The federal government has rarely made a habit of covering itself in glory, but in recent weeks it seems determined to engender mistrust among the American public. In only the last month, three fresh examples of the federal government’s inability to secure sensitive data have come to light. These examples of official incompetence have once again made clear that the federal government cannot be trusted with gun owner data.
Federal bureaucrats and gun control advocates have made clear that they want the government to maintain more information on firearms and firearm owners. ATF routinely whines about how the out-of-business dealer records (4473s) housed at the National Tracing Center have not been converted into a digitized searchable format. ATF director nominee and paid gun control lobbyist David Chipman has called for the federal registration of tens of millions of commonly-owned semi-automatic firearms.
Gun rights advocates understand that collection of gun and gun owner data facilitates firearm confiscation. In addition to several notable instances in foreign countries, registration records were used to confiscate firearms in New York City in 1991 and 2013. Prominent U.S. politicians such as President Joe Biden, Vice President Kamala Harris, and Sen. Dianne Feinstein (D-Calif.) have all called for gun confiscation. National Council to Control Handguns (now Brady) Chairman Nelson “Pete” Shields acknowledged registration as a prerequisite to handgun confiscation.
However, the ever-present threat of confiscation is not the only compelling argument against the government collecting data on guns and gun owners. The federal government’s impotence in safeguarding data is a constant threat to gun owner privacy.
In June, NRA-ILA directed gun owner attention to an Internal Revenue Service leak of the private tax returns of several wealthy Americans. The incident proved that political actors within the federal government will break the law by leaking sensitive information in order to advance an ideological goal. Given the political debate surrounding firearm ownership, gun owners could expect similar malicious treatment were the government empowered to collect firearm data.
The latter half of summer has only bolstered this thesis.
On August 16, a security researcher posted an item to Linkedin.com in which he explained how he “discovered a terrorist watchlist containing 1.9 million records online without a password or any other authentication required to access it.”
According to the researcher,
The watchlist came from the Terrorist Screening Center, a multi-agency group administered by the FBI. The TSC maintains the country's no-fly list, which is a subset of the larger watchlist. A typical record in the list contains a full name, citizenship, gender, date of birth, passport number, no-fly indicator, and more.
As NRA-ILA and the American Civil Liberties Union have repeatedly pointed out, the terrorist watchlist is rife with inaccuracies and inclusion on the list occurs without due process and bears little relation to the threat an individual might pose. Expressing a similar understanding, the security researcher noted, “The terrorist watchlist is made up of people who are suspected of terrorism but who have not necessarily been charged with any crime. In the wrong hands, this list could be used to oppress, harass, or persecute people on the list and their families.”
On August 21, Fox News reported that the State Department was hit by a cyber attack. According to the news outlet’s source, “The State Department is the latest to fall victim to a cyber-attack and notifications of a possible serious breach were made by the Department of Defense Cyber Command.”
Fox News was not provided information on the extent of the breach. However, Fox reported that “news of the breach comes just weeks after a Senate Homeland Security Committee report rated the department’s overall information security program as a "D" – the lowest possible rating within the federal government’s model.”
Also in mid-August, reports began to surface that during the U.S. pullout of Afghanistan sensitive data may have fallen into the Taliban’s hands. Some fear that included in this potential data trove is information that would help the Taliban identify and retaliate against individuals who assisted U.S. and Coalition forces.
Thousands of Afghans struggling to ensure the physical safety of their families after the Taliban took control of the country have an additional worry: that biometric databases and their own digital history can be used to track and target them.
The news outlet went on to explain,
After years of a push to digitise databases in the country, and introduce digital identity cards and biometrics for voting, activists warn these technologies can be used to target and attack vulnerable groups.
“We understand that the Taliban is now likely to have access to various biometric databases and equipment in Afghanistan,” the Human Rights First group wrote on Twitter on Monday.
“This technology is likely to include access to a database with fingerprints and iris scans, and include facial recognition technology,” the group added.
In an item titled “The Taliban Have Seized U.S. Military Biometric Devices,” journalists from The Intercept reported a similarly dire scenario. The outlet noted,
The Taliban have seized U.S. military biometrics devices that could aid in the identification of Afghans who assisted coalition forces, current and former military officials have told The Intercept.
The devices, known as HIIDE, for Handheld Interagency Identity Detection Equipment, were seized last week during the Taliban’s offensive, according to a Joint Special Operations Command official and three former U.S. military personnel, all of whom worried that sensitive data they contain could be used by the Taliban. HIIDE devices contain identifying biometric data such as iris scans and fingerprints, as well as biographical information, and are used to access large centralized databases.
The news organization also explained,
the U.S. didn’t only collect information about criminals and terrorists; the government appears to also have been collecting biometrics from Afghans assisting diplomatic efforts, in addition to those working with the military.
The federal government has collected biometric data from Afghans despite knowing the risks entailed by maintaining large databases of personal information, especially given recent cyberattacks on government agencies and private companies.
The federal government has consistently proven itself incompetent in securing confidential data. The only way to ensure that gun owners do not fall victim to this malice or ineptitude is to continue to restrict the federal government’s ability to collect and compile gun owner information.