|
|
Exposé Totalitarian Information Awareness by Joe W. (Chip) Pitts III The
nightmare world of George Orwell isn't just fiction anymore, thanks to a new
program from George Bush and an old Iran-Contra
convict.
Unbeknownst to most Americans, their
liberty is being consumed by the triad of counter-terrorism programs enacted
since Sept. 11: the Patriot Act (considered in these pages in May 2002), last
fall's Homeland Security Act, and finally the "Total Information Awareness"
initiative conceived and run by former Iran-Contra felon John
Poindexter.*
| | Joe W.
(Chip) Pitts III is a Dallas-based international attorney and businessman.
|
|
Total Information Awareness (TIA) starts from the recognition that our daily
lives are monitored more than ever before. But while most of us find this at
least vaguely objectionable, TIA sees in this an opportunity to capture
terrorists. After all, those who visit Times Square in New York, or Piccadilly
Circus in London, are on camera hundreds of times per visit; even in less
concentrated environments, it's now routine that shopping malls, convenience
stores, banks, ATM machines, airports, restaurants and other merchants, and their
parking lots capture us as we carry out the transactions that constitute the
business of life. Our phone calls are made on mobile networks that include
location-monitoring technologies pinpointing where we are at any given time. Palm
Pilots, other PDAs, or laptops may inform us of the nearest Starbucks location,
but also tell the network where we are and what we want, from the news we read to
the books we order online. Satellites hover overhead, communicating constantly
with GPS sensors in our cars, trucks, boats, and handheld devices, viewing
details as minute as the license plates on our vehicles, as highway toll tags
authorize our passage and record our comings and goings. Cable television
companies monitor and record our pay-per-view transactions. Travel agencies and
our own Internet bookings track our preferences and meanderings. Doctors,
hospitals, universities, and insurance companies increasingly rely on networked,
digitized medical records. Credit and debit card terminals at grocery and video
stores, gas stations, and hotels note where and when we make our purchases, and
the digital signals sent along the financial networks determine whether we'll be
allowed to proceed with the purchases, or execute our stock trades, or not. The
IRS and other government agencies both monitor increasing amounts of such
electronic records, and create new records about us and with us, as we pay our
taxes, appear in court, or apply for driver's licenses, passports, visas, or
other government benefits using electronic means.
TIA would gather up and link all these datapoints and streams — whether
emails, phone calls, instant messages, video or audio broadcasts, records of gun
purchases, car rentals, or charitable contributions — into hundreds of
millions of virtual dossiers on each of us, then "mine" that data for patterns
resembling the patterns of terrorist activity coming from other datastreams. In
this way, TIA hopes to detect and "preempt" terrorist activity.
If you're not familiar with "data mining," think for example of Internet
search engine Google — but on steroids — or perhaps the way those
credit card companies sometimes call you because they think they've detected a
pattern of fraud in your transaction data (and recall how often they're wrong!).
Well, TIA will be the same sort of effort, but orders of magnitude broader.
While the many depredations of liberty over the past year and a half often
have been described as "Orwellian," the appellation fits none as aptly as
Poindexter's baby. TIA threatens to suck the oxygen from liberty's flame in a way
unprecedented in the history of our republic. Even George Orwell, who invented
"Big Brother" in his novel "1984," would be shocked at the pervasiveness and
ruthlessness of the intrusion that Poindexter is trying to implement.
|
| The Total Information
Awareness program would gather up all the information publicly or privately
recorded — including emails, phone calls, instant messages, video or audio
broadcasts, records of gun purchases, car rentals, and charitable contributions
— into dossiers on every American. |
|
Poindexter has now removed the logo that graced the TIA website [ed. note: defunct as of 1/25/05] during the first year or so of
its existence: the creepy, Masonic, all-seeing eye within a Pyramid, like that on
the back of a dollar bill, but emitting a ray of light (or a death beam?)
spanning the globe, and accompanied by the slogan "Scientia Est Potentia"
("Knowledge Is Power"). (The prior logo may still be viewed here.) But the ominous
connotations of those images linger despite the website's hasty cleansing.
The "Patriot" Act
The infamous "Patriot Act" gutted at least half — the most important half
— of the Bill of Rights. The all-important First Amendment's guarantees of
free expression and assembly were undercut by allowing an unprecedented degree of
government intrusion. Librarians and bookstores are now supposed to turn over
information on our reading habits, undoubtedly chilling free thought and breaking
down the foundation of free inquiry that undergirds the ability to question and
dissent from government actions. The Fourth Amendment's guarantee of freedom in
our homes and personal effects from unreasonable searches was seriously undercut
by allowing electronic surveillance (without our knowledge) of our home
computers, emails, and Internet surfing habits, and "sneak and peak" search
warrants authorizing searches of our houses without our being told.
