Congress will soon hold hearings on the National Security Agency's domestic spying program, secretly authorized by President Bush in 2002. But that program is just the tip of the iceberg.

Since 9/11, the expansion of efforts to gather and analyze information on U.S. citizens is nothing short of staggering. The government collects vast troves of data, including consumer credit histories and medical and travel records. Databases track Americans' networks of friends, family and associates, not just to identify who is a terrorist but to try to predict who might become one.

Remember Total Information Awareness, retired Adm. John Poindexter's effort to harness all government and commercial databases to preempt national security threats? The idea was that disparate, seemingly mundane behaviors can reveal criminal intent when viewed together. More disturbing, it assumed that deviance from social norms can be an early indicator of terrorism. Congress killed that program in 2003, but according to the Associated Press, many related projects continued.

The Defense Advanced Research Projects Agency runs a data-mining program called Evidence Extraction and Link Discovery, which connects pieces of information from vast amounts of data sources. The Defense Intelligence Agency trawls intelligence records and the Internet to identify Americans connected to foreign terrorists. The CIA reportedly runs Quantum Leap, which gathers personal information on individuals from private and public sources. In 2002, Congress authorized $500 million for the Homeland Security Department to develop "data mining and other advanced analytical tools." In 2004, the General Accounting Office surveyed 128 federal departments and agencies to determine the extent of data mining. It found 199 operations, 14 of which related to counterterrorism.

What type of information could these mine? Your tax, education, vehicle, criminal and welfare records for starters. But also other digital data, such as your travel, medical and insurance records--and DNA tests. Section 505 of the Patriot Act (innocuously titled "Miscellaneous National Security Authorities") extends the type of information the government can obtain without a warrant to include credit card records, bank account numbers and information on Internet use.

Your checking account may tell which charities or political causes you support. Your credit card statements show where you shop, and your supermarket frequent-buyer-card records may indicate whether you keep kosher or follow an Islamic halal diet. Internet searches record your interests, down to what, exactly, you read. Faith forums or chat rooms offer a window into your thoughts and beliefs. E-mail and telephone conversations contain intimate details of your life.

A University of Illinois study found that in the 12 months following 9/11, federal agents made at least 545 visits to libraries to obtain information about patrons. This isn't just data surveillance. It's psychological surveillance.

Many Americans might approve of data mining to find terrorists. But not all of the inquiries necessarily relate to terrorism. The Patriot Act allows law enforcement officers to get "sneak and peek" warrants to search a home for any suspected crime--and to wait months or even years to tell the owner they were there. Last July, the Justice Department told the House Judiciary Committee that only 12% of the 153 "sneak and peek" warrants it received were related to terrorism investigations.

The FBI has used Patriot Act powers to break into a judge's chambers and to procure records from medical clinics. Documents obtained by the American Civil Liberties Union recently revealed that the FBI used other new powers to eavesdrop on environmental, political and religious organizations.

When Congress looks into domestic spying in the "war on terror," it should ask a series of questions:

First, what information, exactly, is being collected? Are other programs besides the president's NSA initiative ignoring traditional warrant requirements? Are federal agencies dodging weak privacy laws by outsourcing the job to private contractors?

Second, who has access to the data once it is collected, and what legal restrictions are set on how it can be used or shared?

Third, who authorized data mining, and is its use restricted to identifying terrorists?

Fourth, what is the collective effect of these programs on citizens' rights? Privacy certainly suffers, but as individuals begin to feel inhibited in what they say and do, free speech and freedom of assembly also erode.

Fifth, how do these data collection and mining operations deal with error? As anyone who's tried to dispute an erroneous credit report can attest, once computer networks exchange data, it may be difficult to verify its accuracy or where it entered the system. Citizens who do not know they are under surveillance cannot challenge inaccurate information that may become part of their secret digital dossier.

What will Congress do to ensure that the innocent remain so?

This article adopts a two-tiered approach: it provides a detailed, historical account of anti-terrorist finance initiatives in the United Kingdom and United States--two states driving global norms in this area. It then proceeds to a critique of these laws. The analysis assumes--and accepts--the goals of the two states in adopting these provisions. It questions how well the measures achieve their aim. Specifically, it highlights how the transfer of money laundering tools undermines the effectiveness of the states' counterterrorist efforts--flooding the systems with suspicious activity reports, driving money out of the regulated sector, and using inappropriate metrics to gauge success. This article recognizes that both states consider the fight against terrorism to be partly military but also a matter of bringing certain democratic principles to bear. Critics have been quick to condemn some of the measures for their encroachments into civil liberties. My goal is not to measure the success of the laws according to any particular ideology but rather, accepting the governments' democracy-promoting goals, and the role these play in generating domestic and international support, to clarify which components do not appear to serve the states' aims.

