Homeland Security Watch

News and analysis of critical issues in homeland security

December 24, 2005

More NSA revelations from the New York Times

Filed under: Intelligence and Info-Sharing,Privacy and Security,Technology for HLS — by Christian Beckner on December 24, 2005

The New York Times has a follow-up piece today on the NSA story, which seems to confirm prior suspicion around the blogosphere (see these prescient posts by Bruce Schneier, Defense Tech, and Early Warning) that a large element of this story is about the use of new technologies:

What has not been publicly acknowledged is that N.S.A. technicians, besides actually eavesdropping on specific conversations, have combed through large volumes of phone and Internet traffic in search of patterns that might point to terrorism suspects. Some officials describe the program as a large data-mining operation….

Officials in the government and the telecommunications industry who have knowledge of parts of the program say the N.S.A. has sought to analyze communications patterns to glean clues from details like who is calling whom, how long a phone call lasts and what time of day it is made, and the origins and destinations of phone calls and e-mail messages. Calls to and from Afghanistan, for instance, are known to have been of particular interest to the N.S.A. since the Sept. 11 attacks, the officials said.

This so-called “pattern analysis” on calls within the United States would, in many circumstances, require a court warrant if the government wanted to trace who calls whom.

Assuming this is true, my reactions are mixed. I can see real security benefits from this kind of analysis in some instances, especially in terms of using relationship analysis to build out a the web of connections between people and their identifiers (i.e. phone numbers, e-mail addresses). If there are these tangible security benefits, and it is done in a way that makes a clear effort to protect privacy by such means as anonymization of data and user audits, then this can be an appropriate tool in the war on terror.

But this story reinforces what I wrote last Monday in this post, and my sense that the extra-legal path that has been chosen by the Administration will harm our efforts to fight the war on terror in the long-run, for all of the potential short-run benefits. A story like this has the potential to tar ALL data mining and data analysis activities in the government, without making distinctions between activities based upon their security benefits, built-in privacy protections, and consistency with other legal and societal norms.

I think it’s time for the United States to have an open and honest debate about data mining and data analysis for homeland security, one that shifts the debate away from the current dynamic where scaremongering and accusations of treason are the normal mode of discourse.

A good starting point for this discussion is my former colleague Mary DeRosa’s excellent study on Data Mining and Data Analysis for Counterterrorism, published last year.

Share and Enjoy:
  • Digg
  • Reddit
  • Facebook
  • Yahoo! Buzz
  • Google Bookmarks
  • email
  • Print
  • LinkedIn

1 Comment »

Pingback by Homeland Security Watch » Blog Archive » USA Today: NSA collecting domestic telco data

May 11, 2006 @ 5:49 pm

[…] This story is a big, big deal, and the facts that it reveals are quite frankly appalling. I understand the potential value of this kind of social network analysis from a security perspective; in fact, I’ve written posts before arguing in support of certain types of data mining and data analytical tools, and I’ve been annoyed when publicly-known research projects such as Total Information Awareness have been shut down before being fully tested. I think that these tools have value when you’re starting with a known suspect or set of suspects, and then use social network analysis to develop a map of their web and patterns of relations. But I think that the security value of conducting social network analysis on the entire national telecommunications system – a set of 200+ million individuals – is marginal at best, and realistically likely to be close to zero. There’s far, far too much hay in the stack to ever find the needle and manage the false-positive problem, even with supercomputers crunching the data. It’s a bad investment in security. […]

RSS feed for comments on this post. TrackBack URI

Leave a comment

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>