Network accountability for the domestic intelligence apparatus

Hastings Law Journal

Volumn 62, Issue 6, 2011, Pages 1441-1494

  Citron, Danielle Keats ^a   Pasquale, Frank ^a  

^a UNIVERSITY OF MARYLAND SCHOOL OF LAW   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

EID: 80052770883     PISSN: 00178322     EISSN: None     Source Type: Journal    
DOI: None     Document Type: Review

References (302)

1. Homeland Security Act of 2002, Pub L. No. 107-296, §§ 111-113, 116 Stat. 2135, 2142-45
2. (codified at 6 U. S. C. §§ 111-113 (2006)) (establishing the DHS);
3. Nathan Sales, Share and Share Alike: Intelligence Agencies and Information Sharing, 78 GEO. WASH. L. REV. 279, 280 (2009) ("[T]he consensus in favor of more information sharing has proven surprisingly broad and durable."). Although hard to say at the time of printing, the Wikileaks scandal that broke in late 2010 could have had an impact on the information-sharing imperative.
4. Matthew C. Waxman, Police and National Security: American Local Law Enforcement and Counterterrorism After 9/11, 3 J. NAT'L SECURITY L. & POL'Y 377, 405-07 (2009) (describing the lack of a "dedicated domestic intelligence service" in the U. S.).
5. Many nations have domestic intelligence agencies, including France, Israel, Germany, Japan, Australia, New Zealand, India, South Africa, and Canada. RICHARD A. POSNER, REMAKING DOMESTIC INTELLIGENCE 3 (2005) (noting that "the weakest link in the U. S. intelligence system" is domestic intelligence, as compared to countries outside the U. S. that have such agencies).
6. Thomas Cincotta, Intelligence Fusion Centers: A De-Centralized National Intelligence Agency, PUBLIC EYE (Winter 2009/Spring 2010), http://www.publiceye. org/magazine/v24n4/intelligence-fusioncenters.html ("This network constitutes a nascent de facto national intelligence agency, whose decentralized structure diminishes transparency and accountability. Without effective oversight, a narrowly defined mission, and new legal structures, the capacity of fusion centers to undermine fundamental freedoms could grow unchecked.").
7. Implementing Recommendations of the 9/11 Commission Act of 2007, Pub. L. No. 110-53, § 511, 121 Stat. 266, 322 (2007);
8. Intelligence Reform & Terrorism Prevention Act of 2004, Pub. L. No. 108-458, § 1016, 118 Stat. 3638, 3665 (2004).
9. See, e.g., U. S. DEP'T OF HOMELAND SEC, PRIVACY IMPACT ASSESSMENT FOR THE DEPARTMENT OF HOMELAND SECURITY STATE, LOCAL, AND REGIONAL FUSION CENTER INITIATIVE 19-21 (2008) [hereinafter PRIVACY IMPACT ASSESSMENT].
10. G. W. Schulz, Assessing RNC Police Tactics: Missteps, Poor Judgments, and Inappropriate Detentions, MINNPOST. COM (Sept. 1, 2009), http://www.minnpost. com/stories/2009/09/01/11198/assessing-rnc-police-tactics-missteps- poorjudgments-and-inappropriate-detentions.
11. G. W. Schulz, Looking Back at GOP Convention: Police Kicked into 'Disruption Mode', MINNPOST. COM (Sept. 2, 2009), http://www.minnpost.com/ stories/2009/09/02/11256/looking-back-at-gop-convention-police-kicked-into- disruption-mode.
12. Nick Madigan, Spying Uncovered, BALT. SUN, July 18, 2008, at 1A, available at http://www.baltimoresun.com/news/maryland/bal-te.md.spy18jul18,o, 5659230.story.
13. Lisa Rein, Police Spied on Activists in Maryland, WASH. POST, July 18, 2008, at A1;
14. Matthew Harwood, Maryland State Police Spied on Nonviolent Activists and Labeled Them Terrorists, SECURITY MOMT. (Oct. 8, 2008), http://www. securitymanagement.com/news/maryland-state-policespied-nonviolent-activists-and- labeled-them-terrorists-004742.
15. The Future of Fusion Centers: Potential Promise and Dangers: Hearing Before Subcomm. on Intelligence, Info. Sharing, and Terrorism Risk Assessment of the H. Comm. on Homeland Sec, 111th Cong. 42 (2009) [hereinafter Future of Fusion Centers Hearing] (statement of Bruce Fein, Principal, The Litchfield Grp.).
16. David E. Kaplan, Spies Among Us, U. S. NEWS & WORLD REP. (Apr. 30, 2006), http://www.usnews.com/usnews/news/articles/060508/8homeland.htm (alteration in original) (emphasis added) (quoting Mike Van Winkle) (internal quotation marks omitted).
17. Administrative Procedure Act, 5 U. S. C. §§ 701-703 (2006);
18. Exec. Order No. 12, 866, 58 Fed. Reg. 51, 735 (Oct. 4, 1993).
19. JOHN ROLLINS, CONG. RESEARCH SERV., RI 34070, FUSION CENTERS: ISSUES AND OPTIONS FOR CONGRESS 40-42 (2008).
20. MICHAEL GERMAN & JAY STANLEY, ACLU, WHAT'S WRONG WITH FUSION CENTERS? 10 (2007).
21. Network-based metaphors help clarify forms of association enabled by new communication and data storage technologies. We discuss fusion centers as both network organizations and hubs of associative clusters. For a definition of these terms, see MILTON MUELLER, NETWORKS AND STATES: GLOBAL POLITICS OF INTERNET GOVERNANCE 41 (2010) (defining a network organization as "a loose but bounded and consciously constructed organization based mainly on leveraging the benefits of reciprocity", and an associative cluster as "an unbounded and decentered cluster of actors around repeated patterns of exchange or contact").
22. For an insightful analysis of the general problem of watch lists, see Peter M. Shane, The Bureaucratic Due Process of Government Watch Lists, 75 GEO. WASH. L. REV. 804 (2007).
23. U. S. DEP'T OF HOMELAND SEC, DEPARTMENT OF HOMELAND SECURITY: INFORMATION SHARING STRATEGY 3 (2008);
24. see also MARKLE FOUND., PROTECTING AMERICA'S FREEDOM IN THE INFORMATION AGE 75 (2002);
25. NAT'L COMM'N ON TERRORIST ATTACKS UPON THE U. S., THE 9/11 COMMISSION REPORT 146 (2004).
26. ERIC LICHTBLAU, BUSH'S LAW: THE REMAKING OF AMERICAN JUSTICE 159-60 (2008).
27. Implementing Recommendations of the 9/11 Commission Act of 2007, Pub. L. No. 110-53, § 511, 121 Stat. 266, 322 (2007);
28. Intelligence Reform & Terrorism Prevention Act of 2004, Pub. L. No. 108-458, § 1016, 118 Stat. 3638, 3665.
29. See generally TODD MASSE ET AL., EDS., INFORMATION AND INTELLIGENCE (INCLUDING TERRORISM) FUSION CENTERS 5 (2008) (describing the importance of fusion, including non-traditional intelligence). For a thoughtful exploration of this shift to an "Information Sharing Paradigm"
30. see Peter P. Swire, Privacy and Information Sharing in the War on Terrorism, 51 VILL. L. REV. 951, 954 (2006).
31. BUREAU OF JUSTICE SYS. & GLOBAL JUSTICE INFO. SHARING INITIATIVE, U. S. DEP'T OF JUSTICE & U. S. DEP'T OF HOMELAND SEC, FUSION CENTER PRIVACY POLICY DEVELOPMENT: PRIVACY, CIVIL RIGHTS, AND CIVIL LIBERTIES POLICY TEMPLATE 3 (2010) [hereinafter FUSION CENTER POLICY TEMPLATE].
32. Trip Jennings, Fusion Centers Key to Efforts to Combat Drug Violence, Officials Say, N. M. INDEP. (June 5, 2009), http://newmexicoindependent.com/ 28966/fusion-centers-key-to-fed-efforts-atcombating-drug-violence;
33. see also Hilary Hylton, Fusion Centers: Giving Cops Too Much Information?, TIME (Mar. 9, 2009), http://www.time.com/time/nation/article/0, 8599,1883101,00.html.
34. U. S. DEP'T OF HOMELAND SEC, CIVIL LIBERTIES IMPACT ASSESSMENT FOR THE STATE, LOCAL, AND REGIONAL FUSION CENTER INITIATIVE 2 (2008) [hereinafter CIVIL LIBERTIES IMPACT ASSESSMENT] ("The 9/11 commission acknowledged the challenge of information sharing between the Federal government and State and local entities. As a result, many states and municipalities began adopting a 'fusion' center approach-").
35. Tom Monahan, Safeguarding America's Playground, UNLV INST, FOR SEC. STUDIES (July/Aug. 2010), http://iss.unlv.edu/Guest%20Columns/guestcolumn- julyaugust%202010.html.
36. See, e.g., MCAC Partners, MD. COORDINATION & ANALYSIS CTR., http://www.mcac-md.gov/MCACPartners.php (on file with Hastings Law Journal).
37. Janet Napolitano, Sec'y, Dep't of Homeland Sec, Remarks at the National Fusion Center Conference (Mar. 11, 2009) (emphasis added), available at http://www.dhs.gov/ynews/speeches/sp-i236975404263.shtm.
