Washington, Oct 8 (IANS) US security agencies that “mine” personal data - such as phone, medical, and travel records or websites visited - should be required to evaluate the programmes’ effectiveness and legality, says a new report from the National Research Council. Both classified and unclassified programmes should be evaluated before they are set in motion and regularly thereafter for as long as they are in use, says the report. It offers a framework agencies can use to assess programmes, including existing ones.

The report also says that Congress should re-examine existing law to assess how privacy can be protected in such programmes, and should consider restricting how personal data are used. And it recommends that any individuals harmed by violations of privacy be given a meaningful form of redress.

“The danger of terror attacks on the US is real and serious, and we should use the information technologies at our disposal to combat this threat,” said William Perry, co-chair of the committee that wrote the report, former US secretary of defence, and professor at Stanford University, according to a release of the National Academy of Sciences.

“However, the threat does not justify government activities that violate the law, or fundamental changes in the level of privacy protection to which Americans are entitled.”

The report examines the technical effectiveness and privacy impacts of data-mining and behavioural surveillance techniques. Each time a person makes a phone call, uses a credit card, pays taxes, or takes a trip, he or she leaves digital tracks, records that often end up in massive corporate or government databases.

Through formal or informal agreements, government has access to much of the data owned by private-sector companies. Agencies use sophisticated techniques to mine some of these databases - searching for information on particular suspects, and looking for unusual patterns of activity that may indicate a terrorist network.

The most serious threat today comes from terrorist groups that are international in scope; these groups use the Internet to recruit, train, and plan operations and use public channels to communicate.

Intercepting and analysing these information streams might provide important clues about the nature of the threat they pose, the report says. Key clues might also be found in commercial and government databases that record a wide range of information about individuals, organisations, and their behaviour. But successfully identifying signs of terrorist activity in these masses of data is extremely difficult, the committee said.