The "Terrorism" Information Awareness Initiative

  • Smaller Small Medium Big Bigger
  • Default Helvetica Segoe Georgia Times

Last month's article looked at Trusted Computing and how we might be affected by it. This month, I look at the federal government's efforts to combat terrorism through the use of data, computers, and related technologies and how this affects us as computer professionals.

A Code of Ethics for Computer Professionals

Like people in some other professions, we computer engineers, programmers, and whatnot have to be blindly trusted by society because nobody understands what we do. To help us with this, the Association for Computing Machinery (ACM) long ago defined standards of ethics by which computer professionals should conduct themselves. Founded in 1947, the ACM is the oldest and most esteemed computer society in the world.

The ACM Code of Ethics and Professional Conduct is a collection of 24 imperatives for people who work with computers and data, describing how we should behave under most situations we're likely to face. Imperative number 1 states: "As an ACM member I will contribute to society and human well-being... [and] affirm an obligation to protect fundamental human rights and to respect the diversity of all cultures." Imperative number 7 says: "As an ACM member I will respect the privacy of others... [and] maintain the privacy and integrity of data describing individuals."

The IAO and the TIA

With that said, let's take a look at the U.S. government's Information Awareness Office (IAO). The IAO (whose Latin motto scientia est potential means "knowledge is power") is the federal agency mandated with collecting and analyzing data and is the owner of the Terrorism Information Awareness (TIA) initiative. "TIA" originally stood for "Total Information Awareness," but this name suggested an invasion of citizen privacy by the federal government (collecting your "dossier" and all that). The name was changed in 2003 to "Terrorism Information Awareness," with some funding going to a new faction of TIA called MATRIX (Multistate Anti-Terrorism Information Exchange.)

TIA and MATRIX consist of more than a dozen surveillance and security applications being developed by several branches of government. According to the Defense Advanced Research Projects Agency (DARPA), "The applications are designed to detect suspicious behavior in clusters of people, to identify people in public places, and to determine patterns of behavior by analyzing databases of information." The full TIA prototype is expected in 2007 to 2009.

A central component of TIA is the ability to identify suspects through characteristics of the face and body. High-resolution 3D images are collected and analyzed for dozens of identifying features, including how someone walks. Software called Human Identification at a Distance can identify a person from as far away as 500 feet. Another component, Next Generation Face Technology, uses high-resolution 3D images to read people's faces and determine if they're telling the truth. DARPA also has plans to develop radar, thermal, and infrared sensing to examine human features from side angles, even in bad weather.

Data Analysis by the Government

Perhaps the most controversial TIA ambition is to identify threatening individuals by analyzing databases of information. This project seeks to detect potential terrorists through the transaction records and public records they create while going about their evil business. That is, collected data would include public information like immigration records, licensing, and tax data as well as less-public information like credit card bills, grocery store transactions, education records, airline tickets, car rentals, and utility bills. The government's intent is to establish profiles for terrorists and see who fits them, hoping to identify likely offenders. DARPA claims the data would not be released to others and that the data is already available to businesses anyway.

Not Everyone Is a TIA Fan

Critics of TIA advise caution. Data errors like a misspelled name could result in someone coming under suspicion by mistake. (Once the FBI comes into your place of work and arrests you, even by mistake, others seem to treat you differently from then on.) And perhaps more disturbing, there probably will be no government obligation to correct errors, once found. In a recent decision, the Justice Department ruled the FBI is exempt from the Privacy Act of 1974. That means the FBI does not have to ensure the accuracy of information contained in its National Crime Information Center database.

The IAO touts TIA as a system that will merit our confidence. They say the conclusions drawn by TIA data analysis will be accurate and effective. However, hidden within their assurance is another message. It says that since they think TIA can be trusted, if TIA says you're a terrorist, then you're a terrorist. As with all security systems, the more trusted TIA is, the more vulnerable it is. If TIA is thought to be accurate, yet it falsely identifies an innocent person as threatening, the damage to the person could be irreparable.

