Big Brother IT: DRM, Monitoring and Profiling

After 9/11 and after the Enron follies, more security (and, concomitantly, less privacy) became the order of the day. Right now, to the concern of some and the delight of others, formerly niche monitoring and tracking technology applications are being repurposed for more general, widespread use. Here are three you will encounter in 2003.

1. Digital rights management (DRM). “This will be huge,” says Chris Hoofnagle, legislative counsel for the Electronic Privacy Information Center (EPIC) in Washington, D.C. Applications in the general area of DRM can turn off copy-and-paste functions, inhibit the forwarding of e-mail and prevent documents from being printed. In addition, these apps usually provide the ability to track who has done what to any document. DRM is not new, but in 2003 it will be applied far more broadly than ever.

Corporate scandals have surely driven the proliferation of DRM apps, but the everyday leaking of proprietary data over the Internet is as much to blame. “We’ve talked to human resources departments, and they say they are literally afraid to give data to their employees,” says Jeffrey Melvin, CEO of Rovia in Cambridge, Mass., one of the companies packaging DRM software.

2. Defense-grade monitoring for the enterprise. “You’ll see a lot of defense companies turning to the enterprise this year,” says Hoofnagle. Lexington, Mass.-based defense contractor Raytheon, for example, turned a military-grade espionage application, SilentRunner, into a wholly owned spin-off in October 2001, and the new company hit the ground running with a suite of monitoring products with the same name.

SilentRunner provides high-end packet sniffing. It’s similar to the FBI’s famous Carnivore program but, many say, even more effective. SilentRunner “n-gram” analysis identifies and tracks similar documents without using keywords. In other words, even if you try to hide the fact that your memo is sensitive by changing all the identifying words or phrases, SilentRunner can still spot it.

3. Enhanced passenger profiling. Airlines have used computer profiling for years, but their programs were keyed only to an individual’s history with the airlines. No longer. The Transportation Security Administration is working on an enhanced version of its Computer Assisted Passenger Prescreening System, called CAPPS II. This new version will check everything the old system did?if, say, you bought a one-way ticket at the last minute or if you paid cash?but it will also link to all sorts of databases to pull out and check such information as your mailing address, recent purchases, driving record, criminal history and credit rating.

Does all this go too far or is it simply a rational response to the world we now live in? Whatever your position, there’s little doubt that the debate?and the technology?will heat up this year.