WASHINGTON -- A leader of the new Democratic Congress, business travelers and privacy advocates expressed outrage Friday over the unannounced assignment of terrorism risk assessments to American international travelers by a computerized system managed from an unmarked, two-story brick building in Northern Virginia.

Incoming Senate Judiciary Chairman Sen. Patrick Leahy of Vermont pledged greater scrutiny of such government database-mining projects after reading that during the past four years millions of Americans have been evaluated without their knowledge to assess the risks that they are terrorists or criminals.

"Data banks like this are overdue for oversight," said Leahy, who will take over Judiciary in January. "That is going to change in the new Congress."

The Associated Press reported Thursday that Americans and foreigners crossing U.S. borders since 2002 have been assessed by the Homeland Security Department's computerized Automated Targeting System, or ATS.

The travelers are not allowed to see or directly challenge these risk assessments, which the government intends to keep on file for 40 years. Some or all data in the system can be shared with state, local and foreign governments for use in hiring, contracting and licensing decisions. Courts and even some private contractors can obtain some of the data under certain circumstances.

"It is simply incredible that the Bush administration is willing to share this sensitive information with foreign governments and even private employers, while refusing to allow U.S. citizens to see or challenge their own terror scores," Leahy said. This system "highlights the danger of government use of technology to conduct widespread surveillance of our daily lives without proper safeguards for privacy."

The concerns spread beyond Congress.

"I have never seen anything as egregious as this," said Kevin Mitchell, president of the Business Travel Coalition, which advocates for business travelers. It's "evidence of what can happen when there isn't proper oversight and accountability."

By late Friday, the government had received 22 written public comments about its after-the-fact disclosure of the program last month in the Federal Register, a fine-print compendium of federal rules. All either opposed it outright or objected to the lack of a direct means for people to correct any errors in the database about themselves.

"As a U.S. citizen who spends much time outside the U.S., I can understand the need for good security," wrote one who identified himself as Colin Edmunds. "However, just as I would not participate in a banking/credit card system where I have no recourse to correct or even view my personal data, I cannot accept the same of my government."

Privacy advocates also were alarmed.

"Never before in American history has our government gotten into the business of creating mass `risk assessment' ratings of its own citizens," said Barry Steinhardt, a lawyer for the American Civil Liberties Union. "We are stunned" the program has been undertaken "with virtually no opportunity for the public to evaluate or comment on it."