The Law, the Military, and Big Data

America has a long history of separating military operations from civilian law enforcement and domestic governmental functions.[1] The information technology revolution has created new realities that will challenge this old order of things.  As knowledge grows, it will greatly improve decision making for the military, law enforcement, the domestic sector of the government, as well as the business community.  With these opportunities, come threats to privacy from the compilation of information, as well as the threat from malicious digitized information itself.[2]  This post focuses on the implications of the military holding all of this information.

Organizational silos have separated military, domestic intelligence, law enforcement, and other parts of the government form each other for over two centuries.  The processing of online information and the need to protect our IT systems is slowly starting to merge across these parts of the government.[3]

Historically the military worked overseas.  The military's potential role in domestic cyber protection was discussed in a previous post on this blog, but this post concerns data collection.  Essentially, what do the American people want the military to know?  The Defense Department has vast resources of computing machines and highly educated personnel to collect all kinds of information.  International crime syndicates, money transfers, immigrant population flows, and of course cyber investigations are all subjects about which the military could collect domestic data in the conduct of its duties.

What other parts of the government and the business community do with that information from the military is yet another set of issues.  The military might have data sets about children's academic performance at on-base schools that the federal and local education authorities might like.  Many medical and scientific innovations come from the battlefield.  In addition, the research and data that the military, and all other parts of the government collect are invaluable to the business community.  These are policies that should be allowed, but then that raises the issue discussed below of whether the aggregation of too much information sets up a power imbalance between the government and citizenry.[4]

As the word “privacy” is not written in the constitution, it is usually associated with the First and Fourth Amendments.  The U.S. Supreme Court has stated that the military can collect information on civilian matters without a presumption of violating First Amendment rights such as the right to associate.[5]  The law needs to be modernized to control how the information is protected and with whom it is shared.

The other big issue is Fourth Amendment issues in law enforcement.  We want criminals arrested, and better yet, deterred from the start. The Posse Comitatus Act generally bans the military from civilian law enforcement.[6]  The normal judicial test is 1) military troops may not pervade law enforcement organizations, 2) the military cannot be used to catch criminals, and 3) civilians cannot be subject to the military's regulations.[7]  While there is no rule to exclude evidence from military investigators in federal civilian court,[8] three states ban it and it is a rare occurrence.[9] The exception is when military investigators discover fraud with defense contractors or espionage on a base, since there is a nexus between the military and the criminal code on those subject matters.

In the world of Big Data, the military might be able to amass volumes of domestic information legitimately and the hand over evidence of crimes with such regularity that civilian law enforcement becomes dependent on it.  That is where the law comes in.  To stop the temptation to use analyzed data, albeit for public good, when it violates the expected privacy of the American people.

---

[1] Laird v. Tatum 408 U.S. 1, 15 (1972)

[2] http://thehill.com/blogs/hillicon-valley/technology/280243-overnight-tech-hagel-stresses-importance-of-cybersecurity-ahead-of-confirmation-hearing

[3] http://www.nextgov.com/cybersecurity/2013/02/defense-positions-military-cyber-squad-dhs-turf/61057/

[4] http://www.wired.com/politics/security/commentary/securitymatters/2006/05/70886

[5] Laird v. Tatum 408 U.S. 1 (1972)

[6] 18 U.S.C. § 1385

[7] Congressional Research Service, The Posse Comitatus Act and Related Matters: The use of the Military to Execute Civilian law August 16, 2012 http://www.fas.org/sgp/crs/natsec/R42659.pdf

[8] U.S. v Walden 490 F 2d. 372, 376 (1974)

[9] http://www.fas.org/sgp/crs/natsec/R42659.pdf

Defining Inherently Governmental Functions in the Era of Big Data

The sheer amount of data and knowledge available today is beyond the ability to comprehend.  Individuals and organizations who are able to take data sets and infer patterns, predictions and conclusions will add much value to efficiency in commerce, prudence in collective action, and enriching our lives as individuals. The U.S. Government has long relied on contracted vendors to conduct studies and analysis to support its decision-making.  This article will focus on the government, and keeping control of its prerogatives as it inevitably outsources a lot of data analysis to vendors.

"Inherently governmental functions" is a term of art describing decisions and actions that must be done by sworn government workers.  This is based in public law[1], the Federal Acquisition Regulations[2], and Executive Orders[3]. The government embeds contractor employees at its sites and as well as working offsite to do a lot of its work.  However decisions like awarding contracts, pressing criminal charges, directing combat forces, voting on legislation, or investing the government's money cannot be outsourced while maintaining the integrity and credibility of the government.

The amount of data and statistics will add a great tool to give insights into public health, crime stoppage, education, and virtually any other governmental function imaginable.  However, Big Data will require a labor force of statisticians, analysts, and subject matter experts that the government does not readily have.  As the saying goes, "knowledge is power" and the government contractors working on data analytics will have their own power base given the tremendous knowledge they will gain.  A vendor that secures some long term contracts will gain expertise in analytics as well as the subject matter they were contracted to study.  This will increase the value of their business, the goal of every business.

This is where the law must come in.  A tension can develop between a vendor seeking to gain as much knowledge as possible, and protecting the privacy of the American people. In a healthy, well functioning contract, a vendor is doing well financially by helping the government achieve its public mission. As vendors are motivated by sales, public officials are motivated to achieve their goals.  As data analysis pervades more and more executive agencies, public officials will have to have legal rules to force them to rein in vendors, we well as their own employees from collecting too much information.    Simple rules can include requiring contractors to wipe all data from their computers' memory, as well as non-disclosure agreements for contractor employees.

Big Data worries are not just about substance, they are about process.  Certain information is available through free online search engines.  Even more is available through expensive databases.  The government, supplemented by embedded private contractors, also has tremendous technical investigative tools and power of legal discovery to access data.  Classic Fourth Amendment (Criminal Procedure) prinicples will inform how domestic government agencies collect, analyze and store data.  Using data "in a manner which will conserve public interests as well as the interests and rights of individual citizens”[4] will continually be redefined as search and storage capacity grow geometrically.  America requires a legal regime dynamic enough to keep up with the changing frames of “subjective expectations of privacy”[5] and the temptation for government and vendors to use this information for public goals.

---

[1] FAIR Act Public Law 105-270

[2] Federal Acquisition Regulations Section 7.500

[3] Publication of the Office of Federal Procurement Policy (OFPP) Policy Letter 11-01, Performance of Inherently Governmental and Critical Functions

[4] Carroll v. U.S.  267 US 132, 149 (1925)

[5] Kyllo v U.S.  533 U.S. 27, 33 (2001)