PDA implicated in Gilligan WMD dossier probe

Notes bona fide, or fiddled?

  • alert
  • submit to reddit

Combat fraud and increase customer satisfaction

The Hutton inquiry into the death of UK MoD scientist David Kelly yesterday saw BBC reporter Andrew Gilligan in some difficulty with a PDA. The notes it contained of his fateful interview with Kelly consisted of not one copy, but two, one including the name "Campbell" and one without.

We do not propose to spend time on arguing whether or not Tony Blair's head of spin Alastair Campbell was responsible for making WMD documents racier and more terrifying, nor to we propose to consider whether it matters one way or the other.* We are however fascinated that it took a whole computer forensics specialist to say one of the files included the word "Campbell" while one did not, and intend to contribute our own forensic expertise (at no fee) to the matter.

To be fair to Edward Wilding (of, we presume, Data Genetics International, he'll have done considerably more investigation than the bit that turned out to be important yesterday, but he won't have done any textual analysis. Given that notes taken on PDAs haven't figured to any great extent in legal cases so far, it's quite possible that significant work on the analysis of this kind of document (which is by its nature different from other classes) has yet to be carried out, so until the boffins arrive, The Register feels qualified to chip in its thruppence worth.

We don't know if Gilligan had one of these roll-up keyboards for his PDA, but he did pretty well if he didn't. The notes seem to us typical of what you can achieve on a PDA using the approach of grabbing bullet points from the conversation and trying to get them down on the fly while listening out in case the next thing the subject says ought to be got down too. You get abbreviations and mistypes, and you also get stuff that meaningless and can't be rendered back into English because you switched to the next bullet point before getting enough of the last down.

There are only a couple of possible positives in the last category in Gilligan's notes, but problems of this sort tend to relate to how fast a talker you've got - slow and deliberate means higher hit rate. PDA note-takers also ought to have their own signature, little stylistic quirks that should be present in other notes they've taken, so a comparative analysis with notes Gilligan has taken in other circumstances would likely be helpful.

As regards yesterday's controversy, it's impossible to come to any conclusion from the single document published so far. It includes the word "campbell" on its own in a line, prior to the following:

"real info but unr, incl agaisnt ur wishes
not in orig draft - dull, he asked ifanything else cd go in"

These two lines are perfectly plausible as a PDA interview transcript, and although they wouldn't be impossible to falsify, it would take some care - more care, we'd submit, than exhibited by somebody who can't precisely remember how the word Campbell got into one document when it wasn't in the other. We'd read it as "real information but unreliable, included against [our?] wishes, not in original draft - [which was viewed as] dull, he asked if anything else could go in."

Unless you dispute these lines as well, then you inescapably find yourself asking who "he" is. If Dr Kelly said 'he', but neither said nor meant Campbell, who did he mean?

Gilligan's proposed explanation for the discrepancy in the documents is that he and Kelly had gone through the notes afterwards agreeing quotes that could be used, deleting some at Kelly's request and adding some in answer to further questions. This might explain the surprisingly high percentage of good stuff in the notes, but if this is the case then the earlier document, which as far as we know has not yet been published, should be markedly different, not just different by one word.

How easy is it to falsify PDA notes, and should people rely on them in the first place? This is clearly going to be an issue, post Gilligan and the PDA. It is, we submit, harder than you might think. Under scientific textual analysis (OK, we admit it, not by us) the notes should pass muster both as something the subject might plausibly have said in a way the subject might have said it, and as notes bearing the signature of the note-taker, while also including a reasonable quotient of typos you might plausibly make. The typos might appear the easiest to produce, but we suspect they may also be vulnerable to analysis. Do you know all of your own signature typos, and their frequency?

Thus, to falsify notes with any real hope of success you'd have to do something like make up quotes that were credible (ordinarily, you have here the hazard of the subject being in a position to dispute them), read them into a tape in something close to the subject's style, then type it into the PDA from the playback. Granted, for small falsifications you can confine yourself to doing this for small sections, and to making changes you reckon the subject might not be wholly confident of. People tend not to remember all they said, even be surprised when you insist they said it, but they can be pretty damn sure if you use a word that they're sure they never, ever use ("sexed-up", which is not in the notes, or "sexier", which is, may be a case in point here).

We confidently expect the journalists' trade press to fill up shortly with denunciations of PDA note-taking and calls for a return to basics in the shape of shorthand. But shorthand notes can be faked in a similar way, probably with similar difficulty, so dumping on PDAs isn't particularly rational. Given that PDAs will figure more and more in legal matters it seems to us there's going to be expert witness work for anybody caring to make a small speciality of PDA textual analysis. Buy us a beer when you get your first case. ®

Branding update: Earlier today we described Gilligan's PDA in this piece as a Palm Pilot, on the basis that this is how it is described in the Hutton Evidence list, here. We have since been assured - many times - that it is in fact a Sharp. So off the lot of you go and mass-mail Hutton as well, will you? It's only fair...

Related links:
Gilligan's notes
Inquiry home page

* Well alright we do, but only as a footnote. The Iraq dossier that was used to sell the war to British MPs was substantially racier, more imaginative and less reliable than the UK spooks would have liked, and several of them have said so. It got like this not because it just sort of happened, but because Number 10 wanted a selling document. Campbell was involved in discussions of the dossier with Joint Intelligence Committee chairman John Scarlett, and admits to "many discussions with the chairman of the JIC on presentational issues arising from the dossier and, in common with other officials, [I] made drafting suggestions as the document evolved through various drafts." He stresses, however, that Scarlett had ownership of the document and the "intelligence judgments" in the dossier were the JICs. This of course does not rule out the possibility of Downing Street asking the JIC if it happened to have more of those nice intelligence judgments. Face it, under the Campbell regime precious little of this ilk was allowed to move without his say-so, and the question of whether Kelly, Gilligan or nobody at all said "Campbell" is irrelevant. As indeed is the very narrow question of whether Campbell specifically had the '45 minute to deploy WMD claim' inserted in the dossier. The issue is the wrongness of the dossier used to sell the war, and how it got to be so, OK?

3 Big data security analytics techniques


Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.