"I don't want someone knowing all my movements and everything I've done all day," said Jay Stanley, speaking for the Technology and Liberty Program at the ACLU. "I don't even want that to be recorded. It will change how I act. It will make me less free."

Senator Russ Feingold introduced legislation in January of 2003 to discontinue the TIA projects and other activities of the IAO until Congress could hold a review of the privacy concerns involved. Senator Ron Wyden brought similar legislation that would prevent the IAO from operating within the United States unless specifically authorized by Congress. Further, Senator Wyden's bill would shut the IAO down entirely 60 days after passage unless the Pentagon prepared a report "assessing the impact of IAO activities on individual privacy and civil liberties, or the President certified the program's research as vital to national security interests."

In Congress, legislation was passed in February of 2003 halting activities of the IAO pending a Congressional report of the office's activities. Action in the Congress to attempt to halt a specific internal Department of Defense project occurs extremely rarely, underscoring the grave threat to civil liberties and privacy that many lawmakers perceive in the IAO.

The Dilemma of Privacy Versus Security

When applying imperatives of professional conduct to TIA, there can be no way to separate the ordinary citizens from those who wish us ill based on physical appearance or data analysis. An innocent person may look like a terrorist. A terrorist will walk like an ordinary citizen. A law-abiding exchange student may create the very same public and private transaction records that a terrorist does. The question, then, becomes one of degrees. Persons who fit within a certain level of classifying criteria may be identified as potential threats to the nation. Conversely, terrorists who can successfully avoid trigger transactions may be included in the "non-threatening" group.

On the other hand, few among us would begrudge the loss of a little privacy if it meant the prevention of tragic events and the consequential human suffering. Under one approach to ethics, where the common good is weighed against individual rights, it could be argued that privacy advocates are reacting emotionally and are failing to see the bigger picture. Sure, some mistakes may be made, but the overall benefit to society surely outweighs the occasional individual tragedy.

This issue is a tough nut to crack. Even if we subscribe to the notion that the common good should prevail, how do we know we're not giving up our privacy for nothing? Maybe we're just kidding ourselves with these types of security measures; the bad guys can still find a way.

For computer professionals, the problem is compounded because we're supposed to do what our employers, be they in business or government, want us to, yet their goals may be contrary to the accepted code of ethics. How are we supposed to know when the government agency we work for has overstepped its mandate or the business we work for has violated tenets of privacy? It's hard to say where the line should be drawn, but at some point, it must be. For example, what if our employer decides that we should write a virus that targets a competitor or we should create spyware and sell the data? Sometimes you encounter an employer that you must get away from but at least you can take your ethics with you.

Chris Peters has 26 years of experience in the IBM midrange and PC platforms. Chris is president of Evergreen Interactive Systems, a software development firm and creators of the iSeries Report Downloader. Chris is the author of The OS/400 and Microsoft Office 2000 Integration Handbook, The AS/400 TCP/IP Handbook, AS/400 Client/Server Programming with Visual Basic, and Peer Networking on the AS/400 (MC Press). He is also a nationally recognized seminar instructor. Chris can be reached at This email address is being protected from spambots. You need JavaScript enabled to view it..

Chris Peters has 32 years of experience with IBM midrange and PC platforms. Chris is president of Evergreen Interactive Systems, a software development firm and creators of the iSeries Report Downloader. Chris is the author of i5/OS and Microsoft Office Integration Handbook, AS/400 TCP/IP Handbook, AS/400 Client/Server Programming with Visual Basic, and Peer Networking on the AS/400. He is also a nationally recognized seminar instructor and a lecturer in the Computer Science department at Eastern Washington University. Chris can be reached at

MC Press books written by Chris Peters available now on the MC Press Bookstore.

i5/OS and Microsoft Office Integration Handbook i5/OS and Microsoft Office Integration Handbook
Harness the power of Office while exploiting the i5/iSeries database.
List Price $79.95

Now On Sale



Support MC Press Online





  • White Paper: Node.js for Enterprise IBM i Modernization

    SB Profound WP 5539

    If your business is thinking about modernizing your legacy IBM i (also known as AS/400 or iSeries) applications, you will want to read this white paper first!