38. Private firms also help run fusion centers. For instance, a consulting firm manages and provides analysis for the North Central Texas Fusion System. Bill Baumbach, While the County Fiddles, Johnson Gets Paid, and Paid, and Paid, COLLIN CNTV. OBSERVER (July 15, 2009), http://www.baumbach.org/b2evolutior1/ blogs/index.php/2009/07/15/whUe-the-county-fiddlesJohnson-gets-pa.
39. Alice Lipowicz, Boeing to Staff FBI Fusion Center, WASH. TECH. (June 1, 2007), http://washingtontechnology.com/articles/2007/o6/o1/boeing-to-staff-fbi- fusion-enter.aspx.
40. Similarly, the Illinois Statewide Terrorism and Intelligence Fusion Center has a privately funded analyst who focuses on private-sector security. News Release, ASIS Int'l, ASIS Foundation and Illinois Law Enforcement Create the First Private-Sector Funded Position for the Illinois Statewide Terrorism and Intelligence Fusion Center (Apr. 21, 2009), http://www.asisonline.org/ newsroom/pressReleases/042109-ASISFoundationIllinois.doc.
41. See Novel Fusion Center to Boost Anti-Fraud Efforts in California, FRAUD FOCUS (Coal. Against Ins. Fraud, Wash., D. C.), Summer 2008, at 1.
42. Lipowicz, supra note 41. Boeing's decision to co-locate at the WJAC may be due, in part, to the Critical Infrastructure Protection Act of 2001, Pub. L. No. 107-56, 115 Stat. 400, which exempts information that a private firm has provided to the federal government concerning critical infrastructure from FOIA's disclosure requirements. Lipowicz, supra note 41. This suggests that Boeing is not only providing intelligence analysis, but also raw information to the WJAC.
43. Rick Anderson, Watching the Protesters: These Spies May Have Known Too Much, (June 9, 2010), http://Avww.seattleweekly.com/content/printVersion/997962/ ;
44. Joseph Straw, Smashing Information Stovepipes, SECURITY MGMT., http://www.securitymanagement.com/article/smashing-intelligencestovepipes?page= o%2Co (last visited July 4, 2011).
45. See, e.g., David L. Carter, Critical Issues in Civil Rights for Law Enforcement Intelligence and Counterterrorism, 46 CRIM. L. BULL. 587, 591 (2010) (discussing this approach);
46. Mary Beth Sheridan & Spencer S. Hsu, Network of Centers Pools Data on Terror, WASH. POST, - Dec. 31, 2006, at A3.
47. See, e.g., Memorandum of Understanding Between the Fed. Bureau of Investigation and the Va. Fusion Ctr. 2 (Feb. 28, 2008), available at http://epic.org/privacy/virginia-fusion/MOU.pdf.
48. Kerry Kester, Delaware Moves to Forefront with Security Technology, CAPE GAZETTE, Apr. 17, 2007, at 4 (on file with Hastings Law Journal). The Fusion Center Guidelines suggest numerous modes of intelligence output, such as investigative and tactical responśe, alerts, geospatial imaging, criminal backgrounds and profiles, crime-pattern analysis, terrorism calendars, and threat assessments.
49. BUREAU OF JUSTICE SYS. & GLOBAL JUSTICE INFO. SHARING INITIATIVE, U. S. DEP'T OF JUSTICE & U. S. DEP'T OF HOMELAND SEC, FUSION CENTER GUIDELINES 57 (2006) [hereinafter FUSION CENTER GUIDELINES].
50. Jim McKay, Narrowing the Focus, GOV'T TECH. (Sept. 12, 2007), http://www.govtech.com/public-safety/Narrowing-the-Focus.html; Monahan, supra note 37;
51. Ryan Paul, Microsoft to Aid in War on Terror, Builds Software for DHS, ARS TECHNICA (Nov. 21, 2008, 9:19 AM), http://arstechnica.com/security/news/ 2008/ii/microsoft-to-aid-in-war-on-terror-builds-software-for-dhs.ars.
52. Metro Operations Support & Analytical Intelligence Ctr., Presentation to the Public Safety Committee: Dallas Police Department Fusion Center Update 11 (June 15, 2009), available at http://www.dallascityhall.com/committee- briefmgs/briefingso609/PS-Fusion-Center-061509.pdf. The Southern Nevada fusion center's director echoed this sentiment: "Intelligence analysts collect information from other Fusion Centers from classified and unclassified sources, as well as from the public, with an eye towards identifying those behaviors and activities that suggest the pre-operational phases of an impending terror attack." Monahan, supra note 37.
53. Kelley Stone, Deploying and Operating an Effective Regional Fusion Center: Lessons Learned from the North Central Texas Fusion System 6 (July 19, 2007) (unpublished paper) (on file with Hastings Law Journal).
54. As a New Jersey fusion center official explained, we have a "customer philosophy of 'give us a quarter's worth of information and we'll provide you with a dollar's worth of analysis and lead value intelligence information-'" Beyond ISE Implementation: Exploring the Way Forward for Information Sharing: Hearing Before Intelligence, Info. Sharing, and Terrorism Risk Assessment Subcomm. of the H. Comm. on Homeland Sec, 111th Cong. 18 (2009) [hereinafter Beyond ISE Implementation] (statement of Colonel Rick Fuentes, Superintendent, N. J. State Police).
55. Robert O'Harrow, Jr., Centers Tap into Personal Databases, WASH. POST, Apr. 2, 2008, at A1 (quoting Steven G. O'Donnell, Deputy Superintendent of R. I. State Police) (internal quotation marks omitted).
56. Ryan Singel, Fusion Centers Analyzing Reams of Americans' Personal Information, WIRED BLOG (Apr. 2, 2008 10:16 AM), http://blog.wired.com/ 27bstroke6/2008/04/fusion-centers.html.
57. Michael Fickes, The Power of Fusion, GOV'T SEC. (Mar. 1, 2008), http://govtsecurity.com/federal-homeland-security/power-fusion-nsa/.
58. Norm Beasley, Counter-Terrorism Coordinator, Maricopa Cnty, Ariz. Sheriffs Office, Presentation at the COPS 2007 Technology Program Kickoff Conference: Fusion Centers & Their Role in Information Sharing 28-29 (Dec. 5, 2007) (on file with Hastings Law Journal);
59. Matthew Harwood, Port of Long Beach Fusion Center Opens, SEC. MGMT. (Feb. 9, 2009), http://www.securitymanagement.com/news/port-long-beach-fusion-center- opens-005197/.
60. Eric Schmitt, Surveillance Effort Draws Civil Liberties Concerns, N. Y. TIMES, Apr. 28, 2009, at A12. Until late 2009, law enforcement were directed to submit suspicious activity reports about unusual activity, such as a person's taking pictures, sweating, mumbling, and participation in extremist groups.
61. MIKE GERMAN & JAY STANLEY, ACLU, FUSION CENTER UPDATE 2 (2008). Privacy advocates opposed this practice, arguing that this approach risked the reporting of individuals' constitutionally protected activities.
62. Id. In response, the DOJ released a nationwide SAR initiative, which provided strict guidelines for the collection of SARS. U. S. DEP'T OF JUSTICE, ISE-FS-200, INFORMATION SHARING EXCHANGE FUNCTIONAL STANDARD SUSPICIOUS ACNVRRY REPORTING VERSION 1.5 6-7 (2009) [hereinafter ISE FUNCTIONAL STANDARD], available at http://www.niem.gov/pdf/ISE-FS-200-ISE-SAR-Functional-Standard-Vi- 5-Issued.pdf (permitting the production of SARs only on "observed behavior reasonably indicative of pre-operational planning related to terrorism or other criminal activity" and banning a person's race, ethnicity, national origin, or religious affiliation as factors creating suspicion).
63. Reporting Suspicious Activity Questions and Answers, COLO. INFO. ANALYSIS CTR., https://www.ciac.co.gov/index.cfm (last visited July 4, 2011).
64. Suspicious Activity Form, CONN. INTELLIGENCE CTR. (Aug. 2006), http://www.ct.gov/demhs/lib/demhs/emergmgmt/tipsform.pdf (providing a blank form for making reports and asking officers to identify the suspect's name, date of birth, Social Security number, sex, and race).
65. Focus on Fusion Centers: A Progress Report, Hearing Before the Ad Hoc Subcomm. on State, Local, and Private Sector Preparedness and Integration of the S. Comm. on Homeland Sec. & Governmental Affairs, 110th Cong. 35 (2008) [hereinafter Focus on Fusion Centers] (statement of Matthew Bettenhausen, Dir., Calif. Office of Homeland Sec);
66. Wash. State Fusion Ctr., Operation De-Fuse Briefing at the Washington State Fusion Center (May 14, 2010), available at http://www.operationdefuse.com/ 2010/05/14/washington-state-fusion-center-powerpoint/ (explaining that it "distributes information, intelligence, and products" to law enforcement agencies and private sector partners).
67. FUSION CENTER GUIDELINES, supra note 47, at 13.
68. Forrest Wilder, Dr. Bob's Terror Shop: The Strange and Scary Story of the North Central Texas Fusion System, TEX. OBSERVER (Apr. 2, 2009), http://www.texasobserver.org/archives/item/15614-3003-dr-bobs-terror-shop.
69. Definitions, ARIZ. COUNTER TERRORISM INFO. CTR., http://www.azactic.gov/ About/Definitions/ (last visited July 4, 2011).
