Thu Dec 22, 2005

A Word from the Nerds

John “Hannibal” Stokes at Ars Technica has some interesting speculation on what the new technology behind the NSA wiretap abuse scandal might be. Because he knows a lot about computers, he’s also in a position to explain to the likes of Richard Posner one of the (several) things that’s wrong with computer-automated mass surveillance:

Just imagine, for a moment, that 0.1% of all the calls that go through this system score hits. Now let’s suppose the system processes 2 million calls a day. That’s still 2,000 calls a day that the feds will want to eavesdrop on—a very high number, and still much higher than any courts could possibly oversee. Furthermore, only a miniscule fraction of the overall total of 2 million calls per day on only a few days of each month will contain any information of genuine interest to the feds…

… Here’s where the real problem with this scheme lies: the odds that a particular terrorist’s phone call will rate enough hits to sound an alarm are not primarily dependent on factors that we have control over, like the amount of processing power and brain power that we throw at the task, but on factors that we have no control over, like how good that terrorist is at hiding the content of his communication from the feds. …

As the TSA, with its strip-searching of people’s elderly grandparents, abundantly proves every holiday season, blunt instruments and scorched earth tactics are of dubious value in catching genuine bad actors. … All you need to beat such surveillance tools is patience and know-how. This is true for face recognition, it’s true for biometrics, it’s true for RFID, and it’s true for every other high-volume automated technique for catching bad guys. …

Targeted human intelligence has always been and will always be the best way to sort the sharks from the guppies … Government money invested in much less intrusive and much less defense contractor-friendly programs like training more Arabists and developing more “human assets” in the field will be orders of magnitude more effective than mass surveillance could ever be. … any engineer or computer scientist worth his or her salt will tell you that an intelligent, targeted, low-tech approach beats a brute-force high-tech approach every time.

There is no high-tech substitute for human intelligence gathering. … In the end, brute force security techniques are not only corrosive to democratic values but they’re also bad for national security. They waste massive resources that could be spent more effectively elsewhere, and they give governments and countries a false sense of security that a savvy enemy can exploit to devastating effect.

In short: don’t be seduced by technology. Computers are extremely powerful tools, but this isn’t the movies. Think of the last time you had to deal with the confluence of state bureaucracy and computer-based record-keeping—at the DMV, say, or at tax time, or at the local University’s Registrar’s office. Did it strike you as a ruthlessly efficient, accurate, and purpose-driven system?