Peddling Big Brother

By PHILIP ELMER-DEWITT/WASHINGTON

As a newcomer to the world of computers, the government of Thailand was surprised and flattered last summer when it won a prize for being a "hero of the information age" from the Smithsonian Institution and Computerworld magazine. The award, which focused world attention on the Interior Ministry's efforts to computerize the country's social services, proved to be a mixed blessing. Technocrats may admire systems like Bangkok's, which by 2006 will have stored vital data on 65 million Thais in a single, integrated computer network. But civil libertarians are appalled. Simon Davies, an Australian expert on such technology for the watchdog group Privacy International, says Bangkok's prizewinning program is, potentially, "one of the most repressive surveillance systems the world has ever seen."

Thailand's population data-base system -- the largest of its kind -- has become a symbol for an alarming trend. Even as Western nations place new limits on what they permit computers to do with sensitive personal data, some of their biggest computer firms have begun selling to Third World governments systems that are far more invasive than any permitted back home. In some cases, though not necessarily Thailand's, computers with vast potential for misuse are being sold to governments with long histories of human-rights violations.

At first glance the Thai system, which is being considered for possible adoption by Indonesia and the Philippines, seems harmless enough. Every citizen over age 15 will be required to carry a card bearing a color photo, various pertinent facts (name, address and so on) and an identification number. Most Thais are happy to get their IDs, which distinguish citizens from noncitizens (including a large population of refugees) and simplify all sorts of bureaucratic transactions, from receiving health-care benefits to enrolling a child in school.

But behind the cards are a $50 million computer system and sophisticated software that could enable a Big Brother government to create a dossier quickly that would tell it just about anything it wanted to know about anybody. The program, which runs on three top-of-the-line Control Data mainframes, is known as a relational data base, and it permits bureaucrats to correlate the files of otherwise disparate government offices. If the < necessary links to the revenue and police departments are put in place, a few key taps could cross-reference criminal records to tax records to religious and family information in order to draw a startlingly detailed description of any individual or group. Thai officials say they have no plans to create those links.

Most industrialized nations have evolved legal codes to protect their citizens from such invasions of privacy. The basic principle is laid out in the U.S. Privacy Act of 1974, which at least in theory restricts the government from taking computer data gathered for one purpose (say, the census) and using them for another purpose (say, tax collection). Another guiding precept is that unique numerical identifiers -- like Thailand's ID numbers -- should be avoided because they make dossier preparation temptingly easy. That is why the American Civil Liberties Union gets so upset when a Social Security number is used beyond its original intent.

The potential for abuse of such systems has been amply demonstrated. Until quite recently, the white-ruled government of South Africa employed pass-card and fingerprint systems, running on computers supplied by IBM and the British firm ICL, to enforce travel restrictions on the black population. This practice eventually led to a U.S.-government ban on the sale of computers to any apartheid-enforcing agency.

Today Israel uses a work-permit card system, running on U.S. equipment (the name of the supplier is an Israeli secret), to monitor the movement of Palestinians living in the occupied territories. Singapore, known for its strict regulation of everything from littering to drug peddling, has purchased more than $12 million worth of computer equipment from NEC, including a machine-readable ID-card system (with laser-engraved thumbprint) and an automated fingerprint-identification system.

Such systems are particularly attractive to governments troubled by civilian unrest. Guatemala, where death squads have been linked to hundreds of extrajudicial executions and "disappearances," purchased computer surveillance software from Israel in the early 1980s. Within the next few weeks, Taiwan is expected to award contracts worth $270 million for its own "residential-information system." Among the bidders: Unisys, Digital Equipment Corp., NEC and ICL.

The sale of these systems will continue to spread unless the U.S. and other vendor nations take steps to stop it. At present the U.S. State and Commerce departments have strict rules governing the export of weapons systems and computers with potential military uses. But with the exception of the South African ban, there are no regulations preventing the sale of relational-data- base systems to countries that lack basic constitutional safeguards. "The U.S. claims to have a role as the moral leader in protecting freedom and democracy," complains Marc Rotenberg, Washington director of Computer Professionals for Social Responsibility. "But we are becoming surveillance- technology merchants to the world."

With reporting by John Dunn/Sydney and Narunart Prapanya/Bangkok