70. Trip Jennings, Post-9/11 Intelligence Goes Local, N. M. INDEP. BLOG (Aug. 12, 2008, 3:00 AM), http://newmexicoindependent.com/48i/post-9ii-intelligence- goes-local (quoting Norm Beasley) (internal quotation marks omitted).
71. FUSION CENTER GUIDEUNES, supra note 47, at C-1. The Fusion Center Guidelines recommend partnerships with private owners of critical infrastructure, including hospitals, banking, chemical industry, education, energy, hotels, telecommunications, shipping, and private security, among others. Id.
72. Private Sector Information Sharing: What Is It, Who Does It, and What's Working at DHS?: Hearing Before the Subcomm. on Intelligence, Info. Sharing & Terrorism Risk Assessment of the H. Comm. of Homeland Sec, 110th Cong. 5-6 (2007) (statement of James M. Chaparro, Deputy Assistant Sec'y, Dep't of Homeland Sec. Office of Intelligence and Analysis);
73. Torin Monahan, The Murky World of'Fusion Centres', CRIM. JUST. MATTERS, Mar. 2009, at 20, 20-21.
74. Alice Lipowicz, CSX to Share Data with Kentucky Fusion Center, WASH. TECH. (Aug. 2, 2007), http://washingtontechnology.com/articles/2007/08/02/csx- to-share-data-with-kentucky-fusion-center.aspx?sc-lang=en.
75. Joseph Straw, State Perspective-Arizona, SECURITY MGMT. (Jan. 1, 2007), http://www.securitymanagement.com/article/state-perspective-arizona.
76. Focus on Fusion Centers, supra note 63, at 10.
77. Future of Fusion Centers Hearing, supra note 23, at 51 (statement of David D. Gersten, Acting Deputy Officer for Programs and Compliance, U. S. Dep't of Homeland Sec.)
78. For a general critique of improvisation in the war on terror, see David Zaring & Elena Baylis, Sending the Bureaucracy to War, 92 IOWA L. REV. 1359 (2007).
79. Anne-Marie Slaughter, Virtual Visibility, FOREIGN POL'Y, Nov. 2000, at 84, 84 ("Networks are the organizational charts of choice for the information age. Corporations have been transforming themselves from vertical hierarchies into horizontal networks for a decade-[Njational governments are networking as well, linking with their regulatory counterparts across the globe to tackle thorny transnational issues such as money laundering, securities fraud, and drug trafficking. Unfortunately, they are doing so in ways that raise serious concerns about accountability.").
80. PRIVACY IMPACT ASSESSMENT, supra note 7, at 27;
81. Robert Fox, L. A. Police Dep't, Presentation at the Los Angeles Joint Regional Intelligence Center 18 (June 16, 2009), presentation available at http://www.search.org/files/ppt/Day2-F0x.ppt (noting that fusion center participants are subject to "laws and policies applicable to those of their respective agencies").
82. PRIVACY IMPACT ASSESSMENT, supra note 7, at 26-27. Virginia recently passed legislation exempting its fusion centers from the requirements of state privacy law.
83. See 2008 Va. Acts ch. 792
84. (codified as amended at VA. CODE ANN. §§ 52-48, 52-49 (West 2010));
85. 5 U. S. C. § 552a (m) (2006).
86. CIVIL LIBERTIES IMPACT ASSESSMENT, supra note 35, at 4.
87. Future of Fusion Center Hearing, supra note 23, at 54 (statement of David D. Gersten, Acting Deputy Officer for Programs and Compliance, U. S. Dep't of Homeland Sec).
88. See, e.g., BUREAU OF JUSTICE SYS. & GLOBAL JUSTICE INFO. SHARING INITIATIVE, U. S. DEP'T OF JUSTICE & U. S. DEP'T OF HOMELAND SEC, GUIDE TO CONDUCTING PRIVACY IMPACT ASSESSMENTS FOR STATE, LOCAL, AND TRIBAL INFORMATION SHARING INITIATIVES (2009).
89. This includes the Indiana, Michigan, Minnesota, and Mississippi fusion centers. IND. INTELLIGENCE FUSION CTR., PRIVACY POLICY VERSION 2.0 (2010), available at http://www.in.gov/iifc/files/IIFC-Privacy-Policy.pdf; Mich. Intelligence Operations Ctr.
90. PRIVACY POLICY (2011), available at http://www.michigan.gov/documents/ msp/MIOCprivacypolicy-355596-7.pdf;
91. MINN. JOINT ANALYSIS CTR., PRIVACY POLICY (2011), available at http://www.nfcausa.org/(S(xipxro45420unzyc3amnqtei))/documentdownload.aspx? documentid=34&getdocnum=i&AspxAutoDetectCookieSupport=i; Miss. Analysis - Info. Ctr.
92. PRIVACY POLICY (2007), available at http://www.homelandsecurity.ms.gov/ docs/msaic-privacy-policy.pdf.
93. For instance, the Washington State fusion center summarized its "key privacy policy elements" in a public briefing as including " 28 C. F. R. Part 23, audit mechanism (being developed by Executive Board), and the prohibition against the collection, retention, and dissemination of information based solely on race, gender, age, sexual orientation, disability, or First Amendment activities." Wash. State Fusion Ctr., supra note 63;
94. see also 28 C. F. R. pt. 23 (2010).
95. U. S. DEP'T OF JUSTICE, BASELINE CAPABILITIES FOR STATE AND MAJOR URBAN AREA FUSION CENTERS 16 (2008)
96. (noting that fusion centers must adhere to 28 C. F. R. pt. 23 because they receive federal funding).
97. see MARK A. RANDOL, CONG. RESEARCH SERV., R 40602, THE DEPARTMENT OF HOMELAND SECURITY INTELLIGENCE ENTERPRISE: OPERATIONAL OVERVIEW AND OVERSIGHT CHALLENGES FOR CONGRESS II (2010) (noting that there are seventy-two fusion centers).
98. Id. Fusion centers have assisted local, state, and federal agencies in other ways. They help locate individuals with outstanding warrants. Mo. Info. Analysis Or., Missouri Information Analysis Center (MIAC), http://www.scribd. corn/doc/17782446/MIAC-Power-Point-What-is-MIAC (last visited July 4, 2011).
99. Data-mining applications are successful in predicting consumer behavior for credit card companies, because they can compare a consumer's credit history with the credit histories of millions of other consumers to predict the likelihood of delinquency. Fred H. Cate, Government Data Mining: The Need for a Legal Framework, 43 HARV. C. R.-C. L. L. REV. 435, 473 (2008).
100. For a description of the "small-N" problem, see David Dahua Yang, Empirical Social Inquiry and Models of Causal Inference, NEW ENG. J. POL. SCI., Fall 2006, oat 51, 63. Nevertheless, an academic paper from the Naval Postgraduate School claims to "establish a chronological pattern to" the radicalization of "our nation's three most prolific domestic lone wolf terrorists", including Timothy McVeigh, Ted Kaczynski, and Eric Rudolph, and thus identifying a "pattern [that] can identify future lone wolf terrorist radicalization activity upstream."
101. Nathan R. Springer, Patterns of Radicalization: Identifying the Markers and Warning Signs of Domestic Lone Wolf Terrorists in Our Midst 79 (Dec. 2009) (unpublished Master's thesis, Naval Postgraduate School), available at http://www.opensourcesinfo.org/journal/2010/11/23/patterns-of-radicalization- identifying-the-markersand-warni.html ("The next lone wolf domestic terrorist lurks in our midst, and could be following the same chronological pattern that we saw with McVeigh, Kaczynski, and Rudolph. Apply the chronological pattern of radicalization [discussed in this thesis]... to future radicalization and we could catch it upstream, before it happens.").
102. NAT'L RESEARCH COUNCIL, PROTECTING INDIVIDUAL PRIVACY IN THE STRUGGLE AGAINST TERRORISTS: A FRAMEWORK FOR PROGRAM ASSESSMENT 77-78 (2008).
103. JEFFREY W. SEIFERT, CONG. RESEAKCH SERV., RI 31798, DATA MINING: AN OVERVIEW 28 (2004). The NSA's warrantless wiretapping program produced a flood of tips that were nearly all false alerts
104. Lowell Bergman et al., Spy Agency Data After Sept. u Led FBI to Dead Ends, N. Y. TIMES, Jan. 17, 2006, at A1.
105. U. S. GOV'T ACCOUNTABILITY OFFICE, GAO-08-636T, HOMELAND SECURITY: FEDERAL EFFORTS ARE HELPING TO ADDRESS SOME CHALLENGES FACED BY STATE AND LOCAL FUSION CENTERS 9 (2008);
106. see also NAT'L RESEARCH COUNCIL, supra note 101, at 80.
107. Swire, supra note 32, at 964-65; Jeff Jonas & Jim Harper, Effective Counterterrorism and the Limited Role of Predictive Data Mining, CATO INST. POL'Y ANALYSIS, Dec. 11, 2006, at 1, 8.
108. Paul Rosenzweig & Jeff Jonas, Correcting False Positives: Redress and the Watch List Conundrum, LEGAL MEMORANDUM (Heritage Found., Wash., D. C.), June 17, 2005, at 2-3.
