GEEK WAR ON TERROR

ANNA is only one of several interesting approaches to melding privacy with data mining. Some hard-line privacy advocates are skeptical: "A switch to anonymize can be set to de-anonymize," says Marc Rotenberg of the Electronic Privacy Information Center. But others see the still-untested system as a significant contribution in the privacy-versus-security debate. "ANNA is the real thing," says Stewart Baker, a former National Security Agency general counsel.

Jonas has a lot of time to work on ANNA because in 2002 he turned over SRD's reins to a new CEO, John Slitz, a veteran of IBM and Novell. Slitz is gearing to sell technology to corporations in financial services, health care and insurance. This month SRD also announces an alliance with ChoicePoint, the alpha player in using information to nail fraudulent customers and vet potential employees. Though ANNA isn't part of the initial launch, ChoicePoint vice president Jim Zimbardi says that it's "a terrific tool," and is testing it for implementation as early as this year.

Techniques like anonymization, of course, only partly address the data-mining dilemma. There are other avenues such as audit trails to track who's making the queries, and, perhaps most important of all, firm rules embodied in law that limit the use of personal information. Even then, all that data mining can do is keep us safer, not safe. Jeff Jonas's recent experiences in dark rooms have driven that lesson home to him. "Technologies like ours are just Band-Aids," he says. "The real problem is hundreds of thousands of people who are brought up to hate us." That's something even geeks can't fix.

© 2004