The Fifth Amendment's guarantee of due process and the right to confront
witnesses against you means little if immigrants and even American citizens (like
Jose Padilla or Yaser Esam Hamdi) can be indefinitely held without charge, access
to lawyers, or a judicial hearing, trial, or review of any kind simply by virtue
of the government labeling them "terrorists" or "enemy combatants." The Sixth
Amendment's right to a speedy public trial apparently applies no longer. Even the
Eighth Amendment's guarantee against cruel and unusual punishment seems to be
held in little esteem, if certain reports of beatings and solitary confinement of
detainees without access to family or health care, and other reports of detainees
transferred to face torture in places like Pakistan and Egypt can be believed.
While we can be thankful that torture was openly discussed only briefly as a
legitimate policy tool, our government's new insensitivity to the delicacies of
interrogation methods strongly suggests that it cares far more about ends than
means, and about so-called results more than liberties. The Patriot Act sets the
stage for intense government focus on the activities of innocent people and
misdirects governmental resources from appropriate focus on actual terrorist
activities. At least in the Patriot Act some homage was paid to continued weak
oversight through the persistence of judicial warrant requirements in some
instances (although the process of forum shopping to find a friendly judge
renders this more a formal than a truly substantive protection). Since that time,
however, a special federal appeals court decision has obliterated most of what
was left of the wall between intelligence and law enforcement. TIA's
technological approach risks bypassing such protections completely.
The Homeland Security Act
It's ironic, to say the least, that a conservative president putatively
committed to limited government has brought into being the most massive new
bureaucracy since the various military services were brought into the Department
of Defense fifty years ago. The new Homeland Security Act, totaling about 500
pages, consolidates 22 federal agencies and about 170,000 employees, including
the Secret Service, the Immigration & Naturalization Service, the Border Patrol,
and the Coast Guard. Note that the two agencies most implicated in the
intelligence failures preceding Sept. 11, the CIA and FBI, are not included in
the agency. Though this is perhaps for very good reason (especially the
desirability of separating the different functions of these powerful agencies
from the also powerful new mega-agency), it is inexplicable that the CIA and FBI
remain essentially unaccountable for their failures.
| Even George Orwell, who
invented "Big Brother" in his novel "1984," would be shocked at the pervasiveness
and ruthlessness of the intrusion that Poindexter is trying to implement.
|
|
The biggest reorganization of government in the past fifty years may or may
not eventually enhance homeland security, but it certainly doesn't augur well for
preserving liberty. Thanks to some strong voices including outgoing Congressman
Dick Armey (R-Tex.) — now a consultant with the ACLU, along with his former
colleague Bob Barr (R-Ga.) — there are a couple of exceptions to this. The
law says that it doesn't authorize either a national identity card, or Attorney
General John Ashcroft's previously planned program to turn neighbors, utility
repairpersons, the cable guy, the postman, and citizens in general into a
"Terrorist Information and Prevention System" (TIPS). This latter was a
particularly appalling idea, reminiscent of communist and fascist neighborhood
cells reporting on neighbors, reminiscent of Pavlik Morozov, the celebrated
14-year-old Soviet martyr who was honored for being a good party member and
turning in his family to authorities.
Alas, the rest of the Homeland Security Act rides roughshod over liberty
instead of protecting it. The TIA program contemplates even greater intrusion
than the rejected identification card and TIPS programs. The new law creates a
"Homeland Security Advanced Research Projects Agency" (HSARPA), modeled after the
Defense Advanced Research Projects Agency (DARPA), which created the Internet
(sorry, Al). HSARPA is funded at the not inconsiderable taxpayer expense of $500
million annually, and, like DARPA, it will "promote revolutionary changes" in
technologies to protect the homeland. What was a separate bill approved by the
House of Representatives last summer, the Cyber Security Enhancement Act, was
added at the last minute to the Homeland Security Act. It expands the ability of
law enforcement authorities to monitor email or telephone conversations without
first obtaining a court order. It also grants Internet Service Providers (ISPs),
like AOL, Yahoo, or Earthlink, greater room to release information to any
governmental authorities if, in their eyes, there's a "good faith belief" that
there is an "immediate threat to a national security interest." These
liberalizations further loosen the "emergency" exception that had already been
provided in the Patriot Act, by removing the requirements that the disclosure be
based on a "reasonable belief" and be connected with an "immediate danger of
death or physical injury." It places the ISP in the position of distinguishing
between evidence of a real threat and (supposedly protected) free speech, with a
likely chilling effect on the latter.
Finally, the Homeland Security Act also takes further steps along the road to
a more secret government, by expanding the grounds on which TIA or other
government activities can be classified, and reducing the scope of access to
information about governmental decision-making through the Freedom of Information
Act.
The TIA Toolbox
If the Patriot Act sets forth the ideology and plans for a newly intrusive
state, and the Homeland Security Act builds the framework, Total Information
Awareness may be seen as providing the tools to make it all work.
