Security guru Bruce Schneier offers his analysis of the government’s use of data mining in fighting the boundless “war on terror.” He finds that such a system – even if ridiculously accurate according to today’s standards – would still produce over 2700 false-positive leads per day that would have to be investigated by law enforcement. Considering the waste of law enforcement resources, the low probability of actual useful leads such a system would produce and the cost to Americans in privacy and liberty, he concludes that such an effort is a raw deal.
In the post 9/11 world, there’s much focus on connecting the dots. Many believe that data mining is the crystal ball that will enable us to uncover future terrorist plots. But even in the most wildly optimistic projections, data mining isn’t tenable for that purpose. We’re not trading privacy for security; we’re giving up privacy and getting no security in return.
Essentially, Schneier sees the problem as one of putting the cart before the horse.
Finding terrorism plots is not a problem that lends itself to data mining. It’s a needle-in-a-haystack problem, and throwing more hay on the pile doesn’t make that problem any easier. We’d be far better off putting people in charge of investigating potential plots and letting them direct the computers, instead of putting the computers in charge and letting them decide who should be investigated.
A very intriguing conclusion. I anticipate it will be summarily disregarded by our government. When reading the article, don’t ignore the comments from readers either as many raise important counterpoints to Schneier’s hypothesis.
Read the article at Schneier’s blog.