Thursday, June 19, 2008

Too Much Information Makes Us Less Secure

How many cameras do you need to have before you can't see anything? How much video do you need to store before you can't find what you were looking for? Whatever that level is, the Brits passed it a long time ago when, as the author of this piece quips, the answer to the needle in the haystack problem became to "collect more haystacks."

"The answer in both America and Britain has been to collect more haystacks: useless, indiscriminately acquired information on people who've done nothing to arouse suspicion," he writes. "We even inveigle our citizens to become amateur curtain-twitchers and pecksniffs, demanding that they report "suspicious" activity to the authorities. Between DNA databases, mandatory fingerprinting for visa seekers, CCTV carpet-bombing, and Oyster card data, we've never collected more "security" information than we do today. But does this really make us secure? Is it possible to know too much?"

I think the question is not "Is it possible to know too much?", but rather "Is it possible for too much information to overwhelm our ability to know anything at all?". In which case the answer is a resounding yes! The delta between what security professionals can collect today and what they can process is called the "Security Gap" and it's getting bigger every day.

But, I'm not sure it's time to hoist the white flag just yet, however. A few years ago, after the bombing in London, closing the Security Gap meant assigning over one thousand MI-5 agents to manually review surveillance video. The process took over 6 weeks. Today, using new search and video analysis technology, just a handful of those agents could have probably completed much of the same work in a few days. Search technology in particular is rapidly closing the gap between the data we can collect and store and what we can "know". It's not unlike what happened with the Internet when tools like Google have made sifting through billions of images and pages as simple as typing a few key words. Suddenly this huge heap of information that had been sitting there unused by most became hugely useful when we could quickly and easily sift through it.

The prospect of these same advances in video search being applied to security is likely to greatly tame America and Britain's current jumble of haystacks, but such technology will of course bring with it a new set of problems. For those who have spent years working to close the Security Gap, I am reminded of another question about a dog chasing a firetruck.

"What's he going to do if he catches it?"

Labels: , , ,


1 Comments:

Blogger Jim Hoerricks, PhD said...

Your comments about the bombings are not quite apples/oranges as they are red apples/green apples.

Yes it took 5 as long as it did. But, it took an even greater number of staff from the Met and other agencies to collect that video from the private systems around the bombed sites. If one person can only collect video from an area 100m squared - then the problem is just huge. Collection and processing staff becomes the bottleneck that video analytics just can't compensate for.

And, the UK's structure has no real comparison to those in the US. The Met is both local and national in scope. It would be like merging the FBI and the NYPD into one agency with the AG at the head. They have the ability to allocate resources and staff within their national boundaries that we in the US don't have. We have to do it with interagency loans and cooperation that takes time to ramp-up. Jurisdictional issues sometimes get in the way and slow things down.

As I continue to point out on my blog, politicians (as you say) "carpet bomb" CCTV cameras in their cities. But they neglect the infrastructure. Someone has to properly collect it. Someone has to store it. Someone has to process it for the detectives. Someone has to process it for court. The more you dump on a single someone, the slower things become ... as your graph illustrates.

The backlog in many small agencies goes for months. If you have to file a case within days, the two simply don't meet.

July 8, 2008 at 2:49 PM  

Post a Comment

Subscribe to Post Comments [Atom]

<< Home