If the opposing sides in the mass surveillance debate agree on anything, it is the analogy that best describes the job of intelligence agencies. From Edward Snowden to UK Home Secretary Theresa May, the case for and against bulk communications data (particularly in counter-terrorism) rests on the best way to find ‘a needle in a haystack’.
As someone with recent experience using bulk communications data to identify and disrupt terrorists, I’ve always been struck by the gap between this analogy and the reality of my former day job.
Firstly, the similarities. Terrorists are usually extremely difficult to find. And the global nature of the terrorist threat means that you are searching for them across a large area.
But the analogy suggests a laborious, repetitive and unskilled process; an individual manually wading through a stack of hay to find a tiny needle. Using traditional methods – as a 2014 conceptual art performance demonstrated – this is extremely time consuming.
Yet in 2016, there are smarter, more efficient ways of completing this task. Faced with one or a number of haystacks containing one or a number of needles, I could hire a metal detector on my smartphone. Or outsource the job via Airtasker.
As I’ve argued previously, not only is the process radically different, the nature of the search is also entirely different. A metal detector might find other metallic objects within the haystacks, but once the needle is located, your job is complete. There is no nuance, little uncertainty about the items you recover, and no ongoing requirement to continue to search through the stack.
Why does an analogy matter in the context of the mass surveillance debate? Because as with most analogies, the aim is to make a complex issue easily understandable. And in mis-characterising the work of intelligence agencies, the analogy skews the debate in favour of those arguing that ‘mass surveillance’ is not just invasive but ineffective.
A good example of how this works is this piece by Colleen Rowley, a former FBI agent and whistleblower. She concludes, “if you’re looking for a needle in a haystack, how does it help to add hay?”’
If that was the task in front of intelligence agencies, the logic is difficult to argue with. And following similar logic to Rowley, many use this argument to suggest that bulk data collection makes terrorist activity more difficult to spot and prevent.
Yet it isn’t clear to me what the needle or the haystack are in this context. Is the needle:
- the identity of a terrorist or potential terrorist;
- the communications activity of the terrorist or potential terrorist;
- or actionable intelligence on their terrorist activity (who/what/when/where/how)?
In reality, the answer should be all of the above. But unfortunately, unlike needles, intelligence targets aren’t static. They rarely operate or exist in isolation. And they use multiple communications devices and services, each of which route and secure data in different ways and different locations.
Conceptually, this is critical. 99% of the time, the answer to your intelligence question will not sit in one haystack/data source. Good intelligence and good counter-terrorism requires the use of all available intelligence sources to locate and fit together the different pieces of the puzzle. And most importantly, doing so before something goes bang.
Turning to ‘the haystack’ then, this appears to refer to all data currently collected by 5 EYES intelligence agencies. Critics can (somehow) say that it contains all potential needles. Yet the intelligence agencies are seeking additional data that either doesn’t contain needles, or is unlikely to contain any needles in future. And will make their search even more difficult.
This argument is largely based on retrospective analysis of a number of major terrorist attacks, including 9/11, Paris, and the failed ‘underpants bomber’. In that much-abused phrase, the attackers were ‘known to authorities’. Actionable leads weren’t followed up, dots weren’t joined and mistakes were made. Why would any intelligence agency want to add more data when they’re apparently unable to cope with existing volumes?
Here’s where the logic gets fuzzy. As every analyst knows, correlation does not imply causality.
Yes, terrorist attacks occurred on the watch of intelligence agencies with bulk data collection powers. But does that mean that those powers were the cause of their failures? And how has bulk data contributed to their successes?
This argument also confuses data collection with data analysis. And assumes a direct correlation between data volume and the analytical resources it necessitates.
Different sources or datasets will be relevant for different requirements and at different times. Far from adding more and more data sources ad infinitum, intelligence agencies should (and do) continually evaluate their usefulness to deliver maximum value with the resources at their disposal.
But in intelligence, collecting the right data does not guarantee success. It also takes good analysis, asking the right questions, timely information sharing, and collaborative national and international partnerships. And sometimes, a bit of luck.
This may not translate into a simple, easy-to-relate-to analogy. But given how critical and complex the debate about the future of big data and surveillance is, should we really expect it to?
David Wells worked for UK and Australian intelligence agencies between 2005 and 2014, specialising in counter-terrorism.