Shortly after Sept. 11, 2001, Stanford's Ullman posted on his Web site a long essay he'd written reacting to the attacks. The piece was mostly political; Ullman criticized religious fundamentalism, Palestinians who think terrorism will buy them freedom, and the misplaced zeal of our drug war (which he says can stand in the way of the war on terrorism). There was only one part that had anything to do with his research:

"Modern technology has given criminals and terrorists many new and deadly options," he wrote. "Just about the only defensive weapon to come out of the developments of the past 50 years is information technology: our ability to learn electronically what evils are being planned. If we use it wisely, we can keep our personal freedom, yet use information effectively against its enemies." Ullman says that he's been thinking about such a system since 1998, when al-Qaida bombed two U.S. embassies in Africa, and the New York and Washington attacks only firmed up his convictions. He now thinks that a system like TIA is critical to our safety.

The specific information technology that Ullman believes will be our salvation is called data mining. If you tend to use such modern conveniences as credit cards, supermarkets and online bookstores, chances are you've been helped -- or, depending on how you see it, hurt -- by data mining. Broadly speaking, the phrase means the process of looking at a heap of information and finding something you think you might want. It implies a "fuzziness" about your search, a hunt for patterns buried in the data that are not obvious. Credit card companies use a form of data mining to determine whether your purchases look "unusual" and may, therefore, be fraudulent. Amazon.com uses it to recommend books by looking at other books you've purchased. When you hand over your discount-club card at a grocery store checkout, you're actually letting the store keep data on your personal shopping habits; some chains are finding ways to mine that data.

Total Information Awareness uses a data-mining system that DARPA calls Evidence Extraction and Link Discovery (EELD). According to the TIA site, the system will have "detection capabilities to extract relevant data and relationships about people, organizations, and activities from message traffic and open source data. It will link items relating potential terrorist groups or scenarios, and learn patterns of different groups or scenarios to identify new organizations or emerging threats."

What that means, specifically, is illustrated on the TIA Web site by a graphic showing several workers at a uranium plant who've been "recruited to steal the uranium." Three of the workers have been contacted -- apparently without each other's knowledge -- by a "black market" dealer who wants uranium. That dealer has ties to another dealer, who, through a middle man, recruits a dump-truck operator to transport the load. Altogether, about half a dozen people are involved in the scheme, and the TIA site suggests that one way authorities might have pieced together the whole thing is by monitoring everyone to "discover relationships and learn patterns of activity."

But the graphic offers a disingenuous example of TIA in action. By focusing on a uranium plant and not on, say, the settings where the 9/11 hijackers or the U.S.S. Cole bombers or Tim McVeigh planned their attacks -- regular, everyday places -- the graphic tends to downplay the scope of the TIA program. Presumably, everyone who works at a nuclear fuel plant is already heavily scrutinized; it's the rest of us, the people who wouldn't know uranium from plutonium but who might have stepped into a Kinko's once or twice, that TIA will want to monitor. The main difference between what TIA will do and what other surveillance programs already do is in this fact: TIA will work only by monitoring everyone. Though it may put extra emphasis on people who work at high-risk places like uranium plants, that is not its main function. Its main function is to ferret out a picture of a threat from a confluence of what seem to be normal activities, and the more of these normal activities it has recorded -- that is, the more people it is monitoring -- the better it works.

In such a scenario, a non-farmer who buys fertilizer that could be used for making a bomb, or a flight-school student with an Arab surname, or someone who does something as seemingly innocuous as buy a book about the Taliban, might raise a TIA warning flag. And someone who did all three would likely get a visit from the FBI.

"Collecting everything -- that's what would give it its power," explains Raghu Ramakrishnan, a computer scientist at the University of Wisconsin at Madison. To determine whether an individual might be a threat, the system would look at all of his activities and all his relationships, and "you would ask if there is statistically significant evidence that these activities are 'suspicious,'" Ramakrishnan says. "If three things occur together, you might be able to make the statement that they are 'highly correlated' -- that in, say, 99.9 percent of the cases where I found these two activities occurring together, I would also find this other thing happening."

Take as an example the purchase of one-way airline tickets. For years, airlines have known that this is one signal of dangerous activity but does not in and of itself indicate a sure threat. (Before 9/11, only international passengers using one-way tickets were deemed a high security risk; domestic passengers going one way, even on a ticket purchased at the counter with cash, weren't seen as much of a problem at all, which is one reason why some of the hijackers weren't more closely examined.) Buying a one-way ticket could be one flag in TIA -- an indication of a marginally higher risk. But when TIA notices that someone has purchased a one-way ticket, it might also look to see if he has associated with anyone else who has done the same. Have they all recently done other things -- enrolled in flight schools, purchased weapons, etc. -- that would make them even more suspicious? (Pointing to Richard Reid, the British man who pleaded guilty to an attempt last year to blow up an airliner with a bomb hidden in his shoe, Ullman said that TIA might not be any more effective if it took a person's ethnicity into account; it's not clear whether TIA will consider race and religion, but it could if it wanted to.)

TIA would be set up to do its work automatically and in close to real time: The suspect buys the one-way ticket, his past activities and affiliations are examined, and then, if his risk factor meets a certain threshold, an intelligence or law enforcement analyst is notified. According to the Web site, TIA "provides focused warnings within an hour after a triggering event occurs or an evidence threshold is passed."

If TIA works this cleanly, many say that the chief problem it raises -- its knowledge about you, personally -- is not much of a problem at all: After all, it has information about you only so it can determine what a good guy looks like. You, as an innocent, are in the database mainly as an example of someone who's not a terrorist: the guy who buys a one-way ticket every once in a while because of some emergency business. John Poindexter would call you "noise." In an interview with the Washington Post, he described TIA as a giant filter to separate noise from what he calls "signal."

To hear Poindexter describe it, the system sounds almost elegant; and if you take it to its technological extreme, there's also a supernatural aspect to it. TIA would know everything; TIA would predict evil; TIA could save the world. Indeed, some of TIA's research projects sound as though they've been copied from the Psychic Friends' Network. One program, "Wargaming the Asymmetric Environment," for instance, would try to predict the "behavior of specific terrorists by examining their behavior in the broader context of their political, cultural and ideological environment," according to the site. It goes on to say that "indication and warning models have been tested historically, and in some cases operationally, to predict an active terrorist group's next action (attack/no attack, target characteristics, location characteristics, tactical characteristics, timeframes, and motivating factors), and test results have been shown to be statistically significant."

You can see why more than a few pundits have compared TIA to the notion of "precrime" imagined in the Philip K. Dick short story (and Tom Cruise movie) "Minority Report." The comparison is not meant to be a compliment.

Recent Stories