Designing Technical Systems to Support Policy: Enterprise Architecture, Policy Appliances, and Civil Liberties
K. A. Taipale
Center for Advanced Studies in Science and Technology Policy
21st CENTURY INFORMATION TECHNOLOGIES AND ENABLING POLICIES FOR COUNTER-TERRORISM, Robert Popp and John Yen, eds., IEEE Press, 2005
It has become cliche to describe the relationship between security and liberty as one requiring the achievement of some optimal balance between two competing and irreconcilable needs. But such cliche is metaphorically misleading. There is no fulcrum point - as is implicit in the balance metaphor - at which point the correct amount of security and liberty can be achieved. Security and liberty are not dichotomous rivals to be traded one for another in a zero sum game. Rather, security and liberty are dual obligations of a liberal republic and each must be maximized within the constraints imposed by the other.
The events and subsequent investigations of 9/11 have highlighted the national security need for better information management, and for new technologies and techniques to improve collection, information sharing, and data analysis in counterterrorism applications. The need to manage vast data volumes and better "connect the dots" is uncontroverted and has been explicitly set out in a series of executive orders, national strategy documents, committee reports, and legislation.
However, emergent information technologies that can enable such improved information management and analysis processes also challenge traditional policy doctrines and legal structures premised in part on protecting individual liberty by maintaining privacy through the "practical obscurity" arising from inefficiencies in information acquisition, access, management, and analysis. Thus, to some observers, improving the ability of government agencies to "connect the dots" is seen to be in political conflict with the notion of keeping the power to "connect the dots" out of any one hand, particularly that of the central government. The result, as evidenced in the public debate, is a presumed implacable antagonism between security and privacy.
This chapter discusses policy-enabling systems design (the Policy Appliance Reference Model) based on an enterprise architecture for knowledge management (a lifecycle approach to managing information from production to consumption as a product to support information process needs) that includes policy appliances (technical control mechanisms to enforce policy rules and ensure accountability in information systems), interacting with smart data (data that carries with it contextual relevant terms for its own use) and intelligent agents (queries that are self-credentialed, authenticating, or contextually adaptive).
This chapter provides an overview of the relationship between emerging policy process models, existing legal doctrines, and technical design choice in order to better understand the interdependence of technical architecture and policy implementation.
Keywords: information sharing, counterterrorism, privacy, civil liberties, national security
JEL Classification: K42
Date posted: April 29, 2005