NSA: The Problems with Massively Automated Domestic Surveillance

Noah, at DefenseTech, tapped Valdis Krebs for his analysis of the problems with the slowly leaked details on the NSAs domestic surveillance efforts. Valdis makes the absolutely correct observation that:

The right thing to do is to look for the best haystack, not the biggest haystack. We knew exactly which haystack to look at in the year 2000 [before the 9/11 attacks]. We just didn't do it...

To me, it's pretty clear that the people working on this program aren't as smart as they think they are. Some top level thinking indicates that this will quickly become a rat hole for federal funds (due to wasted effort) and a major source of infringement of personal freedom. Here's some detail:

• It will generate oodles of false positives. Al Qaeda is now in a phase where most domestic attacks will be generated by people not currently connected to the movement (like we saw in the London bombings). This means that in many respects they will look like you and me until they act. The large volume of false positives generated will not only be hugely inefficient, it will be a major infringement on US liberties. For example, a false positive will likely get you automatically added to a no-fly list, your boss may be visited (which will cause you to lose your job), etc.
• It will be expanded to include to monitor domestic groups other than al Qaeda. As we have already seen in numerous incidents across the US, every group that opposes the war or deals with issues in the Middle East will eventually fall under surveillance. Eventually, this will begin to bump up the political process by targeting groups that are politically active in the opposition party.
• The database and associated information will be used for purposes other than tracking groups. For example: finding who leaked a classified document to a reporter by reading the list of all calls made to that reporter (who is likely on the target list due to the subjects they cover).

Comments

Also, trying to get that much data into the system on a timely basis, then search and retrieve it quickly when needed isn't feasible. There's too much data.

This is another of the US government thinking it can solve problems with super whizz-bang technology rather than with people on the ground (i.e., the US can win Vietnam/Iraq from the air alone, monitoring communications will find bin Laden, etc.)

Posted by: Bob Morris | May 11, 2006 at 03:49 PM

A couple things to consider:

When you are using phones like sick people use tissues - place against face once, then throw away – the haystack is going to be unruly. Nature of the beast.

We don’t know how long this has been going on, we can assume 4+ years, so we don’t know that they haven’t already found the best – vice the biggest – haystack.

False positives are indeed a problem, then again, it isn’t like they’re lacking in mathematical talent.

Let’s not confuse a focused technical effort against a given target set with Airman wingnut the base policeman and his ill-conceived idea to create a database entry about the angry hippies protesting outside the base gate.

As far as the LE/CI angle goes, there is a wall between the two domains. Could it happen? Sure, with enough effort. Is nailing a leaker any less righteous than nailing a terrorist?

Posted by: Michael | May 11, 2006 at 05:30 PM

The FBI had already complained that they get thousands of false positives from the NSA and nothing of value.

NYT piece at:
http://www.commondreams.org/headlines06/0117-01.htm

Posted by: b | May 12, 2006 at 12:43 AM

Here's a response to the above:

http://www.defensetech.org/archives/002399.html

LOL. That's classic. I've heard this so many times in other similar situations. They are never going to have enough data to make this work. Next step: Internet usage, credit card records, credit reports, cell phone GPS data, etc.

Posted by: John Robb | May 12, 2006 at 06:28 AM

NSA effort produces broad results. They need Bureau to narrow things down (the rules we play by). By the very nature of the effort there are going to be false positives . . . in fact using the term "false positive" might be too generous. FBI involved in the effort are like most people who think IC is brewing bat wings and newt eyeballs. It isn't nice and clean and operating at Jack Bauer speed. You (John) know this as much as anyone.

Everyone thinks this is a binary situation. If it is not all or nothing, then let's hear some suggestions for alternatives.

Posted by: Michael | May 12, 2006 at 08:25 AM

Bob, that's just a Small Matter of Programming.

Posted by: Will Cox | May 12, 2006 at 09:34 AM

Some reactions from a mere civilian:

1. Catching a leaker is a lot LESS "righteous" than catching a terrorist. Leaking of information is often the only way vital information is released.

2. I respect mathematical approaches but have a healthy skepticism toward them. One consistent issue is these solutions to tend toward the self-referential, whether we call it collinearity or confusing between correlation and causality or data mining or survivor bias or I am sure a whole lot of far more elegant concepts.

3. Strict regimes of any sort frequently never catch those who didn't care about rules to begin with. I call it the "Good Kid Syndrome." You know, the hall monitor always gets the good kid the first time he steps out of line. The bad kids walk free. You see it in situations everywhere.

4. Once you've designed a "terrorist net," its application will expand. It will start with pedophiles and child abductors, and then we'll be off to the races. The end result will be a society with each member monitored 24/7, because the "model" is a beast that will always demand that one more category of data. Trust me, the day will come when brain scans and DNA results go into it.

Posted by: wilsonkolb | May 13, 2006 at 10:27 AM

One other point. You might think that extremely smart people wouldn't slide down those slopes. Au contraire, I say. In fact, it's the highly intelligent who are the MOST susceptible to fads and fashions, provided they are intelliectually rigorous at least on the surface.

Why? Because a very intelligent person is forever questioning the probabalistic universe. He aches for a unifying theory, especially one that only he and his peers can truly (think they) grasp.

Two very specific examples: Look at the role of "portfolio insurance" in the 1987 stock crash, and look carefully at the mathematical structure of the Nobek Prize winning "Modern Portfolio Theory." Embedded in all those elegant equations are some laughably simple fundamental flaws.

So let's not kid ourselves into think a technocratic elite is going to keep this from happening. Hell, these are the people who gave us the atomic bomb, and on that the jury is definitely still out.

Posted by: wilsonkolb | May 13, 2006 at 10:34 AM