Preliminary Responses to Questions from Senator Charles E. Grassley
About the Total Information Awareness (TIA) Program

1. What is the statutory authorization for TIA?

The TIA program is not authorized or funded as a separate line item in either the National Defense Authorization Act or the Department of Defense Appropriations Act. The TIA program, however, is identified as a program of the Defense Advanced Research Projects Agency (DARPA) in the Fiscal Year 2003 Budget Estimates, February 2002.

2. What are the parameters and scope of TIA?

According to Dr. Anthony J. Tether, Director, DARPA, TIA is an IT system for combating terrorism.

3. How was TIA selected to be funded?

Dr. Tether reports that TIA was selected through their process of reviewing ideas they believe can be developed into useful technologies.

4. How was Admiral Poindexter selected to head TIA?

Dr. Tether selected Admiral John Poindexter, U.S. Navy (Retired). Admiral Poindexter was hired as a "Section 1101" appointee under 5 U.S.C. Sec. 3104 and Sec. 1101 of the Strom Thurmond Defense Authorization for Fiscal Year 1999 (P.L. 105-261).

5. What coordination has the program had with Federal law enforcement officials? This should include details of what input was received prior to funding.

Dr. Tether has advised of contacts with the Federal Bureau of Investigation (FBI), Foreign Terrorist Tracking Task Force, Department of Justice, and components of the Department of Homeland Security, DARPA officials note it is their understanding that the FBI is working on an MOU with DARPA for possible experimentation with TIA technology in the future.

6. What protections are in place to ensure civil liberties are not violated?

Dr. Tether has advised that part of the TIA project will focus on the development of privacy protections that do not currently exist, along with other advanced security and system hardening characteristics as part of the TIA program. The IG, DoD, audit will "assess whether the proper controls are being included in the developmental contracts to ensure that the technology is properly managed and controlled when placed in an operational environment." The audit will also assess the adequacy of computer security protections and human access protections intended to protect civil liberties.