Uneven post-9/11 data-cloaking persists
Online maps offer an interesting case study: Millions of people use them, but terrorists might access
By Justin Pritchard
Take a virtual tour of New York on Google Maps and some blurry images appear.
As you zoom down in satellite view, what looks like the crisp outline of the airport terminal near upstate Buffalo dissolves into a fuzzy white blob. Instead of cars, blotches of color sit in the main parking lot.
Swing southeast 140 miles to the prison in Elmira, near the Pennsylvania border, or the atomic research lab in Schenectady, about 180 miles northeast from there — and the images hide behind the same type of blur.
The alterations are not the work of a hacker. In the post-9/11 world, they're the product of New York state's homeland security apparatus, done in the hope of preventing terrorists from attacking.
As a staggered nation scrambled after Sept. 11, 2001, to anticipate possible next targets, there was a widespread sanitizing of publicly available information suddenly viewed as tipsheets and road maps for terrorists.
But what also resulted, as shown by an Associated Press review for the 10th anniversary of the 9/11 attacks, were some befuddling inconsistencies — telling private pilots not to fly over nuclear reactors, for example, and then not allowing them access to plant locations.
It was all based on a fear that seemingly innocuous fragments of information could be paired to hatch an attack. If authorities couldn't be sure what information might help, they concluded it was best to keep as much secret as possible. Or if total secrecy couldn't be justified, at least make the information much harder to obtain.
Security-sensitive information wasn't just the coordinates of the nation's nuclear power plants, or the locations of massive inventories of dangerous chemicals, or detailed maps of potentially explosive natural gas pipelines. Withheld from public view were things that average citizens might need to know: emergency response plans for public buildings in Idaho, building blueprints in Delaware, and drinking water test results in Texas.
The efforts sometimes have tried to defy the Internet-age reality that once something is public, it's nearly impossible to make it private again.
Critics who believe government swung too far toward secrecy, particularly in the years immediately after 9/11, do not believe all information should be available. Rather, they argue that in too many cases decisions were made to hide information that was, in fact, important for the public to know.
"We do not have a king or a ruling class that decides what our security policies should be," said Steven Aftergood, who directs the Project on Government Secrecy at the Federation of American Scientists. "Secrecy short-circuits the whole democratic deliberative system and it's fundamentally at odds with the kind of society we are all committed to."
Others argue that the government has performed with admirable openness during the war on terror, especially compared to other times of war, when outright censorship was routine.
"What strikes me about the period after 9/11 is I think we've had an amazing flourishing of information and speech," said John Yoo, a law professor at the University of California, Berkeley, who as a Department of Justice attorney helped develop the Bush administration's program of aggressive interrogation techniques. Yoo also conceded, "You're going to see individual programs where bureaucrats muck things up and make sometimes silly decisions. It's inherent in bureaucracy."
Online maps offer an interesting case study because while millions of people use them every day to get from point A to point B, they also can be used by terrorists and other criminals.
Evidence introduced at a New York terror trial showed that the defendants referenced Google's mapping software during a foiled 2007 plot to blow up jet fuel tanks at John F. Kennedy International Airport. In an unrelated case, one member of a group that used small planes to fly drugs from Canada to the northern U.S. said he used Google Maps to scout hundreds of small airports for fences and cameras.
Less clear is the rationale behind other decisions to hoard information that once was public — or information that is public in one form but not others.
- After 9/11, one concern was the nation's network of underground pipelines, which if broken can fuel raging propane or natural gas fires. Though some utilities kept their own maps public for a while, access to the National Pipeline Mapping System was almost immediately restricted, and remains so today.
In several post-9/11 accidents, first responders did not know about the existence or location of pipelines. In the case of a 2007 explosion in Mississippi that killed two and injured seven, federal safety investigators concluded that if local authorities had known the problem was a busted propane line, they would have evacuated the area so residents couldn't do something to ignite the gathering gas cloud.
On the open access side of the security issue, opposition from first responders helped nix a plan by the U.S. Department of Homeland Security to remove from rail cars the small placards that show a hazardous substance is being transported. Federal officials argued that the small signs amounted to bull's-eyes for terrorists. Firefighting chiefs in particular countered that the signs were critical in determining the threat level that a substance posed in such an accident — and how to control that threat.
- Security has become an entrenched reason that governments at all levels give for denying public records requests.
Soon after 9/11, blueprints for structures including stadiums and state office buildings were exempted by Delaware lawmakers from public disclosure. An Alaska disclosure law passed in 2002 exempts infrastructure and security plans. New York City still refuses to release architectural plans of 2,500 buildings deemed security sensitive. Even the list of buildings isn't public.
At the federal level, the tone was set by an October 2001 memo from then-Attorney General John Ashcroft that said federal agencies should be circumspect, because of national security concerns, in releasing information.
One manifestation was the use of a disclosure exemption based on the protection of "critical infrastructure." In March, the U.S. Supreme Court rejected the government's broad use of that exemption in a case involving a Washington state man who wanted to get maps that show how bad accidental explosions could be at the Navy's main West Coast ammunition dump. The AP joined the case with a legal brief that argued the government was overreaching.
The other side of the issue comes into play when government restricts access to information already in the public domain. The U.S. Environmental Protection Agency, for example, took down electronic versions of risk management plans filed by industrial facilities that use or store hazardous substances. In an unusual twist, those plans can be viewed in person at federal "reading rooms."