109. Jonas & Harper, supra note 104, at 8. To be sure, some national security efforts, like airport screening, may make us safer, because they provide an appearance of greater scrutiny. BRUCE SCHNEIER, BEYOND FEAR: THINKING SENSIBLY ABOUT SECURITY IN AN UNCERTAIN WORLD 38 (2003). Fusion centers cannot provide such "security theater", because they operate in secret.
110. see also NAT'L RESEARCH COUNCIL, supra note 101.
111. NAT'L RESEARCH COUNCIL, supra note 101, at 40.
112. Cf. MARK DENBEAUX & JOSHUA DENBEAUX, REPORT ON GUANTANAMO DETAINEES: A PROFILE OF 517 DETAINEES THROUGH ANALYSIS OF DEPARTMENT OF DEFENSE DATA 4 (2006) (reporting that of over 500 detainees, "approximately 10 have been charged with any crime related to violations of the laws of war").
113. Bob Drogin, Spying on Pacifists, Greens and Nuns (Dec. 7, 2008), http://articles.latimes.com/20o8/dec/o7/nation/na-cop-spy7.
114. See generally STEPHEN H. SACHS ET AL., REVIEW OF MARYLAND STATE POLICE COVERT SURVEILLANCE OF ANTI-DEATH PENALTY AND ANTI-WAR GROUPS FROM MARCH 2005 TO MAY 2006 (2008).
115. MO. INFO. ANALYSIS CTR., MI AC STRATEGIC REPORT: THE MODERN MILITIA MOVEMENT (2009);
116. see Chad Livengood, Agency Apologizes for Militia Report on Candidates, SPRINGFIELD NEWS-LEADER, Mar. 25, 2009, at 1A. The fusion center intended the report only for the eyes of police officers-it was made public after being leaked on the Internet. Livengood, supra. The fusion center subsequently apologized to former presidential candidates Ron Paul, Bob Barr, and Chuck Baldwin for the report. Id.
117. T. J. Greaney, 'Fusion Center' Data Draws Fire over Assertions, COLUMBIA DAILY TRIB., Mar. 14, 2009, at A1, available at http://www.columbiatribune.com/ news/2009/mar/14/fusion-center-datadraws-fire-over-assertions/.
118. Josh Richman, ACLU: Spying on Activists Needs to End, OAKLAND TRIB., July 27, 2006, at 1.
119. VA. FUSION CTR., 2009 VIRGINIA TERRORISM THREAT ASSESSMENT 9 (2009). In 2009, the North Central Texas Fusion System distributed its Prevention Awareness Bulletin to over 1500 state officials, urging law enforcement to report on organizations that lobby Islamic-based issues or support radical goals such as Shariah law.
120. Matthew Harwood, Fusion Centers Under Fire in Texas and New Mexico, SECURITY MGMT. (Mar. 9, 2009), http://www.securitymanagement.com/news/fusion- centers-under-firetexas-and-new-mexico-005314.
121. Between 1956 and 1971, the FBI's COINTELPRO program engaged in domestic covert action designed to disrupt groups engaged in the civil rights, antiwar, and communist movements. S. SELECT COMM. TO STUDY GOVERNMENTAL OPERATIONS WITH RESPECT TO INTELLIGENCE ACTIVITIES, FINAL REPORT ACNVMES AND THE RIGHTS OF AMERICANS, S. REP. NO. 94-755, at 679-732 (1976). The FBI sought to infiltrate and disrupt these groups on the theory that "preventing the growth of dangerous groups and the propagation of dangerous ideas would protect the national security and deter violence."
122. Id. at 3. COINTELPRO was not an isolated abuse. Lawrence Rosenthal, First Amendment Investigations and the Inescapable Pragmatism of the Common Law of Free Speech, 86 IND. LJ. I, 37 (2011) ("[H]istory reflects a serious risk of abuse in investigations based on the protected speech of the targets.").
123. Fusion centers might analyze individuals' digital footprints to identify "suspicious" political, ethnic, and religious groups. Katherine J. Strandburg, Freedom of Association in a Networked World: First Amendment Regulation of Relational Surveillance, 49 B. C. L. REV. 741, 760 (2008). As Katherine Strandburg warns, such data-mining programs seek to find "malevolent associations in a haystack of more numerous legitimate relationships."
124. Daniel J. Solove, Data Mining and the Security-Liberty Debate, 75 U. CHI. L. REV. 343, 358 (2008) (explaining that bias can be embedded in human-created profiles encoded in computer algorithms, as well as in the human-compiled datasets of terrorists that predictive data-mining tools would search).
125. Daniel J. Solove, The First Amendment as Criminal Procedure, 82 N. Y. U. L. REV. 112, 143-44 (2007).
126. See Danielle Keats Citron, Fulfilling Government 2.0's Promise with Robust Privacy Protections, 78 GEO. WASH. L. REV. 822, 861 (2010) (exploring the potential chilling caused by government's use of social media to interact with the public on policy issues). This Article does not suggest that the surveillance of political and religious groups is necessarily justiciable, although it may be so in circumstances where the chilling of expressive association is accompanied by objective harm, such as reputational damage.
127. See Linda E. Fisher, Guilt by Expressive Association: Political Profiling, Surveillance and the Privacy of Groups, 46 ARIZ. L. REV. 621, 656-57 (2004). Instead, it seeks to underscore the various ways fusion centers impact basic liberties, including free expression and association.
128. Swire, supra note 32. See generally FREDERICK M. LAWRENCE, PUNISHING HATE: BIAS CRIMES UNDER AMERICAN LAW (1999) (arguing hate crimes are uniquely destructive and divisive and calling for tougher sentences for these crimes).
129. MIAC Isn't Making 'Strategic' Reports but Won't Rule Them Out, OPERATION DEFUSE (Dec. 23, 2009), http://www.operationdefuse.com/2009/12/23/miac-isnt- making-strategic-reports-but-wontrule-them-out-ky3-news-weather-sports- springfield-mo-local-news/.
130. FUSION CENTER PRIVACY POUCY TEMPLATE, supra note 33.
131. ROLUNS, supra note 26, at 58. One-third of fusion center officials reported that they lacked guidance on civil liberties practices. U. S. GOV'T ACCOUNTABILITY OFFICE, supra note 103, at 11 (explaining that officials in nineteen fusion centers said that they lacked guidance on informationsharing policies and procedures, such as privacy and civil liberties issues).
132. See DANIEL J. SOLOVE, UNDERSTANDING PRIVACY 106-70 (2009).
133. See generally Danielle Keats Citron & Leslie Meltzer Henry, Visionary Pragmatism and the Value of Privacy in the Twenty-First Century, 108 MICH. L. REV. 1107 (2010) (reviewing SOLOVE, supra).
134. Id. In revising the SARs protocols, the DHS may have helped prevent other privacy concerns. Before the newly revised SARs protocols, law enforcement was instructed to submit SARs based on a person's use of binoculars, drawing diagrams, inappropriate attire, ownership of heavy vehicles, or espousal of extremist views. See, e.g., GERMAN & STANLEY, supra note 58, at 2.
135. Such aggressive information collection risked violating 28 C. F. R. pt. 23
136. which requires a reasonable suspicion that a person committed a crime before collecting information. 28 C. F. R. pt. 23 (2010).
137. Indeed, that approach recalled the COINTELPRO surveillance that motivated Congress to require the issuance of 28 C. F. R. pt. 23 in the first place.
138. See Frank Pasquale, Reputation Regulation: Disclosure and the Challenge of Clandestinely Commensurating Computing, in THE OFFENSIVE INTERNET: SPEECH, PRIVACY, AND REPUTATION 107, no (Martha Nussbaum & Saul Levmore eds., 2010) (discussing systems that "unfairly induce the use of informal, digital methods that increase the chance of mis-recognition and reductionism").
139. Christine Stuart, Reporter Arrested for Political Activism, CONN. NEWS JUNKIE BLOG (Jan. 5, 2007 11:01 AM), http://www.ctnewsjunkie.com/ctnj.php/ archives/entry/reporter-arrested-for-political-activism-updated-with-police- report/.
140. Gregory B. Hladky, Arrest Exposes State's Threats List, NEW HAVEN REG., Jan. 9, 2007, at A1.
141. Gerri Willis, Are You on the List?, CNN (Sept. 30, 2009), http://www.cnn.com/video/video/crime/2009/09/30/willis.fusion.centers.cnn.
142. Jennifer Medina, Arrest of Activist Troubles Hartford Officials, N. Y. TIMES, Jan. 9, 2007, at B6.
143. Cf. Danielle Keats Citron, Technological Due Process, 85 WASH. U. L. REV. 1249, 1309 (2008) (exploring the due process implications of automated system determinations including the "No Fly" list).
144. See generally, e.g., Julie E. Cohen, Examined Lives: Informational Privacy and the Subject as Object, 52 STAN. L. REV. 1373 (2000) (arguing that the debate surrounding data privacy protection needs to be grounded in an appreciation for autonomy that requires a degree of freedom from monitoring, scrutiny, and categorization by others). As the Supreme Court has made clear, individuals have no expectation of privacy in information provided to third parties.
145. United States v. Miller, 425 U. S. 435, 440 (1976);
146. Christopher Slobogin, Government Data Mining and the Fourth Amendment, 75 U. CHI. L. REV. 317, 330 (2008). Fusion centers can freely mine customers' financial records, data brokers' digital dossiers, and cell phone location data.
