Feeds

Automated profiling tech is crap, says Home Office

Um, does that include Project Semaphore, then?

The Power of One Infographic

Automated passenger profiling is rubbish, the Home Office has conceded in an amusing - and we presume inadvertent - blurt. "Attempts at automated profiling have been used in trial operations [at UK ports of entry] and has proved [sic] that the systems and technology available are of limited use," says home secretary Jacqui Smith in her response to Lord Carlile's latest terror legislation review.

Furthermore, when the security services stopped trying to let the machines figure out who was a threat and went back to traditional "inituitive" stops, they were more effective. "Intelligence improved during the trials when officers reverted to the traditional intuitive methods, albeit applied in the context of intelligence provided by the security service," says Smith. "It is likely that with more effective use of intelligence, and possibly some behavioural analysis training the quality of intelligence retrieved from persons of interest will improve and the number of people stopped will decrease."

The Home Office's belated discovery that human beings acting on sound intelligence make for better policing does however raise questions about the future operation of its E-Borders programme. This is intended to track people in and out of the country, and to operate in conjunction with Advanced Passenger Data (API) and Passenger Name Records (PNR) collected via Project Semaphore. As Home Office minister Joan Ryan told Parliament in March of last year, "In January 2007 23 successes were recorded by Project Semaphore as a result of automated profiling based on passenger data."

Ryan then gave the example of a passenger who'd booked the day before, paid with cash and was due to spend just one day in the UK before a further connection. Four kilos of cocaine were found in his bags when he was stopped at Heathrow.

A Border & Immigration Agency presentation on Semaphore delivered this year in Brussels says that PNR is "used by border agencies to identify patterns and trends of behaviour and for information which can be used to support intelligence work... PNR is checked against profiles of behavioural patterns which indicate risk activity. Profiles are run to identify behaviour, not to identify individuals, and are based on evidence and intelligence."

In fairness we should point out that the BIA claims to use automated systems to produce leads which are then reviewed by real human immigration officers, but Smith's statements nevertheless indicate that attempts to place too much faith in automation have been found wanting. Given the nature of the examples given by Ryan and used in the BIA presentation, it seems likely that the machine analysis simply throws up too many false positives for it to be more of a help than a hindrance.

Carlile's report, on the other hand, indicates that the noble lord has been drinking that partuclar Kool-aid: "From my discussions with counter-terrorism police officers I know that considerable attention is being focused by the police, especially by the National Co-Ordinator of Special Branch and the National Co-Ordinator of Ports Policing, on behavioural analysis and the better use of intelligence."

Carlile, essentially, is hopeful that improvements in intelligence and intelligence handling can be used to reduce the number of intuitive stops, while Smith and her people are responding that the failure of the technology means that more intuitive stops will be more effective. Smith possibly isn't answering precisely the points Carlile makes, but this is where we came in.

Carlile feels that advanced passenger information is of vital use, but notes elsewhere in his report that there are problems in sharing information between organisations and computer systems, for legal and interoperability reasons. "Ministers should consider whether greater legal statutory clarity is required, so that useful information can be shared quickly and seamlessly. This is extremely important", he says in one of the numerous instances where he switches from the role of independently reviewing terror legislation to advocating lots more of it.

In a similar vein, he raises the entirely hypothetical threat of hijacked private aircraft being used to produce a British 9/11. "It is possible to purchase, from reputable international companies, piloted flying hours in sophisticated executive jets capable of high speed travel from continent to continent. The risk of hijacking of such aircraft is a matter of potential concern.

"Another real anxiety is the potential use of light aircraft as vehicle bombs against places of public aggregation. This is not founded on any particular intelligence, or in any operation as such. However, I know that some knowledgeable police officers and officials have ongoing concerns about the relative simplicity of terrorism conducted in this way, given the very large number of private aircraft and small airfields."

So if we paraphrase, there's no known plot or threat, the matter's of no obvious relevance to the job of reviewing terror legislation, but the cops tell me it'd be easy to hijack a plane, pack it with explosives and crash it into the Houses of Parliament. The recommended solution would not however appear to be to arrange for all transiting light aircraft to be searched. "Government and the aviation industry have a high responsibility to ensure full passenger information and effective international policing of such aircraft." Ah yes, more data, more sharing it around the world. Yum.

Lord Carlile is a Liberal peer. No, really. His most recent report and the government response can be found here. ®

Boost IT visibility and business value

More from The Register

next story
Yorkshire cops fail to grasp principle behind BT Fon Wi-Fi network
'Prevent people that are passing by to hook up to your network', pleads plod
UK government officially adopts Open Document Format
Microsoft insurgency fails, earns snarky remark from UK digital services head
Major problems beset UK ISP filth filters: But it's OK, nobody uses them
It's almost as though pr0n was actually rather popular
HP, Microsoft prove it again: Big Business doesn't create jobs
SMEs get lip service - what they need is dinner at the Club
ITC: Seagate and LSI can infringe Realtek patents because Realtek isn't in the US
Land of the (get off scot) free, when it's a foreign owner
MPs wave through Blighty's 'EMERGENCY' surveillance laws
Only 49 politcos voted against DRIP bill
Help yourself to anyone's photos FOR FREE, suggests UK.gov
Copyright law reforms will keep m'learned friends busy
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.