 |
|
All counterterrorism programs that collect and mine data should be evaluated for effectiveness
October 08, 2008All counterterrorism programs that collect and mine data should be evaluated for effectiveness, privacy impacts; Congress should consider new privacy safeguards
WASHINGTON - All U.S. agencies with counterterrorism programs that collect or "mine" personal data -- such as phone, medical, and travel records or Web sites visited -- should be required to systematically evaluate the programs' effectiveness, lawfulness, and impacts on privacy, says a new report from the National Research Council. Both classified and unclassified programs should be evaluated before they are set in motion and regularly thereafter for as long as they are in use, says the report. It offers a framework agencies can use to assess programs, including existing ones.
The report also says that Congress should re-examine existing law to assess how privacy can be protected in such programs, and should consider restricting how personal data are used. And it recommends that any individuals harmed by violations of privacy be given a meaningful form of redress.
"The danger of terror attacks on the U.S. is real and serious, and we should use the information technologies at our disposal to combat this threat," said William Perry, co-chair of the committee that wrote the report, former U.S. secretary of defense, and Michael and Barbara Berberian Professor at Stanford University. "However, the threat does not justify government activities that violate the law, or fundamental changes in the level of privacy protection to which Americans are entitled."
At the request of the U.S. Department of Homeland Security and the National Science Foundation, the report examines the technical effectiveness and privacy impacts of data-mining and behavioral surveillance techniques. Each time a person makes a telephone call, uses a credit card, pays taxes, or takes a trip, he or she leaves digital tracks, records that often end up in massive corporate or government databases. Through formal or informal agreements, government has access to much of the data owned by private-sector companies. Agencies use sophisticated techniques to mine some of these databases -- searching for information on particular suspects, and looking for unusual patterns of activity that may indicate a terrorist network.
The Reality of a Serious Terrorist Threat
The terrorist threat to the United States is all too real, the committee said. Terrorist acts are possible that could inflict enormous damage on the nation. Such acts could cause, and have caused, major casualties as well as severe economic and social disruption.
The most serious threat today comes from terrorist groups that are international in scope; these groups use the Internet to recruit, train, and plan operations and use public channels to communicate. Intercepting and analyzing these information streams might provide important clues about the nature of the threat they pose, the report says. Key clues might also be found in commercial and government databases that record a wide range of information about individuals, organizations, and their behavior. But successfully identifying signs of terrorist activity in these masses of data is extremely difficult, the committee said.
Pattern-Seeking Data-Mining Methods Are of Limited Usefulness
Routine forms of data mining can provide important assistance in the fight against terrorism by expanding and speeding traditional investigative work, the report says. For example, investigators can quickly search multiple databases to learn who has transferred money to or communicated with a suspect. More generally, if analysts have a historical basis for believing a certain pattern of activity is linked to terrorism, then mining for similar patterns may generate useful investigative leads.
Far more problematic are automated data-mining techniques that search databases for unusual patterns of activity not already known to be associated with terrorists, the report says. Although these methods have been useful in the private sector for spotting consumer fraud, they are less helpful for counterterrorism precisely because so little is known about what patterns indicate terrorist activity; as a result, they are likely to generate huge numbers of false leads. Such techniques might, however, have some value as secondary components of a counterterrorism system to assist human analysts. Actions such as arrest, search, or denial of rights should never be taken solely on the basis of an automated data-mining result, the report adds.
The committee also examined behavioral surveillance techniques, which try to identify terrorists by observing behavior or measuring physiological states. There is no scientific consensus on whether these techniques are ready for use at all in counterterrorism, the report says; at most they should be used for preliminary screening, to identify those who merit follow-up investigation. Further, they have enormous potential for privacy violations because they will inevitably force targeted individuals to explain and justify their mental and emotional states.
Oversight Needed to Protect Privacy, Prevent "Mission Creep"
Collecting and examining data to try to identify terrorists inevitably involves privacy violations, since even well-managed programs necessarily result in some "false positives" where innocent people are flagged as possible threats, and their personal information is examined. A mix of policy and technical safeguards could minimize these intrusions, the report says. Indeed, reducing the number of false positives also improves programs' effectiveness by focusing attention and resources on genuine threats.
