@Info.Policy: Total Info project is totally doomed

Robert Gellman

By now, you probably know something about the Defense Department's Total Information Awareness program. That's the Defense Advanced Research Projects Agency's data mining project headed by the infamous John Poindexter of Iran-contra fame.

Among other things, TIA wants to collect every scrap of personal information from public and private sources to identify terrorists. That includes data about your health, finances, transactions and everything else.

A major problem here is that much compiled personal data often isn't very good for its original purpose. Records are typically filled with errors, cross-links and obsolete information. If you've ever looked at your credit report, you probably know what I mean. Using dirty data in a different way won't work any better.

Another problem is that drawing accurate inferences from compiled data isn't easy. Marketers have been doing it for years trying to make a buck. They think it is great if they can get a 3 percent response rate to a targeted mailing looking for people likely to subscribe to a magazine for wombat owners, buy a Veg-O-Matic or learn to speak Klingon. When marketers are wrong, junk mail ends up in a landfill.

The idea that anyone can sift consumer data and find terrorists is ludicrous. The ancient computer principle of Garbage In, Garbage Out is relevant here. Plus, DARPA is looking for a needle in a stack of haystacks, but no one knows what a needle looks like.

The error rate will be enormous, and even a small percentage of false positives will be fatal. When TIA is wrong, a grandmother from Ohio is likely to be accused of terrorism, booted off an airplane and onto the front pages.

It's hard to see how the public relations of TIA could have been handled in a dumber fashion. It started when DOD stuck a lightning rod like Poindexter in charge. Then they gave it a pretentious motto''Knowledge is power''and logo'an all-seeing eye. I wonder if they consulted with the geniuses who named the FBI's e-mail spying program Carnivore.

It gets better. When public opinion started to turn, TIA removed lots of documents from its Web site. It tried to kill the motto and the logo, but it was too late. Others had already copied everything from the site and posted it out of DARPA's control.

Then some enterprising Netizens decided to turn the tables on Poindexter personally. They obtained and publicized his Social Security number and home address, complete with map and satellite photo. Editorial writers and the Congress have now jumped on TIA, and the drums are beating louder and louder.

TIA can't get access to real data without more legal authority than it has. So the testing uses fake data. What results do you get when you use fake data? Any results you want. If DARPA is serious about the project, it needs a completely independent review of its tests. I doubt there is time, however. TIA looks doomed.

Robert Gellman is a Washington privacy and information policy consultant. E-mail him at rgellman@netacc.net.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above