The government begin sifting databases to find clues to terrorism in the making
Annoyed at having your shoes at airport security? Just wait. This month, the Transportation Security Administration began testing a screening program on some Delta Air Line flights that would subject passengers to a whole new level of security. Here’s the plan: Book a set, and a computer data-sifting process matches you name, address, birth date, and ticket-purchasing information again financial and commercial databases and government watch lists. The goal is to verify your identity and look for any hint of security risk. “Our system today is not as precise as it ought to be,” say s SA spokesman Robert Johnson. “We don’t want to waste more time focusing on grandmas.”
If government officials have their way, the TSA’s test is just the beginning f a new approach to security called data mining. Next year, the TRA’s system will be filly in place, coding all travellers by colour: green if they trip no alarms, yellow for further screening, or red if the system flags them as too dangerous to allow on board. Other agencies could deploy far more powerful technologies that would screen us all, to pinpoint among hundreds of millions of innocents anyone planning acts of terrorism. The technology would comb the vast amount of information – purchase records, E-mail and phone logs, and travel arrangements – that people generate in their daily lives, looking for telltale patterns such as a purchase of fertilizer, a rented truck, and a series of trips to the Middle East.
The quest has had a rock start. The Department of Defence’s Total Information Awareness (TIA) program, a five-year effort, has committed $26 million so far to develop tools for large-scale data mining. But it ran into a public-relations fiasco after Vice Ad. John Poindecter of Iran=contra fame was named o lead the project. Its Orwellian name and a logo (since dropped) showing an all-seeing eye atop a pyramid didn’t help. Congress recently voted to require the Pentagon to justify the program and seek approval before monitoring citizens. Yet politics and privacy fears have not halted the quest; TIA research is going strong, and smaller operations like TSA’s are getting underway. The true stumbling block may be technology.
It’s a delicate dual challenge: accurately spotting suspicious patterns across multiple databases while minimizing false alarms and safeguarding individual privacy. “It’s a project similar in scale to putting a man on the moon,” says Usama Fayyad, a data-mining specialist who is CEO of digiMine. “It’s going to take a national commitment, the best brains in the country, and many years to do it right,”
Scientists were among the first to apply mathematical pattern-finding tools to databases – Fayyad led a data-mining project to identify distant celestial objects called quasars amid billions of ordinary stars and galaxies. Companies also mine data on consumers, analyzing buying habits to spot potential customers and monitoring credit card or phone use to detect fraud. Computers watch, for example, for a known credit card fraud pattern: a small gasoline purchase (to see if a card is valid) followed by a much bigger charge. Or they look for a common factor in events that seem unrelated – say, a series of insurance claims in the same ZIP code.
All-knowing. TIA would apply these strategies on a gender scale. Opponents initially feared it would develop a single centralized uber-database that would contain just about every imaginable scrap of information on all citizens. In fact, say officials, the database could be a virtual one, created by linking records already gathered by companies and the government. The government routinely draws on data collected by other groups, after all. The FBI buys personal data from aggregators like ChoicePoint, which compiles information from credit reports and public records.
ChoicePoint is now expected to team up with Regulatory DataCorp, which draws on more than 20,000 sources, from news reports o criminal fugitive lists, to screen passengers to the TSA.
Data mining alarms civil libertarians, who are already attacking the TSA’s screening program as a “government blacklist.” Homeland security experts, for their part, say it would be folly to hobble such efforts. “We’re throwing out our single greatest advantage over our foes, our technological expertise,” says Paul Rosenzweig of the Heritage Foundation, a conservative think tank.
But both sides may not be losing sight of the enormous practical difficulties: the sheer volume of data to be searched and the ability to savvy terrorists to change their modus operandi to avoid detection. Says Robert Grossman of the National Centre for Data Mining at the University of Illinois-Chicago: “People aren’t willing to accept that we’ll miss some terrorists who may blow up a plane or that we’ll hurt good people” by falsely identifying them as threats.
Such mistakes are inevitable. A new study by the Consumer Federation of America and the National Credit Reporting Association found that 10 percent of credit reports contain errors in names or other identifying information – yet such reports are one of the tools the TSA will use to verify identity. TIA researchers are looking for ways to cope with database errors, and they are also seeing “privacy-enhancing technologies” that, for example, would keep data anonymous until the system uncovered a suspicious pattern.
But even if those efforts succeed, there’s the fear that the terrorists detection system itself could come under attack. Barbra Simons of the Association for Computing Machinery asks: “Is it even possible to put together a database with sensitive financial, medical, educational, communication, and travel records – without providing a new target for exploitation and attack by hackers and terrorists?” The country may soon find out.
By: Dana Hawkins
Source: U.S. News and World Report