Many Tools of Big Brother Are Up and Running

[InfoSec News <isn () c4i org>]

http://www.nytimes.com/2002/12/23/technology/23PEEK.html

December 23, 2002
By JOHN MARKOFF and JOHN SCHWARTZ

In the Pentagon research effort to detect terrorism by electronically
monitoring the civilian population, the most remarkable detail may be
this: Most of the pieces of the system are already in place.

Because of the inroads the Internet and other digital network
technologies have made into everyday life over the last decade, it is
increasingly possible to amass Big Brother-like surveillance powers
through Little Brother means. The basic components include everyday
digital technologies like e-mail, online shopping and travel booking,
A.T.M. systems, cellphone networks, electronic toll-collection systems
and credit-card payment terminals.

In essence, the Pentagon's main job would be to spin strands of
software technology that would weave these sources of data into a vast
electronic dragnet.

Technologists say the types of computerized data sifting and pattern
matching that might flag suspicious activities to government agencies
and coordinate their surveillance are not much different from programs
already in use by private companies. Such programs spot unusual credit
card activity, for example, or let people at multiple locations
collaborate on a project.

The civilian population, in other words, has willingly embraced the
technical prerequisites for a national surveillance system that
Pentagon planners are calling Total Information Awareness. The
development has a certain historical resonance because it was the
Pentagon's research agency that in the 1960's financed the technology
that led directly to the modern Internet. Now the same agency - the
Defense Advanced Research Projects Agency, or Darpa - is relying on
commercial technology that has evolved from the network it pioneered.

The first generation of the Internet - called the Arpanet - consisted
of electronic mail and file transfer software that connected people to
people. The second generation connected people to databases and other
information via the World Wide Web. Now a new generation of software
connects computers directly to computers.

And that is the key to the Total Information Awareness project, which
is overseen by John M. Poindexter, the former national security
adviser under President Ronald Reagan. Dr. Poindexter was convicted in
1990 of a felony for his role in the Iran-contra affair, but that
conviction was overturned by a federal appeals court because he had
been granted immunity for his testimony before Congress about the
case.

Although Dr. Poindexter's system has come under widespread criticism
from Congress and civil liberties groups, a prototype is already in
place and has been used in tests by military intelligence
organizations.

Total Information Awareness could link for the first time such
different electronic sources as video feeds from airport surveillance
cameras, credit card transactions, airline reservations and telephone
calling records. The data would be filtered through software that
would constantly look for suspicious patterns of behavior.

The idea is for law enforcement or intelligence agencies to be alerted
immediately to patterns in otherwise unremarkable sets of data that
might indicate threats, allowing rapid reviews by human analysts. For
example, a cluster of foreign visitors who all took flying lessons in
separate parts of the country might not attract attention. Nor would
it necessarily raise red flags if all those people reserved airline
tickets for the same day. But a system that could detect both sets of
actions might raise suspicions.

Some computer scientists wonder whether the system can work. "This
wouldn't have been possible without the modern Internet, and even now
it's a daunting task," said Dorothy Denning, a professor in the
Department of Defense Analysis at the Naval Postgraduate School in
Monterey, Calif. Part of the challenge, she said, is knowing what to
look for. "Do we really know enough about the precursors to terrorist
activity?" she said. "I don't think we're there yet."

The early version of the Total Information Awareness system employs a
commercial software collaboration program called Groove. It was
developed in 2000 by Ray Ozzie, a well-known software designer who is
the inventor of Lotus Notes. Groove makes it possible for analysts at
many different government agencies to share intelligence data
instantly, and it links specialized programs that are designed to look
for patterns of suspicious behavior.

Total Information Awareness also takes advantage of a simple and
fundamental software technology called Extended Markup Language, or
XML, that is at the heart of the third generation of Internet
software. It was created by software designers at companies like
Microsoft, Sun Microsystems and I.B.M., as well as independent Silicon
Valley programmers.

The markup language allows data that has long been locked in isolated
databases, known in the industry as silos, to be translated into a
kind of universal language that can be read and used by many different
systems. Information made compatible in this way can be shared among
thousands, or even hundreds of thousands, of computers in ways that
all of them can understand.

It is XML, a refinement of the Internet's original World Wide Web
scheme, that has made it possible to consider welding thousands of
databases together without centralizing the information. Computer
scientists said that without such new third-generation Web
technologies, it would have never been possible to conceive of the
Total Information Awareness system, which is intended to ferret out
the suspicious intentions of a handful of potential terrorists from
the humdrum everyday electronic comings and goings of millions of
average Americans.

Civil libertarians have questioned whether the government has the
legal or constitutional grounds to conduct such electronic searches.
And other critics have called it an outlandishly futuristic and
ultimately unworkable scheme on technical grounds.

But on the latter point, technologists disagree. "It's well grounded
in the best current theory about scalable systems," said Ramano Rao,
chief technology officer at Inxight, a Sunnyvale, Calif., company that
develops text-searching software. "It uses all the right buzzwords."

People close to the Pentagon's research program said Dr. Poindexter
was acutely aware of the power and the invasiveness of his
experimental surveillance system. In private conversations this
summer, according to several Department of Defense contractors, he
raised the possibility that the control of the Total Information
Awareness system should be placed under the jurisdiction of an
independent, nongovernmental organization like the Red Cross because
of the potential for abuse.

Dr. Poindexter declined to be interviewed for this article. A Darpa
spokeswoman, Jan Walker, wrote in an e-mail reply to questions that
"we don't recall ever talking about" having a nongovernmental
organization operate the Total Information Awareness program and that
"we've not held any discussions with" such an organization.

The idea of using an independent organization to control a technology
that has a high potential for abuse has been raised by previous
administrations. An abortive plan to create a backdoor surveillance
capability in encrypted communications, known as Clipper, was
introduced by the Clinton administration in 1993. It called for keys
to the code to be held by an organization independent of the F.B.I.
and other law enforcement agencies.

Speaking of Dr. Poindexter, John Arquilla, an expert at the Naval
Postgraduate School in Monterey on unconventional warfare, said, "The
admiral is very concerned about the tension between security and civil
liberties." He added that because of the changing nature of warfare
and the threat of terrorism, the United States would be forced to make
trade-offs between individuals' privacy and national security.

"In an age of terror wars, we have to learn the middle path to craft
the security we need without incurring too great a cost on our civil
liberties," he said.

Computer scientists who work with Darpa said that Dr. Poindexter was
an enthusiastic backer of a Darpa-sponsored advisory group that had
been initiated by a Microsoft researcher, Eric Horvitz, in October
2001 in the wake of the Sept. 11 terrorist attacks.

The group, which was composed of 41 computer scientists, policy
experts and government officials, met three times to explore whether
it was possible to employ sophisticated data-mining technologies
against potential terrorist attacks while protecting individuals'
privacy.

A number of the scientists proposed "black box" surveillance systems
that would alert human intelligence analysts about suspicious
patterns. Once the alerts were issued in such a system, they
suggested, legal processes like those used for wiretapping could be
employed.

But a number of the scientists and policy experts who attended the
meetings were skeptical that technical safeguards would be adequate to
ensure that such a system would not be abused.

The debate is a healthy one, said Don Upson, who is senior vice
president of the government business unit of a software company in
Fairfax, Va., webMethods, and the former secretary of technology for
Virginia.

"I'm glad Darpa is doing this because somebody has to start defining
what the rules are going to be" about how and when to use data, he
said. "I believe we're headed down the path of setting the parameters
of how we're going to use information."



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.