FC: FBI's secret, post-9-11 watch list acquires a life of its own

From: Declan McCullagh (declanat_private)
Date: Tue Nov 19 2002 - 08:52:10 PST

  • Next message: Declan McCullagh: "FC: Will the state of Georgia fingerprint all drivers?"

    Date: Tue, 19 Nov 2002 10:15:03 -0500 (EST)
    From: Guilherme C Roschke <groschkeat_private>
    To: declanat_private
    Subject: WSJ: FBI watch list acquires life of its own (fwd)
    November 19, 2002
    Post-Sept. 11 Watch List
    Acquires Life of Its Own
    FBI Listed People Wanted for Questioning,
    But Out-of-Date Versions Dog the Innocent
    Staff Reporter of THE WALL STREET JOURNAL
    LAS VEGAS -- When a patron at the New York-New York casino plugged his
    frequent-player card into a slot machine one day this summer, something
    strange happened: An alert warned the casino's surveillance officials that
    an associate of a suspected terrorist might be on the grounds.
    How did a casino's computer make such a connection? Shortly after Sept.
    11, the FBI had entrusted a quickly developed watch list to scores of
    corporations around the country.
    Departing from its usual practice of closely guarding such lists, the FBI
    circulated the names of hundreds of people it wanted to question.
    Counterterrorism officials gave the list to car-rental companies. Then FBI
    field agents and other officials circulated it to big banks,
    travel-reservations systems, firms that collect consumer data, as well as
    casino operators such as MGM Mirage, the owner of New York-New York.
    Additional recipients included businesses thought vulnerable to terrorist
    intrusion, including truckers, chemical companies and power-plant
    operators. It was the largest intelligence-sharing experiment the bureau
    has ever undertaken with the private sector.
    A year later, the list has taken on a life of its own, with multiplying --
    and error-filled -- versions being passed around like bootleg music. Some
    companies fed a version of the list into their own databases and now use
    it to screen job applicants and customers. A water-utilities trade
    association used the list "in lieu of" standard background checks, says
    the New Jersey group's executive director.
    The list included many people the FBI didn't suspect but just wanted to
    talk to. Yet a version on SeguRed.com (www.segured.com4), a South American
    security-oriented Web site that got a copy from a Venezuelan bank's
    security officer, is headed: "list of suspected terrorists sent by the FBI
    to financial institutions." (The site's editor says he may change the
    heading.) Meanwhile, a supermarket trade group used a version of the list
    to try to check whether terrorists were raising funds through known
    shoplifting rings. The trade group won't disclose results.
    The FBI credits the effort, dubbed Project Lookout, with helping it
    rapidly find some people with relevant information in the crisis
    atmosphere right after the terror attacks. MGM Mirage says it has tipped
    off the FBI at least six times since beginning to track hotel and casino
    guests against the list.
    The FBI and other investigative agencies -- which were criticized after
    Sept. 11 for not sharing their information enough -- are exploring new
    ways to do so, including mining corporate data to find suspects or spot
    suspicious activity. The Pentagon is developing technology it can use to
    sweep up personal data from commercial transactions around the world.
    "Information sharing" has become a buzzword. But one significant step in
    this direction, Project Lookout, is in many ways a study in how not to
    share intelligence.
    The watch list shared with companies -- one part of the FBI's massive
    counterterrorism database -- quickly became obsolete as the bureau worked
    its way through the names. The FBI's counterterrorism division quietly
    stopped updating the list more than a year ago.  But it never informed
    most of the companies that had received a copy. FBI headquarters doesn't
    know who is still using the list because officials never kept track of who
    got it.
    "We have now lost control of that list,'' says Art Cummings, head of the
    strategic analysis and warning section of the FBI's counterterrorism
    division. "We shouldn't have had those problems."
    The bureau tried to cut off distribution after less than six weeks, partly
    from worry that suspects could too easily find out they had been tagged.
    Another concern has been misidentification, especially as multipart Middle
    Eastern names are degraded by typos when faxed and are fed into new
    Then there's the problem of getting off the list. At first the FBI
    frequently removed names of people it had cleared. But issuing updated
    lists, which the FBI once did as often as four times a day, didn't fix the
    older ones already in circulation. Three brothers in Texas named Atta --
    long since exonerated, and no relation to the alleged lead hijacker -- are
    still trying to chase their names off copies of the list posted on
    Internet sites in at least five countries.
    People who've asked the FBI for help getting off the bootleg lists say
    they've been told the bureau can't do anything to correct outdated lists
    still floating around. The FBI's Mr. Cummings says that "the most we can
    control is our official dissemination of that list." Once it left the law-
    enforcement community, "we have no jurisdiction to say, 'If you
    disseminate this further, we will prosecute you.' "
    Despite the problems, Mr. Cummings and other proponents of
    information-sharing say the process should be improved, not abandoned.
    Software companies are rushing to help, trying to make information-sharing
    easier and more effective.
    POLITECH -- Declan McCullagh's politics and technology mailing list
    You may redistribute this message freely if you include this notice.
    To subscribe to Politech: http://www.politechbot.com/info/subscribe.html
    This message is archived at http://www.politechbot.com/
    Declan McCullagh's photographs are at http://www.mccullagh.org/
    Like Politech? Make a donation here: http://www.politechbot.com/donate/
    Recent CNET News.com articles: http://news.search.com/search?q=declan

    This archive was generated by hypermail 2b30 : Tue Nov 19 2002 - 08:58:36 PST