Friday, May 12, 2006

Can the government actually do anything useful with telephone data?

Beyond the debate about whether the Government should be collecting phone record data is whether or not anything useful can come from the effort. An action can be right or wrong, independent of whether it is effective or ineffective. This post focuses on effectiveness; I'm not addressing legality.

A few years back, the idea of Total Information Awareness (TIA) was floated. The idea was shot down under the auspices of privacy, but many also felt that it was good in theory, but would yield limited practical results. This new data collection effort is a subset of what TIA aspired to do.

What the government seems to have collected from the phone companies is a lot of data around telephone calls ... Origin, destination, date/time and probably duration. This data in and of itself is not information. Information is the reduction of uncertainty that can be used in the decision making process. So what is the government doing with this data to turn it into information? The New York Times wrote, "Sen. Wayne Allard, R-Colo., said the NSA was using the data to analyze calling patterns in order to detect and track suspected terrorist activity, according to information provided to him by the White House."

I assume the government is applying a sophisticated version of Social Network Analysis to all of the data. Social Network Analysis can provide both forward looking and backward looking information. Forward looking analysis would be used to develop intelligence to disrupt a future action. Backward looking analysis would be used to identify the participants in an action that already took place. Both are useful to our intelligence and law enforcement community, but forward looking, preventive intelligence is more important to most Americans.

For Social Network analyses to be forward looking you need to put some filters around the data to isolate the networks that are useful. Without some filters it would be hard to isolate any useful patterns. I can't imagine that there would be emergent patterns in the phone data to allow identification of a home-grown attack. Yes, if there are calls to foreign countries, these would trigger suspicion, but planning for an attack would probably fit the same profile of calls that take place around planning a trip or a wedding. Some piece of information beyond just the call data is needed.

Although the government may not have received any identity information from the phone companies, this doesn't prevent it from merging identify information from other government databases with the telephone numbers to provide a rich data set. If this isn't possible, then I don't understand how the data could provide any forward looking, actionable intelligence.

No comments: