RENEE MONTAGNE, host:
And for years, the government has collected information on ordinary Americans. The FBI and others are allowed to look at phone records, emails, bank withdrawals and more. The purpose, especially since 9/11, is to prevent a terrorist attack. The problem: it's impossible to vacuum up phone records and other personal information on millions of people without violating someone's privacy.
There may be no perfect balance between preventing terrorism and protecting privacy, but a software company in Silicon Valley claims to have a partial fix. In the first of two reports, NPR's Dina Temple-Raston visits the engineer who helped write the new software.
DINA TEMPLE-RASTON: Bob McGrew looks like a surfer. He's wiry and blond, with his hair pushed to side of his forehead. We met one recent morning in Palo Alto so I could visit Palantir Technologies. That's the Silicon Valley company where McGrew is the chief engineer. McGrew's commute is actually a walk. He lives just 10 minutes from the office. So we made a couple of routines stops along the way.
Mr. BOB MCGREW (Chief Engineer, Palantir Technologies): Hi. Small coffee, room for cream.
Unidentified Woman: Will that be all for you today?
Mr. MCGREW: That's it.
Unidentified Woman: Did you want any pastry or anything with that?
Mr. MCGREW: No thanks.
TEMPLE-RASTON: We waited for the cashier to swipe his credit card, and then off we went to a nearby ATM.
(Soundbite of beeping)
Mr. MCGREW: There we go - $100.
TEMPLE-RASTON: And what might seem like two perfectly innocuous stops could, in a terrorism investigation, turn into something more. They're points in a data trail, something all of us leave in our wake every day.
What kind of information would have been collected on you so far this morning?
Mr. MCGREW: Well, Starbucks would know that I purchased a coffee from them. My credit card company would know the amount of the purchase. And my bank is going to know that I have taken out money from the ATM.
TEMPLE-RASTON: So in the span of about 10 minutes, Bob McGrew left quite a trail, which might be useful to investigators if he's a terrorist. But what if he's not a terrorist? How is his privacy protected?
Mr. MCGREW: Suppose, since I'm actually not a terrorist, at some point they'll find out that I'm actually innocent. At that point, you want the same software that's protecting authorized use to then say, no, you no longer have access to this information.
TEMPLE-RASTON: When investigating terrorism, the government can get its hands on all kinds of personal information. The rules are a little murky. But generally, the FBI, with a warrant, can collect data on people inside the United States. The CIA and the National Security Agency mainly focus overseas. But even they can look at people in this country.
Fred Cate, the director of Indiana University's Cybersecurity Center, explains it this way.
Professor FRED CATE (Director, Cybersecurity Center at Indiana University): For example, right now it is perfectly legal, without any question, for the government to collect every telephone call, every email, every communication in the world, as long as it can claim credibly that some part of the communication involves a person outside of the United States.
TEMPLE-RASTON: It's relatively easy to get swept up in a government information grab. If you are a terrorist suspect, you might be in their sights. Or if you have even a slight connection to a suspect, you could end up in the net, too. Privacy advocates also worry about the misuse of personal information.
In Massachusetts, law enforcement officials searched for information on Patriot's quarterback Tom Brady. So they looked up his address, whether he was a gun owner. They were just curious. They did this 968 times. Bob McGrew says what happened to Tom Brady couldn't have happened if law enforcement was using his company's software.
Mr. MCGREW: When some of these officials were looking at Tom Brady's data, that's all captured in a log.
TEMPLE-RASTON: What's new here is that the software clearly identifies who is looking at private information. McGrew says that means the accountability is built right in. That's an important claim, given that the FBI and CIA, among others, have started using Palantir's software in recent months.
Now technology alone is no silver bullet. It's just a tool, and rules for using this powerful tool need to be beefed up, according to former FBI agent Mike German.
Mr. MIKE GERMAN (Former FBI Agent; ACLU): There has to be intensive oversight. And there have to be ramifications when somebody violates the policies that are there to protect the rights of the innocent people whose information is collected.
TEMPLE-RASTON: German is now with the ACLU.
Mr. GERMAN: It's very unclear now what protects people's privacy once it's collected anywhere along the chain, whether it's a state or local police officer collecting it, or whether it is the FBI collecting or whether it's the intelligence community.
TEMPLE-RASTON: Something to consider next time you buy a cup of coffee or swipe your bank card at an ATM.
Dina Temple-Raston, NPR News.
MONTAGNE: Tomorrow, we have the second of our reports.
Unidentified Man: There had been, over the past seven years, this sense that if you collect more and more data and put it into a powerful enough computer, shake it and bake it the right way, you'll come up with the unknowns. That's really a fool's errand.
MONTAGNE: Tomorrow, we look at whether data mining really helps catch terrorists.
NPR transcripts are created on a rush deadline by Verb8tm, Inc., an NPR contractor, and produced using a proprietary transcription process developed with NPR. This text may not be in its final form and may be updated or revised in the future. Accuracy and availability may vary. The authoritative record of NPR’s programming is the audio record.