These were designed to serve as localized clearinghouses for the “receipt, analysis, gathering, and sharing of threat-related information” from partners within law enforcement, public safety, and even the private sector.

The selling point for the states (in addition to money) was that access to such a national network of “suspicious activity” data, would improve the safety of local law enforcement, and make them more effective at stopping crime. For the Feds, the collection and analysis of localized threat assessments, and a far larger flow of information from local law enforcement to the Department of Homeland Security, was the driving force. Thus the DHS (in effect, the entire federal government) gained unprecedented access to a vast data trove on private citizens that goes far beyond anything relating to criminal activity, much less terrorism.

Furthermore, by tapping into a “national” exchange of information that is, in part, contributed to by partners in the private sector, the DHS also found a way to circumvent privacy restrictions in the Privacy Act of 1974. Now, DHS can use the efficiency and flexibility of the private sector to mine and analyze data that, by law, it is prohibited from collecting and maintaining on its own. Moreover, national crime database systems such as the Regional Information Sharing Systems (RISSnet) are federally funded, but controlled by state and local level law enforcement entities; adding even more insulation from oversight despite its “critical” role in the overall Information Sharing Environment — the federal nexus of information sharing through which all of this data eventually flows.

The original goal may have been to improve communication between levels of law enforcement, but instead law enforcement has created one enormous Cloud of data on private citizens, that is breathtaking in its scope. This vast database is subject to virtually no oversight or accountability as to what information is collected, who is able to access the data, or how the data is used in “fighting crime.” In essence, this “fusion” has created the same type of shadowy “DarkNet” for law enforcement information sharing for which the federal government has demonized (and prosecuted) the private sector. The end result leaves local law enforcement with resources once only available to federal agencies, and federal agencies with access to surveillance capabilities previously available only to local law enforcement.

The only privacy protections afforded to citizens within the ISE are the same hollow promises of respecting “civil liberties” made by those who reject any hint of greater civil liberties oversight, or state and local law enforcement refusing to participate in this information sharing – something not likely to happen given the clear trends of over-criminalization and over-militarization. Ultimately, it is the lack of privacy protections or civil liberties oversight that allows law enforcement to turn completely legal activities, like owning a gun or supporting third-party candidates, into actionable intelligence based on some vague notion of “suspicious activity.”

Given the vastness of these networks, and collusion between private sector and law enforcement officials at the local, state and federal levels, only Congress has the necessary leverage to penetrate the shield that for so long has protected this law enforcement “DarkNet” from scrutiny. Its task however, will not be easy. Despite serious deficiencies in the fusion centers system documented in a two-year, bipartisan investigation by the Senate Permanent Subcommittee on Investigations the system remains, in the view of the respected Electronic Frontier Foundation, completely immune from oversight.

Now that Republicans, led by pro-privacy leaders such as Sen. Rand Paul and Rep. Justin Amash, have regained control over the House and the Senate, GOP officials should, at a minimum, immediately call for hearings. The value of such hearings lies in uncovering what exactly is being shared among law enforcement agencies about private citizens on these networks; and then to legislate safeguards to ensure the constitutional rights respected in one state are not used against law-abiding citizens in another. Otherwise, the type of abuse against a lawful Florida concealed-carry permit holder by Maryland traffic police, will become even more commonplace in states where freedom is trumped by “security.”