Mining data to nab terrorists: fair?

Digital minutiae could be used to track terror networks, but it could produce false positives.

After all, it's the same information that has long been available to authorities armed with a subpoena, though not sought en masse until after the 9/11 terror attacks. Its value, say computer experts and others, is that it can be used to identify a "social network" of interconnected people - including, perhaps, would-be terrorists.

Readers Vote (Having trouble? Click here) Disclaimer

Get all the Monitor's headlines by e-mail. Subscribe for free.

E-mail a friend Print this Letter to the Editor Republish E-mail newsletters RSS

"From phone records you can learn who are my friends - and who their friends are - what services I use, where I shop," says Johannes Gehrke, a computer scientist at Cornell University who has written search algorithms for government analysis programs. "Our social interactions leave a digital trail. [Phone-record analysis] is government learning about human behavior from analyzing that trail."

Moreover, they assert, phone records are just one part of a much larger government effort to analyze the digital minutiae of American life in the hope of uncovering terrorist networks buried within it. Potentially invasive, such counterterror activity aims to build databases that can be cross-referenced in the hope of matching patterns, relationships, and activities that bear investigating, experts say.

"You should presume that phone numbers are being collated with Internet records, credit-card records, everything," says Bruce Schneier, a security technologist with Counterpane Internet Security in Mountain View, Calif.

Cross-indexing phone records can reveal a social profile of friends and acquaintances and a geographic profile. Each individual in that chain might then be cross-indexed against his or her retail purchases, credit history, e-mail, medical records, airline reservations, Social Security number, fingerprints - anything that can be digitized and stored in databases, and assuming that the government has access to them. Such activity is potentially invasive, many experts acknowledge, but will it work?

"In the commercial and consumer world, data mining has seemed quite successful," says George Cybenko, an engineering professor at Dartmouth College. "We don't have that many new technologies in our repertoire to address this new terrorist threat. So we have to explore them."

Others argue that this "social network analysis" - the computer data-mining technique rapidly gaining ground in intelligence and law-enforcement circles - carries legal and practical risks. As the effort gains momentum, it may collide with law, invade Americans' privacy, undermine civil liberties, or grow to such an enormous size that it may actually make finding terrorists harder by producing too many "false positives," some say.

A USA Today report last week indicated that the National Security Agency is well along that technological path. Using data from phone company computers, the NSA has been building a gargantuan database containing the detailed calling histories of most Americans, the report said.

The idea is for computer algorithms to identify digital calling patterns that authorities would expect a terrorist might follow.

While congressmen of both parties fumed last week, President Bush defended government surveillance activity in general, saying it "strictly targets Al Qaeda and its known affiliates." Americans' privacy is being "fiercely protected," he said.

Assurances of privacy protection

Contacted by the Monitor, the NSA did not offer a response to specific questions about its role as described by the USA Today report.

"Given the nature of the work we do, it would be irresponsible to comment on actual or alleged operational issues; therefore, we have no information to provide," NSA spokesman Don Weber wrote in an e-mail. "However, it is important to note that NSA takes its legal responsibilities seriously and operates within the law."

Data mining as a counterterrorism tool has grown enormously in recent years, according to the Government Accountability Office.

"Don't think of all these records as separate things," says Mr. Schneier of Counterpane Internet Security. "If analysis tools are being used across this collection, it's really just one big sea of data being analyzed and crosschecked."

In the weeks after 9/11, Valdis Krebs scoured news reports and the Internet for tidbits about the hijackers, plugging their meetings, travels, and relationships into a computer program he had created. At last, it spit out a chart detailing the terrorists' links to one another.

It revealed, for instance, that two of the 9/11 hijackers - Nawaf Alhazmi and Khalid Almihdhar - were at the center of a spider web linking those accused of bombing the USS Cole in 2000.

Story continued on Page 2

SOURCE: USED WITH PERMISSION OF VALDIS KREBS, ORGNET.COM; RICH CLABAUGH - STAFF

Story continued on Page 2