Since terrorists attacked the United States\u00a0on Sept. 11, 2001, the government has begun a robust, and oft-criticized, electronic-surveillance program, but other IT-related security projects designed to thwart terrorism have made little progress. Better cybersecurity leadership, more cargo scanning on airplanes and ships, and interoperable communications networks for emergency response agencies have all developed slowly. In some cases, fights in Congress have slowed progress, or the U.S. government has focused on other priorities. In other cases, the cost of IT projects has been an issue.\n\n\n\n\n\n\n\n\n\nNYC on 9\/11\/01The fifth anniversary of the attacks will focus attention as much on what has not been accomplished to protect the United States\u00a0from future attacks as on what has been, chiefly the surveillance system. In recent months, civil liberties groups have protested the shadowy electronic-surveillance program run by the U.S. National Security Agency (NSA), with alleged cooperation from large telecommunications carriers. U.S. President George Bush has defended the program as necessary and legal, even as critics point out the NSA is spying on U.S. residents without court orders.Critics say the emphasis on surveillance instead of other technology has led to an invasion of innocent people\u2019s privacy and has not improved the nation\u2019s security.\n\n\n\n\n\n\n\n\n\nNYC in 2006The Electronic Frontier Foundation (EFF), leading a lawsuit against AT&T for its alleged participation in the NSA surveillance program, says some U.S. FBI agents have complained about the quality of the leads generated by the program. \u201cIt\u2019s like, \u2018Oh great, more calls to Pizza Hut,\u2019 \u201d said Kevin Bankston, an EFF staff attorney. \u201cThis many may not help us connect the dots; it may just be creating more dots.\u201dBut there hasn\u2019t been a major outcry about the NSA program from U.S. residents, with a common attitude being that innocent people should have nothing to hide. \u201cI worry that a lot of people are speaking out of fear,\u201d Bankston said. \u201cYou wouldn\u2019t want government cameras installed in your bedroom or your bathroom, not because you\u2019re doing anything wrong there, but because there are areas of our lives that should be private.\u201dThe biggest change since Sept. 11 is this culture of surveillance, added Jim Dempsey, policy director at the Center for Democracy and Technology, an advocacy group focused on civil liberties online. Congress\u2019 quick passage of the Patriot Act following Sept. 11 generated huge debates about its expansion of law enforcement powers, but the NSA program happened without congressional approval, he said.\u201cAll the ink that was spilled over the Patriot Act is irrelevant \u2026 if the president says he\u2019ll do what he wants,\u201d Dempsey added. Combined with technology advances in areas such as storage, location awareness and facial recognition, these expanded government powers create \u201ca pretty wholesale assault on privacy.\u201dThe Bush administration has defended its tactics, with the president saying this month that the government\u2019s counterterrorism efforts have subverted a number of plots since 9\/11, including an anthrax attack and an airplane hijacking plan.The NSA surveillance program \u201chelps protect Americans,\u201d Bush said in a speech Thursday. He called on Congress to derail court challenges to the NSA program by passing laws approving the program. \u201cIf an al-Qaida commander is calling the United States, we need to know why they\u2019re calling,\u201d he said.In three other IT-related areas, progress has been slow.CybersecurityIT security groups have called for greater U.S. government emphasis on cybersecurity. In July 2005, U.S. Department of Homeland Security (DHS) Secretary Michael Chertoff announced plans to create a high-level position, assistant secretary for cybersecurity, but that position remains unfilled, despite pressure from IT groups.In addition, the DHS has never scored above an "F" in the federal government\u2019s annual computer security assessment. Another agency that has consistently pulled in "F\u2019s" is the U.S. Department of Veterans Affairs, which was roiled earlier this year following a massive data breach. Part of the problem is that the government is simply not as interested as it should be in paying for online defense, according to Marcus Sachs, a former Bush administration adviser on Internet security. "It\u2019s kind of hard to convince the Congress to continue to fund cybersecurity efforts when the entire nation is shaking in its boots over chemical weapons and dirty bombs," said Sachs, who now works for SRI International, a research organization