Group proposes system to “connect the dots” about terrorist attacks

By Shane Harris

November 18, 2004

A Defense Department-funded think tank has designed a concept for a computer system that could help U.S. intelligence agencies identify and interpret clues of an impending terrorist attack.

The RAND Corp. of Santa Monica, Calif., on Wednesday proposed a multifaceted system of networks and electronic databases to sift through huge volumes of information-including information about people, places, events and financial transactions already obtained by the government-in order to discover the most relevant signals of a planned attack.

"An information search that could take dozens of intelligence analysts days to complete could be carried out within hours" by the system, which RAND calls Atypical Signal Analysis and Processing , said John Hollywood, the lead researcher. "This is like giving someone who is looking for a needle in a haystack an incredibly powerful magnet."

ASAP also proposes to analyze information about infrastructure, commerce and industries that directly affect the overall U.S. economy and national security. It would be applied to publicly available data, and "information describing patterns of suspicious behavior, as well as information describing patterns of 'ordinary' behavior that need not be investigated further," according to a statement from RAND.

The concept for the new intelligence system will likely strike some observers as similar to one proposed almost three years ago by the Defense Department, known as Total Information Awareness. Run by officials at the Defense Advanced Research Projects Agency, the TIA research program aimed to find technologies that could be used to help analysts predict future attacks, namely by looking for telling signals in vast quantities of electronic data.

The former head of the TIA program said the ASAP system looked familiar. "The technology required to implement the RAND proposal seems to be a subset of what was being developed by the Total Information Awareness program at DARPA," said John Poindexter, who resigned as the head of the project in August 2003.

The TIA project was dogged by controversy during its 20-month existence. Privacy rights advocates and a number of civil liberties groups equated the project to a Big Brother-like spy machine that would subject innocent Americans' e-mails, bank records and everyday transactions to government scrutiny. TIA researchers, however, were pursuing some of the most advanced privacy protection research the government had ever undertaken, and never settled on whether it would be feasible to analyze citizens' data without violating their privacy rights.

Poindexter said the RAND system needs to "address privacy protection technologies, such as were being developed under TIA, which I believe are essential for such a system."

Hollywood said that, because ASAP would be focused on data the government already maintains, or on public records, there's not as strong a need to "anonymize" data; that is, to ensure that the names associated with certain records cannot be seen by users.

According to the RAND statement, "Because privacy protection is an important consideration, the ASAP network would work with a small and restricted data set consisting solely of intelligence and homeland security information. In contrast to some plans that automatically include personal data, ASAP would search such records only if the suspicion is great enough to warrant a subpoena under current U.S. law."

TIA researchers proposed requiring a court order to reveal names and other identifying addresses behind personal data. A key part of the privacy research was to develop "privacy appliances," as Poindexter and others called them, which would strip the data of its identifying marks.

Hollywood said RAND researchers began work on the ASAP design at the end of 2002. They continued working for a year, and then for nearly 10 months the report was vetted by a variety of Defense and security agencies, Hollywood said.

He noted that officials from DARPA have reviewed the concept, though they had no hand in the design. A DARPA spokeswoman declined to comment on RAND's work.

Hollywood said he hopes Defense and security agencies, particularly the Homeland Security Department, will use the ASAP concept to further the debate on how to better "connect the dots" of terrorism intelligence. Hollywood likened that process to refining oil: As key pieces of intelligence "bubble up" over other, less relevant information, ASAP would continue to vet the salient pieces against what the government knows and has proven false about possible attack scenarios.

Hollywood acknowledged it could take years to build such a system. In the near term, he urged officials to create electronic bulletin boards, where counterterrorism agencies could post descriptions about suspicious activities or events, in the hopes of facilitating more sharing of information. Search engines should be used to match queries about activities with already reported information, he said. Also, Homeland Security officials should create and disseminate profiles about terrorist threats, including to presumed target industries such as commerce and transportation, Hollywood said.

Poindexter, who also served as Ronald Reagan's national security adviser, said ASAP could face significant opposition from Congress, much like TIA did. Lawmakers cut funding for the program shortly after Poindexter resigned.

"Since Congress killed [TIA]," Poindexter said, "I hope RAND has better luck in getting serious consideration to their proposal."


By Shane Harris

November 18, 2004

http://www.govexec.com/defense/2004/11/group-proposes-system-to-connect-the-dots-about-terrorist-attacks/18065/