What a mess JetBlue Airlines has created. Internet security expert Bruce Schneier explains and elucidates in Newsday:
- In September 2002, JetBlue Airways secretly turned over data about 1.5 million of its passengers to a company called Torch Concepts, under contract with the Department of Defense.
Torch Concepts merged this data with Social Security numbers, home addresses, income levels and automobile records that it purchased from another company, Acxiom Corp. All this was to test an automatic profiling system to automatically give each person a terrorist threat ranking.
There’s a common belief – generally mistaken – that if we only had enough data we could pick terrorists out of crowds, and CAPPS II is just one example. In the months after 9/11, the FBI tried to collect information on people who took scuba-diving lessons. The Patriot Act gives the FBI the ability to collect information on what books people borrow from libraries.
….Security is always a trade-off: How much security am I getting, and what am I giving up to get it? These “data-mining” programs are not very effective. Identifiable future terrorists are rare, and innocents are common. No matter what patterns you’re looking for, far more innocents will match the patterns than terrorists because innocents vastly outnumber terrorists. So many that you might as well not bother. And that assumes that you even can predict terrorist patterns. Sure, it’s easy to create a pattern after the fact; if something identical to the 9/11 plot ever happens again, you can be sure we’re ready. But tomorrow’s attacks? That’s much harder.
Even those who say that terrorists are likely to be Arab males have it wrong. Richard Reid, the shoe bomber, was British. Jose Padilla, arrested in Chicago in 2002 as a “dirty bomb” suspect, was a Hispanic- American. The Unabomber had once taught mathematics at Berkeley. Terrorists can be male or female, European, Asian, African or Middle Eastern. Even grandmothers can be tricked into carrying bombs on board. One problem with profiling is that, by singling out one group, it ignores the other groups. Terrorists are a surprisingly diverse group of people.
….I have an idea. Timothy McVeigh and John Allen Muhammad – one of the accused D.C. snipers – both served in the military. I think we need to put all U.S. ex-servicemen on a special watch list, because they obviously could be terrorists. I think we should flag them for “special screening” when they fly and think twice before allowing them to take scuba-diving lessons.
It’s a really crappy idea, which is Schneier’s point. In America we take our civil liberties seriously, and unless there is the propect of overwhelming returns, we should not give up those liberties. With profiling there are no “overwhelming returns.”
Please take special note of Schneier’s new book Beyond Fear, below.
- Bruce Schneier is the go-to security expert for business leaders and policy makers. His breakthrough book Applied Cryptography (1994, 1998) explained how the arcane science of secret codes actually works, and was described by Wired as “the book the National Security Agency wanted never to be published.” His business-oriented bestseller Secrets and Lies (2000) was called by Fortune “[a] jewel box of little surprises you can actually use.” Best known as a refreshingly candid and lucid security critic and commentator, he has appeared in numerous media outlets, including The New York Times, USA Today, Newsweek, and The Wall Street Journal, as well as on NPR, CNN, and the major networks. He has also testified on security before the United States Congress.
Many of us, especially since 9/11, have become personally concerned about issues of security, and this is no surprise. Security is near the top of government and corporate agendas around the globe. Security-related stories appear on the front page everyday. How well though, do any of us truly understand what achieving real security involves?
In Beyond Fear, Bruce Schneier invites us to take a critical look at not just the threats to our security, but the ways in which we’re encouraged to think about security by law enforcement agencies, businesses of all shapes and sizes, and our national governments and militaries. Schneier believes we all can and should be better security consumers, and that the trade-offs we make in the name of security – in terms of cash outlays, taxes, inconvenience, and diminished freedoms – should be part of an ongoing negotiation in our personal, professional, and civic lives, and the subject of an open and informed national discussion.