http://www.nytimes.com/2002/12/23/business/technology-many-tools-of-big-brother-are-now-up-and-running.html

December 23, 2002

Many Tools Of Big Brother Are Now Up And Running

By JOHN MARKOFF and JOHN SCHWARTZ

In the Pentagon research effort to detect terrorism by electronically monitoring the civilian population, the most remarkable detail may be this: Most of the pieces of the system are already in place.

Because of the inroads the Internet and other digital network technologies have made into everyday life over the last decade, it is increasingly possible to amass Big Brother-like surveillance powers through Little Brother means. The basic components include everyday digital technologies like e-mail, online shopping and travel booking, A.T.M. systems, cellphone networks, electronic toll-collection systems and credit-card payment terminals.

In essence, the Pentagon's main job would be to spin strands of software technology that would weave these sources of data into a vast electronic dragnet.

Technologists say the types of computerized data sifting and pattern matching that might flag suspicious activities to government agencies and coordinate their surveillance are not much different from programs already in use by private companies. Such programs spot unusual credit card activity, for example, or let people at multiple locations collaborate on a project.

The civilian population, in other words, has willingly embraced the technical prerequisites for a national surveillance system that Pentagon planners are calling Total Information Awareness. The development has a certain historical resonance because it was the Pentagon's research agency that in the 1960's financed the technology that led directly to the modern Internet. Now the same agency -- the Defense Advanced Research Projects Agency, or Darpa -- is relying on commercial technology that has evolved from the network it pioneered.

The first generation of the Internet -- called the Arpanet -- consisted of electronic mail and file transfer software that connected people to people. The second generation connected people to databases and other information via the World Wide Web. Now a new generation of software connects computers directly to computers.

And that is the key to the Total Information Awareness project, which is overseen by John M. Poindexter, the former national security adviser under President Ronald Reagan. Dr. Poindexter was convicted in 1990 of a felony for his role in the Iran-contra affair, but that conviction was overturned by a federal appeals court because he had been granted immunity for his testimony before Congress about the case.

Although Dr. Poindexter's system has come under widespread criticism from Congress and civil liberties groups, a prototype is already in place and has been used in tests by military intelligence organizations.

Total Information Awareness could link for the first time such different electronic sources as video feeds from airport surveillance cameras, credit card transactions, airline reservations and telephone calling records. The data would be filtered through software that would constantly look for suspicious patterns of behavior.

The idea is for law enforcement or intelligence agencies to be alerted immediately to patterns in otherwise unremarkable sets of data that might indicate threats, allowing rapid reviews by human analysts. For example, a cluster of foreign visitors who all took flying lessons in separate parts of the country might not attract attention. Nor would it necessarily raise red flags if all those people reserved airline tickets for the same day. But a system that could detect both sets of actions might raise suspicions.

Some computer scientists wonder whether the system can work. ''This wouldn't have been possible without the modern Internet, and even now it's a daunting task,'' said Dorothy Denning, a professor in the Department of Defense Analysis at the Naval Postgraduate School in Monterey, Calif. Part of the challenge, she said, is knowing what to look for. ''Do we really know enough about the precursors to terrorist activity?'' she said. ''I don't think we're there yet.''

The early version of the Total Information Awareness system employs a commercial software collaboration program called Groove. It was developed in 2000 by Ray Ozzie, a well-known software designer who is the inventor of Lotus Notes. Groove makes it possible for analysts at many different government agencies to share intelligence data instantly, and it links specialized programs that are designed to look for patterns of suspicious behavior.

Total Information Awareness also takes advantage of a simple and fundamental software technology called Extended Markup Language, or XML, that is at the heart of the third generation of Internet software. It was created by software designers at companies like Microsoft, Sun Microsystems and I.B.M., as well as independent Silicon Valley programmers.

The markup language allows data that has long been locked in isolated databases, known in the industry as silos, to be translated into a kind of universal language that can be read and used by many different systems. Information made compatible in this way can be shared among thousands, or even hundreds of thousands, of computers in ways that all of them can understand.

It is XML, a refinement of the Internet's original World Wide Web scheme, that has made it possible to consider welding thousands of databases together without centralizing the information. Computer scientists said that without such new third-generation Web technologies, it would have never been possible to conceive of the Total Information Awareness system, which is intended to ferret out the suspicious intentions of a handful of potential terrorists from the humdrum everyday electronic comings and goings of millions of average Americans.

Civil libertarians have questioned whether the government has the legal or constitutional grounds to conduct such electronic searches. And other critics have called it an outlandishly futuristic and ultimately unworkable scheme on technical grounds.

But on the latter point, technologists disagree. ''It's well grounded in the best current theory about scalable systems,'' said Ramano Rao, chief technology officer at Inxight, a Sunnyvale, Calif., company that develops text-searching software. ''It uses all the right buzzwords.''

People close to the Pentagon's research program said Dr. Poindexter was acutely aware of the power and the invasiveness of his experimental surveillance system. In private conversations this summer, according to several Department of Defense contractors, he raised the possibility that the control of the Total Information Awareness system should be placed under the jurisdiction of an independent, nongovernmental organization like the Red Cross because of the potential for abuse.

Dr. Poindexter declined to be interviewed for this article. A Darpa spokeswoman, Jan Walker, wrote in an e-mail reply to questions that ''we don't recall ever talking about'' having a nongovernmental organization operate the Total Information Awareness program and that ''we've not held any discussions with'' such an organization.

The idea of using an independent organization to control a technology that has a high potential for abuse has been raised by previous administrations. An abortive plan to create a backdoor surveillance capability in encrypted communications, known as Clipper, was introduced by the Clinton administration in 1993. It called for keys to the code to be held by an organization independent of the F.B.I. and other law enforcement agencies.

Speaking of Dr. Poindexter, John Arquilla, an expert at the Naval Postgraduate School in Monterey on unconventional warfare, said, ''The admiral is very concerned about the tension between security and civil liberties.'' He added that because of the changing nature of warfare and the threat of terrorism, the United States would be forced to make trade-offs between individuals' privacy and national security.

''In an age of terror wars, we have to learn the middle path to craft the security we need without incurring too great a cost on our civil liberties,'' he said.

Computer scientists who work with Darpa said that Dr. Poindexter was an enthusiastic backer of a Darpa-sponsored advisory group that had been initiated by a Microsoft researcher, Eric Horvitz, in October 2001 in the wake of the Sept. 11 terrorist attacks.

The group, which was composed of 41 computer scientists, policy experts and government officials, met three times to explore whether it was possible to employ sophisticated data-mining technologies against potential terrorist attacks while protecting individuals' privacy.

A number of the scientists proposed ''black box'' surveillance systems that would alert human intelligence analysts about suspicious patterns. Once the alerts were issued in such a system, they suggested, legal processes like those used for wiretapping could be employed.

But a number of the scientists and policy experts who attended the meetings were skeptical that technical safeguards would be adequate to ensure that such a system would not be abused.

The debate is a healthy one, said Don Upson, who is senior vice president of the government business unit of a software company in Fairfax, Va., webMethods, and the former secretary of technology for Virginia.

''I'm glad Darpa is doing this because somebody has to start defining what the rules are going to be'' about how and when to use data, he said. ''I believe we're headed down the path of setting the parameters of how we're going to use information.''