Thursday 19 November 2015

False Positive

Waldemar Ingdahl writes:

The reactions to the barbaric Paris attacks are starting to follow a worrisome pattern.

After the initial shock, there is a public expression of horror over the deed and solidarity with the victims.

Twitter hashtags are adopted, Facebook profile pictures are changed and declarations are made: the core of Western culture – democracy, free speech and liberty – is under attack, and the best way to fight terrorism is to emphasise the importance of a free society.

Fear, we say, is the main weapon of terrorism.

But, such is the moral disarray of the modern West, no sooner have such fine words been uttered, than intelligence agencies, from the US National Security Agency (NSA) to the UK Government Communications Headquarters (GCHQ), are provided with a raft of new mass-surveillance powers.

So, as part of a post-attack effort to fight terrorism, civil liberties are trampled over. This is already happening in France.

In May, in response to the Charlie Hebdo shootings at the start of the year, the French parliament approved a new law that provided sweeping new powers for the security forces.

These powers include allowing the authorities to tap into the digital and mobile-phone communications of anyone linked to a terrorist inquiry without prior approval from a judge.

Internet service providers must also provide data at the request of the authorities.

Other provisions include the power to bug private homes and install keyloggers in computers to track users’ keystrokes.

And the law allows the authorities to collect and store for five years the metadata of sites people visit, and contacts people make.

There is even the option, under certain circumstances, to use ISMI-catchers to intercept and track communications from mobile phones.

And yet, despite the vast array of new powers granted to security agencies over the past 15 years, they still find it difficult to connect the dots in the lead-up to a terrorist attack.

In fact, the Madrid train bombings in 2004 and the London bombings in 2005 were undertaken despite the fact that some of the perpetrators were already under surveillance.

Data mining is said to enable surveillance agencies to connect these dots, and foresee terrorist attacks.

But, while mining personal data may be useful in order to personalise advertising to the right customer, detect credit-card fraud or identify tax evaders, it is failing to pick up terrorists.

There are good reasons for this.

Most data mining is used when there is a clear sign of aberrant behaviour – a credit card, for example, might be suddenly used in a very different manner, implying it has been stolen.

The signs of a potential terror attack are far less clear, so error rates are high. And the costs of false alarms can be prohibitive.

Fine tuning the research to avoid false results can be very difficult because of the false-positive paradox. A false positive occurs when a detection system mistakenly identifies someone, in this case, as a terrorist.

The false-positive paradox runs as follows: let’s say that one in a million people are terrorists, and you have a test for terrorism that’s 99 per cent accurate.

Out of a million people tested, it will be positive for around 10,000 of them – because for every hundred people, it will be wrong once (hence the phrase ‘99 per cent accurate’).

Yet, statistically speaking, we know that only one person is a terrorist in the entire sample of 10,000. That means that a test that is 99 per cent accurate is wrong 9,999 times out of 10,000.

The paradox highlights the flaws in some surveillance tests for terrorism that seem highly reliable but do not have very reliable results. 

This is because the tested occurrence – in this case, a terrorist plot – is so rare. 

As a result, general data-based terrorism-detection systems produce a huge number of false positives that require costly and lengthy investigations to corroborate. 

If finding terrorism can be compared to finding a needle in a haystack, mass surveillance is equivalent to adding more hay to the stack.

Instead, intelligence and law-enforcement agencies need to collaborate better, not amass more and more data. 

And they need to pull together specific information about specific terrorist suspects, not general information about everybody. 

Mass surveillance can use up already scarce resources and personnel.

Sweden and Belgium are considered rest-and-relaxation areas for some terrorist organisations because mass surveillance has left police resources so thinly spread.

We need intelligence analysis that focuses on interpersonal contact not indiscriminate mounds of data.

Data mining and increased surveillance come at a high cost, not just to out pockets, but also to our liberties.

No comments:

Post a Comment