TCS Daily

Too Much Information

By Pejman Yousefzadeh - November 27, 2002 12:00 AM

The Defense Advanced Research Projects Agency (DARPA), which deserves credit for having invented the Internet, is now engaged on another ambitious project-one which may very well be significantly less popular or effective.

DARPA is seeking to put flesh on the Total Information Awareness Project (TIAP), which is designed to monitor all purchases made by American citizens, keep track of every e-mail that is sent, and combine consumer information along with law enforcement and intelligence files in order to thwart terrorist activities.

As well intentioned as the project may be, it is seriously flawed, and should be scrapped outright.

First of all, someone needs to tell the good folks at DARPA about one of the most basic rules of national security planning: If you plan to protect everything, you will end up protecting nothing at all. The sheer amount of information that the TIAP seeks to cover and analyze is astonishing. Trying to keep track of the hundreds of millions of consumer transactions and e-mails that are sent each day would be more than enough to overload just about any security system. Counter-terrorist agencies would have to chase down scores of innocuous transactions and false leads to find one potential transaction, message, or piece of information that might be worthy of law enforcement's time and attention. The TIAP does not appear to be even remotely efficient enough to be able to sift through all of the transactions it promises to review and monitor, and find information about a credible terrorist plot or threat in time to be able to do anything about it.

Indeed, given the ambitious scope of the TIAP, it will not be long before terrorists figure out that the best way to defeat American counterintelligence and counter-terrorist agencies would be to overload the system with so many deliberately planted false leads, that those agencies become unable to chase them all down, and keep track of them. It would not be hard to do. A number of dummy transactions, and threatening e-mails sent from anonymous accounts, repeated often enough to further overload DARPA's new proposed security structure, would be sufficient to either fool American investigative services, to overwhelm analysts with a flood of information that they would not have the capacity or resources to deal with, or to cause counter-terrorist agencies not to take real warnings and threats seriously enough to do anything about them-with potentially catastrophic results later on.

The TIAP does not seem to take into account traditional terrorist profiles-another weakness in the plan. It promises to monitor credit card transactions, but seems to forget the fact that oftentimes-if not most of the time-terrorists and criminals will pay for transactions related to their plans with cash (so as not to leave a paper trail of credit card receipts for investigators). The TIAP promises to monitor e-mails to uncover any threats or terrorist plans, but that would do little to help investigators act on clues and threats that are spoken from one person to another (Mohammad Atta's statements foreshadowing the 9/11 attacks in a strip club, for example, would go entirely undetected even by a behemoth program like the TIAP).

Glenn Reynolds proposes a plan of citizen vigilance that would help combat a terrorist threat by encouraging everyday people like you and me to be more aware of our surroundings, and equipped to spot and notice unusual occurrences and report them to the appropriate authorities. An informed, organized, and well-motivated citizenry will be in a better position to note and act upon signs of terrorist threats than an overwhelmed and isolated government program in Washington. A vigilant citizenry will be more equipped to differentiate between innocuous occurrences and truly ominous observations-an advantage the TIAP does not appear to have.

The lack of discretion inherent in the TIAP could potentially pose a danger to civil liberties. By seeking to make a sweeping examination of the hundreds of millions of daily economic transactions and messages, the TIAP could potentially unduly insert itself into the private lives of Americans.

In fighting the war on terrorism, the federal government will surely have to revamp its counterintelligence and law enforcement measures in order to account for new threats, and in order to more efficiently and creatively process and analyze information. However, DARPA's TIAP plan is the wrong way to go about the task. Its manifold inefficiencies, its failure to take into account standard techniques and profiles of terrorists, and its overbearing nature will only serve to set back the war on terrorism, instead of advancing and constructively contributing to it.



TCS Daily Archives