TIA, moreover, threatens to be just as ineffective an overreaction to
legitimate concerns over prior intelligence failures as the Homeland Security
Department. But, while the Homeland Security Depart-ment's counterproductive
effects are likely to be mainly in the short-run (as culture clashes, lack of
system interoperability, and fighting for position diverts officials from vital
tasks), TIA is likely to have lasting harmful effects unless modified. TIA
remains within DARPA at present, at the vanguard of its attempt to incubate
"revolutionary" counter-terrorist technologies. According to DARPA's own
documents posted on the Electronic Privacy
Information Center website, TIA is funded at $240 million through fiscal year
2003 (despite Defense Department Undersecretary Pete Aldridge's statements on
November 20 that the amount was only $10 million per year).
| The Genysis database
would allow the government to plumb all sorts of public and private information,
from all the transactions you engage in, your observed actions, the noises you
make, and, yes, even the thoughts you think. |
|
Of course, technology is neutral, with any technology capable of good or bad
applications by the user. Some of the voice recognition, automatic translation,
and other TIA technologies being developed, like the Internet, have applications
that would be socially desirable both in the fight against terrorism and in other
private sector uses. For example, the "Babylon" project envisions, on a small and
more selective scale, something like the "universal translator" familiar to Star
Trek fans: an earpiece combined with a battle-hardened Palm Pilot-like device
allowing two-way natural language translation for soldiers in the field,
beginning with "low-population, high-terrorist-risk" languages. Given the special
difficulty of detecting and quickly responding to and reducing casualties from
bioterrorism, the Bio-Surveillance project's work on early detectors, ranging
from medical data to "animal sentinels" (operating on the "canary in a coal mine"
principle) is also most welcome. The "Genoa" project to facilitate sharing and
analysis of data, already legally available, also sounds prudent and helpful,
since the failure to predict and stop 9/11 mainly resulted from the government's
failure to do just this.
But, as with any technology, placing it in the hands of an untrustworthy or
malevolent operator (e.g. Poindexter) raises concerns. A program going by the
acronym "EARS" (Effective, Affordable, Reusable Speech-to-Text) aims at more
powerful automatic transcription, allowing the government to transcribe more
effectively large quantities of audio information — overheard conversations,
radio broadcasts, or telephone intercepts — into easily absorbed written
text. Another program would automatically extract, summarize, and translate
critical information from large quantities of foreign language speech. Still
another program, on "Evidence Extraction & Link Discovery," will automatically
search Web pages, text messages, phone calls, email, and other data sources, to
identify patterns between people that could reveal terrorist activity. "Genoa II"
will facilitate "human-machine decision collaboration" to solve complex problems
more quickly and reliably. The Human-ID-at-a-Distance program will use cameras
and biometric identifiers (e.g. recognizing you by your face, gait, and/or iris,
using visible or infrared means) to automatically spot terrorists from afar.
(DARPA had also considered but withdrew under pressure a plan to tag all Web
communications with biometric identifiers ("eDNA")).
At TIA's core is the "Genysis" project to create the
"mother-of-all-databases." The appeal of "anything, anytime, anyplace" knowledge
sounds empowering when it's the common vision (as it is) of software, media, and
communications companies, relating to individual productivity, control, and
effectiveness. The feelings it inspires when inverted to empower government
against individuals are not quite the same. God-like omniscience in the hands of
a perfect God may be a fine thing, but in the hands of imperfect humans running
already-powerful governments, the prospects of such additional power are truly
frightening in ways that the American public and lawmakers don't yet appreciate.
The long-term harm could be even more serious than the national identification
card and the TIPS informant programs outlawed in the Homeland Security Act.
There has never before been an effort to analyze data on the scale
contemplated by Poindexter's initiative. "Genysis" aims to develop an
"ultra-large, all source, omni-media, virtually centralized, information
repository database." DARPA is loathe to suggest it would be anything like the
puny commercial "databases" of today's world. (The TIA website says they use the
term "database" merely "for lack of a more descriptive term.") The contemplated
database would seem to aim at a near infinite capacity, for input of as much data
as possible about everyone. A "key metric" described in documents on DARPA's website [ed. note: defunct] is "the amount of
total information that is potentially covered." (Great fodder for "Saturday Night
Live" and other comedians, but George Orwell might warn you to stifle the laugh.)
In case you had any doubt, we're talking the BIGGEST DAMN DATABASE IN THE HISTORY
OF THE UNIVERSE. Oracle's Larry Ellison must be filling swimming pools with
saliva, drooling over this (now there's a pretty image for you).
| Hitler routinely used the
innocently created government records of the countries he invaded to determine
and eliminate groups and political opponents he didn't like.
|
|
This database ("for lack of a more descriptive term") would allow the
government to plumb all sorts of public and private information, from all the
transactions you engage in, your observed actions, the noises you make, and, yes,
even the thoughts you think, to enable the government to rapidly "detect,
classify, ID, track, understand, and preempt" terrorists. This would naturally
include the manifestations of your thoughts in the email or mail you send, other
text you write, books you check out, or websites you surf, but there actually
have been and remain government programs to read your thoughts, ranging from the
Defense Department's famous psychic weapons detection programs to "non-invasive
neuro-electric sensors" being considered for use in aviation security. You may
think I'm kidding, but check out this page. They
plan to use XML (Extensible Markup Language) or successor languages to facilitate
interoperability between all these diverse databases.