147. Rebecca Andino, The Privacy Challenges of U. S. Fusion Centers, THE PRIVACY ADVISOR (Int'l Ass'n of Privacy Profls, Portsmouth, N. H.), May 2008, at 7, available at http://www.privacyassociation.org/publications/the-privacy- challenges-of-U.S.-fusion-centers/.
148. Id. This is not a fanciful notion. In August 2007, New York City Public Schools fired an employee, because the location information produced by his employer-provided cell phone showed that he was not working when he claimed to be. David Seifman, 'Track' Man Is Sacked, N. Y. POST, Aug. 31, 2007, at 27.
149. GERMAN & STANLEY, supra note 27, at 14.
150. Cf. Jon D. Michaels, All the President's Spies: Public-Private Intelligence Partnerships in the War on Terror, 96 CALIF. L. REV. 901, 914-16 (2008).
151. See, e.g., FRANCES H. BUTLER & JANET S. MURRILL, Y-12 NAT'L SEC. COMPLEX, FUSION CENTER INTEROPERABILITY: DATA DEFINITION AND CHARACTERIZATION 18 (2008).
152. Maryland State Police Surveillance Practices & Policies: Hearing Before the S. Judicial Proceedings Comm., 2008 Leg., 425th Scss. 2-3 (Md. 2008), available at http://www.aclu-md.org/Indcx%20contcnt/NoSpying/Gcrman-Tcstimony. pdf (statement of Michael German, ACLU Policy Counsel for Nat'l Sec. Issues) (citing Sachs, supra note 110).
153. Hylton, supra note 34. Indeed, the Fusion Center Guidelines reflected this sentiment. FUSION CENTER GUIDELINES, supra note 47.
154. GOV'T ACCOUNTABILITY OFFICE, supra note 103, at 3.
155. Torin Monahan & Neal A. Palmer, The Emerging Politics of DHS Fusion Centers, 40 SECURITY DIALOGUE 617, 626 (2009).
156. TORIN MONAHAN, SURVEILLANCE IN THE TIME OF INSECURITY 46 (2010).
157. Jack M. Balkin, The Constitution in the National Surveillance State, 93 MINN. L. REV. i, 18 (2008).
158. Julie E. Cohen, The Inverse Relationship Between Secrecy and Privacy, 77 SOC. RES. 883, 885 (2010).
159. 5 U. S. C. § 552 (2006).
160. 2008 Va. Acts ch. 792 (codified as amended at VA. CODE ANN. §§ 52-48, 52-49 (West 2010)).
161. Trcbor Scholz, Introduction: Points of Control, 77 Soc. Res. 931, 938-39 (2010).
162. For a discussion of the potential uses of data mining, see Christopher Slobogin, Distinguished Lecture: Surveillance and the Constitution, 55 WAYNE L. REV. 1105, 1118 (2009) ("Event-driven data mining is the most insidious form of data mining because it is conducted in the absence of a particular suspect; rather it is designed to discover the perpetrator of a past or future event using profiles or algorithms that purport to describe general characteristics of such a perpetrator.").
163. STEWART A. BAKER, SKATING ON STILTS: WHY WE AREN'T STOPPING TOMORROW'S TERRORISM 313 (2010). ("[T]he spread of cheap information about all of us will change our relationship to the world. We will have fewer secrets. Crippling government by preventing it from using information that everyone else can get will not give us back our secrets."). Baker is a former Assistant Secretary for Policy at the Department of Homeland Security.
164. For important insights on the concerns expressed in the "I've got nothing to hide" argument against privacy, see generally Daniel J. Solove, "I've Got Nothing to Hide" and Other Misunderstandings of Privacy, 44 SAN DIEGO L. REV. 745 (2007).
165. CIVIL LIBF. RTIES IMPACT ASSESSMENT, supra note 35.
166. BUREAU OF JUSTICE SYS. & GLOBAL JUSTICE INFO. SHARING INITIATIVE, U. S. DEP'T OF JUSTICE & U. S. DEP'T OF HOMELAND SLC, FACT SHEET ENHANCING THE PRIVACY, CIVIL RIGHTS, AND CIVIL LIBERTIES FRAMEWORK FOR STATE AND MAJOR URBAN AREA FUSION CENTERS 2 (2010). Although DHS officials emphasize that state and local officers "own" fusion centers, grant funding provides significant leverage to ensure compliance with the ISE Privacy Guidelines.
167. FUSION CENTER POLICY TEMPLATE, supra note 33, at 5-6, 41 (listing eight Fair Information Principles-collection limitation, data quality, purpose specification, use limitation, security safeguards, openness, individual participation, and accountability-though noting that some "may not apply in all instances of an integrated justice system").
168. PRIVACY IMPACT ASSESSMENT, supra note 7, at 27-28 (raising concerns about military and private firm participation in fusion centers);
169. see also CIVIL LIBERTIES IMPACT ASSESSMENT, supra note 35. at 14.
170. PRIVACY IMPACT ASSESSMENT, supra note 7, at 21 (emphasis omitted).
171. ISE FUNCTIONAL STANDARD, supra note 58, at 2. For a prescient call for limits of this type
172. (quoting U. S. DEP'T OF JUSTICE, supra note 58, at 2).
173. Community Engagement, DEPARTMENT OF HOMELAND SECURITY, http://www.dhs.gov/xabout/structure/gc-i2738730587o6.shtm7 (last visited July 4, 2011).
174. We borrow the term "regulatory arbitrage" from the private sector context in which it developed. See, e.g., Michael S. Knoll, The Ancient Roots of Modern Financial Innovation: The Early History of Regulatory Arbitrage, 87 OR. L. REV. 93, 94 (2008) ("The exploitation of regulatory inconsistencies is a major impetus for financial innovation. Indeed, it might be the primary impetus. There is a strong incentive to innovate around prohibited or disadvantaged transactions. These innovations are commonly referred to as regulatory arbitrage."). We discuss solutions to the regulatory arbitrage problem in Part V. B infra.
175. Because state-run fusion centers are not federal agencies, such fusion centers may share records with federal agencies, bypassing the goal of the Privacy Act. One could argue that existing federal privacy law gives fusion centers little reason to engage in such arbitrage, given its exemption of law enforcement and national security intelligence from many of its obligations. See Freedom of Information Act, 5 U. S. C. § 552a (j), (k) (2) (2006). Nonetheless, for information falling outside these exemptions, which is surely a great deal, given the collection of "all hazards" information, the Privacy Act bars federal agencies from sharing information records without the permission of individuals whose records would be transferred.
176. Id. Information directly gathered by the DHS would implicate "fair information practices as set out in the Privacy Act of 1974." 6 U. S. C. § 142 (a) (2) (2006) (describing the duties of the agency's Privacy Officer).
177. See 2008 Va. Acts ch. 792
178. (codified as amended at VA. CODE ANN. §§ 52-48, 52-49 (West 2010)).
179. GERMAN & STANLEY, supra note 27, at 10-11. Federal regulation 28 C. F. R. pt. 23, if applied and enforced, might assuage these concerns, if fusion centers interpret access to data as collection covered by federal regulation.
180. See 28 C. F. R. pt. 23 (2010).
181. But since FOIA does not apply to the work of state personnel, the public may have no way of knowing whether fusion centers are complying with 28 C. F. R. pt. 23. Moreover, however detailed the aspirations in documents like the ISE Functional Standard and the Privacy Impact Assessment may be, the DHS has been slow to institutionalize enforcement.
182. Alan J. Bojorquez & Damien Shores, Open Government and the Net: Bringing Social Media into the Light, 11 TEX. TECH. ADMIN. L. J. 45, 50 (2009). For emails, the retention period depends on the information and content within the email.
183. For example, even though the Indiana Intelligence Fusion Center ("IIFC") has a model privacy policy in many respects, it explicitly reserves the right to withhold the "the existence, content, and source of the information" from the requestor in many cases, which makes it difficult to populate the entire ISE with redress efforts. IND. INTELLIGENCE FUSION CTR., supra note 88, at 13. Greg Nojeim, Senior Counsel at the Center for Democracy & Technology, has affirmed our fear that this remains a widespread problem. Email from Greg Nojeim, Senior Counsel, Ctr. for Democracy & Tech., to Authors, supra note 178 ("If you go to e.g. the Texas fusion center and ask them to correct errant data in their data base about you, but their information came from the Louisiana fusion center, Texas is forbidden from telling you about the source of that information and can't correct it, and there's no process for triggering a correction by Louisiana.").
184. The one center with a redress mechanism is in Indiana. See IND. INTELLIGENCE FUSION CTR., supra note 88, at 13 ("Upon satisfactory verification (fingerprints, driver's license, or other specified identifying documentation) of his or her identity and subject to the conditions specified in K.i (2), below, an individual is entitled to know the existence of and to review the information about him or her that has been gathered and retained by the IIFC").
185. Gillian E. Metzger, Privatization as Delegation, 103 COLUM. L. REV. 1367, 1378 (2003).
186. Michael D. Birnhack & Niva Elkin-Koren, The Invisible Handshake: The Reemergence of the State in the Digital Environment, 8 VA. J. L. & TECH 6, 27 (2003).
187. For an exposé of concerns raised by our foreign and domestic intelligence apparatus, see Washington Post reporters Dana Priest and William M. Arkin's series, blog, and multimedia database on the growing U. S. intelligence community. Top Secret America, WASH. POST, http://projects.washingtonpost.com/ top-secret-america (last visited July 4, 2011).
