Why privacy always loses.

Eight years ago, officials at Orlando International Airport first began testing the millimeter-wave body scanners that are currently at the center of a national uproar. The designers of the scanners at Pacific Northwest National Laboratory offered U.S. officials a choice: naked machines or blob machines? The same researchers had developed both technologies, and both were equally effective at identifying contraband. But, as their nicknames suggest, the former displays graphic images of the human body, while the latter scrambles the images into a non-humiliating blob.

Since both versions of the scanners promise the same degree of security, any sane attempt to balance privacy and safety would seem to favor the blob machines. And that’s what the handful of European airports that have adopted body scanners chose. This is in part due to the efforts of European privacy commissioners, such as Germany’s Peter Schaar, who have emphasized the importance of designing body scanners in ways that protect privacy. However, most European airport authorities have declined to adopt body scanners at all, because of the persuasive evidence that they’re not effective at detecting low-density illegal material, such as the chemical powder PETN concealed by the so-called underwear bomber last Christmas.

The U.S. Department of Homeland Security (DHS) made a very different decision. It deployed the naked body scanners without any opportunity for public comment—then appeared surprised by the predictable backlash. Why? Part of the answer is that protecting privacy isn’t something that the U.S. government has ever done well. Compared to their European counterparts, U.S. privacy offices lack both independence and regulatory teeth. And, while the Department of Homeland Security’s privacy office has broader legal authorities than most, it nevertheless failed to raise the obvious objections to the body scanners. That suggests the government needs a genuinely independent institution dedicated to protecting Americans’ privacy in order to avoid similar debacles in the future.

The role of the DHS privacy officer was at the center of the controversy over the creation of the department itself. In 2002, conservative libertarians and liberal civil libertarians protested that the newly created DHS might end up spying on Americans. So Republican House Majority Leader Dick Armey, a staunch libertarian, added a requirement that the new agency appoint a chief privacy officer to ensure that new technologies “sustain and do not erode” privacy protections. Some advocates, such as Marc Rotenberg of the Electronic Privacy Information Center (EPIC), insisted that the privacy officer would cave to the secretary of DHS unless the office was made independent. (Disclosure: I’m on the EPIC advisory board). Rotenberg proved to be right.

When the Transportation Security Administration (TSA) first proposed to test the use of body scanners for secondary screening during the Bush administration, the DHS chief privacy officer, Hugo Teufel, issued a privacy impact assessment saying that the pilot program achieved its goal of “minimizing privacy intrusions.” However, Teufel’s assessment did not even consider the blob machine as a possible alternative. In July 2009, the Obama administration’s newly appointed DHS chief privacy officer, Mary Ellen Callahan, reaffirmed this conclusion. Her analysis also misleadingly stressed that DHS had disabled the storage capacity of the machines in airports. However, a Freedom of Information Act request by EPIC revealed that it was DHS that had required vendors to produce devices capable of storing and transmitting images in the first place.