Debunking myths about the Snoopers Charter: big data in counter-terrorism

Posted on

William Binney, a former NSA technical director and whistle-blower, made headlines last week with his eye-catching claim that the UK’s draft Investigatory Powers (IP) Bill would ‘cost lives.’

Speaking to the Joint Committee considering the Bill, Binney claimed that bulk collection inevitably leaves intelligence analysts inundated with too much data. And that in counter-terrorism (CT) investigations, this would lead to key leads being missed and ultimately, the loss of life. He concluded that there was ‘no good operational case for bulk interception.’

Binney is unusual in the debate about surveillance and privacy – he is a privacy advocate who has previously done the day job of intelligence collection with distinction. As an expert witness, he has credibility.

But unfortunately in this instance, Binney’s views on the consequences of the UK’s proposed intelligence gathering approach are based on a flawed premise. And the intelligence agency he describes is based on out-dated or selectively leaked information.

Firstly, as Binney should know, there is a big difference between collection and analysis. While there is a necessary debate to be had on whether data collection constitutes surveillance, to imply that everything collected under the IP Bill will end up in an analyst’s in-tray is disingenuous.

Unsurprisingly, in the fifteen years since Binney left NSA, intelligence agencies – as has been the case in the private sector – have developed new and innovative ways to analyse and exploit big datasets.

Bulk collection won’t result in individual analysts trawling through millions of records looking for ‘the needle’, as Binney’s testimony suggests. Instead, bespoke tools allow intelligence agencies to query and filter big data in an agile way, excluding data irrelevant to a specific intelligence requirement.

Of course, intelligence analysts will still sometimes be overloaded. But this is usually a consequence of having too many targets, not too much bulk data.

Given the current CT outlook, this is likely to be a reality for the foreseeable future. And in an environment rich with targets or potential targets, intelligence agencies don’t have the time and resources necessary to conduct physical surveillance or in-depth technical coverage of all of these individuals.

Big data, supplemented with clever analytics, could allow agencies to complement this coverage, using analytics focused on proven terrorist modus operandi to reduce rather than amplify analytical workloads.

Clearly, this shouldn’t replace ongoing and in-depth analysis of existing targets. But such an approach enables analysis at scale and across a range of communication devices and methodologies.

This is surely a more effective and efficient method of discovering or re-acquiring targets than checking millions of individual records? Or Binney’s suggested alternative of ‘targeted selection’, solely relying on network analysis of the wide range of communications devices and services used by known targets.

The inconsistencies in Binney’s testimony matter because he (and others) have presented a false dichotomy between bulk data collection on the one hand and targeted technical surveillance on the other.

In modern counter-terrorism, the two serve different but complementary purposes. Like human intelligence and signals intelligence, they answer different intelligence questions in a mutually beneficial way.

So it isn’t a question of the UK making a high-level choice between different ‘INTs’ or strategies. Intelligence problems do not have one-size-fits-all solutions.

The debate that intelligence agencies and their political masters should be (and are) having is how to balance different intelligence sources and approaches from a resourcing and prioritisation perspective.

In the context of the IP Bill, will the new surveillance powers (as opposed to those avowed publically for the first time) shift the UK too far along this sliding scale in the direction of signals and communication intelligence? And will this shift reduce the effectiveness of UK intelligence and law enforcement?

This is a debate worth having. But without access to classified intelligence and an in-depth understanding of workloads and priorities across each of the agencies, outsiders – even one as well-informed as Binney – are simply speculating about the day-to-day impact that communications data collection has on analyst workloads and their effectiveness.

No one who has used big data in the modern counter-terrorism context believes it is a silver bullet, guaranteeing safety against all future threats. And few in the national security community believe that intelligence agencies should be handed a blank cheque or be allowed to operate without scrutiny.

There needs to be a broad debate about the consequences of the IP Bill, and in particular, the balance between the potential privacy impacts and the claimed security benefits.

But those questioning the privacy impacts of bulk collection should be wary of relying too heavily on Binney’s claim that big data is 99% ineffective and actively harms counter-terrorism work. Because unfortunately, it just isn’t true.

David Wells worked for UK and Australian intelligence agencies between 2005 and 2014, specialising in counter-terrorism.

Advertisements

One thought on “Debunking myths about the Snoopers Charter: big data in counter-terrorism

    […] my recent blog post on big data in counter-terrorism, I was asked to provide formal input to the Joint Committee […]

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s