Policymakers should consider establishing restrictions on the use of data, the committee said. Although some laws limit what types of data the government may collect, there are few legal limits on how agencies can use already-collected data, including those gathered by private companies. An agency could obtain and mine a database of financial records for counterterrorism purposes, for example, and then decide to use it for an entirely different purpose, such as uncovering tax evaders. Restrictions on use can help ensure that programs stay focused on the particular problems they were designed to address, and guard against unauthorized or unconsidered expansion of government surveillance power.
Poor-quality data are a major concern in protecting privacy because inaccuracies may cause data-mining algorithms to identify innocent people as threats, the report says. Linking data sources together tends to compound the problem; current literature suggests that a "mosaic" of data assembled from multiple databases is likely to be error-prone. Analysts and officials should be aware of this tendency toward errors and the consequent likelihood of false positives.
All information-based programs should be accompanied by robust, independent oversight to ensure that privacy safeguards are not bypassed in daily operations, the report says. Systems should log who accesses data, thus leaving a trail that can itself be mined to monitor for abuse.
The report notes that another area ripe for congressional action is legislation to clarify private-sector rights, responsibilities, and liability in turning over data to the government -- areas that are currently unclear. Although the committee did not recommend specific content for this legislation, it noted that private companies should not be held liable simply for complying with government requirements to turn over data.
A Framework to Assess Effectiveness, Privacy Impacts
The report offers two sets of criteria and questions to help agencies and policymakers evaluate data-based counterterrorism programs. One set is designed to determine whether a program is likely to be effective. For example, a system should be tested with a data set of adequate size to see if it will work when used on a large scale, and should be resistant to countermeasures. A second set of criteria assesses likely privacy impacts and helps ensure that, if implemented, the program protects privacy as much as possible. Each program should operate with the least amount of personal data consistent with its objective, for instance, and should have a process in place for the reporting and redress of privacy harms due to false positives.
These evaluations should involve independent experts, and the results should be made available to the broadest audience possible, the report says. Evaluations may result in a program being modified or even cancelled, it notes.
"We hope this framework will help agencies and policymakers determine whether new programs are likely to be effective and consistent with our nation's laws and values and continually improve programs in operation," said Charles Vest, committee co-chair and president of the National Academy of Engineering. "Decisions to use or continue programs need to be based on criteria more stringent than 'it's better than doing nothing.'"
The report was sponsored by the U.S. Department of Homeland Security and the National Science Foundation. The National Academy of Sciences, National Academy of Engineering, Institute of Medicine, and National Research Council make up the National Academies. They are private, nonprofit institutions that provide science, technology, and health policy advice under a congressional charter. The Research Council is the principal operating agency of the National Academy of Sciences and the National Academy of Engineering. A committee roster follows.
National Academy of Sciences
"The danger of terror attacks on the U.S. is real and serious, and we should use the information technologies at our disposal to combat this threat," said William Perry, co-chair of the committee that wrote the report, former U.S. secretary of defense, and Michael and Barbara Berberian Professor at Stanford University. "However, the threat does not justify government activities that violate the law, or fundamental changes in the level of privacy protection to which Americans are entitled."
At the request of the U.S. Department of Homeland Security and the National Science Foundation, the report examines the technical effectiveness and privacy impacts of data-mining and behavioral surveillance techniques. Each time a person makes a telephone call, uses a credit card, pays taxes, or takes a trip, he or she leaves digital tracks, records that often end up in massive corporate or government databases. Through formal or informal agreements, government has access to much of the data owned by private-sector companies. Agencies use sophisticated techniques to mine some of these databases -- searching for information on particular suspects, and looking for unusual patterns of activity that may indicate a terrorist network.
The Reality of a Serious Terrorist Threat
The terrorist threat to the United States is all too real, the committee said. Terrorist acts are possible that could inflict enormous damage on the nation. Such acts could cause, and have caused, major casualties as well as severe economic and social disruption.
