Newsweek technology writer Steven Levy has an interesting column today that examines some of the technology issues related to the latest NSA flap. The article confirms what I’ve been saying in my initial two posts on the topic (and what DefenseTech similarly reported last week): that you don’t need a comprehensive call database in order to effectively conduct social network analysis:
The NSA’s historic request for the nation’s phone logs signals a desire to perform massive “traffic analysis” of calls within the U.S.â€”an examination of who calls whom, when they call and for how longâ€”to identify potential threats. This in turn is expected to be used for the kind of analysis that Krebs performed. But Krebs says you don’t need the indiscriminate volume of phone records requested by NSA in order to perform effective social network analysis. The best way to snare the bad guys is to “go bottom up,” he says, beginning with the bad guys, charting only the people in their circles and investigating from there.
Of course it’s possible that the NSA will only tread within those narrow boundaries: but if that’s so, why would our spooks need everyone’s records? By asking only for the calls of suspected terrorists and their contacts, the agency could avoid the painful (and possibly illegal) tradeoff of handing over the telephonic fingerprints of millions of innocent Americans who never get within spitting distance of a malfeasant.
I’ve been actively looking for someone to make a convincing argument about how this capability could have a significant positive impact on intelligence capabilities, and I’ve yet to hear one.