TCS Daily

Totalitarian Info Awareness?

By Sonia Arrison - March 13, 2003 12:00 AM

Experts in economics and psychology know that predicting individual behavior is a difficult matter. This is something for leaders to keep in mind when considering new programs such as the Total Information Awareness (TIA) system that would compile personal information in an effort to predict terrorist activity.

One of the reasons it's difficult to predict human behavior - such as what product someone might decide to purchase next - is that its impossible to have all the information necessary to make a proper judgment as to a person's motives or goals.

To believe that it is possible to exercise this control, even with databases on steroids, is to fall prey to what Friedrich Hayek called the fatal conceit, demonstrated by the failure of central planning everywhere, particularly in the Soviet Union.

While it might sound useful in theory, centralized collection of data to predict how many shoes and shirts the nation needs is not possible. The same holds true for using centralized data to predict which people are terrorists. And most of us are aware that government programs usually have unintended consequences.

In the case of a TIA system, these consequences could be an erosion of civil liberties. Therefore, how the government uses technology to fight terror should be given careful consideration.

Some well-meaning and intelligent authors have argued in favor of allowing law enforcement to collect large amounts of data on all people in the United States in an attempt to weed out the bad guys. While everyone wants to catch terrorists, this strategy would waste valuable law enforcement time and money that should be allocated elsewhere.

A Better Way

Before resorting to the blunt - and likely useless - instrument of mass collection of citizen data, there are other methods that can be used to protect America. The strategy should include smarter defense and offence.

For instance, it was recently revealed that parts of Los Alamos National Laboratory, one of the world's most important nuclear research facilities, are guarded by only a few strands of barbed wire, which TCS columnist and Wired News reporter Noah Shachtman recently stepped over to secretly enter a supposedly restricted area.

Would a TIA system have notified the FBI of this journalist's plan? Not likely. And besides, they'd be too busy following up on all the false positives that the TIA system would produce to even attend to such a case.

To better protect America, law enforcement should take some advice from Andy Purdy, Deputy to the Vice Chair and Senior Advisor, IT Security & Privacy, for the President's Critical Infrastructure Protection Board in the White House.

At a recent conference, he told privacy and security representatives that it is time to stop focusing on who's going to commit terrorist acts and instead focus on vulnerabilities. That's good advice, and one hopes the President and Congress are listening.

Better security at critical centers like Los Alamos, water and electrical plants, and shipping areas is key in frustrating evil and destructive plans. All the TIA databases in the world won't do much good if we don't lock our doors.

In terms of offense, there's also a lot more that can be done. Chemical and biochemical sensors should be installed in all subway systems and other susceptible areas to alert law enforcement to the slightest release of unauthorized substances so that they can act quickly if there are any attacks or attempted attacks.

Another smart use of tech to fight terror would be the installation of acoustic sensors on powerlines that can detect gunfire, tell how many shots were fired, and use triangulation to pinpoint where the gun was fired from and where the bullet landed. That would do a better job of catching a terrorizing sniper than any TIA program.

If it turns out that we still need a better method of focusing on the whom, how about a type of inverted TIA system, one that targets criminals, not every Tom, Dick, and Harry? For instance, if there are known terrorists in the country, the FBI could create a computerized list that car rental agencies, airlines, and other industries could use to check customers.

If a person's name is not on the list, it shouldn't be collected, and there should be intense public scrutiny of the software used, with a verifiable audit trail of everyone who accesses the system. There should also be public scrutiny after the fact of whose names were on the list, and the program should be set up to disallow the deletion of names without a trail.

The appropriate response to terror is to make sure we deploy the tools to catch perpetrators, not to attempt the impossible task of trying to predict who they will be.

Sonia Arrison is director of the Center for Technology Studies at the California-based Pacific Research Institute.

TCS Daily Archives