in Menlo Park, Calif. "We\u2019ve not had any attributable cyberstuff that you could trace back to terrorism. ... It\u2019s hard to make a case as to why we need to be worried about it."Those kinds of attacks may still come, said O. Sami Saydjari, founder and president of Cyber Defense Agency, an IT security research and consulting firm in Wisconsin Rapids, Wis. Just one massive cyberattack would boost U.S. cyberdefense spending, but a major attack could cost U.S. businesses up to US$1 trillion, he said.The technology to sufficiently harden U.S. cyberdefenses largely exists, but the government needs to create a program to improve the nation\u2019s cybersecurity infrastructure, Saydjari said. \u201cWaiting until we have these attacks is not the time to develop that program,\u201d he added. \u201cEvery year, the [cyber] attacks are better.\u201d Communications interoperability for emergency agenciesSecurity experts, including the 9\/11 Commission, have requested additional radio spectrum so that emergency response agencies can better communicate with each other. During the Sept. 11 attacks, some emergency responders found that their communication systems did not interoperate. More radio spectrum is on the way, but not until February 2009, the deadline Congress set for television stations to vacate the spectrum and move to all-digital broadcasts.During a lengthy congressional debate over the digital TV transition, Sen. John McCain, an Arizona Republican, tried to move up the transition date, arguing emergency responders need the spectrum as soon as possible. But congressional concerns over the timing of commercial auctions for part of the freed spectrum led to the later date. If the auctions were too soon, the spectrum might not sell for the $10 billion Congress has budgeted, opponents of an earlier deadline said.Meanwhile, some emergency response agencies are working with each other to improve interoperability, but those efforts are happening only in \u201cpockets\u201d of the United States, said Steven Jones, executive director of the First Response Coalition, a group advocating for interoperable emergency communications.\u201cThere\u2019s no national strategy to coordinate all these efforts,\u201d Jones said. \u201cNationally speaking, I don\u2019t know that we\u2019re better off than we were five years ago.\u201dCargo scanningHobbled by high costs and slow machines, airlines and cargo ships scan only a fraction of the baggage they carry, leaving their passengers at risk of hidden explosives and other weapons, critics say. Most of the 6 billion pounds of cargo shipped on passenger airlines every year is commercial cargo, not checked baggage, and most of those crates and cartons are never scanned, exposing passengers to risk, according to U.S. Rep. Edward Markey, a Massachusetts Democrat. The problem is even greater on commercial shipping venues, with unscanned cargo rolling into the United States\u00a0every year aboard 11.2 million trucks, 2.2 million rail cars and 51,000 cargo ships, according to the DHS.The U.S. Transportation Security Administration, which operates airport security systems, says it faces a dilemma of choosing between inexpensive but inaccurate machines and expensive, high-quality machines.Airport workers now scan baggage with two types of systems. Explosive trace detection machines are affordable\u2014they\u2019re the size of a laser printer and cost a few thousand dollars\u2014but rely on slow and error-prone human workers to collect test samples.In contrast, explosive detection system machines can process up to 500 bags per hour but weigh as much as 17,000 pounds and cost up to $1 million. And airports must invest much more money to insert those machines into their existing baggage conveyor belts to speed the process.Still, officials with the Bush administration insist they\u2019ve made significant progress in fighting terrorism over the past five years. A "network" of law enforcement and intelligence agencies, improved terrorist databases and international cooperation have successfully thwarted multiple terrorist plots, U.S. Attorney General Alberto Gonzales said in a speech Thursday."If there is one thing that all Americans will be thinking and saying when we mark a terrible anniversary on Monday, it will be the simple phrase, \u2018never again,\u2019 " he said. "And the goal of \u2018never again\u2019 cannot be achieved by the federal government alone, by any state government alone, or by any local police force alone. Our network of prevention is instead the key to protecting the American people."-Grant Gross, Ben Ames and Robert McMillan, IDG News Service (Washington Bureau)Check out our CIO News Alerts and Tech Informer pages for more updated news coverage.