Terror Profiles by Computers Are Ineffective

Bruce Schneier
Newsday, October 21, 2003

In September 2002, JetBlue Airways secretly turned over data about 1.5 million of its passengers to a company called Torch Concepts, under contract with the Department of Defense.

Torch Concepts merged this data with Social Security numbers, home addresses, income levels and automobile records that it purchased from another company, Acxiom Corp. All this was to test an automatic profiling system to automatically give each person a terrorist threat ranking.

Many JetBlue customers feel angry and betrayed that their data was shared without their consent. JetBlue's privacy policy clearly states that "the financial and personal information collected on this site is not shared with any third parties." Several lawsuits against JetBlue are pending. CAPPS II is the new system designed to profile air passengers -- a system that would eventually single out certain passengers for extra screening and other passengers who would not be permitted to fly. After this incident, Congress has delayed the entire CAPPS II air passenger profiling system pending further review.

There's a common belief -- generally mistaken -- that if we only had enough data we could pick terrorists out of crowds, and CAPPS II is just one example. In the months after 9/11, the FBI tried to collect information on people who took scuba-diving lessons. The Patriot Act gives the FBI the ability to collect information on what books people borrow from libraries.

The Total Information Awareness program was intended to be the mother of all "data-mining" programs. Renamed "Terrorism Information Awareness" after the American public learned that their personal data would be sucked into a giant computer system and searched for "patterns of terrorism," this program's funding was killed by Congress last month.

Security is always a trade-off: How much security am I getting, and what am I giving up to get it? These "data-mining" programs are not very effective. Identifiable future terrorists are rare, and innocents are common. No matter what patterns you're looking for, far more innocents will match the patterns than terrorists because innocents vastly outnumber terrorists. So many that you might as well not bother. And that assumes that you even can predict terrorist patterns. Sure, it's easy to create a pattern after the fact; if something identical to the 9/11 plot ever happens again, you can be sure we're ready. But tomorrow's attacks? That's much harder.

Even those who say that terrorists are likely to be Arab males have it wrong. Richard Reid, the shoe bomber, was British. Jose Padilla, arrested in Chicago in 2002 as a "dirty bomb" suspect, was a Hispanic-American. The Unabomber had once taught mathematics at Berkeley. Terrorists can be male or female, European, Asian, African or Middle Eastern. Even grandmothers can be tricked into carrying bombs on board. Terrorists are a surprisingly diverse group of people.

There's also the other side of the trade-off: These kinds of "data mining" and profiling systems are expensive. They are expensive financially, and they're expensive in terms of privacy and liberty. The United States is a great country because people have the freedom to live their lives free from the gaze of government. We as a people believe profiling is discriminatory and wrong.

I have an idea. Timothy McVeigh and John Allen Muhammad -- one of the accused D.C. snipers -- both served in the military. I think we need to put all U.S. ex-servicemen on a special watch list, because they obviously could be terrorists. I think we should flag them for "special screening" when they fly and think twice before allowing them to take scuba-diving lessons.

What do you think of my idea? I hope you're appalled, incensed and angry that I question the honesty and integrity of our military personnel based on the actions of just two people. That's exactly the right reaction. It's no different whether I suspect people based on military service, race, ethnicity, reading choices, scuba-diving ability or whether they're flying one way or round trip. It's profiling. It doesn't catch the few bad guys, and it causes undue hardship on the many good guys who are erroneously and repeatedly singled out. Security is always a trade-off, and in this case of "data mining" the trade-off is a lousy one.

earlier essay: Fixing intelligence
later essay: Liability Changes Everything
categories: Airline Travel, Privacy and Surveillance, Terrorism
back to Essays and Op Eds

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..