188. See supra Part III A; see also FUSION CENTER POLICY TEMPLATE, supra note 33.
189. ALASDAIR ROBERTS, BLACKED OUT: GOVERNMENT SECRECY IN THE INFORMATION AGE 138 (2006). A Canadian tortured in Syria found it difficult to obtain redress based on repeated deflections of his queries by Canadian, Syrian, and U. S. intelligence and law enforcement agencies, each based on the asserted needs of the other entities for secrecy.
190. Marc Rotenberg, Privacy and Secrecy after September 11, in BOMBS AND BANDWIDTH: THE EMERGING RELATIONSHIP BETWEEN INFORMATION TECHNOLOGY AND SECURITY 132, 138-39 (Robert Latham ed., 2003) (explaining that "the American tradition of seeking to protect privacy while limiting government secrecy" reflect our complementary values of privacy and openness).
191. See Olmstead v. United States, 277 U. S. 438, 471-85 (1928) (Brandeis, J., dissenting).
192. See generally Danielle Keats Citron, Mainstreaming Privacy Torts, 98 CALIF. L. REV. 1805 (2010) (exploring Brandeis's conception of privacy in The Right to Privacy).
193. For a fascinating historical analysis of Louis Brandeis's views on privacy and transparency, see generally Neil M. Richards, The Puzzle of
194. Generally speaking, standards play a crucial role in networks-they determine how people and entities are connected. DAVID GREWAL, NETWORK POWER: THE SOCIAL DYNAMICS OF GLOBALIZATION 21 (2009).
195. Criminal Intelligence Systems Operating Policies, 28 C. F. R. 20. 23 (2010).
196. MARKLE TASK FORCE ON NAT'L SEC. IN THE INFO. AGE, MARKLE FOUND., IMPLEMENTING A TRUSTED INFORMATION SHARING ENVIRONMENT: USING IMMUTABLE AUDIT LOGS TO INCREASE SECURITY, TRUST, AND ACCOUNTABILITY 1 (2006) [hereinafter MARKLE TASK FORCE].
197. It is interesting to note that even John Poindexter, proponent of the controversial data-mining proposal called "Total Information Awareness", embraced the use of immutable audit logs. SHANE HARRIS, THE WATCHERS 190 (2010) ("[John Poindexter] proposed an 'immutable audit trail', a master record of every analyst who had used the TIA [Total Information Awareness] system, what data they'd touched, and what they'd done with it... to spot suspicious patterns of use-Poindexter wanted to use TIA to watch the watchers.").
198. MARKLE TASK FORCE, supra note 212, at 3 ("Access to the audit logs can be granted to trusted parties, such as an agency's Inspector General or the Government Accountability Office, which can assess compliance with information sharing and privacy guidelines as well as with a system's stated policies. Even for classified systems, unclassified versions of reports can be made public that describe the extent of compliance with stated policies.").
199. MARKLE TASK FORCE, supra note 212, at 2.
200. VIKTOR MAYER-SCHÖNBERGER, DELETE: THE VIRTUE OF FORGETTING IN THE DIGITAL AGE 65, 71 (2009) (describing "plummeting storage prices", and observing that "[e]xperts suggest that the trend of cheaper storage" will continue into the twenty-first century).
201. Helen Nissenbaum, Privacy as Contextual Integrity, 79 WASH. L. REV. 119, 155 (2004) ("[W]hether a particular action is determined a violation of privacy is a function of several variables, including the nature of the situation, or context; the nature of the information in relation to that context; the roles of agents receiving information; their relationships to information subjects; on what terms the information is shared by the subject; and the terras of further dissemination. ").
202. For an insightful account of the Church Committee investigation, see FREDERICK A. O. SCHWARTZ, JR. & AZIZ Z. HUQ, UNCHECKED AND UNBALANCED: PRESIDENTIAL POWER IN A TIME OF TERROR 32-52 (2007) (describing the Church Committee's exposure of hundreds of abuses of domestic intelligence gathering, under the leadership of Idaho Senator Frank Church).
203. JOHN MUELLER, OVERBLOWN: HOW POLITICIANS AND THE TERRORISM INDUSTRY INFLATE NATIONAL SECURITY THREATS, AND WHY WE BELIEVE THEM 37 (2006).
204. See, e.g., TIM SHORROCK, SPIES FOR HIRE: THE SECRET WORLD OF INTELLIGENCE OUTSOURCING (2008);
205. Donald L. Barlett & James B. Steele, Washington's $8 Billion Shadow, VANITY FAIR, Mar. 2007, at 342.
206. William Maclean, Crisis Sharpens Scrutiny of Security Spending, REUTERS, Feb. 25, 2009, available at http://www.reuters.com/article/idUSTRE5iO2SM20090225 ("[B]udget pressures will force policymakers increasingly to identify waste and question big-ticket purchases of technology, a trend underpinned by worries in the West that intrusive monitoring poses a risk to civil liberties, analysts say.").
207. MATTHEW AID, THE SECRET SENTRY: THE UNTOLD HISTORY OF THE NATIONAL SECURITY AGENCY 304-05 (2009) (sharing that former senior State Department official Herbert Levin noted that while NSA can point to instances where it has been helpful, "whether they're worth the billions that are spent, is a genuine question in my mind").
208. S. REP. NO. 111-199, at 6 (2010).
209. AID, supra note 231, at 304-05. See generally JAMES BAMFORD, THE PUZZLE PALACE: A REPORT ON AMERICA'S MOST SECRET AGENCY (1982) (discussing NSA defenders' positions).
210. Ross Douthat, Op-Ed, The Great Consolidation, N. Y. TIMES, May 17, 2010, at A23;
211. see also generally Veronique de Rugy, What Does Homeland Security Spending Buy? (Am. Enter. Inst., Working Paper No. 107, 2004), available at http://www.aei.org/paper/21483 (questioning the effectiveness of DHS spending and concluding that a large portion of homeland security-spending decisions are "made on a political basis rather than on a sound cost benefit analysis", leading to the traditional public choice failures that plague government spending).
212. Bruce Ackerman, Terrorism and the Constitutional Order, Keynote Address at the Fordham Law Review Symposium: A New Constitutional Order? (Mar. 24, 2006), in 75 FORDHAM L. REV. 475, 475 (2006) ("A downward cycle threatens: After each successful attack, politicians will come up with a new raft of repressive laws that ease our anxiety by promising greater security-only to find that a different terrorist band manages to strike a few years later.... Even if the next half-century sees only three or four attacks on a scale that dwarfs September 11, the pathological political cycle will prove devastating to civil liberties by 2050.").
213. RICHARD A. FALKENRATH ET AL., AMERICA'S ACHILLES' HEEL: NUCLEAR, BIOLOGICAL, AND CHEMICAL TERRORISM AND COVERT ATTACK 5 (1998) ("A single nuclear weapon could easily kill over a hundred thousand people if detonated in a densely populated urban area.").
214. See generally DAN ARIELY, PREDICTABLY IRRATIONAL: THE HIDDEN FORCES THAT SHAPE OUR DECISIONS (2008) (describing behavioral economics research on skewed threat assessments). As a recent profile of Cass Sunstein mentioned, there is great "difficulty in estimating the possibility of catastrophe-studies of insurance markets have found that we tend to ignore small risks until their probability passes a certain threshold, at which point we overspend wildly to prevent them."
215. Benjamin Wallace-Wells, Cass Sunstein Wants to Nudge Us, N. Y. TIMES, May 16, 2010, (Magazine), at 42.
216. OFFICE OF THE INSPECTOR GEN., U. S. DEP'T OF HOMELAND SEC, OIG-06-40, PROGRESS IN DEVELOPING THE NATIONAL ASSET DATABASE 6, 8-15 (2006).
217. Eric Lipton, Come One, Come All, Join the Terror Target List, N. Y. TIMES, July 12, 2006, at Al.
218. RICHARD A. POSNER, COUNTERING TERRORISM: BLURRED FOCUS, HALTING STEPS 2-3 (2007);
219. see also Samuel J. Rascoff, Domesticating Intelligence, 83 S. CAL. L. REV. 575, 619 (2010) ("[I]ntelligence has thus far remained impervious to rationality review, including in the narrow sense of comparing monetized costs and benefits.... Employing rationality review as a standard tool for proposed intelligence programs would represent an important development in the governance of intelligence in a number of respects.").
220. POSNER, supra note 243, at 2; see also Marcus Holmes, Just How Much Does That Cost, Anyway? An Analysis of the Financial Costs and Benefits of the "No-Fly" List, HOMELAND SECURITY AFF. (Jan. 2009), http://www.hsaj.org/?article=5.i.6.
221. But see NICHOLAS NASSIM TALEB, THE BLACK SWAN: THE IMPACT OF THE HIGHLY IMPROBABLE 74-75 (2007) (arguing that the exact likelihood of very low-probability events cannot be estimated);
222. Clifford Geertz, Very Bad News, N. Y. REV. BOOKS, Mar. 24, 2005, at 4
223. (reviewing RICHARD A. POSNER, CATASTROPHE: RISK AND RESPONSE (2004) and concluding that Posner's method is too susceptible to manipulation to be reliable).
224. See Jessica Stern & Jonathan B. Wiener, Precaution Against Terrorism, in MANAGING STRATEGIC SURPRISE: LESSONS FROM RISK MANAGEMENT AND RISK ASSESSMENT 110-83 (Paul Bracken et al. eds., 2008).