The most serious threat today comes from terrorist groups that are international in scope; these groups use the Internet to recruit, train, and plan operations and use public channels to communicate. Intercepting and analyzing these information streams might provide important clues about the nature of the threat they pose, the report says. Key clues might also be found in commercial and government databases that record a wide range of information about individuals, organizations, and their behavior. But successfully identifying signs of terrorist activity in these masses of data is extremely difficult, the committee said.
Pattern-Seeking Data-Mining Methods Are of Limited Usefulness
Routine forms of data mining can provide important assistance in the fight against terrorism by expanding and speeding traditional investigative work, the report says. For example, investigators can quickly search multiple databases to learn who has transferred money to or communicated with a suspect. More generally, if analysts have a historical basis for believing a certain pattern of activity is linked to terrorism, then mining for similar patterns may generate useful investigative leads.
Far more problematic are automated data-mining techniques that search databases for unusual patterns of activity not already known to be associated with terrorists, the report says. Although these methods have been useful in the private sector for spotting consumer fraud, they are less helpful for counterterrorism precisely because so little is known about what patterns indicate terrorist activity; as a result, they are likely to generate huge numbers of false leads. Such techniques might, however, have some value as secondary components of a counterterrorism system to assist human analysts. Actions such as arrest, search, or denial of rights should never be taken solely on the basis of an automated data-mining result, the report adds.
The committee also examined behavioral surveillance techniques, which try to identify terrorists by observing behavior or measuring physiological states. There is no scientific consensus on whether these techniques are ready for use at all in counterterrorism, the report says; at most they should be used for preliminary screening, to identify those who merit follow-up investigation. Further, they have enormous potential for privacy violations because they will inevitably force targeted individuals to explain and justify their mental and emotional states.
Oversight Needed to Protect Privacy, Prevent "Mission Creep"
Collecting and examining data to try to identify terrorists inevitably involves privacy violations, since even well-managed programs necessarily result in some "false positives" where innocent people are flagged as possible threats, and their personal information is examined. A mix of policy and technical safeguards could minimize these intrusions, the report says. Indeed, reducing the number of false positives also improves programs' effectiveness by focusing attention and resources on genuine threats.
Policymakers should consider establishing restrictions on the use of data, the committee said. Although some laws limit what types of data the government may collect, there are few legal limits on how agencies can use already-collected data, including those gathered by private companies. An agency could obtain and mine a database of financial records for counterterrorism purposes, for example, and then decide to use it for an entirely different purpose, such as uncovering tax evaders. Restrictions on use can help ensure that programs stay focused on the particular problems they were designed to address, and guard against unauthorized or unconsidered expansion of government surveillance power.
Poor-quality data are a major concern in protecting privacy because inaccuracies may cause data-mining algorithms to identify innocent people as threats, the report says. Linking data sources together tends to compound the problem; current literature suggests that a "mosaic" of data assembled from multiple databases is likely to be error-prone. Analysts and officials should be aware of this tendency toward errors and the consequent likelihood of false positives.
All information-based programs should be accompanied by robust, independent oversight to ensure that privacy safeguards are not bypassed in daily operations, the report says. Systems should log who accesses data, thus leaving a trail that can itself be mined to monitor for abuse.
The report notes that another area ripe for congressional action is legislation to clarify private-sector rights, responsibilities, and liability in turning over data to the government -- areas that are currently unclear. Although the committee did not recommend specific content for this legislation, it noted that private companies should not be held liable simply for complying with government requirements to turn over data.
A Framework to Assess Effectiveness, Privacy Impacts
The report offers two sets of criteria and questions to help agencies and policymakers evaluate data-based counterterrorism programs. One set is designed to determine whether a program is likely to be effective. For example, a system should be tested with a data set of adequate size to see if it will work when used on a large scale, and should be resistant to countermeasures. A second set of criteria assesses likely privacy impacts and helps ensure that, if implemented, the program protects privacy as much as possible. Each program should operate with the least amount of personal data consistent with its objective, for instance, and should have a process in place for the reporting and redress of privacy harms due to false positives.
These evaluations should involve independent experts, and the results should be made available to the broadest audience possible, the report says. Evaluations may result in a program being modified or even cancelled, it notes.
