Mining for terrorists

2/16/2003

A great deal of information about us is out there in cyberspace. Banks and credit card companies have a record of every credit card purchase we've ever made. Phone companies have a record of every telephone call. Credit bureaus know how much money we've borrowed, and how reliable we are in paying our debts.

The information in cyberspace is like an immense mound of ore strewn with golden nuggets. If businesses can sift through the ore to find the nuggets, they can improve profitability and reduce costs by marketing more effectively.

The tool businesses use to sift through the mountain of cyberspace ore is data mining. “We define data mining as the data-driven discovery and modeling of hidden patterns in large volumes of data,” said Tim Graettinger of the Modeling Agency, a consulting firm. “Via data mining, a user can discover patterns and build models automatically, without knowing exactly what she's looking for.”

Keystone Financial's promotion of its LoanCheck is an example of data mining success, Mr. Graettinger said. Keystone had mailed a $5,000 check to its customers, which they could cash at any Keystone branch. Keystone wanted to use the LoanCheck to expand its customer base. Keystone's database tracks about 300 characteristics of each customer. Keystone established a data mining program to discover what the characteristics were of the customers most likely to accept the LoanCheck offer. Then Keystone applied the model to a list of 400,000 prospects obtained from a credit bureau. The result was 12,000 new customers.

Data mining guards against fraud. Blue Cross/Blue Shield in New York state uses data mining to protect against false patient claims from physicians. Deviations in physician behavior relative to his or her peers are reported to fraud investigators as a “suspicion” index.

The Defense Advanced Research Projects Agency, the folks who invented the Internet, want to develop a program like the one Empire Blue Cross/Blue Shield uses to protect Americans from terrorist attacks. But yahoos on both the left and the right are trying to stop them.

The premise behind the DARPA program, which is called Total Information Awareness, is that certain critical activities must take place before a terrorist attack can be launched. These include casing targets, rehearsing, procuring financing, supplies, and weapons, and assembling an attack team. It is all but impossible to conduct these activities without leaving a trail in cyberspace.

TIA software would search Internet databases for signs of these activities. For instance, if someone on a terrorist watch list made big bank withdrawals, bought airplane tickets, or purchased with a credit card precursor materials for a car bomb or a chemical weapon, the TIA program could spot the activity and home in on the subject.

If TIA had been up and running in 2001, it is likely the Sept. 11 hijackers would have been identified before they struck. Two of the hijackers were on a State Department watch list. Phone records indicated they were calling each other. A more detailed search would have revealed that several had attended flight schools together. A computer program trolling the Internet for these indicators would have popped up the proverbial red flag.

The Senate voted unanimously Jan. 23 to withhold funding for TIA on the grounds that it is a threat to civil liberties. But every element of the program already is legal. The government has the right to search its own databases. And the government has the right to search private databases, which it is doing right now in an effort to find sources of terrorist funding. All TIA would do is to permit the government to do swiftly and efficiently what it is now doing clumsily and inefficiently.

Blocking TIA will not protect our liberties. But it will diminish our safety.