Among the disparate databases to be connected (from the TIA website) are
financial, educational, travel, medical, veterinary, transportation, housing,
government, and communications databases. These will be complemented by "novel
methods of populating the database from existing sources" (this already sounds a
bit kinky) as well as creation of "innovative new sources." (Blockbuster
soft-porn video rental records?) Again, you may think I'm joking, but I'm not:
some of the al Qaeda operatives were apparently into porn, and we know that
several visited a strip club before 9/11; this database would attempt to
extrapolate from the conjunction of such facts with, for example, immigration
entry from Saudi Arabia, telephone calls to Afghanistan, and purchases of guns or
religious books, to identify terrorists.
I wrote in these pages last year ("A Glimpse Ahead," September 2002) that the
administration's "preemption" approaches at home and abroad reminded me of the
science fiction writer Philip K. Dick's dystopian visions, rendered on the silver
screen in such memorable movies as "Blade Runner," "Total Recall," and most
recently, the Tom Cruise-Steven Spielberg collaboration, "Minority Report." One
of the TIA programs — "Wargaming the Asymmetric Environment" — really
sounds like the Pre-Crime Unit in that last movie: it would aim to "predict and
act against" terrorists based on models of past behavior in their political,
cultural, or ideological environment. In other words, mere suspicion of possible
future terrorist activity based on past activities, including
guilt-by-association, could result in present preemptive action. Again, while the
specific preemptive methods used aren't tied to the technology and haven't been
announced, one can imagine that, in the case of serious terrorist threats, the
force used could be extreme. Not that we don't need strong actions against true
terrorists: we do. But our Constitution and Bill of Rights are intended to ensure
that innocent people are not wrongly harassed and ensnared in the fight against
criminals and terrorists. As Marc Rotenberg, Executive Director of the Electronic
Privacy Information Center recently told Business Week: "TIA is not likely to be
an effective way to prohibit future terrorist acts, but it will have an enormous
impact on the government's ability to monitor things not related to terrorism."
Even if TIA's basic projects are feasible (and substantial technical
challenges persist, as further discussed below), you're right to ask yourself
whether the benefits from such unprecedented government surveillance would
outweigh the costs. The only thing scarier than the current TIA plans, which are
unlikely to work, is if the government comes up with ways to make TIA work. For,
once that occurs, the proliferation of lost liberties will continue, as pressures
build for TIA to be turned to other purposes perceived as benign, like fighting
crime, collecting taxes, or protecting the rich from the poor. In the meantime,
by encouraging excessive faith in technology and overconfident complacency, it's
highly likely that this "ultimate system" will result in even more massive
intelligence and security failures than those occurring in connection with Sept.
11.
"Trust Us"
TIA is supposed to be merely a research and development project, and in a
recent Defense Department briefing, Undersecretary Aldridge stated that the
project won't use real-life data. The website and related documents, however,
emphasize developing "useable tools" and "leave-behind prototypes" that can be
"stress-tested in operationally relevant environments," and both the website and
subsequent reports make clear that various agencies actually have and are testing
TIA technology in the field, with real data. As the New York Times reported, "a
prototype is already in place and has been used in tests by military intelligence
organizations."
| Many people agree with
Sun Microsystems CEO Scott McNealy: "You have zero privacy. Get over it."
|
|
The program architects say that they will try to "create privacy filters,
'aliasing' methods, and automated data expunging agents to protect the privacy of
U.S. citizens, and those not involved with foreign terrorists." The idea would be
that data can only be viewed in an "anonymous" fashion unless a certain
individual's activity merits closer scrutiny, at which time that individual could
be "unmasked." Undersecretary Aldridge says "we're designing this system to
ensure complete anonymity of uninvolved citizens." But note the unintended irony
in his answer to a reporter's question at his briefing last fall:
Q: I'm sorry, I don't understand one piece of this. Is this entire program
based on totally fabricated data? In other words, it's all hypothetical?
Aldridge: There's some real data that we use, but it's normal data that's
available legally. The privacy issues, those will be fabricated stuff.
Perhaps it was a normal slip of the tongue rather than a Freudian slip, but
ordinary people will take little comfort that "the privacy issues . . . will be
fabricated stuff," or that proven liar Poindexter is responsible for assuring
that such protections are built in to the system. After all, he and Ollie North
got into trouble in the first place because they failed in their attempt to
delete all copies of 5,000 Iran-Contra emails.
In addition to dispensing comfort that the system design will ensure privacy
(though, of course, any system can be hacked by someone, if only the system
designers), we're told we can rely on the Ombudsman within the TIA office (who
works for Poindexter) or the Chief Privacy Officer or Civil Liberties Officer
within the new Homeland Security Department (who works for Tom Ridge in an agency
whose mission is security, not privacy or liberty).
Here's Aldridge again:
Q: Every time they use a telephone, that call enters the database. And if it
is voice recognition, for example, then that enters the database, hypothetically,
right?
Aldridge: Hypothetically, yes.