    Download this paper and learn how Node.js can ensure that you:
    - Modernize on-time and budget - no more lengthy, costly, disruptive app rewrites!
    - Retain your IBM i systems of record
    - Find and hire new development talent
    - Integrate new Node.js applications with your existing RPG, Java, .Net, and PHP apps
    - Extend your IBM i capabilties to include Watson API, Cloud, and Internet of Things

    Read Node.js for Enterprise IBM i Modernization Now!


  • Profound Logic Solution Guide

    SB Profound WP 5539More than ever, there is a demand for IT to deliver innovation.
    Your IBM i has been an essential part of your business operations for years. However, your organization may struggle to maintain the current system and implement new projects.
    The thousands of customers we've worked with and surveyed state that expectations regarding the digital footprint and vision of the companyare not aligned with the current IT environment.

    Get your copy of this important guide today!


  • 2022 IBM i Marketplace Survey Results

    Fortra2022 marks the eighth edition of the IBM i Marketplace Survey Results. Each year, Fortra captures data on how businesses use the IBM i platform and the IT and cybersecurity initiatives it supports.

    Over the years, this survey has become a true industry benchmark, revealing to readers the trends that are shaping and driving the market and providing insight into what the future may bring for this technology.

  • Brunswick bowls a perfect 300 with LANSA!

    FortraBrunswick is the leader in bowling products, services, and industry expertise for the development and renovation of new and existing bowling centers and mixed-use recreation facilities across the entertainment industry. However, the lifeblood of Brunswick’s capital equipment business was running on a 15-year-old software application written in Visual Basic 6 (VB6) with a SQL Server back-end. The application was at the end of its life and needed to be replaced.
    With the help of Visual LANSA, they found an easy-to-use, long-term platform that enabled their team to collaborate, innovate, and integrate with existing systems and databases within a single platform.
    Read the case study to learn how they achieved success and increased the speed of development by 30% with Visual LANSA.


  • The Power of Coding in a Low-Code Solution

    LANSAWhen it comes to creating your business applications, there are hundreds of coding platforms and programming languages to choose from. These options range from very complex traditional programming languages to Low-Code platforms where sometimes no traditional coding experience is needed.
    Download our whitepaper, The Power of Writing Code in a Low-Code Solution, and:

    • Discover the benefits of Low-code's quick application creation
    • Understand the differences in model-based and language-based Low-Code platforms
    • Explore the strengths of LANSA's Low-Code Solution to Low-Code’s biggest drawbacks



  • Why Migrate When You Can Modernize?

    LANSABusiness users want new applications now. Market and regulatory pressures require faster application updates and delivery into production. Your IBM i developers may be approaching retirement, and you see no sure way to fill their positions with experienced developers. In addition, you may be caught between maintaining your existing applications and the uncertainty of moving to something new.
    In this white paper, you’ll learn how to think of these issues as opportunities rather than problems. We’ll explore motivations to migrate or modernize, their risks and considerations you should be aware of before embarking on a (migration or modernization) project.
    Lastly, we’ll discuss how modernizing IBM i applications with optimized business workflows, integration with other technologies and new mobile and web user interfaces will enable IT – and the business – to experience time-added value and much more.


  • UPDATED: Developer Kit: Making a Business Case for Modernization and Beyond

    Profound Logic Software, Inc.Having trouble getting management approval for modernization projects? The problem may be you're not speaking enough "business" to them.

    This Developer Kit provides you study-backed data and a ready-to-use business case template to help get your very next development project approved!