225. FRANK ACKERMAN & LISA HEINZERLING, PRICELESS: ON KNOWING THE PRICE OF EVERYTHING AND THE VALUE OF NOTHING 8 (2004) ("The basic problem with narrow economic analysis of health and environmental protection is that human life, health, and nature cannot be described meaningfully in monetary terms; they are priceless.").
226. Balkin, supra note 156, at 15 (describing the emergence of a "National Surveillance State", which could easily lead government to "create a parallel track of preventative law enforcement" that avoids the "traditional guarantees of the Bill of Rights"). For an especially insightful analysis of the rule of law problems raised by the transparency of personal information posted online, see Joel R. Reidenberg, Transparent Citizens and the Rule of Law (Feb. I, 2010), http://cyber.law.harvard.edu/events/2010/ 02/reidenberg.
227. WILLIAM E. SCHEUERMAN, LIBERAL DEMOCRACY AND THE SOCIAL ACCELERATION OF TIME 4 (2004) (citing the social theory of Zygmunt Bauman, Manuel Castells, Anthony Giddens, David Harvey, and Reinhardt Koselleck on the "social acceleration of time").
228. Wartime Executive Power and the National Security Agency's Surveillance Authority: Hearing Before the S. Comm. on the Judiciary, 109th Cong. 11 (2006) (statement of Alberto R. Gonzales, U. S. Att'y Gen.) ("[S]peed, agility and secrecy are essential to... [the terrorist surveillance program's] success.").
229. Until 9/11, the concept of "emergency" or "exception" had been a neglected topic in American constitutional law. Oren Gross, Chaos and Rules: Should Responses to Violent Crises Always Be Constitutional?, 112 YALE L. J. ZOII, 1015 n. 8 (2003);
230. see also e.g., PAUL BREST ET AL., PROCESSES OF CONSTRRUNONAL DECISIONMAKING: CASES & MATERIALS 378-97 (4th ed. 2000) (discussing World War I and the First Amendment cases).
231. Adrian Vermeule, Our Schmittian Administrative Law, 122 HARV. L. REV. 1095, 1101 (2009).
232. Korematsu v. United States, 323 U. S. 214, 221 (1944);
233. Ex parte Milligan, 71 U. S. (4 Wall.) 2, 4 (1866).
234. Kim Lane Scheppele, Law in a Time of Emergency: States of Exception and the Temptations of 9/11, 6 U. PA. J. CONST. L. 1001 (2004).
235. For example, the Bush administration's 2002 National Security Strategy preamble warned that "[t]he war against terrorists... is a global enterprise of uncertain duration. " WHITE HOUSE, THE NATIONAL SECURITY STRATEGY OF THE UNITED STATES OF AMERICA iii (2002).
236. DAVID DYZENHAUS, THE CONSTITUTION OF LAW: LEGALITY IN A TIME OF EMERGENCY 3 (2006).
237. In re City of N. Y., 607 F.3d 923, 928 (2d Cir. 2010). The federal Freedom of Information Act, or FOIA, exempts "records or information compiled for law enforcement purposes" if disclosure may harm law enforcement activities or the public interest generally.
238. See 5 U. S. C. § 552 (b) (7) (2006).
239. In re City of N. Y., 607 F.3d at 944. 273.
240. David E. Pozen, The Mosaic Theory, National Security, and the Freedom of Information Act, 115 YALE LJ. 628, 631 (2005).
241. 32 C. F. R. § 701. 31 (2010). Pozen has argued that [w]hen courts permit the government to withhold even the most innocuous-seeming (and politically controversial) items of information without specifying how each item might contribute to a dangerous mosaic, they enable spurious claims and disable counterargument. Understanding this, agencies gravitate to the mosaic theory when they know their case for secrecy is weak.
242. David Pozen, The Mosaic Theory, HARTFORD COURANT (Feb. 28, 2006), http://articles.courant.com/20o6-02-28/news/o6o228oi43-i-patriot-act-national- security-agency-information-security-oversightoffice.
243. N. J. Media Grp., Inc. v. Ashcroft, 308 F.3d 198, 219 (3d Cir. 2002).
244. See HANNA FENICHEL PITKIN, THE ATTACK OF THE BLOB: HANNAH ARENDT AND THE CONCEPT OF THE SOCIAL 6-7 (1998) ("The real-world problem that Arendt intended her concept of the social to address... concerns the gap between our enormous, still-increasing powers and our apparent helplessness to avert the various disasters-national, regional, and global-looming on our horizon. ").
245. In re City of N. Y., 607 F.3d at 944.
246. See, e.g., N. Y. Times Co. v. United States, 403 U. S. 713, 714 (1971) (permitting newspapers to publish then-classified material, popularly known as the "Pentagon Papers.").
247. Courts are particularly cautious about unearthing the "deep secrets" that may be at the core of a nation's national security strategy. See, e.g., David E. Pozen, Deep Secrecy, 62 STAN. L. REV. 257, 260 (2010) ("Sometimes, outside parties are aware that a secret exists even though they are ignorant of its content-[This is] a shallow secret. Other times, outside parties are unaware of a secret's existence; they are in the dark about the fact that they are being kept in the dark-[This is] a deep secret.").
248. See, e.g., David Kravets, Courts, Congress Shun Addressing Legality of Warrantless Eavesdropping, WIRED (Jan. 29, 2010), http://vvww.wired.com/ threatlevel/2010/01/legality-of-warrantlesseavesdropping/.
249. The existing Civil Liberties Assessment for the State, Local, and Regional Fusion Center Initiative performed by the DHS offers vague promises of compliance with little detail about execution. See CIVIL LIBERTIES IMPACT ASSESSMENT, supra note 35.
250. Frank Partnoy, Financial Derivatives and the Costs of Regulatory Arbitrage, 22 J. CORP. L. 211, 227 (1997) (defining regulatory arbitrage in the financial sector as "transactions designed specifically to reduce costs or capture profit opportunities created by differential regulations or laws").
251. William K. Sjostrom, Jr., The AIG Bailout, 66 WASH. & LEE L. REV. 943, 987-88 (2009) ("The basic definition of insurance is '[a] contract by which one party (the insurer) undertakes to indemnify another party (the insured) against risk of loss, damage, or liability arising from the occurrence of some specified contingency.' A CDS [credit default swap] certainly appears to fall within this definition given that the protection seller contractually agrees to compensate the protection buyer following the occurrence of a credit event. Notwithstanding their insurance-like characteristics, CDSs generally have not been considered insurance for purposes of state insurance regulations and, therefore, have not been subject to these regulations." (first alteration in original) (footnotes omitted)
252. (quoting BLACK'S LAW DICTIONARY 870 (9th ed. 2009)).
253. Roberta S. Karmel, The Future of the Securities and Exchange Commission as a Market Regulator, 78 U. CIN. L. REV. 501, 524 (2010) ("Credit derivatives operate functionally as short sales of bonds with virtually unlimited risks. This is because the buyer of a credit default swap does not have to own the bond or any other debt instrument upon which such a contract is based. So buyers can purchase a 'naked short' on the debt of companies without any restrictions.... The head of the New York State Insurance Department called credit derivatives 'legalized gambling.'"
254. (footnotes omitted) (quoting Shannon D. Harrington, DTCC May Raise Credit-Default Swap Disclosure Amid Criticism, BLOOMBERG (Oct. 31, 2008), http://www.bloomberg.com/apps/news?pid=newsarchive&sid=ailF5ibQBk9w& refer=home)).
255. see also Frank Pasquale, Deregulatory Fundamentalism at OCC, OTS, AND SCOTUS, CONCURRING OPINIONS (Oct. 15, 2008, 9:13 PM), http://www. concurrtagopiriions.com/archives/20o8/io/deregulatory-fu.html (describing the financial institutions' ability to choose the least restrictive regulator of risky activities).
256. See, e.g., Tracy A. Kaye, The Gentle Art of Corporate Seduction: Tax Incentives in the United States and the European Union, 57 U. KAN. L. REV. 93, 117 (2008) ("By fostering a 'race to the bottom' in which states must continually increase tax incentives in order to lure businesses, tax competition undermines the ability of state and local government to finance the investments in public education and infrastructure that provide the foundation for future economic growth.").
257. Installation of Slot Mach. on U. S. Naval Base Guantanamo Bay, 6 OP. O. L. C. 236, 238 (1982) (finding that the station at Guantanamo is not a "possession" of the United States);
258. Customs Duties-Goods Brought into U. S. Naval Station at Guantanamo Bay, Cuba, 35 Op. Att'y Gen. 536, 537 (1929) (analyzing Guantanamo's status in the context of a review of other military bases);
259. JANE MAYER, THE DARK SIDE: THE INSIDE STORY OF HOW THE WAR ON TERROR TURNED INTO A WAR ON AMERICAN IDEALS 139 (2008) (describing "black sites");
260. Gerald L. Neuman, Anomalous Zones, 48 STAN. L. REV. 1197, 1197 (1996); (Pubitemid 126406376)
261. Johan Steyn, Guantanamo Bay: The Legal Black Hole, 53 INT'L & COMP. L. Q. 1, 1 (2004).
262. The DHS has dismissed concerns about regulatory arbitrage, noting that fusion centers would adopt written privacy policies that "should be consistent with the guidance issued by the PM-ISE, and to the extent possible clearly delineate authorities for each fusion center participant to eliminate the potential for 'policy shopping' raised by one critic." PRIVACY IMPACT ASSESSMENT, supra note 7, at 27.
