UK.gov £12bn comms überdatabase 'wouldn't spot terrorists'
Influential US report says data mining ineffective
What you need to know about cloud backup
A heavyweight US investigation of counter-terror databases has concluded that the type of intelligence mining proposed by UK spy chiefs under the auspices of the Interception Modernisation Programme (IMP) probably won't catch jihadis.
The central database aspect of IMP is being discussed in secret on the basis it will "maintain capability" to examine suspects' communications activities, which in most cases are already stored by telcos. Critics charge that pooling call, mobile phone location and internet records will grant the intelligence services unprecedented powers to go on "fishing trips" for potential criminals.
But Tuesday's 352-page report by the National Academies, which advise politicians on science, engineering and medicine, says that trawling databases for "suspicious" activity generates "huge numbers of false leads".
The alleged power of such software-based intelligence techniques are the motivation behind GCHQ and MI6's ongoing Whitehall push for a central database of all UK communications data. They want to build a huge silo costing an estimated £12bn, to make it easy to track and analyse who is in contact with whom and when. The intelligence services believe that such a system could help prevent terror attacks.
According to the National Academies' report Protecting Individual Privacy in the Struggle Against Terrorists, the evidence to back their faith in data mining is weak. The report authors, a committee of senior academics, commercial and law enforcement data analysis experts wrote: "Modern data collection and analysis techniques have had remarkable success in solving information-related problems in the commercial sector; for example, they have been successfully applied to detect consumer fraud.
"But such highly automated tools and techniques cannot be easily applied to the much more difficult problem of detecting and preempting a terrorist attack, and success in doing so may not be possible at all."
Any chance of anti-terror success for an IMP-style database would depend on concerted research and development efforts, the authors argue, drawing an important distinction between mapping a suspect individual's connections and mapping connections to find suspect individuals. Very little is currently known about what patterns might indicate terrorist activity, the authors concluded, while accepting that the potential for investigating and possibly preventing attacks is attractive and should be explored with safeguards in place.
They recommend a series of checks and balances to protect individual freedoms, including independent oversight, redress for people wrongly accused by data mining operations, and a requirement to test any new systems on synthetic data before they are allowed to interrogate real world infromation. Nobody should ever be arrested on the basis of an auto-generated data mining result, the National Academies argue.
University of Cambridge security expert Richard Clayton told The Reg: "They do say that data mining can assist in investigations. If you've just seen a bomb go off, then checking who has bought lots of fertiliser in the last month, and collating that against purchases last year to filter out the farmers, might be useful in prioritising who you'd like to speak to.
"The objection to this part of IMP isn't that it would not be useful to the police; it's that the centralised database removes a lot of checks and balances in using the data."
Other technologies being suggested globally as useful for counter-terrorism operations should also be very cautiously scrutinised, the National Academies argue. Efforts at checkpoints and borders to identify suspects using technology that measure their behaviour or physiology are not ready for real world applications and have "enormous potential for privacy violations because they will inevitably force targeted individuals to explain and justify their mental and emotional states".
The probe was principally commissioned to examine the Pentagon's highly controversial Total Information Awareness programme. Similarly to IMP, it sought to pool and analyse data centrally (although defence chiefs also wanted to cross-reference credit card and medical records). The Senate imposed a moratorium on the project in 2003.
You can read the National Academies' full report here. The 31-page executive summary is here. ®
COMMENTS
How they mislead us...
into believing they will only use this for Terrorists. See how they used terrorism legislation
against Iceland to freeze their money. They had sworn that legislation would only be
used for terrorists. LIARS. See how all the Councils now use the RIPA Act to catch owners of
dogs that foul the pavement. The Government said RIPA would only be used for terrorists.
LIARS.
Do politicians ever tell the truth ?. NO.
This will bite their creators
While I agree partly with this statement
"For this privileged elite their was to be no surveillance, no interception of communications, no restraints, no culpability, and no databases profiling every aspect of their lives.".
I think it will only apply to a few like Rupert Murdoch.
The "lowly" politicians" will not be so immune. Look at the past scandals uncovered about politicians when phone taps were tricky and few had computers. Who better to dig up some dirt on then the ones with the power! Every dodgy sexual relationship, financial deal and others will be up for grabs. The media will hold onto this and when the time suits them, totally destroy their reputation. Of course the politicians will not see it until it happens - but then it will be too late.
The devil makes work for idle hands.
More terror, real terror, has been engendered in peoples lives by the prospect of losing their jobs, homes, savings, and investments, than was ever likely to be achieved by a bunch of deluded Jihadists. When you're dead, you're dead. When you are living in poverty, you're living in pain.
Thanks to the government's abdication of responsibility when it abandoned regulation and oversight of the so-called 'wealth creators' we are now at the mercy of the real terrorists who were allowed to operate unhindered within our country. For this privileged elite their was to be no surveillance, no interception of communications, no restraints, no culpability, and no databases profiling every aspect of their lives.
Having hived off the real business of government, management of the economy and the backbone infrastructure, they were left with plenty of time on their hands to concentrate on the tantalising prospect of micro-managing the lives of private citizens. For the New Labour ideologues this was the holy grail, the orgasmic wet-dream to end all others: intrusive eavesdropping, surveillance cameras, behavioural profiling, and the database state, with the added bonus that privileged stakeholders and partners could have access to the data for the purpose of further 'wealth creation'.
Was that my alarm going off or was it just the bell for round two when the Tories will be dishing out more of the same shit?
IT infrastructure monitoring strategies
Agentless Backup is Not a Myth
Steps to Take Before Choosing a Business Continuity Partner
Enabling efficient data center monitoring
Requirements Checklist for Choosing a Cloud Backup and Recovery Service Provider
