The Big Brother Complex

S

ince November, privacy advocates and media commentators have been sounding alarms, saying that the Defense Department is building a new computer system to spy on personal transactions such as credit card purchases and e-mails. Their fears are exaggerated.

At issue is a project called the Total Information Awareness (TIA) system, run by the Defense Advanced Research Projects Agency (DARPA), the research and development arm of the Pentagon that takes technologies in their prenatal stage and turns them into prototypes, usually over the course of three to four years.

The goal of the TIA system is clear, but far from simple: To predict terrorist attacks before they happen. Unfortunately, little has been published describing what the TIA system is, and more importantly, what it isn't, so that citizens can make up their minds about whether this project is advisable or even feasible.

Instead, many assumptions have been based on misguided or false information, and attention has focused more on the fact that the project is being managed by controversial Iran-contra scandal figure John Poindexter than on DARPA's historic reputation as a sponsor of scientific research. None of this anxiety has helped the debate over the proper role of technology and intelligence in homeland security.

So what is the TIA system? Contrary to recent assertions, it isn't a new computer. Rather, it's a conceptual prototype, a design for how different technological components-some already invented-might one day be integrated into a single system that would be used to predict terrorist attacks. The TIA system is also the top project in DARPA's new Information Awareness Office, which was formed in January to consolidate the numerous research and development projects the agency was already running in the areas of counterterrorism and asymmetric warfare.

The project is at least three years from completion. When it's finished, DARPA won't build anything, says Robert Popp, deputy director of the Information Awareness Office. Instead, individual agencies that might use the TIA system would have to decide how and for what purpose. And, Popp stresses, it would be up to Congress to address privacy laws governing the use and collection of data that the system might encounter.

So how would the system work? To plan and execute their attacks, Popp says, terrorists must conduct transactions-to buy supplies, purchase airline tickets, make phone calls, and so on. Those transactions leave a record. Much the same way sonar recognizes the acoustic signature of a submarine, the TIA system would use a number of technological components, as well as human analysis, to scour transaction records for patterns that might point to a terrorist scenario. As a broad example, consider the perpetrators of the Sept. 11 attacks. Some of their names were on government lists of suspected terrorists. Many of them had bank accounts and residences in the United States. If federal officials could have been alerted that some of the men were placing calls to one another, enrolling in the same flight schools and purchasing airline tickets for the same day, a proverbial red flag might have given them away.

Before those dots of information can be connected, they have to be found, and that's the first step of the TIA system. It would use a variety of technological components-such as information search-and-retrieval tools or programs that automatically translate recorded messages - to sift out related dots from the daunting volume of information held mostly in private sector databases.

No one knows yet what technologies would be included in the system or which repositories would be searched, Popp says. DARPA is considering a number of devices, some of which the military already uses. U.S.soldiers in Guantanamo Bay, Cuba, for example, use electronic translators to assist in the interrogation of suspected al Qaeda members and Taliban detainees. The device is a DARPA project, and the technology it employs might one day be used in the TIA system, Popp says.

Even if TIA develops into an integrated system, computers never will be able to determine who is or isn't a terrorist, Popp says. Rather, the unconnected dots would be given to a team of experts in terrorism from a variety of federal agencies. It would be their job to make the connections.

Popp likens this process to having many pieces of a jigsaw puzzle, but no picture on the puzzle box. The team would try to create that picture, using what they know about past terrorist events, and by challenging themselves to think unconventionally about what the data could mean.

Ultimately, analysts would narrow down their hypotheses into a few "plausible futures," Popp says-in other words, the most likely outcomes based on the data and the analysis. Then, the analysts would give their predictions to senior policy-makers-the head of the CIA or the national security adviser, for instance-who would have to make a decision about whether to act on the picture analysts had painted.

The idea that a computer could automatically make these judgments is not only incorrect, but hard to imagine. Quite simply, the government doesn't have a large cache of information on every man, woman and child in the country. Furthermore, what personal information different agencies do collect is stored in different databases, and access to it is frequently restricted by law. And today, the government isn't advanced enough to create an all-powerful computer such as the one critics of the TIA program envision.

That's not to say the government couldn't one day build a highly sophisticated system to determine people's behavior based on previous patterns; many companies have tried and failed. DARPA probably would be the best agency to undertake such an effort. But that isn't what's happening today.

Nevertheless, commentators lambasted the system, most notably New York Times columnist William Safire, who asserted that "if the Homeland Security Act is not amended before passage," the government would begin tracking people's magazine subscriptions and the pharmaceuticals they use. But there isn't a single reference to the TIA system or the Information Awareness Office in the homeland security legislation passed by Congress, and the future of DARPA isn't connected to the bill.

Popp acknowledges the validity of concerns about accessing information that is normally off limits to the government. DARPA officials are experimenting with ways to "anonymize" data that the system would use. For example, individuals' names and personal information might never be associated with credit card transactions when seen by analysts or processed by a computer. Analysts might only see a number, and the name behind it could only be accessed by senior officials under specific circumstances.

Admittedly, even protections like these won't satisfy everyone. But the TIA system is years from becoming reality, and given the intense scrutiny of DARPA's work, it's unlikely that development of the system will continue far from public view. Indeed, journalists were writing about TIA as early as last summer. Congressional hearings on the system are almost certain in the next legislative session. And in November, Sen. Charles Grassley, R-Iowa, fearing that the Pentagon was engaging in domestic law enforcement activities, asked the Defense Inspector General's Office to investigate the scope of the TIA system and to determine what protections are in place to ensure that it doesn't violate civil liberties.

It's hard to imagine that DARPA, with its history grounded in the advancement of science and research, is nefariously plotting behind the curtain to build Big Brother. And even though the effort is headed by a controversial figure, not even John Poindexter is crafty enough to get dozens of federal agencies to electronically share what scant information about terrorists they do possess. If he were, he'd be the first choice for secretary of the Homeland Security Department.

Much information about TIA is available. Popp has been talking about the system for months, to the press and at public gatherings. Anyone can read about the system on DARPA's Web site at www.darpa.mil/iao/TIASystems.htm. As work progresses, and as the debate over the project escalates, those responsible for informing the public should consult the facts, lest they be caught unaware.


NEXT STORY: The Procurement Reform Pendulum