Homeland Security Watch

News and analysis of critical issues in homeland security

March 30, 2010

The Open Question

The open source intelligence debate took on new meaning for me on Sunday night. Shortly after 8:00 PM a loud explosion shook houses all across the east side of Portland, Oregon. What ensued afterwards provides new insights not only into how intelligence is generated, but also illustrates some of the new challenges we face in managing the collection and analysis process.

Within minutes, more than 50 calls reporting the explosion came into the local 911 center. Police and fire units responded to investigate, but found nothing to indicate an emergency. No burning or collapsed buildings, no casualties, no obvious signs of damage or disruption were evident anywhere.

Public safety officials’ prompt response to this incident, like their response to another big boom about two weeks earlier in the same area, provided little comfort though because no one could confirm what had caused the explosion. As you might expect, this opened the to door to speculation as much as it opened the door to investigation.

Within minutes subscribers to the microblogging service Twitter had invented and agreed to use the #pdxboom hashtag to track reports. Within half-an-hour, an ad hoc collaboration started on Google Maps was tracking and color-coding these reports in an effort to locate the source of the noise. And more than 20 wiseguys had even created and logged into an event marking the occasion on the social networking site Foursquare using their wireless mobile devices.

The theories spawned by these efforts ran the gamut from the serious (an earthquake boom) to the nonsensical (unicorns fighting or a house falling on a wicked witch). But the map generated by the more serious reports painted a much more compelling picture of the event. Efforts by local officials and media outlets to isolate the source by consulting the National Weather Service, the local Air National Guard fighter wing and NORAD, the U.S. Geological Survey and various utilities likewise proved fruitless.

Yet the public remained undeterred. Hundreds of people logged in over the next several hours to record their experience of the event. Before long some patterns became evident.

The next day, aided by daylight, armed with these online contributions, information from the initial 911 reports and information gathered following the previous incident, investigators located the site of the explosion along a riverbank near downtown. Fragments of a PVC pipe bomb were also recovered.

What did we learn from this incident? Well for starters, people want to be of assistance, even in a town where the police are not currently held in very high esteem due to two recent officer-involved shootings. Second, they will seek out ways to make sense of confusing experiences, which more often than not includes sharing their personal observations and perspectives in a way that gives them meaning whether or not they produce a plausible explanation. Finally, the speed with which this process of sharing information about our common experience advances will exceed anything we saw before the dawn of the Information Age.

When we speak of intelligence we often conflate its epistemic and ontological meanings. From an epistemic perspective, intelligence involves identifying what we know, filling in gaps and discovering missing elements that will help us build a coherent picture of the situation. Interpreting this picture involves another aspect of intelligence. Ontology addresses how we synthesize data by dictating the sorts of frames we apply to create a shared sense of understanding.

Neither of these approaches alone, however, answers for us the bigger and as yet unanswered and therefore open question: “What was the intention or purpose of the person who built and detonated this device?”

We often assume that analysis and synthesis will lead us to the answers we seek to teleological (thanks Phil) — as opposed to epistemic or ontological — questions. Knowing what’s on the minds of those who seek to disrupt our lives, not in some abstract ideological or theological sense, but in the very tangible sense that links their intentions and actions, might actually help us interdict such threats before they emerge. If someone figures out a way to answer this question through crowdsourcing, we could make real progress against the threats we face.

Share and Enjoy:
  • Digg
  • Reddit
  • Facebook
  • Yahoo! Buzz
  • Google Bookmarks
  • email
  • Print
  • LinkedIn


Comment by William R. Cumming

March 31, 2010 @ 9:54 am

Manufacture or possession of pipe bombs is a violation of the criminal code of some states. The two events should also have triggered a federal bomb investigation so hoping you follow up on the details of what transpires?

Comment by Mark Chubb

March 31, 2010 @ 1:23 pm

Rest assured, Bill, the investigation continues!

Comment by John Comiskey

March 31, 2010 @ 9:01 pm

Sir Robert Peel said: the police are the people and the people are the police.
Open Source Intelligence (OSINT) likely accounts for 80%+ of all intelligence and with the exponenitial growth of the internet and particularly web 2.0 that percentage will likely increase. Law enforcement is grapling with this new resource that offers the wisdom of the crowds sprinkled with a minority of do-baders. Previously, anonymous reporting left gaps that went unfulfilled, In this instance an undetected improvised explosive device was detected and unknown harm was advereted. Bring on web 2.0!

RSS feed for comments on this post. TrackBack URI

Leave a comment

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>