Thursday, May 11, 2006

Links and Nodes

It's one of the most effective tools for tracking terrorists and organized crime. It's called links and nodes analysis, and we've recently learned that the National Security Agency (NSA) has operated a program to support that effort, through phone company data. Predictably, the civil liberties crowd is positively atwitter.

Here's how the program works, according to media accounts. After 9-11, the NSA entered into a partnership with many of the nation's largest phone companies, including Verizon and Bell South. The companies provided information on calling patterns from millions of phone accounts; which numbers were called, how long the calls lasted, and the number of times a specific number was called from a certain phone. The effort did not include the actual monitoring of conversations by the NSA.

Obviously, this type of social network analysis, as it's sometimes referred to, can provide potential tip-offs about terrorist locations and activities. Imagine if such a program had been in place before 9-11, and indicated a flurry of activity between the hijackers and their bosses overseas. Such efforts might have allowed intelligence agencies and law enforcement to identify potential cells, possibly pre-empting the 9-11 attacks. As with the NSA program that actually monitors suspicious phone calls between the U.S. and overseas locations, there is no indication (yet) that the phone record/data mining operation violated the law.

Undeterred, Senator Arlen Specter of Pennsylvania (who must believe that there's a secret wiretap on every phone) is already promising hearings on the matter. Another Republican, Lindsey Graham of South Carolina, openly wondered how "collecting phone numbers" fits in with "finding the enemies." Give me a break.

The data mining operation fits in quite well, Senator. To win the war on terror, we need to track down the bad guys. They talk on telephones, and sometimes place multiple calls to the same number. Using that data, we can identify links and nodes in the terrorist world, allowing us to better direct our surveillance efforts, and eventually, neutralize that cell. If a number in, say, Pakistan is getting a lot of traffic from the U.S., why not monitor that number? The calls may be completely innocent, but they might provide a harbinger of planned terrorist attacks. This program is only a "threat" to Americans with Osama on their speed dial, or Zawahiri in their "friends and family" calling circle.

If the Senate is really concerned about the implications of data mining, they could do us all a big favor and start digging into Able Danger. Now there's a scandal.


Glenmore said...

I have never had any kind of security clearance, but it sounds like we have about the same understanding of this program. Here is my comment on Rantburg.
#33 What this program does (or at least can do) is create on a mega-scale a network map - something that would look like an airline route map, but with phone numbers instead of cities. You can find similar maps of server traffic. Its value is that when a 'suspect' phone number is identified one can immediately see the network of the numbers that connected with it. Let's say one of those numbers 'downstream' on that network also shows connections to another suspect number; that might constitute enough probable cause to obtain a warrant to tap a phone, or at least to identify the phone number owner for further investigation. At least it would if I was the judge. Automated, the system can do this analysis to billions of connections a day, world-wide, and identify patterns and connections worth closer investigation. It is probably the most powerful tool available to find a needle in a haystack, and does so with virtually no threat to innocent citizens. Assuming it is used in accordance with the law, opposition to it is the height of stupidity and/or political hypocracy.

The bad guys are now (actually, it came out first many months ago) on notice that the program exists, so they will certainly redirect their communication to less efficient paths. This makes it harder to catch them but it also makes it harder for them to operate. The ultimate downside will come when they actually believe the program has been stopped IF it actually IS stopped. Wheels within wheels.

Mrs. Davis said...

This is really about gutting Hayden. Notice how the uniform issue disappeared? We will get a new cowpattie flung every day until one sticks.

Senescent Wasp said...

There are two main groups who oppose Counter Intelligence activity. the first is a small, vocal minority who actually believe that the US poses the largest obstacle to "whirled peas".

The second is more mainstream and believes that any intelligence activity, which is perforce sub rosa, is suspect and incompatible with their core values. While some of this second group is "libertarian" the bulk is part of the base of the Democratic Party.

The people in the party range from those who would "tear down the CIA brick by brick" and believe that intelligence agencies are all part of a larger "conspiracy" to others who are "agin it on principle". Together, these two groups have considerable influence within the party.

The three letter agencies and their parent agencies have been very poor in getting the message out that we are in a struggle which depends largely on both the collection and CI sides. Until the American public understands this, we can expect a good deal of opposition to any effective programs and even more demagoguery.

John (Useful Fools) said...

I, like many, have been disgusted at the media portrayal of the international wiretap program as "domestic spying." I support the program and there are good reasons for presuming its legality (for example, look at how the FISA act is constrained to communications with "a reasonable expectation of privacy."

However, this traffic analysis activity is domestic. In a criminal situation it would (I believe) require "pen register" warrants to gather that information.

So I can see, for the first time, why someone might have a legitimate argument for going after NSA.

CIA is prohibited from domestic intelligence work. Is the NSA likewise constrained, or is it allowed to operate anywhere against anyone?

I think network analysis is a good idea (as is data mining) if the only use of the data is to analyze general patterns. If specific individuals are targetted, it looks a little more iffy. At that point, we are looking at a potential conflict between valid (as opposed to hysterical) civil liberties concerns and would certainly have problems if this resulted, as "glenmore" stated, in a warrant process. I must hasten to add, however, that I think the "right to privacy" so popularly invoked has been exaggerated far behyond its legitimate constitutional intent (look at Roe v. Wade for an example). When electronic signals leave your property, how much protection should they have? One could argue that this networking analysis is no more intrusive than, in early republic times, simply watching who talks to whom in public places.

Unfortunately, we have seen the otherwise good Patriot Act (terrible name) used as part of the anti-drug effort, which badly compromises a legitimate national defense measure by mixing in routine police activity. Why should we expect the NSA activity to not be similarly abused?

On the other hand, as "glenmore" correctly points out, this is a very powerful technique in the age of modern computers and with suitable controls (which may or may not be in place) should be inoffensive. Are those controls in place?

By the way, I think the correct ELINT term for this is "traffic analysis," a common practice for deducing things like organizational (usually military) structure even when the content of the communications in unavailable due to adequate encryption.

HaloJonesFan said...

I can't understand why anyone thinks that communications should be private...or that they ever were private...or that there is any kind of right to privacy.

The Constitution guarantees the right to speak as you choose. It does not protect you from the consequences of that speech. It does not allow you to specify who may and may not hear that speech.

Some people have an attitude towards privacy that can only be described as a fetish.

F15C said...

"I think network analysis is a good idea (as is data mining) if the only use of the data is to analyze general patterns. If specific individuals are targetted, it looks a little more iffy."

With all due respect, we are not under threat from 'general patterns'. There are however "specific individuals" that are planning to kill large numbers of American women, men, and children. We need our fellow Americans in law enforcement to do their earnest best stop them.

The analysis process does not target individuals on the outset, rather it begins with essentially everyone's records and eventually whittles down to a finite set of individuals that may bear further scrutiny based on the criteria used to drive the analysis. That further scrutiny may or may not reqire warrants per our system of laws.

But the intent is most definitely to find "specific individuals" that are planning to kill a lot of Americans.