"We hope this framework will help agencies and policymakers determine whether new programs are likely to be effective and consistent with our nation's laws and values and continually improve programs in operation," said Charles Vest, committee co-chair and president of the National Academy of Engineering. "Decisions to use or continue programs need to be based on criteria more stringent than 'it's better than doing nothing.'"
The report was sponsored by the U.S. Department of Homeland Security and the National Science Foundation. The National Academy of Sciences, National Academy of Engineering, Institute of Medicine, and National Research Council make up the National Academies. They are private, nonprofit institutions that provide science, technology, and health policy advice under a congressional charter. The Research Council is the principal operating agency of the National Academy of Sciences and the National Academy of Engineering. A committee roster follows.
National Academy of Sciences
Terrorism: What the next president will face
On the seventh anniversary of the September 11th attacks, what is the nature of the terrorist threat against the United States and other nations of the world and how should the next President address that threat upon taking office in January 2009?
Security from chaos
There's safety (and security) in numbers - especially when those numbers are random. That's the lesson learned from a DHS-sponsored research project out of the University of Southern California (USC).
Tropical medicine: a brittle tool of the new imperialism (p 1087)
This week's Lancet editorial is strongly critical of the way that tropical medicine remains structured on outdated colonial lines and calls for the discipline to 'resist contemporary imperialistic forces that hide under the folded veils of counterterrorism and corporate colonialism'. THE LANCET charges tropical medicine with rewriting its history to suggest that it is 'an emblem of social enlightenment, individual sacrifice, and scientific altruism', whereas it has instead 'accepted prevailing policies of colonialism, militarism, and violence'. Tropical medicine has been living through a 'century of shame'. The editorial reflects on the contemporary problems that tropical medicine has to fac
More Counterterrorism Current Events and Counterterrorism News Articles
 |
Ghost: Confessions of a Counterterrorism Agent by Fred Burton (Author) For decades, Fred Burton, a key figure in international counterterrorism and domestic spycraft, has secretly been on the front lines in the fight to keep Americans safe around the world. Now, in this hard-hitting memoir, Burton emerges from the shadows to reveal who he is, what he has accomplished, and the threats that lurk unseen except by an experienced, world-wise few. In the mid-eighties, the idea of defending Americans against terrorism was still new. But a trio of suicide bombings in Beirut–including one that killed 241 marines and forced our exit from Lebanon–had changed the mindset and mission of the Diplomatic Security Service (DSS), the arm of the State Department that protects U.S. embassy officials across the globe. Burton, a member of DSS’s tiny but elite... |
 |
The Counterterrorism Handbook: Tactics, Procedures, and Techniques, Third Edition (Practical Aspects of Criminal and Forensic Investigations) by Frank Bolz Jr. (Author), Kenneth J. Dudonis (Author), David P. Schulz (Author) On September 11, 2001, the world was put on notice: terrorism can strike anytime…anywhere…anyone. You are told to go about your daily life - but to be vigilant of your surroundings. You are told that trying to do a cursory profile on potential terrorists is futile because their commonality goes deeper than the surface. With this in mind, what do you look for in a potential situation, how do you prepare, how do you protect? Written by experts who have years of experience in the field, The Counterterrorism Handbook: Tactics, Procedures, and Techniques, Third Edition is an invaluable resource for those who recognize that preparation is the best defense in the War on Terror. Revised and expanded to reflect information obtained since the September 11th attacks, this latest edition... |
 |
The Counterterrorism Handbook: Tactics, Procedures, and Techniques, Second Edition by Frank Bolz Jr. (Author), Kenneth J. Dudonis (Author), David P. Schulz (Author) The only way to deal effectively with terrorism is to have a thorough understanding of its present-day characteristics. Who is involved and what weapons and tactics are they likely to use? The players on the counterterrorism team need to take stock of what is in their tool kits; what works and what doesn't work; and what new capabilities need to be developed in order to face not only today's terrorist, but tomorrow's as well.The Counterterrorism Handbook: Tactics, Procedures, and Techniques lays out a comprehensive strategy of how to deal with an entire range of possible terrorist incidents in a language friendly to first responders, policymakers, and security personnel. It covers everything from bombings and hostage-taking, to nuclear terrorism and what needs to be done before, during,... |