  • What to Do When Your AS/400 Talent Retires

    FortraIT managers hoping to find new IBM i talent are discovering that the pool of experienced RPG programmers and operators or administrators is small.

    This guide offers strategies and software suggestions to help you plan IT staffing and resources and smooth the transition after your AS/400 talent retires. Read on to learn:

    • Why IBM i skills depletion is a top concern
    • How leading organizations are coping
    • Where automation will make the biggest impact


  • Node.js on IBM i Webinar Series Pt. 2: Setting Up Your Development Tools

    Profound Logic Software, Inc.Have you been wondering about Node.js? Our free Node.js Webinar Series takes you from total beginner to creating a fully-functional IBM i Node.js business application. In Part 2, Brian May teaches you the different tooling options available for writing code, debugging, and using Git for version control. Attend this webinar to learn:

    • Different tools to develop Node.js applications on IBM i
    • Debugging Node.js
    • The basics of Git and tools to help those new to it
    • Using as a pre-built development environment



  • Expert Tips for IBM i Security: Beyond the Basics

    SB PowerTech WC GenericIn this session, IBM i security expert Robin Tatam provides a quick recap of IBM i security basics and guides you through some advanced cybersecurity techniques that can help you take data protection to the next level. Robin will cover:

    • Reducing the risk posed by special authorities
    • Establishing object-level security
    • Overseeing user actions and data access

    Don't miss this chance to take your knowledge of IBM i security beyond the basics.



  • 5 IBM i Security Quick Wins

    SB PowerTech WC GenericIn today’s threat landscape, upper management is laser-focused on cybersecurity. You need to make progress in securing your systems—and make it fast.
    There’s no shortage of actions you could take, but what tactics will actually deliver the results you need? And how can you find a security strategy that fits your budget and time constraints?
    Join top IBM i security expert Robin Tatam as he outlines the five fastest and most impactful changes you can make to strengthen IBM i security this year.
    Your system didn’t become unsecure overnight and you won’t be able to turn it around overnight either. But quick wins are possible with IBM i security, and Robin Tatam will show you how to achieve them.

  • Security Bulletin: Malware Infection Discovered on IBM i Server!

    SB PowerTech WC GenericMalicious programs can bring entire businesses to their knees—and IBM i shops are not immune. It’s critical to grasp the true impact malware can have on IBM i and the network that connects to it. Attend this webinar to gain a thorough understanding of the relationships between:

    • Viruses, native objects, and the integrated file system (IFS)
    • Power Systems and Windows-based viruses and malware
    • PC-based anti-virus scanning versus native IBM i scanning

    There are a number of ways you can minimize your exposure to viruses. IBM i security expert Sandi Moore explains the facts, including how to ensure you're fully protected and compliant with regulations such as PCI.



  • Encryption on IBM i Simplified

    SB PowerTech WC GenericDB2 Field Procedures (FieldProcs) were introduced in IBM i 7.1 and have greatly simplified encryption, often without requiring any application changes. Now you can quickly encrypt sensitive data on the IBM i including PII, PCI, PHI data in your physical files and tables.
    Watch this webinar to learn how you can quickly implement encryption on the IBM i. During the webinar, security expert Robin Tatam will show you how to:

    • Use Field Procedures to automate encryption and decryption
    • Restrict and mask field level access by user or group
    • Meet compliance requirements with effective key management and audit trails


  • Lessons Learned from IBM i Cyber Attacks

    SB PowerTech WC GenericDespite the many options IBM has provided to protect your systems and data, many organizations still struggle to apply appropriate security controls.
    In this webinar, you'll get insight into how the criminals accessed these systems, the fallout from these attacks, and how the incidents could have been avoided by following security best practices.

    • Learn which security gaps cyber criminals love most
    • Find out how other IBM i organizations have fallen victim
    • Get the details on policies and processes you can implement to protect your organization, even when staff works from home

    You will learn the steps you can take to avoid the mistakes made in these examples, as well as other inadequate and misconfigured settings that put businesses at risk.



