By Jonathan Krim
Washington Post Staff Writer
Thursday, June 23, 2005; A01
The Defense Department began working yesterday with a private marketing firm to create a database of high school students ages 16 to 18 and all college students to help the military identify potential recruits in a time of dwindling enlistment in some branches.
The program is provoking a furor among privacy advocates. The new database will include personal information including birth dates, Social Security numbers, e-mail addresses, grade-point averages, ethnicity and what subjects the students are studying.
The data will be managed by BeNow Inc. of Wakefield, Mass., one of many marketing firms that use computers to analyze large amounts of data to target potential customers based on their personal profiles and habits.
"The purpose of the system . . . is to provide a single central facility within the Department of Defense to compile, process and distribute files of individuals who meet age and minimum school requirements for military service," according to the official notice of the program.
Privacy advocates said the plan appeared to be an effort to circumvent laws that restrict the government's right to collect or hold citizen information by turning to private firms to do the work.
Some information on high school students already is given to military recruiters in a separate program under provisions of the 2002 No Child Left Behind Act. Recruiters have been using the information to contact students at home, angering some parents and school districts around the country.
School systems that fail to provide that information risk losing federal funds, although individual parents or students can withhold information that would be transferred to the military by their districts. John Moriarty, president of the PTA at Walter Johnson High School in Bethesda, said the issue has "generated a great deal of angst" among many parents participating in an e-mail discussion group.
Under the new system, additional data will be collected from commercial data brokers, state drivers' license records and other sources, including information already held by the military.
"Using multiple sources allows the compilation of a more complete list of eligible candidates to join the military," according to written statements provided by Pentagon spokeswoman Lt. Col. Ellen Krenke in response to questions. "This program is important because it helps bolster the effectiveness of all the services' recruiting and retention efforts."
The Pentagon's statements added that anyone can "opt out" of the system by providing detailed personal information that will be kept in a separate "suppression file." That file will be matched with the full database regularly to ensure that those who do not wish to be contacted are not, according to the Pentagon.
But privacy advocates said using database marketers for military recruitment is inappropriate.
"We support the U.S. armed forces, and understand that DoD faces serious challenges in recruiting for the military," a coalition of privacy groups wrote to the Pentagon after notice of the program was published in the Federal Register a month ago. "But . . . the collection of this information is not consistent with the Privacy Act, which was passed by Congress to reduce the government's collection of personal information on Americans."
Chris Jay Hoofnagle, West Coast director of the Electronic Privacy Information Center, called the system "an audacious plan to target-market kids, as young as 16, for military solicitation."
He added that collecting Social Security numbers was not only unnecessary but posed a needless risk of identity fraud. Theft of Social Security numbers and other personal information from data brokers, government agencies, financial institutions and other companies is rampant.
"What's ironic is that the private sector has ways of uniquely identifying individuals without using Social Security numbers for marketing," he said.
The Pentagon statements said the military is "acutely aware of the substantial security required to protect personal data," and that Social Security numbers will be used only to "provide a higher degree of accuracy in matching duplicate data records."
The Pentagon said it routinely monitors its vendors to ensure compliance with its security standards.
Krenke said she did not know how much the contract with BeNow was worth, or whether it was bid competitively.
Officials at BeNow did not return several messages seeking comment. The company's Web site does not have a published privacy policy, nor does it list either a chief privacy officer or security officer on its executive team.
According to the Federal Register notice, the data will be open to "those who require the records in the performance of their official duties." It said the data would be protected by passwords.
The system also gives the Pentagon the right, without notifying citizens, to share the data for numerous uses outside the military, including with law enforcement, state tax authorities and Congress.
Some see the program as part of a growing encroachment of government into private lives, particularly since the Sept. 11, 2001, terrorist attacks.
"It's just typical of how voracious government is when it comes to personal information," said James W. Harper, a privacy expert with the Cato Institute, a libertarian think tank. "Defense is an area where government has a legitimate responsibility . . . but there are a lot of data fields they don't need and shouldn't be keeping. Ethnicity strikes me as particularly inappropriate."
Yesterday, the New York Times reported that the Social Security Administration relaxed its privacy policies and provided data on citizens to the FBI in connection with terrorism investigations.