Sunday, June 9, 2013

From Big Brother to Big Data

Today’s events can spread ripples that influence the far future, but the future can also cast a shadow on the present.  The full meaning of today’s news may be revealed only in retrospect, as foreshadowings of a future we can barely imagine in advance.

I’m thinking of the revelations of the past week concerning the collection and analysis of massive amounts of digital data, the records of our communications, transactions and travels, by the National Security Administration.  They have been parsing all our phone calls (although not the content), as well as every available database maintained by social media, financial institutions and other businesses with electronic data storage.  They were attempting to gain access to Dropbox and may well have accessed other cloud backup services.

There are two interesting questions that, as far as I know, haven’t been asked yet.  The first is obvious: what are they looking for, exactly?  We see vague references to “terrorists”, but that is a slippery term.  First, there are many potentially violent people out there.  Some have connections to radical Islamist groups.  Some adhere to other apocalyptic religions or ideologies.  Some are just crazy.  Are all such threats targeted in this dragnet or only some?  Which?  And what constitutes a threat?  What about radical environmentalists who want to physically obstruct a project they oppose?  Organizers of some future Occupy-type movement? Hackers who try to breach security walls?  Whistleblowers like the ones the Obama administration is so determined to identify and punish?  Who are they trying to find?

The second is deeper and, well, more paranoid.  Some time ago I mentioned in this blog that, by all appearance, killing by profile was becoming an established military tactic.  Targets for bomb attacks, including but not limited to armed drones, were being selected on the basis of statistical profiles.  Given the number of individuals at a particular location, their age and gender, the time of day, whether there was a pattern to their meeting and so on, a decision would be made to blow them up.  It was not necessary to have information on their precise identities or human confirmation of their military activities.  A simple statistical likelihood was sufficient cause.  In the years that have passed the suspicion that profiling was being employed for target selection has become a near certainty.

Indeed, profiling is apparently being used by the security apparatus in other contexts.  It is likely that individuals are being placed on lists that trigger heightened scrutiny at airports or prevent them from flying altogether on the basis of profiling.  Visa applications may receive differential treatment on the basis of statistical models.  For a long time it has been known that the IRS uses profiling to identify which tax returns it wants to audit, although there is supposed to be a wall between their data resources and those of other government agencies.  (How much do you want to bet that there aren’t big holes in this wall?)

So the second question is, to what extent do the profiling activities of NSA and other agencies interface with the profiling models employed to take action against individuals—to restrict, punish or kill them?  The current discussion seems to be based on the assumption that the profiles constructed by intelligence agencies will be used only as an aid to traditional surveillance and investigation.  NSA tells the FBI, watch these guys: they may be dangerous.  Or they tell them, here are several suspects for this crime you should follow up on.  That sounds only a tiny bit Orwellian, nothing to be too concerned about.  But what if that traditional human layer is bypassed, and the profiled data go directly into a profiled action?  Someone is detained at an airport for 18 hours or is subjected to a cyberattack or is assassinated in a country accused of harboring potential terrorists because their factors loaded too strongly?

And this is the shadow of the future falling on us today.  The technology for taking action against individuals automatically via statistical modeling will only become less expensive and more effective over time.  The case for implementing these technologies will be overwhelming, since they will work.  The rest of us will adapt: we will be careful who we communicate with, where and when we travel, what we buy.  We will make sure our factor score remains well below the critical threshold.  Indeed, most people in Europe and North America will not have to worry; their risk of being positively identified will be negligible.  The result will be a modern, clean totalitarianism, with no visible enforcers and lots of space for daily life to go on as usual.


Sandwichman said...

Connecting the dots about connecting the dots...

James said...

It's the National Security Agency, not the National Security Administration.

benslin kard said...

While many enterprises are addressing the storage and access challenges around the volume, variety and velocity of big data. Big Data trainings