In the past few months the media has been filled with reports of private information being lost or stolen from various private companies. Just as law enforcement agencies step up their warnings about identity theft and as the federal government defends its need for increasing information flow to help it combat terrorism, it seems as though the security of information even in the hands of government becomes less and less.
Last week, it was reported that private data on virtually every American veteran had been lost by the Department of Veterans Affairs. This happened because an employee took home a laptop with all of this data stored on it and the laptop was stolen. One can only shudder at the thought of what criminals might do with this information should it come to them. Now it seems that the widespread inability of American corporations and government agencies to protect private data may well have an impact on our security and ability to prevent terrorist attacks.
In the wake of 9-11 the federal government began a wide-ranging program to screen airline passengers in the hope of stopping terrorists from using airplanes as weapons. Some of this activity raised great concern in the United States about privacy, including the use of so-called "no fly" lists. But in spite of this criticism, the federal government and the airlines have continued to gather information about passengers in the hope of thwarting terrorists. An important part of this program requires cooperation from foreign airlines and their governments. Soon after the events of 9-11, U.S. negotiators began to work with various foreign governments, including the European Union, to ensure that foreign airlines would turn over passenger data to U.S. security agencies. There was much opposition to this in Europe because the European Union and its constituent countries tend to have far greater legal protections in place for individual privacy. Nevertheless, in 2004 the European Union Council of Ministers voted to permit EU airlines to turn over passenger information to U.S. authorities.
Tuesday, in response to a lawsuit challenging this 2004 agreement, the European Court of Justice struck down the Council of Ministers' vote and prohibited European airlines from turning over passenger data to the U.S. and its agencies.
The court agreed to delay enforcement of its judgment until Sept. 30 in order to give the U.S. and the EU time to attempt to work out alternative arrangements, but whether this will be possible is unclear. Certainly, there is great opposition to any such agreement now in the EU Parliament, in part because of the seeming inability of the U.S. government to protect the data it has. According to the British newspaper, The Guardian, one Member of Parliament, Sarah Ludford, was quoted as saying that any agreements with "inadequate safeguards against misuses of personal data" would meet with the strongest opposition. Thus, it would appear that now identity theft may not be the only danger inherent in what appears to be at times willful and at times negligent misuse of data gathered by the government.
Now, it may also lead to the very situation government involvement is supposed to stop: a greater risk of terrorism. It's time for Congress and the executive branch to clean house.