  • The Power of Coding in a Low-Code Solution

    SB PowerTech WC GenericWhen it comes to creating your business applications, there are hundreds of coding platforms and programming languages to choose from. These options range from very complex traditional programming languages to Low-Code platforms where sometimes no traditional coding experience is needed.
    Download our whitepaper, The Power of Writing Code in a Low-Code Solution, and:

    • Discover the benefits of Low-code's quick application creation
    • Understand the differences in model-based and language-based Low-Code platforms
    • Explore the strengths of LANSA's Low-Code Solution to Low-Code’s biggest drawbacks



  • The Biggest Mistakes in IBM i Security

    SB Profound WC Generic The Biggest Mistakes in IBM i Security
    Here’s the harsh reality: cybersecurity pros have to get their jobs right every single day, while an attacker only has to succeed once to do incredible damage.
    Whether that’s thousands of exposed records, millions of dollars in fines and legal fees, or diminished share value, it’s easy to judge organizations that fall victim. IBM i enjoys an enviable reputation for security, but no system is impervious to mistakes.
    Join this webinar to learn about the biggest errors made when securing a Power Systems server.
    This knowledge is critical for ensuring integrity of your application data and preventing you from becoming the next Equifax. It’s also essential for complying with all formal regulations, including SOX, PCI, GDPR, and HIPAA
    Watch Now.

  • Comply in 5! Well, actually UNDER 5 minutes!!

    SB CYBRA PPL 5382

    TRY the one package that solves all your document design and printing challenges on all your platforms.

    Produce bar code labels, electronic forms, ad hoc reports, and RFID tags – without programming! MarkMagic is the only document design and print solution that combines report writing, WYSIWYG label and forms design, and conditional printing in one integrated product.

    Request your trial now!

  • Backup and Recovery on IBM i: Your Strategy for the Unexpected

    FortraRobot automates the routine tasks of iSeries backup and recovery, saving you time and money and making the process safer and more reliable. Automate your backups with the Robot Backup and Recovery Solution. Key features include:
    - Simplified backup procedures
    - Easy data encryption
    - Save media management
    - Guided restoration
    - Seamless product integration
    Make sure your data survives when catastrophe hits. Try the Robot Backup and Recovery Solution FREE for 30 days.

  • Manage IBM i Messages by Exception with Robot

    SB HelpSystems SC 5413Managing messages on your IBM i can be more than a full-time job if you have to do it manually. How can you be sure you won’t miss important system events?
    Automate your message center with the Robot Message Management Solution. Key features include:
    - Automated message management
    - Tailored notifications and automatic escalation
    - System-wide control of your IBM i partitions
    - Two-way system notifications from your mobile device
    - Seamless product integration
    Try the Robot Message Management Solution FREE for 30 days.

  • Easiest Way to Save Money? Stop Printing IBM i Reports

    FortraRobot automates report bursting, distribution, bundling, and archiving, and offers secure, selective online report viewing.
    Manage your reports with the Robot Report Management Solution. Key features include:

    - Automated report distribution
    - View online without delay
    - Browser interface to make notes
    - Custom retention capabilities
    - Seamless product integration
    Rerun another report? Never again. Try the Robot Report Management Solution FREE for 30 days.

  • Hassle-Free IBM i Operations around the Clock

    SB HelpSystems SC 5413For over 30 years, Robot has been a leader in systems management for IBM i.
    Manage your job schedule with the Robot Job Scheduling Solution. Key features include:
    - Automated batch, interactive, and cross-platform scheduling
    - Event-driven dependency processing
    - Centralized monitoring and reporting
    - Audit log and ready-to-use reports
    - Seamless product integration
    Scale your software, not your staff. Try the Robot Job Scheduling Solution FREE for 30 days.