This article won Stanford Law School's Carl Mason Franklin Prize for 2005-2006, for most distinguished written work in international law.

The Bush administration's response to the September 11 attacks has rendered more urgent Al Qaeda's stated objective to eject the United States from the Middle East. The aim here is not to evaluate the direction of the war on terrorism, but to explore why Al Qaeda has been so unsuccessful in capitalizing on its political violence. The article begins with the premise that terrorism is a communication strategy. It contends that Al Qaeda's policy failures are due to its inability to convince Bush that it would refrain from attacking Americans if the United States moderated its Middle East policies. Borrowing from the literature in political psychology and perception and misperception in international relations, the article offers several explanations for Al Qaeda's ineffectiveness in getting this message across. The article concludes by deriving general observations about the limitations of terrorism as a form of political communication.

We investigate the impact on effective terrorism response of the viability degradation of biological weapons agents in the environment. We briefly review the scientific understanding and modeling of agent environmental viability degradation. In general, agent susceptibility to viability loss is greatest for vegetative bacteria, intermediate for viruses, and least for bacterial spores. Survival is greatest in soil and progressively decreases in the following environments: textiles, water, hard surfaces, and air. There is little detailed understanding of loss mechanisms. We analyze the time behavior and sensitivity of four mathematical models that are used to represent environmental viability degradation (the exponential, probability, and first- and second-order catastrophic decay models). The models behave similarly at short times (<30 min for our example case) but diverge to significantly different values at intermediate to long times. Hence, for a release event in which the majority of atmospheric exposure or deposition occurs over very short times, the current response models likely provide a good representation of the hazard. For longer time phenomena, including decontamina tion, the current model capabilities are likely insufficient. Finally, we implement each model in a simple numerical integration of anthrax dispersion, viability degradation, and dose response. Decay models spanning the current knowledge of airborne degradation result in vastly different predicted hazard areas. This confounds attempts to determine necessary medical and decontamination measures. Hence, the current level of understanding and representation of environmental viability degradation in response models is inadequate to inform appropriate emergency response measures.

On June 16, 2002, Dennis Pluchinsky, a senior intelligence analyst at the U.S. Department of State, wrote an article in the Washington Post calling for censorship. The article began, "I accuse the media in the United States of treason." Pluchinsky, who worked counterterrorism in the government for twenty-five years, pointed to post-9/11 articles that revealed not scientific advancements, but American vulnerabilities in regard to the food supply, electricity, chemical production, transportation, and border security. He suggested that research conducted by the media could not have been funded by one, single terrorist organization: "Our news media, and certain think tankers and academicians, have done and continue to do the target vulnerability research for them."

Pluchinsky has a point. Terrorist organizations can and do use the media--and the protections afforded speech in the United States and the United Kingdom--to obtain and disseminate critical information.

The crucial point is this: Both liberal, democratic states, and nonstate terrorist organizations need free speech. Under what circumstances are the interests of the state secured and the opportunism of terrorist organizations avoided? Here, the experiences of the United States and United Kingdom prove instructive. On both sides of the Atlantic, where the state acts as sovereign, efforts to restrict persuasive political speech have relaxed over time to allow for more criticism. In the United States, Brandenburg v. Ohio cemented this shift. In the United Kingdom, change came gradually. The practical elimination of treason and seditious libel, and incorporation of the European Convention of Human Rights (ECHR) into domestic law through the 1998 Human Rights Act (HRA), marked the transition. If free speech remains central to our understanding of liberal democracy, it would nevertheless be naïve to rely on these alterations to protect expression in the contemporary counterterrorist environment--regardless of how remarkable they might be in the context of what went before.

Underlying my argument in this paper is a deeper concern that centers on the shifting nature of technology. What the average person could have done in 1776, or for that matter, 1976, to hurt either state pales in comparison to what a person with basic knowledge of microbiology, $1000, and a lab can do today. But neither American nor British law appears to have come to terms with what weapons of mass destruction, in terrorist hands, means for free speech.

This article won the 2004-2005 Steven M. Block Civil Liberties award for the best piece of writing in civil liberties at Stanford Law School. It also won second place in the national competition for the 2005 Judge John R. Brown Award for Excellence in Legal Writing, which recognizes the best legal writing by U.S. law students.