- Each of the Sept. 11 hijackers was involved in some kind of identity theft. In response to that fact — and, more so, profit-driven fraud — some states made it harder to get copies of birth certificates. Maine, for example, enacted a law that requires anyone who wants access to birth certificates and other vital records to document their "direct and legitimate interest in the records."
Such requirements have upset members of the genealogical research community, who were accustomed for many years to viewing and copying public records. They argue that the main problem isn't about the kinds of individual records they seek; it's about massive electronic theft of personal information.
Criminals generally "aren't interested in individual identity," said Jan Alpert of the National Genealogical Society. "They're interested in a whole database."
Then there are the real headscratchers.
Like the government's insistence in October 2001 that the Aircraft Owners and Pilots Association remove access to latitude-longitude coordinates of nuclear plants that pilots were required to avoid, but whose locations were not on their flight charts. The association, which had simply linked its website to the U.S. Nuclear Regulatory Commission's page where the coordinates were posted, agreed. Shortly after that, the NRC itself took down the coordinates.
A need for security was asserted when officials at public utilities refused to discuss voluntary testing of drinking water for pharmaceuticals that people excrete into the sewer system, a growing public health concern. The mayor of Arlington, Texas, wouldn't reveal what single pharmaceutical had survived the treatment process and was heading to local taps, saying that identifying it could cause a terrorist to release more. A public records act request revealed that the drug was an anti-anxiety medication.
Also, a treatment plant supervisor in Emporia, Kan., said that because of 9/11 he wouldn't reveal whether any drug testing of the water supply had been done.
Overall, the frequency of "hysterical, over-the-top" national security exemption claims began to tail off several years ago, said Lucy Dalglish, executive director of the Reporters Committee for Freedom of the Press.
Some censored information has even reappeared, though not always with the blessing of authorities.
One theory for why information should be withheld is that it could provide a "road map" for terrorists.
So what about free services that offer detailed pictures taken by satellites or airplanes, like those on Google, Microsoft's Bing Maps and MapQuest? The argument for secrecy is that an attacker could use the images to locate things not visible from the street: air vents, distances between buildings for an assault, and the like. A review of what's online shows how haphazard efforts to obscure information can be.
Like those detailed overhead pictures of the Buffalo airport terminal, the Elmira prison or that atomic power laboratory a 30-minute drive from Albany, New York's capital. They're blurred on Google, so just flip to Bing Maps, where the images are clear because the site didn't use maps from New York state government.
How about JFK Airport — one of the world's busiest? Or the Indian Point nuclear complex, 25 miles up the Hudson River from New York City's northern border?
Both are clear on Google, which didn't use the blurred New York state images. JFK and Indian Point are unaltered on Bing as well.
The decision by New York state officials to blur sites they consider security risks is actually a concession of sorts to openness.
Immediately after 9/11, the state where more than 2,700 people died at the World Trade Center withheld the maps altogether. The maps were made public again in the following months, but with the hundred-plus sites deemed potential risks blanked out, according to Bruce Oswald, who was director of the state's Center for Geographic Information at the time.
Finally, the state arrived at its current position — release the maps, but use a computer algorithm to blur the sites of concern.
"There was no sense in disputing that the Buffalo-Niagara International Airport existed," Oswald said. "They started to understand that by blanking out areas you were essentially locating sensitive areas."
New York officials began reviewing the blurring policy several years ago, given that diagrams and pictures of many blurred sites are easily available online, said Dennis Michalski, spokesman for the New York Division of Homeland Security and Emergency Services.
Both Google and MapQuest told the AP they have not obscured any images on their map sites — that any blurring is done by the map providers. America's two commercial satellite companies said they do not blur images. Several companies that fly camera-equipped airplanes said they do not, either.
Bing, a relative newcomer to the field in 2009, said it has removed or blurred some images when requested.
"We have in place robust processes and technology to respond to requests by governments or other third parties about particular imagery of concern," Bing said in a written statement provided by its outside public relations firm.
In a pair of widely cited papers published within several years of the 9/11 attacks, experts studying homeland security risks for the federal government concluded that nearly all maps could safely be made public without censorship.
"Our analysis found that very few of the publicly accessible federal geospatial sources appear useful to meeting a potential attacker's information needs," wrote the authors of a 2004 report that the RAND Corporation did for the National Geospatial-Intelligence Agency, the federal government's spy satellite office.
The RAND authors reviewed 629 sets of geospatial data and found that 6 percent "appeared as though they could be useful to a potential attacker."
One data set that did not concern the authors: the GPS coordinates of the nation's 65 nuclear power sites, information that the NRC pulled from its website after the attacks.
To gauge how easily members of the public could see aerial images of those sites, the AP searched Google, Bing and MapQuest, using NRC latitude-longitude coordinates that an AP reporter had stored on his computer before Sept. 11, 2001.
Just three of 195 maps — 65 from each of the three services — were blurred.
One of the three, the Oconee complex in South Carolina, was blurred at the request of the plant owner, Duke Energy, which several years ago commissioned Orbis Inc. to take aerial images of the property, Orbis President Russell Combs said. Google used the Orbis images as it stitched together its map for that portion of the state.
A spokeswoman for Duke Energy didn't dispute Combs' recounting, but said she couldn't determine who at the plant had requested the blurring.
More to the point, spokeswoman Rita Sipe added, "Our security is robust — and it's not based on blurring out photos."
Copyright 2011 Associated Press