Q: How is this not domestic
spying? I don't understand this. You have these vast databases that you're
looking for patterns in. Ordinary Americans, who aren't of Middle East origin,
are just typical, ordinary Americans, their transactions are going to be perused.
Aldridge: Okay . . . Once that technology is transported over to the law
enforcement agency . . . [w]e'll have to operate under the same legal conditions
as we do today that protects individuals' privacy when this is operated by the
law enforcement agency.
So the final bastion that Poindexter and his colleagues point to are the
privacy laws in this country — as if the protections offered by those
privacy laws were in fact extensive and effective, as if they weren't already
substantially eroded in the past year and a half by the Patriot Act then the
Homeland Security Act, as if businesses will routinely litigate or stand up to
heavy government pressure in the name of security to disclose our information,
and as if such laws aren't likely to be even further eviscerated when the next
terrorist attack happens (as it surely will). Again, I'm not as much a fan of
"Saturday Night Live" as I was in its early days, but if they haven't already
done a sketch on such a cruel joke, they should. The sad reality is that U.S.
privacy laws have never been very strong, and have recently been weakened
considerably. Consequently, some businesses will insist on a government subpoena
before complying with government requests for data, but many businesses will roll
over in the face of "national security" requests from "the government," and all
will be struggling to define the limits of their rights and responsibilities in
the current environment.
| The idea of a constant
swarm of nanobots constantly monitoring our actions raises serious questions
about technologies concentrating even more centralized power within the
Leviathan. |
|
If the privacy law argument doesn't reassure you, Poindexter, et al. have
another one up their sleeve. Invoking the mantle of technology's "neutrality,"
they assure us that it's not the technology as much as the use of the
technology that needs oversight and monitoring. And, they say, effective
oversight, e.g. by the agencies using it or by intelligence and armed services
committees of Congress, would be more than adequate to protect our lives and
liberties. But oversight by one of the agencies using the technology, especially
in an administration with as much a penchant for secrecy as this one — which
has clamped down on freedom of information act laws and continues to litigate
issues such as disclosure of the documents showing Enron's influence on our
energy policy — will not be adequate. Neither history nor human nature
afford much comfort on this score. One need not invoke Lord Acton's dictum that
power corrupts to recall that the history of data records used by defense and
intelligence services in this and other countries is replete with instances of
records manufactured for innocent purposes, then being warped to nefarious ends
by government officials. Hitler routinely used government records in the
countries he invaded to determine and eliminate groups and political opponents he
didn't like. J. Edgar Hoover, in this country, notoriously abused surveillance
and information nominally obtained for national security purposes to persecute
communists, suspected communists, anti-war activists, or merely political
opponents like Martin Luther King — all despite theoretical oversight from
other branches of government. Attorney General John Ashcroft, Presidential
spokesman Ari Fleischer, and others in the administration have already suggested
that those who disagree with them are aiding and abetting the terrorists.
Undersecretary Aldridge is quick to point out that Poindexter was merely the
father and current director of the TIA project, whose "enthusiasm" for the idea
"is why we developed and started to fund it." For a hint of Poindexter's
enthusiasm, take a look at the logo from his slide presentation describing TIA
(see page 25).
Aldridge says that Poindexter would not (necessarily) be the one using these
tools. But even if that's true, and who knows whether it will be or not, how many
other Poindexters, or Nixons for that matter, might be empowered?
In fact, throughout history, government is responsible for more atrocities and
abuses of liberty than any private group. The bottom line is that oversight has
never adequately prevented such abuses, especially when there is a real climate
of fear insulating government privacy invaders from criticism. As we all know,
once technological capabilities exist to ignore or undo safeguards, the
temptation to use the technology's full power can be overwhelming. With
Poindexter's proven mentality of "the end justifies the means," why would anyone
trust him to put adequate protections in place?
While no one would question these technologies applied only to terrorists, the
problem is that they're premised on probing all sorts of mainly innocent data
transactions, using automated computer algorithms to pick out what seem to be
patterns of terrorist activity (but could just as readily be, and would almost
always be, completely innocent interactions and relationships).
Unfortunately, many in the establishment seem to agree with the quote
attributed to Sun Microsystems CEO Scott McNealy: "You have zero privacy. Get
over it." For example, the recent, well-intentioned Markle Foundation report, constructed
by luminaries including many with whom I've worked and otherwise respect, seems
to have largely caved in on the substance of privacy issues, while paying
rhetorical homage to the need to respect privacy and liberty. The report, in
several places, praises the initiatives and approach of Poindexter's office, and
proposes guidelines for accessing public and private databases that rely on a
standard of mere "relevance" to terrorism in the eyes of government officials,
whose discretion we're again supposed to trust, and seems to assume without
question that even private databases must be open to government searches. This
would make McNealy's statement, which was really an overstatement at the time, a
reality. At least the Markle report must also be given credit for other language
preferring narrower approaches using existing information (e.g. watch lists) to
fishing expeditions aimed at gathering as much new data as possible.
| Humans are notoriously
complex animals, and unlike most consumers, terrorists know how to adapt, to fit
in and hide by behaving like innocent individuals.
