Programming for Wholesale Surveillance and Data Mining

AT&T has done the research:

They use high-tech data-mining algorithms to scan through the huge daily logs of every call made on the AT&T network; then they use sophisticated algorithms to analyze the connections between phone numbers: who is talking to whom? The paper literally uses the term "Guilt by Association" to describe what they're looking for: what phone numbers are in contact with other numbers that are in contact with the bad guys?

When this research was done, back in the last century, the bad guys where people who wanted to rip off AT&T by making fraudulent credit-card calls. (Remember, back in the last century, intercontinental long-distance voice communication actually cost money!) But it's easy to see how the FBI could use this to chase down anyone who talked to anyone who talked to a terrorist. Or even to a "terrorist."

Posted on October 31, 2007 at 12:03 PM • 12 Comments


Pat CahalanOctober 31, 2007 1:30 PM

"Hancock" just doesn't sound right, it doesn't have that zip or pizazz for a language optimized for this sort of purpose.


What Church Committee?October 31, 2007 2:14 PM

What the summary doesn't hammer home is that this is more than an academic exercise. Quoting the Wired blog:

"But it's of interest to THREAT LEVEL because of recent revelations that the FBI has been requesting "communities of interest" records from phone companies under the USA PATRIOT Act without a warrant. Where the bureau got the idea that phone companies collect such data has, until now, been a mystery."

Andrew (not the author)October 31, 2007 4:14 PM

# Andrew (other) Says:
October 31st, 2007 at 5:12 pm

>> Those of us who would prefer to put our heads in the sand, will likely wake up one day to a very sad reality and an extremely weak economy.

We see the threat of terrorist attack with a clear eye and a calm heart.

While acknowledging that evil people can do horrible things, we choose not to live in fear and terror and allow little people with delusions of grandeur to control our hearts and minds.

We must first have liberty, for the state of the economy to have any meaning. The freedom to think is much more important than the freedom to buy.

Consider this: the term “traitor��? was used as an epithet to describe people during the Revolutionary War. Treason remains the only crime defined in the Constitution as requiring the testimony of two witnesses to the same overt act, or confession in open court.

In the 21st century, we have allowed “terrorist��? to take the place of the 18th century “traitor.��? Labeling people as terrorists based on network analysis is like labeling people traitors based on who their friends and family are.

We also define corruption of blood and ex post facto laws as unconstitutional. This form of guilt by association smacks of both.

Tracking actual honest-to-goodness terrorists? With all that taxpayer money, you’d better.

Denying people the opportunity to work and to travel on the basis of secret government lists? Not in my Constitutional republic you don’t.

AustiniteOctober 31, 2007 6:55 PM

If their data mining algorithms are so high tech, why haven't they shared some of that expertise with the accounting and HR departments?

I bought several iPhones for the family and signed us up for AT&T wireless service. One salesman gave me a free $150 Nokia just to get a slightly larger bonus from the new non-iPhone account.

Changing area codes took three hours at AT&T store counters, and they "lost" $2,000 in deposits because these had to be transferred manually through several systems by means of various employees emailing each other. Good thing it's so hard to forge RFC822 emails!

Finally a smart store employee called the external customer support 800 number and read out my account, password, and SSN suffix from his screen, after asking me for nothing more than my phone number, and told them what changes to make.

If these same people are in charge of finding terrorists, either they have an excellent cover, or we're in serious trouble.

Super JulesOctober 31, 2007 6:57 PM

I always thought that analyzing call data (who's calling who) is a lot like google's page rank.

PageRank is really nifty. Building some sort of AI that can read pages and decide which one on a given subject is best is impossible. But ignoring the content of the page, and ranking them through an analysis of the topology of the links is easy.

In practice, though, the topology does a pretty good job of telling you which pages are best.

So it doesn't seem like that crazy of a stretch to think that looking at the shape of the graph that phone calls make could, in fact, give you useful information about the content of those calls, even though the content wasn't being analyzed.

Obviously, if someone pops up, you'd have to have a human being double check.

I have really mixed feelings about this, because I'm very much opposed to the massive wave of surveillance that's washing over us, but I'm kind of excited by this technology.

It might be that I'm totally wrong about it, though. This is not anything I have expertise in.

CJNovember 1, 2007 2:18 AM

Going OT: "(Remember, back in the last century, intercontinental long-distance voice communication actually cost money!) "

Yeah, it still does. A lot. Maybe not if you're in the US or the UK, but in other countries it's still pretty expensive. (And before anyone mentions VOIP - yes, but broadband is paid for by the Gb, and it's pretty expensive too).

Dan LinderNovember 1, 2007 8:34 AM

Hmm, "Guilt by Association" eh? I'm sure glad I'm back in High School working for the local Pizza Hut! I can only imagine the number of times that the local fast food chains get flagged as a "suspect of interest".

Of course that would also be an excellent cover tactic. Get a few bad guys working the phones and taking orders, but when another bad guy calls in their order can be coded words. The order delivery is the other half of the code.

Heck, even if the pizza guy wasn't a "bad guy", he could still be used to deliver messages this way.

(Maybe I've been reading too many trashy spy novels lately...)


DBHNovember 1, 2007 12:09 PM

IF (and I do mean if!) I was a "person of interest" to terrorist hunters, I would be tempted on this basis to open up a phone book and start making calls to random people. I could easily make 100 meaningless calls per one good one. And imagine the turmoil having the FBI go and check out each one of these potential terrorist cells. In fact, with VOIP, it is essentially free!

RobNovember 1, 2007 12:51 PM

If the ooma device ( became prevalent, this analysis would become much more difficult. It's likely no single company would have all the data available to them to connect the dots. Unless ooma keeps records of all end-points...

Bryan FeirNovember 1, 2007 4:30 PM

@Dan Linder:

There's always the old 'Domino's Effect', in which a Domino's pizza outlet in Washington D.C. claimed it could predict major shifts in foreign policy based on an increased number of pizza orders from the Pentagon...

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Resilient Systems, Inc.