263. PAUL R. VERKUIL, OUTSOURCING SOVEREIGNTY 5 (2007) ("Political officials, who are appointed for short periods and enter service through the famous revolving door, sometimes utilize outsourcing both as a means of getting results and as a way of preserving later career opportunities. Homeland Security seems to be the paradigm case.... More than two-thirds of the Department's most senior executives... have moved to private positions, some with companies who receive lucrative contracts from the agency.").
264. PHILIP B. HEYMANN & JULIETTE N. KAYYEM, PROTECTING LIBERTY IN AN AGE OF TERROR 112 (2005).
265. Id. ("[PIAB] is an entity that exists in order to provide the president with essential information regarding intelligence and national security matters."). The board was known as the President's Foreign Intelligence Advisory Board (PFIAB) from May 4, 1961 to February 29, 2008, when President George W. Bush renamed it the President's Intelligence Advisory Board. Exec. Order No. 13462, 73 Fed. Reg. 11, 805 (Mar. 4, 2008) ("References in Executive Orders other than this order, or in any other presidential guidance, to the 'President's Foreign Intelligence Advisory Board' shall be deemed to be references to the President's Intelligence Advisory Board established by this order."). The name change reflects the expanding focus of intelligence agencies to gather not only foreign, but also domestic intelligence.
266. Exec. Order No. 12, 863, 3 C. F. R. 632 (1993);
267. Exec. Order No. 12, 334, 46 Fed. Reg. 59, 955 (1981);
268. David Everett Colton, Comment, Speaking Truth to Power: Intelligence Oversight in an Imperfect World, 137 U. PA. L. REV. 571, 611, n. 177. ("The PFIAB is composed of prominent citizens who serve at the pleasure of the President. The PFIAB is charged with monitoring the performance, organizations, personnel, collection, or evaluation of intelligence within the intelligence community."). Colton complained that, during the 1980s, "The PFIAB is sadly lacking in power and prestige."
269. Id. However, a more recent assessment has been more positive. Kenneth Michael Absher et al., Getting on Board: How an Obscure Panel Could Fix the U. S. Intelligence Community, FOREIGN AFF. (Sept. 17, 2009), http://www. foreignaffairs.com/print/65415 ("The PIAB is a unique presidential asset that, if properly employed, could help identify and meet the intelligence challenges that future presidents will face.").
270. HEYMANN & KAYYEM, supra note 296, at 113. Some commentators go further, arguing that the data mining issue demands an "independent privacy agency." Francesca Bignami, European Versus American Liberty: A Comparative Privacy Analysis of Antiterrorism Data Mining, 48 B. C. L. REV. 609, 696-97 (2007).
271. The Foreign Intelligence Surveillance Court is a secret court that consists of eleven district court judges, at least three of whom must live within twenty miles of the District of Columbia. See 50 U. S. C. § 1803 (a) (Supp. 111 2009).
272. Pub L. No. 95-511, 92 Stat 1783
273. (codified in scattered sections of 50 U. S. C. (2006)).
274. Daniel J. Malooly, Physical Searches Under FISA: A Constitutional Analysis, 35 AM. CRIM. L. REV. 411, 413-14 (1998). (Pubitemid 128421762)
275. This would not be an insurmountable barrier to participation since an "estimated 854, 000 people... hold top-secret security clearances." Dana Priest & William M. Arkin, A Hidden World, Growing Beyond Control, WASH. POST, July 19, 2010, at A1.
276. Editorial, The Overgrowth of Intelligence Programs Since Sept. II, WASH. POST, July 22, 2010, at A18 (reporting Clapper's response to questions at his Senate confirmation hearing).
277. Homeland security managers have recognized the importance of improving interagency relationships. See, e.g., Kenneth E. Christopher et al., Domestic Federal Interagency Planning: Meeting a Homeland Security Need, 7 (1) J. HOMELAND SECURITY & EMERGENCY MGMT. 20 (Apr. 2010) at 11 (recommending "enhanced interagency planning capability").
278. The Administrative Procedure Act does not attempt to formalize interagency cooperation, which is mainly accomplished via ad hoc Memoranda of Understanding and other informal modes of cooperation. Neal Kumar Katyal, Internal Separation of Powers: Checking Today's Most Dangerous Branch from Within, 115 YALE L. J. 2314, 2327 (2006) (discussing overlapping agency authority).
279. See, e.g., Christopher S. Yoo, Can Interagency Dialogue Serve as the New Separation of Powers?, 116 YALE L. J. POCKET PART 131, 132 (2006) (discussing extant "multi-agency consultations").
280. 12 C. F. R. pt. 34, app. A to subpt. D (2010);
281. C. F. R. pt. 208, app. C (2010);
282. C. F. R. pt. 365 (2010).
283. Real Estate Lending Standards, 57 Fed. Reg. 62, 890, 62, 890 (Dec. 31, 1992).
284. BETHANY MCLEAN & JOE NOCERA, ALL THE DEVILS ARE HERE: THE HIDDEN HISTORY OF THE FINANCIAL CRISIS 94 (2010) ("'[G]uidance' was only guidance, which lenders could adopt or ignore as they saw fit, depending on how zealously the regulators enforced it. No antipredatory lending bill was ever passed; no strictures against most of the practices were ever enforced; no serious effort was ever made to make financial institutions pay more attention to the loans they were buying and securitizing.").
285. Arthur E. Wilmarth, Jr., The OCC's Preemption Rules Exceed the Agency's Authority and Present a Serious Threat to the Dual Banking System and Consumer Protection, 23 ANN. REV. BANKING & FIN. L. 225, 226 (2004).
286. Elizabeth Warren, The Growing Threat to Middle Class Families, 69 BROOK. L. REV.; 401, 402 (2004) [hereinafter Warren, Growing Threat];
287. Elizabeth Warren, Unsafe at Any Rate, 5 DEMOCRACY: J. IDEAS 8, 8-9 (2007) [hereinafter Warren, Unsafe].
288. Warren, Growing Threat, supra note 316;
289. Warren, Unsafe, supra note 316;
290. see also Robert Gnaizda, Robert Gnaizda: My Crime Was Not Curbing the Guilty, OPPOSING VIEWPOINTS (Jan. 6, 2011), http://www.opposingviews.com/i/ robert-gnaizda-my-crime-was-not-curbing-the-guilty ("In 1999 and in 2000, we met with Fed Chairman Alan Greenspan to criticize the Federal Reserve's laissez-faire attitude toward the major subprime lenders, such as Ameriquest. We asked that Greenspan urge all major financial institutions to set a fiduciary 'gold standard' that could effectively compete with and possibly eliminate the unregulated subprime industry. The chairman refused. Stymied by both the Clinton and Bush administrations' refusal to act, we failed to continue to protest publicly. A big mistake. In 2004, we convened a meeting with the 15 largest financial institutions engaged in adjustable-rate mortgages, including Countrywide, to urge that they substantially revise and raise their standards due to the dangers of adjustable-rate mortgages, including option ARMs. Getting no support, we met with Greenspan in July 2004 to specifically complain about these practices and used Countrywide as a prime example. Greenspan stated that he had reviewed our documents and that, even with a doctorate in math, you could not understand these mortgages. But he refused to do anything.").
291. RICHARD A. POSNER, A FAILURE OF CAPITALISM: THE CRISIS OF '08 AND THE DESCENT INTO DEPRESSION (2009);
292. see also NICOLE GEUNAS, AFTER THE FALL: SAVING CAPITALISM FROM WALL STREET-AND WASHINGTON 150 (2009) (reporting that Federal Reserve chairman Ben Bernanke warned during the third week of September 2008 that "there will be no economy on Monday" if bailouts of key institutions were not arranged).
293. Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010, Pub. L. No. 111-203, 124 Stat. 1376 (2010).
294. 12 U. S. C. § 5481.
295. Viral V. Acharya et al., Measuring Systemic Risk, in REGULATING WALL STREET. THE DODD-FRANK ACT AND THE NEW ARCHITECTURE OF GLOBAL FINANCE 87, 89-94 (Viral V. Acharya et al. eds., 2011).
296. Dodd-Frank Act, § 112, 124 Stat, at 1398-98.
297. SKADDEN, ARPS, SLATE, MEAGHER, & FLOM LLP, CONSUMER PROTECTION PROVISIONS IN THE DODD-FRANK WALL STREET REFORM AND CONSUMER PROTECTION ACT 1 (2010).
298. F. J. Ornstein et al., Interagency Statement on Subprime Mortgage Lending, 61 CONSUMER FIN. L. Q. REP. 176, 178 (2007) (discussing state of the law prior to enactment of the Dodd-Frank Act).
299. SKADDEN LLP, supra note 326, at 4.
300. 12 U. S. C § 5311 (2010) (describing the FSOC, also frequently referred to as the "Systemic Risk Council").
301. Matthew C. Waxman, Police and National Security: American Local Law Enforcement and Counterterrorism After 9/11, 3 J. NAT'L SECURITY L. & POL'Y 377, 396 (2009).
302. George W. Bush, President of the U. S., Remarks at the National Day of Prayer and Remembrance at Episcopal National Cathedral (Sept. 14, 2001), transcript available at http://georgewbush-whitehouse.archives.gov/news/ releases/2001/09/200xo914-2.html.