|
|
"We Are Experiencing Technical Difficulties"
The technical challenges involved with TIA, especially the Genysis
centerpiece, are immense. They stem mainly from the sheer ambition of the project
and size of the planned virtual database, which compounds the impact of the data
quality and interoperability challenges that even ordinary data mining efforts
face. There will, of course, be more errors as the quantity of data input from
the U.S. and around the world is drastically expanded. Not only could real
terrorist activity be harder to detect (the old needle in a haystack problem
suddenly becoming one of a needle in an ocean of constantly flowing data); with
that much more data flowing through the system, there will likely be many more
"false positives" (innocent people erroneously labeled terrorists). To the extent
that law enforcement depends in part on legitimacy and cooperation from the
population, such a result could not only be of dubious value, but actively
counterproductive.
As an example of the sorts of errors that could occur, consider more deeply
those credit card fraud detection programs. If you're like me, and travel a lot,
you've probably received what seem to be ceaseless calls — "your card was
just used in Moscow, a day after it was used in Amarillo" — which, at least
in my experience, have never once accurately predicted fraud. This is because the
programs rely on automatic analysis of patterns of activity, and are actually
pretty rigid. Since some credit card thieves travel around, businesspeople like
me are "false positives" and have to put up with all the calls. The system never
seems to learn about and adapt to my own patterns, even though I'm a good
customer.
In addition to expected errors resulting from the automated systems doing what
they're supposed to do, unexpected problems will result from inevitable human
error, misuse, and abuse of the information. Recent examples coming to mind
include White House Political Director Karl Rove's lost slides providing
instructions on how to exploit the war for political gain, or the Navy's loss of
a dozen computers containing classified information. These accidents caused
embarrassments and are real security breaches. In addition to technical mistakes
from the errors in data quality plaguing databases of all kinds — e.g.
misspelled names, outdated addresses, unintended variations in formats for data
entry — there are common human errors stemming from incorrect
interpretations of the data. An example of this is the number of completely
innocent people that have missed funerals or pressing business when they've been
prevented from flying, because they happen to have names that are similar to
those names on the government's controversial "no-fly" list. That list itself
illustrates still another example of human error: it has overreached to include
not only known terrorists, but also peace activists and some who are guilty of
nothing more than dissent against government policies. This, in turn, goes to a
core problem with governmental infringements on privacy: they present you out of
context, often without any ability to rebut the government position with more
accurate, rich details of your own life. We become who the machines, and the
government agents interpreting their output, say we are.
| We certainly had quite a
bit of information prior to the September 11 attacks themselves that, properly
shared and analyzed, could have tipped off authorities to the planned attack.
|
|
In November of last year, an un-manned CIA Predator robotic probe "took out"
six suspected al Qaeda members in Yemen, including a U.S. citizen. No evidence
was produced, and it is unlikely any ever will be, that confirms any ties between
these individuals and al Qaeda, which was one reason some critics classify this
as an extra-judicial assassination rather than a targeted killing, legal in
wartime. Certainly, the lack of due process raises concerns, as execution is more
serious than detention without trial or mere surveillance. This is especially so
since the same approach could easily be used within the United States as well as
abroad (recall how the military was deployed to assist with the recent sniper
attacks in Washington, D.C.). Unmanned flying vehicles like the Predator are
shrinking all the time, and reportedly are already being considered for use in
the U.S. to help with border patrol and search for suspects. DARPA has already
funded programs for nanotechnology "bots" which at insect-size (and approaching
molecular size) can individually or in "swarms" monitor and wirelessly
communicate about activities, or, in the future, even come together to use
collective intelligence to deploy a weapon against foes. (Check out science
fiction writer Michael Crichton's new novel, "Prey," which, like most of his
work, is based on sound science projected a few years into the future.) Needless
to say, the idea of a constant swarm of nanobots joining the increasingly
ubiquitous net of audio and visual sensors, GPS location devices, and wireless
networks constantly monitoring our actions raises serious questions about
technologies concentrating even more centralized power within the Leviathan. The
ultimate nightmare would be automated detection technologies hooking up with
automated "preemption" technologies to have the war of machines against humans
that's at the heart of "The Matrix" films and many other science fiction
scenarios.
I expect that some people, upon learning of my concerns, will accuse me of
being a Luddite. But the charge has no basis. I've always been an "early adopter"
of technologies, am a gadget freak, and have invested in and helped to lead
several startup companies based on the sort of pattern recognition, voice
recognition, and database and data-mining technologies sought by TIA. These
technologies, which include advanced computing methods like artificial
intelligence, neural networks, genetic algorithms, and evolutionary computing,
can substitute for or provide invaluable software add-ons to the old massive
supercomputers or "big iron" previously used to analyze reams of complex data and
predict outcomes. My experiences with such technologies has taught me their huge
potential in limited contexts, mainly related to such areas as consumer
marketing, retailing, and financial services. I'm familiar with behavioral
modeling in these contexts, and the power of real-time, dynamic pattern
recognition operating on large, complex, non-linear data sets to enhance event
prediction and decision optimization (yes, we really talk like this). Frankly,
the documents on the TIA website read like a bad dot-com business plan for the
anti-terrorist boom times, strikingly similar to the many actual dot-com business
plans I've had the pleasure of reading and quite a few in which I regret to say
that I invested. (I hope Congress and American taxpayers do not make the same
mistake.)