 |
Human Intelligence, Counterterrorism, and National Leadership: A Practical Guide by Gary Berntsen (Author), Seth G. Jones (Foreword) The next president of the United States faces innumerable complex problems, from a possible prolonged recession to climate change. An immediate difficulty for the president will be the global conflict between the West and Islamic jihadists and state sponsors of terrorism. The creation of the Department of Homeland Security and the recommendations of the 9/11 Commission notwithstanding, the administration needs to be armed and ready to tackle much more in the areas of intelligence and counterterrorism. The president can and must assume a hands-on, informed leadership role if the United States wants to make progress in the war on terror. Gary Berntsen has written this book as a guide for an incoming president and White House staff so that they may master current human intelligence... |
|
International Association for Counterterrorism & Security Pr by Intl Assn Counterterrorism & | |
 |
Terrorism and Counterterrorism: Understanding the New Security Environment, Readings and Interpretations (Textbook) by Brigadier General USA (Ret),Russell Howard (Author), Major USA,Reid Sawyer (Author), Natasha Bajema (Author) In this new edition of TERRORISM AND COUNTERTERRORISM: UNDERSTANDING THE NEW SECURITY ENVIRONMENT, READINGS AND INTERPRETATIONS, Brigadier General (Retired) Russell Howard, Major Reid Sawyer and Natasha Bajema have collected original and previously published seminal articles and essays by political scientists, government officials, and members of the nation’s armed forces. The editors and several of the authors write from practical field experience in the nation’s war on terrorism. Others have had significant responsibility for planning government policy and responses. The contributors include a majority of the significant names in the field including John Arquilla, Richard Betts, Martha Crenshaw, Rohan Gunaratna, Bruce Hoffman and Paul Pillar. Part One of the book analyzes the... |
 |
2008 Global Conference: Terrorism and Counterterrorism: Public and Private Responses The 2008 Milken Institute Global Conference convened a panel of experienced security experts to analyze the greatest threats to the United States. This riveting discussion ranged from the dangers posted by fraudulent travel documents to whether becoming a walled-off "security society" is sustainable over the long term. Just how serious is the threat of a nuclear or biological attack? Is the United States ready to respond in the event of a catastrophe? Just how effective are U.S. efforts to thwart terrorism? This product is manufactured on demand using DVD-R recordable media. Amazon.com's standard return policy will apply. |
 |
Fundamentals of Counterterrorism by Amos N. Guiora (Author) <p> <b>Fundamentals of Counterterrorism</b> addresses the multiple issues surrounding counterterrorism from a legal and policy perspective with a comparative international focus. This concise paperback is the perfect complement to courses that address International Law, International Criminal Law, National Security, Constitutional Law, Criminal Law, or Military Studies. </p> <p> Author <b>Amos N. Guiora</b> writes and lectures extensively on counterterrorism, global perspectives of counterterrorism, terror financing, and international law and morality in armed conflict. Having served in senior positions for 19 years in the Israel Defense Forces Judge Advocate General’s Corps, <b>Guiora</b> is frequently quoted as an expert in his field... |
 |
Brotherhood of Warriors: Behind Enemy Lines with a Commando in One of the World's Most Elite Counterterrorism Units by Aaron Cohen (Author), Douglas Century (Author) At the age of eighteen, Aaron Cohen left Beverly Hills to prove himself in the crucible of the armed forces. He was determined to be a part of Israel's most elite security cadre, akin to the American Green Berets and Navy SEALs. After fifteen months of grueling training designed to break down each individual man and to rebuild him as a warrior, Cohen was offered the only post a non-Israeli can hold in the special forces. In 1996 he joined a top-secret, highly controversial unit that dispatches operatives disguised as Arabs into the Palestinian-controlled West Bank to abduct terrorist leaders and bring them to Israel for interrogation and trial. Between 1996 and 1998, Aaron Cohen would learn Hebrew and Arabic; become an expert in urban counterterror warfare, the martial art of... |
 |
Games of Chance Also With: Carol Flint (Producer), Shawn Ryan (Producer), David Mamet (Producer) |
| © 2009 BrightSurf.com |