Wednesday, June 25, 2008

Fascinating algorithms

Kevin Drum writes about the FISA compromise, and I think I'll leave the larger questions about that to those, like Kevin, who want to write about it and know more than I do. His basic idea, that we need to be cautious before extending the powers of government, is definitely the way I see it, and he expresses it better than I could.

I want to touch on something specific among the very real concerns in his post:
[T]he NSA's domestic spying program doesn't rely on the ordinary human understanding of these phrases. Instead, it appears to rely primarily on software algorithms that determine whether or not a person is acting in a way that merits eavesdropping. The details are still murky, but what the NSA appears to be doing is very large scale data mining on virtually every phone call and email between the United States and overseas, looking for patterns that fit a profile of some kind. Maybe twice or three-times removed links to suspected terrorist phone numbers. Or anyone who makes more than 5% of their calls to Afghanistan. Or people who make a suspiciously large volume of calls on certain dates or from certain mosques....The algorithms that determine NSA's profiles are almost certainly extremely complex and technical — far beyond the capability of any lawyer to understand. So who gets to decide which algorithms are legitimate and which ones go too far? NSA's computer programmers?...After all, no court can seriously evaluate algorithms like this and neither can Congress. They don't have the technical chops. Do the algorithms use ethnic background as one of their parameters? Membership in suspect organizations? Associations with foreigners? Residence in specific neighborhoods? Nobody knows, and no layman can know, because these things most likely emerge from other parameters rather than being used as direct inputs to the algorithm.
I don't know how NSA is set up internally, and neither does Kevin, but I really doubt that the algorithms are created by the programmers. For a program of this type, it seems to me that there would be input from analysts and whatever executives are called in the NSA as to what would constitute proper search criteria.

I recently worked on a programming project having to do with compensation for retail workers and their management. The rules governing this were remarkably complicated, not something so simple as a percentage of sales made by the associate. These rules were not created by me as the person writing the code, nor had they been created by the people who hired me to work on the system.

Instead, these were rules that had evolved through the life of this company, modified by political tides and a desire to provide incentives for particular behavior, and had nothing to do with the technical needs or wants of those who wrote the systems to calculate the payments. Some of them didn't make sense, many of them appeared to provide perverse incentives, and they were a royal pain to understand and implement.

I suspect that the NSA algorithms are much the same, that there aren't "a small group of technicians operating in secret and creating criteria that virtually no one else understands." It is far more likely that the technicians are implementing criteria that have been handed to them, in English on a piece of paper. And other people can understand those. Might it be possible that NSA would like us to believe that they're just too hard to figger out?

No comments:

Clicky Web Analytics