But I'm also acutely aware of the limits to and hype associated with some of
these technologies and approaches, and the many flaws in assuming that the
technologies can be transplanted wholesale to other contexts and expected to be
used effectively against terrorism, for example. Poindexter's response would be
that the very nature of the "revolutionary" technologies pursued by TIA and DARPA
is to transcend these limits. Maybe . . . but could it be at the cost of
ultimately fomenting another American revolution? The challenges of using
technology to predict human behavior are toughest of all — even when the
humans aren't terrorists trying to outsmart you.
| Given that the
intelligence agencies already receive much more data than they know what to do
with, will the solution really be found in dramatically increasing the inflows of
that data? |
|
Humans are notoriously complex animals, and unlike most consumers, terrorists
know how to and can be expected to adapt, to fit in and hide by behaving like
innocent individuals. But while terrorists will continue to do so, the 99.9% of
innocent individuals won't evade the system so readily. Pentagon spokeswoman Jan
Walker says that "People have to move and plan before committing a terrorist act.
Our hypothesis is their planning process has a signature." Poindexter similarly
argues that terrorists leave "fingerprints" that TIA aims to detect. The problem
is that this fundamental assumption, which underlies the entire TIA project, may
simply be untrue. The U.S. experience with terrorism, particularly "global
terrorism" of the sort represented by al Qaeda, remains very thin — probably
too thin to provide a meaningful model.
A Better Way
After the appalling intelligence failures leading up to Sept. 11, the
government clearly needs to do a much better job with the information and
resources it has. And certainly the government should not be encumbered by
outdated computer systems that don't allow them to perform their essential and
legitimate functions. It's far from clear, however, that they need the expanded
powers granted them in the Patriot Act and Homeland Security Act, let alone the
TIA project. The absence of those powers wasn't the reason for the intelligence
failures, and granting the powers endangers the liberties we are supposed to be
defending in this "war on terror."
It would have been far preferable to have already had a thorough and
independent investigation of "what went wrong" prior to taking all the draconian
measures taken, and certainly would have been more conducive to pinpointing and
addressing the actual problems. Instead, the Congressional hearings on the matter
were delayed and truncated, and the independent investigative commission
belatedly established is likely to be no more than another self-justificatory,
"feel-good" measure offering merely the illusion that something meaningful is
being done.
Intelligence agencies proved themselves grossly incompetent, as they have in
other contexts, like evaluating Soviet Union strength or Saddam Hussein's nuclear
capabilities.
We certainly had quite a bit of information prior to the September 11 attacks
themselves that, properly shared and analyzed, could have tipped off authorities
to the planned attack. This included information from the CIA (never transmitted
to the FBI) about two of the hijackers who had attended U.S. flight school
(Khalid al-Midhar and Nawaf al-Hazmi) and entered the U.S. in early 2001; the
FBI's July, 2001 "Phoenix Memo" warning that bin Laden's agents might be training
in U.S. flight schools; the Minneapolis FBI's August investigation of Zaccarias
Moussaoui for suspicious flight school activities, which was never connected to
the previous bits of information; and two Arab language intercepts of al Qaeda
transmissions by the National Security Agency from the day before the attacks,
indicating "tomorrow" to be "zero day" and the day "the match begins," which were
not translated until September 12 due to the paucity of Arabic language
translators in U.S. intelligence. Republican Senator Arlen Specter of
Pennsylvania, a former prosecutor, has said that in his professional judgment
this was not merely a job of "connecting the dots," but a "virtual blueprint" for
the attacks that was more than sufficient for the intelligence agencies to have
spotted the plot.
Improving the sharing of relevant data between intelligence agencies, and
improving their abilities to "mine for gold" in the vast storehouses of data
already collected, could clearly have dramatic payoffs in preventing terrorist
attacks by focusing on important, quality data. But vastly expanding the
scope of data collected to more broadly encompass the activities of
innocent Americans or foreigners is a very different thing, worrying even Newt
Gingrich, not to mention others from across the political spectrum. Given that
the intelligence agencies already receive much more data than they know what to
do with (already exceeding each day all the printed pages in the entire
Library of Congress), will the solution really be found in dramatically
increasing the inflows of that data? This will gather in what everyone
acknowledges will be 99.99% irrelevant "noise" instead of the focused "signals"
of actual terrorist plots, and is unlikely to help combat terrorism. Rather than
exponentially increasing the problem by having TIA looking at the whole universe
of all activity by all innocent people, why not focus on terrorists, starting
with those on the watch list, i.e. those whose behavior makes them true suspects?
