Feeds

Automated profiling tech is crap, says Home Office

Um, does that include Project Semaphore, then?

New hybrid storage solutions

Automated passenger profiling is rubbish, the Home Office has conceded in an amusing - and we presume inadvertent - blurt. "Attempts at automated profiling have been used in trial operations [at UK ports of entry] and has proved [sic] that the systems and technology available are of limited use," says home secretary Jacqui Smith in her response to Lord Carlile's latest terror legislation review.

Furthermore, when the security services stopped trying to let the machines figure out who was a threat and went back to traditional "inituitive" stops, they were more effective. "Intelligence improved during the trials when officers reverted to the traditional intuitive methods, albeit applied in the context of intelligence provided by the security service," says Smith. "It is likely that with more effective use of intelligence, and possibly some behavioural analysis training the quality of intelligence retrieved from persons of interest will improve and the number of people stopped will decrease."

The Home Office's belated discovery that human beings acting on sound intelligence make for better policing does however raise questions about the future operation of its E-Borders programme. This is intended to track people in and out of the country, and to operate in conjunction with Advanced Passenger Data (API) and Passenger Name Records (PNR) collected via Project Semaphore. As Home Office minister Joan Ryan told Parliament in March of last year, "In January 2007 23 successes were recorded by Project Semaphore as a result of automated profiling based on passenger data."

Ryan then gave the example of a passenger who'd booked the day before, paid with cash and was due to spend just one day in the UK before a further connection. Four kilos of cocaine were found in his bags when he was stopped at Heathrow.

A Border & Immigration Agency presentation on Semaphore delivered this year in Brussels says that PNR is "used by border agencies to identify patterns and trends of behaviour and for information which can be used to support intelligence work... PNR is checked against profiles of behavioural patterns which indicate risk activity. Profiles are run to identify behaviour, not to identify individuals, and are based on evidence and intelligence."

In fairness we should point out that the BIA claims to use automated systems to produce leads which are then reviewed by real human immigration officers, but Smith's statements nevertheless indicate that attempts to place too much faith in automation have been found wanting. Given the nature of the examples given by Ryan and used in the BIA presentation, it seems likely that the machine analysis simply throws up too many false positives for it to be more of a help than a hindrance.

Carlile's report, on the other hand, indicates that the noble lord has been drinking that partuclar Kool-aid: "From my discussions with counter-terrorism police officers I know that considerable attention is being focused by the police, especially by the National Co-Ordinator of Special Branch and the National Co-Ordinator of Ports Policing, on behavioural analysis and the better use of intelligence."

Carlile, essentially, is hopeful that improvements in intelligence and intelligence handling can be used to reduce the number of intuitive stops, while Smith and her people are responding that the failure of the technology means that more intuitive stops will be more effective. Smith possibly isn't answering precisely the points Carlile makes, but this is where we came in.

Carlile feels that advanced passenger information is of vital use, but notes elsewhere in his report that there are problems in sharing information between organisations and computer systems, for legal and interoperability reasons. "Ministers should consider whether greater legal statutory clarity is required, so that useful information can be shared quickly and seamlessly. This is extremely important", he says in one of the numerous instances where he switches from the role of independently reviewing terror legislation to advocating lots more of it.

In a similar vein, he raises the entirely hypothetical threat of hijacked private aircraft being used to produce a British 9/11. "It is possible to purchase, from reputable international companies, piloted flying hours in sophisticated executive jets capable of high speed travel from continent to continent. The risk of hijacking of such aircraft is a matter of potential concern.

"Another real anxiety is the potential use of light aircraft as vehicle bombs against places of public aggregation. This is not founded on any particular intelligence, or in any operation as such. However, I know that some knowledgeable police officers and officials have ongoing concerns about the relative simplicity of terrorism conducted in this way, given the very large number of private aircraft and small airfields."

So if we paraphrase, there's no known plot or threat, the matter's of no obvious relevance to the job of reviewing terror legislation, but the cops tell me it'd be easy to hijack a plane, pack it with explosives and crash it into the Houses of Parliament. The recommended solution would not however appear to be to arrange for all transiting light aircraft to be searched. "Government and the aviation industry have a high responsibility to ensure full passenger information and effective international policing of such aircraft." Ah yes, more data, more sharing it around the world. Yum.

Lord Carlile is a Liberal peer. No, really. His most recent report and the government response can be found here. ®

Security for virtualized datacentres

More from The Register

next story
Found inside ISIS terror chap's laptop: CELINE DION tunes
REPORT: Stash of terrorist material found in Syria Dell box
Show us your Five-Eyes SECRETS says Privacy International
Refusal to disclose GCHQ canteen menus and prices triggers Euro Human Rights Court action
Radio hams can encrypt, in emergencies, says Ofcom
Consultation promises new spectrum and hints at relaxed licence conditions
Heavy VPN users are probably pirates, says BBC
And ISPs should nab 'em on our behalf
Former Bitcoin Foundation chair pleads guilty to money-laundering charge
Charlie Shrem plea deal could still get him five YEARS in chokey
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.