Snowden Docs Show GCHQ, MI5 To Be All Haystack, No Needle
from the collections-so-bulky-they're-practically-immobile dept
“Collect it all,” they said. “You can’t find needles without haystacks,” they proclaimed. “The more you know,” they rainbowed. All well and good, except the NSA, GCHQ, et al. appear to have far more in common with the protagonists of “Hoarding: Buried Alive” than with effective, finely-tuned terrorism-fighting machines.
New documents from the Snowden stash show the UK’s intelligence agencies love piling data on top of data, but seemingly have no idea how to utilize this massive haul.
MI5 “can currently collect (whether itself or through partners …) significantly more than it is able to exploit fully,” the report warned. “This creates a real risk of ‘intelligence failure’ i.e. from the Service being unable to access potentially life-saving intelligence from data that it has already collected.”
A followup report from a month later echoed these concerns:
“There is an imbalance between collection and exploitation capabilities, resulting in a failure to make effective use of some of the intelligence collected today,” the report noted. “With the exception of the highest priority investigations, a lack of staff and tools means that investigators are presented with raw and unfiltered DIGINT data. Frequently, this material is not fully assessed because of the significant time required to review it.”
This isn’t just an MI5 problem. And it’s not just a bulk surveillance problem. GCHQ uses the same “data broker” — a program called PRESTON, run by the National Technical Assistance Center, which is supposed to act as a go-between for intelligence agencies in order to prevent the siloing of data. But it doesn’t work. It has prevented agencies from walling each other off, but the info firehose is still too much for agencies to handle — even with more-targeted surveillance.
Targeted collections fare little better than the bulk collections, in terms of needle location. The following chart shows how much data goes unutilized in cases where suspects are known and targeted with individualized warrants.
From the 2009 report detailing these problems:
[I]n one six-month period, the PRESTON program had intercepted more than 5 million communications. Remarkably, 97 percent of the calls, messages, and data it had collected were found to have been “not viewed” by the authorities.
Despite this failure to fully use the collections they already have, UK intelligence agencies are asking the government to give them more, supposedly to capture the “growing range of services available to internet users.” But they’ve already shown they can’t handle the data they already collect. Piling more hay on the stacks is only going to allow more “needles” to escape the attention of analysts. One solution would be to throw more people at the problem, but even this might cause its own issues, as every intelligence agency is increasingly wary of becoming the temporary home of the next Snowden. Vetting procedures have ramped up and security clearances have been scaled back.
More judicious collections are a better answer, but intelligence agencies — just like many of the internet users they track — apparently suffer from Fear of Missing Out. But an examination of their current collections/analysis shows they’re “missing out” already, and expanded powers/collections would do nothing to better secure the nation. In fact, these reports show the more they collect, the less they know.