Since we know that several of the hijackers were on the terrorist watch list but
entered the country nonetheless, isn't it a much more urgent priority to correct
the human and technology problems that resulted in such obvious snafus? A more
targeted approach would both be more effective in combating terrorism, as well as
more protective of our liberties, particularly in this climate of expanding
executive discretion and diminishing legislative and judicial protections for
those liberties.
| Does it not occur to Bush
or the government planners that America's distinctive values, dynamism, and very
identity might be gravely harmed by these moves toward a society of such constant
surveillance and control? |
|
Citizen, vs. Government Awareness, Needed
The mind reels at the many ironies in TIA being pushed by the Bush
administration, which, as nominally conservative, supposedly believes in limited
government, private enterprise, and market-tested solutions. Instead of limited
government, TIA is the most intrusive government surveillance project in world
history. Instead of supporting the privacy and trust that underlies e-commerce,
and the magic worked by private enterprise, TIA would obliterate those values and
slap the invisible hand that's feeding it and all (or most) of us. Instead of
market-tested solutions, TIA chooses to impose radically intrusive, top-down
technological solutions assuming that government planners know best, spending
reams of taxpayer dollars to create a deceptive and vicious cycle that
legitimates those technologies without evidence and stifles dissent and
meaningful discussion and pursuit of more effective approaches. Does it not occur
to Bush or the government planners that America's distinctive values, dynamism,
and very identity might be gravely harmed by these moves toward a society of such
constant surveillance and control?
In a time of such great fear some strong security measures are inevitable,
divorced though they might be from genuine security needs or measures that would
truly enhance security. But once enacted, they tend to stay. Their impact on
culture is often not appreciated. The U.S. is distinguished by our love of
individual liberty. To thoughtlessly sweep away that liberty in an illusory quest
for more security is to undermine, in fundamental respects, who we are. And this
special American identity and culture will hardly be the last, or the only,
social cost. One can easily foresee a world in which offhand comments about
religion or politics are detected and lead to your being hauled in for
interrogation by Ashcroft or his successors. Or a world in which you're forced to
smile at home or work because if you don't, the sensors (and censors) will
pinpoint you as a malcontent who doesn't adequately appreciate this great country
of ours. George's World. (Bush or Orwell? The difference is fading.)
Why haven't more Americans protested these violations of our fundamental
freedoms? Part of the reason is simple ignorance: in a climate where even the
lawmakers passing these bills admittedly don't read them before they become law,
it is tough to expect average citizens to care much. An abstract notion like
"privacy" may seem expendable when compared to the alleged tangible
anti-terrorism benefits we derive from giving it up. But this underestimates the
importance of privacy, which means in practice the autonomy and freedom from
government interference that runs throughout all the most important provisions of
the Bill of Rights. Part of the reason is also fear, as an extraordinary sense of
new vulnerability seems to justify and even demand extraordinary actions. And
part of the reason is a pervasive but misplaced confidence that these violations
happen only to "others" and that we are not all at risk. Yet without the
procedural protections in the Bill of Rights to serve as a check on the quality
of decision-making, any of us could easily be wrongly accused without any way to
defend ourselves. If history teaches us anything, it teaches that infringements
on the liberties of the few quickly become infringements on the liberties of the
many. As Justice William O. Douglas said: "We in this country . . . early made
the choice — that the dignity and privacy of the individual were worth more
to society than an all-powerful police." Whatever technologies or approaches the
government adopts should be strenuously tested in light of our values and
liberties.
Despite all the 20th-century rhetoric about "totalitarianism," sheer
geographic size combined with technological limitations and the complexity of
unpredictable human behavior to frustrate the worst ambitions of petty tyrants,
though plenty of horrors happened along the way. 21st-century technology,
however, for the first time offers a way to transcend the previous physical
limits on surveillance by means of the already ubiquitous and ever-expanding
electronic networks monitoring our public and private activities, and the new
capabilities TIA is pursuing (like voice recognition, biometric identification,
automatic translation, and data management) that allow gleaning much more
knowledge from that surveillance information. Linking together and mining these
data sources on which we depend to communicate, do business, relax, and interact,
would make "totalitarian information awareness" a real possibility. It's clear
that in the current climate it's not safe to rely on any one branch of government
to guard our most basic liberties, but that, as always, strong dissent and
citizen action, protest, and vigorous lobbying, is the best defense. Otherwise,
like the characters in Orwell's "1984," soon we won't know whether we're watching
our televisions, computers, or even the fair blue sky or the artificial lights at
night — or whether they're watching and listening to us.
|
| * | While his conviction on five felonies (e.g. obstructing
justice, destruction of documents, lying to Congress) was later overturned on the
technicality that it relied in part on his own immunized testimony, the facts
remain that he masterminded the illegal sale of arms to Iran to fund assistance
to the Nicaraguan Contras. Both the Iranians and the Contras were considered by
our government and human rights groups to be guilty of terrorist acts. So
Poindexter — who funded terrorists and provided misinformation about it
— is now in charge of using information to fight terrorism. America —
what a country! |
BACK
| | | | | | | | | | |
|
