For some time, U.S. government agencies have been using data-mining _ computerized searches of personal information stored in massive online corporate and government data bases _ to detect potential terrorist plots.

   The idea is that examinations of email, telephone, credit card, tax, travel, medical records and other information might detect patterns indicating terrorist activity, especially given how al Qaida and other extremist groups rely on the Internet to communicate.

   But data-mining of personal data also raises profound issues of personal privacy and lawfulness, and a new report by the National Research Council, a leading advisory body to the government, also questions the effectiveness of such techniques.

   "Successfully identifying signs of terrorist activity in these masses of data is extremely difficult," says the 352-page report entitled "Protecting Individual Privacy in the Struggle Against Terrorists." It is the product of an exhaustive two-year study by scientists, legal experts, engineers and other experts that was commissioned by the Department of Homeland Security and National Science Foundation.

  The report, written by a committee co-chaired by former Defense Secretary William Perry, offers  a framework that government agencies can use to assess their data-mining programs.

  "The information sought by analysts must be filtered out of the huge quantity of data available (the needle in the haystack problem)" and "terrorist groups will make calculated efforts to conceal their identity and mask their behaviors, and will use various strategies such as encryption, code words, and multiple identities to obfuscate the data they are generating and exchanging," the report continues.

   "Because the data being analyzed are primarily about ordinary, law-abiding citizens and businesses, false positives can result in invasion of their privacy," the report warns. "Such intrusions raise valid concerns about the misuse and abuse of data, about the accuracy of data and manner in which the data are aggregated, and about the possibility that the government could . . . inappropriately influence individuals' conduct."

   Then there's the danger that such intrusions might be unconstitutional.

   The report makes recommendations for protecting individual rights, including systematic evaluations by agencies that use data-mining for counter-terrorism of the effectiveness, lawfulness and privacy impacts of their programs. It also urges Congress to review existing law to determine ways to safeguard privacy and to restrict how personal data is used.

   "Even under the pressure of threats as serious as terrorism, the privacy rights and civil liberties that are the cherished core values of our nation must not be destroyed," the report asserts.

   Some Bush administration officials, especially those working for Vice President Cheney, might disagree.

  Webcast of press briefing:

  http://www.nap.edu/webcast/webcast_detail.php?webcast_id=353